From 88a544591978f02d48858318841a5c2e2cd05475 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 May 2024 22:02:10 +0000 Subject: [PATCH] Bump github.com/aws/aws-sdk-go-v2/service/secretsmanager Bumps [github.com/aws/aws-sdk-go-v2/service/secretsmanager](https://github.com/aws/aws-sdk-go-v2) from 1.26.2 to 1.28.7. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.26.2...service/emr/v1.28.7) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/secretsmanager dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 10 +- go.sum | 20 +- .../aws-sdk-go-v2/aws/go_module_metadata.go | 2 +- .../aws/middleware/middleware.go | 10 +- .../aws/middleware/request_id_retriever.go | 12 +- .../aws/middleware/user_agent.go | 40 +- .../aws/aws-sdk-go-v2/aws/ratelimit/none.go | 20 + .../aws/aws-sdk-go-v2/aws/retry/standard.go | 11 + .../aws-sdk-go-v2/aws/signer/v4/middleware.go | 49 +-- .../http/response_error_middleware.go | 10 +- .../internal/configsources/CHANGELOG.md | 25 ++ .../configsources/go_module_metadata.go | 2 +- .../internal/endpoints/v2/CHANGELOG.md | 26 ++ .../endpoints/v2/go_module_metadata.go | 2 +- .../service/secretsmanager/CHANGELOG.md | 52 +++ .../service/secretsmanager/api_client.go | 80 +++- .../api_op_BatchGetSecretValue.go | 61 +-- .../api_op_CancelRotateSecret.go | 63 ++-- .../secretsmanager/api_op_CreateSecret.go | 204 ++++++---- .../api_op_DeleteResourcePolicy.go | 41 +- .../secretsmanager/api_op_DeleteSecret.go | 102 ++--- .../secretsmanager/api_op_DescribeSecret.go | 96 +++-- .../api_op_GetRandomPassword.go | 32 +- .../api_op_GetResourcePolicy.go | 49 +-- .../secretsmanager/api_op_GetSecretValue.go | 98 ++--- .../api_op_ListSecretVersionIds.go | 66 ++-- .../secretsmanager/api_op_ListSecrets.go | 65 ++-- .../api_op_PutResourcePolicy.go | 71 ++-- .../secretsmanager/api_op_PutSecretValue.go | 152 +++++--- .../api_op_RemoveRegionsFromReplication.go | 35 +- .../api_op_ReplicateSecretToRegions.go | 34 +- .../secretsmanager/api_op_RestoreSecret.go | 45 ++- .../secretsmanager/api_op_RotateSecret.go | 128 ++++--- .../api_op_StopReplicationToReplica.go | 40 +- .../secretsmanager/api_op_TagResource.go | 72 ++-- .../secretsmanager/api_op_UntagResource.go | 71 ++-- .../secretsmanager/api_op_UpdateSecret.go | 149 +++++--- .../api_op_UpdateSecretVersionStage.go | 68 ++-- .../api_op_ValidateResourcePolicy.go | 50 +-- .../service/secretsmanager/deserializers.go | 351 +++++++----------- .../service/secretsmanager/doc.go | 52 ++- .../service/secretsmanager/endpoints.go | 9 +- .../service/secretsmanager/generated.json | 4 +- .../secretsmanager/go_module_metadata.go | 2 +- .../service/secretsmanager/options.go | 31 +- .../service/secretsmanager/types/enums.go | 15 +- .../service/secretsmanager/types/errors.go | 19 +- .../service/secretsmanager/types/types.go | 111 +++--- vendor/github.com/aws/smithy-go/.gitignore | 3 + vendor/github.com/aws/smithy-go/CHANGELOG.md | 17 + vendor/github.com/aws/smithy-go/Makefile | 7 +- .../aws/smithy-go/go_module_metadata.go | 2 +- vendor/github.com/aws/smithy-go/modman.toml | 1 - vendor/modules.txt | 20 +- 54 files changed, 1671 insertions(+), 1136 deletions(-) create mode 100644 vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/none.go diff --git a/go.mod b/go.mod index 16e19fb1..2dd29a8d 100644 --- a/go.mod +++ b/go.mod @@ -11,9 +11,9 @@ require ( github.com/DopplerHQ/cli v0.0.0-20210309042056-414bede8a50e github.com/alecthomas/assert v0.0.0-20170929043011-405dbfeb8e38 github.com/alecthomas/kong v0.2.15 - github.com/aws/aws-sdk-go-v2 v1.24.1 + github.com/aws/aws-sdk-go-v2 v1.26.1 github.com/aws/aws-sdk-go-v2/config v1.26.5 - github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.26.2 + github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.28.7 github.com/aws/aws-sdk-go-v2/service/ssm v1.44.7 github.com/cloudflare/cloudflare-go v0.25.0 github.com/cyberark/conjur-api-go v0.7.1 @@ -74,14 +74,14 @@ require ( github.com/atotto/clipboard v0.1.4 // indirect github.com/aws/aws-sdk-go-v2/credentials v1.16.16 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 // indirect github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 // indirect github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect - github.com/aws/smithy-go v1.19.0 // indirect + github.com/aws/smithy-go v1.20.2 // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect github.com/blang/semver/v4 v4.0.0 // indirect github.com/caspr-io/yamlpath v0.0.0-20200722075116-502e8d113a9b // indirect diff --git a/go.sum b/go.sum index d4bc7073..021cec2d 100644 --- a/go.sum +++ b/go.sum @@ -141,26 +141,26 @@ github.com/atotto/clipboard v0.1.2/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4= github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= -github.com/aws/aws-sdk-go-v2 v1.24.1 h1:xAojnj+ktS95YZlDf0zxWBkbFtymPeDP+rvUQIH3uAU= -github.com/aws/aws-sdk-go-v2 v1.24.1/go.mod h1:LNh45Br1YAkEKaAqvmE1m8FUx6a5b/V0oAKV7of29b4= +github.com/aws/aws-sdk-go-v2 v1.26.1 h1:5554eUqIYVWpU0YmeeYZ0wU64H2VLBs8TlhRB2L+EkA= +github.com/aws/aws-sdk-go-v2 v1.26.1/go.mod h1:ffIFB97e2yNsv4aTSGkqtHnppsIJzw7G7BReUZ3jCXM= github.com/aws/aws-sdk-go-v2/config v1.26.5 h1:lodGSevz7d+kkFJodfauThRxK9mdJbyutUxGq1NNhvw= github.com/aws/aws-sdk-go-v2/config v1.26.5/go.mod h1:DxHrz6diQJOc9EwDslVRh84VjjrE17g+pVZXUeSxaDU= github.com/aws/aws-sdk-go-v2/credentials v1.16.16 h1:8q6Rliyv0aUFAVtzaldUEcS+T5gbadPbWdV1WcAddK8= github.com/aws/aws-sdk-go-v2/credentials v1.16.16/go.mod h1:UHVZrdUsv63hPXFo1H7c5fEneoVo9UXiz36QG1GEPi0= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 h1:c5I5iH+DZcH3xOIMlz3/tCKJDaHFwYEmxvlh2fAcFo8= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11/go.mod h1:cRrYDYAMUohBJUtUnOhydaMHtiK/1NZ0Otc9lIb6O0Y= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 h1:vF+Zgd9s+H4vOXd5BMaPWykta2a6Ih0AKLq/X6NYKn4= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10/go.mod h1:6BkRjejp/GR4411UGqkX8+wFMbFbqsUIimfK4XjOKR4= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 h1:nYPe006ktcqUji8S2mqXf9c/7NdiKriOwMvWQHgYztw= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10/go.mod h1:6UV4SZkVvmODfXKql4LCbaZUpF7HO2BX38FgBf9ZOLw= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5 h1:aw39xVGeRWlWx9EzGVnhOR4yOjQDHPQ6o6NmBlscyQg= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5/go.mod h1:FSaRudD0dXiMPK2UjknVwwTYyZMRsHv3TtkabsZih5I= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5 h1:PG1F3OD1szkuQPzDw3CIQsRIrtTlUC3lP84taWzHlq0= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5/go.mod h1:jU1li6RFryMz+so64PpKtudI+QzbKoIEivqdf6LNpOc= github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 h1:GrSw8s0Gs/5zZ0SX+gX4zQjRnRsMJDJ2sLur1gRBhEM= github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 h1:/b31bi3YVNlkzkBrm9LfpaKoaYZUxIAj4sHfOTmLfqw= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4/go.mod h1:2aGXHFmbInwgP9ZfpmdIfOELL79zhdNYNmReK8qDfdQ= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 h1:DBYTXwIGQSGs9w4jKm60F5dmCQ3EEruxdc0MFh+3EY4= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10/go.mod h1:wohMUQiFdzo0NtxbBg0mSRGZ4vL3n0dKjLTINdcIino= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.26.2 h1:A5sGOT/mukuU+4At1vkSIWAN8tPwPCoYZBp7aruR540= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.26.2/go.mod h1:qutL00aW8GSo2D0I6UEOqMvRS3ZyuBrOC1BLe5D2jPc= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.28.7 h1:4cziOtpDwtgcb+wTYRzz8C+GoH1XySy0p7j4oBbqPQE= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.28.7/go.mod h1:3Ba++UwWd154xtP4FRX5pUK3Gt4up5sDHCve6kVfE+g= github.com/aws/aws-sdk-go-v2/service/ssm v1.44.7 h1:a8HvP/+ew3tKwSXqL3BCSjiuicr+XTU2eFYeogV9GJE= github.com/aws/aws-sdk-go-v2/service/ssm v1.44.7/go.mod h1:Q7XIWsMo0JcMpI/6TGD6XXcXcV1DbTj6e9BKNntIMIM= github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 h1:eajuO3nykDPdYicLlP3AGgOyVN3MOlFmZv7WGTuJPow= @@ -169,8 +169,8 @@ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 h1:QPMJf+Jw8E1l7zqhZmMlFw6w github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7/go.mod h1:ykf3COxYI0UJmxcfcxcVuz7b6uADi1FkiUz6Eb7AgM8= github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 h1:NzO4Vrau795RkUdSHKEwiR01FaGzGOH1EETJ+5QHnm0= github.com/aws/aws-sdk-go-v2/service/sts v1.26.7/go.mod h1:6h2YuIoxaMSCFf5fi1EgZAwdfkGMgDY+DVfa61uLe4U= -github.com/aws/smithy-go v1.19.0 h1:KWFKQV80DpP3vJrrA9sVAHQ5gc2z8i4EzrLhLlWXcBM= -github.com/aws/smithy-go v1.19.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= +github.com/aws/smithy-go v1.20.2 h1:tbp628ireGtzcHDDmLT/6ADHidqnwgF57XOXZe6tp4Q= +github.com/aws/smithy-go v1.20.2/go.mod h1:krry+ya/rV9RDcV/Q16kpu6ypI4K2czasz0NC3qS14E= github.com/axw/gocov v1.0.0/go.mod h1:LvQpEYiwwIb2nYkXY2fDWhg9/AsYqkhmrCshjlUJECE= github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go index 66d09630..639ba763 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go @@ -3,4 +3,4 @@ package aws // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.24.1" +const goModuleVersion = "1.26.1" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/middleware.go index 9bd0dfb1..6d5f0079 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/middleware.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/middleware.go @@ -139,16 +139,16 @@ func AddRecordResponseTiming(stack *middleware.Stack) error { // raw response within the response metadata. type rawResponseKey struct{} -// addRawResponse middleware adds raw response on to the metadata -type addRawResponse struct{} +// AddRawResponse middleware adds raw response on to the metadata +type AddRawResponse struct{} // ID the identifier for the ClientRequestID -func (m *addRawResponse) ID() string { +func (m *AddRawResponse) ID() string { return "AddRawResponseToMetadata" } // HandleDeserialize adds raw response on the middleware metadata -func (m addRawResponse) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( +func (m AddRawResponse) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( out middleware.DeserializeOutput, metadata middleware.Metadata, err error, ) { out, metadata, err = next.HandleDeserialize(ctx, in) @@ -159,7 +159,7 @@ func (m addRawResponse) HandleDeserialize(ctx context.Context, in middleware.Des // AddRawResponseToMetadata adds middleware to the middleware stack that // store raw response on to the metadata. func AddRawResponseToMetadata(stack *middleware.Stack) error { - return stack.Deserialize.Add(&addRawResponse{}, middleware.Before) + return stack.Deserialize.Add(&AddRawResponse{}, middleware.Before) } // GetRawResponse returns raw response set on metadata diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/request_id_retriever.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/request_id_retriever.go index 7ce48c61..e7d268c3 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/request_id_retriever.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/request_id_retriever.go @@ -11,18 +11,22 @@ import ( func AddRequestIDRetrieverMiddleware(stack *middleware.Stack) error { // add error wrapper middleware before operation deserializers so that it can wrap the error response // returned by operation deserializers - return stack.Deserialize.Insert(&requestIDRetriever{}, "OperationDeserializer", middleware.Before) + return stack.Deserialize.Insert(&RequestIDRetriever{}, "OperationDeserializer", middleware.Before) } -type requestIDRetriever struct { +// RequestIDRetriever middleware captures the AWS service request ID from the +// raw response. +type RequestIDRetriever struct { } // ID returns the middleware identifier -func (m *requestIDRetriever) ID() string { +func (m *RequestIDRetriever) ID() string { return "RequestIDRetriever" } -func (m *requestIDRetriever) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( +// HandleDeserialize pulls the AWS request ID from the response, storing it in +// operation metadata. +func (m *RequestIDRetriever) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( out middleware.DeserializeOutput, metadata middleware.Metadata, err error, ) { out, metadata, err = next.HandleDeserialize(ctx, in) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/user_agent.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/user_agent.go index af3447dd..db7cda42 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/user_agent.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/user_agent.go @@ -64,12 +64,12 @@ var validChars = map[rune]bool{ '-': true, '.': true, '^': true, '_': true, '`': true, '|': true, '~': true, } -// requestUserAgent is a build middleware that set the User-Agent for the request. -type requestUserAgent struct { +// RequestUserAgent is a build middleware that set the User-Agent for the request. +type RequestUserAgent struct { sdkAgent, userAgent *smithyhttp.UserAgentBuilder } -// newRequestUserAgent returns a new requestUserAgent which will set the User-Agent and X-Amz-User-Agent for the +// NewRequestUserAgent returns a new requestUserAgent which will set the User-Agent and X-Amz-User-Agent for the // request. // // User-Agent example: @@ -79,12 +79,12 @@ type requestUserAgent struct { // X-Amz-User-Agent example: // // aws-sdk-go-v2/1.2.3 md/GOOS/linux md/GOARCH/amd64 lang/go/1.15 -func newRequestUserAgent() *requestUserAgent { +func NewRequestUserAgent() *RequestUserAgent { userAgent, sdkAgent := smithyhttp.NewUserAgentBuilder(), smithyhttp.NewUserAgentBuilder() addProductName(userAgent) addProductName(sdkAgent) - r := &requestUserAgent{ + r := &RequestUserAgent{ sdkAgent: sdkAgent, userAgent: userAgent, } @@ -94,7 +94,7 @@ func newRequestUserAgent() *requestUserAgent { return r } -func addSDKMetadata(r *requestUserAgent) { +func addSDKMetadata(r *RequestUserAgent) { r.AddSDKAgentKey(OperatingSystemMetadata, getNormalizedOSName()) r.AddSDKAgentKeyValue(LanguageMetadata, "go", languageVersion) r.AddSDKAgentKeyValue(AdditionalMetadata, "GOOS", runtime.GOOS) @@ -162,18 +162,18 @@ func AddRequestUserAgentMiddleware(stack *middleware.Stack) error { return err } -func getOrAddRequestUserAgent(stack *middleware.Stack) (*requestUserAgent, error) { - id := (*requestUserAgent)(nil).ID() +func getOrAddRequestUserAgent(stack *middleware.Stack) (*RequestUserAgent, error) { + id := (*RequestUserAgent)(nil).ID() bm, ok := stack.Build.Get(id) if !ok { - bm = newRequestUserAgent() + bm = NewRequestUserAgent() err := stack.Build.Add(bm, middleware.After) if err != nil { return nil, err } } - requestUserAgent, ok := bm.(*requestUserAgent) + requestUserAgent, ok := bm.(*RequestUserAgent) if !ok { return nil, fmt.Errorf("%T for %s middleware did not match expected type", bm, id) } @@ -182,34 +182,34 @@ func getOrAddRequestUserAgent(stack *middleware.Stack) (*requestUserAgent, error } // AddUserAgentKey adds the component identified by name to the User-Agent string. -func (u *requestUserAgent) AddUserAgentKey(key string) { +func (u *RequestUserAgent) AddUserAgentKey(key string) { u.userAgent.AddKey(strings.Map(rules, key)) } // AddUserAgentKeyValue adds the key identified by the given name and value to the User-Agent string. -func (u *requestUserAgent) AddUserAgentKeyValue(key, value string) { +func (u *RequestUserAgent) AddUserAgentKeyValue(key, value string) { u.userAgent.AddKeyValue(strings.Map(rules, key), strings.Map(rules, value)) } -// AddUserAgentKey adds the component identified by name to the User-Agent string. -func (u *requestUserAgent) AddSDKAgentKey(keyType SDKAgentKeyType, key string) { +// AddSDKAgentKey adds the component identified by name to the User-Agent string. +func (u *RequestUserAgent) AddSDKAgentKey(keyType SDKAgentKeyType, key string) { // TODO: should target sdkAgent u.userAgent.AddKey(keyType.string() + "/" + strings.Map(rules, key)) } -// AddUserAgentKeyValue adds the key identified by the given name and value to the User-Agent string. -func (u *requestUserAgent) AddSDKAgentKeyValue(keyType SDKAgentKeyType, key, value string) { +// AddSDKAgentKeyValue adds the key identified by the given name and value to the User-Agent string. +func (u *RequestUserAgent) AddSDKAgentKeyValue(keyType SDKAgentKeyType, key, value string) { // TODO: should target sdkAgent u.userAgent.AddKeyValue(keyType.string(), strings.Map(rules, key)+"#"+strings.Map(rules, value)) } // ID the name of the middleware. -func (u *requestUserAgent) ID() string { +func (u *RequestUserAgent) ID() string { return "UserAgent" } // HandleBuild adds or appends the constructed user agent to the request. -func (u *requestUserAgent) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( +func (u *RequestUserAgent) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( out middleware.BuildOutput, metadata middleware.Metadata, err error, ) { switch req := in.Request.(type) { @@ -224,12 +224,12 @@ func (u *requestUserAgent) HandleBuild(ctx context.Context, in middleware.BuildI return next.HandleBuild(ctx, in) } -func (u *requestUserAgent) addHTTPUserAgent(request *smithyhttp.Request) { +func (u *RequestUserAgent) addHTTPUserAgent(request *smithyhttp.Request) { const userAgent = "User-Agent" updateHTTPHeader(request, userAgent, u.userAgent.Build()) } -func (u *requestUserAgent) addHTTPSDKAgent(request *smithyhttp.Request) { +func (u *RequestUserAgent) addHTTPSDKAgent(request *smithyhttp.Request) { const sdkAgent = "X-Amz-User-Agent" updateHTTPHeader(request, sdkAgent, u.sdkAgent.Build()) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/none.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/none.go new file mode 100644 index 00000000..8c783641 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/none.go @@ -0,0 +1,20 @@ +package ratelimit + +import "context" + +// None implements a no-op rate limiter which effectively disables client-side +// rate limiting (also known as "retry quotas"). +// +// GetToken does nothing and always returns a nil error. The returned +// token-release function does nothing, and always returns a nil error. +// +// AddTokens does nothing and always returns a nil error. +var None = &none{} + +type none struct{} + +func (*none) GetToken(ctx context.Context, cost uint) (func() error, error) { + return func() error { return nil }, nil +} + +func (*none) AddTokens(v uint) error { return nil } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/standard.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/standard.go index 25abffc8..d5ea9322 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/standard.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/standard.go @@ -123,6 +123,17 @@ type StandardOptions struct { // Provides the rate limiting strategy for rate limiting attempt retries // across all attempts the retryer is being used with. + // + // A RateLimiter operates as a token bucket with a set capacity, where + // attempt failures events consume tokens. A retry attempt that attempts to + // consume more tokens than what's available results in operation failure. + // The default implementation is parameterized as follows: + // - a capacity of 500 (DefaultRetryRateTokens) + // - a retry caused by a timeout costs 10 tokens (DefaultRetryCost) + // - a retry caused by other errors costs 5 tokens (DefaultRetryTimeoutCost) + // - an operation that succeeds on the 1st attempt adds 1 token (DefaultNoRetryIncrement) + // + // You can disable rate limiting by setting this field to ratelimit.None. RateLimiter RateLimiter // The cost to deduct from the RateLimiter's token bucket per retry. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go index f39a369a..febeb048 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go @@ -85,12 +85,12 @@ func (m *dynamicPayloadSigningMiddleware) HandleFinalize( } if req.IsHTTPS() { - return (&unsignedPayload{}).HandleFinalize(ctx, in, next) + return (&UnsignedPayload{}).HandleFinalize(ctx, in, next) } - return (&computePayloadSHA256{}).HandleFinalize(ctx, in, next) + return (&ComputePayloadSHA256{}).HandleFinalize(ctx, in, next) } -// unsignedPayload sets the SigV4 request payload hash to unsigned. +// UnsignedPayload sets the SigV4 request payload hash to unsigned. // // Will not set the Unsigned Payload magic SHA value, if a SHA has already been // stored in the context. (e.g. application pre-computed SHA256 before making @@ -98,21 +98,21 @@ func (m *dynamicPayloadSigningMiddleware) HandleFinalize( // // This middleware does not check the X-Amz-Content-Sha256 header, if that // header is serialized a middleware must translate it into the context. -type unsignedPayload struct{} +type UnsignedPayload struct{} // AddUnsignedPayloadMiddleware adds unsignedPayload to the operation // middleware stack func AddUnsignedPayloadMiddleware(stack *middleware.Stack) error { - return stack.Finalize.Insert(&unsignedPayload{}, "ResolveEndpointV2", middleware.After) + return stack.Finalize.Insert(&UnsignedPayload{}, "ResolveEndpointV2", middleware.After) } // ID returns the unsignedPayload identifier -func (m *unsignedPayload) ID() string { +func (m *UnsignedPayload) ID() string { return computePayloadHashMiddlewareID } // HandleFinalize sets the payload hash magic value to the unsigned sentinel. -func (m *unsignedPayload) HandleFinalize( +func (m *UnsignedPayload) HandleFinalize( ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, @@ -123,7 +123,7 @@ func (m *unsignedPayload) HandleFinalize( return next.HandleFinalize(ctx, in) } -// computePayloadSHA256 computes SHA256 payload hash to sign. +// ComputePayloadSHA256 computes SHA256 payload hash to sign. // // Will not set the Unsigned Payload magic SHA value, if a SHA has already been // stored in the context. (e.g. application pre-computed SHA256 before making @@ -131,12 +131,12 @@ func (m *unsignedPayload) HandleFinalize( // // This middleware does not check the X-Amz-Content-Sha256 header, if that // header is serialized a middleware must translate it into the context. -type computePayloadSHA256 struct{} +type ComputePayloadSHA256 struct{} // AddComputePayloadSHA256Middleware adds computePayloadSHA256 to the // operation middleware stack func AddComputePayloadSHA256Middleware(stack *middleware.Stack) error { - return stack.Finalize.Insert(&computePayloadSHA256{}, "ResolveEndpointV2", middleware.After) + return stack.Finalize.Insert(&ComputePayloadSHA256{}, "ResolveEndpointV2", middleware.After) } // RemoveComputePayloadSHA256Middleware removes computePayloadSHA256 from the @@ -147,13 +147,13 @@ func RemoveComputePayloadSHA256Middleware(stack *middleware.Stack) error { } // ID is the middleware name -func (m *computePayloadSHA256) ID() string { +func (m *ComputePayloadSHA256) ID() string { return computePayloadHashMiddlewareID } // HandleFinalize computes the payload hash for the request, storing it to the // context. This is a no-op if a caller has previously set that value. -func (m *computePayloadSHA256) HandleFinalize( +func (m *ComputePayloadSHA256) HandleFinalize( ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, @@ -196,35 +196,35 @@ func (m *computePayloadSHA256) HandleFinalize( // Use this to disable computing the Payload SHA256 checksum and instead use // UNSIGNED-PAYLOAD for the SHA256 value. func SwapComputePayloadSHA256ForUnsignedPayloadMiddleware(stack *middleware.Stack) error { - _, err := stack.Finalize.Swap(computePayloadHashMiddlewareID, &unsignedPayload{}) + _, err := stack.Finalize.Swap(computePayloadHashMiddlewareID, &UnsignedPayload{}) return err } -// contentSHA256Header sets the X-Amz-Content-Sha256 header value to +// ContentSHA256Header sets the X-Amz-Content-Sha256 header value to // the Payload hash stored in the context. -type contentSHA256Header struct{} +type ContentSHA256Header struct{} // AddContentSHA256HeaderMiddleware adds ContentSHA256Header to the // operation middleware stack func AddContentSHA256HeaderMiddleware(stack *middleware.Stack) error { - return stack.Finalize.Insert(&contentSHA256Header{}, computePayloadHashMiddlewareID, middleware.After) + return stack.Finalize.Insert(&ContentSHA256Header{}, computePayloadHashMiddlewareID, middleware.After) } // RemoveContentSHA256HeaderMiddleware removes contentSHA256Header middleware // from the operation middleware stack func RemoveContentSHA256HeaderMiddleware(stack *middleware.Stack) error { - _, err := stack.Finalize.Remove((*contentSHA256Header)(nil).ID()) + _, err := stack.Finalize.Remove((*ContentSHA256Header)(nil).ID()) return err } // ID returns the ContentSHA256HeaderMiddleware identifier -func (m *contentSHA256Header) ID() string { +func (m *ContentSHA256Header) ID() string { return "SigV4ContentSHA256Header" } // HandleFinalize sets the X-Amz-Content-Sha256 header value to the Payload hash // stored in the context. -func (m *contentSHA256Header) HandleFinalize( +func (m *ContentSHA256Header) HandleFinalize( ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, @@ -360,18 +360,21 @@ func (s *SignHTTPRequestMiddleware) HandleFinalize(ctx context.Context, in middl return next.HandleFinalize(ctx, in) } -type streamingEventsPayload struct{} +// StreamingEventsPayload signs input event stream messages. +type StreamingEventsPayload struct{} // AddStreamingEventsPayload adds the streamingEventsPayload middleware to the stack. func AddStreamingEventsPayload(stack *middleware.Stack) error { - return stack.Finalize.Add(&streamingEventsPayload{}, middleware.Before) + return stack.Finalize.Add(&StreamingEventsPayload{}, middleware.Before) } -func (s *streamingEventsPayload) ID() string { +// ID identifies the middleware. +func (s *StreamingEventsPayload) ID() string { return computePayloadHashMiddlewareID } -func (s *streamingEventsPayload) HandleFinalize( +// HandleFinalize marks the input stream to be signed with SigV4. +func (s *StreamingEventsPayload) HandleFinalize( ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/response_error_middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/response_error_middleware.go index 8fd14cec..a1ad20fe 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/response_error_middleware.