kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #16435 from rifelpet/aws-sdk-go-v2-iam 

Migrate IAM to aws-sdk-go-v2
This commit is contained in:
Kubernetes Prow Robot 2024-03-30 09:55:32 -07:00 committed by GitHub
parent 49377f29f8 926bc56c74
commit e594c4dc92
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
204 changed files with 87177 additions and 43630 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
cloudmock/aws/mockiam/api.go
View File

@ -21,23 +21,24 @@ import (
"math/rand"
"sync"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go/service/iam/iamiface"
"github.com/aws/aws-sdk-go-v2/service/iam"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"k8s.io/kops/util/pkg/awsinterfaces"
)
type MockIAM struct {
// Mock out interface
iamiface.IAMAPI
awsinterfaces.IAMAPI
mutex sync.Mutex
InstanceProfiles map[string]*iam.InstanceProfile
Roles map[string]*iam.Role
InstanceProfiles map[string]*iamtypes.InstanceProfile
Roles map[string]*iamtypes.Role
OIDCProviders map[string]*iam.GetOpenIDConnectProviderOutput
RolePolicies []*rolePolicy
AttachedPolicies map[string][]*iam.AttachedPolicy
AttachedPolicies map[string][]iamtypes.AttachedPolicy
}
var _ iamiface.IAMAPI = &MockIAM{}
var _ awsinterfaces.IAMAPI = &MockIAM{}
func (m *MockIAM) createID() string {
return "AID" + fmt.Sprintf("%x", rand.Int63())

132
cloudmock/aws/mockiam/iaminstanceprofile.go
View File

@ -17,23 +17,23 @@ limitations under the License.
package mockiam
import (
"context"
"fmt"
"strings"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/iam"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"k8s.io/klog/v2"
)
func (m *MockIAM) GetInstanceProfile(request *iam.GetInstanceProfileInput) (*iam.GetInstanceProfileOutput, error) {
func (m *MockIAM) GetInstanceProfile(ctx context.Context, request *iam.GetInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.GetInstanceProfileOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
ip := m.InstanceProfiles[aws.StringValue(request.InstanceProfileName)]
if ip == nil || strings.Contains(aws.StringValue(ip.InstanceProfileName), "__no_entity__") {
return nil, awserr.New(iam.ErrCodeNoSuchEntityException, "No such entity", nil)
ip, ok := m.InstanceProfiles[aws.ToString(request.InstanceProfileName)]
if !ok || strings.Contains(aws.ToString(ip.InstanceProfileName), "__no_entity__") {
return nil, &iamtypes.NoSuchEntityException{}
}
response := &iam.GetInstanceProfileOutput{
InstanceProfile: ip,
@ -41,21 +41,13 @@ func (m *MockIAM) GetInstanceProfile(request *iam.GetInstanceProfileInput) (*iam
return response, nil
}
func (m *MockIAM) GetInstanceProfileWithContext(aws.Context, *iam.GetInstanceProfileInput, ...request.Option) (*iam.GetInstanceProfileOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) GetInstanceProfileRequest(*iam.GetInstanceProfileInput) (*request.Request, *iam.GetInstanceProfileOutput) {
panic("Not implemented")
}
func (m *MockIAM) CreateInstanceProfile(request *iam.CreateInstanceProfileInput) (*iam.CreateInstanceProfileOutput, error) {
func (m *MockIAM) CreateInstanceProfile(ctx context.Context, request *iam.CreateInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.CreateInstanceProfileOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
klog.Infof("CreateInstanceProfile: %v", request)
p := &iam.InstanceProfile{
p := iamtypes.InstanceProfile{
InstanceProfileName: request.InstanceProfileName,
// Arn: request.Arn,
// InstanceProfileId: request.InstanceProfileId,
@ -77,30 +69,22 @@ func (m *MockIAM) CreateInstanceProfile(request *iam.CreateInstanceProfileInput)
// InstanceProfileId *string `min:"16" type:"string" required:"true"`
if m.InstanceProfiles == nil {
m.InstanceProfiles = make(map[string]*iam.InstanceProfile)
m.InstanceProfiles = make(map[string]*iamtypes.InstanceProfile)
}
m.InstanceProfiles[*p.InstanceProfileName] = p
m.InstanceProfiles[*p.InstanceProfileName] = &p
copy := *p
copy := p
return &iam.CreateInstanceProfileOutput{InstanceProfile: &copy}, nil
}
func (m *MockIAM) CreateInstanceProfileWithContext(aws.Context, *iam.CreateInstanceProfileInput, ...request.Option) (*iam.CreateInstanceProfileOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) CreateInstanceProfileRequest(*iam.CreateInstanceProfileInput) (*request.Request, *iam.CreateInstanceProfileOutput) {
panic("Not implemented")
}
func (m *MockIAM) TagInstanceProfile(request *iam.TagInstanceProfileInput) (*iam.TagInstanceProfileOutput, error) {
func (m *MockIAM) TagInstanceProfile(ctx context.Context, request *iam.TagInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.TagInstanceProfileOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
klog.Infof("CreateInstanceProfile: %v", request)
ip := m.InstanceProfiles[aws.StringValue(request.InstanceProfileName)]
if ip == nil {
ip, ok := m.InstanceProfiles[aws.ToString(request.InstanceProfileName)]
if !ok {
return nil, fmt.Errorf("InstanceProfile not found")
}
@ -121,49 +105,41 @@ func (m *MockIAM) TagInstanceProfile(request *iam.TagInstanceProfileInput) (*iam
return &iam.TagInstanceProfileOutput{}, nil
}
func (m *MockIAM) AddRoleToInstanceProfile(request *iam.AddRoleToInstanceProfileInput) (*iam.AddRoleToInstanceProfileOutput, error) {
func (m *MockIAM) AddRoleToInstanceProfile(ctx context.Context, request *iam.AddRoleToInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.AddRoleToInstanceProfileOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
klog.Infof("AddRoleToInstanceProfile: %v", request)
ip := m.InstanceProfiles[aws.StringValue(request.InstanceProfileName)]
if ip == nil {
ip, ok := m.InstanceProfiles[aws.ToString(request.InstanceProfileName)]
if !ok {
return nil, fmt.Errorf("InstanceProfile not found")
}
r := m.Roles[aws.StringValue(request.RoleName)]
if r == nil {
r, ok := m.Roles[aws.ToString(request.RoleName)]
if !ok {
return nil, fmt.Errorf("Role not found")
}
ip.Roles = append(ip.Roles, r)
ip.Roles = append(ip.Roles, *r)
return &iam.AddRoleToInstanceProfileOutput{}, nil
}
func (m *MockIAM) AddRoleToInstanceProfileWithContext(aws.Context, *iam.AddRoleToInstanceProfileInput, ...request.Option) (*iam.AddRoleToInstanceProfileOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) AddRoleToInstanceProfileRequest(*iam.AddRoleToInstanceProfileInput) (*request.Request, *iam.AddRoleToInstanceProfileOutput) {
panic("Not implemented")
}
func (m *MockIAM) RemoveRoleFromInstanceProfile(request *iam.RemoveRoleFromInstanceProfileInput) (*iam.RemoveRoleFromInstanceProfileOutput, error) {
func (m *MockIAM) RemoveRoleFromInstanceProfile(ctx context.Context, request *iam.RemoveRoleFromInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.RemoveRoleFromInstanceProfileOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
klog.Infof("RemoveRoleFromInstanceProfile: %v", request)
ip := m.InstanceProfiles[aws.StringValue(request.InstanceProfileName)]
if ip == nil {
ip, ok := m.InstanceProfiles[aws.ToString(request.InstanceProfileName)]
if !ok {
return nil, fmt.Errorf("InstanceProfile not found")
}
found := false
var newRoles []*iam.Role
var newRoles []iamtypes.Role
for _, role := range ip.Roles {
if aws.StringValue(role.RoleName) == aws.StringValue(request.RoleName) {
if aws.ToString(role.RoleName) == aws.ToString(request.RoleName) {
found = true
continue
}
@ -178,15 +154,7 @@ func (m *MockIAM) RemoveRoleFromInstanceProfile(request *iam.RemoveRoleFromInsta
return &iam.RemoveRoleFromInstanceProfileOutput{}, nil
}
func (m *MockIAM) RemoveRoleFromInstanceProfileWithContext(aws.Context, *iam.RemoveRoleFromInstanceProfileInput, ...request.Option) (*iam.RemoveRoleFromInstanceProfileOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) RemoveRoleFromInstanceProfileRequest(*iam.RemoveRoleFromInstanceProfileInput) (*request.Request, *iam.RemoveRoleFromInstanceProfileOutput) {
panic("Not implemented")
}
func (m *MockIAM) ListInstanceProfiles(request *iam.ListInstanceProfilesInput) (*iam.ListInstanceProfilesOutput, error) {
func (m *MockIAM) ListInstanceProfiles(ctx context.Context, request *iam.ListInstanceProfilesInput, optFns ...func(*iam.Options)) (*iam.ListInstanceProfilesOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
@ -196,11 +164,11 @@ func (m *MockIAM) ListInstanceProfiles(request *iam.ListInstanceProfilesInput) (
klog.Fatalf("MockIAM ListInstanceProfiles PathPrefix not implemented")
}
var instanceProfiles []*iam.InstanceProfile
var instanceProfiles []iamtypes.InstanceProfile
for _, ip := range m.InstanceProfiles {
copy := *ip
instanceProfiles = append(instanceProfiles, &copy)
instanceProfiles = append(instanceProfiles, copy)
}
response := &iam.ListInstanceProfilesOutput{
@ -210,50 +178,18 @@ func (m *MockIAM) ListInstanceProfiles(request *iam.ListInstanceProfilesInput) (
return response, nil
}
func (m *MockIAM) ListInstanceProfilesWithContext(aws.Context, *iam.ListInstanceProfilesInput, ...request.Option) (*iam.ListInstanceProfilesOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) ListInstanceProfilesRequest(*iam.ListInstanceProfilesInput) (*request.Request, *iam.ListInstanceProfilesOutput) {
panic("Not implemented")
}
func (m *MockIAM) ListInstanceProfilesPages(request *iam.ListInstanceProfilesInput, callback func(*iam.ListInstanceProfilesOutput, bool) bool) error {
// For the mock, we just send everything in one page
page, err := m.ListInstanceProfiles(request)
if err != nil {
return err
}
callback(page, false)
return nil
}
func (m *MockIAM) ListInstanceProfilesPagesWithContext(aws.Context, *iam.ListInstanceProfilesInput, func(*iam.ListInstanceProfilesOutput, bool) bool, ...request.Option) error {
panic("Not implemented")
}
func (m *MockIAM) DeleteInstanceProfile(request *iam.DeleteInstanceProfileInput) (*iam.DeleteInstanceProfileOutput, error) {
func (m *MockIAM) DeleteInstanceProfile(ctx context.Context, request *iam.DeleteInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.DeleteInstanceProfileOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
klog.Infof("DeleteInstanceProfile: %v", request)
id := aws.StringValue(request.InstanceProfileName)
o := m.InstanceProfiles[id]
if o == nil {
id := aws.ToString(request.InstanceProfileName)
_, ok := m.InstanceProfiles[id]
if !ok {
return nil, fmt.Errorf("InstanceProfile %q not found", id)
}
delete(m.InstanceProfiles, id)
return &iam.DeleteInstanceProfileOutput{}, nil
}
func (m *MockIAM) DeleteInstanceProfileWithContext(aws.Context, *iam.DeleteInstanceProfileInput, ...request.Option) (*iam.DeleteInstanceProfileOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) DeleteInstanceProfileRequest(*iam.DeleteInstanceProfileInput) (*request.Request, *iam.DeleteInstanceProfileOutput) {
panic("Not implemented")
}

115
cloudmock/aws/mockiam/iamrole.go
View File

@ -17,22 +17,22 @@ limitations under the License.
package mockiam
import (
"context"
"fmt"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/iam"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"k8s.io/klog/v2"
)
func (m *MockIAM) GetRole(request *iam.GetRoleInput) (*iam.GetRoleOutput, error) {
func (m *MockIAM) GetRole(ctx context.Context, request *iam.GetRoleInput, optFns ...func(*iam.Options)) (*iam.GetRoleOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
role := m.Roles[aws.StringValue(request.RoleName)]
if role == nil {
return nil, awserr.New(iam.ErrCodeNoSuchEntityException, "No such entity", nil)
role, ok := m.Roles[aws.ToString(request.RoleName)]
if !ok {
return nil, &iamtypes.NoSuchEntityException{}
}
response := &iam.GetRoleOutput{
Role: role,
@ -40,24 +40,16 @@ func (m *MockIAM) GetRole(request *iam.GetRoleInput) (*iam.GetRoleOutput, error)
return response, nil
}
func (m *MockIAM) GetRoleWithContext(aws.Context, *iam.GetRoleInput, ...request.Option) (*iam.GetRoleOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) GetRoleRequest(*iam.GetRoleInput) (*request.Request, *iam.GetRoleOutput) {
panic("Not implemented")
}
func (m *MockIAM) CreateRole(request *iam.CreateRoleInput) (*iam.CreateRoleOutput, error) {
func (m *MockIAM) CreateRole(ctx context.Context, request *iam.CreateRoleInput, optFns ...func(*iam.Options)) (*iam.CreateRoleOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
roleID := m.createID()
r := &iam.Role{
r := iamtypes.Role{
AssumeRolePolicyDocument: request.AssumeRolePolicyDocument,
Description: request.Description,
Path: request.Path,
PermissionsBoundary: &iam.AttachedPermissionsBoundary{
PermissionsBoundary: &iamtypes.AttachedPermissionsBoundary{
PermissionsBoundaryArn: request.PermissionsBoundary,
},
RoleName: request.RoleName,
@ -66,23 +58,15 @@ func (m *MockIAM) CreateRole(request *iam.CreateRoleInput) (*iam.CreateRoleOutpu
}
if m.Roles == nil {
m.Roles = make(map[string]*iam.Role)
m.Roles = make(map[string]*iamtypes.Role)
}
m.Roles[*r.RoleName] = r
m.Roles[*r.RoleName] = &r
copy := *r
copy := r
return &iam.CreateRoleOutput{Role: &copy}, nil
}
func (m *MockIAM) CreateRoleWithContext(aws.Context, *iam.CreateRoleInput, ...request.Option) (*iam.CreateRoleOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) CreateRoleRequest(*iam.CreateRoleInput) (*request.Request, *iam.CreateRoleOutput) {
panic("Not implemented")
}
func (m *MockIAM) ListRoles(request *iam.ListRolesInput) (*iam.ListRolesOutput, error) {
func (m *MockIAM) ListRoles(ctx context.Context, request *iam.ListRolesInput, optFns ...func(*iam.Options)) (*iam.ListRolesOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
@ -92,11 +76,11 @@ func (m *MockIAM) ListRoles(request *iam.ListRolesInput) (*iam.ListRolesOutput,
klog.Fatalf("MockIAM ListRoles PathPrefix not implemented")
}
var roles []*iam.Role
var roles []iamtypes.Role
for _, r := range m.Roles {
copy := *r
roles = append(roles, &copy)
roles = append(roles, copy)
}
response := &iam.ListRolesOutput{
@ -106,39 +90,15 @@ func (m *MockIAM) ListRoles(request *iam.ListRolesInput) (*iam.ListRolesOutput,
return response, nil
}
func (m *MockIAM) ListRolesWithContext(aws.Context, *iam.ListRolesInput, ...request.Option) (*iam.ListRolesOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) ListRolesRequest(*iam.ListRolesInput) (*request.Request, *iam.ListRolesOutput) {
panic("Not implemented")
}
func (m *MockIAM) ListRolesPages(request *iam.ListRolesInput, callback func(*iam.ListRolesOutput, bool) bool) error {
// For the mock, we just send everything in one page
page, err := m.ListRoles(request)
if err != nil {
return err
}
callback(page, false)
return nil
}
func (m *MockIAM) ListRolesPagesWithContext(aws.Context, *iam.ListRolesInput, func(*iam.ListRolesOutput, bool) bool, ...request.Option) error {
panic("Not implemented")
}
func (m *MockIAM) DeleteRole(request *iam.DeleteRoleInput) (*iam.DeleteRoleOutput, error) {
func (m *MockIAM) DeleteRole(ctx context.Context, request *iam.DeleteRoleInput, optFns ...func(*iam.Options)) (*iam.DeleteRoleOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
klog.Infof("DeleteRole: %v", request)
id := aws.StringValue(request.RoleName)
o := m.Roles[id]
if o == nil {
id := aws.ToString(request.RoleName)
_, ok := m.Roles[id]
if !ok {
return nil, fmt.Errorf("Role %q not found", id)
}
delete(m.Roles, id)
@ -146,23 +106,15 @@ func (m *MockIAM) DeleteRole(request *iam.DeleteRoleInput) (*iam.DeleteRoleOutpu
return &iam.DeleteRoleOutput{}, nil
}
func (m *MockIAM) DeleteRoleWithContext(aws.Context, *iam.DeleteRoleInput, ...request.Option) (*iam.DeleteRoleOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) DeleteRoleRequest(*iam.DeleteRoleInput) (*request.Request, *iam.DeleteRoleOutput) {
panic("Not implemented")
}
func (m *MockIAM) ListAttachedRolePolicies(input *iam.ListAttachedRolePoliciesInput) (*iam.ListAttachedRolePoliciesOutput, error) {
func (m *MockIAM) ListAttachedRolePolicies(ctx context.Context, request *iam.ListAttachedRolePoliciesInput, optFns ...func(*iam.Options)) (*iam.ListAttachedRolePoliciesOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
klog.Infof("ListAttachedRolePolicies: %s", aws.StringValue(input.RoleName))
klog.Infof("ListAttachedRolePolicies: %s", aws.ToString(request.RoleName))
for _, r := range m.Roles {
if r.RoleName == input.RoleName {
role := aws.StringValue(r.RoleName)
if r.RoleName == request.RoleName {
role := aws.ToString(r.RoleName)
return &iam.ListAttachedRolePoliciesOutput{
AttachedPolicies: m.AttachedPolicies[role],
@ -172,20 +124,3 @@ func (m *MockIAM) ListAttachedRolePolicies(input *iam.ListAttachedRolePoliciesIn
return &iam.ListAttachedRolePoliciesOutput{}, nil
}
func (m *MockIAM) ListAttachedRolePoliciesPages(input *iam.ListAttachedRolePoliciesInput, pager func(*iam.ListAttachedRolePoliciesOutput, bool) bool) error {
m.mutex.Lock()
defer m.mutex.Unlock()
klog.Infof("ListAttachedRolePolicies: %s", aws.StringValue(input.RoleName))
role := aws.StringValue(input.RoleName)
if pager(&iam.ListAttachedRolePoliciesOutput{
AttachedPolicies: m.AttachedPolicies[role],
}, true) {
return nil
}
return nil
}

88
cloudmock/aws/mockiam/iamrolepolicy.go
View File

@ -17,12 +17,12 @@ limitations under the License.
package mockiam
import (
"context"
"fmt"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/iam"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"k8s.io/klog/v2"
)
@ -32,16 +32,16 @@ type rolePolicy struct {
RoleName string
}
func (m *MockIAM) GetRolePolicy(request *iam.GetRolePolicyInput) (*iam.GetRolePolicyOutput, error) {
func (m *MockIAM) GetRolePolicy(ctx context.Context, request *iam.GetRolePolicyInput, optFns ...func(*iam.Options)) (*iam.GetRolePolicyOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
for _, rp := range m.RolePolicies {
if rp.PolicyName != aws.StringValue(request.PolicyName) {
if rp.PolicyName != aws.ToString(request.PolicyName) {
// TODO: check regex?
continue
}
if rp.RoleName != aws.StringValue(request.RoleName) {
if rp.RoleName != aws.ToString(request.RoleName) {
// TODO: check regex?
continue
}
@ -53,55 +53,39 @@ func (m *MockIAM) GetRolePolicy(request *iam.GetRolePolicyInput) (*iam.GetRolePo
}
return response, nil
}
return nil, awserr.New(iam.ErrCodeNoSuchEntityException, "No such entity", nil)
return nil, &iamtypes.NoSuchEntityException{}
}
func (m *MockIAM) GetRolePolicyWithContext(aws.Context, *iam.GetRolePolicyInput, ...request.Option) (*iam.GetRolePolicyOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) GetRolePolicyRequest(*iam.GetRolePolicyInput) (*request.Request, *iam.GetRolePolicyOutput) {
panic("Not implemented")
}
func (m *MockIAM) PutRolePolicy(request *iam.PutRolePolicyInput) (*iam.PutRolePolicyOutput, error) {
func (m *MockIAM) PutRolePolicy(ctx context.Context, request *iam.PutRolePolicyInput, optFns ...func(*iam.Options)) (*iam.PutRolePolicyOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
klog.Infof("PutRolePolicy: %v", request)
for _, rp := range m.RolePolicies {
if rp.PolicyName != aws.StringValue(request.PolicyName) {
if rp.PolicyName != aws.ToString(request.PolicyName) {
// TODO: check regex?
continue
}
if rp.RoleName != aws.StringValue(request.RoleName) {
if rp.RoleName != aws.ToString(request.RoleName) {
// TODO: check regex?
continue
}
rp.PolicyDocument = aws.StringValue(request.PolicyDocument)
rp.PolicyDocument = aws.ToString(request.PolicyDocument)
return &iam.PutRolePolicyOutput{}, nil
}
m.RolePolicies = append(m.RolePolicies, &rolePolicy{
PolicyDocument: aws.StringValue(request.PolicyDocument),
PolicyName: aws.StringValue(request.PolicyName),
RoleName: aws.StringValue(request.RoleName),
PolicyDocument: aws.ToString(request.PolicyDocument),
PolicyName: aws.ToString(request.PolicyName),
RoleName: aws.ToString(request.RoleName),
})
return &iam.PutRolePolicyOutput{}, nil
}
func (m *MockIAM) PutRolePolicyWithContext(aws.Context, *iam.PutRolePolicyInput, ...request.Option) (*iam.PutRolePolicyOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) PutRolePolicyRequest(*iam.PutRolePolicyInput) (*request.Request, *iam.PutRolePolicyOutput) {
panic("Not implemented")
}
func (m *MockIAM) ListRolePolicies(request *iam.ListRolePoliciesInput) (*iam.ListRolePoliciesOutput, error) {
func (m *MockIAM) ListRolePolicies(ctx context.Context, request *iam.ListRolePoliciesInput, optFns ...func(*iam.Options)) (*iam.ListRolePoliciesOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
@ -111,7 +95,7 @@ func (m *MockIAM) ListRolePolicies(request *iam.ListRolePoliciesInput) (*iam.Lis
for _, r := range m.RolePolicies {
if request.RoleName != nil {
if r.RoleName != aws.StringValue(request.RoleName) {
if r.RoleName != aws.ToString(request.RoleName) {
continue
}
}
@ -119,37 +103,13 @@ func (m *MockIAM) ListRolePolicies(request *iam.ListRolePoliciesInput) (*iam.Lis
}
response := &iam.ListRolePoliciesOutput{
PolicyNames: aws.StringSlice(policyNames),
PolicyNames: policyNames,
}
return response, nil
}
func (m *MockIAM) ListRolePoliciesWithContext(aws.Context, *iam.ListRolePoliciesInput, ...request.Option) (*iam.ListRolePoliciesOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) ListRolePoliciesRequest(*iam.ListRolePoliciesInput) (*request.Request, *iam.ListRolePoliciesOutput) {
panic("Not implemented")
}
func (m *MockIAM) ListRolePoliciesPages(request *iam.ListRolePoliciesInput, callback func(*iam.ListRolePoliciesOutput, bool) bool) error {
// For the mock, we just send everything in one page
page, err := m.ListRolePolicies(request)
if err != nil {
return err
}
callback(page, false)
return nil
}
func (m *MockIAM) ListRolePoliciesPagesWithContext(aws.Context, *iam.ListRolePoliciesInput, func(*iam.ListRolePoliciesOutput, bool) bool, ...request.Option) error {
panic("Not implemented")
}
func (m *MockIAM) DeleteRolePolicy(request *iam.DeleteRolePolicyInput) (*iam.DeleteRolePolicyOutput, error) {
func (m *MockIAM) DeleteRolePolicy(ctx context.Context, request *iam.DeleteRolePolicyInput, optFns ...func(*iam.Options)) (*iam.DeleteRolePolicyOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
@ -158,7 +118,7 @@ func (m *MockIAM) DeleteRolePolicy(request *iam.DeleteRolePolicyInput) (*iam.Del
found := false
var newRolePolicies []*rolePolicy
for _, rp := range m.RolePolicies {
if rp.PolicyName == aws.StringValue(request.PolicyName) && rp.RoleName == aws.StringValue(request.RoleName) {
if rp.PolicyName == aws.ToString(request.PolicyName) && rp.RoleName == aws.ToString(request.RoleName) {
found = true
continue
}
@ -171,11 +131,3 @@ func (m *MockIAM) DeleteRolePolicy(request *iam.DeleteRolePolicyInput) (*iam.Del
return &iam.DeleteRolePolicyOutput{}, nil
}
func (m *MockIAM) DeleteRolePolicyWithContext(aws.Context, *iam.DeleteRolePolicyInput, ...request.Option) (*iam.DeleteRolePolicyOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) DeleteRolePolicyRequest(*iam.DeleteRolePolicyInput) (*request.Request, *iam.DeleteRolePolicyOutput) {
panic("Not implemented")
}

76
cloudmock/aws/mockiam/oidcprovider.go
View File

@ -20,19 +20,19 @@ import (
"context"
"fmt"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/iam"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"k8s.io/klog/v2"
)
func (m *MockIAM) ListOpenIDConnectProviders(request *iam.ListOpenIDConnectProvidersInput) (*iam.ListOpenIDConnectProvidersOutput, error) {
func (m *MockIAM) ListOpenIDConnectProviders(ctx context.Context, params *iam.ListOpenIDConnectProvidersInput, optFns ...func(*iam.Options)) (*iam.ListOpenIDConnectProvidersOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
providers := make([]*iam.OpenIDConnectProviderListEntry, 0)
providers := make([]iamtypes.OpenIDConnectProviderListEntry, 0)
for arn := range m.OIDCProviders {
providers = append(providers, &iam.OpenIDConnectProviderListEntry{
providers = append(providers, iamtypes.OpenIDConnectProviderListEntry{
Arn: &arn,
})
}
@ -42,22 +42,14 @@ func (m *MockIAM) ListOpenIDConnectProviders(request *iam.ListOpenIDConnectProvi
return response, nil
}
func (m *MockIAM) ListOpenIDConnectProvidersWithContext(aws.Context, *iam.ListOpenIDConnectProvidersInput, ...request.Option) (*iam.ListOpenIDConnectProvidersOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) ListOpenIDConnectProvidersRequest(*iam.ListOpenIDConnectProvidersInput) (*request.Request, *iam.ListOpenIDConnectProvidersOutput) {
panic("Not implemented")
}
func (m *MockIAM) GetOpenIDConnectProviderWithContext(ctx aws.Context, request *iam.GetOpenIDConnectProviderInput, options ...request.Option) (*iam.GetOpenIDConnectProviderOutput, error) {
func (m *MockIAM) GetOpenIDConnectProvider(ctx context.Context, request *iam.GetOpenIDConnectProviderInput, optFns ...func(*iam.Options)) (*iam.GetOpenIDConnectProviderOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
arn := aws.StringValue(request.OpenIDConnectProviderArn)
arn := aws.ToString(request.OpenIDConnectProviderArn)
provider := m.OIDCProviders[arn]
if provider == nil {
provider, ok := m.OIDCProviders[arn]
if !ok {
return nil, fmt.Errorf("OpenIDConnectProvider with arn=%q not found", arn)
}
@ -71,15 +63,7 @@ func (m *MockIAM) GetOpenIDConnectProviderWithContext(ctx aws.Context, request *
return response, nil
}
func (m *MockIAM) GetOpenIDConnectProvider(request *iam.GetOpenIDConnectProviderInput) (*iam.GetOpenIDConnectProviderOutput, error) {
return m.GetOpenIDConnectProviderWithContext(context.Background(), request)
}
func (m *MockIAM) GetOpenIDConnectProviderRequest(*iam.GetOpenIDConnectProviderInput) (*request.Request, *iam.GetOpenIDConnectProviderOutput) {
panic("Not implemented")
}
func (m *MockIAM) CreateOpenIDConnectProvider(request *iam.CreateOpenIDConnectProviderInput) (*iam.CreateOpenIDConnectProviderOutput, error) {
func (m *MockIAM) CreateOpenIDConnectProvider(ctx context.Context, request *iam.CreateOpenIDConnectProviderInput, optFns ...func(*iam.Options)) (*iam.CreateOpenIDConnectProviderOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
@ -87,7 +71,7 @@ func (m *MockIAM) CreateOpenIDConnectProvider(request *iam.CreateOpenIDConnectPr
arn := fmt.Sprintf("arn:aws-test:iam::0000000000:oidc-provider/%s", *request.Url)
p := &iam.GetOpenIDConnectProviderOutput{
p := iam.GetOpenIDConnectProviderOutput{
ClientIDList: request.ClientIDList,
Tags: request.Tags,
ThumbprintList: request.ThumbprintList,
@ -97,28 +81,20 @@ func (m *MockIAM) CreateOpenIDConnectProvider(request *iam.CreateOpenIDConnectPr
if m.OIDCProviders == nil {
m.OIDCProviders = make(map[string]*iam.GetOpenIDConnectProviderOutput)
}
m.OIDCProviders[arn] = p
m.OIDCProviders[arn] = &p
return &iam.CreateOpenIDConnectProviderOutput{OpenIDConnectProviderArn: &arn}, nil
}
func (m *MockIAM) CreateOpenIDConnectProviderWithContext(aws.Context, *iam.CreateOpenIDConnectProviderInput, ...request.Option) (*iam.CreateOpenIDConnectProviderOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) CreateOpenIDConnectProviderRequest(*iam.CreateOpenIDConnectProviderInput) (*request.Request, *iam.CreateOpenIDConnectProviderOutput) {
panic("Not implemented")
}
func (m *MockIAM) DeleteOpenIDConnectProvider(request *iam.DeleteOpenIDConnectProviderInput) (*iam.DeleteOpenIDConnectProviderOutput, error) {
func (m *MockIAM) DeleteOpenIDConnectProvider(ctx context.Context, request *iam.DeleteOpenIDConnectProviderInput, optFns ...func(*iam.Options)) (*iam.DeleteOpenIDConnectProviderOutput, error) {
m.mutex.Lock()
defer m.mutex.Unlock()
klog.Infof("DeleteOpenIDConnectProvider: %v", request)
arn := aws.StringValue(request.OpenIDConnectProviderArn)
o := m.OIDCProviders[arn]
if o == nil {
arn := aws.ToString(request.OpenIDConnectProviderArn)
_, ok := m.OIDCProviders[arn]
if !ok {
return nil, fmt.Errorf("OIDCProvider %q not found", arn)
}
delete(m.OIDCProviders, arn)
@ -126,22 +102,6 @@ func (m *MockIAM) DeleteOpenIDConnectProvider(request *iam.DeleteOpenIDConnectPr
return &iam.DeleteOpenIDConnectProviderOutput{}, nil
}
func (m *MockIAM) DeleteOpenIDConnectProviderWithContext(aws.Context, *iam.DeleteOpenIDConnectProviderInput, ...request.Option) (*iam.DeleteOpenIDConnectProviderOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) DeleteOpenIDConnectProviderRequest(*iam.DeleteOpenIDConnectProviderInput) (*request.Request, *iam.DeleteOpenIDConnectProviderOutput) {
panic("Not implemented")
}
func (m *MockIAM) UpdateOpenIDConnectProviderThumbprint(*iam.UpdateOpenIDConnectProviderThumbprintInput) (*iam.UpdateOpenIDConnectProviderThumbprintOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) UpdateOpenIDConnectProviderThumbprintWithContext(aws.Context, *iam.UpdateOpenIDConnectProviderThumbprintInput, ...request.Option) (*iam.UpdateOpenIDConnectProviderThumbprintOutput, error) {
panic("Not implemented")
}
func (m *MockIAM) UpdateOpenIDConnectProviderThumbprintRequest(*iam.UpdateOpenIDConnectProviderThumbprintInput) (*request.Request, *iam.UpdateOpenIDConnectProviderThumbprintOutput) {
func (m *MockIAM) UpdateOpenIDConnectProviderThumbprint(ctx context.Context, params *iam.UpdateOpenIDConnectProviderThumbprintInput, optFns ...func(*iam.Options)) (*iam.UpdateOpenIDConnectProviderThumbprintOutput, error) {
panic("Not implemented")
}

1
go.mod
View File

@ -24,6 +24,7 @@ require (
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.0
github.com/aws/aws-sdk-go-v2/service/ec2 v1.155.0
github.com/aws/aws-sdk-go-v2/service/eventbridge v1.30.3
github.com/aws/aws-sdk-go-v2/service/iam v1.31.4
github.com/aws/aws-sdk-go-v2/service/kms v1.30.0
github.com/aws/aws-sdk-go-v2/service/s3 v1.53.0
github.com/aws/aws-sdk-go-v2/service/sqs v1.31.4

2
go.sum
View File

@ -95,6 +95,8 @@ github.com/aws/aws-sdk-go-v2/service/ec2 v1.155.0 h1:MuQr3lq2n/5lAdDcIYMANNpYNkF
github.com/aws/aws-sdk-go-v2/service/ec2 v1.155.0/go.mod h1:TeZ9dVQzGaLG+SBIgdLIDbJ6WmfFvksLeG3EHGnNfZM=
github.com/aws/aws-sdk-go-v2/service/eventbridge v1.30.3 h1:XHY0q3eoA3d4YAm8AhUI1Swi79Io6rLEbKuIgkhCcqA=
github.com/aws/aws-sdk-go-v2/service/eventbridge v1.30.3/go.mod h1:z2ST+IAJHUpgqAPJPsDs44wypEizBT0kekjWNfjQJ6M=
github.com/aws/aws-sdk-go-v2/service/iam v1.31.4 h1:eVm30ZIDv//r6Aogat9I88b5YX1xASSLcEDqHYRPVl0=
github.com/aws/aws-sdk-go-v2/service/iam v1.31.4/go.mod h1:aXWImQV0uTW35LM0A/T4wEg6R1/ReXUu4SM6/lUHYK0=
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1 h1:EyBZibRTVAs6ECHZOw5/wlylS9OcTzwyjeQMudmREjE=
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1/go.mod h1:JKpmtYhhPs7D97NL/ltqz7yCkERFW5dOlHyVl66ZYF8=
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.6 h1:NkHCgg0Ck86c5PTOzBZ0JRccI51suJDg5lgFtxBu1ek=

23
pkg/model/awsmodel/iam.go
View File

@ -21,8 +21,8 @@ import (
"sort"
"strings"
awsIam "github.com/aws/aws-sdk-go-v2/service/iam"
"github.com/aws/aws-sdk-go/aws/endpoints"
awsIam "github.com/aws/aws-sdk-go/service/iam"
"k8s.io/apimachinery/pkg/types"
"k8s.io/klog/v2"
"k8s.io/kops/pkg/apis/kops"
@ -473,20 +473,25 @@ func (b *IAMModelBuilder) buildAWSIAMRolePolicy(role iam.Subject) (fi.Resource,
}
func (b *IAMModelBuilder) FindDeletions(context *fi.CloudupModelBuilderContext, cloud fi.Cloud) error {
ctx := context.Context()
iamapi := cloud.(awsup.AWSCloud).IAM()
ownershipTag := "kubernetes.io/cluster/" + b.Cluster.ObjectMeta.Name
request := &awsIam.ListRolesInput{}
var getRoleErr error
err := iamapi.ListRolesPages(request, func(p *awsIam.ListRolesOutput, lastPage bool) bool {
for _, role := range p.Roles {
paginator := awsIam.NewListRolesPaginator(iamapi, request)
for paginator.HasMorePages() {
page, err := paginator.NextPage(ctx)
if err != nil {
return fmt.Errorf("listing IAM roles: %w", err)
}
for _, role := range page.Roles {
if !strings.HasSuffix(fi.ValueOf(role.RoleName), "."+b.Cluster.ObjectMeta.Name) {
continue
}
getRequest := &awsIam.GetRoleInput{RoleName: role.RoleName}
roleOutput, err := iamapi.GetRole(getRequest)
roleOutput, err := iamapi.GetRole(ctx, getRequest)
if err != nil {
getRoleErr = fmt.Errorf("calling IAM GetRole on %s: %w", fi.ValueOf(role.RoleName), err)
return false
return fmt.Errorf("calling IAM GetRole on %s: %w", fi.ValueOf(role.RoleName), err)
}
for _, tag := range roleOutput.Role.Tags {
if fi.ValueOf(tag.Key) == ownershipTag && fi.ValueOf(tag.Value) == "owned" {
@ -500,13 +505,9 @@ func (b *IAMModelBuilder) FindDeletions(context *fi.CloudupModelBuilderContext,
}
}
}
return true
})
}
if getRoleErr != nil {
return getRoleErr
}
if err != nil {
return fmt.Errorf("listing IAM roles: %w", err)
}
return nil
}

