From 12d4e47565dd6cd75852df6eb777ee62ea0cc0a8 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 8 Dec 2023 13:33:37 -0800 Subject: [PATCH 1/6] Updates dependencies --- go.mod | 46 +++++++++++++++-------------- go.sum | 92 +++++++++++++++++++++++++++++----------------------------- 2 files changed, 70 insertions(+), 68 deletions(-) diff --git a/go.mod b/go.mod index a61d246db119..c04986067840 100644 --- a/go.mod +++ b/go.mod @@ -17,12 +17,12 @@ require ( github.com/apparentlymart/go-userdirs v0.0.0-20200915174352-b0c018a67c13 github.com/apparentlymart/go-versions v1.0.1 github.com/armon/circbuf v0.0.0-20190214190532-5111143e8da2 - github.com/aws/aws-sdk-go-v2 v1.23.2 - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.6 + github.com/aws/aws-sdk-go-v2 v1.24.0 + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.10 github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.1 - github.com/aws/aws-sdk-go-v2/service/dynamodb v1.25.5 - github.com/aws/aws-sdk-go-v2/service/s3 v1.46.0 - github.com/aws/smithy-go v1.17.0 + github.com/aws/aws-sdk-go-v2/service/dynamodb v1.26.6 + github.com/aws/aws-sdk-go-v2/service/s3 v1.47.5 + github.com/aws/smithy-go v1.19.0 github.com/bgentry/speakeasy v0.1.0 github.com/bmatcuk/doublestar v1.1.5 github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e @@ -144,23 +144,23 @@ require ( github.com/armon/go-radix v1.0.0 // indirect github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef // indirect github.com/aws/aws-sdk-go v1.44.122 // indirect - github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.1 // indirect - github.com/aws/aws-sdk-go-v2/config v1.25.8 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.16.6 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.5 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.5 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1 // indirect - github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.5 // indirect - github.com/aws/aws-sdk-go-v2/service/iam v1.27.5 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.5 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.8.5 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.5 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.5 // indirect - github.com/aws/aws-sdk-go-v2/service/sqs v1.28.4 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.17.5 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.20.3 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.25.6 // indirect + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 // indirect + github.com/aws/aws-sdk-go-v2/config v1.26.1 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.16.12 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.9 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.9 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 // indirect + github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.9 // indirect + github.com/aws/aws-sdk-go-v2/service/iam v1.28.5 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.9 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.8.10 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.9 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.9 // indirect + github.com/aws/aws-sdk-go-v2/service/sqs v1.29.5 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.18.5 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.5 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.26.5 // indirect github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect github.com/bmatcuk/doublestar/v4 v4.6.0 // indirect @@ -276,3 +276,5 @@ require ( ) go 1.21.5 + +replace github.com/hashicorp/aws-sdk-go-base/v2 => github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.44.0.20231208210559-5fe101fe4327 diff --git a/go.sum b/go.sum index b423f1c536c6..73fea87d53a4 100644 --- a/go.sum +++ b/go.sum @@ -304,61 +304,61 @@ github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:W github.com/aws/aws-sdk-go v1.44.122 h1:p6mw01WBaNpbdP2xrisz5tIkcNwzj/HysobNoaAHjgo= github.com/aws/aws-sdk-go v1.44.122/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= github.com/aws/aws-sdk-go-v2 v1.9.2/go.mod h1:cK/D0BBs0b/oWPIcX/Z/obahJK1TT7IPVjy53i/mX/4= -github.com/aws/aws-sdk-go-v2 v1.23.2 h1:UoTll1Y5b88x8h53OlsJGgOHwpggdMr7UVnLjMb3XYg= -github.com/aws/aws-sdk-go-v2 v1.23.2/go.mod h1:i1XDttT4rnf6vxc9AuskLc6s7XBee8rlLilKlc03uAA= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.1 h1:ZY3108YtBNq96jNZTICHxN1gSBSbnvIdYwwqnvCV4Mc= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.1/go.mod h1:t8PYl/6LzdAqsU4/9tz28V/kU+asFePvpOMkdul0gEQ= +github.com/aws/aws-sdk-go-v2 v1.24.0 h1:890+mqQ+hTpNuw0gGP6/4akolQkSToDJgHfQE7AwGuk= +github.com/aws/aws-sdk-go-v2 v1.24.0/go.mod h1:LNh45Br1YAkEKaAqvmE1m8FUx6a5b/V0oAKV7of29b4= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 h1:OCs21ST2LrepDfD3lwlQiOqIGp6JiEUqG84GzTDoyJs= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4/go.mod h1:usURWEKSNNAcAZuzRn/9ZYPT8aZQkR7xcCtunK/LkJo= github.com/aws/aws-sdk-go-v2/config v1.8.3/go.mod h1:4AEiLtAb8kLs7vgw2ZV3p2VZ1+hBavOc84hqxVNpCyw= -github.com/aws/aws-sdk-go-v2/config v1.25.8 h1:CHr7PIzyfevjNiqL9rU6xoqHZKCO2ldY6LmvRDfpRuI= -github.com/aws/aws-sdk-go-v2/config v1.25.8/go.mod h1:zefIy117FDPOVU0xSOFG8mx9kJunuVopzI639tjYXc0= +github.com/aws/aws-sdk-go-v2/config v1.26.1 h1:z6DqMxclFGL3Zfo+4Q0rLnAZ6yVkzCRxhRMsiRQnD1o= +github.com/aws/aws-sdk-go-v2/config v1.26.1/go.mod h1:ZB+CuKHRbb5v5F0oJtGdhFTelmrxd4iWO1lf0rQwSAg= github.com/aws/aws-sdk-go-v2/credentials v1.4.3/go.mod h1:FNNC6nQZQUuyhq5aE5c7ata8o9e4ECGmS4lAXC7o1mQ= -github.com/aws/aws-sdk-go-v2/credentials v1.16.6 h1:TimIpn1p4v44i0sJMKsnpby1P9sP1ByKLsdm7bvOmwM= -github.com/aws/aws-sdk-go-v2/credentials v1.16.6/go.mod h1:+CLPlYf9FQLeXD8etOYiZxpLQqc3GL4EikxjkFFp1KA= +github.com/aws/aws-sdk-go-v2/credentials v1.16.12 h1:v/WgB8NxprNvr5inKIiVVrXPuuTegM+K8nncFkr1usU= +github.com/aws/aws-sdk-go-v2/credentials v1.16.12/go.mod h1:X21k0FjEJe+/pauud82HYiQbEr9jRKY3kXEIQ4hXeTQ= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.6.0/go.mod h1:gqlclDEZp4aqJOancXK6TN24aKhT0W0Ae9MHk3wzTMM= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.6 h1:pPs23/JLSOlwnmSRNkdbt3upmBeF6QL/3MHEb6KzTyo= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.6/go.mod h1:jsoDHV44SxWv00wlbx0yA5M7n5rmE5rGk+OGA0suXSw= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.10 h1:w98BT5w+ao1/r5sUuiH6JkVzjowOKeOJRHERyy1vh58= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.10/go.mod h1:K2WGI7vUvkIv1HoNbfBA1bvIZ+9kL3YVmWxeKuLQsiw= github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.1 h1:Ap63399Z2hVQ/Mh6oTQBy2fWQaI+J0M+AxM94n2qrOw= github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.1/go.mod h1:O/n3rGb940UlPzmhxAwxo8v0ybLDTLc8Qwe7+EoKYGw= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.5 h1:16Z1XuMUv63fcyW5bIUno6AFcX4drsrE0gof+xue6g4= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.5/go.mod h1:pRvFacV2qbRKy34ZFptHZW4wpauJA445bqFbvA6ikSo= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.5 h1:RxpMuBgzP3Dj1n5CZY6droLFcsn5gc7QsrIcaGQoeCs= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.5/go.mod h1:dO8Js7ym4Jzg/wcjTgCRVln/jFn3nI82XNhsG2lWbDI= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.9 h1:v+HbZaCGmOwnTTVS86Fleq0vPzOd7tnJGbFhP0stNLs= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.9/go.mod h1:Xjqy+Nyj7VDLBtCMkQYOw1QYfAEZCVLrfI0ezve8wd4= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.9 h1:N94sVhRACtXyVcjXxrwK1SKFIJrA9pOJ5yu2eSHnmls= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.9/go.mod h1:hqamLz7g1/4EJP+GH5NBhcUMLjW+gKLQabgyz6/7WAU= github.com/aws/aws-sdk-go-v2/internal/ini v1.2.4/go.mod h1:ZcBrrI3zBKlhGFNYWvju0I3TR93I7YIgAfy82Fh4lcQ= -github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1 