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/response_error_middleware.go @@ -12,18 +12,20 @@ import ( func AddResponseErrorMiddleware(stack *middleware.Stack) error { // add error wrapper middleware before request id retriever middleware so that it can wrap the error response // returned by operation deserializers - return stack.Deserialize.Insert(&responseErrorWrapper{}, "RequestIDRetriever", middleware.Before) + return stack.Deserialize.Insert(&ResponseErrorWrapper{}, "RequestIDRetriever", middleware.Before) } -type responseErrorWrapper struct { +// ResponseErrorWrapper wraps operation errors with ResponseError. +type ResponseErrorWrapper struct { } // ID returns the middleware identifier -func (m *responseErrorWrapper) ID() string { +func (m *ResponseErrorWrapper) ID() string { return "ResponseErrorWrapper" } -func (m *responseErrorWrapper) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( +// HandleDeserialize wraps the stack error with smithyhttp.ResponseError. +func (m *ResponseErrorWrapper) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( out middleware.DeserializeOutput, metadata middleware.Metadata, err error, ) { out, metadata, err = next.HandleDeserialize(ctx, in) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md index dc87ec41..72e196dd 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md @@ -1,3 +1,28 @@ +# v1.3.5 (2024-03-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.3.4 (2024-03-18) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.3.3 (2024-03-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.3.2 (2024-02-23) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.3.1 (2024-02-21) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.3.0 (2024-02-13) + +* **Feature**: Bump minimum Go version to 1.20 per our language support policy. +* **Dependency Update**: Updated to the latest SDK module versions + # v1.2.10 (2024-01-04) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go index 41ee0bfb..faf71cac 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go @@ -3,4 +3,4 @@ package configsources // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.2.10" +const goModuleVersion = "1.3.5" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md index e0265474..6f6dafa8 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md @@ -1,3 +1,29 @@ +# v2.6.5 (2024-03-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.6.4 (2024-03-18) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.6.3 (2024-03-07) + +* **Bug Fix**: Remove dependency on go-cmp. +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.6.2 (2024-02-23) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.6.1 (2024-02-21) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.6.0 (2024-02-13) + +* **Feature**: Bump minimum Go version to 1.20 per our language support policy. +* **Dependency Update**: Updated to the latest SDK module versions + # v2.5.10 (2024-01-04) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go index bec2c6a1..27981631 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go @@ -3,4 +3,4 @@ package endpoints // goModuleVersion is the tagged release for this module -const goModuleVersion = "2.5.10" +const goModuleVersion = "2.6.5" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/CHANGELOG.md index 8c65e338..cf31787b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/CHANGELOG.md @@ -1,3 +1,55 @@ +# v1.28.7 (2024-05-08) + +* **Bug Fix**: GoDoc improvement + +# v1.28.6 (2024-03-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.28.5 (2024-03-27) + +* **Documentation**: Documentation updates for Secrets Manager + +# v1.28.4 (2024-03-18) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.28.3 (2024-03-14) + +* **Documentation**: Doc only update for Secrets Manager + +# v1.28.2 (2024-03-07) + +* **Bug Fix**: Remove dependency on go-cmp. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.28.1 (2024-02-23) + +* **Bug Fix**: Move all common, SDK-side middleware stack ops into the service client module to prevent cross-module compatibility issues in the future. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.28.0 (2024-02-22) + +* **Feature**: Add middleware stack snapshot tests. + +# v1.27.3 (2024-02-21) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.27.2 (2024-02-20) + +* **Bug Fix**: When sourcing values for a service's `EndpointParameters`, the lack of a configured region (i.e. `options.Region == ""`) will now translate to a `nil` value for `EndpointParameters.Region` instead of a pointer to the empty string `""`. This will result in a much more explicit error when calling an operation instead of an obscure hostname lookup failure. + +# v1.27.1 (2024-02-15) + +* **Bug Fix**: Correct failure to determine the error type in awsJson services that could occur when errors were modeled with a non-string `code` field. +* **Documentation**: Doc only update for Secrets Manager + +# v1.27.0 (2024-02-13) + +* **Feature**: Bump minimum Go version to 1.20 per our language support policy. +* **Dependency Update**: Updated to the latest SDK module versions + # v1.26.2 (2024-01-11) * **Documentation**: Doc only update for Secrets Manager diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_client.go index 99c25849..306c347d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_client.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_client.go @@ -365,17 +365,37 @@ func resolveAWSEndpointResolver(cfg aws.Config, o *Options) { } func addClientUserAgent(stack *middleware.Stack, options Options) error { - if err := awsmiddleware.AddSDKAgentKeyValue(awsmiddleware.APIMetadata, "secretsmanager", goModuleVersion)(stack); err != nil { + ua, err := getOrAddRequestUserAgent(stack) + if err != nil { return err } + ua.AddSDKAgentKeyValue(awsmiddleware.APIMetadata, "secretsmanager", goModuleVersion) if len(options.AppID) > 0 { - return awsmiddleware.AddSDKAgentKey(awsmiddleware.ApplicationIdentifier, options.AppID)(stack) + ua.AddSDKAgentKey(awsmiddleware.ApplicationIdentifier, options.AppID) } return nil } +func getOrAddRequestUserAgent(stack *middleware.Stack) (*awsmiddleware.RequestUserAgent, error) { + id := (*awsmiddleware.RequestUserAgent)(nil).ID() + mw, ok := stack.Build.Get(id) + if !ok { + mw = awsmiddleware.NewRequestUserAgent() + if err := stack.Build.Add(mw, middleware.After); err != nil { + return nil, err + } + } + + ua, ok := mw.(*awsmiddleware.RequestUserAgent) + if !ok { + return nil, fmt.Errorf("%T for %s middleware did not match expected type", mw, id) + } + + return ua, nil +} + type HTTPSignerV4 interface { SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error } @@ -394,6 +414,37 @@ func newDefaultV4Signer(o Options) *v4.Signer { }) } +func addClientRequestID(stack *middleware.Stack) error { + return stack.Build.Add(&awsmiddleware.ClientRequestID{}, middleware.After) +} + +func addComputeContentLength(stack *middleware.Stack) error { + return stack.Build.Add(&smithyhttp.ComputeContentLength{}, middleware.After) +} + +func addRawResponseToMetadata(stack *middleware.Stack) error { + return stack.Deserialize.Add(&awsmiddleware.AddRawResponse{}, middleware.Before) +} + +func addRecordResponseTiming(stack *middleware.Stack) error { + return stack.Deserialize.Add(&awsmiddleware.RecordResponseTiming{}, middleware.After) +} +func addStreamingEventsPayload(stack *middleware.Stack) error { + return stack.Finalize.Add(&v4.StreamingEventsPayload{}, middleware.Before) +} + +func addUnsignedPayload(stack *middleware.Stack) error { + return stack.Finalize.Insert(&v4.UnsignedPayload{}, "ResolveEndpointV2", middleware.After) +} + +func addComputePayloadSHA256(stack *middleware.Stack) error { + return stack.Finalize.Insert(&v4.ComputePayloadSHA256{}, "ResolveEndpointV2", middleware.After) +} + +func addContentSHA256Header(stack *middleware.Stack) error { + return stack.Finalize.Insert(&v4.ContentSHA256Header{}, (*v4.ComputePayloadSHA256)(nil).ID(), middleware.After) +} + func resolveIdempotencyTokenProvider(o *Options) { if o.IdempotencyTokenProvider != nil { return @@ -401,12 +452,17 @@ func resolveIdempotencyTokenProvider(o *Options) { o.IdempotencyTokenProvider = smithyrand.NewUUIDIdempotencyToken(cryptorand.Reader) } -func addRetryMiddlewares(stack *middleware.Stack, o Options) error { - mo := retry.AddRetryMiddlewaresOptions{ - Retryer: o.Retryer, - LogRetryAttempts: o.ClientLogMode.IsRetries(), +func addRetry(stack *middleware.Stack, o Options) error { + attempt := retry.NewAttemptMiddleware(o.Retryer, smithyhttp.RequestCloner, func(m *retry.Attempt) { + m.LogAttempts = o.ClientLogMode.IsRetries() + }) + if err := stack.Finalize.Insert(attempt, "Signing", middleware.Before); err != nil { + return err + } + if err := stack.Finalize.Insert(&retry.MetricsHeader{}, attempt.ID(), middleware.After); err != nil { + return err } - return retry.AddRetryMiddlewares(stack, mo) + return nil } // resolves dual-stack endpoint configuration @@ -444,12 +500,18 @@ type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) } +func addRecursionDetection(stack *middleware.Stack) error { + return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { - return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) + return stack.Deserialize.Insert(&awsmiddleware.RequestIDRetriever{}, "OperationDeserializer", middleware.Before) + } func addResponseErrorMiddleware(stack *middleware.Stack) error { - return awshttp.AddResponseErrorMiddleware(stack) + return stack.Deserialize.Insert(&awshttp.ResponseErrorWrapper{}, "RequestIDRetriever", middleware.Before) + } func addRequestResponseLogging(stack *middleware.Stack, o Options) error { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_BatchGetSecretValue.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_BatchGetSecretValue.go index 35dcda76..6aaf0d80 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_BatchGetSecretValue.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_BatchGetSecretValue.go @@ -6,30 +6,33 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Retrieves the contents of the encrypted fields SecretString or SecretBinary for -// up to 20 secrets. To retrieve a single secret, call GetSecretValue . To choose -// which secrets to retrieve, you can specify a list of secrets by name or ARN, or -// you can use filters. If Secrets Manager encounters errors such as +// up to 20 secrets. To retrieve a single secret, call GetSecretValue. +// +// To choose which secrets to retrieve, you can specify a list of secrets by name +// or ARN, or you can use filters. If Secrets Manager encounters errors such as // AccessDeniedException while attempting to retrieve any of the secrets, you can -// see the errors in Errors in the response. Secrets Manager generates CloudTrail -// GetSecretValue log entries for each secret you request when you call this -// action. Do not include sensitive information in request parameters because it -// might be logged. For more information, see Logging Secrets Manager events with -// CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:BatchGetSecretValue , and you must have +// see the errors in Errors in the response. +// +// Secrets Manager generates CloudTrail GetSecretValue log entries for each secret +// you request when you call this action. Do not include sensitive information in +// request parameters because it might be logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:BatchGetSecretValue , and you must have // secretsmanager:GetSecretValue for each secret. If you use filters, you must also // have secretsmanager:ListSecrets . If the secrets are encrypted using // customer-managed keys instead of the Amazon Web Services managed key // aws/secretsmanager , then you also need kms:Decrypt permissions for the keys. -// For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// For more information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) BatchGetSecretValue(ctx context.Context, params *BatchGetSecretValueInput, optFns ...func(*Options)) (*BatchGetSecretValueOutput, error) { if params == nil { params = &BatchGetSecretValueInput{} @@ -51,9 +54,12 @@ type BatchGetSecretValueInput struct { // SecretIdList , but not both. Filters []types.Filter - // The number of results to include in the response. If there are more results - // available, in the response, Secrets Manager includes NextToken . To get the next - // results, call BatchGetSecretValue again with the value from NextToken . + // The number of results to include in the response. + // + // If there are more results available, in the response, Secrets Manager includes + // NextToken . To get the next results, call BatchGetSecretValue again with the + // value from NextToken . To use this parameter, you must also use the Filters + // parameter. MaxResults *int32 // A token that indicates where the output should continue from, if a previous @@ -111,25 +117,25 @@ func (c *Client) addOperationBatchGetSecretValueMiddlewares(stack *middleware.St if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -147,7 +153,7 @@ func (c *Client) addOperationBatchGetSecretValueMiddlewares(stack *middleware.St if err = stack.Initialize.Add(newServiceMetadataMiddleware_opBatchGetSecretValue(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { @@ -176,9 +182,12 @@ var _ BatchGetSecretValueAPIClient = (*Client)(nil) // BatchGetSecretValuePaginatorOptions is the paginator options for // BatchGetSecretValue type BatchGetSecretValuePaginatorOptions struct { - // The number of results to include in the response. If there are more results - // available, in the response, Secrets Manager includes NextToken . To get the next - // results, call BatchGetSecretValue again with the value from NextToken . + // The number of results to include in the response. + // + // If there are more results available, in the response, Secrets Manager includes + // NextToken . To get the next results, call BatchGetSecretValue again with the + // value from NextToken . To use this parameter, you must also use the Filters + // parameter. Limit int32 // Set to true if pagination should stop if the service returns a pagination token diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CancelRotateSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CancelRotateSecret.go index 1baab024..42ce02ce 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CancelRotateSecret.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CancelRotateSecret.go @@ -6,28 +6,34 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Turns off automatic rotation, and if a rotation is currently in progress, -// cancels the rotation. If you cancel a rotation in progress, it can leave the -// VersionStage labels in an unexpected state. You might need to remove the staging -// label AWSPENDING from the partially created version. You also need to determine -// whether to roll back to the previous version of the secret by moving the staging -// label AWSCURRENT to the version that has AWSPENDING . To determine which version -// has a specific staging label, call ListSecretVersionIds . Then use -// UpdateSecretVersionStage to change staging labels. For more information, see -// How rotation works (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) -// . To turn on automatic rotation again, call RotateSecret . Secrets Manager -// generates a CloudTrail log entry when you call this action. Do not include -// sensitive information in request parameters because it might be logged. For more -// information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:CancelRotateSecret . For more -// information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// cancels the rotation. +// +// If you cancel a rotation in progress, it can leave the VersionStage labels in +// an unexpected state. You might need to remove the staging label AWSPENDING from +// the partially created version. You also need to determine whether to roll back +// to the previous version of the secret by moving the staging label AWSCURRENT to +// the version that has AWSPENDING . To determine which version has a specific +// staging label, call ListSecretVersionIds. Then use UpdateSecretVersionStage to change staging labels. For more information, +// see [How rotation works]. +// +// To turn on automatic rotation again, call RotateSecret. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:CancelRotateSecret . For more information, +// see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [How rotation works]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) CancelRotateSecret(ctx context.Context, params *CancelRotateSecretInput, optFns ...func(*Options)) (*CancelRotateSecretOutput, error) { if params == nil { params = &CancelRotateSecretInput{} @@ -45,9 +51,12 @@ func (c *Client) CancelRotateSecret(ctx context.Context, params *CancelRotateSec type CancelRotateSecretInput struct { - // The ARN or name of the secret. For an ARN, we recommend that you specify a - // complete ARN rather than a partial ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // The ARN or name of the secret. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string @@ -98,25 +107,25 @@ func (c *Client) addOperationCancelRotateSecretMiddlewares(stack *middleware.Sta if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -137,7 +146,7 @@ func (c *Client) addOperationCancelRotateSecretMiddlewares(stack *middleware.Sta if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCancelRotateSecret(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CreateSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CreateSecret.go index a783c39d..b25d5d17 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CreateSecret.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CreateSecret.go @@ -6,7 +6,6 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" @@ -18,35 +17,49 @@ import ( // connection information to access a database or other service, which Secrets // Manager doesn't encrypt. A secret in Secrets Manager consists of both the // protected secret data and the important information needed to manage the secret. -// For secrets that use managed rotation, you need to create the secret through the -// managing service. For more information, see Secrets Manager secrets managed by -// other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html) -// . For information about creating a secret in the console, see Create a secret (https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html) -// . To create a secret, you can provide the secret value to be encrypted in either +// +// For secrets that use managed rotation, you need to create the secret through +// the managing service. For more information, see [Secrets Manager secrets managed by other Amazon Web Services services]. +// +// For information about creating a secret in the console, see [Create a secret]. +// +// To create a secret, you can provide the secret value to be encrypted in either // the SecretString parameter or the SecretBinary parameter, but not both. If you // include SecretString or SecretBinary then Secrets Manager creates an initial // secret version and automatically attaches the staging label AWSCURRENT to it. +// // For database credentials you want to rotate, for Secrets Manager to be able to // rotate the secret, you must make sure the JSON you store in the SecretString -// matches the JSON structure of a database secret (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) -// . If you don't specify an KMS encryption key, Secrets Manager uses the Amazon -// Web Services managed key aws/secretsmanager . If this key doesn't already exist -// in your account, then Secrets Manager creates it for you automatically. All -// users and roles in the Amazon Web Services account automatically have access to -// use aws/secretsmanager . Creating aws/secretsmanager can result in a one-time -// significant delay in returning the result. If the secret is in a different -// Amazon Web Services account from the credentials calling the API, then you can't -// use aws/secretsmanager to encrypt the secret, and you must create and use a -// customer managed KMS key. Secrets Manager generates a CloudTrail log entry when -// you call this action. Do not include sensitive information in request parameters -// except SecretBinary or SecretString because it might be logged. For more -// information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:CreateSecret . If you include tags in the -// secret, you also need secretsmanager:TagResource . For more information, see -// IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . To encrypt the secret with a KMS key other than aws/secretsmanager , you need +// matches the [JSON structure of a database secret]. +// +// If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web +// Services managed key aws/secretsmanager . If this key doesn't already exist in +// your account, then Secrets Manager creates it for you automatically. All users +// and roles in the Amazon Web Services account automatically have access to use +// aws/secretsmanager . Creating aws/secretsmanager can result in a one-time +// significant delay in returning the result. +// +// If the secret is in a different Amazon Web Services account from the +// credentials calling the API, then you can't use aws/secretsmanager to encrypt +// the secret, and you must create and use a customer managed KMS key. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters except SecretBinary or +// SecretString because it might be logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:CreateSecret . If you include tags in the +// secret, you also need secretsmanager:TagResource . For more information, see [IAM policy actions for Secrets Manager] +// and [Authentication and access control in Secrets Manager]. +// +// To encrypt the secret with a KMS key other than aws/secretsmanager , you need // kms:GenerateDataKey and kms:Decrypt permission to the key. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [Secrets Manager secrets managed by other Amazon Web Services services]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html +// [Create a secret]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions +// [JSON structure of a database secret]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html func (c *Client) CreateSecret(ctx context.Context, params *CreateSecretInput, optFns ...func(*Options)) (*CreateSecretOutput, error) { if params == nil { params = &CreateSecretInput{} @@ -64,12 +77,15 @@ func (c *Client) CreateSecret(ctx context.Context, params *CreateSecretInput, op type CreateSecretInput struct { - // The name of the new secret. The secret name can contain ASCII letters, numbers, - // and the following characters: /_+=.