10
pkg/model/awsmodel/oidc_provider.go
View File

@ -42,12 +42,6 @@ func (b *OIDCProviderBuilder) Build(c *fi.CloudupModelBuilderContext) error {
fingerprints := getFingerprints()
thumbprints := []*string{}
for _, fingerprint := range fingerprints {
thumbprints = append(thumbprints, fi.PtrTo(fingerprint))
}
audiences := []string{defaultAudience}
if b.Cluster.Spec.ServiceAccountIssuerDiscovery.AdditionalAudiences != nil {
audiences = append(audiences, b.Cluster.Spec.ServiceAccountIssuerDiscovery.AdditionalAudiences...)
@ -57,9 +51,9 @@ func (b *OIDCProviderBuilder) Build(c *fi.CloudupModelBuilderContext) error {
Name: fi.PtrTo(b.ClusterName()),
Lifecycle: b.Lifecycle,
URL: b.Cluster.Spec.KubeAPIServer.ServiceAccountIssuer,
ClientIDs: fi.StringSlice(audiences),
ClientIDs: audiences,
Tags: b.CloudTags(b.ClusterName(), false),
Thumbprints: thumbprints,
Thumbprints: fingerprints,
})
return nil

2
pkg/model/iam/iam_builder_test.go
View File

@ -20,7 +20,7 @@ import (
"encoding/json"
"testing"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go-v2/aws"
"k8s.io/apimachinery/pkg/types"
"k8s.io/kops/pkg/apis/kops"

171
pkg/resources/aws/aws.go
View File

@ -23,14 +23,15 @@ import (
"strings"
"sync"
"github.com/aws/aws-sdk-go-v2/service/iam"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/service/autoscaling"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/aws/aws-sdk-go/service/elb"
"github.com/aws/aws-sdk-go/service/elbv2"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go/service/route53"
"github.com/aws/smithy-go"
"k8s.io/apimachinery/pkg/util/sets"
"k8s.io/klog/v2"
"k8s.io/kops/pkg/dns"
@ -300,7 +301,7 @@ func matchesElbV2Tags(tags map[string]string, actual []*elbv2.Tag) bool {
return true
}
func matchesIAMTags(tags map[string]string, actual []*iam.Tag) bool {
func matchesIAMTags(tags map[string]string, actual []iamtypes.Tag) bool {
for k, v := range tags {
found := false
for _, a := range actual {
@ -1827,7 +1828,8 @@ func ListRoute53Records(cloud fi.Cloud, vpcID, clusterName string) ([]*resources
}
func DeleteIAMRole(cloud fi.Cloud, r *resources.Resource) error {
var attachedPolicies []*iam.AttachedPolicy
ctx := context.TODO()
var attachedPolicies []iamtypes.AttachedPolicy
var policyNames []string
c := cloud.(awsup.AWSCloud)
@ -1838,19 +1840,20 @@ func DeleteIAMRole(cloud fi.Cloud, r *resources.Resource) error {
request := &iam.ListRolePoliciesInput{
RoleName: aws.String(roleName),
}
err := c.IAM().ListRolePoliciesPages(request, func(page *iam.ListRolePoliciesOutput, lastPage bool) bool {
paginator := iam.NewListRolePoliciesPaginator(c.IAM(), request)
for paginator.HasMorePages() {
page, err := paginator.NextPage(ctx)
if err != nil {
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
klog.V(2).Infof("Got NoSuchEntity describing IAM RolePolicy %q; will treat as already-deleted", roleName)
return nil
}
return fmt.Errorf("error listing IAM role policies for %q: %v", roleName, err)
}
for _, policy := range page.PolicyNames {
policyNames = append(policyNames, aws.StringValue(policy))
policyNames = append(policyNames, policy)
}
return true
})
if err != nil {
if awsup.AWSErrorCode(err) == iam.ErrCodeNoSuchEntityException {
klog.V(2).Infof("Got NoSuchEntity describing IAM RolePolicy %q; will treat as already-deleted", roleName)
return nil
}
return fmt.Errorf("error listing IAM role policies for %q: %v", roleName, err)
}
}
@ -1859,17 +1862,18 @@ func DeleteIAMRole(cloud fi.Cloud, r *resources.Resource) error {
request := &iam.ListAttachedRolePoliciesInput{
RoleName: aws.String(roleName),
}
err := c.IAM().ListAttachedRolePoliciesPages(request, func(page *iam.ListAttachedRolePoliciesOutput, lastPage bool) bool {
attachedPolicies = append(attachedPolicies, page.AttachedPolicies...)
return true
})
if err != nil {
if awsup.AWSErrorCode(err) == iam.ErrCodeNoSuchEntityException {
klog.V(2).Infof("Got NoSuchEntity describing IAM RolePolicy %q; will treat as already-detached", roleName)
return nil
paginator := iam.NewListAttachedRolePoliciesPaginator(c.IAM(), request)
for paginator.HasMorePages() {
page, err := paginator.NextPage(ctx)
if err != nil {
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
klog.V(2).Infof("Got NoSuchEntity describing IAM RolePolicy %q; will treat as already-deleted", roleName)
return nil
}
return fmt.Errorf("error listing IAM role policies for %q: %v", roleName, err)
}
return fmt.Errorf("error listing IAM role policies for %q: %v", roleName, err)
attachedPolicies = append(attachedPolicies, page.AttachedPolicies...)
}
}
@ -1880,7 +1884,7 @@ func DeleteIAMRole(cloud fi.Cloud, r *resources.Resource) error {
RoleName: aws.String(r.Name),
PolicyName: aws.String(policyName),
}
_, err := c.IAM().DeleteRolePolicy(request)
_, err := c.IAM().DeleteRolePolicy(ctx, request)
if err != nil {
return fmt.Errorf("error deleting IAM role policy %q %q: %v", roleName, policyName, err)
}
@ -1888,12 +1892,12 @@ func DeleteIAMRole(cloud fi.Cloud, r *resources.Resource) error {
// Detach Managed Policies
for _, policy := range attachedPolicies {
klog.V(2).Infof("Detaching IAM role policy %q %q", roleName, policy)
klog.V(2).Infof("Detaching IAM role policy %q %v", roleName, policy)
request := &iam.DetachRolePolicyInput{
RoleName: aws.String(r.Name),
PolicyArn: policy.PolicyArn,
}
_, err := c.IAM().DetachRolePolicy(request)
_, err := c.IAM().DetachRolePolicy(ctx, request)
if err != nil {
return fmt.Errorf("error detaching IAM role policy %q %q: %v", roleName, *policy.PolicyArn, err)
}
@ -1905,7 +1909,7 @@ func DeleteIAMRole(cloud fi.Cloud, r *resources.Resource) error {
request := &iam.DeleteRoleInput{
RoleName: aws.String(r.Name),
}
_, err := c.IAM().DeleteRole(request)
_, err := c.IAM().DeleteRole(ctx, request)
if err != nil {
return fmt.Errorf("error deleting IAM role %q: %v", r.Name, err)
}
@ -1915,33 +1919,35 @@ func DeleteIAMRole(cloud fi.Cloud, r *resources.Resource) error {
}
func ListIAMRoles(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
ctx := context.TODO()
c := cloud.(awsup.AWSCloud)
var resourceTrackers []*resources.Resource
// Find roles owned by the cluster
{
var getRoleErr error
ownershipTag := "kubernetes.io/cluster/" + clusterName
request := &iam.ListRolesInput{}
err := c.IAM().ListRolesPages(request, func(p *iam.ListRolesOutput, lastPage bool) bool {
for _, r := range p.Roles {
paginator := iam.NewListRolesPaginator(c.IAM(), request)
for paginator.HasMorePages() {
page, err := paginator.NextPage(ctx)
if err != nil {
return nil, fmt.Errorf("error listing IAM roles: %v", err)
}
for _, r := range page.Roles {
name := aws.StringValue(r.RoleName)
getRequest := &iam.GetRoleInput{RoleName: r.RoleName}
roleOutput, err := c.IAM().GetRole(getRequest)
roleOutput, err := c.IAM().GetRole(ctx, getRequest)
if err != nil {
if awserror, ok := err.(awserr.RequestFailure); ok {
if awserror.StatusCode() == 403 {
klog.Warningf("failed to determine ownership of %q: %v", *r.RoleName, awserror)
continue
} else if awsup.AWSErrorCode(err) == iam.ErrCodeNoSuchEntityException {
klog.Warningf("could not find role %q. Resource may already have been deleted: %v", name, awserror)
continue
}
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
klog.Warningf("could not find role %q. Resource may already have been deleted: %v", name, nse)
continue
} else if awserror, ok := err.(smithy.APIError); ok && awserror.ErrorCode() == "403" {
klog.Warningf("failed to determine ownership of %q: %v", name, awserror)
continue
}
getRoleErr = fmt.Errorf("calling IAM GetRole on %s: %w", name, err)
return false
return nil, fmt.Errorf("calling IAM GetRole on %s: %w", name, err)
}
for _, tag := range roleOutput.Role.Tags {
if fi.ValueOf(tag.Key) == ownershipTag && fi.ValueOf(tag.Value) == "owned" {
@ -1955,13 +1961,6 @@ func ListIAMRoles(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resou
}
}
}
return true
})
if getRoleErr != nil {
return nil, getRoleErr
}
if err != nil {
return nil, fmt.Errorf("error listing IAM roles: %v", err)
}
}
@ -1969,9 +1968,10 @@ func ListIAMRoles(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resou
}
func DeleteIAMInstanceProfile(cloud fi.Cloud, r *resources.Resource) error {
ctx := context.TODO()
c := cloud.(awsup.AWSCloud)
profile := r.Obj.(*iam.InstanceProfile)
profile := r.Obj.(iamtypes.InstanceProfile)
name := aws.StringValue(profile.InstanceProfileName)
// Remove roles
@ -1982,7 +1982,7 @@ func DeleteIAMInstanceProfile(cloud fi.Cloud, r *resources.Resource) error {
InstanceProfileName: profile.InstanceProfileName,
RoleName: role.RoleName,
}
_, err := c.IAM().RemoveRoleFromInstanceProfile(request)
_, err := c.IAM().RemoveRoleFromInstanceProfile(ctx, request)
if err != nil {
return fmt.Errorf("error removing role %q from IAM instance profile %q: %v", aws.StringValue(role.RoleName), name, err)
}
@ -1995,7 +1995,7 @@ func DeleteIAMInstanceProfile(cloud fi.Cloud, r *resources.Resource) error {
request := &iam.DeleteInstanceProfileInput{
InstanceProfileName: profile.InstanceProfileName,
}
_, err := c.IAM().DeleteInstanceProfile(request)
_, err := c.IAM().DeleteInstanceProfile(ctx, request)
if err != nil {
return fmt.Errorf("error deleting IAM instance profile %q: %v", name, err)
}
@ -2005,28 +2005,34 @@ func DeleteIAMInstanceProfile(cloud fi.Cloud, r *resources.Resource) error {
}
func ListIAMInstanceProfiles(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
ctx := context.TODO()
c := cloud.(awsup.AWSCloud)
var getProfileErr error
var profiles []*iam.InstanceProfile
var profiles []iamtypes.InstanceProfile
ownershipTag := "kubernetes.io/cluster/" + clusterName
request := &iam.ListInstanceProfilesInput{}
err := c.IAM().ListInstanceProfilesPages(request, func(p *iam.ListInstanceProfilesOutput, lastPage bool) bool {
for _, p := range p.InstanceProfiles {
paginator := iam.NewListInstanceProfilesPaginator(c.IAM(), request)
for paginator.HasMorePages() {
page, err := paginator.NextPage(ctx)
if err != nil {
return nil, fmt.Errorf("error listing IAM instance profiles: %v", err)
}
for _, p := range page.InstanceProfiles {
name := aws.StringValue(p.InstanceProfileName)
getRequest := &iam.GetInstanceProfileInput{InstanceProfileName: p.InstanceProfileName}
profileOutput, err := c.IAM().GetInstanceProfile(getRequest)
profileOutput, err := c.IAM().GetInstanceProfile(ctx, getRequest)
if err != nil {
if awserror, ok := err.(awserr.Error); ok {
if awserror.Code() == iam.ErrCodeNoSuchEntityException {
klog.Warningf("could not find instance profile %q. Resource may already have been deleted: %v", *p.InstanceProfileName, awserror)
continue
}
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
klog.Warningf("could not find role %q. Resource may already have been deleted: %v", name, nse)
continue
} else if awserror, ok := err.(smithy.APIError); ok && awserror.ErrorCode() == "403" {
klog.Warningf("failed to determine ownership of %q: %v", *p.InstanceProfileName, awserror)
continue
}
getProfileErr = fmt.Errorf("calling IAM GetInstanceProfile on %s: %w", name, err)
return false
return nil, fmt.Errorf("calling IAM GetInstanceProfile on %s: %w", name, err)
}
for _, tag := range profileOutput.InstanceProfile.Tags {
if fi.ValueOf(tag.Key) == ownershipTag && fi.ValueOf(tag.Value) == "owned" {
@ -2034,13 +2040,6 @@ func ListIAMInstanceProfiles(cloud fi.Cloud, vpcID, clusterName string) ([]*reso
}
}
}
return true
})
if getProfileErr != nil {
return nil, getProfileErr
}
if err != nil {
return nil, fmt.Errorf("error listing IAM instance profiles: %v", err)
}
var resourceTrackers []*resources.Resource
@ -2063,13 +2062,14 @@ func ListIAMInstanceProfiles(cloud fi.Cloud, vpcID, clusterName string) ([]*reso
}
func ListIAMOIDCProviders(cloud fi.Cloud, vpcID, clusterName string) ([]*resources.Resource, error) {
ctx := context.TODO()
c := cloud.(awsup.AWSCloud)
tags := c.Tags()
var providers []*string
{
request := &iam.ListOpenIDConnectProvidersInput{}
response, err := c.IAM().ListOpenIDConnectProviders(request)
response, err := c.IAM().ListOpenIDConnectProviders(ctx, request)
if err != nil {
return nil, fmt.Errorf("error listing IAM OIDC Providers: %v", err)
}
@ -2078,11 +2078,17 @@ func ListIAMOIDCProviders(cloud fi.Cloud, vpcID, clusterName string) ([]*resourc
descReq := &iam.GetOpenIDConnectProviderInput{
OpenIDConnectProviderArn: arn,
}
resp, err := c.IAM().GetOpenIDConnectProvider(descReq)
if err != nil && awsup.AWSErrorCode(err) == iam.ErrCodeNoSuchEntityException {
continue
} else if err != nil {
return nil, fmt.Errorf("error getting IAM OIDC Provider: %v", err)
resp, err := c.IAM().GetOpenIDConnectProvider(ctx, descReq)
if err != nil {
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
klog.Warningf("could not find IAM OIDC Provider %q. Resource may already have been deleted: %v", aws.StringValue(arn), nse)
continue
} else if awserror, ok := err.(smithy.APIError); ok && awserror.ErrorCode() == "403" {
klog.Warningf("failed to determine ownership of %q: %v", aws.StringValue(arn), awserror)
continue
}
return nil, fmt.Errorf("error getting IAM OIDC Provider %q: %w", aws.StringValue(arn), err)
}
if !matchesIAMTags(tags, resp.Tags) {
continue
@ -2107,6 +2113,7 @@ func ListIAMOIDCProviders(cloud fi.Cloud, vpcID, clusterName string) ([]*resourc
}
func DeleteIAMOIDCProvider(cloud fi.Cloud, r *resources.Resource) error {
ctx := context.TODO()
c := cloud.(awsup.AWSCloud)
arn := fi.PtrTo(r.ID)
{
@ -2114,13 +2121,13 @@ func DeleteIAMOIDCProvider(cloud fi.Cloud, r *resources.Resource) error {
request := &iam.DeleteOpenIDConnectProviderInput{
OpenIDConnectProviderArn: arn,
}
_, err := c.IAM().DeleteOpenIDConnectProvider(request)
_, err := c.IAM().DeleteOpenIDConnectProvider(ctx, request)
if err != nil {
if awsup.AWSErrorCode(err) == iam.ErrCodeNoSuchEntityException {
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
klog.V(2).Infof("Got NoSuchEntity deleting IAM OIDC Provider %v; will treat as already-deleted", arn)
return nil
}
return fmt.Errorf("error deleting IAM OIDC Provider %v: %v", arn, err)
}
}

32
pkg/resources/aws/aws_test.go
View File

@ -21,10 +21,10 @@ import (
"sort"
"testing"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/aws/aws-sdk-go/service/elb"
"github.com/aws/aws-sdk-go/service/iam"
"k8s.io/kops/cloudmock/aws/mockec2"
"k8s.io/kops/cloudmock/aws/mockiam"
"k8s.io/kops/pkg/resources"
@ -101,11 +101,11 @@ func TestListIAMInstanceProfiles(t *testing.T) {
ownershipTagKey := "kubernetes.io/cluster/" + clusterName
c := &mockiam.MockIAM{
InstanceProfiles: make(map[string]*iam.InstanceProfile),
InstanceProfiles: make(map[string]*iamtypes.InstanceProfile),
}
cloud.MockIAM = c
tags := []*iam.Tag{
tags := []iamtypes.Tag{
{
Key: &ownershipTagKey,
Value: fi.PtrTo("owned"),
@ -115,7 +115,7 @@ func TestListIAMInstanceProfiles(t *testing.T) {
{
name := "prefixed." + clusterName
c.InstanceProfiles[name] = &iam.InstanceProfile{
c.InstanceProfiles[name] = &iamtypes.InstanceProfile{
InstanceProfileName: &name,
Tags: tags,
}
@ -124,7 +124,7 @@ func TestListIAMInstanceProfiles(t *testing.T) {
name := clusterName + ".not-prefixed"
c.InstanceProfiles[name] = &iam.InstanceProfile{
c.InstanceProfiles[name] = &iamtypes.InstanceProfile{
InstanceProfileName: &name,
Tags: tags,
}
@ -132,9 +132,9 @@ func TestListIAMInstanceProfiles(t *testing.T) {
{
name := "prefixed2." + clusterName
owner := "kubernetes.io/cluster/foo." + clusterName
c.InstanceProfiles[name] = &iam.InstanceProfile{
c.InstanceProfiles[name] = &iamtypes.InstanceProfile{
InstanceProfileName: &name,
Tags: []*iam.Tag{
Tags: []iamtypes.Tag{
{
Key: &owner,
Value: fi.PtrTo("owned"),
@ -145,7 +145,7 @@ func TestListIAMInstanceProfiles(t *testing.T) {
{
name := "prefixed3." + clusterName
c.InstanceProfiles[name] = &iam.InstanceProfile{
c.InstanceProfiles[name] = &iamtypes.InstanceProfile{
InstanceProfileName: &name,
}
}
@ -153,7 +153,7 @@ func TestListIAMInstanceProfiles(t *testing.T) {
// This is a special entity that will appear in list, but not in get
{
name := "__no_entity__." + clusterName
c.InstanceProfiles[name] = &iam.InstanceProfile{
c.InstanceProfiles[name] = &iamtypes.InstanceProfile{
InstanceProfileName: &name,
}
}
@ -175,11 +175,11 @@ func TestListIAMRoles(t *testing.T) {
ownershipTagKey := "kubernetes.io/cluster/" + clusterName
c := &mockiam.MockIAM{
Roles: make(map[string]*iam.Role),
Roles: make(map[string]*iamtypes.Role),
}
cloud.MockIAM = c
tags := []*iam.Tag{
tags := []iamtypes.Tag{
{
Key: &ownershipTagKey,
Value: fi.PtrTo("owned"),
@ -189,7 +189,7 @@ func TestListIAMRoles(t *testing.T) {
{
name := "prefixed." + clusterName
c.Roles[name] = &iam.Role{
c.Roles[name] = &iamtypes.Role{
RoleName: &name,
Tags: tags,
}
@ -198,7 +198,7 @@ func TestListIAMRoles(t *testing.T) {
name := clusterName + ".not-prefixed"
c.Roles[name] = &iam.Role{
c.Roles[name] = &iamtypes.Role{
RoleName: &name,
Tags: tags,
}
@ -206,9 +206,9 @@ func TestListIAMRoles(t *testing.T) {
{
name := "prefixed2." + clusterName
owner := "kubernetes.io/cluster/foo." + clusterName
c.Roles[name] = &iam.Role{
c.Roles[name] = &iamtypes.Role{
RoleName: &name,
Tags: []*iam.Tag{
Tags: []iamtypes.Tag{
{
Key: &owner,
Value: fi.PtrTo("owned"),
@ -219,7 +219,7 @@ func TestListIAMRoles(t *testing.T) {
{
name := "prefixed3." + clusterName
c.Roles[name] = &iam.Role{
c.Roles[name] = &iamtypes.Role{
RoleName: &name,
}
}

10
pkg/testutils/integrationtestharness.go
View File

@ -17,6 +17,7 @@ limitations under the License.
package testutils
import (
"context"
"os"
"path"
"path/filepath"
@ -26,10 +27,10 @@ import (
"k8s.io/kops/cloudmock/aws/mockeventbridge"
"k8s.io/kops/cloudmock/aws/mocksqs"
"github.com/aws/aws-sdk-go-v2/service/iam"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/aws/aws-sdk-go/service/elbv2"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go/service/route53"
"github.com/gophercloud/gophercloud/openstack/compute/v2/flavors"
"github.com/gophercloud/gophercloud/openstack/dns/v2/zones"
@ -132,6 +133,7 @@ func (h *IntegrationTestHarness) Close() {
}
func (h *IntegrationTestHarness) SetupMockAWS() *awsup.MockAWSCloud {
ctx := context.TODO()
cloud := awsup.InstallMockAWSCloud("us-test-1", "abc")
mockEC2 := &mockec2.MockEC2{}
cloud.MockEC2 = mockEC2
@ -265,13 +267,13 @@ func (h *IntegrationTestHarness) SetupMockAWS() *awsup.MockAWSCloud {
Name: aws.String("my-external-tg-3"),
})
mockIAM.CreateRole(&iam.CreateRoleInput{
mockIAM.CreateRole(ctx, &iam.CreateRoleInput{
RoleName: aws.String("kops-custom-node-role"),
})
mockIAM.CreateInstanceProfile(&iam.CreateInstanceProfileInput{
mockIAM.CreateInstanceProfile(ctx, &iam.CreateInstanceProfileInput{
InstanceProfileName: aws.String("kops-custom-node-role"),
})
mockIAM.AddRoleToInstanceProfile(&iam.AddRoleToInstanceProfileInput{
mockIAM.AddRoleToInstanceProfile(ctx, &iam.AddRoleToInstanceProfileInput{
InstanceProfileName: aws.String("kops-custom-node-role"),
RoleName: aws.String("kops-custom-node-role"),
})

35
upup/pkg/fi/cloudup/awstasks/iaminstanceprofile.go
View File

@ -17,6 +17,8 @@ limitations under the License.
package awstasks
import (
"context"
"errors"
"fmt"
"k8s.io/kops/upup/pkg/fi"
@ -24,9 +26,9 @@ import (
"k8s.io/kops/upup/pkg/fi/cloudup/terraform"
"k8s.io/kops/upup/pkg/fi/cloudup/terraformWriter"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/iam"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"k8s.io/klog/v2"
)
@ -49,14 +51,13 @@ func (e *IAMInstanceProfile) CompareWithID() *string {
// findIAMInstanceProfile retrieves the InstanceProfile with specified name
// It returns nil,nil if not found
func findIAMInstanceProfile(cloud awsup.AWSCloud, name string) (*iam.InstanceProfile, error) {
func findIAMInstanceProfile(ctx context.Context, cloud awsup.AWSCloud, name string) (*iamtypes.InstanceProfile, error) {
request := &iam.GetInstanceProfileInput{InstanceProfileName: aws.String(name)}
response, err := cloud.IAM().GetInstanceProfile(request)
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Code() == iam.ErrCodeNoSuchEntityException {
return nil, nil
}
response, err := cloud.IAM().GetInstanceProfile(ctx, request)
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
return nil, nil
}
if err != nil {
@ -67,9 +68,10 @@ func findIAMInstanceProfile(cloud awsup.AWSCloud, name string) (*iam.InstancePro
}
func (e *IAMInstanceProfile) Find(c *fi.CloudupContext) (*IAMInstanceProfile, error) {
ctx := c.Context()
cloud := c.T.Cloud.(awsup.AWSCloud)
p, err := findIAMInstanceProfile(cloud, *e.Name)
p, err := findIAMInstanceProfile(ctx, cloud, *e.Name)
if err != nil {
return nil, err
}
@ -108,6 +110,7 @@ func (s *IAMInstanceProfile) CheckChanges(a, e, changes *IAMInstanceProfile) err
}
func (_ *IAMInstanceProfile) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMInstanceProfile) error {
ctx := context.TODO()
if fi.ValueOf(e.Shared) {
if a == nil {
return fmt.Errorf("instance role profile with id %q not found", fi.ValueOf(e.ID))
@ -119,7 +122,7 @@ func (_ *IAMInstanceProfile) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAM
InstanceProfileName: e.Name,
}
response, err := t.Cloud.IAM().CreateInstanceProfile(request)
response, err := t.Cloud.IAM().CreateInstanceProfile(ctx, request)
if err != nil {
return fmt.Errorf("error creating IAMInstanceProfile: %v", err)
}
@ -128,7 +131,7 @@ func (_ *IAMInstanceProfile) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAM
InstanceProfileName: e.Name,
Tags: mapToIAMTags(e.Tags),
}
_, err = t.Cloud.IAM().TagInstanceProfile(tagRequest)
_, err = t.Cloud.IAM().TagInstanceProfile(ctx, tagRequest)
if err != nil {
if awsup.AWSErrorCode(err) == awsup.AWSErrCodeInvalidAction {
klog.Warningf("Ignoring unsupported IAMInstanceProfile tagging %v", *a.Name)
@ -142,15 +145,15 @@ func (_ *IAMInstanceProfile) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAM
} else {
if changes.Tags != nil {
if len(a.Tags) > 0 {
existingTagKeys := make([]*string, 0)
existingTagKeys := make([]string, 0)
for k := range a.Tags {
existingTagKeys = append(existingTagKeys, &k)
existingTagKeys = append(existingTagKeys, k)
}
untagRequest := &iam.UntagInstanceProfileInput{
InstanceProfileName: a.Name,
TagKeys: existingTagKeys,
}
_, err := t.Cloud.IAM().UntagInstanceProfile(untagRequest)
_, err := t.Cloud.IAM().UntagInstanceProfile(ctx, untagRequest)
if err != nil {
return fmt.Errorf("error untagging IAMInstanceProfile: %v", err)
}
@ -160,7 +163,7 @@ func (_ *IAMInstanceProfile) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAM
InstanceProfileName: a.Name,
Tags: mapToIAMTags(e.Tags),
}
_, err := t.Cloud.IAM().TagInstanceProfile(tagRequest)
_, err := t.Cloud.IAM().TagInstanceProfile(ctx, tagRequest)
if err != nil {
if awsup.AWSErrorCode(err) == awsup.AWSErrCodeInvalidAction {
klog.Warningf("Ignoring unsupported IAMInstanceProfile tagging %v", *a.Name)

23
upup/pkg/fi/cloudup/awstasks/iaminstanceprofilerole.go
View File

@ -17,11 +17,13 @@ limitations under the License.
package awstasks
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/iam"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"k8s.io/klog/v2"
"k8s.io/kops/upup/pkg/fi"
"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
@ -39,6 +41,7 @@ type IAMInstanceProfileRole struct {
}
func (e *IAMInstanceProfileRole) Find(c *fi.CloudupContext) (*IAMInstanceProfileRole, error) {
ctx := c.Context()
cloud := c.T.Cloud.(awsup.AWSCloud)
if e.Role == nil || e.Role.ID == nil {
@ -49,11 +52,10 @@ func (e *IAMInstanceProfileRole) Find(c *fi.CloudupContext) (*IAMInstanceProfile
request := &iam.GetInstanceProfileInput{InstanceProfileName: e.InstanceProfile.Name}
response, err := cloud.IAM().GetInstanceProfile(request)
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Code() == iam.ErrCodeNoSuchEntityException {
return nil, nil
}
response, err := cloud.IAM().GetInstanceProfile(ctx, request)
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
return nil, nil
}
if err != nil {
@ -62,7 +64,7 @@ func (e *IAMInstanceProfileRole) Find(c *fi.CloudupContext) (*IAMInstanceProfile
ip := response.InstanceProfile
for _, role := range ip.Roles {
if aws.StringValue(role.RoleId) != roleID {
if aws.ToString(role.RoleId) != roleID {
continue
}
actual := &IAMInstanceProfileRole{}
@ -95,13 +97,14 @@ func (s *IAMInstanceProfileRole) CheckChanges(a, e, changes *IAMInstanceProfileR
}
func (_ *IAMInstanceProfileRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMInstanceProfileRole) error {
ctx := context.TODO()
if a == nil {
request := &iam.AddRoleToInstanceProfileInput{
InstanceProfileName: e.InstanceProfile.Name,
RoleName: e.Role.Name,
}
_, err := t.Cloud.IAM().AddRoleToInstanceProfile(request)
_, err := t.Cloud.IAM().AddRoleToInstanceProfile(ctx, request)
if err != nil {
return fmt.Errorf("error creating IAMInstanceProfileRole: %v", err)
}

47
upup/pkg/fi/cloudup/awstasks/iamoidcprovider.go
View File

@ -17,11 +17,12 @@ limitations under the License.
package awstasks
import (
"context"
"fmt"
"strings"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/iam"
"k8s.io/apimachinery/pkg/util/sets"
"k8s.io/klog/v2"
"k8s.io/kops/upup/pkg/fi"
@ -34,8 +35,8 @@ import (
type IAMOIDCProvider struct {
Lifecycle fi.Lifecycle
ClientIDs []*string
Thumbprints []*string
ClientIDs []string
Thumbprints []string
URL *string
Name *string
@ -51,9 +52,10 @@ func (e *IAMOIDCProvider) CompareWithID() *string {
}
func (e *IAMOIDCProvider) Find(c *fi.CloudupContext) (*IAMOIDCProvider, error) {
ctx := c.Context()
cloud := c.T.Cloud.(awsup.AWSCloud)
response, err := cloud.IAM().ListOpenIDConnectProviders(&iam.ListOpenIDConnectProvidersInput{})
response, err := cloud.IAM().ListOpenIDConnectProviders(ctx, &iam.ListOpenIDConnectProvidersInput{})
if err != nil {
return nil, fmt.Errorf("error listing oidc providers: %v", err)
}
@ -61,14 +63,14 @@ func (e *IAMOIDCProvider) Find(c *fi.CloudupContext) (*IAMOIDCProvider, error) {
providers := response.OpenIDConnectProviderList
for _, provider := range providers {
arn := provider.Arn
descResp, err := cloud.IAM().GetOpenIDConnectProvider(&iam.GetOpenIDConnectProviderInput{
descResp, err := cloud.IAM().GetOpenIDConnectProvider(ctx, &iam.GetOpenIDConnectProviderInput{
OpenIDConnectProviderArn: arn,
})
if err != nil {
return nil, fmt.Errorf("error describing oidc provider: %v", err)
}
// AWS does not return the https:// in the url
actualURL := aws.StringValue(descResp.Url)
actualURL := aws.ToString(descResp.Url)
if !strings.Contains(actualURL, "://") {
actualURL = "https://" + actualURL
}
@ -86,7 +88,7 @@ func (e *IAMOIDCProvider) Find(c *fi.CloudupContext) (*IAMOIDCProvider, error) {
actual.Lifecycle = e.Lifecycle
actual.Name = e.Name
klog.V(2).Infof("found matching IAMOIDCProvider %q", aws.StringValue(arn))
klog.V(2).Infof("found matching IAMOIDCProvider %q", aws.ToString(arn))
return actual, nil
}
}
@ -117,6 +119,7 @@ func (s *IAMOIDCProvider) CheckChanges(a, e, changes *IAMOIDCProvider) error {
}
func (p *IAMOIDCProvider) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMOIDCProvider) error {
ctx := context.TODO()
thumbprints := e.Thumbprints
if a == nil {
@ -129,7 +132,7 @@ func (p *IAMOIDCProvider) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMOID
Tags: mapToIAMTags(e.Tags),
}
response, err := t.Cloud.IAM().CreateOpenIDConnectProvider(request)
response, err := t.Cloud.IAM().CreateOpenIDConnectProvider(ctx, request)
if err != nil {
return fmt.Errorf("error creating IAMOIDCProvider: %v", err)
}
@ -143,22 +146,22 @@ func (p *IAMOIDCProvider) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMOID
request.OpenIDConnectProviderArn = a.arn
request.ThumbprintList = thumbprints
_, err := t.Cloud.IAM().UpdateOpenIDConnectProviderThumbprint(request)
_, err := t.Cloud.IAM().UpdateOpenIDConnectProviderThumbprint(ctx, request)
if err != nil {
return fmt.Errorf("error updating IAMOIDCProvider Thumbprints: %v", err)
}
}
if changes.Tags != nil {
if len(a.Tags) > 0 {
existingTagKeys := make([]*string, 0)
existingTagKeys := make([]string, 0)
for k := range a.Tags {
existingTagKeys = append(existingTagKeys, &k)
existingTagKeys = append(existingTagKeys, k)
}
untagRequest := &iam.UntagOpenIDConnectProviderInput{
OpenIDConnectProviderArn: a.arn,
TagKeys: existingTagKeys,
}
_, err := t.Cloud.IAM().UntagOpenIDConnectProvider(untagRequest)
_, err := t.Cloud.IAM().UntagOpenIDConnectProvider(ctx, untagRequest)
if err != nil {
return fmt.Errorf("error untagging IAMOIDCProvider: %v", err)
}
@ -168,7 +171,7 @@ func (p *IAMOIDCProvider) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMOID
OpenIDConnectProviderArn: a.arn,
Tags: mapToIAMTags(e.Tags),
}
_, err := t.Cloud.IAM().TagOpenIDConnectProvider(tagRequest)
_, err := t.Cloud.IAM().TagOpenIDConnectProvider(ctx, tagRequest)
if err != nil {
return fmt.Errorf("error tagging IAMOIDCProvider: %v", err)
}
@ -177,11 +180,11 @@ func (p *IAMOIDCProvider) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMOID
if changes.ClientIDs != nil {
actual := sets.NewString()
for _, aud := range a.ClientIDs {
actual.Insert(*aud)
actual.Insert(aud)
}
expected := sets.NewString()
for _, aud := range e.ClientIDs {
expected.Insert(*aud)
expected.Insert(aud)
}
toRemove := actual.Difference(expected)
for _, elem := range toRemove.List() {
@ -189,7 +192,7 @@ func (p *IAMOIDCProvider) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMOID
OpenIDConnectProviderArn: a.arn,
ClientID: &elem,
}
_, err := t.Cloud.IAM().RemoveClientIDFromOpenIDConnectProvider(request)
_, err := t.Cloud.IAM().RemoveClientIDFromOpenIDConnectProvider(ctx, request)
if err != nil {
return fmt.Errorf("error removing audience %s to IAMOIDCProvider: %v", elem, err)
}
@ -200,7 +203,7 @@ func (p *IAMOIDCProvider) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMOID
OpenIDConnectProviderArn: a.arn,
ClientID: &elem,
}
_, err := t.Cloud.IAM().AddClientIDToOpenIDConnectProvider(request)
_, err := t.Cloud.IAM().AddClientIDToOpenIDConnectProvider(ctx, request)
if err != nil {
return fmt.Errorf("error adding audience %s to IAMOIDCProvider: %v", elem, err)
}
@ -211,9 +214,9 @@ func (p *IAMOIDCProvider) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMOID
}
type terraformIAMOIDCProvider struct {
URL *string `cty:"url"`
ClientIDList []*string `cty:"client_id_list"`
ThumbprintList []*string `cty:"thumbprint_list"`
URL *string `cty:"url"`
ClientIDList []string `cty:"client_id_list"`
ThumbprintList []string `cty:"thumbprint_list"`
AssumeRolePolicy *terraformWriter.Literal `cty:"assume_role_policy"`
Tags map[string]string `cty:"tags"`
@ -225,7 +228,7 @@ func (p *IAMOIDCProvider) RenderTerraform(t *terraform.TerraformTarget, a, e, ch
return err
}
issuerSubs := strings.SplitAfter(aws.StringValue(e.URL), "://")
issuerSubs := strings.SplitAfter(aws.ToString(e.URL), "://")
issuer := issuerSubs[len(issuerSubs)-1]
err = t.AddOutputVariable("iam_openid_connect_provider_issuer", terraformWriter.LiteralFromStringValue(issuer))
if err != nil {

97
upup/pkg/fi/cloudup/awstasks/iamrole.go
View File

@ -17,14 +17,16 @@ limitations under the License.
package awstasks
import (
"context"
"encoding/json"
"errors"
"fmt"
"net/url"
"reflect"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/iam"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"k8s.io/klog/v2"
"k8s.io/kops/pkg/diff"
"k8s.io/kops/upup/pkg/fi"
@ -61,15 +63,15 @@ func (e *IAMRole) CompareWithID() *string {
}
func (e *IAMRole) Find(c *fi.CloudupContext) (*IAMRole, error) {
ctx := c.Context()
cloud := c.T.Cloud.(awsup.AWSCloud)
request := &iam.GetRoleInput{RoleName: e.Name}
response, err := cloud.IAM().GetRole(request)
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Code() == iam.ErrCodeNoSuchEntityException {
return nil, nil
}
response, err := cloud.IAM().GetRole(ctx, request)
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
return nil, nil
}
if err != nil {
return nil, fmt.Errorf("error getting role: %v", err)
@ -95,17 +97,17 @@ func (e *IAMRole) Find(c *fi.CloudupContext) (*IAMRole, error) {
if e.RolePolicyDocument != nil {
expectedPolicy, err := fi.ResourceAsString(e.RolePolicyDocument)
if err != nil {
return nil, fmt.Errorf("error reading expected RolePolicyDocument for IAMRole %q: %v", aws.StringValue(e.Name), err)
return nil, fmt.Errorf("error reading expected RolePolicyDocument for IAMRole %q: %v", aws.ToString(e.Name), err)
}
expectedJson := make(map[string]interface{})
err = json.Unmarshal([]byte(expectedPolicy), &expectedJson)
if err != nil {
return nil, fmt.Errorf("error parsing expected RolePolicyDocument for IAMRole %q: %v", aws.StringValue(e.Name), err)
return nil, fmt.Errorf("error parsing expected RolePolicyDocument for IAMRole %q: %v", aws.ToString(e.Name), err)
}
actualJson := make(map[string]interface{})
err = json.Unmarshal([]byte(actualPolicy), &actualJson)
if err != nil {
return nil, fmt.Errorf("error parsing actual RolePolicyDocument for IAMRole %q: %v", aws.StringValue(e.Name), err)
return nil, fmt.Errorf("error parsing actual RolePolicyDocument for IAMRole %q: %v", aws.ToString(e.Name), err)
}
if reflect.DeepEqual(actualJson, expectedJson) {
@ -118,7 +120,7 @@ func (e *IAMRole) Find(c *fi.CloudupContext) (*IAMRole, error) {
}
actual.Tags = mapIAMTagsToMap(r.Tags)
klog.V(2).Infof("found matching IAMRole %q", aws.StringValue(actual.ID))
klog.V(2).Infof("found matching IAMRole %q", aws.ToString(actual.ID))
e.ID = actual.ID
// Avoid spurious changes
@ -153,10 +155,11 @@ func (s *IAMRole) CheckChanges(a, e, changes *IAMRole) error {
}
func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error {
ctx := context.TODO()
if e.RolePolicyDocument == nil {
klog.V(2).Infof("Deleting IAM role %q", fi.ValueOf(a.Name))
var attachedPolicies []*iam.AttachedPolicy
var attachedPolicies []iamtypes.AttachedPolicy
var policyNames []string
// List Inline policies
@ -164,19 +167,20 @@ func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error
request := &iam.ListRolePoliciesInput{
RoleName: a.Name,
}
err := t.Cloud.IAM().ListRolePoliciesPages(request, func(page *iam.ListRolePoliciesOutput, lastPage bool) bool {
paginator := iam.NewListRolePoliciesPaginator(t.Cloud.IAM(), request)
for paginator.HasMorePages() {
page, err := paginator.NextPage(ctx)
if err != nil {
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
klog.V(2).Infof("Got NoSuchEntity describing IAM RolePolicy; will treat as already-deleted")
return nil
}
return fmt.Errorf("error listing IAM role policies: %v", err)
}
for _, policy := range page.PolicyNames {
policyNames = append(policyNames, aws.StringValue(policy))
policyNames = append(policyNames, policy)
}
return true
})
if err != nil {
if awsup.AWSErrorCode(err) == iam.ErrCodeNoSuchEntityException {
klog.V(2).Infof("Got NoSuchEntity describing IAM RolePolicy; will treat as already-deleted")
return nil
}
return fmt.Errorf("error listing IAM role policies: %v", err)
}
}
@ -185,17 +189,18 @@ func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error
request := &iam.ListAttachedRolePoliciesInput{
RoleName: a.Name,
}
err := t.Cloud.IAM().ListAttachedRolePoliciesPages(request, func(page *iam.ListAttachedRolePoliciesOutput, lastPage bool) bool {
attachedPolicies = append(attachedPolicies, page.AttachedPolicies...)
return true
})
if err != nil {
if awsup.AWSErrorCode(err) == iam.ErrCodeNoSuchEntityException {
klog.V(2).Infof("Got NoSuchEntity describing IAM RolePolicy; will treat as already-detached")
return nil
paginator := iam.NewListAttachedRolePoliciesPaginator(t.Cloud.IAM(), request)
for paginator.HasMorePages() {
page, err := paginator.NextPage(ctx)
if err != nil {
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
klog.V(2).Infof("Got NoSuchEntity describing IAM RolePolicy; will treat as already-deleted")
return nil
}
return fmt.Errorf("error listing IAM role policies for %v", err)
}
return fmt.Errorf("error listing IAM role policies for %v", err)
attachedPolicies = append(attachedPolicies, page.AttachedPolicies...)
}
}
@ -206,7 +211,7 @@ func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error
RoleName: a.Name,
PolicyName: aws.String(policyName),
}
_, err := t.Cloud.IAM().DeleteRolePolicy(request)
_, err := t.Cloud.IAM().DeleteRolePolicy(ctx, request)
if err != nil {
return fmt.Errorf("error deleting IAM role policy %q: %v", policyName, err)
}
@ -214,12 +219,12 @@ func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error
// Detach Managed Policies
for _, policy := range attachedPolicies {
klog.V(2).Infof("Detaching IAM role policy %q", policy)
klog.V(2).Infof("Detaching IAM role policy %v", policy)
request := &iam.DetachRolePolicyInput{
RoleName: a.Name,
PolicyArn: policy.PolicyArn,
}
_, err := t.Cloud.IAM().DetachRolePolicy(request)
_, err := t.Cloud.IAM().DetachRolePolicy(ctx, request)
if err != nil {
return fmt.Errorf("error detaching IAM role policy %q: %v", *policy.PolicyArn, err)
}
@ -228,7 +233,7 @@ func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error
request := &iam.DeleteRoleInput{
RoleName: a.Name,
}
if _, err := t.Cloud.IAM().DeleteRole(request); err != nil {
if _, err := t.Cloud.IAM().DeleteRole(ctx, request); err != nil {
return fmt.Errorf("error deleting IAM role: %v", err)
}
return nil
@ -251,7 +256,7 @@ func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error
request.PermissionsBoundary = e.PermissionsBoundary
}
response, err := t.Cloud.IAM().CreateRole(request)
response, err := t.Cloud.IAM().CreateRole(ctx, request)
if err != nil {
klog.V(2).Infof("IAMRole policy: %s", policy)
return fmt.Errorf("error creating IAMRole: %v", err)
@ -283,7 +288,7 @@ func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error
request.PolicyDocument = aws.String(policy)
request.RoleName = e.Name
_, err = t.Cloud.IAM().UpdateAssumeRolePolicy(request)
_, err = t.Cloud.IAM().UpdateAssumeRolePolicy(ctx, request)
if err != nil {
return fmt.Errorf("error updating IAMRole: %v", err)
}
@ -295,28 +300,28 @@ func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error
request.RoleName = e.Name
request.PermissionsBoundary = e.PermissionsBoundary
if _, err := t.Cloud.IAM().PutRolePermissionsBoundary(request); err != nil {
if _, err := t.Cloud.IAM().PutRolePermissionsBoundary(ctx, request); err != nil {
return fmt.Errorf("error updating IAMRole: %v", err)
}
} else if a.PermissionsBoundary != nil && e.PermissionsBoundary == nil {
request := &iam.DeleteRolePermissionsBoundaryInput{}
request.RoleName = e.Name
if _, err := t.Cloud.IAM().DeleteRolePermissionsBoundary(request); err != nil {
if _, err := t.Cloud.IAM().DeleteRolePermissionsBoundary(ctx, request); err != nil {
return fmt.Errorf("error updating IAMRole: %v", err)
}
}
if changes.Tags != nil {
if len(a.Tags) > 0 {
existingTagKeys := make([]*string, 0)
existingTagKeys := make([]string, 0)
for k := range a.Tags {
existingTagKeys = append(existingTagKeys, &k)
existingTagKeys = append(existingTagKeys, k)
}
untagRequest := &iam.UntagRoleInput{
RoleName: e.Name,
TagKeys: existingTagKeys,
}
_, err = t.Cloud.IAM().UntagRole(untagRequest)
_, err = t.Cloud.IAM().UntagRole(ctx, untagRequest)
if err != nil {
return fmt.Errorf("error untagging IAMRole: %v", err)
}
@ -326,7 +331,7 @@ func (_ *IAMRole) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRole) error
RoleName: e.Name,
Tags: mapToIAMTags(e.Tags),
}
_, err = t.Cloud.IAM().TagRole(tagRequest)
_, err = t.Cloud.IAM().TagRole(ctx, tagRequest)
if err != nil {
return fmt.Errorf("error tagging IAMRole: %v", err)
}

59
upup/pkg/fi/cloudup/awstasks/iamrolepolicy.go
View File

@ -17,16 +17,18 @@ limitations under the License.
package awstasks
import (
"context"
"encoding/json"
"errors"
"fmt"
"hash/fnv"
"net/url"
"sort"
"strings"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/iam"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"k8s.io/klog/v2"
"k8s.io/kops/pkg/diff"
"k8s.io/kops/upup/pkg/fi"
@ -53,6 +55,7 @@ type IAMRolePolicy struct {
}
func (e *IAMRolePolicy) Find(c *fi.CloudupContext) (*IAMRolePolicy, error) {
ctx := c.Context()
var actual IAMRolePolicy
cloud := c.T.Cloud.(awsup.AWSCloud)
@ -63,19 +66,21 @@ func (e *IAMRolePolicy) Find(c *fi.CloudupContext) (*IAMRolePolicy, error) {
RoleName: e.Role.Name,
}
response, err := cloud.IAM().ListAttachedRolePolicies(request)
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Code() == iam.ErrCodeNoSuchEntityException {
response, err := cloud.IAM().ListAttachedRolePolicies(ctx, request)
if err != nil {
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
klog.V(2).Infof("Got NoSuchEntity describing IAM RolePolicy; will treat as already-deleted")
return nil, nil
}
return nil, fmt.Errorf("error getting policies for role: %v", err)
return nil, fmt.Errorf("error listing policies for role: %w", err)
}
var policies []string
if response != nil && len(response.AttachedPolicies) > 0 {
for _, policy := range response.AttachedPolicies {
policies = append(policies, aws.StringValue(policy.PolicyArn))
policies = append(policies, aws.ToString(policy.PolicyArn))
}
}
sort.Strings(policies)
@ -95,19 +100,18 @@ func (e *IAMRolePolicy) Find(c *fi.CloudupContext) (*IAMRolePolicy, error) {
PolicyName: e.Name,
}
response, err := cloud.IAM().GetRolePolicy(request)
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Code() == iam.ErrCodeNoSuchEntityException {
response, err := cloud.IAM().GetRolePolicy(ctx, request)
if err != nil {
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
return nil, nil
}
}
if err != nil {
return nil, fmt.Errorf("error getting role: %v", err)
}
p := response
actual.Role = &IAMRole{Name: p.RoleName}
if aws.StringValue(e.Role.Name) == aws.StringValue(p.RoleName) {
if aws.ToString(e.Role.Name) == aws.ToString(p.RoleName) {
actual.Role.ID = e.Role.ID
}
if p.PolicyDocument != nil {
@ -115,7 +119,7 @@ func (e *IAMRolePolicy) Find(c *fi.CloudupContext) (*IAMRolePolicy, error) {
policy := *p.PolicyDocument
policy, err = url.QueryUnescape(policy)
if err != nil {
return nil, fmt.Errorf("error parsing PolicyDocument for IAMRolePolicy %q: %v", aws.StringValue(e.Name), err)
return nil, fmt.Errorf("error parsing PolicyDocument for IAMRolePolicy %q: %v", aws.ToString(e.Name), err)
}
// Reformat the PolicyDocument by unmarshaling and re-marshaling to JSON.
@ -169,6 +173,7 @@ func (_ *IAMRolePolicy) ShouldCreate(a, e, changes *IAMRolePolicy) (bool, error)
}
func (_ *IAMRolePolicy) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRolePolicy) error {
ctx := context.TODO()
policy, err := e.policyDocumentString()
if err != nil {
return fmt.Errorf("error rendering PolicyDocument: %v", err)
@ -190,7 +195,7 @@ func (_ *IAMRolePolicy) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRoleP
PolicyArn: s(policy),
}
_, err = t.Cloud.IAM().AttachRolePolicy(request)
_, err = t.Cloud.IAM().AttachRolePolicy(ctx, request)
if err != nil {
return fmt.Errorf("error attaching IAMRolePolicy: %v", err)
}
@ -205,7 +210,7 @@ func (_ *IAMRolePolicy) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRoleP
}
}
klog.V(2).Infof("Detaching unused IAMRolePolicy %s/%s", aws.StringValue(e.Role.Name), cloudPolicy)
klog.V(2).Infof("Detaching unused IAMRolePolicy %s/%s", aws.ToString(e.Role.Name), cloudPolicy)
// Detach policy
request := &iam.DetachRolePolicyInput{
@ -213,9 +218,9 @@ func (_ *IAMRolePolicy) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRoleP
PolicyArn: s(cloudPolicy),
}
_, err := t.Cloud.IAM().DetachRolePolicy(request)
_, err := t.Cloud.IAM().DetachRolePolicy(ctx, request)
if err != nil {
klog.V(2).Infof("Unable to detach IAMRolePolicy %s/%s", aws.StringValue(e.Role.Name), cloudPolicy)
klog.V(2).Infof("Unable to detach IAMRolePolicy %s/%s", aws.ToString(e.Role.Name), cloudPolicy)
return err
}
}
@ -230,12 +235,12 @@ func (_ *IAMRolePolicy) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRoleP
request.RoleName = e.Role.Name
request.PolicyName = e.Name
klog.V(2).Infof("Deleting role policy %s/%s", aws.StringValue(e.Role.Name), aws.StringValue(e.Name))
_, err = t.Cloud.IAM().DeleteRolePolicy(request)
klog.V(2).Infof("Deleting role policy %s/%s", aws.ToString(e.Role.Name), aws.ToString(e.Name))
_, err = t.Cloud.IAM().DeleteRolePolicy(ctx, request)
if err != nil {
if awsup.AWSErrorCode(err) == iam.ErrCodeNoSuchEntityException {
// Already deleted
klog.V(2).Infof("Got NoSuchEntity deleting role policy %s/%s; assuming does not exist", aws.StringValue(e.Role.Name), aws.StringValue(e.Name))
var nse *iamtypes.NoSuchEntityException
if errors.As(err, &nse) {
klog.V(2).Infof("Got NoSuchEntity deleting role policy %s/%s; assuming does not exist", aws.ToString(e.Role.Name), aws.ToString(e.Name))
return nil
}
return fmt.Errorf("error deleting IAMRolePolicy: %v", err)
@ -274,11 +279,11 @@ func (_ *IAMRolePolicy) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAMRoleP
request.RoleName = e.Role.Name
request.PolicyName = e.Name
klog.V(8).Infof("PutRolePolicy RoleName=%s PolicyName=%s: %s", aws.StringValue(e.Role.Name), aws.StringValue(e.Name), policy)
klog.V(8).Infof("PutRolePolicy RoleName=%s PolicyName=%s: %s", aws.ToString(e.Role.Name), aws.ToString(e.Name), policy)
_, err = t.Cloud.IAM().PutRolePolicy(request)
_, err = t.Cloud.IAM().PutRolePolicy(ctx, request)
if err != nil {
klog.V(2).Infof("PutRolePolicy RoleName=%s PolicyName=%s: %s", aws.StringValue(e.Role.Name), aws.StringValue(e.Name), policy)
klog.V(2).Infof("PutRolePolicy RoleName=%s PolicyName=%s: %s", aws.ToString(e.Role.Name), aws.ToString(e.Name), policy)
return fmt.Errorf("error creating/updating IAMRolePolicy: %v", err)
}
}

10
upup/pkg/fi/cloudup/awstasks/tags.go
View File

@ -20,9 +20,9 @@ import (
"strings"
eventbridgetypes "github.com/aws/aws-sdk-go-v2/service/eventbridge/types"
iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/aws/aws-sdk-go/service/iam"
)
func mapEC2TagsToMap(tags []*ec2.Tag) map[string]string {
@ -39,7 +39,7 @@ func mapEC2TagsToMap(tags []*ec2.Tag) map[string]string {
return m
}
func mapIAMTagsToMap(tags []*iam.Tag) map[string]string {
func mapIAMTagsToMap(tags []iamtypes.Tag) map[string]string {
if tags == nil {
return nil
}
@ -53,13 +53,13 @@ func mapIAMTagsToMap(tags []*iam.Tag) map[string]string {
return m
}
func mapToIAMTags(tags map[string]string) []*iam.Tag {
func mapToIAMTags(tags map[string]string) []iamtypes.Tag {
if tags == nil {
return nil
}
m := make([]*iam.Tag, 0)
m := make([]iamtypes.Tag, 0)
for k, v := range tags {
m = append(m, &iam.Tag{
m = append(m, iamtypes.Tag{
Key: aws.String(k),
Value: aws.String(v),
})

22
upup/pkg/fi/cloudup/awsup/aws_cloud.go
View File

@ -34,6 +34,7 @@ import (
"github.com/aws/aws-sdk-go-v2/aws/arn"
"github.com/aws/aws-sdk-go-v2/aws/retry"
"github.com/aws/aws-sdk-go-v2/service/iam"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
@ -47,8 +48,6 @@ import (
"github.com/aws/aws-sdk-go/service/elb/elbiface"
"github.com/aws/aws-sdk-go/service/elbv2"
"github.com/aws/aws-sdk-go/service/elbv2/elbv2iface"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/aws/aws-sdk-go/service/iam/iamiface"
"github.com/aws/aws-sdk-go/service/route53"
"github.com/aws/aws-sdk-go/service/route53/route53iface"
"github.com/aws/aws-sdk-go/service/sts"
@ -128,7 +127,7 @@ type AWSCloud interface {
fi.Cloud
Session() (*session.Session, error)
EC2() ec2iface.EC2API
IAM() iamiface.IAMAPI
IAM() awsinterfaces.IAMAPI
ELB() elbiface.ELBAPI
ELBV2() elbv2iface.ELBV2API
Autoscaling() autoscalingiface.AutoScalingAPI
@ -197,7 +196,7 @@ type AWSCloud interface {
type awsCloudImplementation struct {
ec2 *ec2.EC2
iam *iam.IAM
iam *iam.Client
elb *elb.ELB
elbv2 *elbv2.ELBV2
autoscaling *autoscaling.AutoScaling
@ -333,16 +332,7 @@ func NewAWSCloud(region string, tags map[string]string) (AWSCloud, error) {
c.ec2.Handlers.Send.PushFront(requestLogger)
c.addHandlers(region, &c.ec2.Handlers)
sess, err = session.NewSessionWithOptions(session.Options{
Config: *config,
SharedConfigState: session.SharedConfigEnable,
})
if err != nil {
return c, err
}
c.iam = iam.New(sess, config)
c.iam.Handlers.Send.PushFront(requestLogger)
c.addHandlers(region, &c.iam.Handlers)
c.iam = iam.NewFromConfig(cfgV2)
sess, err = session.NewSessionWithOptions(session.Options{
Config: *config,
@ -2187,7 +2177,7 @@ func (c *awsCloudImplementation) EC2() ec2iface.EC2API {
return c.ec2
}
func (c *awsCloudImplementation) IAM() iamiface.IAMAPI {
func (c *awsCloudImplementation) IAM() awsinterfaces.IAMAPI {
return c.iam
}
@ -2457,7 +2447,7 @@ func (c *awsCloudImplementation) AccountInfo() (string, string, error) {
// GetRolesInInstanceProfile return role names which are associated with the instance profile specified by profileName.
func GetRolesInInstanceProfile(c AWSCloud, profileName string) ([]string, error) {
output, err := c.IAM().GetInstanceProfile(&iam.GetInstanceProfileInput{
output, err := c.IAM().GetInstanceProfile(context.TODO(), &iam.GetInstanceProfileInput{
InstanceProfileName: aws.String(profileName),
})
if err != nil {

5
upup/pkg/fi/cloudup/awsup/mock_aws_cloud.go
View File

@ -30,7 +30,6 @@ import (
"github.com/aws/aws-sdk-go/service/elb/elbiface"
"github.com/aws/aws-sdk-go/service/elbv2"
"github.com/aws/aws-sdk-go/service/elbv2/elbv2iface"
"github.com/aws/aws-sdk-go/service/iam/iamiface"
"github.com/aws/aws-sdk-go/service/route53/route53iface"
v1 "k8s.io/api/core/v1"
"k8s.io/klog/v2"
@ -79,7 +78,7 @@ func BuildMockAWSCloud(region string, zoneLetters string) *MockAWSCloud {
type MockCloud struct {
MockAutoscaling autoscalingiface.AutoScalingAPI
MockEC2 ec2iface.EC2API
MockIAM iamiface.IAMAPI
MockIAM awsinterfaces.IAMAPI
MockRoute53 route53iface.Route53API
MockELB elbiface.ELBAPI
MockELBV2 elbv2iface.ELBV2API
@ -244,7 +243,7 @@ func (c *MockAWSCloud) EC2() ec2iface.EC2API {
return c.MockEC2
}
func (c *MockAWSCloud) IAM() iamiface.IAMAPI {
func (c *MockAWSCloud) IAM() awsinterfaces.IAMAPI {
if c.MockIAM == nil {
klog.Fatalf("MockAWSCloud MockIAM not set")
}

59
util/pkg/awsinterfaces/iam.go Normal file
View File

@ -0,0 +1,59 @@
/*
Copyright 2024 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package awsinterfaces
import (
"context"
"github.com/aws/aws-sdk-go-v2/service/iam"
)
type IAMAPI interface {
AddClientIDToOpenIDConnectProvider(ctx context.Context, params *iam.AddClientIDToOpenIDConnectProviderInput, optFns ...func(*iam.Options)) (*iam.AddClientIDToOpenIDConnectProviderOutput, error)
AddRoleToInstanceProfile(ctx context.Context, params *iam.AddRoleToInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.AddRoleToInstanceProfileOutput, error)
AttachRolePolicy(ctx context.Context, params *iam.AttachRolePolicyInput, optFns ...func(*iam.Options)) (*iam.AttachRolePolicyOutput, error)
CreateRole(ctx context.Context, params *iam.CreateRoleInput, optFns ...func(*iam.Options)) (*iam.CreateRoleOutput, error)
CreateInstanceProfile(ctx context.Context, params *iam.CreateInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.CreateInstanceProfileOutput, error)
CreateOpenIDConnectProvider(ctx context.Context, params *iam.CreateOpenIDConnectProviderInput, optFns ...func(*iam.Options)) (*iam.CreateOpenIDConnectProviderOutput, error)
DeleteInstanceProfile(ctx context.Context, params *iam.DeleteInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.DeleteInstanceProfileOutput, error)
DeleteOpenIDConnectProvider(ctx context.Context, params *iam.DeleteOpenIDConnectProviderInput, optFns ...func(*iam.Options)) (*iam.DeleteOpenIDConnectProviderOutput, error)
DeleteRole(ctx context.Context, params *iam.DeleteRoleInput, optFns ...func(*iam.Options)) (*iam.DeleteRoleOutput, error)
DeleteRolePermissionsBoundary(ctx context.Context, params *iam.DeleteRolePermissionsBoundaryInput, optFns ...func(*iam.Options)) (*iam.DeleteRolePermissionsBoundaryOutput, error)
DeleteRolePolicy(ctx context.Context, params *iam.DeleteRolePolicyInput, optFns ...func(*iam.Options)) (*iam.DeleteRolePolicyOutput, error)
DetachRolePolicy(ctx context.Context, params *iam.DetachRolePolicyInput, optFns ...func(*iam.Options)) (*iam.DetachRolePolicyOutput, error)
GetInstanceProfile(ctx context.Context, params *iam.GetInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.GetInstanceProfileOutput, error)
GetOpenIDConnectProvider(ctx context.Context, params *iam.GetOpenIDConnectProviderInput, optFns ...func(*iam.Options)) (*iam.GetOpenIDConnectProviderOutput, error)
GetRole(ctx context.Context, params *iam.GetRoleInput, optFns ...func(*iam.Options)) (*iam.GetRoleOutput, error)
GetRolePolicy(ctx context.Context, params *iam.GetRolePolicyInput, optFns ...func(*iam.Options)) (*iam.GetRolePolicyOutput, error)
ListAttachedRolePolicies(ctx context.Context, params *iam.ListAttachedRolePoliciesInput, optFns ...func(*iam.Options)) (*iam.ListAttachedRolePoliciesOutput, error)
ListInstanceProfiles(ctx context.Context, params *iam.ListInstanceProfilesInput, optFns ...func(*iam.Options)) (*iam.ListInstanceProfilesOutput, error)
ListOpenIDConnectProviders(ctx context.Context, params *iam.ListOpenIDConnectProvidersInput, optFns ...func(*iam.Options)) (*iam.ListOpenIDConnectProvidersOutput, error)
ListRolePolicies(ctx context.Context, params *iam.ListRolePoliciesInput, optFns ...func(*iam.Options)) (*iam.ListRolePoliciesOutput, error)
ListRoles(ctx context.Context, params *iam.ListRolesInput, optFns ...func(*iam.Options)) (*iam.ListRolesOutput, error)
PutRolePermissionsBoundary(ctx context.Context, params *iam.PutRolePermissionsBoundaryInput, optFns ...func(*iam.Options)) (*iam.PutRolePermissionsBoundaryOutput, error)
PutRolePolicy(ctx context.Context, params *iam.PutRolePolicyInput, optFns ...func(*iam.Options)) (*iam.PutRolePolicyOutput, error)
RemoveClientIDFromOpenIDConnectProvider(ctx context.Context, params *iam.RemoveClientIDFromOpenIDConnectProviderInput, optFns ...func(*iam.Options)) (*iam.RemoveClientIDFromOpenIDConnectProviderOutput, error)
RemoveRoleFromInstanceProfile(ctx context.Context, params *iam.RemoveRoleFromInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.RemoveRoleFromInstanceProfileOutput, error)
TagInstanceProfile(ctx context.Context, params *iam.TagInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.TagInstanceProfileOutput, error)
TagOpenIDConnectProvider(ctx context.Context, params *iam.TagOpenIDConnectProviderInput, optFns ...func(*iam.Options)) (*iam.TagOpenIDConnectProviderOutput, error)
TagRole(ctx context.Context, params *iam.TagRoleInput, optFns ...func(*iam.Options)) (*iam.TagRoleOutput, error)
UntagInstanceProfile(ctx context.Context, params *iam.UntagInstanceProfileInput, optFns ...func(*iam.Options)) (*iam.UntagInstanceProfileOutput, error)
UntagOpenIDConnectProvider(ctx context.Context, params *iam.UntagOpenIDConnectProviderInput, optFns ...func(*iam.Options)) (*iam.UntagOpenIDConnectProviderOutput, error)
UpdateOpenIDConnectProviderThumbprint(ctx context.Context, params *iam.UpdateOpenIDConnectProviderThumbprintInput, optFns ...func(*iam.Options)) (*iam.UpdateOpenIDConnectProviderThumbprintOutput, error)
UntagRole(ctx context.Context, params *iam.UntagRoleInput, optFns ...func(*iam.Options)) (*iam.UntagRoleOutput, error)
UpdateAssumeRolePolicy(ctx context.Context, params *iam.UpdateAssumeRolePolicyInput, optFns ...func(*iam.Options)) (*iam.UpdateAssumeRolePolicyOutput, error)
}

437
vendor/github.com/aws/aws-sdk-go-v2/service/iam/CHANGELOG.md generated vendored Normal file
View File

@ -0,0 +1,437 @@
# v1.31.4 (2024-03-29)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.31.3 (2024-03-18)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.31.2 (2024-03-07)
* **Bug Fix**: Remove dependency on go-cmp.
* **Dependency Update**: Updated to the latest SDK module versions
# v1.31.1 (2024-02-23)
* **Bug Fix**: Move all common, SDK-side middleware stack ops into the service client module to prevent cross-module compatibility issues in the future.
* **Dependency Update**: Updated to the latest SDK module versions
# v1.31.0 (2024-02-22)
* **Feature**: Add middleware stack snapshot tests.
# v1.30.2 (2024-02-21)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.30.1 (2024-02-20)
* **Bug Fix**: When sourcing values for a service's `EndpointParameters`, the lack of a configured region (i.e. `options.Region == ""`) will now translate to a `nil` value for `EndpointParameters.Region` instead of a pointer to the empty string `""`. This will result in a much more explicit error when calling an operation instead of an obscure hostname lookup failure.
# v1.30.0 (2024-02-16)
* **Feature**: Add new ClientOptions field to waiter config which allows you to extend the config for operation calls made by waiters.
# v1.29.0 (2024-02-13)
* **Feature**: Bump minimum Go version to 1.20 per our language support policy.
* **Dependency Update**: Updated to the latest SDK module versions
# v1.28.7 (2024-01-04)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.28.6 (2023-12-26)
* **Documentation**: Documentation updates for AWS Identity and Access Management (IAM).
# v1.28.5 (2023-12-08)
* **Bug Fix**: Reinstate presence of default Retryer in functional options, but still respect max attempts set therein.
# v1.28.4 (2023-12-07)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.28.3 (2023-12-06)
* **Bug Fix**: Restore pre-refactor auth behavior where all operations could technically be performed anonymously.
# v1.28.2 (2023-12-01)
* **Bug Fix**: Correct wrapping of errors in authentication workflow.
* **Bug Fix**: Correctly recognize cache-wrapped instances of AnonymousCredentials at client construction.
* **Dependency Update**: Updated to the latest SDK module versions
# v1.28.1 (2023-11-30)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.28.0 (2023-11-29)
* **Feature**: Expose Options() accessor on service clients.
* **Dependency Update**: Updated to the latest SDK module versions
# v1.27.5 (2023-11-28.2)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.27.4 (2023-11-28)
* **Bug Fix**: Respect setting RetryMaxAttempts in functional options at client construction.
# v1.27.3 (2023-11-20)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.27.2 (2023-11-15)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.27.1 (2023-11-09)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.27.0 (2023-11-06)
* **Feature**: Add partitional endpoint for iso-e.
# v1.26.0 (2023-11-01)
* **Feature**: Adds support for configured endpoints via environment variables and the AWS shared configuration file.
* **Dependency Update**: Updated to the latest SDK module versions
# v1.25.0 (2023-10-31)
* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/).
* **Dependency Update**: Updated to the latest SDK module versions
# v1.24.0 (2023-10-25)
* **Feature**: Updates to GetAccessKeyLastUsed action to replace NoSuchEntity error with AccessDeniedException error.
# v1.23.0 (2023-10-24)
* **Feature**: Add the partitional endpoint for IAM in iso-f.
# v1.22.7 (2023-10-12)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.22.6 (2023-10-06)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.22.5 (2023-08-21)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.22.4 (2023-08-18)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.22.3 (2023-08-17)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.22.2 (2023-08-07)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.22.1 (2023-08-01)
* No change notes available for this release.
# v1.22.0 (2023-07-31)
* **Feature**: Adds support for smithy-modeled endpoint resolution. A new rules-based endpoint resolution will be added to the SDK which will supercede and deprecate existing endpoint resolution. Specifically, EndpointResolver will be deprecated while BaseEndpoint and EndpointResolverV2 will take its place. For more information, please see the Endpoints section in our Developer Guide.
* **Dependency Update**: Updated to the latest SDK module versions
# v1.21.2 (2023-07-28)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.21.1 (2023-07-13)
* **Documentation**: Documentation updates for AWS Identity and Access Management (IAM).
* **Dependency Update**: Updated to the latest SDK module versions
# v1.21.0 (2023-06-26)
* **Feature**: Support for a new API "GetMFADevice" to present MFA device metadata such as device certifications
# v1.20.3 (2023-06-16)
* **Documentation**: Documentation updates for AWS Identity and Access Management (IAM).
# v1.20.2 (2023-06-15)
* No change notes available for this release.
# v1.20.1 (2023-06-13)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.20.0 (2023-06-06)
* **Feature**: This release updates the AccountAlias regex pattern with the same length restrictions enforced by the length constraint.
# v1.19.12 (2023-05-04)
* No change notes available for this release.
# v1.19.11 (2023-04-24)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.19.10 (2023-04-10)
* No change notes available for this release.
# v1.19.9 (2023-04-07)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.19.8 (2023-03-22)
* **Documentation**: Documentation updates for AWS Identity and Access Management (IAM).
# v1.19.7 (2023-03-21)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.19.6 (2023-03-14)
* **Documentation**: Documentation only updates to correct customer-reported issues
# v1.19.5 (2023-03-10)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.19.4 (2023-02-22)
* **Bug Fix**: Prevent nil pointer dereference when retrieving error codes.
# v1.19.3 (2023-02-20)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.19.2 (2023-02-03)
* **Dependency Update**: Updated to the latest SDK module versions
* **Dependency Update**: Upgrade smithy to 1.27.2 and correct empty query list serialization.
# v1.19.1 (2023-02-01)
* **Documentation**: Documentation updates for AWS Identity and Access Management (IAM).
# v1.19.0 (2023-01-05)
* **Feature**: Add `ErrorCodeOverride` field to all error structs (aws/smithy-go#401).
# v1.18.25 (2022-12-15)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.24 (2022-12-02)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.23 (2022-10-26)
* **Documentation**: Doc only update that corrects instances of CLI not using an entity.
# v1.18.22 (2022-10-24)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.21 (2022-10-21)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.20 (2022-10-13)
* **Documentation**: Documentation updates for the AWS Identity and Access Management API Reference.
# v1.18.19 (2022-09-20)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.18 (2022-09-14)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.17 (2022-09-02)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.16 (2022-08-31)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.15 (2022-08-29)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.14 (2022-08-24)
* **Documentation**: Documentation updates for AWS Identity and Access Management (IAM).
# v1.18.13 (2022-08-11)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.12 (2022-08-09)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.11 (2022-08-08)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.10 (2022-08-01)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.9 (2022-07-05)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.8 (2022-06-29)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.7 (2022-06-08)
* **Documentation**: Documentation updates for AWS Identity and Access Management (IAM).
# v1.18.6 (2022-06-07)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.5 (2022-05-17)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.4 (2022-04-25)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.3 (2022-03-30)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.2 (2022-03-24)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.1 (2022-03-23)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.18.0 (2022-03-08)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
* **Dependency Update**: Updated to the latest SDK module versions
# v1.17.0 (2022-02-24)
* **Feature**: API client updated
* **Feature**: Adds RetryMaxAttempts and RetryMod to API client Options. This allows the API clients' default Retryer to be configured from the shared configuration files or environment variables. Adding a new Retry mode of `Adaptive`. `Adaptive` retry mode is an experimental mode, adding client rate limiting when throttles reponses are received from an API. See [retry.AdaptiveMode](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/retry#AdaptiveMode) for more details, and configuration options.
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
* **Dependency Update**: Updated to the latest SDK module versions
# v1.16.0 (2022-01-14)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
* **Dependency Update**: Updated to the latest SDK module versions
# v1.15.0 (2022-01-07)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
* **Dependency Update**: Updated to the latest SDK module versions
# v1.14.0 (2021-12-21)
* **Feature**: API Paginators now support specifying the initial starting token, and support stopping on empty string tokens.
# v1.13.2 (2021-12-02)
* **Bug Fix**: Fixes a bug that prevented aws.EndpointResolverWithOptions from being used by the service client. ([#1514](https://github.com/aws/aws-sdk-go-v2/pull/1514))
* **Dependency Update**: Updated to the latest SDK module versions
# v1.13.1 (2021-11-19)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.13.0 (2021-11-12)
* **Feature**: Service clients now support custom endpoints that have an initial URI path defined.
* **Feature**: Waiters now have a `WaitForOutput` method, which can be used to retrieve the output of the successful wait operation. Thank you to [Andrew Haines](https://github.com/haines) for contributing this feature.
# v1.12.0 (2021-11-06)
* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically.
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
* **Feature**: Updated service to latest API model.
* **Dependency Update**: Updated to the latest SDK module versions
# v1.11.0 (2021-10-21)
* **Feature**: Updated to latest version
* **Dependency Update**: Updated to the latest SDK module versions
# v1.10.1 (2021-10-11)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.10.0 (2021-09-24)
* **Feature**: API client updated
# v1.9.1 (2021-09-17)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.9.0 (2021-08-27)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
* **Dependency Update**: Updated to the latest SDK module versions
# v1.8.1 (2021-08-19)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.8.0 (2021-08-04)
* **Feature**: Updated to latest API model.
* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version.
* **Dependency Update**: Updated to the latest SDK module versions
# v1.7.0 (2021-07-15)
* **Feature**: The ErrorCode method on generated service error types has been corrected to match the API model.
* **Documentation**: Updated service model to latest revision.
* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version
* **Dependency Update**: Updated to the latest SDK module versions
# v1.6.0 (2021-06-25)
* **Feature**: API client updated
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
* **Dependency Update**: Updated to the latest SDK module versions
# v1.5.1 (2021-06-04)
* **Documentation**: Updated service client to latest API model.
# v1.5.0 (2021-05-20)
* **Feature**: API client updated
* **Dependency Update**: Updated to the latest SDK module versions
# v1.4.0 (2021-05-14)
* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting.
* **Dependency Update**: Updated to the latest SDK module versions