@- Do not end your secret name with a hyphen - // followed by six characters. If you do so, you risk confusion and unexpected - // results when searching for a secret by partial ARN. Secrets Manager - // automatically adds a hyphen and six random characters after the secret name at - // the end of the ARN. + // The name of the new secret. + // + // The secret name can contain ASCII letters, numbers, and the following + // characters: /_+=.@- + // + // Do not end your secret name with a hyphen followed by six characters. If you do + // so, you risk confusion and unexpected results when searching for a secret by + // partial ARN. Secrets Manager automatically adds a hyphen and six random + // characters after the secret name at the end of the ARN. // // This member is required. Name *string @@ -79,26 +95,36 @@ type CreateSecretInput struct { // If you include SecretString or SecretBinary , then Secrets Manager creates an // initial version for the secret, and this parameter specifies the unique - // identifier for the new version. If you use the Amazon Web Services CLI or one of - // the Amazon Web Services SDKs to call this operation, then you can leave this - // parameter empty. The CLI or SDK generates a random UUID for you and includes it - // as the value for this parameter in the request. If you generate a raw HTTP - // request to the Secrets Manager service endpoint, then you must generate a - // ClientRequestToken and include it in the request. This value helps ensure - // idempotency. Secrets Manager uses this value to prevent the accidental creation - // of duplicate versions if there are failures and retries during a rotation. We - // recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) - // value to ensure uniqueness of your versions within the specified secret. + // identifier for the new version. + // + // If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs + // to call this operation, then you can leave this parameter empty. The CLI or SDK + // generates a random UUID for you and includes it as the value for this parameter + // in the request. + // + // If you generate a raw HTTP request to the Secrets Manager service endpoint, + // then you must generate a ClientRequestToken and include it in the request. + // + // This value helps ensure idempotency. Secrets Manager uses this value to prevent + // the accidental creation of duplicate versions if there are failures and retries + // during a rotation. We recommend that you generate a [UUID-type]value to ensure uniqueness + // of your versions within the specified secret. + // // - If the ClientRequestToken value isn't already associated with a version of // the secret then a new version of the secret is created. + // // - If a version with this value already exists and the version SecretString and // SecretBinary values are the same as those in the request, then the request is // ignored. + // // - If a version with this value already exists and that version's SecretString // and SecretBinary values are different from those in the request, then the - // request fails because you cannot modify an existing version. Instead, use - // PutSecretValue to create a new version. + // request fails because you cannot modify an existing version. Instead, use PutSecretValueto + // create a new version. + // // This value becomes the VersionId of the new version. + // + // [UUID-type]: https://wikipedia.org/wiki/Universally_unique_identifier ClientRequestToken *string // The description of the secret. @@ -110,50 +136,67 @@ type CreateSecretInput struct { // The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt // the secret value in the secret. An alias is always prefixed by alias/ , for - // example alias/aws/secretsmanager . For more information, see About aliases (https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html) - // . To use a KMS key in a different account, use the key ARN or the alias ARN. If - // you don't specify this value, then Secrets Manager uses the key + // example alias/aws/secretsmanager . For more information, see [About aliases]. + // + // To use a KMS key in a different account, use the key ARN or the alias ARN. + // + // If you don't specify this value, then Secrets Manager uses the key // aws/secretsmanager . If that key doesn't yet exist, then Secrets Manager creates - // it for you automatically the first time it encrypts the secret value. If the - // secret is in a different Amazon Web Services account from the credentials - // calling the API, then you can't use aws/secretsmanager to encrypt the secret, - // and you must create and use a customer managed KMS key. + // it for you automatically the first time it encrypts the secret value. + // + // If the secret is in a different Amazon Web Services account from the + // credentials calling the API, then you can't use aws/secretsmanager to encrypt + // the secret, and you must create and use a customer managed KMS key. + // + // [About aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html KmsKeyId *string // The binary data to encrypt and store in the new version of the secret. We // recommend that you store your binary data in a file and then pass the contents - // of the file as a parameter. Either SecretString or SecretBinary must have a - // value, but not both. This parameter is not available in the Secrets Manager - // console. + // of the file as a parameter. + // + // Either SecretString or SecretBinary must have a value, but not both. + // + // This parameter is not available in the Secrets Manager console. SecretBinary []byte // The text data to encrypt and store in this new version of the secret. We // recommend you use a JSON structure of key/value pairs for your secret value. - // Either SecretString or SecretBinary must have a value, but not both. If you - // create a secret by using the Secrets Manager console then Secrets Manager puts - // the protected secret text in only the SecretString parameter. The Secrets - // Manager console stores the information as a JSON structure of key/value pairs - // that a Lambda rotation function can parse. + // + // Either SecretString or SecretBinary must have a value, but not both. + // + // If you create a secret by using the Secrets Manager console then Secrets + // Manager puts the protected secret text in only the SecretString parameter. The + // Secrets Manager console stores the information as a JSON structure of key/value + // pairs that a Lambda rotation function can parse. SecretString *string // A list of tags to attach to the secret. Each tag is a key and value pair of // strings in a JSON text string, for example: - // [{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}] + // + // [{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}] + // // Secrets Manager tag key names are case sensitive. A tag with the key "ABC" is a - // different tag from one with key "abc". If you check tags in permissions policies - // as part of your security strategy, then adding or removing a tag can change - // permissions. If the completion of this operation would result in you losing your - // permissions for this secret, then Secrets Manager blocks the operation and - // returns an Access Denied error. For more information, see Control access to - // secrets using tags (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) - // and Limit access to identities with tags that match secrets' tags (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) - // . For information about how to format a JSON parameter for the various command - // line tool environments, see Using JSON for Parameters (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) - // . If your command-line tool or SDK requires quotation marks around the - // parameter, you should use single quotes to avoid confusion with the double - // quotes required in the JSON text. For tag quotas and naming restrictions, see - // Service quotas for Tagging (https://docs.aws.amazon.com/general/latest/gr/arg.html#taged-reference-quotas) - // in the Amazon Web Services General Reference guide. + // different tag from one with key "abc". + // + // If you check tags in permissions policies as part of your security strategy, + // then adding or removing a tag can change permissions. If the completion of this + // operation would result in you losing your permissions for this secret, then + // Secrets Manager blocks the operation and returns an Access Denied error. For + // more information, see [Control access to secrets using tags]and [Limit access to identities with tags that match secrets' tags]. + // + // For information about how to format a JSON parameter for the various command + // line tool environments, see [Using JSON for Parameters]. If your command-line tool or SDK requires + // quotation marks around the parameter, you should use single quotes to avoid + // confusion with the double quotes required in the JSON text. + // + // For tag quotas and naming restrictions, see [Service quotas for Tagging] in the Amazon Web Services General + // Reference guide. + // + // [Limit access to identities with tags that match secrets' tags]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2 + // [Using JSON for Parameters]: https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json + // [Service quotas for Tagging]: https://docs.aws.amazon.com/general/latest/gr/arg.html#taged-reference-quotas + // [Control access to secrets using tags]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac Tags []types.Tag noSmithyDocumentSerde @@ -171,9 +214,12 @@ type CreateSecretOutput struct { Name *string // A list of the replicas of this secret and their status: + // // - Failed , which indicates that the replica was not created. + // // - InProgress , which indicates that Secrets Manager is in the process of // creating the replica. + // // - InSync , which indicates that the replica was created. ReplicationStatus []types.ReplicationStatusType @@ -208,25 +254,25 @@ func (c *Client) addOperationCreateSecretMiddlewares(stack *middleware.Stack, op if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -250,7 +296,7 @@ func (c *Client) addOperationCreateSecretMiddlewares(stack *middleware.Stack, op if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateSecret(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteResourcePolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteResourcePolicy.go index 451ebd04..4d8772a4 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteResourcePolicy.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteResourcePolicy.go @@ -6,20 +6,23 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Deletes the resource-based permission policy attached to the secret. To attach -// a policy to a secret, use PutResourcePolicy . Secrets Manager generates a -// CloudTrail log entry when you call this action. Do not include sensitive -// information in request parameters because it might be logged. For more -// information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:DeleteResourcePolicy . For more -// information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// a policy to a secret, use PutResourcePolicy. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:DeleteResourcePolicy . For more +// information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) DeleteResourcePolicy(ctx context.Context, params *DeleteResourcePolicyInput, optFns ...func(*Options)) (*DeleteResourcePolicyOutput, error) { if params == nil { params = &DeleteResourcePolicyInput{} @@ -38,9 +41,11 @@ func (c *Client) DeleteResourcePolicy(ctx context.Context, params *DeleteResourc type DeleteResourcePolicyInput struct { // The ARN or name of the secret to delete the attached resource-based policy for. + // // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string @@ -84,25 +89,25 @@ func (c *Client) addOperationDeleteResourcePolicyMiddlewares(stack *middleware.S if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -123,7 +128,7 @@ func (c *Client) addOperationDeleteResourcePolicyMiddlewares(stack *middleware.S if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteResourcePolicy(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteSecret.go index 62ec00a2..153f42b7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteSecret.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteSecret.go @@ -6,7 +6,6 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" "time" @@ -16,31 +15,41 @@ import ( // during which you can restore the secret. The minimum recovery window is 7 days. // The default recovery window is 30 days. Secrets Manager attaches a DeletionDate // stamp to the secret that specifies the end of the recovery window. At the end of -// the recovery window, Secrets Manager deletes the secret permanently. You can't -// delete a primary secret that is replicated to other Regions. You must first -// delete the replicas using RemoveRegionsFromReplication , and then delete the -// primary secret. When you delete a replica, it is deleted immediately. You can't -// directly delete a version of a secret. Instead, you remove all staging labels -// from the version using UpdateSecretVersionStage . This marks the version as -// deprecated, and then Secrets Manager can automatically delete the version in the -// background. To determine whether an application still uses a secret, you can -// create an Amazon CloudWatch alarm to alert you to any attempts to access a -// secret during the recovery window. For more information, see Monitor secrets -// scheduled for deletion (https://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring_cloudwatch_deleted-secrets.html) -// . Secrets Manager performs the permanent secret deletion at the end of the +// the recovery window, Secrets Manager deletes the secret permanently. +// +// You can't delete a primary secret that is replicated to other Regions. You must +// first delete the replicas using RemoveRegionsFromReplication, and then delete the primary secret. When you +// delete a replica, it is deleted immediately. +// +// You can't directly delete a version of a secret. Instead, you remove all +// staging labels from the version using UpdateSecretVersionStage. This marks the version as deprecated, +// and then Secrets Manager can automatically delete the version in the background. +// +// To determine whether an application still uses a secret, you can create an +// Amazon CloudWatch alarm to alert you to any attempts to access a secret during +// the recovery window. For more information, see [Monitor secrets scheduled for deletion]. +// +// Secrets Manager performs the permanent secret deletion at the end of the // waiting period as a background task with low priority. There is no guarantee of -// a specific time after the recovery window for the permanent delete to occur. At -// any time before recovery window ends, you can use RestoreSecret to remove the -// DeletionDate and cancel the deletion of the secret. When a secret is scheduled -// for deletion, you cannot retrieve the secret value. You must first cancel the -// deletion with RestoreSecret and then you can retrieve the secret. Secrets -// Manager generates a CloudTrail log entry when you call this action. Do not -// include sensitive information in request parameters because it might be logged. -// For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:DeleteSecret . For more information, see -// IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// a specific time after the recovery window for the permanent delete to occur. +// +// At any time before recovery window ends, you can use RestoreSecret to remove the DeletionDate +// and cancel the deletion of the secret. +// +// When a secret is scheduled for deletion, you cannot retrieve the secret value. +// You must first cancel the deletion with RestoreSecretand then you can retrieve the secret. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:DeleteSecret . For more information, see [IAM policy actions for Secrets Manager] +// and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [Monitor secrets scheduled for deletion]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring_cloudwatch_deleted-secrets.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) DeleteSecret(ctx context.Context, params *DeleteSecretInput, optFns ...func(*Options)) (*DeleteSecretOutput, error) { if params == nil { params = &DeleteSecretInput{} @@ -58,10 +67,12 @@ func (c *Client) DeleteSecret(ctx context.Context, params *DeleteSecretInput, op type DeleteSecretInput struct { - // The ARN or name of the secret to delete. For an ARN, we recommend that you - // specify a complete ARN rather than a partial ARN. See Finding a secret from a - // partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // The ARN or name of the secret to delete. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string @@ -69,17 +80,20 @@ type DeleteSecretInput struct { // Specifies whether to delete the secret without any recovery window. You can't // use both this parameter and RecoveryWindowInDays in the same call. If you don't // use either, then by default Secrets Manager uses a 30 day recovery window. + // // Secrets Manager performs the actual deletion with an asynchronous background // process, so there might be a short delay before the secret is permanently // deleted. If you delete a secret and then immediately create a secret with the - // same name, use appropriate back off and retry logic. If you forcibly delete an - // already deleted or nonexistent secret, the operation does not return - // ResourceNotFoundException . Use this parameter with caution. This parameter - // causes the operation to skip the normal recovery window before the permanent - // deletion that Secrets Manager would normally impose with the - // RecoveryWindowInDays parameter. If you delete a secret with the - // ForceDeleteWithoutRecovery parameter, then you have no opportunity to recover - // the secret. You lose the secret permanently. + // same name, use appropriate back off and retry logic. + // + // If you forcibly delete an already deleted or nonexistent secret, the operation + // does not return ResourceNotFoundException . + // + // Use this parameter with caution. This parameter causes the operation to skip + // the normal recovery window before the permanent deletion that Secrets Manager + // would normally impose with the RecoveryWindowInDays parameter. If you delete a + // secret with the ForceDeleteWithoutRecovery parameter, then you have no + // opportunity to recover the secret. You lose the secret permanently. ForceDeleteWithoutRecovery *bool // The number of days from 7 to 30 that Secrets Manager waits before permanently @@ -132,25 +146,25 @@ func (c *Client) addOperationDeleteSecretMiddlewares(stack *middleware.Stack, op if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -171,7 +185,7 @@ func (c *Client) addOperationDeleteSecretMiddlewares(stack *middleware.Stack, op if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteSecret(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DescribeSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DescribeSecret.go index 2e714de6..be73019d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DescribeSecret.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DescribeSecret.go @@ -6,7 +6,6 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" @@ -15,13 +14,17 @@ import ( // Retrieves the details of a secret. It does not include the encrypted secret // value. Secrets Manager only returns fields that have a value in the response. +// // Secrets Manager generates a CloudTrail log entry when you call this action. Do // not include sensitive information in request parameters because it might be -// logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:DescribeSecret . For more information, -// see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:DescribeSecret . For more information, see [IAM policy actions for Secrets Manager] +// and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) DescribeSecret(ctx context.Context, params *DescribeSecretInput, optFns ...func(*Options)) (*DescribeSecretOutput, error) { if params == nil { params = &DescribeSecretInput{} @@ -39,9 +42,12 @@ func (c *Client) DescribeSecret(ctx context.Context, params *DescribeSecretInput type DescribeSecretInput struct { - // The ARN or name of the secret. For an ARN, we recommend that you specify a - // complete ARN rather than a partial ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // The ARN or name of the secret. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string @@ -61,9 +67,11 @@ type DescribeSecretOutput struct { // deletion, this field is omitted. When you delete a secret, Secrets Manager // requires a recovery window of at least 7 days before deleting the secret. Some // time after the deleted date, Secrets Manager deletes the secret, including all - // of its versions. If a secret is scheduled for deletion, then its details, - // including the encrypted secret value, is not accessible. To cancel a scheduled - // deletion and restore access to the secret, use RestoreSecret . + // of its versions. + // + // If a secret is scheduled for deletion, then its details, including the + // encrypted secret value, is not accessible. To cancel a scheduled deletion and + // restore access to the secret, use RestoreSecret. DeletedDate *time.Time // The description of the secret. @@ -92,12 +100,19 @@ type DescribeSecretOutput struct { // The next rotation is scheduled to occur on or before this date. If the secret // isn't configured for rotation or rotation has been disabled, Secrets Manager - // returns null. + // returns null. If rotation fails, Secrets Manager retries the entire rotation + // process multiple times. If rotation is unsuccessful, this date may be in the + // past. + // + // This date represents the latest date that rotation will occur, but it is not an + // approximate rotation date. In some cases, for example if you turn off automatic + // rotation and then turn it back on, the next rotation may occur much sooner than + // this date. NextRotationDate *time.Time - // The ID of the service that created this secret. For more information, see - // Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html) - // . + // The ID of the service that created this secret. For more information, see [Secrets managed by other Amazon Web Services services]. + // + // [Secrets managed by other Amazon Web Services services]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html OwningService *string // The Region the secret is in. If a secret is replicated to other Regions, the @@ -105,14 +120,18 @@ type DescribeSecretOutput struct { PrimaryRegion *string // A list of the replicas of this secret and their status: + // // - Failed , which indicates that the replica was not created. + // // - InProgress , which indicates that Secrets Manager is in the process of // creating the replica. + // // - InSync , which indicates that the replica was created. ReplicationStatus []types.ReplicationStatusType - // Specifies whether automatic rotation is turned on for this secret. To turn on - // rotation, use RotateSecret . To turn off rotation, use CancelRotateSecret . + // Specifies whether automatic rotation is turned on for this secret. + // + // To turn on rotation, use RotateSecret. To turn off rotation, use CancelRotateSecret. RotationEnabled *bool // The ARN of the Lambda function that Secrets Manager invokes to rotate the @@ -125,25 +144,32 @@ type DescribeSecretOutput struct { // rotation turned on, this field is omitted. RotationRules *types.RotationRulesType - // The list of tags attached to the secret. To add tags to a secret, use - // TagResource . To remove tags, use UntagResource . + // The list of tags attached to the secret. To add tags to a secret, use TagResource. To + // remove tags, use UntagResource. Tags []types.Tag // A list of the versions of the secret that have staging labels attached. // Versions that don't have staging labels are considered deprecated and Secrets - // Manager can delete them. Secrets Manager uses staging labels to indicate the - // status of a secret version during rotation. The three staging labels for - // rotation are: + // Manager can delete them. + // + // Secrets Manager uses staging labels to indicate the status of a secret version + // during rotation. The three staging labels for rotation are: + // // - AWSCURRENT , which indicates the current version of the secret. + // // - AWSPENDING , which indicates the version of the secret that contains new // secret information that will become the next current version when rotation - // finishes. During rotation, Secrets Manager creates an AWSPENDING version ID - // before creating the new secret version. To check if a secret version exists, - // call GetSecretValue . + // finishes. + // + // During rotation, Secrets Manager creates an AWSPENDING version ID before + // creating the new secret version. To check if a secret version exists, call GetSecretValue. + // // - AWSPREVIOUS , which indicates the previous current version of the secret. // You can use this as the last known good version. - // For more information about rotation and staging labels, see How rotation works (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) - // . + // + // For more information about rotation and staging labels, see [How rotation works]. + // + // [How rotation works]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html VersionIdsToStages map[string][]string // Metadata pertaining to the operation's result. @@ -174,25 +200,25 @@ func (c *Client) addOperationDescribeSecretMiddlewares(stack *middleware.Stack, if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -213,7 +239,7 @@ func (c *Client) addOperationDescribeSecretMiddlewares(stack *middleware.Stack, if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDescribeSecret(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetRandomPassword.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetRandomPassword.go index a9b2deaa..857fe52d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetRandomPassword.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetRandomPassword.go @@ -6,7 +6,6 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -15,14 +14,15 @@ import ( // and include every character type that the system you are generating a password // for can support. By default, Secrets Manager uses uppercase and lowercase // letters, numbers, and the following characters in passwords: -// !\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ Secrets Manager generates a CloudTrail log -// entry when you call this action. Do not include sensitive information in request -// parameters because it might be logged. For more information, see Logging -// Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:GetRandomPassword . For more information, -// see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// !\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ +// +// Secrets Manager generates a CloudTrail log entry when you call this action. +// +// Required permissions: secretsmanager:GetRandomPassword . For more information, +// see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) GetRandomPassword(ctx context.Context, params *GetRandomPasswordInput, optFns ...func(*Options)) (*GetRandomPasswordOutput, error) { if params == nil { params = &GetRandomPasswordInput{} @@ -109,25 +109,25 @@ func (c *Client) addOperationGetRandomPasswordMiddlewares(stack *middleware.Stac if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -145,7 +145,7 @@ func (c *Client) addOperationGetRandomPasswordMiddlewares(stack *middleware.Stac if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetRandomPassword(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetResourcePolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetResourcePolicy.go index d2331cc8..3a2e6c68 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetResourcePolicy.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetResourcePolicy.go @@ -6,21 +6,25 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Retrieves the JSON text of the resource-based policy document attached to the // secret. For more information about permissions policies attached to a secret, -// see Permissions policies attached to a secret (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-policies.html) -// . Secrets Manager generates a CloudTrail log entry when you call this action. Do +// see [Permissions policies attached to a secret]. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do // not include sensitive information in request parameters because it might be -// logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:GetResourcePolicy . For more information, -// see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:GetResourcePolicy . For more information, +// see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions +// [Permissions policies attached to a secret]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-policies.html func (c *Client) GetResourcePolicy(ctx context.Context, params *GetResourcePolicyInput, optFns ...func(*Options)) (*GetResourcePolicyOutput, error) { if params == nil { params = &GetResourcePolicyInput{} @@ -39,9 +43,12 @@ func (c *Client) GetResourcePolicy(ctx context.Context, params *GetResourcePolic type GetResourcePolicyInput struct { // The ARN or name of the secret to retrieve the attached resource-based policy - // for. For an ARN, we recommend that you specify a complete ARN rather than a - // partial ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // for. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string @@ -58,9 +65,9 @@ type GetResourcePolicyOutput struct { Name *string // A JSON-formatted string that contains the permissions policy attached to the - // secret. For more information about permissions policies, see Authentication and - // access control for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) - // . + // secret. For more information about permissions policies, see [Authentication and access control for Secrets Manager]. + // + // [Authentication and access control for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html ResourcePolicy *string // Metadata pertaining to the operation's result. @@ -91,25 +98,25 @@ func (c *Client) addOperationGetResourcePolicyMiddlewares(stack *middleware.Stac if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -130,7 +137,7 @@ func (c *Client) addOperationGetResourcePolicyMiddlewares(stack *middleware.Stac if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetResourcePolicy(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetSecretValue.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetSecretValue.go index 11ecfcd3..16a7f98d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetSecretValue.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetSecretValue.go @@ -6,30 +6,37 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" "time" ) // Retrieves the contents of the encrypted fields SecretString or SecretBinary -// from the specified version of a secret, whichever contains content. To retrieve -// the values for a group of secrets, call BatchGetSecretValue . We recommend that -// you cache your secret values by using client-side caching. Caching secrets -// improves speed and reduces your costs. For more information, see Cache secrets -// for your applications (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html) -// . To retrieve the previous version of a secret, use VersionStage and specify -// AWSPREVIOUS. To revert to the previous version of a secret, call -// UpdateSecretVersionStage (https://docs.aws.amazon.com/cli/latest/reference/secretsmanager/update-secret-version-stage.html) -// . Secrets Manager generates a CloudTrail log entry when you call this action. Do +// from the specified version of a secret, whichever contains content. +// +// To retrieve the values for a group of secrets, call BatchGetSecretValue. +// +// We recommend that you cache your secret values by using client-side caching. +// Caching secrets improves speed and reduces your costs. For more information, see +// [Cache secrets for your applications]. +// +// To retrieve the previous version of a secret, use VersionStage and specify +// AWSPREVIOUS. To revert to the previous version of a secret, call [UpdateSecretVersionStage]. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do // not include sensitive information in request parameters because it might be -// logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:GetSecretValue . If the secret is -// encrypted using a customer-managed key instead of the Amazon Web Services -// managed key aws/secretsmanager , then you also need kms:Decrypt permissions for -// that key. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:GetSecretValue . If the secret is encrypted +// using a customer-managed key instead of the Amazon Web Services managed key +// aws/secretsmanager , then you also need kms:Decrypt permissions for that key. +// For more information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [UpdateSecretVersionStage]: https://docs.aws.amazon.com/cli/latest/reference/secretsmanager/update-secret-version-stage.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions +// [Cache secrets for your applications]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html func (c *Client) GetSecretValue(ctx context.Context, params *GetSecretValueInput, optFns ...func(*Options)) (*GetSecretValueOutput, error) { if params == nil { params = &GetSecretValueInput{} @@ -47,10 +54,12 @@ func (c *Client) GetSecretValue(ctx context.Context, params *GetSecretValueInput type GetSecretValueInput struct { - // The ARN or name of the secret to retrieve. For an ARN, we recommend that you - // specify a complete ARN rather than a partial ARN. See Finding a secret from a - // partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // The ARN or name of the secret to retrieve. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string @@ -58,15 +67,18 @@ type GetSecretValueInput struct { // The unique identifier of the version of the secret to retrieve. If you include // both this parameter and VersionStage , the two parameters must refer to the same // secret version. If you don't specify either a VersionStage or VersionId , then - // Secrets Manager returns the AWSCURRENT version. This value is typically a - // UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) value with - // 32 hexadecimal digits. + // Secrets Manager returns the AWSCURRENT version. + // + // This value is typically a [UUID-type] value with 32 hexadecimal digits. + // + // [UUID-type]: https://wikipedia.org/wiki/Universally_unique_identifier VersionId *string - // The staging label of the version of the secret to retrieve. Secrets Manager - // uses staging labels to keep track of different versions during the rotation - // process. If you include both this parameter and VersionId , the two parameters - // must refer to the same secret version. If you don't specify either a + // The staging label of the version of the secret to retrieve. + // + // Secrets Manager uses staging labels to keep track of different versions during + // the rotation process. If you include both this parameter and VersionId , the two + // parameters must refer to the same secret version. If you don't specify either a // VersionStage or VersionId , Secrets Manager returns the AWSCURRENT version. VersionStage *string @@ -89,16 +101,18 @@ type GetSecretValueOutput struct { // The decrypted secret value, if the secret value was originally provided as // binary data in the form of a byte array. When you retrieve a SecretBinary using // the HTTP API, the Python SDK, or the Amazon Web Services CLI, the value is - // Base64-encoded. Otherwise, it is not encoded. If the secret was created by using - // the Secrets Manager console, or if the secret value was originally provided as a - // string, then this field is omitted. The secret value appears in SecretString - // instead. + // Base64-encoded. Otherwise, it is not encoded. + // + // If the secret was created by using the Secrets Manager console, or if the + // secret value was originally provided as a string, then this field is omitted. + // The secret value appears in SecretString instead. SecretBinary []byte // The decrypted secret value, if the secret value was originally provided as a - // string or through the Secrets Manager console. If this secret was created by - // using the console, then Secrets Manager stores the information as a JSON - // structure of key/value pairs. + // string or through the Secrets Manager console. + // + // If this secret was created by using the console, then Secrets Manager stores + // the information as a JSON structure of key/value pairs. SecretString *string // The unique identifier of this version of the secret. @@ -136,25 +150,25 @@ func (c *Client) addOperationGetSecretValueMiddlewares(stack *middleware.Stack, if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -175,7 +189,7 @@ func (c *Client) addOperationGetSecretValueMiddlewares(stack *middleware.Stack, if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetSecretValue(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecretVersionIds.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecretVersionIds.go index 62af6310..0cb7f524 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecretVersionIds.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecretVersionIds.go @@ -6,23 +6,27 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Lists the versions of a secret. Secrets Manager uses staging labels to indicate -// the different versions of a secret. For more information, see Secrets Manager -// concepts: Versions (https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version) -// . To list the secrets in the account, use ListSecrets . Secrets Manager -// generates a CloudTrail log entry when you call this action. Do not include -// sensitive information in request parameters because it might be logged. For more -// information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:ListSecretVersionIds . For more -// information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// the different versions of a secret. For more information, see [Secrets Manager concepts: Versions]. +// +// To list the secrets in the account, use ListSecrets. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:ListSecretVersionIds . For more +// information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [Secrets Manager concepts: Versions]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) ListSecretVersionIds(ctx context.Context, params *ListSecretVersionIdsInput, optFns ...func(*Options)) (*ListSecretVersionIdsOutput, error) { if params == nil { params = &ListSecretVersionIdsInput{} @@ -40,10 +44,12 @@ func (c *Client) ListSecretVersionIds(ctx context.Context, params *ListSecretVer type ListSecretVersionIdsInput struct { - // The ARN or name of the secret whose versions you want to list. For an ARN, we - // recommend that you specify a complete ARN rather than a partial ARN. See - // Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // The ARN or name of the secret whose versions you want to list. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string @@ -54,9 +60,11 @@ type ListSecretVersionIdsInput struct { // without staging labels aren't included. IncludeDeprecated *bool - // The number of results to include in the response. If there are more results - // available, in the response, Secrets Manager includes NextToken . To get the next - // results, call ListSecretVersionIds again with the value from NextToken . + // The number of results to include in the response. + // + // If there are more results available, in the response, Secrets Manager includes + // NextToken . To get the next results, call ListSecretVersionIds again with the + // value from NextToken . MaxResults *int32 // A token that indicates where the output should continue from, if a previous @@ -112,25 +120,25 @@ func (c *Client) addOperationListSecretVersionIdsMiddlewares(stack *middleware.S if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -151,7 +159,7 @@ func (c *Client) addOperationListSecretVersionIdsMiddlewares(stack *middleware.S if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListSecretVersionIds(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { @@ -180,9 +188,11 @@ var _ ListSecretVersionIdsAPIClient = (*Client)(nil) // ListSecretVersionIdsPaginatorOptions is the paginator options for // ListSecretVersionIds type ListSecretVersionIdsPaginatorOptions struct { - // The number of results to include in the response. If there are more results - // available, in the response, Secrets Manager includes NextToken . To get the next - // results, call ListSecretVersionIds again with the value from NextToken . + // The number of results to include in the response. + // + // If there are more results available, in the response, Secrets Manager includes + // NextToken . To get the next results, call ListSecretVersionIds again with the + // value from NextToken . Limit int32 // Set to true if pagination should stop if the service returns a pagination token diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecrets.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecrets.go index 3ae0e70b..7ebdc309 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecrets.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecrets.go @@ -6,7 +6,6 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" @@ -14,19 +13,29 @@ import ( // Lists the secrets that are stored by Secrets Manager in the Amazon Web Services // account, not including secrets that are marked for deletion. To see secrets -// marked for deletion, use the Secrets Manager console. ListSecrets is eventually -// consistent, however it might not reflect changes from the last five minutes. To -// get the latest information for a specific secret, use DescribeSecret . To list -// the versions of a secret, use ListSecretVersionIds . To retrieve the values for -// the secrets, call BatchGetSecretValue or GetSecretValue . For information about -// finding secrets in the console, see Find secrets in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html) -// . Secrets Manager generates a CloudTrail log entry when you call this action. Do +// marked for deletion, use the Secrets Manager console. +// +// All Secrets Manager operations are eventually consistent. ListSecrets might not +// reflect changes from the last five minutes. You can get more recent information +// for a specific secret by calling DescribeSecret. +// +// To list the versions of a secret, use ListSecretVersionIds. +// +// To retrieve the values for the secrets, call BatchGetSecretValue or GetSecretValue. +// +// For information about finding secrets in the console, see [Find secrets in Secrets Manager]. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do // not include sensitive information in request parameters because it might be -// logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:ListSecrets . For more information, see -// IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:ListSecrets . For more information, see [IAM policy actions for Secrets Manager] +// and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions +// [Find secrets in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html func (c *Client) ListSecrets(ctx context.Context, params *ListSecretsInput, optFns ...func(*Options)) (*ListSecretsOutput, error) { if params == nil { params = &ListSecretsInput{} @@ -51,9 +60,11 @@ type ListSecretsInput struct { // secrets scheduled for deletion aren't included. IncludePlannedDeletion *bool - // The number of results to include in the response. If there are more results - // available, in the response, Secrets Manager includes NextToken . To get the next - // results, call ListSecrets again with the value from NextToken . + // The number of results to include in the response. + // + // If there are more results available, in the response, Secrets Manager includes + // NextToken . To get the next results, call ListSecrets again with the value from + // NextToken . MaxResults *int32 // A token that indicates where the output should continue from, if a previous @@ -106,25 +117,25 @@ func (c *Client) addOperationListSecretsMiddlewares(stack *middleware.Stack, opt if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -142,7 +153,7 @@ func (c *Client) addOperationListSecretsMiddlewares(stack *middleware.Stack, opt if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListSecrets(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { @@ -169,9 +180,11 @@ var _ ListSecretsAPIClient = (*Client)(nil) // ListSecretsPaginatorOptions is the paginator options for ListSecrets type ListSecretsPaginatorOptions struct { - // The number of results to include in the response. If there are more results - // available, in the response, Secrets Manager includes NextToken . To get the next - // results, call ListSecrets again with the value from NextToken . + // The number of results to include in the response. + // + // If there are more results available, in the response, Secrets Manager includes + // NextToken . To get the next results, call ListSecrets again with the value from + // NextToken . Limit int32 // Set to true if pagination should stop if the service returns a pagination token diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutResourcePolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutResourcePolicy.go index b6632d0a..a3e36689 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutResourcePolicy.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutResourcePolicy.go @@ -6,23 +6,27 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Attaches a resource-based permission policy to a secret. A resource-based -// policy is optional. For more information, see Authentication and access control -// for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// For information about attaching a policy in the console, see Attach a -// permissions policy to a secret (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html) -// . Secrets Manager generates a CloudTrail log entry when you call this action. Do +// policy is optional. For more information, see [Authentication and access control for Secrets Manager] +// +// For information about attaching a policy in the console, see [Attach a permissions policy to a secret]. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do // not include sensitive information in request parameters because it might be -// logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:PutResourcePolicy . For more information, -// see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:PutResourcePolicy . For more information, +// see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [Attach a permissions policy to a secret]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions +// [Authentication and access control for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html func (c *Client) PutResourcePolicy(ctx context.Context, params *PutResourcePolicyInput, optFns ...func(*Options)) (*PutResourcePolicyOutput, error) { if params == nil { params = &PutResourcePolicyInput{} @@ -41,16 +45,19 @@ func (c *Client) PutResourcePolicy(ctx context.Context, params *PutResourcePolic type PutResourcePolicyInput struct { // A JSON-formatted string for an Amazon Web Services resource-based policy. For - // example policies, see Permissions policy examples (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html) - // . + // example policies, see [Permissions policy examples]. + // + // [Permissions policy examples]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html // // This member is required. ResourcePolicy *string - // The ARN or name of the secret to attach the resource-based policy. For an ARN, - // we recommend that you specify a complete ARN rather than a partial ARN. See - // Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // The ARN or name of the secret to attach the resource-based policy. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string @@ -58,6 +65,22 @@ type PutResourcePolicyInput struct { // Specifies whether to block resource-based policies that allow broad access to // the secret, for example those that use a wildcard for the principal. By default, // public policies aren't blocked. + // + // Resource policy validation and the BlockPublicPolicy parameter help protect + // your resources by preventing public access from being granted through the + // resource policies that are directly attached to your secrets. In addition to + // using these features, carefully inspect the following policies to confirm that + // they do not grant public access: + // + // - Identity-based policies attached to associated Amazon Web Services + // principals (for example, IAM roles) + // + // - Resource-based policies attached to associated Amazon Web Services + // resources (for example, Key Management Service (KMS) keys) + // + // To review permissions to your secrets, see [Determine who has permissions to your secrets]. + // + // [Determine who has permissions to your secrets]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/determine-acccess_examine-iam-policies.html BlockPublicPolicy *bool noSmithyDocumentSerde @@ -99,25 +122,25 @@ func (c *Client) addOperationPutResourcePolicyMiddlewares(stack *middleware.Stac if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -138,7 +161,7 @@ func (c *Client) addOperationPutResourcePolicyMiddlewares(stack *middleware.Stac if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutResourcePolicy(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutSecretValue.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutSecretValue.go index 862437ac..b82eb6c1 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutSecretValue.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutSecretValue.go @@ -6,39 +6,47 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Creates a new version with a new encrypted secret value and attaches it to the // secret. The version can contain a new SecretString value or a new SecretBinary -// value. We recommend you avoid calling PutSecretValue at a sustained rate of -// more than once every 10 minutes. When you update the secret value, Secrets -// Manager creates a new version of the secret. Secrets Manager removes outdated -// versions when there are more than 100, but it does not remove versions created -// less than 24 hours ago. If you call PutSecretValue more than once every 10 -// minutes, you create more versions than Secrets Manager removes, and you will -// reach the quota for secret versions. You can specify the staging labels to -// attach to the new version in VersionStages . If you don't include VersionStages -// , then Secrets Manager automatically moves the staging label AWSCURRENT to this -// version. If this operation creates the first version for the secret, then -// Secrets Manager automatically attaches the staging label AWSCURRENT to it. If -// this operation moves the staging label AWSCURRENT from another version to this -// version, then Secrets Manager also automatically moves the staging label -// AWSPREVIOUS to the version that AWSCURRENT was removed from. This operation is -// idempotent. If you call this operation with a ClientRequestToken that matches -// an existing version's VersionId, and you specify the same secret data, the -// operation succeeds but does nothing. However, if the secret data is different, -// then the operation fails because you can't modify an existing version; you can -// only create new ones. Secrets Manager generates a CloudTrail log entry when you -// call this action. Do not include sensitive information in request parameters -// except SecretBinary or SecretString because it might be logged. For more -// information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:PutSecretValue . For more information, -// see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// value. +// +// We recommend you avoid calling PutSecretValue at a sustained rate of more than +// once every 10 minutes. When you update the secret value, Secrets Manager creates +// a new version of the secret. Secrets Manager removes outdated versions when +// there are more than 100, but it does not remove versions created less than 24 +// hours ago. If you call PutSecretValue more than once every 10 minutes, you +// create more versions than Secrets Manager removes, and you will reach the quota +// for secret versions. +// +// You can specify the staging labels to attach to the new version in VersionStages +// . If you don't include VersionStages , then Secrets Manager automatically moves +// the staging label AWSCURRENT to this version. If this operation creates the +// first version for the secret, then Secrets Manager automatically attaches the +// staging label AWSCURRENT to it. If this operation moves the staging label +// AWSCURRENT from another version to this version, then Secrets Manager also +// automatically moves the staging label AWSPREVIOUS to the version that AWSCURRENT +// was removed from. +// +// This operation is idempotent. If you call this operation with a +// ClientRequestToken that matches an existing version's VersionId, and you specify +// the same secret data, the operation succeeds but does nothing. However, if the +// secret data is different, then the operation fails because you can't modify an +// existing version; you can only create new ones. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters except SecretBinary or +// SecretString because it might be logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:PutSecretValue . For more information, see [IAM policy actions for Secrets Manager] +// and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) PutSecretValue(ctx context.Context, params *PutSecretValueInput, optFns ...func(*Options)) (*PutSecretValueOutput, error) { if params == nil { params = &PutSecretValueInput{} @@ -56,57 +64,79 @@ func (c *Client) PutSecretValue(ctx context.Context, params *PutSecretValueInput type PutSecretValueInput struct { - // The ARN or name of the secret to add a new version to. For an ARN, we recommend - // that you specify a complete ARN rather than a partial ARN. See Finding a secret - // from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . If the secret doesn't already exist, use CreateSecret instead. + // The ARN or name of the secret to add a new version to. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // If the secret doesn't already exist, use CreateSecret instead. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string - // A unique identifier for the new version of the secret. If you use the Amazon - // Web Services CLI or one of the Amazon Web Services SDKs to call this operation, - // then you can leave this parameter empty. The CLI or SDK generates a random UUID - // for you and includes it as the value for this parameter in the request. If you - // generate a raw HTTP request to the Secrets Manager service endpoint, then you - // must generate a ClientRequestToken and include it in the request. This value - // helps ensure idempotency. Secrets Manager uses this value to prevent the - // accidental creation of duplicate versions if there are failures and retries - // during a rotation. We recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) - // value to ensure uniqueness of your versions within the specified secret. + // A unique identifier for the new version of the secret. + // + // If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs + // to call this operation, then you can leave this parameter empty. The CLI or SDK + // generates a random UUID for you and includes it as the value for this parameter + // in the request. + // + // If you generate a raw HTTP request to the Secrets Manager service endpoint, + // then you must generate a ClientRequestToken and include it in the request. + // + // This value helps ensure idempotency. Secrets Manager uses this value to prevent + // the accidental creation of duplicate versions if there are failures and retries + // during a rotation. We recommend that you generate a [UUID-type]value to ensure uniqueness + // of your versions within the specified secret. + // // - If the ClientRequestToken value isn't already associated with a version of // the secret then a new version of the secret is created. + // // - If a version with this value already exists and that version's SecretString // or SecretBinary values are the same as those in the request then the request // is ignored. The operation is idempotent. + // // - If a version with this value already exists and the version of the // SecretString and SecretBinary values are different from those in the request, // then the request fails because you can't modify a secret version. You can only // create new versions to store new secret values. + // // This value becomes the VersionId of the new version. + // + // [UUID-type]: https://wikipedia.org/wiki/Universally_unique_identifier ClientRequestToken *string // The binary data to encrypt and store in the new version of the secret. To use // this parameter in the command-line tools, we recommend that you store your - // binary data in a file and then pass the contents of the file as a parameter. You - // must include SecretBinary or SecretString , but not both. You can't access this - // value from the Secrets Manager console. + // binary data in a file and then pass the contents of the file as a parameter. + // + // You must include SecretBinary or SecretString , but not both. + // + // You can't access this value from the Secrets Manager console. SecretBinary []byte - // The text to encrypt and store in the new version of the secret. You must - // include SecretBinary or SecretString , but not both. We recommend you create the - // secret string as JSON key/value pairs, as shown in the example. + // The text to encrypt and store in the new version of the secret. + // + // You must include SecretBinary or SecretString , but not both. + // + // We recommend you create the secret string as JSON key/value pairs, as shown in + // the example. SecretString *string // A list of staging labels to attach to this version of the secret. Secrets // Manager uses staging labels to track versions of a secret through the rotation - // process. If you specify a staging label that's already associated with a - // different version of the same secret, then Secrets Manager removes the label - // from the other version and attaches it to this version. If you specify - // AWSCURRENT , and it is already attached to another version, then Secrets Manager - // also moves the staging label AWSPREVIOUS to the version that AWSCURRENT was - // removed from. If you don't include VersionStages , then Secrets Manager - // automatically moves the staging label AWSCURRENT to this version. + // process. + // + // If you specify a staging label that's already associated with a different + // version of the same secret, then Secrets Manager removes the label from the + // other version and attaches it to this version. If you specify AWSCURRENT , and + // it is already attached to another version, then Secrets Manager also moves the + // staging label AWSPREVIOUS to the version that AWSCURRENT was removed from. + // + // If you don't include VersionStages , then Secrets Manager automatically moves + // the staging label AWSCURRENT to this version. VersionStages []string noSmithyDocumentSerde @@ -156,25 +186,25 @@ func (c *Client) addOperationPutSecretValueMiddlewares(stack *middleware.Stack, if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -198,7 +228,7 @@ func (c *Client) addOperationPutSecretValueMiddlewares(stack *middleware.Stack, if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutSecretValue(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RemoveRegionsFromReplication.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RemoveRegionsFromReplication.go index 772f8c85..44950e25 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RemoveRegionsFromReplication.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RemoveRegionsFromReplication.go @@ -6,21 +6,24 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // For a secret that is replicated to other Regions, deletes the secret replicas -// from the Regions you specify. Secrets Manager generates a CloudTrail log entry -// when you call this action. Do not include sensitive information in request -// parameters because it might be logged. For more information, see Logging -// Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:RemoveRegionsFromReplication . For more -// information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// from the Regions you specify. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:RemoveRegionsFromReplication . For more +// information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) RemoveRegionsFromReplication(ctx context.Context, params *RemoveRegionsFromReplicationInput, optFns ...func(*Options)) (*RemoveRegionsFromReplicationOutput, error) { if params == nil { params = &RemoveRegionsFromReplicationInput{} @@ -87,25 +90,25 @@ func (c *Client) addOperationRemoveRegionsFromReplicationMiddlewares(stack *midd if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -126,7 +129,7 @@ func (c *Client) addOperationRemoveRegionsFromReplicationMiddlewares(stack *midd if err = stack.Initialize.Add(newServiceMetadataMiddleware_opRemoveRegionsFromReplication(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ReplicateSecretToRegions.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ReplicateSecretToRegions.go index 44d3acb0..e6115da0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ReplicateSecretToRegions.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ReplicateSecretToRegions.go @@ -6,23 +6,27 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Replicates the secret to a new Regions. See Multi-Region secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/create-manage-multi-region-secrets.html) -// . Secrets Manager generates a CloudTrail log entry when you call this action. Do +// Replicates the secret to a new Regions. See [Multi-Region secrets]. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do // not include sensitive information in request parameters because it might be -// logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:ReplicateSecretToRegions . If the primary +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:ReplicateSecretToRegions . If the primary // secret is encrypted with a KMS key other than aws/secretsmanager , you also need // kms:Decrypt permission to the key. To encrypt the replicated secret with a KMS // key other than aws/secretsmanager , you need kms:GenerateDataKey and kms:Encrypt -// to the key. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// to the key. For more information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [Multi-Region secrets]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/create-manage-multi-region-secrets.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) ReplicateSecretToRegions(ctx context.Context, params *ReplicateSecretToRegionsInput, optFns ...func(*Options)) (*ReplicateSecretToRegionsOutput, error) { if params == nil { params = &ReplicateSecretToRegionsInput{} @@ -93,25 +97,25 @@ func (c *Client) addOperationReplicateSecretToRegionsMiddlewares(stack *middlewa if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -132,7 +136,7 @@ func (c *Client) addOperationReplicateSecretToRegionsMiddlewares(stack *middlewa if err = stack.Initialize.Add(newServiceMetadataMiddleware_opReplicateSecretToRegions(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RestoreSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RestoreSecret.go index e722e170..adcd8ce4 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RestoreSecret.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RestoreSecret.go @@ -6,20 +6,23 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Cancels the scheduled deletion of a secret by removing the DeletedDate time -// stamp. You can access a secret again after it has been restored. Secrets Manager -// generates a CloudTrail log entry when you call this action. Do not include -// sensitive information in request parameters because it might be logged. For more -// information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:RestoreSecret . For more information, see -// IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// stamp. You can access a secret again after it has been restored. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:RestoreSecret . For more information, see [IAM policy actions for Secrets Manager] +// and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) RestoreSecret(ctx context.Context, params *RestoreSecretInput, optFns ...func(*Options)) (*RestoreSecretOutput, error) { if params == nil { params = &RestoreSecretInput{} @@ -37,10 +40,12 @@ func (c *Client) RestoreSecret(ctx context.Context, params *RestoreSecretInput, type RestoreSecretInput struct { - // The ARN or name of the secret to restore. For an ARN, we recommend that you - // specify a complete ARN rather than a partial ARN. See Finding a secret from a - // partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // The ARN or name of the secret to restore. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string @@ -84,25 +89,25 @@ func (c *Client) addOperationRestoreSecretMiddlewares(stack *middleware.Stack, o if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -123,7 +128,7 @@ func (c *Client) addOperationRestoreSecretMiddlewares(stack *middleware.Stack, o if err = stack.Initialize.Add(newServiceMetadataMiddleware_opRestoreSecret(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RotateSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RotateSecret.go index 686d06e3..7d11126c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RotateSecret.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RotateSecret.go @@ -6,35 +6,41 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Configures and starts the asynchronous process of rotating the secret. For -// information about rotation, see Rotate secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html) -// in the Secrets Manager User Guide. If you include the configuration parameters, -// the operation sets the values for the secret and then immediately starts a -// rotation. If you don't include the configuration parameters, the operation -// starts a rotation with the values already stored in the secret. When rotation is -// successful, the AWSPENDING staging label might be attached to the same version -// as the AWSCURRENT version, or it might not be attached to any version. If the -// AWSPENDING staging label is present but not attached to the same version as -// AWSCURRENT , then any later invocation of RotateSecret assumes that a previous -// rotation request is still in progress and returns an error. When rotation is -// unsuccessful, the AWSPENDING staging label might be attached to an empty secret -// version. For more information, see Troubleshoot rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html) -// in the Secrets Manager User Guide. Secrets Manager generates a CloudTrail log -// entry when you call this action. Do not include sensitive information in request -// parameters because it might be logged. For more information, see Logging -// Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:RotateSecret . For more information, see -// IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . You also need lambda:InvokeFunction permissions on the rotation function. For -// more information, see Permissions for rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) -// . +// information about rotation, see [Rotate secrets]in the Secrets Manager User Guide. If you +// include the configuration parameters, the operation sets the values for the +// secret and then immediately starts a rotation. If you don't include the +// configuration parameters, the operation starts a rotation with the values +// already stored in the secret. +// +// When rotation is successful, the AWSPENDING staging label might be attached to +// the same version as the AWSCURRENT version, or it might not be attached to any +// version. If the AWSPENDING staging label is present but not attached to the +// same version as AWSCURRENT , then any later invocation of RotateSecret assumes +// that a previous rotation request is still in progress and returns an error. When +// rotation is unsuccessful, the AWSPENDING staging label might be attached to an +// empty secret version. For more information, see [Troubleshoot rotation]in the Secrets Manager User +// Guide. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:RotateSecret . For more information, see [IAM policy actions for Secrets Manager] +// and [Authentication and access control in Secrets Manager]. You also need lambda:InvokeFunction permissions on the rotation function. +// For more information, see [Permissions for rotation]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Permissions for rotation]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html +// [Rotate secrets]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [Troubleshoot rotation]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) RotateSecret(ctx context.Context, params *RotateSecretInput, optFns ...func(*Options)) (*RotateSecretOutput, error) { if params == nil { params = &RotateSecretInput{} @@ -52,42 +58,56 @@ func (c *Client) RotateSecret(ctx context.Context, params *RotateSecretInput, op type RotateSecretInput struct { - // The ARN or name of the secret to rotate. For an ARN, we recommend that you - // specify a complete ARN rather than a partial ARN. See Finding a secret from a - // partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // The ARN or name of the secret to rotate. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string // A unique identifier for the new version of the secret. You only need to specify // this value if you implement your own retry logic and you want to ensure that - // Secrets Manager doesn't attempt to create a secret version twice. If you use the - // Amazon Web Services CLI or one of the Amazon Web Services SDKs to call this - // operation, then you can leave this parameter empty. The CLI or SDK generates a - // random UUID for you and includes it as the value for this parameter in the - // request. If you generate a raw HTTP request to the Secrets Manager service - // endpoint, then you must generate a ClientRequestToken and include it in the - // request. This value helps ensure idempotency. Secrets Manager uses this value to - // prevent the accidental creation of duplicate versions if there are failures and - // retries during a rotation. We recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) - // value to ensure uniqueness of your versions within the specified secret. + // Secrets Manager doesn't attempt to create a secret version twice. + // + // If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs + // to call this operation, then you can leave this parameter empty. The CLI or SDK + // generates a random UUID for you and includes it as the value for this parameter + // in the request. + // + // If you generate a raw HTTP request to the Secrets Manager service endpoint, + // then you must generate a ClientRequestToken and include it in the request. + // + // This value helps ensure idempotency. Secrets Manager uses this value to prevent + // the accidental creation of duplicate versions if there are failures and retries + // during a rotation. We recommend that you generate a [UUID-type]value to ensure uniqueness + // of your versions within the specified secret. + // + // [UUID-type]: https://wikipedia.org/wiki/Universally_unique_identifier ClientRequestToken *string // Specifies whether to rotate the secret immediately or wait until the next - // scheduled rotation window. The rotation schedule is defined in - // RotateSecretRequest$RotationRules . For secrets that use a Lambda rotation - // function to rotate, if you don't immediately rotate the secret, Secrets Manager - // tests the rotation configuration by running the testSecret step (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) - // of the Lambda rotation function. The test creates an AWSPENDING version of the - // secret and then removes it. By default, Secrets Manager rotates the secret - // immediately. + // scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules. + // + // For secrets that use a Lambda rotation function to rotate, if you don't + // immediately rotate the secret, Secrets Manager tests the rotation configuration + // by running the [testSecret step]testSecret of the Lambda rotation function. The test creates an + // AWSPENDING version of the secret and then removes it. + // + // By default, Secrets Manager rotates the secret immediately. + // + // [testSecret step]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html RotateImmediately *bool // For secrets that use a Lambda rotation function to rotate, the ARN of the - // Lambda rotation function. For secrets that use managed rotation, omit this - // field. For more information, see Managed rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html) - // in the Secrets Manager User Guide. + // Lambda rotation function. + // + // For secrets that use managed rotation, omit this field. For more information, + // see [Managed rotation]in the Secrets Manager User Guide. + // + // [Managed rotation]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html RotationLambdaARN *string // A structure that defines the rotation configuration for this secret. @@ -135,25 +155,25 @@ func (c *Client) addOperationRotateSecretMiddlewares(stack *middleware.Stack, op if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -177,7 +197,7 @@ func (c *Client) addOperationRotateSecretMiddlewares(stack *middleware.Stack, op if err = stack.Initialize.Add(newServiceMetadataMiddleware_opRotateSecret(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_StopReplicationToReplica.