202
vendor/github.com/aws/aws-sdk-go-v2/service/iam/LICENSE.txt generated vendored Normal file
View File

@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

538
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_client.go generated vendored Normal file
View File

@ -0,0 +1,538 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/aws/defaults"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/retry"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy"
internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources"
smithy "github.com/aws/smithy-go"
smithydocument "github.com/aws/smithy-go/document"
"github.com/aws/smithy-go/logging"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
"net"
"net/http"
"time"
)
const ServiceID = "IAM"
const ServiceAPIVersion = "2010-05-08"
// Client provides the API client to make operations call for AWS Identity and
// Access Management.
type Client struct {
options Options
}
// New returns an initialized Client based on the functional options. Provide
// additional functional options to further configure the behavior of the client,
// such as changing the client's endpoint or adding custom middleware behavior.
func New(options Options, optFns ...func(*Options)) *Client {
options = options.Copy()
resolveDefaultLogger(&options)
setResolvedDefaultsMode(&options)
resolveRetryer(&options)
resolveHTTPClient(&options)
resolveHTTPSignerV4(&options)
resolveEndpointResolverV2(&options)
resolveAuthSchemeResolver(&options)
for _, fn := range optFns {
fn(&options)
}
finalizeRetryMaxAttempts(&options)
ignoreAnonymousAuth(&options)
wrapWithAnonymousAuth(&options)
resolveAuthSchemes(&options)
client := &Client{
options: options,
}
return client
}
// Options returns a copy of the client configuration.
//
// Callers SHOULD NOT perform mutations on any inner structures within client
// config. Config overrides should instead be made on a per-operation basis through
// functional options.
func (c *Client) Options() Options {
return c.options.Copy()
}
func (c *Client) invokeOperation(ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error) (result interface{}, metadata middleware.Metadata, err error) {
ctx = middleware.ClearStackValues(ctx)
stack := middleware.NewStack(opID, smithyhttp.NewStackRequest)
options := c.options.Copy()
for _, fn := range optFns {
fn(&options)
}
finalizeOperationRetryMaxAttempts(&options, *c)
finalizeClientEndpointResolverOptions(&options)
for _, fn := range stackFns {
if err := fn(stack, options); err != nil {
return nil, metadata, err
}
}
for _, fn := range options.APIOptions {
if err := fn(stack); err != nil {
return nil, metadata, err
}
}
handler := middleware.DecorateHandler(smithyhttp.NewClientHandler(options.HTTPClient), stack)
result, metadata, err = handler.Handle(ctx, params)
if err != nil {
err = &smithy.OperationError{
ServiceID: ServiceID,
OperationName: opID,
Err: err,
}
}
return result, metadata, err
}
type operationInputKey struct{}
func setOperationInput(ctx context.Context, input interface{}) context.Context {
return middleware.WithStackValue(ctx, operationInputKey{}, input)
}
func getOperationInput(ctx context.Context) interface{} {
return middleware.GetStackValue(ctx, operationInputKey{})
}
type setOperationInputMiddleware struct {
}
func (*setOperationInputMiddleware) ID() string {
return "setOperationInput"
}
func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
ctx = setOperationInput(ctx, in.Parameters)
return next.HandleSerialize(ctx, in)
}
func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error {
if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil {
return fmt.Errorf("add ResolveAuthScheme: %w", err)
}
if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil {
return fmt.Errorf("add GetIdentity: %v", err)
}
if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil {
return fmt.Errorf("add ResolveEndpointV2: %v", err)
}
if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", middleware.After); err != nil {
return fmt.Errorf("add Signing: %w", err)
}
return nil
}
func resolveAuthSchemeResolver(options *Options) {
if options.AuthSchemeResolver == nil {
options.AuthSchemeResolver = &defaultAuthSchemeResolver{}
}
}
func resolveAuthSchemes(options *Options) {
if options.AuthSchemes == nil {
options.AuthSchemes = []smithyhttp.AuthScheme{
internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{
Signer: options.HTTPSignerV4,
Logger: options.Logger,
LogSigning: options.ClientLogMode.IsSigning(),
}),
}
}
}
type noSmithyDocumentSerde = smithydocument.NoSerde
type legacyEndpointContextSetter struct {
LegacyResolver EndpointResolver
}
func (*legacyEndpointContextSetter) ID() string {
return "legacyEndpointContextSetter"
}
func (m *legacyEndpointContextSetter) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
out middleware.InitializeOutput, metadata middleware.Metadata, err error,
) {
if m.LegacyResolver != nil {
ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, true)
}
return next.HandleInitialize(ctx, in)
}
func addlegacyEndpointContextSetter(stack *middleware.Stack, o Options) error {
return stack.Initialize.Add(&legacyEndpointContextSetter{
LegacyResolver: o.EndpointResolver,
}, middleware.Before)
}
func resolveDefaultLogger(o *Options) {
if o.Logger != nil {
return
}
o.Logger = logging.Nop{}
}
func addSetLoggerMiddleware(stack *middleware.Stack, o Options) error {
return middleware.AddSetLoggerMiddleware(stack, o.Logger)
}
func setResolvedDefaultsMode(o *Options) {
if len(o.resolvedDefaultsMode) > 0 {
return
}
var mode aws.DefaultsMode
mode.SetFromString(string(o.DefaultsMode))
if mode == aws.DefaultsModeAuto {
mode = defaults.ResolveDefaultsModeAuto(o.Region, o.RuntimeEnvironment)
}
o.resolvedDefaultsMode = mode
}
// NewFromConfig returns a new client from the provided config.
func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client {
opts := Options{
Region: cfg.Region,
DefaultsMode: cfg.DefaultsMode,
RuntimeEnvironment: cfg.RuntimeEnvironment,
HTTPClient: cfg.HTTPClient,
Credentials: cfg.Credentials,
APIOptions: cfg.APIOptions,
Logger: cfg.Logger,
ClientLogMode: cfg.ClientLogMode,
AppID: cfg.AppID,
}
resolveAWSRetryerProvider(cfg, &opts)
resolveAWSRetryMaxAttempts(cfg, &opts)
resolveAWSRetryMode(cfg, &opts)
resolveAWSEndpointResolver(cfg, &opts)
resolveUseDualStackEndpoint(cfg, &opts)
resolveUseFIPSEndpoint(cfg, &opts)
resolveBaseEndpoint(cfg, &opts)
return New(opts, optFns...)
}
func resolveHTTPClient(o *Options) {
var buildable *awshttp.BuildableClient
if o.HTTPClient != nil {
var ok bool
buildable, ok = o.HTTPClient.(*awshttp.BuildableClient)
if !ok {
return
}
} else {
buildable = awshttp.NewBuildableClient()
}
modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode)
if err == nil {
buildable = buildable.WithDialerOptions(func(dialer *net.Dialer) {
if dialerTimeout, ok := modeConfig.GetConnectTimeout(); ok {
dialer.Timeout = dialerTimeout
}
})
buildable = buildable.WithTransportOptions(func(transport *http.Transport) {
if tlsHandshakeTimeout, ok := modeConfig.GetTLSNegotiationTimeout(); ok {
transport.TLSHandshakeTimeout = tlsHandshakeTimeout
}
})
}
o.HTTPClient = buildable
}
func resolveRetryer(o *Options) {
if o.Retryer != nil {
return
}
if len(o.RetryMode) == 0 {
modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode)
if err == nil {
o.RetryMode = modeConfig.RetryMode
}
}
if len(o.RetryMode) == 0 {
o.RetryMode = aws.RetryModeStandard
}
var standardOptions []func(*retry.StandardOptions)
if v := o.RetryMaxAttempts; v != 0 {
standardOptions = append(standardOptions, func(so *retry.StandardOptions) {
so.MaxAttempts = v
})
}
switch o.RetryMode {
case aws.RetryModeAdaptive:
var adaptiveOptions []func(*retry.AdaptiveModeOptions)
if len(standardOptions) != 0 {
adaptiveOptions = append(adaptiveOptions, func(ao *retry.AdaptiveModeOptions) {
ao.StandardOptions = append(ao.StandardOptions, standardOptions...)
})
}
o.Retryer = retry.NewAdaptiveMode(adaptiveOptions...)
default:
o.Retryer = retry.NewStandard(standardOptions...)
}
}
func resolveAWSRetryerProvider(cfg aws.Config, o *Options) {
if cfg.Retryer == nil {
return
}
o.Retryer = cfg.Retryer()
}
func resolveAWSRetryMode(cfg aws.Config, o *Options) {
if len(cfg.RetryMode) == 0 {
return
}
o.RetryMode = cfg.RetryMode
}
func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) {
if cfg.RetryMaxAttempts == 0 {
return
}
o.RetryMaxAttempts = cfg.RetryMaxAttempts
}
func finalizeRetryMaxAttempts(o *Options) {
if o.RetryMaxAttempts == 0 {
return
}
o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts)
}
func finalizeOperationRetryMaxAttempts(o *Options, client Client) {
if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts {
return
}
o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts)
}
func resolveAWSEndpointResolver(cfg aws.Config, o *Options) {
if cfg.EndpointResolver == nil && cfg.EndpointResolverWithOptions == nil {
return
}
o.EndpointResolver = withEndpointResolver(cfg.EndpointResolver, cfg.EndpointResolverWithOptions)
}
func addClientUserAgent(stack *middleware.Stack, options Options) error {
ua, err := getOrAddRequestUserAgent(stack)
if err != nil {
return err
}
ua.AddSDKAgentKeyValue(awsmiddleware.APIMetadata, "iam", goModuleVersion)
if len(options.AppID) > 0 {
ua.AddSDKAgentKey(awsmiddleware.ApplicationIdentifier, options.AppID)
}
return nil
}
func getOrAddRequestUserAgent(stack *middleware.Stack) (*awsmiddleware.RequestUserAgent, error) {
id := (*awsmiddleware.RequestUserAgent)(nil).ID()
mw, ok := stack.Build.Get(id)
if !ok {
mw = awsmiddleware.NewRequestUserAgent()
if err := stack.Build.Add(mw, middleware.After); err != nil {
return nil, err
}
}
ua, ok := mw.(*awsmiddleware.RequestUserAgent)
if !ok {
return nil, fmt.Errorf("%T for %s middleware did not match expected type", mw, id)
}
return ua, nil
}
type HTTPSignerV4 interface {
SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error
}
func resolveHTTPSignerV4(o *Options) {
if o.HTTPSignerV4 != nil {
return
}
o.HTTPSignerV4 = newDefaultV4Signer(*o)
}
func newDefaultV4Signer(o Options) *v4.Signer {
return v4.NewSigner(func(so *v4.SignerOptions) {
so.Logger = o.Logger
so.LogSigning = o.ClientLogMode.IsSigning()
})
}
func addClientRequestID(stack *middleware.Stack) error {
return stack.Build.Add(&awsmiddleware.ClientRequestID{}, middleware.After)
}
func addComputeContentLength(stack *middleware.Stack) error {
return stack.Build.Add(&smithyhttp.ComputeContentLength{}, middleware.After)
}
func addRawResponseToMetadata(stack *middleware.Stack) error {
return stack.Deserialize.Add(&awsmiddleware.AddRawResponse{}, middleware.Before)
}
func addRecordResponseTiming(stack *middleware.Stack) error {
return stack.Deserialize.Add(&awsmiddleware.RecordResponseTiming{}, middleware.After)
}
func addStreamingEventsPayload(stack *middleware.Stack) error {
return stack.Finalize.Add(&v4.StreamingEventsPayload{}, middleware.Before)
}
func addUnsignedPayload(stack *middleware.Stack) error {
return stack.Finalize.Insert(&v4.UnsignedPayload{}, "ResolveEndpointV2", middleware.After)
}
func addComputePayloadSHA256(stack *middleware.Stack) error {
return stack.Finalize.Insert(&v4.ComputePayloadSHA256{}, "ResolveEndpointV2", middleware.After)
}
func addContentSHA256Header(stack *middleware.Stack) error {
return stack.Finalize.Insert(&v4.ContentSHA256Header{}, (*v4.ComputePayloadSHA256)(nil).ID(), middleware.After)
}
func addRetry(stack *middleware.Stack, o Options) error {
attempt := retry.NewAttemptMiddleware(o.Retryer, smithyhttp.RequestCloner, func(m *retry.Attempt) {
m.LogAttempts = o.ClientLogMode.IsRetries()
})
if err := stack.Finalize.Insert(attempt, "Signing", middleware.Before); err != nil {
return err
}
if err := stack.Finalize.Insert(&retry.MetricsHeader{}, attempt.ID(), middleware.After); err != nil {
return err
}
return nil
}
// resolves dual-stack endpoint configuration
func resolveUseDualStackEndpoint(cfg aws.Config, o *Options) error {
if len(cfg.ConfigSources) == 0 {
return nil
}
value, found, err := internalConfig.ResolveUseDualStackEndpoint(context.Background(), cfg.ConfigSources)
if err != nil {
return err
}
if found {
o.EndpointOptions.UseDualStackEndpoint = value
}
return nil
}
// resolves FIPS endpoint configuration
func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error {
if len(cfg.ConfigSources) == 0 {
return nil
}
value, found, err := internalConfig.ResolveUseFIPSEndpoint(context.Background(), cfg.ConfigSources)
if err != nil {
return err
}
if found {
o.EndpointOptions.UseFIPSEndpoint = value
}
return nil
}
func addRecursionDetection(stack *middleware.Stack) error {
return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After)
}
func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error {
return stack.Deserialize.Insert(&awsmiddleware.RequestIDRetriever{}, "OperationDeserializer", middleware.Before)
}
func addResponseErrorMiddleware(stack *middleware.Stack) error {
return stack.Deserialize.Insert(&awshttp.ResponseErrorWrapper{}, "RequestIDRetriever", middleware.Before)
}
func addRequestResponseLogging(stack *middleware.Stack, o Options) error {
return stack.Deserialize.Add(&smithyhttp.RequestResponseLogger{
LogRequest: o.ClientLogMode.IsRequest(),
LogRequestWithBody: o.ClientLogMode.IsRequestWithBody(),
LogResponse: o.ClientLogMode.IsResponse(),
LogResponseWithBody: o.ClientLogMode.IsResponseWithBody(),
}, middleware.After)
}
type disableHTTPSMiddleware struct {
DisableHTTPS bool
}
func (*disableHTTPSMiddleware) ID() string {
return "disableHTTPS"
}
func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) {
req.URL.Scheme = "http"
}
return next.HandleFinalize(ctx, in)
}
func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error {
return stack.Finalize.Insert(&disableHTTPSMiddleware{
DisableHTTPS: o.EndpointOptions.DisableHTTPS,
}, "ResolveEndpointV2", middleware.After)
}

142
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_AddClientIDToOpenIDConnectProvider.go generated vendored Normal file
View File

@ -0,0 +1,142 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Adds a new client ID (also known as audience) to the list of client IDs already
// registered for the specified IAM OpenID Connect (OIDC) provider resource. This
// operation is idempotent; it does not fail or return an error if you add an
// existing client ID to the provider.
func (c *Client) AddClientIDToOpenIDConnectProvider(ctx context.Context, params *AddClientIDToOpenIDConnectProviderInput, optFns ...func(*Options)) (*AddClientIDToOpenIDConnectProviderOutput, error) {
if params == nil {
params = &AddClientIDToOpenIDConnectProviderInput{}
}
result, metadata, err := c.invokeOperation(ctx, "AddClientIDToOpenIDConnectProvider", params, optFns, c.addOperationAddClientIDToOpenIDConnectProviderMiddlewares)
if err != nil {
return nil, err
}
out := result.(*AddClientIDToOpenIDConnectProviderOutput)
out.ResultMetadata = metadata
return out, nil
}
type AddClientIDToOpenIDConnectProviderInput struct {
// The client ID (also known as audience) to add to the IAM OpenID Connect
// provider resource.
//
// This member is required.
ClientID *string
// The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider
// resource to add the client ID to. You can get a list of OIDC provider ARNs by
// using the ListOpenIDConnectProviders operation.
//
// This member is required.
OpenIDConnectProviderArn *string
noSmithyDocumentSerde
}
type AddClientIDToOpenIDConnectProviderOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationAddClientIDToOpenIDConnectProviderMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpAddClientIDToOpenIDConnectProvider{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAddClientIDToOpenIDConnectProvider{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "AddClientIDToOpenIDConnectProvider"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpAddClientIDToOpenIDConnectProviderValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAddClientIDToOpenIDConnectProvider(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opAddClientIDToOpenIDConnectProvider(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "AddClientIDToOpenIDConnectProvider",
}
}

154
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_AddRoleToInstanceProfile.go generated vendored Normal file
View File

@ -0,0 +1,154 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Adds the specified IAM role to the specified instance profile. An instance
// profile can contain only one role, and this quota cannot be increased. You can
// remove the existing role and then add a different role to an instance profile.
// You must then wait for the change to appear across all of Amazon Web Services
// because of eventual consistency (https://en.wikipedia.org/wiki/Eventual_consistency)
// . To force the change, you must disassociate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html)
// and then associate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html)
// , or you can stop your instance and then restart it. The caller of this
// operation must be granted the PassRole permission on the IAM role by a
// permissions policy. For more information about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)
// in the IAM User Guide. For more information about instance profiles, see Using
// instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html)
// in the IAM User Guide.
func (c *Client) AddRoleToInstanceProfile(ctx context.Context, params *AddRoleToInstanceProfileInput, optFns ...func(*Options)) (*AddRoleToInstanceProfileOutput, error) {
if params == nil {
params = &AddRoleToInstanceProfileInput{}
}
result, metadata, err := c.invokeOperation(ctx, "AddRoleToInstanceProfile", params, optFns, c.addOperationAddRoleToInstanceProfileMiddlewares)
if err != nil {
return nil, err
}
out := result.(*AddRoleToInstanceProfileOutput)
out.ResultMetadata = metadata
return out, nil
}
type AddRoleToInstanceProfileInput struct {
// The name of the instance profile to update. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of upper and lowercase alphanumeric characters with no spaces. You
// can also include any of the following characters: _+=,.@-
//
// This member is required.
InstanceProfileName *string
// The name of the role to add. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
RoleName *string
noSmithyDocumentSerde
}
type AddRoleToInstanceProfileOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationAddRoleToInstanceProfileMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpAddRoleToInstanceProfile{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAddRoleToInstanceProfile{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "AddRoleToInstanceProfile"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpAddRoleToInstanceProfileValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAddRoleToInstanceProfile(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opAddRoleToInstanceProfile(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "AddRoleToInstanceProfile",
}
}

142
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_AddUserToGroup.go generated vendored Normal file
View File

@ -0,0 +1,142 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Adds the specified user to the specified group.
func (c *Client) AddUserToGroup(ctx context.Context, params *AddUserToGroupInput, optFns ...func(*Options)) (*AddUserToGroupOutput, error) {
if params == nil {
params = &AddUserToGroupInput{}
}
result, metadata, err := c.invokeOperation(ctx, "AddUserToGroup", params, optFns, c.addOperationAddUserToGroupMiddlewares)
if err != nil {
return nil, err
}
out := result.(*AddUserToGroupOutput)
out.ResultMetadata = metadata
return out, nil
}
type AddUserToGroupInput struct {
// The name of the group to update. This parameter allows (through its regex
// pattern (http://wikipedia.org/wiki/regex) ) a string of characters consisting of
// upper and lowercase alphanumeric characters with no spaces. You can also include
// any of the following characters: _+=,.@-
//
// This member is required.
GroupName *string
// The name of the user to add. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type AddUserToGroupOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationAddUserToGroupMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpAddUserToGroup{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAddUserToGroup{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "AddUserToGroup"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpAddUserToGroupValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAddUserToGroup(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opAddUserToGroup(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "AddUserToGroup",
}
}

148
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_AttachGroupPolicy.go generated vendored Normal file
View File

@ -0,0 +1,148 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Attaches the specified managed policy to the specified IAM group. You use this
// operation to attach a managed policy to a group. To embed an inline policy in a
// group, use PutGroupPolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutGroupPolicy.html)
// . As a best practice, you can validate your IAM policies. To learn more, see
// Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
// in the IAM User Guide. For more information about policies, see Managed
// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) AttachGroupPolicy(ctx context.Context, params *AttachGroupPolicyInput, optFns ...func(*Options)) (*AttachGroupPolicyOutput, error) {
if params == nil {
params = &AttachGroupPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "AttachGroupPolicy", params, optFns, c.addOperationAttachGroupPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*AttachGroupPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type AttachGroupPolicyInput struct {
// The name (friendly name, not ARN) of the group to attach the policy to. This
// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex) )
// a string of characters consisting of upper and lowercase alphanumeric characters
// with no spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
GroupName *string
// The Amazon Resource Name (ARN) of the IAM policy you want to attach. For more
// information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
noSmithyDocumentSerde
}
type AttachGroupPolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationAttachGroupPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpAttachGroupPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAttachGroupPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "AttachGroupPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpAttachGroupPolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAttachGroupPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opAttachGroupPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "AttachGroupPolicy",
}
}

152
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_AttachRolePolicy.go generated vendored Normal file
View File

@ -0,0 +1,152 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Attaches the specified managed policy to the specified IAM role. When you
// attach a managed policy to a role, the managed policy becomes part of the role's
// permission (access) policy. You cannot use a managed policy as the role's trust
// policy. The role's trust policy is created at the same time as the role, using
// CreateRole (https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html)
// . You can update a role's trust policy using UpdateAssumerolePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAssumeRolePolicy.html)
// . Use this operation to attach a managed policy to a role. To embed an inline
// policy in a role, use PutRolePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePolicy.html)
// . For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide. As a best practice, you can validate your IAM policies.
// To learn more, see Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
// in the IAM User Guide.
func (c *Client) AttachRolePolicy(ctx context.Context, params *AttachRolePolicyInput, optFns ...func(*Options)) (*AttachRolePolicyOutput, error) {
if params == nil {
params = &AttachRolePolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "AttachRolePolicy", params, optFns, c.addOperationAttachRolePolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*AttachRolePolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type AttachRolePolicyInput struct {
// The Amazon Resource Name (ARN) of the IAM policy you want to attach. For more
// information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
// The name (friendly name, not ARN) of the role to attach the policy to. This
// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex) )
// a string of characters consisting of upper and lowercase alphanumeric characters
// with no spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
RoleName *string
noSmithyDocumentSerde
}
type AttachRolePolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationAttachRolePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpAttachRolePolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAttachRolePolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "AttachRolePolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpAttachRolePolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAttachRolePolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opAttachRolePolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "AttachRolePolicy",
}
}

148
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_AttachUserPolicy.go generated vendored Normal file
View File

@ -0,0 +1,148 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Attaches the specified managed policy to the specified user. You use this
// operation to attach a managed policy to a user. To embed an inline policy in a
// user, use PutUserPolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutUserPolicy.html)
// . As a best practice, you can validate your IAM policies. To learn more, see
// Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
// in the IAM User Guide. For more information about policies, see Managed
// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) AttachUserPolicy(ctx context.Context, params *AttachUserPolicyInput, optFns ...func(*Options)) (*AttachUserPolicyOutput, error) {
if params == nil {
params = &AttachUserPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "AttachUserPolicy", params, optFns, c.addOperationAttachUserPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*AttachUserPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type AttachUserPolicyInput struct {
// The Amazon Resource Name (ARN) of the IAM policy you want to attach. For more
// information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
// The name (friendly name, not ARN) of the IAM user to attach the policy to. This
// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex) )
// a string of characters consisting of upper and lowercase alphanumeric characters
// with no spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type AttachUserPolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationAttachUserPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpAttachUserPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAttachUserPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "AttachUserPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpAttachUserPolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAttachUserPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opAttachUserPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "AttachUserPolicy",
}
}

152
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_ChangePassword.go generated vendored Normal file
View File

@ -0,0 +1,152 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Changes the password of the IAM user who is calling this operation. This
// operation can be performed using the CLI, the Amazon Web Services API, or the My
// Security Credentials page in the Amazon Web Services Management Console. The
// Amazon Web Services account root user password is not affected by this
// operation. Use UpdateLoginProfile to use the CLI, the Amazon Web Services API,
// or the Users page in the IAM console to change the password for any IAM user.
// For more information about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
// in the IAM User Guide.
func (c *Client) ChangePassword(ctx context.Context, params *ChangePasswordInput, optFns ...func(*Options)) (*ChangePasswordOutput, error) {
if params == nil {
params = &ChangePasswordInput{}
}
result, metadata, err := c.invokeOperation(ctx, "ChangePassword", params, optFns, c.addOperationChangePasswordMiddlewares)
if err != nil {
return nil, err
}
out := result.(*ChangePasswordOutput)
out.ResultMetadata = metadata
return out, nil
}
type ChangePasswordInput struct {
// The new password. The new password must conform to the Amazon Web Services
// account's password policy, if one exists. The regex pattern (http://wikipedia.org/wiki/regex)
// that is used to validate this parameter is a string of characters. That string
// can include almost any printable ASCII character from the space ( \u0020 )
// through the end of the ASCII character range ( \u00FF ). You can also include
// the tab ( \u0009 ), line feed ( \u000A ), and carriage return ( \u000D )
// characters. Any of these characters are valid in a password. However, many
// tools, such as the Amazon Web Services Management Console, might restrict the
// ability to type certain characters because they have special meaning within that
// tool.
//
// This member is required.
NewPassword *string
// The IAM user's current password.
//
// This member is required.
OldPassword *string
noSmithyDocumentSerde
}
type ChangePasswordOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationChangePasswordMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpChangePassword{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpChangePassword{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "ChangePassword"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpChangePasswordValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opChangePassword(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opChangePassword(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "ChangePassword",
}
}

150
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateAccessKey.go generated vendored Normal file
View File

@ -0,0 +1,150 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates a new Amazon Web Services secret access key and corresponding Amazon
// Web Services access key ID for the specified user. The default status for new
// keys is Active . If you do not specify a user name, IAM determines the user name
// implicitly based on the Amazon Web Services access key ID signing the request.
// This operation works for access keys under the Amazon Web Services account.
// Consequently, you can use this operation to manage Amazon Web Services account
// root user credentials. This is true even if the Amazon Web Services account has
// no associated users. For information about quotas on the number of keys you can
// create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
// in the IAM User Guide. To ensure the security of your Amazon Web Services
// account, the secret access key is accessible only during key and user creation.
// You must save the key (for example, in a text file) if you want to be able to
// access it again. If a secret key is lost, you can delete the access keys for the
// associated user and then create new keys.
func (c *Client) CreateAccessKey(ctx context.Context, params *CreateAccessKeyInput, optFns ...func(*Options)) (*CreateAccessKeyOutput, error) {
if params == nil {
params = &CreateAccessKeyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateAccessKey", params, optFns, c.addOperationCreateAccessKeyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateAccessKeyOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateAccessKeyInput struct {
// The name of the IAM user that the new key will belong to. This parameter allows
// (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string of
// characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
UserName *string
noSmithyDocumentSerde
}
// Contains the response to a successful CreateAccessKey request.
type CreateAccessKeyOutput struct {
// A structure with details about the access key.
//
// This member is required.
AccessKey *types.AccessKey
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateAccessKeyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateAccessKey{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateAccessKey{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateAccessKey"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateAccessKey(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateAccessKey(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateAccessKey",
}
}

136
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateAccountAlias.go generated vendored Normal file
View File

@ -0,0 +1,136 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates an alias for your Amazon Web Services account. For information about
// using an Amazon Web Services account alias, see Creating, deleting, and listing
// an Amazon Web Services account alias (https://docs.aws.amazon.com/signin/latest/userguide/CreateAccountAlias.html)
// in the Amazon Web Services Sign-In User Guide.
func (c *Client) CreateAccountAlias(ctx context.Context, params *CreateAccountAliasInput, optFns ...func(*Options)) (*CreateAccountAliasOutput, error) {
if params == nil {
params = &CreateAccountAliasInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateAccountAlias", params, optFns, c.addOperationCreateAccountAliasMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateAccountAliasOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateAccountAliasInput struct {
// The account alias to create. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of lowercase letters, digits, and dashes.
// You cannot start or finish with a dash, nor can you have two dashes in a row.
//
// This member is required.
AccountAlias *string
noSmithyDocumentSerde
}
type CreateAccountAliasOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateAccountAliasMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateAccountAlias{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateAccountAlias{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateAccountAlias"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateAccountAliasValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateAccountAlias(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateAccountAlias(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateAccountAlias",
}
}

153
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateGroup.go generated vendored Normal file
View File

@ -0,0 +1,153 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates a new group. For information about the number of groups you can create,
// see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
// in the IAM User Guide.
func (c *Client) CreateGroup(ctx context.Context, params *CreateGroupInput, optFns ...func(*Options)) (*CreateGroupOutput, error) {
if params == nil {
params = &CreateGroupInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateGroup", params, optFns, c.addOperationCreateGroupMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateGroupOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateGroupInput struct {
// The name of the group to create. Do not include the path in this value. IAM
// user, group, role, and policy names must be unique within the account. Names are
// not distinguished by case. For example, you cannot create resources named both
// "MyResource" and "myresource".
//
// This member is required.
GroupName *string
// The path to the group. For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
// in the IAM User Guide. This parameter is optional. If it is not included, it
// defaults to a slash (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of either a forward slash (/) by itself or a
// string that must begin and end with forward slashes. In addition, it can contain
// any ASCII character from the ! ( \u0021 ) through the DEL character ( \u007F ),
// including most punctuation characters, digits, and upper and lowercased letters.
Path *string
noSmithyDocumentSerde
}
// Contains the response to a successful CreateGroup request.
type CreateGroupOutput struct {
// A structure containing details about the new group.
//
// This member is required.
Group *types.Group
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateGroupMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateGroup{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateGroup{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateGroup"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateGroupValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateGroup(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateGroup(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateGroup",
}
}

165
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateInstanceProfile.go generated vendored Normal file
View File

@ -0,0 +1,165 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates a new instance profile. For information about instance profiles, see
// Using roles for applications on Amazon EC2 (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html)
// in the IAM User Guide, and Instance profiles (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#ec2-instance-profile)
// in the Amazon EC2 User Guide. For information about the number of instance
// profiles you can create, see IAM object quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
// in the IAM User Guide.
func (c *Client) CreateInstanceProfile(ctx context.Context, params *CreateInstanceProfileInput, optFns ...func(*Options)) (*CreateInstanceProfileOutput, error) {
if params == nil {
params = &CreateInstanceProfileInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateInstanceProfile", params, optFns, c.addOperationCreateInstanceProfileMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateInstanceProfileOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateInstanceProfileInput struct {
// The name of the instance profile to create. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of upper and lowercase alphanumeric characters with no spaces. You
// can also include any of the following characters: _+=,.@-
//
// This member is required.
InstanceProfileName *string
// The path to the instance profile. For more information about paths, see IAM
// Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
// in the IAM User Guide. This parameter is optional. If it is not included, it
// defaults to a slash (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of either a forward slash (/) by itself or a
// string that must begin and end with forward slashes. In addition, it can contain
// any ASCII character from the ! ( \u0021 ) through the DEL character ( \u007F ),
// including most punctuation characters, digits, and upper and lowercased letters.
Path *string
// A list of tags that you want to attach to the newly created IAM instance
// profile. Each tag consists of a key name and an associated value. For more
// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide. If any one of the tags is invalid or if you exceed the
// allowed maximum number of tags, then the entire request fails and the resource
// is not created.
Tags []types.Tag
noSmithyDocumentSerde
}
// Contains the response to a successful CreateInstanceProfile request.
type CreateInstanceProfileOutput struct {
// A structure containing details about the new instance profile.
//
// This member is required.
InstanceProfile *types.InstanceProfile
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateInstanceProfileMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateInstanceProfile{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateInstanceProfile{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateInstanceProfile"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateInstanceProfileValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateInstanceProfile(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateInstanceProfile(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateInstanceProfile",
}
}

166
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateLoginProfile.go generated vendored Normal file
View File

@ -0,0 +1,166 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates a password for the specified IAM user. A password allows an IAM user to
// access Amazon Web Services services through the Amazon Web Services Management
// Console. You can use the CLI, the Amazon Web Services API, or the Users page in
// the IAM console to create a password for any IAM user. Use ChangePassword to
// update your own existing password in the My Security Credentials page in the
// Amazon Web Services Management Console. For more information about managing
// passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
// in the IAM User Guide.
func (c *Client) CreateLoginProfile(ctx context.Context, params *CreateLoginProfileInput, optFns ...func(*Options)) (*CreateLoginProfileOutput, error) {
if params == nil {
params = &CreateLoginProfileInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateLoginProfile", params, optFns, c.addOperationCreateLoginProfileMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateLoginProfileOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateLoginProfileInput struct {
// The new password for the user. The regex pattern (http://wikipedia.org/wiki/regex)
// that is used to validate this parameter is a string of characters. That string
// can include almost any printable ASCII character from the space ( \u0020 )
// through the end of the ASCII character range ( \u00FF ). You can also include
// the tab ( \u0009 ), line feed ( \u000A ), and carriage return ( \u000D )
// characters. Any of these characters are valid in a password. However, many
// tools, such as the Amazon Web Services Management Console, might restrict the
// ability to type certain characters because they have special meaning within that
// tool.
//
// This member is required.
Password *string
// The name of the IAM user to create a password for. The user must already exist.
// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
UserName *string
// Specifies whether the user is required to set a new password on next sign-in.
PasswordResetRequired bool
noSmithyDocumentSerde
}
// Contains the response to a successful CreateLoginProfile request.
type CreateLoginProfileOutput struct {
// A structure containing the user name and password create date.
//
// This member is required.
LoginProfile *types.LoginProfile
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateLoginProfileMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateLoginProfile{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateLoginProfile{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateLoginProfile"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateLoginProfileValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateLoginProfile(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateLoginProfile(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateLoginProfile",
}
}

217
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateOpenIDConnectProvider.go generated vendored Normal file
View File

@ -0,0 +1,217 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates an IAM entity to describe an identity provider (IdP) that supports
// OpenID Connect (OIDC) (http://openid.net/connect/) . The OIDC provider that you
// create with this operation can be used as a principal in a role's trust policy.
// Such a policy establishes a trust relationship between Amazon Web Services and
// the OIDC provider. If you are using an OIDC identity provider from Google,
// Facebook, or Amazon Cognito, you don't need to create a separate IAM identity
// provider. These OIDC identity providers are already built-in to Amazon Web
// Services and are available for your use. Instead, you can move directly to
// creating new roles using your identity provider. To learn more, see Creating a
// role for web identity or OpenID connect federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_oidc.html)
// in the IAM User Guide. When you create the IAM OIDC provider, you specify the
// following:
// - The URL of the OIDC identity provider (IdP) to trust
// - A list of client IDs (also known as audiences) that identify the
// application or applications allowed to authenticate using the OIDC provider
// - A list of tags that are attached to the specified IAM OIDC provider
// - A list of thumbprints of one or more server certificates that the IdP uses
//
// You get all of this information from the OIDC IdP you want to use to access
// Amazon Web Services. Amazon Web Services secures communication with some OIDC
// identity providers (IdPs) through our library of trusted root certificate
// authorities (CAs) instead of using a certificate thumbprint to verify your IdP
// server certificate. In these cases, your legacy thumbprint remains in your
// configuration, but is no longer used for validation. These OIDC IdPs include
// Auth0, GitHub, GitLab, Google, and those that use an Amazon S3 bucket to host a
// JSON Web Key Set (JWKS) endpoint. The trust for the OIDC provider is derived
// from the IAM provider that this operation creates. Therefore, it is best to
// limit access to the CreateOpenIDConnectProvider operation to highly privileged
// users.
func (c *Client) CreateOpenIDConnectProvider(ctx context.Context, params *CreateOpenIDConnectProviderInput, optFns ...func(*Options)) (*CreateOpenIDConnectProviderOutput, error) {
if params == nil {
params = &CreateOpenIDConnectProviderInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateOpenIDConnectProvider", params, optFns, c.addOperationCreateOpenIDConnectProviderMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateOpenIDConnectProviderOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateOpenIDConnectProviderInput struct {
// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity
// provider's server certificates. Typically this list includes only one entry.
// However, IAM lets you have up to five thumbprints for an OIDC provider. This
// lets you maintain multiple thumbprints if the identity provider is rotating
// certificates. The server certificate thumbprint is the hex-encoded SHA-1 hash
// value of the X.509 certificate used by the domain where the OpenID Connect
// provider makes its keys available. It is always a 40-character string. You must
// provide at least one thumbprint when creating an IAM OIDC provider. For example,
// assume that the OIDC provider is server.example.com and the provider stores its
// keys at https://keys.server.example.com/openid-connect. In that case, the
// thumbprint string would be the hex-encoded SHA-1 hash value of the certificate
// used by https://keys.server.example.com. For more information about obtaining
// the OIDC provider thumbprint, see Obtaining the thumbprint for an OpenID
// Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)
// in the IAM user Guide.
//
// This member is required.
ThumbprintList []string
// The URL of the identity provider. The URL must begin with https:// and should
// correspond to the iss claim in the provider's OpenID Connect ID tokens. Per the
// OIDC standard, path components are allowed but query parameters are not.
// Typically the URL consists of only a hostname, like https://server.example.org
// or https://example.com . The URL should not contain a port number. You cannot
// register the same provider multiple times in a single Amazon Web Services
// account. If you try to submit a URL that has already been used for an OpenID
// Connect provider in the Amazon Web Services account, you will get an error.
//
// This member is required.
Url *string
// Provides a list of client IDs, also known as audiences. When a mobile or web
// app registers with an OpenID Connect provider, they establish a value that
// identifies the application. This is the value that's sent as the client_id
// parameter on OAuth requests. You can register multiple client IDs with the same
// provider. For example, you might have multiple applications that use the same
// OIDC provider. You cannot register more than 100 client IDs with a single IAM
// OIDC provider. There is no defined format for a client ID. The
// CreateOpenIDConnectProviderRequest operation accepts client IDs up to 255
// characters long.
ClientIDList []string
// A list of tags that you want to attach to the new IAM OpenID Connect (OIDC)
// provider. Each tag consists of a key name and an associated value. For more
// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide. If any one of the tags is invalid or if you exceed the
// allowed maximum number of tags, then the entire request fails and the resource
// is not created.
Tags []types.Tag
noSmithyDocumentSerde
}
// Contains the response to a successful CreateOpenIDConnectProvider request.
type CreateOpenIDConnectProviderOutput struct {
// The Amazon Resource Name (ARN) of the new IAM OpenID Connect provider that is
// created. For more information, see OpenIDConnectProviderListEntry .
OpenIDConnectProviderArn *string
// A list of tags that are attached to the new IAM OIDC provider. The returned
// list of tags is sorted by tag key. For more information about tagging, see
// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide.
Tags []types.Tag
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateOpenIDConnectProviderMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateOpenIDConnectProvider{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateOpenIDConnectProvider{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateOpenIDConnectProvider"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateOpenIDConnectProviderValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateOpenIDConnectProvider(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateOpenIDConnectProvider(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateOpenIDConnectProvider",
}
}

194
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreatePolicy.go generated vendored Normal file
View File

@ -0,0 +1,194 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates a new managed policy for your Amazon Web Services account. This
// operation creates a policy version with a version identifier of v1 and sets v1
// as the policy's default version. For more information about policy versions, see
// Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
// in the IAM User Guide. As a best practice, you can validate your IAM policies.
// To learn more, see Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
// in the IAM User Guide. For more information about managed policies in general,
// see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) CreatePolicy(ctx context.Context, params *CreatePolicyInput, optFns ...func(*Options)) (*CreatePolicyOutput, error) {
if params == nil {
params = &CreatePolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreatePolicy", params, optFns, c.addOperationCreatePolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreatePolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreatePolicyInput struct {
// The JSON policy document that you want to use as the content for the new
// policy. You must provide policies in JSON format in IAM. However, for
// CloudFormation templates formatted in YAML, you can provide the policy in JSON
// or YAML format. CloudFormation always converts a YAML policy to JSON format
// before submitting it to IAM. The maximum length of the policy document that you
// can pass in this operation, including whitespace, is listed below. To view the
// maximum character counts of a managed policy with no whitespaces, see IAM and
// STS character quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length)
// . To learn more about JSON policy grammar, see Grammar of the IAM JSON policy
// language (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html)
// in the IAM User Guide. The regex pattern (http://wikipedia.org/wiki/regex) used
// to validate this parameter is a string of characters consisting of the
// following:
// - Any printable ASCII character ranging from the space character ( \u0020 )
// through the end of the ASCII character range
// - The printable characters in the Basic Latin and Latin-1 Supplement
// character set (through \u00FF )
// - The special characters tab ( \u0009 ), line feed ( \u000A ), and carriage
// return ( \u000D )
//
// This member is required.
PolicyDocument *string
// The friendly name of the policy. IAM user, group, role, and policy names must
// be unique within the account. Names are not distinguished by case. For example,
// you cannot create resources named both "MyResource" and "myresource".
//
// This member is required.
PolicyName *string
// A friendly description of the policy. Typically used to store information about
// the permissions defined in the policy. For example, "Grants access to production
// DynamoDB tables." The policy description is immutable. After a value is
// assigned, it cannot be changed.
Description *string
// The path for the policy. For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
// in the IAM User Guide. This parameter is optional. If it is not included, it
// defaults to a slash (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of either a forward slash (/) by itself or a
// string that must begin and end with forward slashes. In addition, it can contain
// any ASCII character from the ! ( \u0021 ) through the DEL character ( \u007F ),
// including most punctuation characters, digits, and upper and lowercased letters.
// You cannot use an asterisk (*) in the path name.
Path *string
// A list of tags that you want to attach to the new IAM customer managed policy.
// Each tag consists of a key name and an associated value. For more information
// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide. If any one of the tags is invalid or if you exceed the
// allowed maximum number of tags, then the entire request fails and the resource
// is not created.
Tags []types.Tag
noSmithyDocumentSerde
}
// Contains the response to a successful CreatePolicy request.
type CreatePolicyOutput struct {
// A structure containing details about the new policy.
Policy *types.Policy
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreatePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreatePolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreatePolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreatePolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreatePolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreatePolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreatePolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreatePolicy",
}
}

175
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreatePolicyVersion.go generated vendored Normal file
View File

@ -0,0 +1,175 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates a new version of the specified managed policy. To update a managed
// policy, you create a new policy version. A managed policy can have up to five
// versions. If the policy has five versions, you must delete an existing version
// using DeletePolicyVersion before you create a new version. Optionally, you can
// set the new version as the policy's default version. The default version is the
// version that is in effect for the IAM users, groups, and roles to which the
// policy is attached. For more information about managed policy versions, see
// Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
// in the IAM User Guide.
func (c *Client) CreatePolicyVersion(ctx context.Context, params *CreatePolicyVersionInput, optFns ...func(*Options)) (*CreatePolicyVersionOutput, error) {
if params == nil {
params = &CreatePolicyVersionInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreatePolicyVersion", params, optFns, c.addOperationCreatePolicyVersionMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreatePolicyVersionOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreatePolicyVersionInput struct {
// The Amazon Resource Name (ARN) of the IAM policy to which you want to add a new
// version. For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
// The JSON policy document that you want to use as the content for this new
// version of the policy. You must provide policies in JSON format in IAM. However,
// for CloudFormation templates formatted in YAML, you can provide the policy in
// JSON or YAML format. CloudFormation always converts a YAML policy to JSON format
// before submitting it to IAM. The maximum length of the policy document that you
// can pass in this operation, including whitespace, is listed below. To view the
// maximum character counts of a managed policy with no whitespaces, see IAM and
// STS character quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length)
// . The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
// parameter is a string of characters consisting of the following:
// - Any printable ASCII character ranging from the space character ( \u0020 )
// through the end of the ASCII character range
// - The printable characters in the Basic Latin and Latin-1 Supplement
// character set (through \u00FF )
// - The special characters tab ( \u0009 ), line feed ( \u000A ), and carriage
// return ( \u000D )
//
// This member is required.
PolicyDocument *string
// Specifies whether to set this version as the policy's default version. When
// this parameter is true , the new policy version becomes the operative version.
// That is, it becomes the version that is in effect for the IAM users, groups, and
// roles that the policy is attached to. For more information about managed policy
// versions, see Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
// in the IAM User Guide.
SetAsDefault bool
noSmithyDocumentSerde
}
// Contains the response to a successful CreatePolicyVersion request.
type CreatePolicyVersionOutput struct {
// A structure containing details about the new policy version.
PolicyVersion *types.PolicyVersion
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreatePolicyVersionMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreatePolicyVersion{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreatePolicyVersion{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreatePolicyVersion"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreatePolicyVersionValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreatePolicyVersion(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreatePolicyVersion(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreatePolicyVersion",
}
}

212
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateRole.go generated vendored Normal file
View File

@ -0,0 +1,212 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates a new role for your Amazon Web Services account. For more information
// about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)
// in the IAM User Guide. For information about quotas for role names and the
// number of roles you can create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
// in the IAM User Guide.
func (c *Client) CreateRole(ctx context.Context, params *CreateRoleInput, optFns ...func(*Options)) (*CreateRoleOutput, error) {
if params == nil {
params = &CreateRoleInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateRole", params, optFns, c.addOperationCreateRoleMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateRoleOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateRoleInput struct {
// The trust relationship policy document that grants an entity permission to
// assume the role. In IAM, you must provide a JSON policy that has been converted
// to a string. However, for CloudFormation templates formatted in YAML, you can
// provide the policy in JSON or YAML format. CloudFormation always converts a YAML
// policy to JSON format before submitting it to IAM. The regex pattern (http://wikipedia.org/wiki/regex)
// used to validate this parameter is a string of characters consisting of the
// following:
// - Any printable ASCII character ranging from the space character ( \u0020 )
// through the end of the ASCII character range
// - The printable characters in the Basic Latin and Latin-1 Supplement
// character set (through \u00FF )
// - The special characters tab ( \u0009 ), line feed ( \u000A ), and carriage
// return ( \u000D )
// Upon success, the response includes the same trust policy in JSON format.
//
// This member is required.
AssumeRolePolicyDocument *string
// The name of the role to create. IAM user, group, role, and policy names must be
// unique within the account. Names are not distinguished by case. For example, you
// cannot create resources named both "MyResource" and "myresource". This parameter
// allows (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string
// of characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
RoleName *string
// A description of the role.
Description *string
// The maximum session duration (in seconds) that you want to set for the
// specified role. If you do not specify a value for this setting, the default
// value of one hour is applied. This setting can have a value from 1 hour to 12
// hours. Anyone who assumes the role from the CLI or API can use the
// DurationSeconds API parameter or the duration-seconds CLI parameter to request
// a longer session. The MaxSessionDuration setting determines the maximum
// duration that can be requested using the DurationSeconds parameter. If users
// don't specify a value for the DurationSeconds parameter, their security
// credentials are valid for one hour by default. This applies when you use the
// AssumeRole* API operations or the assume-role* CLI operations but does not
// apply when you use those operations to create a console URL. For more
// information, see Using IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html)
// in the IAM User Guide.
MaxSessionDuration *int32
// The path to the role. For more information about paths, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
// in the IAM User Guide. This parameter is optional. If it is not included, it
// defaults to a slash (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of either a forward slash (/) by itself or a
// string that must begin and end with forward slashes. In addition, it can contain
// any ASCII character from the ! ( \u0021 ) through the DEL character ( \u007F ),
// including most punctuation characters, digits, and upper and lowercased letters.
Path *string
// The ARN of the managed policy that is used to set the permissions boundary for
// the role. A permissions boundary policy defines the maximum permissions that
// identity-based policies can grant to an entity, but does not grant permissions.
// Permissions boundaries do not define the maximum permissions that a
// resource-based policy can grant to an entity. To learn more, see Permissions
// boundaries for IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
// in the IAM User Guide. For more information about policy types, see Policy
// types (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types)
// in the IAM User Guide.
PermissionsBoundary *string
// A list of tags that you want to attach to the new role. Each tag consists of a
// key name and an associated value. For more information about tagging, see
// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide. If any one of the tags is invalid or if you exceed the
// allowed maximum number of tags, then the entire request fails and the resource
// is not created.
Tags []types.Tag
noSmithyDocumentSerde
}
// Contains the response to a successful CreateRole request.
type CreateRoleOutput struct {
// A structure containing details about the new role.
//
// This member is required.
Role *types.Role
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateRoleMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateRole{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateRole{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateRole"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateRoleValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateRole(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateRole(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateRole",
}
}

180
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateSAMLProvider.go generated vendored Normal file
View File

@ -0,0 +1,180 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates an IAM resource that describes an identity provider (IdP) that supports
// SAML 2.0. The SAML provider resource that you create with this operation can be
// used as a principal in an IAM role's trust policy. Such a policy can enable
// federated users who sign in using the SAML IdP to assume the role. You can
// create an IAM role that supports Web-based single sign-on (SSO) to the Amazon
// Web Services Management Console or one that supports API access to Amazon Web
// Services. When you create the SAML provider resource, you upload a SAML metadata
// document that you get from your IdP. That document includes the issuer's name,
// expiration information, and keys that can be used to validate the SAML
// authentication response (assertions) that the IdP sends. You must generate the
// metadata document using the identity management software that is used as your
// organization's IdP. This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html)
// . For more information, see Enabling SAML 2.0 federated users to access the
// Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html)
// and About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
// in the IAM User Guide.
func (c *Client) CreateSAMLProvider(ctx context.Context, params *CreateSAMLProviderInput, optFns ...func(*Options)) (*CreateSAMLProviderOutput, error) {
if params == nil {
params = &CreateSAMLProviderInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateSAMLProvider", params, optFns, c.addOperationCreateSAMLProviderMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateSAMLProviderOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateSAMLProviderInput struct {
// The name of the provider to create. This parameter allows (through its regex
// pattern (http://wikipedia.org/wiki/regex) ) a string of characters consisting of
// upper and lowercase alphanumeric characters with no spaces. You can also include
// any of the following characters: _+=,.@-
//
// This member is required.
Name *string
// An XML document generated by an identity provider (IdP) that supports SAML 2.0.
// The document includes the issuer's name, expiration information, and keys that
// can be used to validate the SAML authentication response (assertions) that are
// received from the IdP. You must generate the metadata document using the
// identity management software that is used as your organization's IdP. For more
// information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
// in the IAM User Guide
//
// This member is required.
SAMLMetadataDocument *string
// A list of tags that you want to attach to the new IAM SAML provider. Each tag
// consists of a key name and an associated value. For more information about
// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide. If any one of the tags is invalid or if you exceed the
// allowed maximum number of tags, then the entire request fails and the resource
// is not created.
Tags []types.Tag
noSmithyDocumentSerde
}
// Contains the response to a successful CreateSAMLProvider request.
type CreateSAMLProviderOutput struct {
// The Amazon Resource Name (ARN) of the new SAML provider resource in IAM.
SAMLProviderArn *string
// A list of tags that are attached to the new IAM SAML provider. The returned
// list of tags is sorted by tag key. For more information about tagging, see
// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide.
Tags []types.Tag
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateSAMLProviderMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateSAMLProvider{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateSAMLProvider{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateSAMLProvider"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateSAMLProviderValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateSAMLProvider(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateSAMLProvider(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateSAMLProvider",
}
}

164
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateServiceLinkedRole.go generated vendored Normal file
View File

@ -0,0 +1,164 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates an IAM role that is linked to a specific Amazon Web Services service.
// The service controls the attached policies and when the role can be deleted.
// This helps ensure that the service is not broken by an unexpectedly changed or
// deleted role, which could put your Amazon Web Services resources into an unknown
// state. Allowing the service to control the role helps improve service stability
// and proper cleanup when a service and its role are no longer needed. For more
// information, see Using service-linked roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html)
// in the IAM User Guide. To attach a policy to this service-linked role, you must
// make the request using the Amazon Web Services service that depends on this
// role.
func (c *Client) CreateServiceLinkedRole(ctx context.Context, params *CreateServiceLinkedRoleInput, optFns ...func(*Options)) (*CreateServiceLinkedRoleOutput, error) {
if params == nil {
params = &CreateServiceLinkedRoleInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateServiceLinkedRole", params, optFns, c.addOperationCreateServiceLinkedRoleMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateServiceLinkedRoleOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateServiceLinkedRoleInput struct {
// The service principal for the Amazon Web Services service to which this role is
// attached. You use a string similar to a URL but without the http:// in front.
// For example: elasticbeanstalk.amazonaws.com . Service principals are unique and
// case-sensitive. To find the exact service principal for your service-linked
// role, see Amazon Web Services services that work with IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)
// in the IAM User Guide. Look for the services that have Yes in the Service-Linked
// Role column. Choose the Yes link to view the service-linked role documentation
// for that service.
//
// This member is required.
AWSServiceName *string
// A string that you provide, which is combined with the service-provided prefix
// to form the complete role name. If you make multiple requests for the same
// service, then you must supply a different CustomSuffix for each request.
// Otherwise the request fails with a duplicate role name error. For example, you
// could add -1 or -debug to the suffix. Some services do not support the
// CustomSuffix parameter. If you provide an optional suffix and the operation
// fails, try the operation again without the suffix.
CustomSuffix *string
// The description of the role.
Description *string
noSmithyDocumentSerde
}
type CreateServiceLinkedRoleOutput struct {
// A Role object that contains details about the newly created role.
Role *types.Role
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateServiceLinkedRoleMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateServiceLinkedRole{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateServiceLinkedRole{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateServiceLinkedRole"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateServiceLinkedRoleValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateServiceLinkedRole(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateServiceLinkedRole(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateServiceLinkedRole",
}
}

160
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateServiceSpecificCredential.go generated vendored Normal file
View File

@ -0,0 +1,160 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Generates a set of credentials consisting of a user name and password that can
// be used to access the service specified in the request. These credentials are
// generated by IAM, and can be used only for the specified service. You can have a
// maximum of two sets of service-specific credentials for each supported service
// per user. You can create service-specific credentials for CodeCommit and Amazon
// Keyspaces (for Apache Cassandra). You can reset the password to a new
// service-generated value by calling ResetServiceSpecificCredential . For more
// information about service-specific credentials, see Using IAM with CodeCommit:
// Git credentials, SSH keys, and Amazon Web Services access keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html)
// in the IAM User Guide.
func (c *Client) CreateServiceSpecificCredential(ctx context.Context, params *CreateServiceSpecificCredentialInput, optFns ...func(*Options)) (*CreateServiceSpecificCredentialOutput, error) {
if params == nil {
params = &CreateServiceSpecificCredentialInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateServiceSpecificCredential", params, optFns, c.addOperationCreateServiceSpecificCredentialMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateServiceSpecificCredentialOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateServiceSpecificCredentialInput struct {
// The name of the Amazon Web Services service that is to be associated with the
// credentials. The service you specify here is the only service that can be
// accessed using these credentials.
//
// This member is required.
ServiceName *string
// The name of the IAM user that is to be associated with the credentials. The new
// service-specific credentials have the same permissions as the associated user
// except that they can be used only to access the specified service. This
// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex) )
// a string of characters consisting of upper and lowercase alphanumeric characters
// with no spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type CreateServiceSpecificCredentialOutput struct {
// A structure that contains information about the newly created service-specific
// credential. This is the only time that the password for this credential set is
// available. It cannot be recovered later. Instead, you must reset the password
// with ResetServiceSpecificCredential .
ServiceSpecificCredential *types.ServiceSpecificCredential
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateServiceSpecificCredentialMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateServiceSpecificCredential{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateServiceSpecificCredential{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateServiceSpecificCredential"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateServiceSpecificCredentialValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateServiceSpecificCredential(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateServiceSpecificCredential(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateServiceSpecificCredential",
}
}

170
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateUser.go generated vendored Normal file
View File

@ -0,0 +1,170 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates a new IAM user for your Amazon Web Services account. For information
// about quotas for the number of IAM users you can create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
// in the IAM User Guide.
func (c *Client) CreateUser(ctx context.Context, params *CreateUserInput, optFns ...func(*Options)) (*CreateUserOutput, error) {
if params == nil {
params = &CreateUserInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateUser", params, optFns, c.addOperationCreateUserMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateUserOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateUserInput struct {
// The name of the user to create. IAM user, group, role, and policy names must be
// unique within the account. Names are not distinguished by case. For example, you
// cannot create resources named both "MyResource" and "myresource".
//
// This member is required.
UserName *string
// The path for the user name. For more information about paths, see IAM
// identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
// in the IAM User Guide. This parameter is optional. If it is not included, it
// defaults to a slash (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of either a forward slash (/) by itself or a
// string that must begin and end with forward slashes. In addition, it can contain
// any ASCII character from the ! ( \u0021 ) through the DEL character ( \u007F ),
// including most punctuation characters, digits, and upper and lowercased letters.
Path *string
// The ARN of the managed policy that is used to set the permissions boundary for
// the user. A permissions boundary policy defines the maximum permissions that
// identity-based policies can grant to an entity, but does not grant permissions.
// Permissions boundaries do not define the maximum permissions that a
// resource-based policy can grant to an entity. To learn more, see Permissions
// boundaries for IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
// in the IAM User Guide. For more information about policy types, see Policy
// types (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types)
// in the IAM User Guide.
PermissionsBoundary *string
// A list of tags that you want to attach to the new user. Each tag consists of a
// key name and an associated value. For more information about tagging, see
// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide. If any one of the tags is invalid or if you exceed the
// allowed maximum number of tags, then the entire request fails and the resource
// is not created.
Tags []types.Tag
noSmithyDocumentSerde
}
// Contains the response to a successful CreateUser request.
type CreateUserOutput struct {
// A structure with details about the new IAM user.
User *types.User
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateUserMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateUser{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateUser{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateUser"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateUserValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateUser(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateUser(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateUser",
}
}

171
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateVirtualMFADevice.go generated vendored Normal file
View File

@ -0,0 +1,171 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates a new virtual MFA device for the Amazon Web Services account. After
// creating the virtual MFA, use EnableMFADevice to attach the MFA device to an
// IAM user. For more information about creating and working with virtual MFA
// devices, see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
// in the IAM User Guide. For information about the maximum number of MFA devices
// you can create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
// in the IAM User Guide. The seed information contained in the QR code and the
// Base32 string should be treated like any other secret access information. In
// other words, protect the seed information as you would your Amazon Web Services
// access keys or your passwords. After you provision your virtual device, you
// should ensure that the information is destroyed following secure procedures.
func (c *Client) CreateVirtualMFADevice(ctx context.Context, params *CreateVirtualMFADeviceInput, optFns ...func(*Options)) (*CreateVirtualMFADeviceOutput, error) {
if params == nil {
params = &CreateVirtualMFADeviceInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateVirtualMFADevice", params, optFns, c.addOperationCreateVirtualMFADeviceMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateVirtualMFADeviceOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateVirtualMFADeviceInput struct {
// The name of the virtual MFA device, which must be unique. Use with path to
// uniquely identify a virtual MFA device. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of upper and lowercase alphanumeric characters with no spaces. You
// can also include any of the following characters: _+=,.@-
//
// This member is required.
VirtualMFADeviceName *string
// The path for the virtual MFA device. For more information about paths, see IAM
// identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
// in the IAM User Guide. This parameter is optional. If it is not included, it
// defaults to a slash (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of either a forward slash (/) by itself or a
// string that must begin and end with forward slashes. In addition, it can contain
// any ASCII character from the ! ( \u0021 ) through the DEL character ( \u007F ),
// including most punctuation characters, digits, and upper and lowercased letters.
Path *string
// A list of tags that you want to attach to the new IAM virtual MFA device. Each
// tag consists of a key name and an associated value. For more information about
// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide. If any one of the tags is invalid or if you exceed the
// allowed maximum number of tags, then the entire request fails and the resource
// is not created.
Tags []types.Tag
noSmithyDocumentSerde
}
// Contains the response to a successful CreateVirtualMFADevice request.
type CreateVirtualMFADeviceOutput struct {
// A structure containing details about the new virtual MFA device.
//
// This member is required.
VirtualMFADevice *types.VirtualMFADevice
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateVirtualMFADeviceMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpCreateVirtualMFADevice{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpCreateVirtualMFADevice{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "CreateVirtualMFADevice"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpCreateVirtualMFADeviceValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateVirtualMFADevice(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateVirtualMFADevice(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "CreateVirtualMFADevice",
}
}

147
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeactivateMFADevice.go generated vendored Normal file
View File

@ -0,0 +1,147 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deactivates the specified MFA device and removes it from association with the
// user name for which it was originally enabled. For more information about
// creating and working with virtual MFA devices, see Enabling a virtual
// multi-factor authentication (MFA) device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
// in the IAM User Guide.
func (c *Client) DeactivateMFADevice(ctx context.Context, params *DeactivateMFADeviceInput, optFns ...func(*Options)) (*DeactivateMFADeviceOutput, error) {
if params == nil {
params = &DeactivateMFADeviceInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeactivateMFADevice", params, optFns, c.addOperationDeactivateMFADeviceMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeactivateMFADeviceOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeactivateMFADeviceInput struct {
// The serial number that uniquely identifies the MFA device. For virtual MFA
// devices, the serial number is the device ARN. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of upper and lowercase alphanumeric characters with no spaces. You
// can also include any of the following characters: =,.@:/-
//
// This member is required.
SerialNumber *string
// The name of the user whose MFA device you want to deactivate. This parameter
// allows (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string
// of characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type DeactivateMFADeviceOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeactivateMFADeviceMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeactivateMFADevice{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeactivateMFADevice{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeactivateMFADevice"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeactivateMFADeviceValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeactivateMFADevice(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeactivateMFADevice(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeactivateMFADevice",
}
}

145
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteAccessKey.go generated vendored Normal file
View File

@ -0,0 +1,145 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the access key pair associated with the specified IAM user. If you do
// not specify a user name, IAM determines the user name implicitly based on the
// Amazon Web Services access key ID signing the request. This operation works for
// access keys under the Amazon Web Services account. Consequently, you can use
// this operation to manage Amazon Web Services account root user credentials even
// if the Amazon Web Services account has no associated users.
func (c *Client) DeleteAccessKey(ctx context.Context, params *DeleteAccessKeyInput, optFns ...func(*Options)) (*DeleteAccessKeyOutput, error) {
if params == nil {
params = &DeleteAccessKeyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteAccessKey", params, optFns, c.addOperationDeleteAccessKeyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteAccessKeyOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteAccessKeyInput struct {
// The access key ID for the access key ID and secret access key you want to
// delete. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters that can consist of any upper or lowercased letter or
// digit.
//
// This member is required.
AccessKeyId *string
// The name of the user whose access key pair you want to delete. This parameter
// allows (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string
// of characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
UserName *string
noSmithyDocumentSerde
}
type DeleteAccessKeyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteAccessKeyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteAccessKey{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteAccessKey{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteAccessKey"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteAccessKeyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteAccessKey(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteAccessKey(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteAccessKey",
}
}

137
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteAccountAlias.go generated vendored Normal file
View File

@ -0,0 +1,137 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified Amazon Web Services account alias. For information about
// using an Amazon Web Services account alias, see Creating, deleting, and listing
// an Amazon Web Services account alias (https://docs.aws.amazon.com/signin/latest/userguide/CreateAccountAlias.html)
// in the Amazon Web Services Sign-In User Guide.
func (c *Client) DeleteAccountAlias(ctx context.Context, params *DeleteAccountAliasInput, optFns ...func(*Options)) (*DeleteAccountAliasOutput, error) {
if params == nil {
params = &DeleteAccountAliasInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteAccountAlias", params, optFns, c.addOperationDeleteAccountAliasMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteAccountAliasOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteAccountAliasInput struct {
// The name of the account alias to delete. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of lowercase letters, digits, and dashes. You cannot start or finish
// with a dash, nor can you have two dashes in a row.
//
// This member is required.
AccountAlias *string
noSmithyDocumentSerde
}
type DeleteAccountAliasOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteAccountAliasMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteAccountAlias{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteAccountAlias{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteAccountAlias"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteAccountAliasValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteAccountAlias(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteAccountAlias(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteAccountAlias",
}
}

123
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteAccountPasswordPolicy.go generated vendored Normal file
View File

@ -0,0 +1,123 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the password policy for the Amazon Web Services account. There are no
// parameters.
func (c *Client) DeleteAccountPasswordPolicy(ctx context.Context, params *DeleteAccountPasswordPolicyInput, optFns ...func(*Options)) (*DeleteAccountPasswordPolicyOutput, error) {
if params == nil {
params = &DeleteAccountPasswordPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteAccountPasswordPolicy", params, optFns, c.addOperationDeleteAccountPasswordPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteAccountPasswordPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteAccountPasswordPolicyInput struct {
noSmithyDocumentSerde
}
type DeleteAccountPasswordPolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteAccountPasswordPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteAccountPasswordPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteAccountPasswordPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteAccountPasswordPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteAccountPasswordPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteAccountPasswordPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteAccountPasswordPolicy",
}
}

135
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteGroup.go generated vendored Normal file
View File

@ -0,0 +1,135 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified IAM group. The group must not contain any users or have
// any attached policies.
func (c *Client) DeleteGroup(ctx context.Context, params *DeleteGroupInput, optFns ...func(*Options)) (*DeleteGroupOutput, error) {
if params == nil {
params = &DeleteGroupInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteGroup", params, optFns, c.addOperationDeleteGroupMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteGroupOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteGroupInput struct {
// The name of the IAM group to delete. This parameter allows (through its regex
// pattern (http://wikipedia.org/wiki/regex) ) a string of characters consisting of
// upper and lowercase alphanumeric characters with no spaces. You can also include
// any of the following characters: _+=,.@-
//
// This member is required.
GroupName *string
noSmithyDocumentSerde
}
type DeleteGroupOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteGroupMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteGroup{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteGroup{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteGroup"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteGroupValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteGroup(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteGroup(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteGroup",
}
}

147
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteGroupPolicy.go generated vendored Normal file
View File

@ -0,0 +1,147 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified inline policy that is embedded in the specified IAM
// group. A group can also have managed policies attached to it. To detach a
// managed policy from a group, use DetachGroupPolicy . For more information about
// policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) DeleteGroupPolicy(ctx context.Context, params *DeleteGroupPolicyInput, optFns ...func(*Options)) (*DeleteGroupPolicyOutput, error) {
if params == nil {
params = &DeleteGroupPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteGroupPolicy", params, optFns, c.addOperationDeleteGroupPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteGroupPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteGroupPolicyInput struct {
// The name (friendly name, not ARN) identifying the group that the policy is
// embedded in. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
GroupName *string
// The name identifying the policy document to delete. This parameter allows
// (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string of
// characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
PolicyName *string
noSmithyDocumentSerde
}
type DeleteGroupPolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteGroupPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteGroupPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteGroupPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteGroupPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteGroupPolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteGroupPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteGroupPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteGroupPolicy",
}
}

140
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteInstanceProfile.go generated vendored Normal file
View File

@ -0,0 +1,140 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified instance profile. The instance profile must not have an
// associated role. Make sure that you do not have any Amazon EC2 instances running
// with the instance profile you are about to delete. Deleting a role or instance
// profile that is associated with a running instance will break any applications
// running on the instance. For more information about instance profiles, see
// Using instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html)
// in the IAM User Guide.
func (c *Client) DeleteInstanceProfile(ctx context.Context, params *DeleteInstanceProfileInput, optFns ...func(*Options)) (*DeleteInstanceProfileOutput, error) {
if params == nil {
params = &DeleteInstanceProfileInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteInstanceProfile", params, optFns, c.addOperationDeleteInstanceProfileMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteInstanceProfileOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteInstanceProfileInput struct {
// The name of the instance profile to delete. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of upper and lowercase alphanumeric characters with no spaces. You
// can also include any of the following characters: _+=,.@-
//
// This member is required.
InstanceProfileName *string
noSmithyDocumentSerde
}
type DeleteInstanceProfileOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteInstanceProfileMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteInstanceProfile{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteInstanceProfile{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteInstanceProfile"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteInstanceProfileValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteInstanceProfile(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteInstanceProfile(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteInstanceProfile",
}
}

143
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteLoginProfile.go generated vendored Normal file
View File

@ -0,0 +1,143 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the password for the specified IAM user, For more information, see
// Managing passwords for IAM users (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_admin-change-user.html)
// . You can use the CLI, the Amazon Web Services API, or the Users page in the IAM
// console to delete a password for any IAM user. You can use ChangePassword to
// update, but not delete, your own password in the My Security Credentials page in
// the Amazon Web Services Management Console. Deleting a user's password does not
// prevent a user from accessing Amazon Web Services through the command line
// interface or the API. To prevent all user access, you must also either make any
// access keys inactive or delete them. For more information about making keys
// inactive or deleting them, see UpdateAccessKey and DeleteAccessKey .
func (c *Client) DeleteLoginProfile(ctx context.Context, params *DeleteLoginProfileInput, optFns ...func(*Options)) (*DeleteLoginProfileOutput, error) {
if params == nil {
params = &DeleteLoginProfileInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteLoginProfile", params, optFns, c.addOperationDeleteLoginProfileMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteLoginProfileOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteLoginProfileInput struct {
// The name of the user whose password you want to delete. This parameter allows
// (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string of
// characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type DeleteLoginProfileOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteLoginProfileMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteLoginProfile{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteLoginProfile{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteLoginProfile"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteLoginProfileValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteLoginProfile(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteLoginProfile(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteLoginProfile",
}
}

138
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteOpenIDConnectProvider.go generated vendored Normal file
View File

@ -0,0 +1,138 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes an OpenID Connect identity provider (IdP) resource object in IAM.
// Deleting an IAM OIDC provider resource does not update any roles that reference
// the provider as a principal in their trust policies. Any attempt to assume a
// role that references a deleted provider fails. This operation is idempotent; it
// does not fail or return an error if you call the operation for a provider that
// does not exist.
func (c *Client) DeleteOpenIDConnectProvider(ctx context.Context, params *DeleteOpenIDConnectProviderInput, optFns ...func(*Options)) (*DeleteOpenIDConnectProviderOutput, error) {
if params == nil {
params = &DeleteOpenIDConnectProviderInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteOpenIDConnectProvider", params, optFns, c.addOperationDeleteOpenIDConnectProviderMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteOpenIDConnectProviderOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteOpenIDConnectProviderInput struct {
// The Amazon Resource Name (ARN) of the IAM OpenID Connect provider resource
// object to delete. You can get a list of OpenID Connect provider resource ARNs by
// using the ListOpenIDConnectProviders operation.
//
// This member is required.
OpenIDConnectProviderArn *string
noSmithyDocumentSerde
}
type DeleteOpenIDConnectProviderOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteOpenIDConnectProviderMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteOpenIDConnectProvider{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteOpenIDConnectProvider{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteOpenIDConnectProvider"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteOpenIDConnectProviderValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteOpenIDConnectProvider(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteOpenIDConnectProvider(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteOpenIDConnectProvider",
}
}