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_StopReplicationToReplica.go index 45870101..b32fc01e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_StopReplicationToReplica.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_StopReplicationToReplica.go @@ -6,22 +6,26 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Removes the link between the replica secret and the primary secret and promotes -// the replica to a primary secret in the replica Region. You must call this -// operation from the Region in which you want to promote the replica to a primary -// secret. Secrets Manager generates a CloudTrail log entry when you call this -// action. Do not include sensitive information in request parameters because it -// might be logged. For more information, see Logging Secrets Manager events with -// CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:StopReplicationToReplica . For more -// information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// the replica to a primary secret in the replica Region. +// +// You must call this operation from the Region in which you want to promote the +// replica to a primary secret. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:StopReplicationToReplica . For more +// information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) StopReplicationToReplica(ctx context.Context, params *StopReplicationToReplicaInput, optFns ...func(*Options)) (*StopReplicationToReplicaOutput, error) { if params == nil { params = &StopReplicationToReplicaInput{} @@ -81,25 +85,25 @@ func (c *Client) addOperationStopReplicationToReplicaMiddlewares(stack *middlewa if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -120,7 +124,7 @@ func (c *Client) addOperationStopReplicationToReplicaMiddlewares(stack *middlewa if err = stack.Initialize.Add(newServiceMetadataMiddleware_opStopReplicationToReplica(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_TagResource.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_TagResource.go index 594db9b5..a59d84f2 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_TagResource.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_TagResource.go @@ -6,7 +6,6 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" @@ -14,20 +13,27 @@ import ( // Attaches tags to a secret. Tags consist of a key name and a value. Tags are // part of the secret's metadata. They are not associated with specific versions of -// the secret. This operation appends tags to the existing list of tags. For tag -// quotas and naming restrictions, see Service quotas for Tagging (https://docs.aws.amazon.com/general/latest/gr/arg.html#taged-reference-quotas) -// in the Amazon Web Services General Reference guide. If you use tags as part of -// your security strategy, then adding or removing a tag can change permissions. If -// successfully completing this operation would result in you losing your -// permissions for this secret, then the operation is blocked and returns an Access -// Denied error. Secrets Manager generates a CloudTrail log entry when you call -// this action. Do not include sensitive information in request parameters because -// it might be logged. For more information, see Logging Secrets Manager events -// with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:TagResource . For more information, see -// IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// the secret. This operation appends tags to the existing list of tags. +// +// For tag quotas and naming restrictions, see [Service quotas for Tagging] in the Amazon Web Services General +// Reference guide. +// +// If you use tags as part of your security strategy, then adding or removing a +// tag can change permissions. If successfully completing this operation would +// result in you losing your permissions for this secret, then the operation is +// blocked and returns an Access Denied error. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:TagResource . For more information, see [IAM policy actions for Secrets Manager] +// and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions +// [Service quotas for Tagging]: https://docs.aws.amazon.com/general/latest/gr/arg.html#taged-reference-quotas func (c *Client) TagResource(ctx context.Context, params *TagResourceInput, optFns ...func(*Options)) (*TagResourceOutput, error) { if params == nil { params = &TagResourceInput{} @@ -46,20 +52,24 @@ func (c *Client) TagResource(ctx context.Context, params *TagResourceInput, optF type TagResourceInput struct { // The identifier for the secret to attach tags to. You can specify either the - // Amazon Resource Name (ARN) or the friendly name of the secret. For an ARN, we - // recommend that you specify a complete ARN rather than a partial ARN. See - // Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // Amazon Resource Name (ARN) or the friendly name of the secret. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string // The tags to attach to the secret as a JSON text string argument. Each element - // in the list consists of a Key and a Value . For storing multiple values, we - // recommend that you use a JSON text string argument and specify key/value pairs. - // For more information, see Specifying parameter values for the Amazon Web - // Services CLI (https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html) - // in the Amazon Web Services CLI User Guide. + // in the list consists of a Key and a Value . + // + // For storing multiple values, we recommend that you use a JSON text string + // argument and specify key/value pairs. For more information, see [Specifying parameter values for the Amazon Web Services CLI]in the Amazon + // Web Services CLI User Guide. + // + // [Specifying parameter values for the Amazon Web Services CLI]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html // // This member is required. Tags []types.Tag @@ -96,25 +106,25 @@ func (c *Client) addOperationTagResourceMiddlewares(stack *middleware.Stack, opt if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -135,7 +145,7 @@ func (c *Client) addOperationTagResourceMiddlewares(stack *middleware.Stack, opt if err = stack.Initialize.Add(newServiceMetadataMiddleware_opTagResource(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UntagResource.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UntagResource.go index ab5d7ecb..f089be8e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UntagResource.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UntagResource.go @@ -6,24 +6,30 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Removes specific tags from a secret. This operation is idempotent. If a -// requested tag is not attached to the secret, no error is returned and the secret -// metadata is unchanged. If you use tags as part of your security strategy, then -// removing a tag can change permissions. If successfully completing this operation -// would result in you losing your permissions for this secret, then the operation -// is blocked and returns an Access Denied error. Secrets Manager generates a -// CloudTrail log entry when you call this action. Do not include sensitive -// information in request parameters because it might be logged. For more -// information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:UntagResource . For more information, see -// IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// Removes specific tags from a secret. +// +// This operation is idempotent. If a requested tag is not attached to the secret, +// no error is returned and the secret metadata is unchanged. +// +// If you use tags as part of your security strategy, then removing a tag can +// change permissions. If successfully completing this operation would result in +// you losing your permissions for this secret, then the operation is blocked and +// returns an Access Denied error. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:UntagResource . For more information, see [IAM policy actions for Secrets Manager] +// and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) UntagResource(ctx context.Context, params *UntagResourceInput, optFns ...func(*Options)) (*UntagResourceOutput, error) { if params == nil { params = &UntagResourceInput{} @@ -41,19 +47,26 @@ func (c *Client) UntagResource(ctx context.Context, params *UntagResourceInput, type UntagResourceInput struct { - // The ARN or name of the secret. For an ARN, we recommend that you specify a - // complete ARN rather than a partial ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // The ARN or name of the secret. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string // A list of tag key names to remove from the secret. You don't specify the value. - // Both the key and its associated value are removed. This parameter requires a - // JSON text string argument. For storing multiple values, we recommend that you - // use a JSON text string argument and specify key/value pairs. For more - // information, see Specifying parameter values for the Amazon Web Services CLI (https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html) - // in the Amazon Web Services CLI User Guide. + // Both the key and its associated value are removed. + // + // This parameter requires a JSON text string argument. + // + // For storing multiple values, we recommend that you use a JSON text string + // argument and specify key/value pairs. For more information, see [Specifying parameter values for the Amazon Web Services CLI]in the Amazon + // Web Services CLI User Guide. + // + // [Specifying parameter values for the Amazon Web Services CLI]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html // // This member is required. TagKeys []string @@ -90,25 +103,25 @@ func (c *Client) addOperationUntagResourceMiddlewares(stack *middleware.Stack, o if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -129,7 +142,7 @@ func (c *Client) addOperationUntagResourceMiddlewares(stack *middleware.Stack, o if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUntagResource(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecret.go index 9599a211..336e9ab1 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecret.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecret.go @@ -6,43 +6,52 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Modifies the details of a secret, including metadata and the secret value. To -// change the secret value, you can also use PutSecretValue . To change the -// rotation configuration of a secret, use RotateSecret instead. To change a -// secret so that it is managed by another service, you need to recreate the secret -// in that service. See Secrets Manager secrets managed by other Amazon Web -// Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html) -// . We recommend you avoid calling UpdateSecret at a sustained rate of more than +// change the secret value, you can also use PutSecretValue. +// +// To change the rotation configuration of a secret, use RotateSecret instead. +// +// To change a secret so that it is managed by another service, you need to +// recreate the secret in that service. See [Secrets Manager secrets managed by other Amazon Web Services services]. +// +// We recommend you avoid calling UpdateSecret at a sustained rate of more than // once every 10 minutes. When you call UpdateSecret to update the secret value, // Secrets Manager creates a new version of the secret. Secrets Manager removes // outdated versions when there are more than 100, but it does not remove versions // created less than 24 hours ago. If you update the secret value more than once // every 10 minutes, you create more versions than Secrets Manager removes, and you -// will reach the quota for secret versions. If you include SecretString or -// SecretBinary to create a new secret version, Secrets Manager automatically moves -// the staging label AWSCURRENT to the new version. Then it attaches the label -// AWSPREVIOUS to the version that AWSCURRENT was removed from. If you call this -// operation with a ClientRequestToken that matches an existing version's VersionId -// , the operation results in an error. You can't modify an existing version, you -// can only create a new version. To remove a version, remove all staging labels -// from it. See UpdateSecretVersionStage . Secrets Manager generates a CloudTrail -// log entry when you call this action. Do not include sensitive information in -// request parameters except SecretBinary or SecretString because it might be -// logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:UpdateSecret . For more information, see -// IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . If you use a customer managed key, you must also have kms:GenerateDataKey , -// kms:Encrypt , and kms:Decrypt permissions on the key. If you change the KMS key -// and you don't have kms:Encrypt permission to the new key, Secrets Manager does -// not re-ecrypt existing secret versions with the new key. For more information, -// see Secret encryption and decryption (https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html) -// . +// will reach the quota for secret versions. +// +// If you include SecretString or SecretBinary to create a new secret version, +// Secrets Manager automatically moves the staging label AWSCURRENT to the new +// version. Then it attaches the label AWSPREVIOUS to the version that AWSCURRENT +// was removed from. +// +// If you call this operation with a ClientRequestToken that matches an existing +// version's VersionId , the operation results in an error. You can't modify an +// existing version, you can only create a new version. To remove a version, remove +// all staging labels from it. See UpdateSecretVersionStage. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters except SecretBinary or +// SecretString because it might be logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:UpdateSecret . For more information, see [IAM policy actions for Secrets Manager] +// and [Authentication and access control in Secrets Manager]. If you use a customer managed key, you must also have kms:GenerateDataKey +// , kms:Encrypt , and kms:Decrypt permissions on the key. If you change the KMS +// key and you don't have kms:Encrypt permission to the new key, Secrets Manager +// does not re-ecrypt existing secret versions with the new key. For more +// information, see [Secret encryption and decryption]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [Secret encryption and decryption]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html +// [Secrets Manager secrets managed by other Amazon Web Services services]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) UpdateSecret(ctx context.Context, params *UpdateSecretInput, optFns ...func(*Options)) (*UpdateSecretOutput, error) { if params == nil { params = &UpdateSecretInput{} @@ -60,25 +69,34 @@ func (c *Client) UpdateSecret(ctx context.Context, params *UpdateSecretInput, op type UpdateSecretInput struct { - // The ARN or name of the secret. For an ARN, we recommend that you specify a - // complete ARN rather than a partial ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // The ARN or name of the secret. + // + // For an ARN, we recommend that you specify a complete ARN rather than a partial + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string // If you include SecretString or SecretBinary , then Secrets Manager creates a new // version for the secret, and this parameter specifies the unique identifier for - // the new version. If you use the Amazon Web Services CLI or one of the Amazon Web - // Services SDKs to call this operation, then you can leave this parameter empty. - // The CLI or SDK generates a random UUID for you and includes it as the value for - // this parameter in the request. If you generate a raw HTTP request to the Secrets - // Manager service endpoint, then you must generate a ClientRequestToken and - // include it in the request. This value helps ensure idempotency. Secrets Manager - // uses this value to prevent the accidental creation of duplicate versions if - // there are failures and retries during a rotation. We recommend that you generate - // a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) value to - // ensure uniqueness of your versions within the specified secret. + // the new version. + // + // If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs + // to call this operation, then you can leave this parameter empty. The CLI or SDK + // generates a random UUID for you and includes it as the value for this parameter + // in the request. + // + // If you generate a raw HTTP request to the Secrets Manager service endpoint, + // then you must generate a ClientRequestToken and include it in the request. + // + // This value helps ensure idempotency. Secrets Manager uses this value to prevent + // the accidental creation of duplicate versions if there are failures and retries + // during a rotation. We recommend that you generate a [UUID-type]value to ensure uniqueness + // of your versions within the specified secret. + // + // [UUID-type]: https://wikipedia.org/wiki/Universally_unique_identifier ClientRequestToken *string // The description of the secret. @@ -89,32 +107,41 @@ type UpdateSecretInput struct { // AWSCURRENT , AWSPENDING , or AWSPREVIOUS . If you don't have kms:Encrypt // permission to the new key, Secrets Manager does not re-ecrypt existing secret // versions with the new key. For more information about versions and staging - // labels, see Concepts: Version (https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version) - // . A key alias is always prefixed by alias/ , for example - // alias/aws/secretsmanager . For more information, see About aliases (https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html) - // . If you set this to an empty string, Secrets Manager uses the Amazon Web + // labels, see [Concepts: Version]. + // + // A key alias is always prefixed by alias/ , for example alias/aws/secretsmanager + // . For more information, see [About aliases]. + // + // If you set this to an empty string, Secrets Manager uses the Amazon Web // Services managed key aws/secretsmanager . If this key doesn't already exist in // your account, then Secrets Manager creates it for you automatically. All users // and roles in the Amazon Web Services account automatically have access to use // aws/secretsmanager . Creating aws/secretsmanager can result in a one-time - // significant delay in returning the result. You can only use the Amazon Web - // Services managed key aws/secretsmanager if you call this operation using - // credentials from the same Amazon Web Services account that owns the secret. If - // the secret is in a different account, then you must use a customer managed key - // and provide the ARN of that KMS key in this field. The user making the call must - // have permissions to both the secret and the KMS key in their respective - // accounts. + // significant delay in returning the result. + // + // You can only use the Amazon Web Services managed key aws/secretsmanager if you + // call this operation using credentials from the same Amazon Web Services account + // that owns the secret. If the secret is in a different account, then you must use + // a customer managed key and provide the ARN of that KMS key in this field. The + // user making the call must have permissions to both the secret and the KMS key in + // their respective accounts. + // + // [Concepts: Version]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version + // [About aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html KmsKeyId *string // The binary data to encrypt and store in the new version of the secret. We // recommend that you store your binary data in a file and then pass the contents - // of the file as a parameter. Either SecretBinary or SecretString must have a - // value, but not both. You can't access this parameter in the Secrets Manager - // console. + // of the file as a parameter. + // + // Either SecretBinary or SecretString must have a value, but not both. + // + // You can't access this parameter in the Secrets Manager console. SecretBinary []byte // The text data to encrypt and store in the new version of the secret. We // recommend you use a JSON structure of key/value pairs for your secret value. + // // Either SecretBinary or SecretString must have a value, but not both. SecretString *string @@ -161,25 +188,25 @@ func (c *Client) addOperationUpdateSecretMiddlewares(stack *middleware.Stack, op if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -203,7 +230,7 @@ func (c *Client) addOperationUpdateSecretMiddlewares(stack *middleware.Stack, op if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateSecret(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecretVersionStage.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecretVersionStage.go index 77e308ae..cf266679 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecretVersionStage.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecretVersionStage.go @@ -6,7 +6,6 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -17,21 +16,31 @@ import ( // time. To add a staging label to a version when it is already attached to another // version, Secrets Manager first removes it from the other version first and then // attaches it to this one. For more information about versions and staging labels, -// see Concepts: Version (https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version) -// . The staging labels that you specify in the VersionStage parameter are added -// to the existing list of staging labels for the version. You can move the -// AWSCURRENT staging label to this version by including it in this call. Whenever -// you move AWSCURRENT , Secrets Manager automatically moves the label AWSPREVIOUS -// to the version that AWSCURRENT was removed from. If this action results in the -// last label being removed from a version, then the version is considered to be -// 'deprecated' and can be deleted by Secrets Manager. Secrets Manager generates a -// CloudTrail log entry when you call this action. Do not include sensitive -// information in request parameters because it might be logged. For more -// information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:UpdateSecretVersionStage . For more -// information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// see [Concepts: Version]. +// +// The staging labels that you specify in the VersionStage parameter are added to +// the existing list of staging labels for the version. +// +// You can move the AWSCURRENT staging label to this version by including it in +// this call. +// +// Whenever you move AWSCURRENT , Secrets Manager automatically moves the label +// AWSPREVIOUS to the version that AWSCURRENT was removed from. +// +// If this action results in the last label being removed from a version, then the +// version is considered to be 'deprecated' and can be deleted by Secrets Manager. +// +// Secrets Manager generates a CloudTrail log entry when you call this action. Do +// not include sensitive information in request parameters because it might be +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:UpdateSecretVersionStage . For more +// information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [Concepts: Version]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions func (c *Client) UpdateSecretVersionStage(ctx context.Context, params *UpdateSecretVersionStageInput, optFns ...func(*Options)) (*UpdateSecretVersionStageOutput, error) { if params == nil { params = &UpdateSecretVersionStageInput{} @@ -50,9 +59,11 @@ func (c *Client) UpdateSecretVersionStage(ctx context.Context, params *UpdateSec type UpdateSecretVersionStageInput struct { // The ARN or the name of the secret with the version and staging labelsto modify. + // // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen) - // . + // ARN. See [Finding a secret from a partial ARN]. + // + // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen // // This member is required. SecretId *string @@ -63,9 +74,10 @@ type UpdateSecretVersionStageInput struct { VersionStage *string // The ID of the version to add the staging label to. To remove a label from a - // version, then do not specify this parameter. If the staging label is already - // attached to a different version of the secret, then you must also specify the - // RemoveFromVersionId parameter. + // version, then do not specify this parameter. + // + // If the staging label is already attached to a different version of the secret, + // then you must also specify the RemoveFromVersionId parameter. MoveToVersionId *string // The ID of the version that the staging label is to be removed from. If the @@ -115,25 +127,25 @@ func (c *Client) addOperationUpdateSecretVersionStageMiddlewares(stack *middlewa if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -154,7 +166,7 @@ func (c *Client) addOperationUpdateSecretVersionStageMiddlewares(stack *middlewa if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateSecretVersionStage(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ValidateResourcePolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ValidateResourcePolicy.go index 0de3d3f1..eef801a0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ValidateResourcePolicy.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ValidateResourcePolicy.go @@ -6,30 +6,35 @@ import ( "context" "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Validates that a resource policy does not grant a wide range of principals -// access to your secret. A resource-based policy is optional for secrets. The API -// performs three checks when validating the policy: -// - Sends a call to Zelkova (https://aws.amazon.com/blogs/security/protect-sensitive-data-in-the-cloud-with-automated-reasoning-zelkova/) -// , an automated reasoning engine, to ensure your resource policy does not allow -// broad access to your secret, for example policies that use a wildcard for the -// principal. +// access to your secret. A resource-based policy is optional for secrets. +// +// The API performs three checks when validating the policy: +// +// - Sends a call to [Zelkova], an automated reasoning engine, to ensure your resource +// policy does not allow broad access to your secret, for example policies that use +// a wildcard for the principal. +// // - Checks for correct syntax in a policy. +// // - Verifies the policy does not lock out a caller. // // Secrets Manager generates a CloudTrail log entry when you call this action. Do // not include sensitive information in request parameters because it might be -// logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html) -// . Required permissions: secretsmanager:ValidateResourcePolicy and -// secretsmanager:PutResourcePolicy . For more information, see IAM policy -// actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) -// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) -// . +// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. +// +// Required permissions: secretsmanager:ValidateResourcePolicy and +// secretsmanager:PutResourcePolicy . For more information, see [IAM policy actions for Secrets Manager] and [Authentication and access control in Secrets Manager]. +// +// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html +// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html +// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions +// [Zelkova]: https://aws.amazon.com/blogs/security/protect-sensitive-data-in-the-cloud-with-automated-reasoning-zelkova/ func (c *Client) ValidateResourcePolicy(ctx context.Context, params *ValidateResourcePolicyInput, optFns ...func(*Options)) (*ValidateResourcePolicyOutput, error) { if params == nil { params = &ValidateResourcePolicyInput{} @@ -49,8 +54,9 @@ type ValidateResourcePolicyInput struct { // A JSON-formatted string that contains an Amazon Web Services resource-based // policy. The policy in the string identifies who can access or manage this secret - // and its versions. For example policies, see Permissions policy examples (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html) - // . + // and its versions. For example policies, see [Permissions policy examples]. + // + // [Permissions policy examples]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html // // This member is required. ResourcePolicy *string @@ -97,25 +103,25 @@ func (c *Client) addOperationValidateResourcePolicyMiddlewares(stack *middleware if err = addSetLoggerMiddleware(stack, options); err != nil { return err } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + if err = addClientRequestID(stack); err != nil { return err } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + if err = addComputeContentLength(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + if err = addComputePayloadSHA256(stack); err != nil { return err } - if err = addRetryMiddlewares(stack, options); err != nil { + if err = addRetry(stack, options); err != nil { return err } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + if err = addRawResponseToMetadata(stack); err != nil { return err } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + if err = addRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack, options); err != nil { @@ -136,7 +142,7 @@ func (c *Client) addOperationValidateResourcePolicyMiddlewares(stack *middleware if err = stack.Initialize.Add(newServiceMetadataMiddleware_opValidateResourcePolicy(options.Region), middleware.Before); err != nil { return err } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + if err = addRecursionDetection(stack); err != nil { return err } if err = addRequestIDRetrieverMiddleware(stack); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/deserializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/deserializers.go index 5e0d8b27..82fd102c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/deserializers.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/deserializers.go @@ -89,9 +89,6 @@ func awsAwsjson11_deserializeOpErrorBatchGetSecretValue(response *smithyhttp.Res errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -99,7 +96,7 @@ func awsAwsjson11_deserializeOpErrorBatchGetSecretValue(response *smithyhttp.Res body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -111,13 +108,12 @@ func awsAwsjson11_deserializeOpErrorBatchGetSecretValue(response *smithyhttp.Res } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("DecryptionFailure", errorCode): return awsAwsjson11_deserializeErrorDecryptionFailure(response, errorBody) @@ -215,9 +211,6 @@ func awsAwsjson11_deserializeOpErrorCancelRotateSecret(response *smithyhttp.Resp errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -225,7 +218,7 @@ func awsAwsjson11_deserializeOpErrorCancelRotateSecret(response *smithyhttp.Resp body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -237,13 +230,12 @@ func awsAwsjson11_deserializeOpErrorCancelRotateSecret(response *smithyhttp.Resp } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -335,9 +327,6 @@ func awsAwsjson11_deserializeOpErrorCreateSecret(response *smithyhttp.Response, errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -345,7 +334,7 @@ func awsAwsjson11_deserializeOpErrorCreateSecret(response *smithyhttp.Response, body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -357,13 +346,12 @@ func awsAwsjson11_deserializeOpErrorCreateSecret(response *smithyhttp.Response, } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("DecryptionFailure", errorCode): return awsAwsjson11_deserializeErrorDecryptionFailure(response, errorBody) @@ -473,9 +461,6 @@ func awsAwsjson11_deserializeOpErrorDeleteResourcePolicy(response *smithyhttp.Re errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -483,7 +468,7 @@ func awsAwsjson11_deserializeOpErrorDeleteResourcePolicy(response *smithyhttp.Re body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -495,13 +480,12 @@ func awsAwsjson11_deserializeOpErrorDeleteResourcePolicy(response *smithyhttp.Re } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -593,9 +577,6 @@ func awsAwsjson11_deserializeOpErrorDeleteSecret(response *smithyhttp.Response, errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -603,7 +584,7 @@ func awsAwsjson11_deserializeOpErrorDeleteSecret(response *smithyhttp.Response, body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -615,13 +596,12 @@ func awsAwsjson11_deserializeOpErrorDeleteSecret(response *smithyhttp.Response, } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -713,9 +693,6 @@ func awsAwsjson11_deserializeOpErrorDescribeSecret(response *smithyhttp.Response errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -723,7 +700,7 @@ func awsAwsjson11_deserializeOpErrorDescribeSecret(response *smithyhttp.Response body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -735,13 +712,12 @@ func awsAwsjson11_deserializeOpErrorDescribeSecret(response *smithyhttp.Response } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -830,9 +806,6 @@ func awsAwsjson11_deserializeOpErrorGetRandomPassword(response *smithyhttp.Respo errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -840,7 +813,7 @@ func awsAwsjson11_deserializeOpErrorGetRandomPassword(response *smithyhttp.Respo body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -852,13 +825,12 @@ func awsAwsjson11_deserializeOpErrorGetRandomPassword(response *smithyhttp.Respo } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -947,9 +919,6 @@ func awsAwsjson11_deserializeOpErrorGetResourcePolicy(response *smithyhttp.Respo errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -957,7 +926,7 @@ func awsAwsjson11_deserializeOpErrorGetResourcePolicy(response *smithyhttp.Respo body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -969,13 +938,12 @@ func awsAwsjson11_deserializeOpErrorGetResourcePolicy(response *smithyhttp.Respo } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -1067,9 +1035,6 @@ func awsAwsjson11_deserializeOpErrorGetSecretValue(response *smithyhttp.Response errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -1077,7 +1042,7 @@ func awsAwsjson11_deserializeOpErrorGetSecretValue(response *smithyhttp.Response body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -1089,13 +1054,12 @@ func awsAwsjson11_deserializeOpErrorGetSecretValue(response *smithyhttp.Response } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("DecryptionFailure", errorCode): return awsAwsjson11_deserializeErrorDecryptionFailure(response, errorBody) @@ -1190,9 +1154,6 @@ func awsAwsjson11_deserializeOpErrorListSecrets(response *smithyhttp.Response, m errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -1200,7 +1161,7 @@ func awsAwsjson11_deserializeOpErrorListSecrets(response *smithyhttp.Response, m body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -1212,13 +1173,12 @@ func awsAwsjson11_deserializeOpErrorListSecrets(response *smithyhttp.Response, m } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -1310,9 +1270,6 @@ func awsAwsjson11_deserializeOpErrorListSecretVersionIds(response *smithyhttp.Re errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -1320,7 +1277,7 @@ func awsAwsjson11_deserializeOpErrorListSecretVersionIds(response *smithyhttp.Re body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -1332,13 +1289,12 @@ func awsAwsjson11_deserializeOpErrorListSecretVersionIds(response *smithyhttp.Re } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -1430,9 +1386,6 @@ func awsAwsjson11_deserializeOpErrorPutResourcePolicy(response *smithyhttp.Respo errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -1440,7 +1393,7 @@ func awsAwsjson11_deserializeOpErrorPutResourcePolicy(response *smithyhttp.Respo body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -1452,13 +1405,12 @@ func awsAwsjson11_deserializeOpErrorPutResourcePolicy(response *smithyhttp.Respo } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -1556,9 +1508,6 @@ func awsAwsjson11_deserializeOpErrorPutSecretValue(response *smithyhttp.Response errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -1566,7 +1515,7 @@ func awsAwsjson11_deserializeOpErrorPutSecretValue(response *smithyhttp.Response body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -1578,13 +1527,12 @@ func awsAwsjson11_deserializeOpErrorPutSecretValue(response *smithyhttp.Response } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("DecryptionFailure", errorCode): return awsAwsjson11_deserializeErrorDecryptionFailure(response, errorBody) @@ -1688,9 +1636,6 @@ func awsAwsjson11_deserializeOpErrorRemoveRegionsFromReplication(response *smith errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -1698,7 +1643,7 @@ func awsAwsjson11_deserializeOpErrorRemoveRegionsFromReplication(response *smith body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -1710,13 +1655,12 @@ func awsAwsjson11_deserializeOpErrorRemoveRegionsFromReplication(response *smith } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -1808,9 +1752,6 @@ func awsAwsjson11_deserializeOpErrorReplicateSecretToRegions(response *smithyhtt errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -1818,7 +1759,7 @@ func awsAwsjson11_deserializeOpErrorReplicateSecretToRegions(response *smithyhtt body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -1830,13 +1771,12 @@ func awsAwsjson11_deserializeOpErrorReplicateSecretToRegions(response *smithyhtt } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -1928,9 +1868,6 @@ func awsAwsjson11_deserializeOpErrorRestoreSecret(response *smithyhttp.Response, errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -1938,7 +1875,7 @@ func awsAwsjson11_deserializeOpErrorRestoreSecret(response *smithyhttp.Response, body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -1950,13 +1887,12 @@ func awsAwsjson11_deserializeOpErrorRestoreSecret(response *smithyhttp.Response, } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -2048,9 +1984,6 @@ func awsAwsjson11_deserializeOpErrorRotateSecret(response *smithyhttp.Response, errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -2058,7 +1991,7 @@ func awsAwsjson11_deserializeOpErrorRotateSecret(response *smithyhttp.Response, body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -2070,13 +2003,12 @@ func awsAwsjson11_deserializeOpErrorRotateSecret(response *smithyhttp.Response, } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -2168,9 +2100,6 @@ func awsAwsjson11_deserializeOpErrorStopReplicationToReplica(response *smithyhtt errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -2178,7 +2107,7 @@ func awsAwsjson11_deserializeOpErrorStopReplicationToReplica(response *smithyhtt body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -2190,13 +2119,12 @@ func awsAwsjson11_deserializeOpErrorStopReplicationToReplica(response *smithyhtt } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -2266,9 +2194,6 @@ func awsAwsjson11_deserializeOpErrorTagResource(response *smithyhttp.Response, m errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -2276,7 +2201,7 @@ func awsAwsjson11_deserializeOpErrorTagResource(response *smithyhttp.Response, m body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -2288,13 +2213,12 @@ func awsAwsjson11_deserializeOpErrorTagResource(response *smithyhttp.Response, m } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -2364,9 +2288,6 @@ func awsAwsjson11_deserializeOpErrorUntagResource(response *smithyhttp.Response, errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -2374,7 +2295,7 @@ func awsAwsjson11_deserializeOpErrorUntagResource(response *smithyhttp.Response, body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -2386,13 +2307,12 @@ func awsAwsjson11_deserializeOpErrorUntagResource(response *smithyhttp.Response, } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -2484,9 +2404,6 @@ func awsAwsjson11_deserializeOpErrorUpdateSecret(response *smithyhttp.Response, errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -2494,7 +2411,7 @@ func awsAwsjson11_deserializeOpErrorUpdateSecret(response *smithyhttp.Response, body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -2506,13 +2423,12 @@ func awsAwsjson11_deserializeOpErrorUpdateSecret(response *smithyhttp.Response, } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("DecryptionFailure", errorCode): return awsAwsjson11_deserializeErrorDecryptionFailure(response, errorBody) @@ -2622,9 +2538,6 @@ func awsAwsjson11_deserializeOpErrorUpdateSecretVersionStage(response *smithyhtt errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -2632,7 +2545,7 @@ func awsAwsjson11_deserializeOpErrorUpdateSecretVersionStage(response *smithyhtt body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -2644,13 +2557,12 @@ func awsAwsjson11_deserializeOpErrorUpdateSecretVersionStage(response *smithyhtt } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -2745,9 +2657,6 @@ func awsAwsjson11_deserializeOpErrorValidateResourcePolicy(response *smithyhttp. errorMessage := errorCode headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) @@ -2755,7 +2664,7 @@ func awsAwsjson11_deserializeOpErrorValidateResourcePolicy(response *smithyhttp. body := io.TeeReader(errorBody, ringBuffer) decoder := json.NewDecoder(body) decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) + bodyInfo, err := getProtocolErrorInfo(decoder) if err != nil { var snapshot bytes.Buffer io.Copy(&snapshot, ringBuffer) @@ -2767,13 +2676,12 @@ func awsAwsjson11_deserializeOpErrorValidateResourcePolicy(response *smithyhttp. } errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) } - if len(message) != 0 { - errorMessage = message + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message } - switch { case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) @@ -6053,3 +5961,32 @@ func awsAwsjson11_deserializeOpDocumentValidateResourcePolicyOutput(v **Validate *v = sv return nil } + +type protocolErrorInfo struct { + Type string `json:"__type"` + Message string + Code any // nonstandard for awsjson but some services do present the type here +} + +func getProtocolErrorInfo(decoder *json.Decoder) (protocolErrorInfo, error) { + var errInfo protocolErrorInfo + if err := decoder.Decode(&errInfo); err != nil { + if err == io.EOF { + return errInfo, nil + } + return errInfo, err + } + + return errInfo, nil +} + +func resolveProtocolErrorType(headerType string, bodyInfo protocolErrorInfo) (string, bool) { + if len(headerType) != 0 { + return headerType, true + } else if len(bodyInfo.Type) != 0 { + return bodyInfo.Type, true + } else if code, ok := bodyInfo.Code.(string); ok && len(code) != 0 { + return code, true + } + return "", false +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/doc.go index e3e68d83..2d0ba2e6 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/doc.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/doc.go @@ -3,29 +3,43 @@ // Package secretsmanager provides the API client, operations, and parameter types // for AWS Secrets Manager. // -// Amazon Web Services Secrets Manager Amazon Web Services Secrets Manager -// provides a service to enable you to store, manage, and retrieve, secrets. This -// guide provides descriptions of the Secrets Manager API. For more information -// about using this service, see the Amazon Web Services Secrets Manager User Guide (https://docs.aws.amazon.com/secretsmanager/latest/userguide/introduction.html) -// . API Version This version of the Secrets Manager API Reference documents the -// Secrets Manager API version 2017-10-17. For a list of endpoints, see Amazon Web -// Services Secrets Manager endpoints (https://docs.aws.amazon.com/secretsmanager/latest/userguide/asm_access.html#endpoints) -// . Support and Feedback for Amazon Web Services Secrets Manager We welcome your -// feedback. Send your comments to awssecretsmanager-feedback@amazon.com (mailto:awssecretsmanager-feedback@amazon.com) -// , or post your feedback and questions in the Amazon Web Services Secrets -// Manager Discussion Forum (http://forums.aws.amazon.com/forum.jspa?forumID=296) . -// For more information about the Amazon Web Services Discussion Forums, see -// Forums Help (http://forums.aws.amazon.com/help.jspa) . Logging API Requests +// # Amazon Web Services Secrets Manager +// +// Amazon Web Services Secrets Manager provides a service to enable you to store, +// manage, and retrieve, secrets. +// +// This guide provides descriptions of the Secrets Manager API. For more +// information about using this service, see the [Amazon Web Services Secrets Manager User Guide]. +// +// # API Version +// +// This version of the Secrets Manager API Reference documents the Secrets Manager +// API version 2017-10-17. +// +// For a list of endpoints, see [Amazon Web Services Secrets Manager endpoints]. +// +// # Support and Feedback for Amazon Web Services Secrets Manager +// +// We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and +// questions in the [Amazon Web Services Secrets Manager Discussion Forum]. For more information about the Amazon Web Services +// Discussion Forums, see [Forums Help]. +// +// # Logging API Requests +// // Amazon Web Services Secrets Manager supports Amazon Web Services CloudTrail, a // service that records Amazon Web Services API calls for your Amazon Web Services // account and delivers log files to an Amazon S3 bucket. By using information // that's collected by Amazon Web Services CloudTrail, you can determine the // requests successfully made to Secrets Manager, who made the request, when it was // made, and so on. For more about Amazon Web Services Secrets Manager and support -// for Amazon Web Services CloudTrail, see Logging Amazon Web Services Secrets -// Manager Events with Amazon Web Services CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring.html#monitoring_cloudtrail) -// in the Amazon Web Services Secrets Manager User Guide. To learn more about -// CloudTrail, including enabling it and find your log files, see the Amazon Web -// Services CloudTrail User Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html) -// . +// for Amazon Web Services CloudTrail, see [Logging Amazon Web Services Secrets Manager Events with Amazon Web Services CloudTrail]in the Amazon Web Services Secrets +// Manager User Guide. To learn more about CloudTrail, including enabling it and +// find your log files, see the [Amazon Web Services CloudTrail User Guide]. +// +// [Forums Help]: http://forums.aws.amazon.com/help.jspa +// [Amazon Web Services CloudTrail User Guide]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html +// [Amazon Web Services Secrets Manager endpoints]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/asm_access.html#endpoints +// [Amazon Web Services Secrets Manager User Guide]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/introduction.html +// [Amazon Web Services Secrets Manager Discussion Forum]: http://forums.aws.amazon.com/forum.jspa?forumID=296 +// [Logging Amazon Web Services Secrets Manager Events with Amazon Web Services CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring.html#monitoring_cloudtrail package secretsmanager diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/endpoints.go index 347bcf0d..ce51d643 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/endpoints.