149
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeletePolicy.go generated vendored Normal file
View File

@ -0,0 +1,149 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified managed policy. Before you can delete a managed policy,
// you must first detach the policy from all users, groups, and roles that it is
// attached to. In addition, you must delete all the policy's versions. The
// following steps describe the process for deleting a managed policy:
// - Detach the policy from all users, groups, and roles that the policy is
// attached to, using DetachUserPolicy , DetachGroupPolicy , or DetachRolePolicy
// . To list all the users, groups, and roles that a policy is attached to, use
// ListEntitiesForPolicy .
// - Delete all versions of the policy using DeletePolicyVersion . To list the
// policy's versions, use ListPolicyVersions . You cannot use DeletePolicyVersion
// to delete the version that is marked as the default version. You delete the
// policy's default version in the next step of the process.
// - Delete the policy (this automatically deletes the policy's default version)
// using this operation.
//
// For information about managed policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) DeletePolicy(ctx context.Context, params *DeletePolicyInput, optFns ...func(*Options)) (*DeletePolicyOutput, error) {
if params == nil {
params = &DeletePolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeletePolicy", params, optFns, c.addOperationDeletePolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeletePolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeletePolicyInput struct {
// The Amazon Resource Name (ARN) of the IAM policy you want to delete. For more
// information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
noSmithyDocumentSerde
}
type DeletePolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeletePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeletePolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeletePolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeletePolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeletePolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeletePolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeletePolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeletePolicy",
}
}

149
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeletePolicyVersion.go generated vendored Normal file
View File

@ -0,0 +1,149 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified version from the specified managed policy. You cannot
// delete the default version from a policy using this operation. To delete the
// default version from a policy, use DeletePolicy . To find out which version of a
// policy is marked as the default version, use ListPolicyVersions . For
// information about versions for managed policies, see Versioning for managed
// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
// in the IAM User Guide.
func (c *Client) DeletePolicyVersion(ctx context.Context, params *DeletePolicyVersionInput, optFns ...func(*Options)) (*DeletePolicyVersionOutput, error) {
if params == nil {
params = &DeletePolicyVersionInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeletePolicyVersion", params, optFns, c.addOperationDeletePolicyVersionMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeletePolicyVersionOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeletePolicyVersionInput struct {
// The Amazon Resource Name (ARN) of the IAM policy from which you want to delete
// a version. For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
// The policy version to delete. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters that consists of the lowercase letter 'v' followed by
// one or two digits, and optionally followed by a period '.' and a string of
// letters and digits. For more information about managed policy versions, see
// Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
// in the IAM User Guide.
//
// This member is required.
VersionId *string
noSmithyDocumentSerde
}
type DeletePolicyVersionOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeletePolicyVersionMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeletePolicyVersion{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeletePolicyVersion{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeletePolicyVersion"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeletePolicyVersionValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeletePolicyVersion(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeletePolicyVersion(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeletePolicyVersion",
}
}

147
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteRole.go generated vendored Normal file
View File

@ -0,0 +1,147 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified role. Unlike the Amazon Web Services Management Console,
// when you delete a role programmatically, you must delete the items attached to
// the role manually, or the deletion fails. For more information, see Deleting an
// IAM role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_delete.html#roles-managingrole-deleting-cli)
// . Before attempting to delete a role, remove the following attached items:
// - Inline policies ( DeleteRolePolicy )
// - Attached managed policies ( DetachRolePolicy )
// - Instance profile ( RemoveRoleFromInstanceProfile )
// - Optional Delete instance profile after detaching from role for resource
// clean up ( DeleteInstanceProfile )
//
// Make sure that you do not have any Amazon EC2 instances running with the role
// you are about to delete. Deleting a role or instance profile that is associated
// with a running instance will break any applications running on the instance.
func (c *Client) DeleteRole(ctx context.Context, params *DeleteRoleInput, optFns ...func(*Options)) (*DeleteRoleOutput, error) {
if params == nil {
params = &DeleteRoleInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteRole", params, optFns, c.addOperationDeleteRoleMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteRoleOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteRoleInput struct {
// The name of the role to delete. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
RoleName *string
noSmithyDocumentSerde
}
type DeleteRoleOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteRoleMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteRole{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteRole{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteRole"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteRoleValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteRole(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteRole(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteRole",
}
}

135
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteRolePermissionsBoundary.go generated vendored Normal file
View File

@ -0,0 +1,135 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the permissions boundary for the specified IAM role. You cannot set the
// boundary for a service-linked role. Deleting the permissions boundary for a role
// might increase its permissions. For example, it might allow anyone who assumes
// the role to perform all the actions granted in its permissions policies.
func (c *Client) DeleteRolePermissionsBoundary(ctx context.Context, params *DeleteRolePermissionsBoundaryInput, optFns ...func(*Options)) (*DeleteRolePermissionsBoundaryOutput, error) {
if params == nil {
params = &DeleteRolePermissionsBoundaryInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteRolePermissionsBoundary", params, optFns, c.addOperationDeleteRolePermissionsBoundaryMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteRolePermissionsBoundaryOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteRolePermissionsBoundaryInput struct {
// The name (friendly name, not ARN) of the IAM role from which you want to remove
// the permissions boundary.
//
// This member is required.
RoleName *string
noSmithyDocumentSerde
}
type DeleteRolePermissionsBoundaryOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteRolePermissionsBoundaryMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteRolePermissionsBoundary{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteRolePermissionsBoundary{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteRolePermissionsBoundary"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteRolePermissionsBoundaryValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteRolePermissionsBoundary(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteRolePermissionsBoundary(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteRolePermissionsBoundary",
}
}

147
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteRolePolicy.go generated vendored Normal file
View File

@ -0,0 +1,147 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified inline policy that is embedded in the specified IAM role.
// A role can also have managed policies attached to it. To detach a managed policy
// from a role, use DetachRolePolicy . For more information about policies, refer
// to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) DeleteRolePolicy(ctx context.Context, params *DeleteRolePolicyInput, optFns ...func(*Options)) (*DeleteRolePolicyOutput, error) {
if params == nil {
params = &DeleteRolePolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteRolePolicy", params, optFns, c.addOperationDeleteRolePolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteRolePolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteRolePolicyInput struct {
// The name of the inline policy to delete from the specified IAM role. This
// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex) )
// a string of characters consisting of upper and lowercase alphanumeric characters
// with no spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
PolicyName *string
// The name (friendly name, not ARN) identifying the role that the policy is
// embedded in. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
RoleName *string
noSmithyDocumentSerde
}
type DeleteRolePolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteRolePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteRolePolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteRolePolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteRolePolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteRolePolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteRolePolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteRolePolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteRolePolicy",
}
}

136
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteSAMLProvider.go generated vendored Normal file
View File

@ -0,0 +1,136 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes a SAML provider resource in IAM. Deleting the provider resource from
// IAM does not update any roles that reference the SAML provider resource's ARN as
// a principal in their trust policies. Any attempt to assume a role that
// references a non-existent provider resource ARN fails. This operation requires
// Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html)
// .
func (c *Client) DeleteSAMLProvider(ctx context.Context, params *DeleteSAMLProviderInput, optFns ...func(*Options)) (*DeleteSAMLProviderOutput, error) {
if params == nil {
params = &DeleteSAMLProviderInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteSAMLProvider", params, optFns, c.addOperationDeleteSAMLProviderMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteSAMLProviderOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteSAMLProviderInput struct {
// The Amazon Resource Name (ARN) of the SAML provider to delete.
//
// This member is required.
SAMLProviderArn *string
noSmithyDocumentSerde
}
type DeleteSAMLProviderOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteSAMLProviderMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteSAMLProvider{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteSAMLProvider{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteSAMLProvider"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteSAMLProviderValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteSAMLProvider(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteSAMLProvider(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteSAMLProvider",
}
}

145
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteSSHPublicKey.go generated vendored Normal file
View File

@ -0,0 +1,145 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified SSH public key. The SSH public key deleted by this
// operation is used only for authenticating the associated IAM user to an
// CodeCommit repository. For more information about using SSH keys to authenticate
// to an CodeCommit repository, see Set up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
// in the CodeCommit User Guide.
func (c *Client) DeleteSSHPublicKey(ctx context.Context, params *DeleteSSHPublicKeyInput, optFns ...func(*Options)) (*DeleteSSHPublicKeyOutput, error) {
if params == nil {
params = &DeleteSSHPublicKeyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteSSHPublicKey", params, optFns, c.addOperationDeleteSSHPublicKeyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteSSHPublicKeyOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteSSHPublicKeyInput struct {
// The unique identifier for the SSH public key. This parameter allows (through
// its regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// that can consist of any upper or lowercased letter or digit.
//
// This member is required.
SSHPublicKeyId *string
// The name of the IAM user associated with the SSH public key. This parameter
// allows (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string
// of characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type DeleteSSHPublicKeyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteSSHPublicKeyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteSSHPublicKey{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteSSHPublicKey{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteSSHPublicKey"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteSSHPublicKeyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteSSHPublicKey(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteSSHPublicKey(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteSSHPublicKey",
}
}

145
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteServerCertificate.go generated vendored Normal file
View File

@ -0,0 +1,145 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified server certificate. For more information about working
// with server certificates, see Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
// in the IAM User Guide. This topic also includes a list of Amazon Web Services
// services that can use the server certificates that you manage with IAM. If you
// are using a server certificate with Elastic Load Balancing, deleting the
// certificate could have implications for your application. If Elastic Load
// Balancing doesn't detect the deletion of bound certificates, it may continue to
// use the certificates. This could cause Elastic Load Balancing to stop accepting
// traffic. We recommend that you remove the reference to the certificate from
// Elastic Load Balancing before using this command to delete the certificate. For
// more information, see DeleteLoadBalancerListeners (https://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html)
// in the Elastic Load Balancing API Reference.
func (c *Client) DeleteServerCertificate(ctx context.Context, params *DeleteServerCertificateInput, optFns ...func(*Options)) (*DeleteServerCertificateOutput, error) {
if params == nil {
params = &DeleteServerCertificateInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteServerCertificate", params, optFns, c.addOperationDeleteServerCertificateMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteServerCertificateOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteServerCertificateInput struct {
// The name of the server certificate you want to delete. This parameter allows
// (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string of
// characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
ServerCertificateName *string
noSmithyDocumentSerde
}
type DeleteServerCertificateOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteServerCertificateMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteServerCertificate{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteServerCertificate{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteServerCertificate"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteServerCertificateValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteServerCertificate(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteServerCertificate(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteServerCertificate",
}
}

154
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteServiceLinkedRole.go generated vendored Normal file
View File

@ -0,0 +1,154 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Submits a service-linked role deletion request and returns a DeletionTaskId ,
// which you can use to check the status of the deletion. Before you call this
// operation, confirm that the role has no active sessions and that any resources
// used by the role in the linked service are deleted. If you call this operation
// more than once for the same service-linked role and an earlier deletion task is
// not complete, then the DeletionTaskId of the earlier request is returned. If
// you submit a deletion request for a service-linked role whose linked service is
// still accessing a resource, then the deletion task fails. If it fails, the
// GetServiceLinkedRoleDeletionStatus operation returns the reason for the failure,
// usually including the resources that must be deleted. To delete the
// service-linked role, you must first remove those resources from the linked
// service and then submit the deletion request again. Resources are specific to
// the service that is linked to the role. For more information about removing
// resources from a service, see the Amazon Web Services documentation (http://docs.aws.amazon.com/)
// for your service. For more information about service-linked roles, see Roles
// terms and concepts: Amazon Web Services service-linked role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role)
// in the IAM User Guide.
func (c *Client) DeleteServiceLinkedRole(ctx context.Context, params *DeleteServiceLinkedRoleInput, optFns ...func(*Options)) (*DeleteServiceLinkedRoleOutput, error) {
if params == nil {
params = &DeleteServiceLinkedRoleInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteServiceLinkedRole", params, optFns, c.addOperationDeleteServiceLinkedRoleMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteServiceLinkedRoleOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteServiceLinkedRoleInput struct {
// The name of the service-linked role to be deleted.
//
// This member is required.
RoleName *string
noSmithyDocumentSerde
}
type DeleteServiceLinkedRoleOutput struct {
// The deletion task identifier that you can use to check the status of the
// deletion. This identifier is returned in the format task/aws-service-role/// .
//
// This member is required.
DeletionTaskId *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteServiceLinkedRoleMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteServiceLinkedRole{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteServiceLinkedRole{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteServiceLinkedRole"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteServiceLinkedRoleValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteServiceLinkedRole(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteServiceLinkedRole(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteServiceLinkedRole",
}
}

142
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteServiceSpecificCredential.go generated vendored Normal file
View File

@ -0,0 +1,142 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified service-specific credential.
func (c *Client) DeleteServiceSpecificCredential(ctx context.Context, params *DeleteServiceSpecificCredentialInput, optFns ...func(*Options)) (*DeleteServiceSpecificCredentialOutput, error) {
if params == nil {
params = &DeleteServiceSpecificCredentialInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteServiceSpecificCredential", params, optFns, c.addOperationDeleteServiceSpecificCredentialMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteServiceSpecificCredentialOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteServiceSpecificCredentialInput struct {
// The unique identifier of the service-specific credential. You can get this
// value by calling ListServiceSpecificCredentials . This parameter allows (through
// its regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// that can consist of any upper or lowercased letter or digit.
//
// This member is required.
ServiceSpecificCredentialId *string
// The name of the IAM user associated with the service-specific credential. If
// this value is not specified, then the operation assumes the user whose
// credentials are used to call the operation. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of upper and lowercase alphanumeric characters with no spaces. You
// can also include any of the following characters: _+=,.@-
UserName *string
noSmithyDocumentSerde
}
type DeleteServiceSpecificCredentialOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteServiceSpecificCredentialMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteServiceSpecificCredential{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteServiceSpecificCredential{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteServiceSpecificCredential"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteServiceSpecificCredentialValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteServiceSpecificCredential(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteServiceSpecificCredential(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteServiceSpecificCredential",
}
}

144
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteSigningCertificate.go generated vendored Normal file
View File

@ -0,0 +1,144 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes a signing certificate associated with the specified IAM user. If you do
// not specify a user name, IAM determines the user name implicitly based on the
// Amazon Web Services access key ID signing the request. This operation works for
// access keys under the Amazon Web Services account. Consequently, you can use
// this operation to manage Amazon Web Services account root user credentials even
// if the Amazon Web Services account has no associated IAM users.
func (c *Client) DeleteSigningCertificate(ctx context.Context, params *DeleteSigningCertificateInput, optFns ...func(*Options)) (*DeleteSigningCertificateOutput, error) {
if params == nil {
params = &DeleteSigningCertificateInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteSigningCertificate", params, optFns, c.addOperationDeleteSigningCertificateMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteSigningCertificateOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteSigningCertificateInput struct {
// The ID of the signing certificate to delete. The format of this parameter, as
// described by its regex (http://wikipedia.org/wiki/regex) pattern, is a string
// of characters that can be upper- or lower-cased letters or digits.
//
// This member is required.
CertificateId *string
// The name of the user the signing certificate belongs to. This parameter allows
// (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string of
// characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
UserName *string
noSmithyDocumentSerde
}
type DeleteSigningCertificateOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteSigningCertificateMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteSigningCertificate{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteSigningCertificate{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteSigningCertificate"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteSigningCertificateValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteSigningCertificate(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteSigningCertificate(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteSigningCertificate",
}
}

148
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteUser.go generated vendored Normal file
View File

@ -0,0 +1,148 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified IAM user. Unlike the Amazon Web Services Management
// Console, when you delete a user programmatically, you must delete the items
// attached to the user manually, or the deletion fails. For more information, see
// Deleting an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_deleting_cli)
// . Before attempting to delete a user, remove the following items:
// - Password ( DeleteLoginProfile )
// - Access keys ( DeleteAccessKey )
// - Signing certificate ( DeleteSigningCertificate )
// - SSH public key ( DeleteSSHPublicKey )
// - Git credentials ( DeleteServiceSpecificCredential )
// - Multi-factor authentication (MFA) device ( DeactivateMFADevice ,
// DeleteVirtualMFADevice )
// - Inline policies ( DeleteUserPolicy )
// - Attached managed policies ( DetachUserPolicy )
// - Group memberships ( RemoveUserFromGroup )
func (c *Client) DeleteUser(ctx context.Context, params *DeleteUserInput, optFns ...func(*Options)) (*DeleteUserOutput, error) {
if params == nil {
params = &DeleteUserInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteUser", params, optFns, c.addOperationDeleteUserMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteUserOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteUserInput struct {
// The name of the user to delete. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type DeleteUserOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteUserMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteUser{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteUser{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteUser"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteUserValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteUser(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteUser(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteUser",
}
}

134
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteUserPermissionsBoundary.go generated vendored Normal file
View File

@ -0,0 +1,134 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the permissions boundary for the specified IAM user. Deleting the
// permissions boundary for a user might increase its permissions by allowing the
// user to perform all the actions granted in its permissions policies.
func (c *Client) DeleteUserPermissionsBoundary(ctx context.Context, params *DeleteUserPermissionsBoundaryInput, optFns ...func(*Options)) (*DeleteUserPermissionsBoundaryOutput, error) {
if params == nil {
params = &DeleteUserPermissionsBoundaryInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteUserPermissionsBoundary", params, optFns, c.addOperationDeleteUserPermissionsBoundaryMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteUserPermissionsBoundaryOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteUserPermissionsBoundaryInput struct {
// The name (friendly name, not ARN) of the IAM user from which you want to remove
// the permissions boundary.
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type DeleteUserPermissionsBoundaryOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteUserPermissionsBoundaryMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteUserPermissionsBoundary{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteUserPermissionsBoundary{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteUserPermissionsBoundary"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteUserPermissionsBoundaryValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteUserPermissionsBoundary(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteUserPermissionsBoundary(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteUserPermissionsBoundary",
}
}

147
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteUserPolicy.go generated vendored Normal file
View File

@ -0,0 +1,147 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes the specified inline policy that is embedded in the specified IAM user.
// A user can also have managed policies attached to it. To detach a managed policy
// from a user, use DetachUserPolicy . For more information about policies, refer
// to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) DeleteUserPolicy(ctx context.Context, params *DeleteUserPolicyInput, optFns ...func(*Options)) (*DeleteUserPolicyOutput, error) {
if params == nil {
params = &DeleteUserPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteUserPolicy", params, optFns, c.addOperationDeleteUserPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteUserPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteUserPolicyInput struct {
// The name identifying the policy document to delete. This parameter allows
// (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string of
// characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
PolicyName *string
// The name (friendly name, not ARN) identifying the user that the policy is
// embedded in. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type DeleteUserPolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteUserPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteUserPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteUserPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteUserPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteUserPolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteUserPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteUserPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteUserPolicy",
}
}

137
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DeleteVirtualMFADevice.go generated vendored Normal file
View File

@ -0,0 +1,137 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Deletes a virtual MFA device. You must deactivate a user's virtual MFA device
// before you can delete it. For information about deactivating MFA devices, see
// DeactivateMFADevice .
func (c *Client) DeleteVirtualMFADevice(ctx context.Context, params *DeleteVirtualMFADeviceInput, optFns ...func(*Options)) (*DeleteVirtualMFADeviceOutput, error) {
if params == nil {
params = &DeleteVirtualMFADeviceInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DeleteVirtualMFADevice", params, optFns, c.addOperationDeleteVirtualMFADeviceMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DeleteVirtualMFADeviceOutput)
out.ResultMetadata = metadata
return out, nil
}
type DeleteVirtualMFADeviceInput struct {
// The serial number that uniquely identifies the MFA device. For virtual MFA
// devices, the serial number is the same as the ARN. This parameter allows
// (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string of
// characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: =,.@:/-
//
// This member is required.
SerialNumber *string
noSmithyDocumentSerde
}
type DeleteVirtualMFADeviceOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDeleteVirtualMFADeviceMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDeleteVirtualMFADevice{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDeleteVirtualMFADevice{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteVirtualMFADevice"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDeleteVirtualMFADeviceValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteVirtualMFADevice(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDeleteVirtualMFADevice(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DeleteVirtualMFADevice",
}
}

146
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DetachGroupPolicy.go generated vendored Normal file
View File

@ -0,0 +1,146 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Removes the specified managed policy from the specified IAM group. A group can
// also have inline policies embedded with it. To delete an inline policy, use
// DeleteGroupPolicy . For information about policies, see Managed policies and
// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) DetachGroupPolicy(ctx context.Context, params *DetachGroupPolicyInput, optFns ...func(*Options)) (*DetachGroupPolicyOutput, error) {
if params == nil {
params = &DetachGroupPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DetachGroupPolicy", params, optFns, c.addOperationDetachGroupPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DetachGroupPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type DetachGroupPolicyInput struct {
// The name (friendly name, not ARN) of the IAM group to detach the policy from.
// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
GroupName *string
// The Amazon Resource Name (ARN) of the IAM policy you want to detach. For more
// information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
noSmithyDocumentSerde
}
type DetachGroupPolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDetachGroupPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDetachGroupPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDetachGroupPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DetachGroupPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDetachGroupPolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDetachGroupPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDetachGroupPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DetachGroupPolicy",
}
}

146
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DetachRolePolicy.go generated vendored Normal file
View File

@ -0,0 +1,146 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Removes the specified managed policy from the specified role. A role can also
// have inline policies embedded with it. To delete an inline policy, use
// DeleteRolePolicy . For information about policies, see Managed policies and
// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) DetachRolePolicy(ctx context.Context, params *DetachRolePolicyInput, optFns ...func(*Options)) (*DetachRolePolicyOutput, error) {
if params == nil {
params = &DetachRolePolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DetachRolePolicy", params, optFns, c.addOperationDetachRolePolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DetachRolePolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type DetachRolePolicyInput struct {
// The Amazon Resource Name (ARN) of the IAM policy you want to detach. For more
// information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
// The name (friendly name, not ARN) of the IAM role to detach the policy from.
// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
RoleName *string
noSmithyDocumentSerde
}
type DetachRolePolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDetachRolePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDetachRolePolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDetachRolePolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DetachRolePolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDetachRolePolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDetachRolePolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDetachRolePolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DetachRolePolicy",
}
}

146
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_DetachUserPolicy.go generated vendored Normal file
View File

@ -0,0 +1,146 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Removes the specified managed policy from the specified user. A user can also
// have inline policies embedded with it. To delete an inline policy, use
// DeleteUserPolicy . For information about policies, see Managed policies and
// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) DetachUserPolicy(ctx context.Context, params *DetachUserPolicyInput, optFns ...func(*Options)) (*DetachUserPolicyOutput, error) {
if params == nil {
params = &DetachUserPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "DetachUserPolicy", params, optFns, c.addOperationDetachUserPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*DetachUserPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type DetachUserPolicyInput struct {
// The Amazon Resource Name (ARN) of the IAM policy you want to detach. For more
// information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
// The name (friendly name, not ARN) of the IAM user to detach the policy from.
// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type DetachUserPolicyOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationDetachUserPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDetachUserPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDetachUserPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DetachUserPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDetachUserPolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDetachUserPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opDetachUserPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "DetachUserPolicy",
}
}

169
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_EnableMFADevice.go generated vendored Normal file
View File

@ -0,0 +1,169 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Enables the specified MFA device and associates it with the specified IAM user.
// When enabled, the MFA device is required for every subsequent login by the IAM
// user associated with the device.
func (c *Client) EnableMFADevice(ctx context.Context, params *EnableMFADeviceInput, optFns ...func(*Options)) (*EnableMFADeviceOutput, error) {
if params == nil {
params = &EnableMFADeviceInput{}
}
result, metadata, err := c.invokeOperation(ctx, "EnableMFADevice", params, optFns, c.addOperationEnableMFADeviceMiddlewares)
if err != nil {
return nil, err
}
out := result.(*EnableMFADeviceOutput)
out.ResultMetadata = metadata
return out, nil
}
type EnableMFADeviceInput struct {
// An authentication code emitted by the device. The format for this parameter is
// a string of six digits. Submit your request immediately after generating the
// authentication codes. If you generate the codes and then wait too long to submit
// the request, the MFA device successfully associates with the user but the MFA
// device becomes out of sync. This happens because time-based one-time passwords
// (TOTP) expire after a short period of time. If this happens, you can resync the
// device (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html)
// .
//
// This member is required.
AuthenticationCode1 *string
// A subsequent authentication code emitted by the device. The format for this
// parameter is a string of six digits. Submit your request immediately after
// generating the authentication codes. If you generate the codes and then wait too
// long to submit the request, the MFA device successfully associates with the user
// but the MFA device becomes out of sync. This happens because time-based one-time
// passwords (TOTP) expire after a short period of time. If this happens, you can
// resync the device (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html)
// .
//
// This member is required.
AuthenticationCode2 *string
// The serial number that uniquely identifies the MFA device. For virtual MFA
// devices, the serial number is the device ARN. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of upper and lowercase alphanumeric characters with no spaces. You
// can also include any of the following characters: =,.@:/-
//
// This member is required.
SerialNumber *string
// The name of the IAM user for whom you want to enable the MFA device. This
// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex) )
// a string of characters consisting of upper and lowercase alphanumeric characters
// with no spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
type EnableMFADeviceOutput struct {
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationEnableMFADeviceMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpEnableMFADevice{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpEnableMFADevice{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "EnableMFADevice"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpEnableMFADeviceValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opEnableMFADevice(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opEnableMFADevice(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "EnableMFADevice",
}
}

133
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GenerateCredentialReport.go generated vendored Normal file
View File

@ -0,0 +1,133 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Generates a credential report for the Amazon Web Services account. For more
// information about the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
// in the IAM User Guide.
func (c *Client) GenerateCredentialReport(ctx context.Context, params *GenerateCredentialReportInput, optFns ...func(*Options)) (*GenerateCredentialReportOutput, error) {
if params == nil {
params = &GenerateCredentialReportInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GenerateCredentialReport", params, optFns, c.addOperationGenerateCredentialReportMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GenerateCredentialReportOutput)
out.ResultMetadata = metadata
return out, nil
}
type GenerateCredentialReportInput struct {
noSmithyDocumentSerde
}
// Contains the response to a successful GenerateCredentialReport request.
type GenerateCredentialReportOutput struct {
// Information about the credential report.
Description *string
// Information about the state of the credential report.
State types.ReportStateType
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGenerateCredentialReportMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGenerateCredentialReport{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGenerateCredentialReport{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GenerateCredentialReport"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGenerateCredentialReport(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGenerateCredentialReport(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GenerateCredentialReport",
}
}

239
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GenerateOrganizationsAccessReport.go generated vendored Normal file
View File

@ -0,0 +1,239 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Generates a report for service last accessed data for Organizations. You can
// generate a report for any entities (organization root, organizational unit, or
// account) or policies in your organization. To call this operation, you must be
// signed in using your Organizations management account credentials. You can use
// your long-term IAM user or root user credentials, or temporary credentials from
// assuming an IAM role. SCPs must be enabled for your organization root. You must
// have the required IAM and Organizations permissions. For more information, see
// Refining permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
// in the IAM User Guide. You can generate a service last accessed data report for
// entities by specifying only the entity's path. This data includes a list of
// services that are allowed by any service control policies (SCPs) that apply to
// the entity. You can generate a service last accessed data report for a policy by
// specifying an entity's path and an optional Organizations policy ID. This data
// includes a list of services that are allowed by the specified SCP. For each
// service in both report types, the data includes the most recent account activity
// that the policy allows to account principals in the entity or the entity's
// children. For important information about the data, reporting period,
// permissions required, troubleshooting, and supported Regions see Reducing
// permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
// in the IAM User Guide. The data includes all attempts to access Amazon Web
// Services, not just the successful ones. This includes all attempts that were
// made using the Amazon Web Services Management Console, the Amazon Web Services
// API through any of the SDKs, or any of the command line tools. An unexpected
// entry in the service last accessed data does not mean that an account has been
// compromised, because the request might have been denied. Refer to your
// CloudTrail logs as the authoritative source for information about all API calls
// and whether they were successful or denied access. For more information, see
// Logging IAM events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html)
// in the IAM User Guide. This operation returns a JobId . Use this parameter in
// the GetOrganizationsAccessReport operation to check the status of the report
// generation. To check the status of this request, use the JobId parameter in the
// GetOrganizationsAccessReport operation and test the JobStatus response
// parameter. When the job is complete, you can retrieve the report. To generate a
// service last accessed data report for entities, specify an entity path without
// specifying the optional Organizations policy ID. The type of entity that you
// specify determines the data returned in the report.
// - Root When you specify the organizations root as the entity, the resulting
// report lists all of the services allowed by SCPs that are attached to your root.
// For each service, the report includes data for all accounts in your organization
// except the management account, because the management account is not limited by
// SCPs.
// - OU When you specify an organizational unit (OU) as the entity, the
// resulting report lists all of the services allowed by SCPs that are attached to
// the OU and its parents. For each service, the report includes data for all
// accounts in the OU or its children. This data excludes the management account,
// because the management account is not limited by SCPs.
// - management account When you specify the management account, the resulting
// report lists all Amazon Web Services services, because the management account is
// not limited by SCPs. For each service, the report includes data for only the
// management account.
// - Account When you specify another account as the entity, the resulting
// report lists all of the services allowed by SCPs that are attached to the
// account and its parents. For each service, the report includes data for only the
// specified account.
//
// To generate a service last accessed data report for policies, specify an entity
// path and the optional Organizations policy ID. The type of entity that you
// specify determines the data returned for each service.
// - Root When you specify the root entity and a policy ID, the resulting
// report lists all of the services that are allowed by the specified SCP. For each
// service, the report includes data for all accounts in your organization to which
// the SCP applies. This data excludes the management account, because the
// management account is not limited by SCPs. If the SCP is not attached to any
// entities in the organization, then the report will return a list of services
// with no data.
// - OU When you specify an OU entity and a policy ID, the resulting report
// lists all of the services that are allowed by the specified SCP. For each
// service, the report includes data for all accounts in the OU or its children to
// which the SCP applies. This means that other accounts outside the OU that are
// affected by the SCP might not be included in the data. This data excludes the
// management account, because the management account is not limited by SCPs. If
// the SCP is not attached to the OU or one of its children, the report will return
// a list of services with no data.
// - management account When you specify the management account, the resulting
// report lists all Amazon Web Services services, because the management account is
// not limited by SCPs. If you specify a policy ID in the CLI or API, the policy is
// ignored. For each service, the report includes data for only the management
// account.
// - Account When you specify another account entity and a policy ID, the
// resulting report lists all of the services that are allowed by the specified
// SCP. For each service, the report includes data for only the specified account.
// This means that other accounts in the organization that are affected by the SCP
// might not be included in the data. If the SCP is not attached to the account,
// the report will return a list of services with no data.
//
// Service last accessed data does not use other policy types when determining
// whether a principal could access a service. These other policy types include
// identity-based policies, resource-based policies, access control lists, IAM
// permissions boundaries, and STS assume role policies. It only applies SCP logic.
// For more about the evaluation of policy types, see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
// in the IAM User Guide. For more information about service last accessed data,
// see Reducing policy scope by viewing user activity (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
// in the IAM User Guide.
func (c *Client) GenerateOrganizationsAccessReport(ctx context.Context, params *GenerateOrganizationsAccessReportInput, optFns ...func(*Options)) (*GenerateOrganizationsAccessReportOutput, error) {
if params == nil {
params = &GenerateOrganizationsAccessReportInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GenerateOrganizationsAccessReport", params, optFns, c.addOperationGenerateOrganizationsAccessReportMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GenerateOrganizationsAccessReportOutput)
out.ResultMetadata = metadata
return out, nil
}
type GenerateOrganizationsAccessReportInput struct {
// The path of the Organizations entity (root, OU, or account). You can build an
// entity path using the known structure of your organization. For example, assume
// that your account ID is 123456789012 and its parent OU ID is ou-rge0-awsabcde .
// The organization root ID is r-f6g7h8i9j0example and your organization ID is
// o-a1b2c3d4e5 . Your entity path is
// o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-rge0-awsabcde/123456789012 .
//
// This member is required.
EntityPath *string
// The identifier of the Organizations service control policy (SCP). This
// parameter is optional. This ID is used to generate information about when an
// account principal that is limited by the SCP attempted to access an Amazon Web
// Services service.
OrganizationsPolicyId *string
noSmithyDocumentSerde
}
type GenerateOrganizationsAccessReportOutput struct {
// The job identifier that you can use in the GetOrganizationsAccessReport
// operation.
JobId *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGenerateOrganizationsAccessReportMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGenerateOrganizationsAccessReport{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGenerateOrganizationsAccessReport{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GenerateOrganizationsAccessReport"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGenerateOrganizationsAccessReportValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGenerateOrganizationsAccessReport(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGenerateOrganizationsAccessReport(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GenerateOrganizationsAccessReport",
}
}

192
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GenerateServiceLastAccessedDetails.go generated vendored Normal file
View File

@ -0,0 +1,192 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Generates a report that includes details about when an IAM resource (user,
// group, role, or policy) was last used in an attempt to access Amazon Web
// Services services. Recent activity usually appears within four hours. IAM
// reports activity for at least the last 400 days, or less if your Region began
// supporting this feature within the last year. For more information, see Regions
// where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
// . For more information about services and actions for which action last accessed
// information is displayed, see IAM action last accessed information services and
// actions (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor-action-last-accessed.html)
// . The service last accessed data includes all attempts to access an Amazon Web
// Services API, not just the successful ones. This includes all attempts that were
// made using the Amazon Web Services Management Console, the Amazon Web Services
// API through any of the SDKs, or any of the command line tools. An unexpected
// entry in the service last accessed data does not mean that your account has been
// compromised, because the request might have been denied. Refer to your
// CloudTrail logs as the authoritative source for information about all API calls
// and whether they were successful or denied access. For more information, see
// Logging IAM events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html)
// in the IAM User Guide. The GenerateServiceLastAccessedDetails operation returns
// a JobId . Use this parameter in the following operations to retrieve the
// following details from your report:
// - GetServiceLastAccessedDetails Use this operation for users, groups, roles,
// or policies to list every Amazon Web Services service that the resource could
// access using permissions policies. For each service, the response includes
// information about the most recent access attempt. The JobId returned by
// GenerateServiceLastAccessedDetail must be used by the same role within a
// session, or by the same user when used to call GetServiceLastAccessedDetail .
// - GetServiceLastAccessedDetailsWithEntities Use this operation for groups
// and policies to list information about the associated entities (users or roles)
// that attempted to access a specific Amazon Web Services service.
//
// To check the status of the GenerateServiceLastAccessedDetails request, use the
// JobId parameter in the same operations and test the JobStatus response
// parameter. For additional information about the permissions policies that allow
// an identity (user, group, or role) to access specific services, use the
// ListPoliciesGrantingServiceAccess operation. Service last accessed data does not
// use other policy types when determining whether a resource could access a
// service. These other policy types include resource-based policies, access
// control lists, Organizations policies, IAM permissions boundaries, and STS
// assume role policies. It only applies permissions policy logic. For more about
// the evaluation of policy types, see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
// in the IAM User Guide. For more information about service and action last
// accessed data, see Reducing permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
// in the IAM User Guide.
func (c *Client) GenerateServiceLastAccessedDetails(ctx context.Context, params *GenerateServiceLastAccessedDetailsInput, optFns ...func(*Options)) (*GenerateServiceLastAccessedDetailsOutput, error) {
if params == nil {
params = &GenerateServiceLastAccessedDetailsInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GenerateServiceLastAccessedDetails", params, optFns, c.addOperationGenerateServiceLastAccessedDetailsMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GenerateServiceLastAccessedDetailsOutput)
out.ResultMetadata = metadata
return out, nil
}
type GenerateServiceLastAccessedDetailsInput struct {
// The ARN of the IAM resource (user, group, role, or managed policy) used to
// generate information about when the resource was last used in an attempt to
// access an Amazon Web Services service.
//
// This member is required.
Arn *string
// The level of detail that you want to generate. You can specify whether you want
// to generate information about the last attempt to access services or actions. If
// you specify service-level granularity, this operation generates only service
// data. If you specify action-level granularity, it generates service and action
// data. If you don't include this optional parameter, the operation generates
// service data.
Granularity types.AccessAdvisorUsageGranularityType
noSmithyDocumentSerde
}
type GenerateServiceLastAccessedDetailsOutput struct {
// The JobId that you can use in the GetServiceLastAccessedDetails or
// GetServiceLastAccessedDetailsWithEntities operations. The JobId returned by
// GenerateServiceLastAccessedDetail must be used by the same role within a
// session, or by the same user when used to call GetServiceLastAccessedDetail .
JobId *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGenerateServiceLastAccessedDetailsMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGenerateServiceLastAccessedDetails{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGenerateServiceLastAccessedDetails{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GenerateServiceLastAccessedDetails"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGenerateServiceLastAccessedDetailsValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGenerateServiceLastAccessedDetails(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGenerateServiceLastAccessedDetails(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GenerateServiceLastAccessedDetails",
}
}

147
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetAccessKeyLastUsed.go generated vendored Normal file
View File

@ -0,0 +1,147 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Retrieves information about when the specified access key was last used. The
// information includes the date and time of last use, along with the Amazon Web
// Services service and Region that were specified in the last request made with
// that key.
func (c *Client) GetAccessKeyLastUsed(ctx context.Context, params *GetAccessKeyLastUsedInput, optFns ...func(*Options)) (*GetAccessKeyLastUsedOutput, error) {
if params == nil {
params = &GetAccessKeyLastUsedInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetAccessKeyLastUsed", params, optFns, c.addOperationGetAccessKeyLastUsedMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetAccessKeyLastUsedOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetAccessKeyLastUsedInput struct {
// The identifier of an access key. This parameter allows (through its regex
// pattern (http://wikipedia.org/wiki/regex) ) a string of characters that can
// consist of any upper or lowercased letter or digit.
//
// This member is required.
AccessKeyId *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetAccessKeyLastUsed request. It is also
// returned as a member of the AccessKeyMetaData structure returned by the
// ListAccessKeys action.
type GetAccessKeyLastUsedOutput struct {
// Contains information about the last time the access key was used.
AccessKeyLastUsed *types.AccessKeyLastUsed
// The name of the IAM user that owns this access key.
UserName *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetAccessKeyLastUsedMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetAccessKeyLastUsed{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetAccessKeyLastUsed{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetAccessKeyLastUsed"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetAccessKeyLastUsedValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetAccessKeyLastUsed(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetAccessKeyLastUsed(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetAccessKeyLastUsed",
}
}

281
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetAccountAuthorizationDetails.go generated vendored Normal file
View File

@ -0,0 +1,281 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Retrieves information about all IAM users, groups, roles, and policies in your
// Amazon Web Services account, including their relationships to one another. Use
// this operation to obtain a snapshot of the configuration of IAM permissions
// (users, groups, roles, and policies) in your account. Policies returned by this
// operation are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986)
// . You can use a URL decoding method to convert the policy back to plain JSON
// text. For example, if you use Java, you can use the decode method of the
// java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs
// provide similar functionality. You can optionally filter the results using the
// Filter parameter. You can paginate the results using the MaxItems and Marker
// parameters.
func (c *Client) GetAccountAuthorizationDetails(ctx context.Context, params *GetAccountAuthorizationDetailsInput, optFns ...func(*Options)) (*GetAccountAuthorizationDetailsOutput, error) {
if params == nil {
params = &GetAccountAuthorizationDetailsInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetAccountAuthorizationDetails", params, optFns, c.addOperationGetAccountAuthorizationDetailsMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetAccountAuthorizationDetailsOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetAccountAuthorizationDetailsInput struct {
// A list of entity types used to filter the results. Only the entities that match
// the types you specify are included in the output. Use the value
// LocalManagedPolicy to include customer managed policies. The format for this
// parameter is a comma-separated (if more than one) list of strings. Each string
// value in the list must be one of the valid values listed below.
Filter []types.EntityType
// Use this parameter only when paginating results and only after you receive a
// response indicating that the results are truncated. Set it to the value of the
// Marker element in the response that you received to indicate where the next call
// should start.
Marker *string
// Use this only when paginating results to indicate the maximum number of items
// you want in the response. If additional items exist beyond the maximum you
// specify, the IsTruncated response element is true . If you do not include this
// parameter, the number of items defaults to 100. Note that IAM might return fewer
// results, even when there are more results available. In that case, the
// IsTruncated response element returns true , and Marker contains a value to
// include in the subsequent call that tells the service where to continue from.
MaxItems *int32
noSmithyDocumentSerde
}
// Contains the response to a successful GetAccountAuthorizationDetails request.
type GetAccountAuthorizationDetailsOutput struct {
// A list containing information about IAM groups.
GroupDetailList []types.GroupDetail
// A flag that indicates whether there are more items to return. If your results
// were truncated, you can make a subsequent pagination request using the Marker
// request parameter to retrieve more items. Note that IAM might return fewer than
// the MaxItems number of results even when there are more results available. We
// recommend that you check IsTruncated after every call to ensure that you
// receive all your results.
IsTruncated bool
// When IsTruncated is true , this element is present and contains the value to use
// for the Marker parameter in a subsequent pagination request.
Marker *string
// A list containing information about managed policies.
Policies []types.ManagedPolicyDetail
// A list containing information about IAM roles.
RoleDetailList []types.RoleDetail
// A list containing information about IAM users.
UserDetailList []types.UserDetail
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetAccountAuthorizationDetailsMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetAccountAuthorizationDetails{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetAccountAuthorizationDetails{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetAccountAuthorizationDetails"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetAccountAuthorizationDetails(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
// GetAccountAuthorizationDetailsAPIClient is a client that implements the
// GetAccountAuthorizationDetails operation.
type GetAccountAuthorizationDetailsAPIClient interface {
GetAccountAuthorizationDetails(context.Context, *GetAccountAuthorizationDetailsInput, ...func(*Options)) (*GetAccountAuthorizationDetailsOutput, error)
}
var _ GetAccountAuthorizationDetailsAPIClient = (*Client)(nil)
// GetAccountAuthorizationDetailsPaginatorOptions is the paginator options for
// GetAccountAuthorizationDetails
type GetAccountAuthorizationDetailsPaginatorOptions struct {
// Use this only when paginating results to indicate the maximum number of items
// you want in the response. If additional items exist beyond the maximum you
// specify, the IsTruncated response element is true . If you do not include this
// parameter, the number of items defaults to 100. Note that IAM might return fewer
// results, even when there are more results available. In that case, the
// IsTruncated response element returns true , and Marker contains a value to
// include in the subsequent call that tells the service where to continue from.
Limit int32
// Set to true if pagination should stop if the service returns a pagination token
// that matches the most recent token provided to the service.
StopOnDuplicateToken bool
}
// GetAccountAuthorizationDetailsPaginator is a paginator for
// GetAccountAuthorizationDetails
type GetAccountAuthorizationDetailsPaginator struct {
options GetAccountAuthorizationDetailsPaginatorOptions
client GetAccountAuthorizationDetailsAPIClient
params *GetAccountAuthorizationDetailsInput
nextToken *string
firstPage bool
}
// NewGetAccountAuthorizationDetailsPaginator returns a new
// GetAccountAuthorizationDetailsPaginator
func NewGetAccountAuthorizationDetailsPaginator(client GetAccountAuthorizationDetailsAPIClient, params *GetAccountAuthorizationDetailsInput, optFns ...func(*GetAccountAuthorizationDetailsPaginatorOptions)) *GetAccountAuthorizationDetailsPaginator {
if params == nil {
params = &GetAccountAuthorizationDetailsInput{}
}
options := GetAccountAuthorizationDetailsPaginatorOptions{}
if params.MaxItems != nil {
options.Limit = *params.MaxItems
}
for _, fn := range optFns {
fn(&options)
}
return &GetAccountAuthorizationDetailsPaginator{
options: options,
client: client,
params: params,
firstPage: true,
nextToken: params.Marker,
}
}
// HasMorePages returns a boolean indicating whether more pages are available
func (p *GetAccountAuthorizationDetailsPaginator) HasMorePages() bool {
return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0)
}
// NextPage retrieves the next GetAccountAuthorizationDetails page.
func (p *GetAccountAuthorizationDetailsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*GetAccountAuthorizationDetailsOutput, error) {
if !p.HasMorePages() {
return nil, fmt.Errorf("no more pages available")
}
params := *p.params
params.Marker = p.nextToken
var limit *int32
if p.options.Limit > 0 {
limit = &p.options.Limit
}
params.MaxItems = limit
result, err := p.client.GetAccountAuthorizationDetails(ctx, &params, optFns...)
if err != nil {
return nil, err
}
p.firstPage = false
prevToken := p.nextToken
p.nextToken = result.Marker
if p.options.StopOnDuplicateToken &&
prevToken != nil &&
p.nextToken != nil &&
*prevToken == *p.nextToken {
p.nextToken = nil
}
return result, nil
}
func newServiceMetadataMiddleware_opGetAccountAuthorizationDetails(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetAccountAuthorizationDetails",
}
}

134
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetAccountPasswordPolicy.go generated vendored Normal file
View File

@ -0,0 +1,134 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Retrieves the password policy for the Amazon Web Services account. This tells
// you the complexity requirements and mandatory rotation periods for the IAM user
// passwords in your account. For more information about using a password policy,
// see Managing an IAM password policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html)
// .
func (c *Client) GetAccountPasswordPolicy(ctx context.Context, params *GetAccountPasswordPolicyInput, optFns ...func(*Options)) (*GetAccountPasswordPolicyOutput, error) {
if params == nil {
params = &GetAccountPasswordPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetAccountPasswordPolicy", params, optFns, c.addOperationGetAccountPasswordPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetAccountPasswordPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetAccountPasswordPolicyInput struct {
noSmithyDocumentSerde
}
// Contains the response to a successful GetAccountPasswordPolicy request.
type GetAccountPasswordPolicyOutput struct {
// A structure that contains details about the account's password policy.
//
// This member is required.
PasswordPolicy *types.PasswordPolicy
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetAccountPasswordPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetAccountPasswordPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetAccountPasswordPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetAccountPasswordPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetAccountPasswordPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetAccountPasswordPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetAccountPasswordPolicy",
}
}

130
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetAccountSummary.go generated vendored Normal file
View File

@ -0,0 +1,130 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Retrieves information about IAM entity usage and IAM quotas in the Amazon Web
// Services account. For information about IAM quotas, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
// in the IAM User Guide.
func (c *Client) GetAccountSummary(ctx context.Context, params *GetAccountSummaryInput, optFns ...func(*Options)) (*GetAccountSummaryOutput, error) {
if params == nil {
params = &GetAccountSummaryInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetAccountSummary", params, optFns, c.addOperationGetAccountSummaryMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetAccountSummaryOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetAccountSummaryInput struct {
noSmithyDocumentSerde
}
// Contains the response to a successful GetAccountSummary request.
type GetAccountSummaryOutput struct {
// A set of keyvalue pairs containing information about IAM entity usage and IAM
// quotas.
SummaryMap map[string]int32
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetAccountSummaryMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetAccountSummary{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetAccountSummary{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetAccountSummary"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetAccountSummary(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetAccountSummary(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetAccountSummary",
}
}

156
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetContextKeysForCustomPolicy.go generated vendored Normal file
View File

@ -0,0 +1,156 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Gets a list of all of the context keys referenced in the input policies. The
// policies are supplied as a list of one or more strings. To get the context keys
// from policies associated with an IAM user, group, or role, use
// GetContextKeysForPrincipalPolicy . Context keys are variables maintained by
// Amazon Web Services and its services that provide details about the context of
// an API query request. Context keys can be evaluated by testing against a value
// specified in an IAM policy. Use GetContextKeysForCustomPolicy to understand
// what key names and values you must supply when you call SimulateCustomPolicy .
// Note that all parameters are shown in unencoded form here for clarity but must
// be URL encoded to be included as a part of a real HTML request.
func (c *Client) GetContextKeysForCustomPolicy(ctx context.Context, params *GetContextKeysForCustomPolicyInput, optFns ...func(*Options)) (*GetContextKeysForCustomPolicyOutput, error) {
if params == nil {
params = &GetContextKeysForCustomPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetContextKeysForCustomPolicy", params, optFns, c.addOperationGetContextKeysForCustomPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetContextKeysForCustomPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetContextKeysForCustomPolicyInput struct {
// A list of policies for which you want the list of context keys referenced in
// those policies. Each document is specified as a string containing the complete,
// valid JSON text of an IAM policy. The regex pattern (http://wikipedia.org/wiki/regex)
// used to validate this parameter is a string of characters consisting of the
// following:
// - Any printable ASCII character ranging from the space character ( \u0020 )
// through the end of the ASCII character range
// - The printable characters in the Basic Latin and Latin-1 Supplement
// character set (through \u00FF )
// - The special characters tab ( \u0009 ), line feed ( \u000A ), and carriage
// return ( \u000D )
//
// This member is required.
PolicyInputList []string
noSmithyDocumentSerde
}
// Contains the response to a successful GetContextKeysForPrincipalPolicy or
// GetContextKeysForCustomPolicy request.
type GetContextKeysForCustomPolicyOutput struct {
// The list of context keys that are referenced in the input policies.
ContextKeyNames []string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetContextKeysForCustomPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetContextKeysForCustomPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetContextKeysForCustomPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetContextKeysForCustomPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetContextKeysForCustomPolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetContextKeysForCustomPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetContextKeysForCustomPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetContextKeysForCustomPolicy",
}
}

170
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetContextKeysForPrincipalPolicy.go generated vendored Normal file
View File

@ -0,0 +1,170 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Gets a list of all of the context keys referenced in all the IAM policies that
// are attached to the specified IAM entity. The entity can be an IAM user, group,
// or role. If you specify a user, then the request also includes all of the
// policies attached to groups that the user is a member of. You can optionally
// include a list of one or more additional policies, specified as strings. If you
// want to include only a list of policies by string, use
// GetContextKeysForCustomPolicy instead. Note: This operation discloses
// information about the permissions granted to other users. If you do not want
// users to see other user's permissions, then consider allowing them to use
// GetContextKeysForCustomPolicy instead. Context keys are variables maintained by
// Amazon Web Services and its services that provide details about the context of
// an API query request. Context keys can be evaluated by testing against a value
// in an IAM policy. Use GetContextKeysForPrincipalPolicy to understand what key
// names and values you must supply when you call SimulatePrincipalPolicy .
func (c *Client) GetContextKeysForPrincipalPolicy(ctx context.Context, params *GetContextKeysForPrincipalPolicyInput, optFns ...func(*Options)) (*GetContextKeysForPrincipalPolicyOutput, error) {
if params == nil {
params = &GetContextKeysForPrincipalPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetContextKeysForPrincipalPolicy", params, optFns, c.addOperationGetContextKeysForPrincipalPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetContextKeysForPrincipalPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetContextKeysForPrincipalPolicyInput struct {
// The ARN of a user, group, or role whose policies contain the context keys that
// you want listed. If you specify a user, the list includes context keys that are
// found in all policies that are attached to the user. The list also includes all
// groups that the user is a member of. If you pick a group or a role, then it
// includes only those context keys that are found in policies attached to that
// entity. Note that all parameters are shown in unencoded form here for clarity,
// but must be URL encoded to be included as a part of a real HTML request. For
// more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicySourceArn *string
// An optional list of additional policies for which you want the list of context
// keys that are referenced. The regex pattern (http://wikipedia.org/wiki/regex)
// used to validate this parameter is a string of characters consisting of the
// following:
// - Any printable ASCII character ranging from the space character ( \u0020 )
// through the end of the ASCII character range
// - The printable characters in the Basic Latin and Latin-1 Supplement
// character set (through \u00FF )
// - The special characters tab ( \u0009 ), line feed ( \u000A ), and carriage
// return ( \u000D )
PolicyInputList []string
noSmithyDocumentSerde
}
// Contains the response to a successful GetContextKeysForPrincipalPolicy or
// GetContextKeysForCustomPolicy request.
type GetContextKeysForPrincipalPolicyOutput struct {
// The list of context keys that are referenced in the input policies.
ContextKeyNames []string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetContextKeysForPrincipalPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetContextKeysForPrincipalPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetContextKeysForPrincipalPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetContextKeysForPrincipalPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetContextKeysForPrincipalPolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetContextKeysForPrincipalPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetContextKeysForPrincipalPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetContextKeysForPrincipalPolicy",
}
}

138
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetCredentialReport.go generated vendored Normal file
View File

@ -0,0 +1,138 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
"time"
)
// Retrieves a credential report for the Amazon Web Services account. For more
// information about the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
// in the IAM User Guide.
func (c *Client) GetCredentialReport(ctx context.Context, params *GetCredentialReportInput, optFns ...func(*Options)) (*GetCredentialReportOutput, error) {
if params == nil {
params = &GetCredentialReportInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetCredentialReport", params, optFns, c.addOperationGetCredentialReportMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetCredentialReportOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetCredentialReportInput struct {
noSmithyDocumentSerde
}
// Contains the response to a successful GetCredentialReport request.
type GetCredentialReportOutput struct {
// Contains the credential report. The report is Base64-encoded.
Content []byte
// The date and time when the credential report was created, in ISO 8601 date-time
// format (http://www.iso.org/iso/iso8601) .
GeneratedTime *time.Time
// The format (MIME type) of the credential report.
ReportFormat types.ReportFormatType
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetCredentialReportMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetCredentialReport{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetCredentialReport{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetCredentialReport"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetCredentialReport(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetCredentialReport(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetCredentialReport",
}
}

270
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetGroup.go generated vendored Normal file
View File

@ -0,0 +1,270 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Returns a list of IAM users that are in the specified IAM group. You can
// paginate the results using the MaxItems and Marker parameters.
func (c *Client) GetGroup(ctx context.Context, params *GetGroupInput, optFns ...func(*Options)) (*GetGroupOutput, error) {
if params == nil {
params = &GetGroupInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetGroup", params, optFns, c.addOperationGetGroupMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetGroupOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetGroupInput struct {
// The name of the group. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)
// ) a string of characters consisting of upper and lowercase alphanumeric
// characters with no spaces. You can also include any of the following characters:
// _+=,.@-
//
// This member is required.
GroupName *string
// Use this parameter only when paginating results and only after you receive a
// response indicating that the results are truncated. Set it to the value of the
// Marker element in the response that you received to indicate where the next call
// should start.
Marker *string
// Use this only when paginating results to indicate the maximum number of items
// you want in the response. If additional items exist beyond the maximum you
// specify, the IsTruncated response element is true . If you do not include this
// parameter, the number of items defaults to 100. Note that IAM might return fewer
// results, even when there are more results available. In that case, the
// IsTruncated response element returns true , and Marker contains a value to
// include in the subsequent call that tells the service where to continue from.
MaxItems *int32
noSmithyDocumentSerde
}
// Contains the response to a successful GetGroup request.
type GetGroupOutput struct {
// A structure that contains details about the group.
//
// This member is required.
Group *types.Group
// A list of users in the group.
//
// This member is required.
Users []types.User
// A flag that indicates whether there are more items to return. If your results
// were truncated, you can make a subsequent pagination request using the Marker
// request parameter to retrieve more items. Note that IAM might return fewer than
// the MaxItems number of results even when there are more results available. We
// recommend that you check IsTruncated after every call to ensure that you
// receive all your results.
IsTruncated bool
// When IsTruncated is true , this element is present and contains the value to use
// for the Marker parameter in a subsequent pagination request.
Marker *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetGroupMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetGroup{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetGroup{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetGroup"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetGroupValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetGroup(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
// GetGroupAPIClient is a client that implements the GetGroup operation.
type GetGroupAPIClient interface {
GetGroup(context.Context, *GetGroupInput, ...func(*Options)) (*GetGroupOutput, error)
}
var _ GetGroupAPIClient = (*Client)(nil)
// GetGroupPaginatorOptions is the paginator options for GetGroup
type GetGroupPaginatorOptions struct {
// Use this only when paginating results to indicate the maximum number of items
// you want in the response. If additional items exist beyond the maximum you
// specify, the IsTruncated response element is true . If you do not include this
// parameter, the number of items defaults to 100. Note that IAM might return fewer
// results, even when there are more results available. In that case, the
// IsTruncated response element returns true , and Marker contains a value to
// include in the subsequent call that tells the service where to continue from.
Limit int32
// Set to true if pagination should stop if the service returns a pagination token
// that matches the most recent token provided to the service.
StopOnDuplicateToken bool
}
// GetGroupPaginator is a paginator for GetGroup
type GetGroupPaginator struct {
options GetGroupPaginatorOptions
client GetGroupAPIClient
params *GetGroupInput
nextToken *string
firstPage bool
}
// NewGetGroupPaginator returns a new GetGroupPaginator
func NewGetGroupPaginator(client GetGroupAPIClient, params *GetGroupInput, optFns ...func(*GetGroupPaginatorOptions)) *GetGroupPaginator {
if params == nil {
params = &GetGroupInput{}
}
options := GetGroupPaginatorOptions{}
if params.MaxItems != nil {
options.Limit = *params.MaxItems
}
for _, fn := range optFns {
fn(&options)
}
return &GetGroupPaginator{
options: options,
client: client,
params: params,
firstPage: true,
nextToken: params.Marker,
}
}
// HasMorePages returns a boolean indicating whether more pages are available
func (p *GetGroupPaginator) HasMorePages() bool {
return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0)
}
// NextPage retrieves the next GetGroup page.
func (p *GetGroupPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*GetGroupOutput, error) {
if !p.HasMorePages() {
return nil, fmt.Errorf("no more pages available")
}
params := *p.params
params.Marker = p.nextToken
var limit *int32
if p.options.Limit > 0 {
limit = &p.options.Limit
}
params.MaxItems = limit
result, err := p.client.GetGroup(ctx, &params, optFns...)
if err != nil {
return nil, err
}
p.firstPage = false
prevToken := p.nextToken
p.nextToken = result.Marker
if p.options.StopOnDuplicateToken &&
prevToken != nil &&
p.nextToken != nil &&
*prevToken == *p.nextToken {
p.nextToken = nil
}
return result, nil
}
func newServiceMetadataMiddleware_opGetGroup(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetGroup",
}
}

173
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetGroupPolicy.go generated vendored Normal file
View File

@ -0,0 +1,173 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Retrieves the specified inline policy document that is embedded in the
// specified IAM group. Policies returned by this operation are URL-encoded
// compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986) . You can use a
// URL decoding method to convert the policy back to plain JSON text. For example,
// if you use Java, you can use the decode method of the java.net.URLDecoder
// utility class in the Java SDK. Other languages and SDKs provide similar
// functionality. An IAM group can also have managed policies attached to it. To
// retrieve a managed policy document that is attached to a group, use GetPolicy
// to determine the policy's default version, then use GetPolicyVersion to
// retrieve the policy document. For more information about policies, see Managed
// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) GetGroupPolicy(ctx context.Context, params *GetGroupPolicyInput, optFns ...func(*Options)) (*GetGroupPolicyOutput, error) {
if params == nil {
params = &GetGroupPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetGroupPolicy", params, optFns, c.addOperationGetGroupPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetGroupPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetGroupPolicyInput struct {
// The name of the group the policy is associated with. This parameter allows
// (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string of
// characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
GroupName *string
// The name of the policy document to get. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of upper and lowercase alphanumeric characters with no spaces. You
// can also include any of the following characters: _+=,.@-
//
// This member is required.
PolicyName *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetGroupPolicy request.
type GetGroupPolicyOutput struct {
// The group the policy is associated with.
//
// This member is required.
GroupName *string
// The policy document. IAM stores policies in JSON format. However, resources
// that were created using CloudFormation templates can be formatted in YAML.
// CloudFormation always converts a YAML policy to JSON format before submitting it
// to IAM.
//
// This member is required.
PolicyDocument *string
// The name of the policy.
//
// This member is required.
PolicyName *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetGroupPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetGroupPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetGroupPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetGroupPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetGroupPolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetGroupPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetGroupPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetGroupPolicy",
}
}

325
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetInstanceProfile.go generated vendored Normal file
View File

@ -0,0 +1,325 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"errors"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithytime "github.com/aws/smithy-go/time"
smithyhttp "github.com/aws/smithy-go/transport/http"
smithywaiter "github.com/aws/smithy-go/waiter"
"time"
)
// Retrieves information about the specified instance profile, including the
// instance profile's path, GUID, ARN, and role. For more information about
// instance profiles, see Using instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html)
// in the IAM User Guide.
func (c *Client) GetInstanceProfile(ctx context.Context, params *GetInstanceProfileInput, optFns ...func(*Options)) (*GetInstanceProfileOutput, error) {
if params == nil {
params = &GetInstanceProfileInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetInstanceProfile", params, optFns, c.addOperationGetInstanceProfileMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetInstanceProfileOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetInstanceProfileInput struct {
// The name of the instance profile to get information about. This parameter
// allows (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string
// of characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
InstanceProfileName *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetInstanceProfile request.
type GetInstanceProfileOutput struct {
// A structure containing details about the instance profile.
//
// This member is required.
InstanceProfile *types.InstanceProfile
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetInstanceProfileMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetInstanceProfile{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetInstanceProfile{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetInstanceProfile"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetInstanceProfileValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetInstanceProfile(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
// GetInstanceProfileAPIClient is a client that implements the GetInstanceProfile
// operation.
type GetInstanceProfileAPIClient interface {
GetInstanceProfile(context.Context, *GetInstanceProfileInput, ...func(*Options)) (*GetInstanceProfileOutput, error)
}
var _ GetInstanceProfileAPIClient = (*Client)(nil)
// InstanceProfileExistsWaiterOptions are waiter options for
// InstanceProfileExistsWaiter
type InstanceProfileExistsWaiterOptions struct {
// Set of options to modify how an operation is invoked. These apply to all
// operations invoked for this client. Use functional options on operation call to
// modify this list for per operation behavior.
//
// Passing options here is functionally equivalent to passing values to this
// config's ClientOptions field that extend the inner client's APIOptions directly.
APIOptions []func(*middleware.Stack) error
// Functional options to be passed to all operations invoked by this client.
//
// Function values that modify the inner APIOptions are applied after the waiter
// config's own APIOptions modifiers.
ClientOptions []func(*Options)
// MinDelay is the minimum amount of time to delay between retries. If unset,
// InstanceProfileExistsWaiter will use default minimum delay of 1 seconds. Note
// that MinDelay must resolve to a value lesser than or equal to the MaxDelay.
MinDelay time.Duration
// MaxDelay is the maximum amount of time to delay between retries. If unset or
// set to zero, InstanceProfileExistsWaiter will use default max delay of 120
// seconds. Note that MaxDelay must resolve to value greater than or equal to the
// MinDelay.
MaxDelay time.Duration
// LogWaitAttempts is used to enable logging for waiter retry attempts
LogWaitAttempts bool
// Retryable is function that can be used to override the service defined
// waiter-behavior based on operation output, or returned error. This function is
// used by the waiter to decide if a state is retryable or a terminal state. By
// default service-modeled logic will populate this option. This option can thus be
// used to define a custom waiter state with fall-back to service-modeled waiter
// state mutators.The function returns an error in case of a failure state. In case
// of retry state, this function returns a bool value of true and nil error, while
// in case of success it returns a bool value of false and nil error.
Retryable func(context.Context, *GetInstanceProfileInput, *GetInstanceProfileOutput, error) (bool, error)
}
// InstanceProfileExistsWaiter defines the waiters for InstanceProfileExists
type InstanceProfileExistsWaiter struct {
client GetInstanceProfileAPIClient
options InstanceProfileExistsWaiterOptions
}
// NewInstanceProfileExistsWaiter constructs a InstanceProfileExistsWaiter.
func NewInstanceProfileExistsWaiter(client GetInstanceProfileAPIClient, optFns ...func(*InstanceProfileExistsWaiterOptions)) *InstanceProfileExistsWaiter {
options := InstanceProfileExistsWaiterOptions{}
options.MinDelay = 1 * time.Second
options.MaxDelay = 120 * time.Second
options.Retryable = instanceProfileExistsStateRetryable
for _, fn := range optFns {
fn(&options)
}
return &InstanceProfileExistsWaiter{
client: client,
options: options,
}
}
// Wait calls the waiter function for InstanceProfileExists waiter. The maxWaitDur
// is the maximum wait duration the waiter will wait. The maxWaitDur is required
// and must be greater than zero.
func (w *InstanceProfileExistsWaiter) Wait(ctx context.Context, params *GetInstanceProfileInput, maxWaitDur time.Duration, optFns ...func(*InstanceProfileExistsWaiterOptions)) error {
_, err := w.WaitForOutput(ctx, params, maxWaitDur, optFns...)
return err
}
// WaitForOutput calls the waiter function for InstanceProfileExists waiter and
// returns the output of the successful operation. The maxWaitDur is the maximum
// wait duration the waiter will wait. The maxWaitDur is required and must be
// greater than zero.
func (w *InstanceProfileExistsWaiter) WaitForOutput(ctx context.Context, params *GetInstanceProfileInput, maxWaitDur time.Duration, optFns ...func(*InstanceProfileExistsWaiterOptions)) (*GetInstanceProfileOutput, error) {
if maxWaitDur <= 0 {
return nil, fmt.Errorf("maximum wait time for waiter must be greater than zero")
}
options := w.options
for _, fn := range optFns {
fn(&options)
}
if options.MaxDelay <= 0 {
options.MaxDelay = 120 * time.Second
}
if options.MinDelay > options.MaxDelay {
return nil, fmt.Errorf("minimum waiter delay %v must be lesser than or equal to maximum waiter delay of %v.", options.MinDelay, options.MaxDelay)
}
ctx, cancelFn := context.WithTimeout(ctx, maxWaitDur)
defer cancelFn()
logger := smithywaiter.Logger{}
remainingTime := maxWaitDur
var attempt int64
for {
attempt++
apiOptions := options.APIOptions
start := time.Now()
if options.LogWaitAttempts {
logger.Attempt = attempt
apiOptions = append([]func(*middleware.Stack) error{}, options.APIOptions...)
apiOptions = append(apiOptions, logger.AddLogger)
}
out, err := w.client.GetInstanceProfile(ctx, params, func(o *Options) {
o.APIOptions = append(o.APIOptions, apiOptions...)
for _, opt := range options.ClientOptions {
opt(o)
}
})
retryable, err := options.Retryable(ctx, params, out, err)
if err != nil {
return nil, err
}
if !retryable {
return out, nil
}
remainingTime -= time.Since(start)
if remainingTime < options.MinDelay || remainingTime <= 0 {
break
}
// compute exponential backoff between waiter retries
delay, err := smithywaiter.ComputeDelay(
attempt, options.MinDelay, options.MaxDelay, remainingTime,
)
if err != nil {
return nil, fmt.Errorf("error computing waiter delay, %w", err)
}
remainingTime -= delay
// sleep for the delay amount before invoking a request
if err := smithytime.SleepWithContext(ctx, delay); err != nil {
return nil, fmt.Errorf("request cancelled while waiting, %w", err)
}
}
return nil, fmt.Errorf("exceeded max wait time for InstanceProfileExists waiter")
}
func instanceProfileExistsStateRetryable(ctx context.Context, input *GetInstanceProfileInput, output *GetInstanceProfileOutput, err error) (bool, error) {
if err == nil {
return false, nil
}
if err != nil {
var errorType *types.NoSuchEntityException
if errors.As(err, &errorType) {
return true, nil
}
}
return true, nil
}
func newServiceMetadataMiddleware_opGetInstanceProfile(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetInstanceProfile",
}
}

151
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetLoginProfile.go generated vendored Normal file
View File

@ -0,0 +1,151 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Retrieves the user name for the specified IAM user. A login profile is created
// when you create a password for the user to access the Amazon Web Services
// Management Console. If the user does not exist or does not have a password, the
// operation returns a 404 ( NoSuchEntity ) error. If you create an IAM user with
// access to the console, the CreateDate reflects the date you created the initial
// password for the user. If you create an IAM user with programmatic access, and
// then later add a password for the user to access the Amazon Web Services
// Management Console, the CreateDate reflects the initial password creation date.
// A user with programmatic access does not have a login profile unless you create
// a password for the user to access the Amazon Web Services Management Console.
func (c *Client) GetLoginProfile(ctx context.Context, params *GetLoginProfileInput, optFns ...func(*Options)) (*GetLoginProfileOutput, error) {
if params == nil {
params = &GetLoginProfileInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetLoginProfile", params, optFns, c.addOperationGetLoginProfileMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetLoginProfileOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetLoginProfileInput struct {
// The name of the user whose login profile you want to retrieve. This parameter
// allows (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string
// of characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetLoginProfile request.
type GetLoginProfileOutput struct {
// A structure containing the user name and the profile creation date for the user.
//
// This member is required.
LoginProfile *types.LoginProfile
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetLoginProfileMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetLoginProfile{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetLoginProfile{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetLoginProfile"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetLoginProfileValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetLoginProfile(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetLoginProfile(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetLoginProfile",
}
}

156
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetMFADevice.go generated vendored Normal file
View File

@ -0,0 +1,156 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
"time"
)
// Retrieves information about an MFA device for a specified user.
func (c *Client) GetMFADevice(ctx context.Context, params *GetMFADeviceInput, optFns ...func(*Options)) (*GetMFADeviceOutput, error) {
if params == nil {
params = &GetMFADeviceInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetMFADevice", params, optFns, c.addOperationGetMFADeviceMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetMFADeviceOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetMFADeviceInput struct {
// Serial number that uniquely identifies the MFA device. For this API, we only
// accept FIDO security key ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html)
// .
//
// This member is required.
SerialNumber *string
// The friendly name identifying the user.
UserName *string
noSmithyDocumentSerde
}
type GetMFADeviceOutput struct {
// Serial number that uniquely identifies the MFA device. For this API, we only
// accept FIDO security key ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html)
// .
//
// This member is required.
SerialNumber *string
// The certifications of a specified user's MFA device. We currently provide
// FIPS-140-2, FIPS-140-3, and FIDO certification levels obtained from FIDO
// Alliance Metadata Service (MDS) (https://fidoalliance.org/metadata/) .
Certifications map[string]string
// The date that a specified user's MFA device was first enabled.
EnableDate *time.Time
// The friendly name identifying the user.
UserName *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetMFADeviceMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetMFADevice{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetMFADevice{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetMFADevice"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetMFADeviceValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetMFADevice(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetMFADevice(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetMFADevice",
}
}

164
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetOpenIDConnectProvider.go generated vendored Normal file
View File

@ -0,0 +1,164 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
"time"
)
// Returns information about the specified OpenID Connect (OIDC) provider resource
// object in IAM.
func (c *Client) GetOpenIDConnectProvider(ctx context.Context, params *GetOpenIDConnectProviderInput, optFns ...func(*Options)) (*GetOpenIDConnectProviderOutput, error) {
if params == nil {
params = &GetOpenIDConnectProviderInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetOpenIDConnectProvider", params, optFns, c.addOperationGetOpenIDConnectProviderMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetOpenIDConnectProviderOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetOpenIDConnectProviderInput struct {
// The Amazon Resource Name (ARN) of the OIDC provider resource object in IAM to
// get information for. You can get a list of OIDC provider resource ARNs by using
// the ListOpenIDConnectProviders operation. For more information about ARNs, see
// Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
OpenIDConnectProviderArn *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetOpenIDConnectProvider request.
type GetOpenIDConnectProviderOutput struct {
// A list of client IDs (also known as audiences) that are associated with the
// specified IAM OIDC provider resource object. For more information, see
// CreateOpenIDConnectProvider .
ClientIDList []string
// The date and time when the IAM OIDC provider resource object was created in the
// Amazon Web Services account.
CreateDate *time.Time
// A list of tags that are attached to the specified IAM OIDC provider. The
// returned list of tags is sorted by tag key. For more information about tagging,
// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide.
Tags []types.Tag
// A list of certificate thumbprints that are associated with the specified IAM
// OIDC provider resource object. For more information, see
// CreateOpenIDConnectProvider .
ThumbprintList []string
// The URL that the IAM OIDC provider resource object is associated with. For more
// information, see CreateOpenIDConnectProvider .
Url *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetOpenIDConnectProviderMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetOpenIDConnectProvider{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetOpenIDConnectProvider{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetOpenIDConnectProvider"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetOpenIDConnectProviderValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetOpenIDConnectProvider(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetOpenIDConnectProvider(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetOpenIDConnectProvider",
}
}

215
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetOrganizationsAccessReport.go generated vendored Normal file
View File