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/endpoints.go @@ -216,6 +216,13 @@ func resolveBaseEndpoint(cfg aws.Config, o *Options) { } } +func bindRegion(region string) *string { + if region == "" { + return nil + } + return aws.String(endpoints.MapFIPSRegion(region)) +} + // EndpointParameters provides the parameters that influence how endpoints are // resolved. type EndpointParameters struct { @@ -537,7 +544,7 @@ type endpointParamsBinder interface { func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} - params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) + params.Region = bindRegion(options.Region) params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled) params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) params.Endpoint = options.BaseEndpoint diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/generated.json b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/generated.json index eba7c923..b64ce162 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/generated.json +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/generated.json @@ -3,8 +3,7 @@ "github.com/aws/aws-sdk-go-v2": "v1.4.0", "github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000", "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000", - "github.com/aws/smithy-go": "v1.4.0", - "github.com/google/go-cmp": "v0.5.4" + "github.com/aws/smithy-go": "v1.4.0" }, "files": [ "api_client.go", @@ -44,6 +43,7 @@ "options.go", "protocol_test.go", "serializers.go", + "snapshot_test.go", "types/enums.go", "types/errors.go", "types/types.go", diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/go_module_metadata.go index 06f6ae94..163f9edf 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/go_module_metadata.go @@ -3,4 +3,4 @@ package secretsmanager // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.26.2" +const goModuleVersion = "1.28.7" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/options.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/options.go index a8817523..7f022a39 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/options.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/options.go @@ -50,8 +50,10 @@ type Options struct { // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a // value for this field will likely prevent you from using any endpoint-related // service features released after the introduction of EndpointResolverV2 and - // BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom - // endpoint, set the client option BaseEndpoint instead. + // BaseEndpoint. + // + // To migrate an EndpointResolver implementation that uses a custom endpoint, set + // the client option BaseEndpoint instead. EndpointResolver EndpointResolver // Resolves the endpoint used for a particular service operation. This should be @@ -74,17 +76,20 @@ type Options struct { // RetryMaxAttempts specifies the maximum number attempts an API client will call // an operation that fails with a retryable error. A value of 0 is ignored, and // will not be used to configure the API client created default retryer, or modify - // per operation call's retry max attempts. If specified in an operation call's - // functional options with a value that is different than the constructed client's - // Options, the Client's Retryer will be wrapped to use the operation's specific - // RetryMaxAttempts value. + // per operation call's retry max attempts. + // + // If specified in an operation call's functional options with a value that is + // different than the constructed client's Options, the Client's Retryer will be + // wrapped to use the operation's specific RetryMaxAttempts value. RetryMaxAttempts int // RetryMode specifies the retry mode the API client will be created with, if - // Retryer option is not also specified. When creating a new API Clients this - // member will only be used if the Retryer Options member is nil. This value will - // be ignored if Retryer is not nil. Currently does not support per operation call - // overrides, may in the future. + // Retryer option is not also specified. + // + // When creating a new API Clients this member will only be used if the Retryer + // Options member is nil. This value will be ignored if Retryer is not nil. + // + // Currently does not support per operation call overrides, may in the future. RetryMode aws.RetryMode // Retryer guides how HTTP requests should be retried in case of recoverable @@ -101,8 +106,9 @@ type Options struct { // The initial DefaultsMode used when the client options were constructed. If the // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved - // value was at that point in time. Currently does not support per operation call - // overrides, may in the future. + // value was at that point in time. + // + // Currently does not support per operation call overrides, may in the future. resolvedDefaultsMode aws.DefaultsMode // The HTTP client to invoke API calls with. Defaults to client's default HTTP @@ -147,6 +153,7 @@ func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { // Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for // this field will likely prevent you from using any endpoint-related service // features released after the introduction of EndpointResolverV2 and BaseEndpoint. +// // To migrate an EndpointResolver implementation that uses a custom endpoint, set // the client option BaseEndpoint instead. func WithEndpointResolver(v EndpointResolver) func(*Options) { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/enums.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/enums.go index 84f46d0b..e458ec8f 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/enums.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/enums.go @@ -16,8 +16,9 @@ const ( ) // Values returns all known values for FilterNameStringType. Note that this can be -// expanded in the future, and so it is only as up to date as the client. The -// ordering of this slice is not guaranteed to be stable across updates. +// expanded in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. func (FilterNameStringType) Values() []FilterNameStringType { return []FilterNameStringType{ "description", @@ -39,8 +40,9 @@ const ( ) // Values returns all known values for SortOrderType. Note that this can be -// expanded in the future, and so it is only as up to date as the client. The -// ordering of this slice is not guaranteed to be stable across updates. +// expanded in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. func (SortOrderType) Values() []SortOrderType { return []SortOrderType{ "asc", @@ -58,8 +60,9 @@ const ( ) // Values returns all known values for StatusType. Note that this can be expanded -// in the future, and so it is only as up to date as the client. The ordering of -// this slice is not guaranteed to be stable across updates. +// in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. func (StatusType) Values() []StatusType { return []StatusType{ "InSync", diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/errors.go index aff130bb..09c59ed1 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/errors.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/errors.go @@ -36,8 +36,9 @@ func (e *DecryptionFailure) ErrorFault() smithy.ErrorFault { return smithy.Fault // Secrets Manager can't encrypt the protected secret text using the provided KMS // key. Check that the KMS key is available, enabled, and not in an invalid state. -// For more information, see Key state: Effect on your KMS key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// . +// For more information, see [Key state: Effect on your KMS key]. +// +// [Key state: Effect on your KMS key]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html type EncryptionFailure struct { Message *string @@ -141,16 +142,20 @@ func (e *InvalidParameterException) ErrorCode() string { } func (e *InvalidParameterException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } -// A parameter value is not valid for the current state of the resource. Possible -// causes: +// A parameter value is not valid for the current state of the resource. +// +// Possible causes: +// // - The secret is scheduled for deletion. +// // - You tried to enable rotation on a secret that doesn't already have a Lambda // function ARN configured and you didn't include such an ARN as a parameter in // this call. +// // - The secret is managed by another service, and you must use that service to -// update it. For more information, see Secrets managed by other Amazon Web -// Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html) -// . +// update it. For more information, see [Secrets managed by other Amazon Web Services services]. +// +// [Secrets managed by other Amazon Web Services services]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html type InvalidRequestException struct { Message *string diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/types.go index e04e17e7..7b848975 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/types.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/types.go @@ -8,13 +8,12 @@ import ( ) // The error Secrets Manager encountered while retrieving an individual secret as -// part of BatchGetSecretValue . +// part of BatchGetSecretValue. type APIErrorType struct { // The error Secrets Manager encountered while retrieving an individual secret as - // part of BatchGetSecretValue , for example ResourceNotFoundException , - // InvalidParameterException , InvalidRequestException , DecryptionFailure , or - // AccessDeniedException . + // part of BatchGetSecretValue, for example ResourceNotFoundException , InvalidParameterException , + // InvalidRequestException , DecryptionFailure , or AccessDeniedException . ErrorCode *string // A message describing the error. @@ -27,23 +26,33 @@ type APIErrorType struct { } // Allows you to add filters when you use the search function in Secrets Manager. -// For more information, see Find secrets in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html) -// . +// For more information, see [Find secrets in Secrets Manager]. +// +// [Find secrets in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html type Filter struct { // The following are keys you can use: + // // - description: Prefix match, not case-sensitive. + // // - name: Prefix match, case-sensitive. + // // - tag-key: Prefix match, case-sensitive. + // // - tag-value: Prefix match, case-sensitive. + // // - primary-region: Prefix match, case-sensitive. + // // - owning-service: Prefix match, case-sensitive. + // // - all: Breaks the filter value string into words and then searches all // attributes for matches. Not case-sensitive. Key FilterNameStringType - // The keyword to filter for. You can prefix your search value with an exclamation - // mark ( ! ) in order to perform negation filters. + // The keyword to filter for. + // + // You can prefix your search value with an exclamation mark ( ! ) in order to + // perform negation filters. Values []string noSmithyDocumentSerde @@ -56,8 +65,9 @@ type ReplicaRegionType struct { // include this field, Secrets Manager uses aws/secretsmanager . KmsKeyId *string - // A Region code. For a list of Region codes, see Name and code of Regions (https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints) - // . + // A Region code. For a list of Region codes, see [Name and code of Regions]. + // + // [Name and code of Regions]: https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints Region *string noSmithyDocumentSerde @@ -94,11 +104,13 @@ type RotationRulesType struct { // must be rotated. If you use this field to set the rotation schedule, Secrets // Manager calculates the next rotation date based on the previous rotation. // Manually updating the secret value by calling PutSecretValue or UpdateSecret is - // considered a valid rotation. In DescribeSecret and ListSecrets , this value is - // calculated from the rotation schedule after every successful rotation. In - // RotateSecret , you can set the rotation schedule in RotationRules with - // AutomaticallyAfterDays or ScheduleExpression , but not both. To set a rotation - // schedule in hours, use ScheduleExpression . + // considered a valid rotation. + // + // In DescribeSecret and ListSecrets , this value is calculated from the rotation + // schedule after every successful rotation. In RotateSecret , you can set the + // rotation schedule in RotationRules with AutomaticallyAfterDays or + // ScheduleExpression , but not both. To set a rotation schedule in hours, use + // ScheduleExpression . AutomaticallyAfterDays *int64 // The length of the rotation window in hours, for example 3h for a three hour @@ -107,39 +119,44 @@ type RotationRulesType struct { // window starts according to the ScheduleExpression . If you don't specify a // Duration , for a ScheduleExpression in hours, the window automatically closes // after one hour. For a ScheduleExpression in days, the window automatically - // closes at the end of the UTC day. For more information, including examples, see - // Schedule expressions in Secrets Manager rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) + // closes at the end of the UTC day. For more information, including examples, see [Schedule expressions in Secrets Manager rotation] // in the Secrets Manager Users Guide. + // + // [Schedule expressions in Secrets Manager rotation]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html Duration *string // A cron() or rate() expression that defines the schedule for rotating your // secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager - // rotates your secret any time during a rotation window. Secrets Manager rate() - // expressions represent the interval in hours or days that you want to rotate your - // secret, for example rate(12 hours) or rate(10 days) . You can rotate a secret as - // often as every four hours. If you use a rate() expression, the rotation window - // starts at midnight. For a rate in hours, the default rotation window closes - // after one hour. For a rate in days, the default rotation window closes at the - // end of the day. You can set the Duration to change the rotation window. The - // rotation window must not extend into the next UTC day or into the next rotation - // window. You can use a cron() expression to create a rotation schedule that is - // more detailed than a rotation interval. For more information, including - // examples, see Schedule expressions in Secrets Manager rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) - // in the Secrets Manager Users Guide. For a cron expression that represents a + // rotates your secret any time during a rotation window. + // + // Secrets Manager rate() expressions represent the interval in hours or days that + // you want to rotate your secret, for example rate(12 hours) or rate(10 days) . + // You can rotate a secret as often as every four hours. If you use a rate() + // expression, the rotation window starts at midnight. For a rate in hours, the + // default rotation window closes after one hour. For a rate in days, the default + // rotation window closes at the end of the day. You can set the Duration to + // change the rotation window. The rotation window must not extend into the next + // UTC day or into the next rotation window. + // + // You can use a cron() expression to create a rotation schedule that is more + // detailed than a rotation interval. For more information, including examples, see + // [Schedule expressions in Secrets Manager rotation]in the Secrets Manager Users Guide. For a cron expression that represents a // schedule in hours, the default rotation window closes after one hour. For a cron // expression that represents a schedule in days, the default rotation window // closes at the end of the day. You can set the Duration to change the rotation // window. The rotation window must not extend into the next UTC day or into the // next rotation window. + // + // [Schedule expressions in Secrets Manager rotation]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html ScheduleExpression *string noSmithyDocumentSerde } // A structure that contains the details about a secret. It does not include the -// encrypted SecretString and SecretBinary values. To get those values, use -// GetSecretValue (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html) -// . +// encrypted SecretString and SecretBinary values. To get those values, use [GetSecretValue] . +// +// [GetSecretValue]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html type SecretListEntry struct { // The Amazon Resource Name (ARN) of the secret. @@ -150,9 +167,10 @@ type SecretListEntry struct { // The date and time the deletion of the secret occurred. Not present on active // secrets. The secret can be recovered until the number of days in the recovery - // window has passed, as specified in the RecoveryWindowInDays parameter of the - // DeleteSecret (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteSecret.html) - // operation. + // window has passed, as specified in the RecoveryWindowInDays parameter of the [DeleteSecret] + // DeleteSecret operation. + // + // [DeleteSecret]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteSecret.html DeletedDate *time.Time // The user-provided description of the secret. @@ -193,8 +211,9 @@ type SecretListEntry struct { // The ARN of an Amazon Web Services Lambda function invoked by Secrets Manager to // rotate and expire the secret either automatically per the schedule or manually - // by a call to RotateSecret (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_RotateSecret.html) - // . + // by a call to [RotateSecret]RotateSecret . + // + // [RotateSecret]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_RotateSecret.html RotationLambdaARN *string // A structure that defines the rotation configuration for the secret. @@ -202,15 +221,17 @@ type SecretListEntry struct { // A list of all of the currently assigned SecretVersionStage staging labels and // the SecretVersionId attached to each one. Staging labels are used to keep track - // of the different versions during the rotation process. A version that does not - // have any SecretVersionStage is considered deprecated and subject to deletion. - // Such versions are not included in this list. + // of the different versions during the rotation process. + // + // A version that does not have any SecretVersionStage is considered deprecated + // and subject to deletion. Such versions are not included in this list. SecretVersionsToStages map[string][]string // The list of user-defined tags associated with the secret. To add tags to a - // secret, use TagResource (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_TagResource.html) - // . To remove tags, use UntagResource (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UntagResource.html) - // . + // secret, use [TagResource]TagResource . To remove tags, use [UntagResource]UntagResource . + // + // [TagResource]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_TagResource.html + // [UntagResource]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UntagResource.html Tags []Tag noSmithyDocumentSerde @@ -230,7 +251,9 @@ type SecretValueEntry struct { // The decrypted secret value, if the secret value was originally provided as // binary data in the form of a byte array. The parameter represents the binary - // data as a base64-encoded (https://tools.ietf.org/html/rfc4648#section-4) string. + // data as a [base64-encoded]string. + // + // [base64-encoded]: https://tools.ietf.org/html/rfc4648#section-4 SecretBinary []byte // The decrypted secret value, if the secret value was originally provided as a diff --git a/vendor/github.com/aws/smithy-go/.gitignore b/vendor/github.com/aws/smithy-go/.gitignore index c92d6105..2518b349 100644 --- a/vendor/github.com/aws/smithy-go/.gitignore +++ b/vendor/github.com/aws/smithy-go/.gitignore @@ -24,3 +24,6 @@ build/ # VS Code bin/ .vscode/ + +# make +c.out diff --git a/vendor/github.com/aws/smithy-go/CHANGELOG.md b/vendor/github.com/aws/smithy-go/CHANGELOG.md index 46b11508..39ffae99 100644 --- a/vendor/github.com/aws/smithy-go/CHANGELOG.md +++ b/vendor/github.com/aws/smithy-go/CHANGELOG.md @@ -1,3 +1,20 @@ +# Release (2024-03-29) + +* No change notes available for this release. + +# Release (2024-02-21) + +## Module Highlights +* `github.com/aws/smithy-go`: v1.20.1 + * **Bug Fix**: Remove runtime dependency on go-cmp. + +# Release (2024-02-13) + +## Module Highlights +* `github.com/aws/smithy-go`: v1.20.0 + * **Feature**: Add codegen definition for sigv4a trait. + * **Feature**: Bump minimum Go version to 1.20 per our language support policy. + # Release (2023-12-07) ## Module Highlights diff --git a/vendor/github.com/aws/smithy-go/Makefile b/vendor/github.com/aws/smithy-go/Makefile index 4b3c2093..e66fa8ca 100644 --- a/vendor/github.com/aws/smithy-go/Makefile +++ b/vendor/github.com/aws/smithy-go/Makefile @@ -33,13 +33,18 @@ smithy-clean: ################## # Linting/Verify # ################## -.PHONY: verify vet +.PHONY: verify vet cover verify: vet vet: go vet ${BUILD_TAGS} --all ./... +cover: + go test ${BUILD_TAGS} -coverprofile c.out ./... + @cover=`go tool cover -func c.out | grep '^total:' | awk '{ print $$3+0 }'`; \ + echo "total (statements): $$cover%"; + ################ # Unit Testing # ################ diff --git a/vendor/github.com/aws/smithy-go/go_module_metadata.go b/vendor/github.com/aws/smithy-go/go_module_metadata.go index cd6f7fa4..a6b22f35 100644 --- a/vendor/github.com/aws/smithy-go/go_module_metadata.go +++ b/vendor/github.com/aws/smithy-go/go_module_metadata.go @@ -3,4 +3,4 @@ package smithy // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.19.0" +const goModuleVersion = "1.20.2" diff --git a/vendor/github.com/aws/smithy-go/modman.toml b/vendor/github.com/aws/smithy-go/modman.toml index 20295cdd..9d94b7cb 100644 --- a/vendor/github.com/aws/smithy-go/modman.toml +++ b/vendor/github.com/aws/smithy-go/modman.toml @@ -1,5 +1,4 @@ [dependencies] - "github.com/google/go-cmp" = "v0.5.8" "github.com/jmespath/go-jmespath" = "v0.4.0" [modules] diff --git a/vendor/modules.txt b/vendor/modules.txt index e3a268a8..5cbc2868 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -145,8 +145,8 @@ github.com/armon/go-metrics # github.com/atotto/clipboard v0.1.4 ## explicit github.com/atotto/clipboard -# github.com/aws/aws-sdk-go-v2 v1.24.1 -## explicit; go 1.19 +# github.com/aws/aws-sdk-go-v2 v1.26.1 +## explicit; go 1.20 github.com/aws/aws-sdk-go-v2/aws github.com/aws/aws-sdk-go-v2/aws/defaults github.com/aws/aws-sdk-go-v2/aws/middleware @@ -186,11 +186,11 @@ github.com/aws/aws-sdk-go-v2/credentials/stscreds ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/feature/ec2/imds github.com/aws/aws-sdk-go-v2/feature/ec2/imds/internal/config -# github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 -## explicit; go 1.19 +# github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5 +## explicit; go 1.20 github.com/aws/aws-sdk-go-v2/internal/configsources -# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 -## explicit; go 1.19 +# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5 +## explicit; go 1.20 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 # github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 ## explicit; go 1.19 @@ -201,8 +201,8 @@ github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding # github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url -# github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.26.2 -## explicit; go 1.19 +# github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.28.7 +## explicit; go 1.20 github.com/aws/aws-sdk-go-v2/service/secretsmanager github.com/aws/aws-sdk-go-v2/service/secretsmanager/internal/endpoints github.com/aws/aws-sdk-go-v2/service/secretsmanager/types @@ -226,8 +226,8 @@ github.com/aws/aws-sdk-go-v2/service/ssooidc/types github.com/aws/aws-sdk-go-v2/service/sts github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints github.com/aws/aws-sdk-go-v2/service/sts/types -# github.com/aws/smithy-go v1.19.0 -## explicit; go 1.19 +# github.com/aws/smithy-go v1.20.2 +## explicit; go 1.20 github.com/aws/smithy-go github.com/aws/smithy-go/auth github.com/aws/smithy-go/auth/bearer