@ -0,0 +1,215 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
"time"
)
// Retrieves the service last accessed data report for Organizations that was
// previously generated using the GenerateOrganizationsAccessReport operation.
// This operation retrieves the status of your report job and the report contents.
// Depending on the parameters that you passed when you generated the report, the
// data returned could include different information. For details, see
// GenerateOrganizationsAccessReport . To call this operation, you must be signed
// in to the management account in your organization. SCPs must be enabled for your
// organization root. You must have permissions to perform this operation. For more
// information, see Refining permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
// in the IAM User Guide. For each service that principals in an account (root
// user, IAM users, or IAM roles) could access using SCPs, the operation returns
// details about the most recent access attempt. If there was no attempt, the
// service is listed without details about the most recent attempt to access the
// service. If the operation fails, it returns the reason that it failed. By
// default, the list is sorted by service namespace.
func (c *Client) GetOrganizationsAccessReport(ctx context.Context, params *GetOrganizationsAccessReportInput, optFns ...func(*Options)) (*GetOrganizationsAccessReportOutput, error) {
if params == nil {
params = &GetOrganizationsAccessReportInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetOrganizationsAccessReport", params, optFns, c.addOperationGetOrganizationsAccessReportMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetOrganizationsAccessReportOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetOrganizationsAccessReportInput struct {
// The identifier of the request generated by the GenerateOrganizationsAccessReport
// operation.
//
// This member is required.
JobId *string
// Use this parameter only when paginating results and only after you receive a
// response indicating that the results are truncated. Set it to the value of the
// Marker element in the response that you received to indicate where the next call
// should start.
Marker *string
// Use this only when paginating results to indicate the maximum number of items
// you want in the response. If additional items exist beyond the maximum you
// specify, the IsTruncated response element is true . If you do not include this
// parameter, the number of items defaults to 100. Note that IAM might return fewer
// results, even when there are more results available. In that case, the
// IsTruncated response element returns true , and Marker contains a value to
// include in the subsequent call that tells the service where to continue from.
MaxItems *int32
// The key that is used to sort the results. If you choose the namespace key, the
// results are returned in alphabetical order. If you choose the time key, the
// results are sorted numerically by the date and time.
SortKey types.SortKeyType
noSmithyDocumentSerde
}
type GetOrganizationsAccessReportOutput struct {
// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
// , when the report job was created.
//
// This member is required.
JobCreationDate *time.Time
// The status of the job.
//
// This member is required.
JobStatus types.JobStatusType
// An object that contains details about the most recent attempt to access the
// service.
AccessDetails []types.AccessDetail
// Contains information about the reason that the operation failed. This data type
// is used as a response element in the GetOrganizationsAccessReport ,
// GetServiceLastAccessedDetails , and GetServiceLastAccessedDetailsWithEntities
// operations.
ErrorDetails *types.ErrorDetails
// A flag that indicates whether there are more items to return. If your results
// were truncated, you can make a subsequent pagination request using the Marker
// request parameter to retrieve more items. Note that IAM might return fewer than
// the MaxItems number of results even when there are more results available. We
// recommend that you check IsTruncated after every call to ensure that you
// receive all your results.
IsTruncated bool
// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
// , when the generated report job was completed or failed. This field is null if
// the job is still in progress, as indicated by a job status value of IN_PROGRESS .
JobCompletionDate *time.Time
// When IsTruncated is true , this element is present and contains the value to use
// for the Marker parameter in a subsequent pagination request.
Marker *string
// The number of services that the applicable SCPs allow account principals to
// access.
NumberOfServicesAccessible *int32
// The number of services that account principals are allowed but did not attempt
// to access.
NumberOfServicesNotAccessed *int32
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetOrganizationsAccessReportMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetOrganizationsAccessReport{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetOrganizationsAccessReport{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetOrganizationsAccessReport"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetOrganizationsAccessReportValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetOrganizationsAccessReport(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetOrganizationsAccessReport(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetOrganizationsAccessReport",
}
}

331
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetPolicy.go generated vendored Normal file
View File

@ -0,0 +1,331 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"errors"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
smithy "github.com/aws/smithy-go"
"github.com/aws/smithy-go/middleware"
smithytime "github.com/aws/smithy-go/time"
smithyhttp "github.com/aws/smithy-go/transport/http"
smithywaiter "github.com/aws/smithy-go/waiter"
"time"
)
// Retrieves information about the specified managed policy, including the
// policy's default version and the total number of IAM users, groups, and roles to
// which the policy is attached. To retrieve the list of the specific users,
// groups, and roles that the policy is attached to, use ListEntitiesForPolicy .
// This operation returns metadata about the policy. To retrieve the actual policy
// document for a specific version of the policy, use GetPolicyVersion . This
// operation retrieves information about managed policies. To retrieve information
// about an inline policy that is embedded with an IAM user, group, or role, use
// GetUserPolicy , GetGroupPolicy , or GetRolePolicy . For more information about
// policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide.
func (c *Client) GetPolicy(ctx context.Context, params *GetPolicyInput, optFns ...func(*Options)) (*GetPolicyOutput, error) {
if params == nil {
params = &GetPolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetPolicy", params, optFns, c.addOperationGetPolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetPolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetPolicyInput struct {
// The Amazon Resource Name (ARN) of the managed policy that you want information
// about. For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetPolicy request.
type GetPolicyOutput struct {
// A structure containing details about the policy.
Policy *types.Policy
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetPolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetPolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetPolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetPolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetPolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
// GetPolicyAPIClient is a client that implements the GetPolicy operation.
type GetPolicyAPIClient interface {
GetPolicy(context.Context, *GetPolicyInput, ...func(*Options)) (*GetPolicyOutput, error)
}
var _ GetPolicyAPIClient = (*Client)(nil)
// PolicyExistsWaiterOptions are waiter options for PolicyExistsWaiter
type PolicyExistsWaiterOptions struct {
// Set of options to modify how an operation is invoked. These apply to all
// operations invoked for this client. Use functional options on operation call to
// modify this list for per operation behavior.
//
// Passing options here is functionally equivalent to passing values to this
// config's ClientOptions field that extend the inner client's APIOptions directly.
APIOptions []func(*middleware.Stack) error
// Functional options to be passed to all operations invoked by this client.
//
// Function values that modify the inner APIOptions are applied after the waiter
// config's own APIOptions modifiers.
ClientOptions []func(*Options)
// MinDelay is the minimum amount of time to delay between retries. If unset,
// PolicyExistsWaiter will use default minimum delay of 1 seconds. Note that
// MinDelay must resolve to a value lesser than or equal to the MaxDelay.
MinDelay time.Duration
// MaxDelay is the maximum amount of time to delay between retries. If unset or
// set to zero, PolicyExistsWaiter will use default max delay of 120 seconds. Note
// that MaxDelay must resolve to value greater than or equal to the MinDelay.
MaxDelay time.Duration
// LogWaitAttempts is used to enable logging for waiter retry attempts
LogWaitAttempts bool
// Retryable is function that can be used to override the service defined
// waiter-behavior based on operation output, or returned error. This function is
// used by the waiter to decide if a state is retryable or a terminal state. By
// default service-modeled logic will populate this option. This option can thus be
// used to define a custom waiter state with fall-back to service-modeled waiter
// state mutators.The function returns an error in case of a failure state. In case
// of retry state, this function returns a bool value of true and nil error, while
// in case of success it returns a bool value of false and nil error.
Retryable func(context.Context, *GetPolicyInput, *GetPolicyOutput, error) (bool, error)
}
// PolicyExistsWaiter defines the waiters for PolicyExists
type PolicyExistsWaiter struct {
client GetPolicyAPIClient
options PolicyExistsWaiterOptions
}
// NewPolicyExistsWaiter constructs a PolicyExistsWaiter.
func NewPolicyExistsWaiter(client GetPolicyAPIClient, optFns ...func(*PolicyExistsWaiterOptions)) *PolicyExistsWaiter {
options := PolicyExistsWaiterOptions{}
options.MinDelay = 1 * time.Second
options.MaxDelay = 120 * time.Second
options.Retryable = policyExistsStateRetryable
for _, fn := range optFns {
fn(&options)
}
return &PolicyExistsWaiter{
client: client,
options: options,
}
}
// Wait calls the waiter function for PolicyExists waiter. The maxWaitDur is the
// maximum wait duration the waiter will wait. The maxWaitDur is required and must
// be greater than zero.
func (w *PolicyExistsWaiter) Wait(ctx context.Context, params *GetPolicyInput, maxWaitDur time.Duration, optFns ...func(*PolicyExistsWaiterOptions)) error {
_, err := w.WaitForOutput(ctx, params, maxWaitDur, optFns...)
return err
}
// WaitForOutput calls the waiter function for PolicyExists waiter and returns the
// output of the successful operation. The maxWaitDur is the maximum wait duration
// the waiter will wait. The maxWaitDur is required and must be greater than zero.
func (w *PolicyExistsWaiter) WaitForOutput(ctx context.Context, params *GetPolicyInput, maxWaitDur time.Duration, optFns ...func(*PolicyExistsWaiterOptions)) (*GetPolicyOutput, error) {
if maxWaitDur <= 0 {
return nil, fmt.Errorf("maximum wait time for waiter must be greater than zero")
}
options := w.options
for _, fn := range optFns {
fn(&options)
}
if options.MaxDelay <= 0 {
options.MaxDelay = 120 * time.Second
}
if options.MinDelay > options.MaxDelay {
return nil, fmt.Errorf("minimum waiter delay %v must be lesser than or equal to maximum waiter delay of %v.", options.MinDelay, options.MaxDelay)
}
ctx, cancelFn := context.WithTimeout(ctx, maxWaitDur)
defer cancelFn()
logger := smithywaiter.Logger{}
remainingTime := maxWaitDur
var attempt int64
for {
attempt++
apiOptions := options.APIOptions
start := time.Now()
if options.LogWaitAttempts {
logger.Attempt = attempt
apiOptions = append([]func(*middleware.Stack) error{}, options.APIOptions...)
apiOptions = append(apiOptions, logger.AddLogger)
}
out, err := w.client.GetPolicy(ctx, params, func(o *Options) {
o.APIOptions = append(o.APIOptions, apiOptions...)
for _, opt := range options.ClientOptions {
opt(o)
}
})
retryable, err := options.Retryable(ctx, params, out, err)
if err != nil {
return nil, err
}
if !retryable {
return out, nil
}
remainingTime -= time.Since(start)
if remainingTime < options.MinDelay || remainingTime <= 0 {
break
}
// compute exponential backoff between waiter retries
delay, err := smithywaiter.ComputeDelay(
attempt, options.MinDelay, options.MaxDelay, remainingTime,
)
if err != nil {
return nil, fmt.Errorf("error computing waiter delay, %w", err)
}
remainingTime -= delay
// sleep for the delay amount before invoking a request
if err := smithytime.SleepWithContext(ctx, delay); err != nil {
return nil, fmt.Errorf("request cancelled while waiting, %w", err)
}
}
return nil, fmt.Errorf("exceeded max wait time for PolicyExists waiter")
}
func policyExistsStateRetryable(ctx context.Context, input *GetPolicyInput, output *GetPolicyOutput, err error) (bool, error) {
if err == nil {
return false, nil
}
if err != nil {
var apiErr smithy.APIError
ok := errors.As(err, &apiErr)
if !ok {
return false, fmt.Errorf("expected err to be of type smithy.APIError, got %w", err)
}
if "NoSuchEntity" == apiErr.ErrorCode() {
return true, nil
}
}
return true, nil
}
func newServiceMetadataMiddleware_opGetPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetPolicy",
}
}

161
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetPolicyVersion.go generated vendored Normal file
View File

@ -0,0 +1,161 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Retrieves information about the specified version of the specified managed
// policy, including the policy document. Policies returned by this operation are
// URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986) . You
// can use a URL decoding method to convert the policy back to plain JSON text. For
// example, if you use Java, you can use the decode method of the
// java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs
// provide similar functionality. To list the available versions for a policy, use
// ListPolicyVersions . This operation retrieves information about managed
// policies. To retrieve information about an inline policy that is embedded in a
// user, group, or role, use GetUserPolicy , GetGroupPolicy , or GetRolePolicy .
// For more information about the types of policies, see Managed policies and
// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide. For more information about managed policy versions, see
// Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
// in the IAM User Guide.
func (c *Client) GetPolicyVersion(ctx context.Context, params *GetPolicyVersionInput, optFns ...func(*Options)) (*GetPolicyVersionOutput, error) {
if params == nil {
params = &GetPolicyVersionInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetPolicyVersion", params, optFns, c.addOperationGetPolicyVersionMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetPolicyVersionOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetPolicyVersionInput struct {
// The Amazon Resource Name (ARN) of the managed policy that you want information
// about. For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
PolicyArn *string
// Identifies the policy version to retrieve. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters that
// consists of the lowercase letter 'v' followed by one or two digits, and
// optionally followed by a period '.' and a string of letters and digits.
//
// This member is required.
VersionId *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetPolicyVersion request.
type GetPolicyVersionOutput struct {
// A structure containing details about the policy version.
PolicyVersion *types.PolicyVersion
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetPolicyVersionMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetPolicyVersion{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetPolicyVersion{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetPolicyVersion"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetPolicyVersionValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetPolicyVersion(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetPolicyVersion(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetPolicyVersion",
}
}

332
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetRole.go generated vendored Normal file
View File

@ -0,0 +1,332 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"errors"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
smithy "github.com/aws/smithy-go"
"github.com/aws/smithy-go/middleware"
smithytime "github.com/aws/smithy-go/time"
smithyhttp "github.com/aws/smithy-go/transport/http"
smithywaiter "github.com/aws/smithy-go/waiter"
"time"
)
// Retrieves information about the specified role, including the role's path,
// GUID, ARN, and the role's trust policy that grants permission to assume the
// role. For more information about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)
// in the IAM User Guide. Policies returned by this operation are URL-encoded
// compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986) . You can use a
// URL decoding method to convert the policy back to plain JSON text. For example,
// if you use Java, you can use the decode method of the java.net.URLDecoder
// utility class in the Java SDK. Other languages and SDKs provide similar
// functionality.
func (c *Client) GetRole(ctx context.Context, params *GetRoleInput, optFns ...func(*Options)) (*GetRoleOutput, error) {
if params == nil {
params = &GetRoleInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetRole", params, optFns, c.addOperationGetRoleMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetRoleOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetRoleInput struct {
// The name of the IAM role to get information about. This parameter allows
// (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string of
// characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
RoleName *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetRole request.
type GetRoleOutput struct {
// A structure containing details about the IAM role.
//
// This member is required.
Role *types.Role
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetRoleMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetRole{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetRole{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetRole"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetRoleValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetRole(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
// GetRoleAPIClient is a client that implements the GetRole operation.
type GetRoleAPIClient interface {
GetRole(context.Context, *GetRoleInput, ...func(*Options)) (*GetRoleOutput, error)
}
var _ GetRoleAPIClient = (*Client)(nil)
// RoleExistsWaiterOptions are waiter options for RoleExistsWaiter
type RoleExistsWaiterOptions struct {
// Set of options to modify how an operation is invoked. These apply to all
// operations invoked for this client. Use functional options on operation call to
// modify this list for per operation behavior.
//
// Passing options here is functionally equivalent to passing values to this
// config's ClientOptions field that extend the inner client's APIOptions directly.
APIOptions []func(*middleware.Stack) error
// Functional options to be passed to all operations invoked by this client.
//
// Function values that modify the inner APIOptions are applied after the waiter
// config's own APIOptions modifiers.
ClientOptions []func(*Options)
// MinDelay is the minimum amount of time to delay between retries. If unset,
// RoleExistsWaiter will use default minimum delay of 1 seconds. Note that MinDelay
// must resolve to a value lesser than or equal to the MaxDelay.
MinDelay time.Duration
// MaxDelay is the maximum amount of time to delay between retries. If unset or
// set to zero, RoleExistsWaiter will use default max delay of 120 seconds. Note
// that MaxDelay must resolve to value greater than or equal to the MinDelay.
MaxDelay time.Duration
// LogWaitAttempts is used to enable logging for waiter retry attempts
LogWaitAttempts bool
// Retryable is function that can be used to override the service defined
// waiter-behavior based on operation output, or returned error. This function is
// used by the waiter to decide if a state is retryable or a terminal state. By
// default service-modeled logic will populate this option. This option can thus be
// used to define a custom waiter state with fall-back to service-modeled waiter
// state mutators.The function returns an error in case of a failure state. In case
// of retry state, this function returns a bool value of true and nil error, while
// in case of success it returns a bool value of false and nil error.
Retryable func(context.Context, *GetRoleInput, *GetRoleOutput, error) (bool, error)
}
// RoleExistsWaiter defines the waiters for RoleExists
type RoleExistsWaiter struct {
client GetRoleAPIClient
options RoleExistsWaiterOptions
}
// NewRoleExistsWaiter constructs a RoleExistsWaiter.
func NewRoleExistsWaiter(client GetRoleAPIClient, optFns ...func(*RoleExistsWaiterOptions)) *RoleExistsWaiter {
options := RoleExistsWaiterOptions{}
options.MinDelay = 1 * time.Second
options.MaxDelay = 120 * time.Second
options.Retryable = roleExistsStateRetryable
for _, fn := range optFns {
fn(&options)
}
return &RoleExistsWaiter{
client: client,
options: options,
}
}
// Wait calls the waiter function for RoleExists waiter. The maxWaitDur is the
// maximum wait duration the waiter will wait. The maxWaitDur is required and must
// be greater than zero.
func (w *RoleExistsWaiter) Wait(ctx context.Context, params *GetRoleInput, maxWaitDur time.Duration, optFns ...func(*RoleExistsWaiterOptions)) error {
_, err := w.WaitForOutput(ctx, params, maxWaitDur, optFns...)
return err
}
// WaitForOutput calls the waiter function for RoleExists waiter and returns the
// output of the successful operation. The maxWaitDur is the maximum wait duration
// the waiter will wait. The maxWaitDur is required and must be greater than zero.
func (w *RoleExistsWaiter) WaitForOutput(ctx context.Context, params *GetRoleInput, maxWaitDur time.Duration, optFns ...func(*RoleExistsWaiterOptions)) (*GetRoleOutput, error) {
if maxWaitDur <= 0 {
return nil, fmt.Errorf("maximum wait time for waiter must be greater than zero")
}
options := w.options
for _, fn := range optFns {
fn(&options)
}
if options.MaxDelay <= 0 {
options.MaxDelay = 120 * time.Second
}
if options.MinDelay > options.MaxDelay {
return nil, fmt.Errorf("minimum waiter delay %v must be lesser than or equal to maximum waiter delay of %v.", options.MinDelay, options.MaxDelay)
}
ctx, cancelFn := context.WithTimeout(ctx, maxWaitDur)
defer cancelFn()
logger := smithywaiter.Logger{}
remainingTime := maxWaitDur
var attempt int64
for {
attempt++
apiOptions := options.APIOptions
start := time.Now()
if options.LogWaitAttempts {
logger.Attempt = attempt
apiOptions = append([]func(*middleware.Stack) error{}, options.APIOptions...)
apiOptions = append(apiOptions, logger.AddLogger)
}
out, err := w.client.GetRole(ctx, params, func(o *Options) {
o.APIOptions = append(o.APIOptions, apiOptions...)
for _, opt := range options.ClientOptions {
opt(o)
}
})
retryable, err := options.Retryable(ctx, params, out, err)
if err != nil {
return nil, err
}
if !retryable {
return out, nil
}
remainingTime -= time.Since(start)
if remainingTime < options.MinDelay || remainingTime <= 0 {
break
}
// compute exponential backoff between waiter retries
delay, err := smithywaiter.ComputeDelay(
attempt, options.MinDelay, options.MaxDelay, remainingTime,
)
if err != nil {
return nil, fmt.Errorf("error computing waiter delay, %w", err)
}
remainingTime -= delay
// sleep for the delay amount before invoking a request
if err := smithytime.SleepWithContext(ctx, delay); err != nil {
return nil, fmt.Errorf("request cancelled while waiting, %w", err)
}
}
return nil, fmt.Errorf("exceeded max wait time for RoleExists waiter")
}
func roleExistsStateRetryable(ctx context.Context, input *GetRoleInput, output *GetRoleOutput, err error) (bool, error) {
if err == nil {
return false, nil
}
if err != nil {
var apiErr smithy.APIError
ok := errors.As(err, &apiErr)
if !ok {
return false, fmt.Errorf("expected err to be of type smithy.APIError, got %w", err)
}
if "NoSuchEntity" == apiErr.ErrorCode() {
return true, nil
}
}
return true, nil
}
func newServiceMetadataMiddleware_opGetRole(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetRole",
}
}

174
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetRolePolicy.go generated vendored Normal file
View File

@ -0,0 +1,174 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Retrieves the specified inline policy document that is embedded with the
// specified IAM role. Policies returned by this operation are URL-encoded
// compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986) . You can use a
// URL decoding method to convert the policy back to plain JSON text. For example,
// if you use Java, you can use the decode method of the java.net.URLDecoder
// utility class in the Java SDK. Other languages and SDKs provide similar
// functionality. An IAM role can also have managed policies attached to it. To
// retrieve a managed policy document that is attached to a role, use GetPolicy to
// determine the policy's default version, then use GetPolicyVersion to retrieve
// the policy document. For more information about policies, see Managed policies
// and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
// in the IAM User Guide. For more information about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)
// in the IAM User Guide.
func (c *Client) GetRolePolicy(ctx context.Context, params *GetRolePolicyInput, optFns ...func(*Options)) (*GetRolePolicyOutput, error) {
if params == nil {
params = &GetRolePolicyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetRolePolicy", params, optFns, c.addOperationGetRolePolicyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetRolePolicyOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetRolePolicyInput struct {
// The name of the policy document to get. This parameter allows (through its
// regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of upper and lowercase alphanumeric characters with no spaces. You
// can also include any of the following characters: _+=,.@-
//
// This member is required.
PolicyName *string
// The name of the role associated with the policy. This parameter allows (through
// its regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// consisting of upper and lowercase alphanumeric characters with no spaces. You
// can also include any of the following characters: _+=,.@-
//
// This member is required.
RoleName *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetRolePolicy request.
type GetRolePolicyOutput struct {
// The policy document. IAM stores policies in JSON format. However, resources
// that were created using CloudFormation templates can be formatted in YAML.
// CloudFormation always converts a YAML policy to JSON format before submitting it
// to IAM.
//
// This member is required.
PolicyDocument *string
// The name of the policy.
//
// This member is required.
PolicyName *string
// The role the policy is associated with.
//
// This member is required.
RoleName *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetRolePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetRolePolicy{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetRolePolicy{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetRolePolicy"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetRolePolicyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetRolePolicy(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetRolePolicy(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetRolePolicy",
}
}

156
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetSAMLProvider.go generated vendored Normal file
View File

@ -0,0 +1,156 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
"time"
)
// Returns the SAML provider metadocument that was uploaded when the IAM SAML
// provider resource object was created or updated. This operation requires
// Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html)
// .
func (c *Client) GetSAMLProvider(ctx context.Context, params *GetSAMLProviderInput, optFns ...func(*Options)) (*GetSAMLProviderOutput, error) {
if params == nil {
params = &GetSAMLProviderInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetSAMLProvider", params, optFns, c.addOperationGetSAMLProviderMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetSAMLProviderOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetSAMLProviderInput struct {
// The Amazon Resource Name (ARN) of the SAML provider resource object in IAM to
// get information about. For more information about ARNs, see Amazon Resource
// Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the Amazon Web Services General Reference.
//
// This member is required.
SAMLProviderArn *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetSAMLProvider request.
type GetSAMLProviderOutput struct {
// The date and time when the SAML provider was created.
CreateDate *time.Time
// The XML metadata document that includes information about an identity provider.
SAMLMetadataDocument *string
// A list of tags that are attached to the specified IAM SAML provider. The
// returned list of tags is sorted by tag key. For more information about tagging,
// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide.
Tags []types.Tag
// The expiration date and time for the SAML provider.
ValidUntil *time.Time
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetSAMLProviderMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetSAMLProvider{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetSAMLProvider{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetSAMLProvider"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetSAMLProviderValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetSAMLProvider(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetSAMLProvider(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetSAMLProvider",
}
}

159
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetSSHPublicKey.go generated vendored Normal file
View File

@ -0,0 +1,159 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Retrieves the specified SSH public key, including metadata about the key. The
// SSH public key retrieved by this operation is used only for authenticating the
// associated IAM user to an CodeCommit repository. For more information about
// using SSH keys to authenticate to an CodeCommit repository, see Set up
// CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
// in the CodeCommit User Guide.
func (c *Client) GetSSHPublicKey(ctx context.Context, params *GetSSHPublicKeyInput, optFns ...func(*Options)) (*GetSSHPublicKeyOutput, error) {
if params == nil {
params = &GetSSHPublicKeyInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetSSHPublicKey", params, optFns, c.addOperationGetSSHPublicKeyMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetSSHPublicKeyOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetSSHPublicKeyInput struct {
// Specifies the public key encoding format to use in the response. To retrieve
// the public key in ssh-rsa format, use SSH . To retrieve the public key in PEM
// format, use PEM .
//
// This member is required.
Encoding types.EncodingType
// The unique identifier for the SSH public key. This parameter allows (through
// its regex pattern (http://wikipedia.org/wiki/regex) ) a string of characters
// that can consist of any upper or lowercased letter or digit.
//
// This member is required.
SSHPublicKeyId *string
// The name of the IAM user associated with the SSH public key. This parameter
// allows (through its regex pattern (http://wikipedia.org/wiki/regex) ) a string
// of characters consisting of upper and lowercase alphanumeric characters with no
// spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
UserName *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetSSHPublicKey request.
type GetSSHPublicKeyOutput struct {
// A structure containing details about the SSH public key.
SSHPublicKey *types.SSHPublicKey
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetSSHPublicKeyMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetSSHPublicKey{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetSSHPublicKey{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetSSHPublicKey"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetSSHPublicKeyValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetSSHPublicKey(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetSSHPublicKey(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetSSHPublicKey",
}
}

146
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetServerCertificate.go generated vendored Normal file
View File

@ -0,0 +1,146 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Retrieves information about the specified server certificate stored in IAM. For
// more information about working with server certificates, see Working with
// server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
// in the IAM User Guide. This topic includes a list of Amazon Web Services
// services that can use the server certificates that you manage with IAM.
func (c *Client) GetServerCertificate(ctx context.Context, params *GetServerCertificateInput, optFns ...func(*Options)) (*GetServerCertificateOutput, error) {
if params == nil {
params = &GetServerCertificateInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetServerCertificate", params, optFns, c.addOperationGetServerCertificateMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetServerCertificateOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetServerCertificateInput struct {
// The name of the server certificate you want to retrieve information about. This
// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex) )
// a string of characters consisting of upper and lowercase alphanumeric characters
// with no spaces. You can also include any of the following characters: _+=,.@-
//
// This member is required.
ServerCertificateName *string
noSmithyDocumentSerde
}
// Contains the response to a successful GetServerCertificate request.
type GetServerCertificateOutput struct {
// A structure containing details about the server certificate.
//
// This member is required.
ServerCertificate *types.ServerCertificate
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetServerCertificateMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetServerCertificate{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetServerCertificate{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetServerCertificate"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetServerCertificateValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetServerCertificate(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetServerCertificate(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetServerCertificate",
}
}

229
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetServiceLastAccessedDetails.go generated vendored Normal file
View File

@ -0,0 +1,229 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
"time"
)
// Retrieves a service last accessed report that was created using the
// GenerateServiceLastAccessedDetails operation. You can use the JobId parameter
// in GetServiceLastAccessedDetails to retrieve the status of your report job.
// When the report is complete, you can retrieve the generated report. The report
// includes a list of Amazon Web Services services that the resource (user, group,
// role, or managed policy) can access. Service last accessed data does not use
// other policy types when determining whether a resource could access a service.
// These other policy types include resource-based policies, access control lists,
// Organizations policies, IAM permissions boundaries, and STS assume role
// policies. It only applies permissions policy logic. For more about the
// evaluation of policy types, see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
// in the IAM User Guide. For each service that the resource could access using
// permissions policies, the operation returns details about the most recent access
// attempt. If there was no attempt, the service is listed without details about
// the most recent attempt to access the service. If the operation fails, the
// GetServiceLastAccessedDetails operation returns the reason that it failed. The
// GetServiceLastAccessedDetails operation returns a list of services. This list
// includes the number of entities that have attempted to access the service and
// the date and time of the last attempt. It also returns the ARN of the following
// entity, depending on the resource ARN that you used to generate the report:
// - User Returns the user ARN that you used to generate the report
// - Group Returns the ARN of the group member (user) that last attempted to
// access the service
// - Role Returns the role ARN that you used to generate the report
// - Policy Returns the ARN of the user or role that last used the policy to
// attempt to access the service
//
// By default, the list is sorted by service namespace. If you specified
// ACTION_LEVEL granularity when you generated the report, this operation returns
// service and action last accessed data. This includes the most recent access
// attempt for each tracked action within a service. Otherwise, this operation
// returns only service data. For more information about service and action last
// accessed data, see Reducing permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
// in the IAM User Guide.
func (c *Client) GetServiceLastAccessedDetails(ctx context.Context, params *GetServiceLastAccessedDetailsInput, optFns ...func(*Options)) (*GetServiceLastAccessedDetailsOutput, error) {
if params == nil {
params = &GetServiceLastAccessedDetailsInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetServiceLastAccessedDetails", params, optFns, c.addOperationGetServiceLastAccessedDetailsMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetServiceLastAccessedDetailsOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetServiceLastAccessedDetailsInput struct {
// The ID of the request generated by the GenerateServiceLastAccessedDetails
// operation. The JobId returned by GenerateServiceLastAccessedDetail must be used
// by the same role within a session, or by the same user when used to call
// GetServiceLastAccessedDetail .
//
// This member is required.
JobId *string
// Use this parameter only when paginating results and only after you receive a
// response indicating that the results are truncated. Set it to the value of the
// Marker element in the response that you received to indicate where the next call
// should start.
Marker *string
// Use this only when paginating results to indicate the maximum number of items
// you want in the response. If additional items exist beyond the maximum you
// specify, the IsTruncated response element is true . If you do not include this
// parameter, the number of items defaults to 100. Note that IAM might return fewer
// results, even when there are more results available. In that case, the
// IsTruncated response element returns true , and Marker contains a value to
// include in the subsequent call that tells the service where to continue from.
MaxItems *int32
noSmithyDocumentSerde
}
type GetServiceLastAccessedDetailsOutput struct {
// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
// , when the generated report job was completed or failed. This field is null if
// the job is still in progress, as indicated by a job status value of IN_PROGRESS .
//
// This member is required.
JobCompletionDate *time.Time
// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
// , when the report job was created.
//
// This member is required.
JobCreationDate *time.Time
// The status of the job.
//
// This member is required.
JobStatus types.JobStatusType
// A ServiceLastAccessed object that contains details about the most recent
// attempt to access the service.
//
// This member is required.
ServicesLastAccessed []types.ServiceLastAccessed
// An object that contains details about the reason the operation failed.
Error *types.ErrorDetails
// A flag that indicates whether there are more items to return. If your results
// were truncated, you can make a subsequent pagination request using the Marker
// request parameter to retrieve more items. Note that IAM might return fewer than
// the MaxItems number of results even when there are more results available. We
// recommend that you check IsTruncated after every call to ensure that you
// receive all your results.
IsTruncated bool
// The type of job. Service jobs return information about when each service was
// last accessed. Action jobs also include information about when tracked actions
// within the service were last accessed.
JobType types.AccessAdvisorUsageGranularityType
// When IsTruncated is true , this element is present and contains the value to use
// for the Marker parameter in a subsequent pagination request.
Marker *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetServiceLastAccessedDetailsMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetServiceLastAccessedDetails{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetServiceLastAccessedDetails{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetServiceLastAccessedDetails"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetServiceLastAccessedDetailsValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetServiceLastAccessedDetails(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetServiceLastAccessedDetails(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetServiceLastAccessedDetails",
}
}

219
vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_GetServiceLastAccessedDetailsWithEntities.go generated vendored Normal file
View File

@ -0,0 +1,219 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package iam
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/service/iam/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
"time"
)
// After you generate a group or policy report using the
// GenerateServiceLastAccessedDetails operation, you can use the JobId parameter
// in GetServiceLastAccessedDetailsWithEntities . This operation retrieves the
// status of your report job and a list of entities that could have used group or
// policy permissions to access the specified service.
// - Group For a group report, this operation returns a list of users in the
// group that could have used the groups policies in an attempt to access the
// service.
// - Policy For a policy report, this operation returns a list of entities
// (users or roles) that could have used the policy in an attempt to access the
// service.
//
// You can also use this operation for user or role reports to retrieve details
// about those entities. If the operation fails, the
// GetServiceLastAccessedDetailsWithEntities operation returns the reason that it
// failed. By default, the list of associated entities is sorted by date, with the
// most recent access listed first.
func (c *Client) GetServiceLastAccessedDetailsWithEntities(ctx context.Context, params *GetServiceLastAccessedDetailsWithEntitiesInput, optFns ...func(*Options)) (*GetServiceLastAccessedDetailsWithEntitiesOutput, error) {
if params == nil {
params = &GetServiceLastAccessedDetailsWithEntitiesInput{}
}
result, metadata, err := c.invokeOperation(ctx, "GetServiceLastAccessedDetailsWithEntities", params, optFns, c.addOperationGetServiceLastAccessedDetailsWithEntitiesMiddlewares)
if err != nil {
return nil, err
}
out := result.(*GetServiceLastAccessedDetailsWithEntitiesOutput)
out.ResultMetadata = metadata
return out, nil
}
type GetServiceLastAccessedDetailsWithEntitiesInput struct {
// The ID of the request generated by the GenerateServiceLastAccessedDetails
// operation.
//
// This member is required.
JobId *string
// The service namespace for an Amazon Web Services service. Provide the service
// namespace to learn when the IAM entity last attempted to access the specified
// service. To learn the service namespace for a service, see Actions, resources,
// and condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
// in the IAM User Guide. Choose the name of the service to view details for that
// service. In the first paragraph, find the service prefix. For example, (service
// prefix: a4b) . For more information about service namespaces, see Amazon Web
// Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
// in the Amazon Web Services General Reference.
//
// This member is required.
ServiceNamespace *string
// Use this parameter only when paginating results and only after you receive a
// response indicating that the results are truncated. Set it to the value of the
// Marker element in the response that you received to indicate where the next call
// should start.
Marker *string
// Use this only when paginating results to indicate the maximum number of items
// you want in the response. If additional items exist beyond the maximum you
// specify, the IsTruncated response element is true . If you do not include this
// parameter, the number of items defaults to 100. Note that IAM might return fewer
// results, even when there are more results available. In that case, the
// IsTruncated response element returns true , and Marker contains a value to
// include in the subsequent call that tells the service where to continue from.
MaxItems *int32
noSmithyDocumentSerde
}
type GetServiceLastAccessedDetailsWithEntitiesOutput struct {
// An EntityDetailsList object that contains details about when an IAM entity
// (user or role) used group or policy permissions in an attempt to access the
// specified Amazon Web Services service.
//
// This member is required.
EntityDetailsList []types.EntityDetails
// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
// , when the generated report job was completed or failed. This field is null if
// the job is still in progress, as indicated by a job status value of IN_PROGRESS .
//
// This member is required.
JobCompletionDate *time.Time
// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
// , when the report job was created.
//
// This member is required.
JobCreationDate *time.Time
// The status of the job.
//
// This member is required.
JobStatus types.JobStatusType
// An object that contains details about the reason the operation failed.
Error *types.ErrorDetails
// A flag that indicates whether there are more items to return. If your results
// were truncated, you can make a subsequent pagination request using the Marker
// request parameter to retrieve more items. Note that IAM might return fewer than
// the MaxItems number of results even when there are more results available. We
// recommend that you check IsTruncated after every call to ensure that you
// receive all your results.
IsTruncated bool
// When IsTruncated is true , this element is present and contains the value to use
// for the Marker parameter in a subsequent pagination request.
Marker *string
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationGetServiceLastAccessedDetailsWithEntitiesMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetServiceLastAccessedDetailsWithEntities{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetServiceLastAccessedDetailsWithEntities{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetServiceLastAccessedDetailsWithEntities"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = addClientRequestID(stack); err != nil {
return err
}
if err = addComputeContentLength(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addComputePayloadSHA256(stack); err != nil {
return err
}
if err = addRetry(stack, options); err != nil {
return err
}
if err = addRawResponseToMetadata(stack); err != nil {
return err
}
if err = addRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetServiceLastAccessedDetailsWithEntitiesValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetServiceLastAccessedDetailsWithEntities(options.Region), middleware.Before); err != nil {
return err
}
if err = addRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opGetServiceLastAccessedDetailsWithEntities(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "GetServiceLastAccessedDetailsWithEntities",
}
}

Some files were not shown because too many files have changed in this diff Show More