h1:uR9lXYjdPX0xY+NhvaJ4dD8rpSRz5VY81ccIIoNG+lw= -github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.5 h1:CesTZ0o3+/7N7pDHyoEuS/zL0mD652uRsYCelV08ABU= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.5/go.mod h1:Srr966fyoo72fJ/Hkz3ij6WQiZBX0RMO7w0jyzEwDyo= +github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 h1:GrSw8s0Gs/5zZ0SX+gX4zQjRnRsMJDJ2sLur1gRBhEM= +github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.9 h1:ugD6qzjYtB7zM5PN/ZIeaAIyefPaD82G8+SJopgvUpw= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.9/go.mod h1:YD0aYBWCrPENpHolhKw2XDlTIWae2GKXT1T4o6N6hiM= github.com/aws/aws-sdk-go-v2/service/appconfig v1.4.2/go.mod h1:FZ3HkCe+b10uFZZkFdvf98LHW21k49W8o8J366lqVKY= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.25.5 h1:NfKXRrQTesomlTgmum5kTrd5ywuU4XRmA3bNrXnJ5yk= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.25.5/go.mod h1:k4O1PkdCW+6ZUQGZjEZUkCT+8jmDmneKgLQ0mmmeT8s= -github.com/aws/aws-sdk-go-v2/service/iam v1.27.5 h1:4v1TyMBPGMOeagieS9TFnPaHaqs0pZFu1DXgFecsvwo= -github.com/aws/aws-sdk-go-v2/service/iam v1.27.5/go.mod h1:2Q4GJi6OAgj3bLPGUbA4VkKseAlvnICEtCnKAN6hSQo= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1 h1:rpkF4n0CyFcrJUG/rNNohoTmhtWlFTRI4BsZOh9PvLs= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1/go.mod h1:l9ymW25HOqymeU2m1gbUQ3rUIsTwKs8gYHXkqDQUhiI= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.5 h1:OK4q/3E4Kr1bWgcTqSaxmCE5x463TFtSQrF6mQTqMrw= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.5/go.mod h1:T4RMdi6FqSEFaUMLe/YKTD+tj0l+Uz+mxfT7QxljEIA= -github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.8.5 h1:nt18vYu0XdigeMdoDHJnOQxcCLcAPEeMat18LZUe68I= -github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.8.5/go.mod h1:6a+eoGEovMG1U+gJ9IkjSCSHg2lIaBsr39auD9kW1xA= +github.com/aws/aws-sdk-go-v2/service/dynamodb v1.26.6 h1:kSdpnPOZL9NG5QHoKL5rTsdY+J+77hr+vqVMsPeyNe0= +github.com/aws/aws-sdk-go-v2/service/dynamodb v1.26.6/go.mod h1:o7TD9sjdgrl8l/g2a2IkYjuhxjPy9DMP2sWo7piaRBQ= +github.com/aws/aws-sdk-go-v2/service/iam v1.28.5 h1:Ts2eDDuMLrrmd0ARlg5zSoBQUvhdthgiNnPdiykTJs0= +github.com/aws/aws-sdk-go-v2/service/iam v1.28.5/go.mod h1:kKI0gdVsf+Ev9knh/3lBJbchtX5LLNH25lAzx3KDj3Q= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 h1:/b31bi3YVNlkzkBrm9LfpaKoaYZUxIAj4sHfOTmLfqw= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4/go.mod h1:2aGXHFmbInwgP9ZfpmdIfOELL79zhdNYNmReK8qDfdQ= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.9 h1:/90OR2XbSYfXucBMJ4U14wrjlfleq/0SB6dZDPncgmo= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.9/go.mod h1:dN/Of9/fNZet7UrQQ6kTDo/VSwKPIq94vjlU16bRARc= +github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.8.10 h1:h8uweImUHGgyNKrxIUwpPs6XiH0a6DJ17hSJvFLgPAo= +github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.8.10/go.mod h1:LZKVtMBiZfdvUWgwg61Qo6kyAmE5rn9Dw36AqnycvG8= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.3.2/go.mod h1:72HRZDLMtmVQiLG2tLfQcaWLCssELvGl+Zf2WVxMmR8= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.5 h1:F+XafeiK7Uf4YwTZfe/JLt+3cB6je9sI7l0TY4f2CkY= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.5/go.mod h1:NlZuvlkyu6l/F3+qIBsGGtYLL2Z71tCf5NFoNAaG1NY= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.5 h1:ow5dalHqYM8IbzXFCL86gQY9UJUtZsLyBHUd6OKep9M= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.5/go.mod h1:AcvGHLN2pTXdx1oVFSzcclBvfY2VbBg0AfOE/XjA7oo= -github.com/aws/aws-sdk-go-v2/service/s3 v1.46.0 h1:RaXPp86CLxTKDwCwSTmTW7FvTfaLPXhN48mPtQ881bA= -github.com/aws/aws-sdk-go-v2/service/s3 v1.46.0/go.mod h1:x7gN1BRfTWXdPr/cFGM/iz+c87gRtJ+JMYinObt/0LI= -github.com/aws/aws-sdk-go-v2/service/sqs v1.28.4 h1:Hy1cUZGuZRHe3HPxw7nfA9BFUqdWbyI0JLLiqENgucc= -github.com/aws/aws-sdk-go-v2/service/sqs v1.28.4/go.mod h1:xlxN+2XHAmoRFFkGFZcrmVYQfXSlNpEuqEpN0GZMmaI= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.9 h1:Nf2sHxjMJR8CSImIVCONRi4g0Su3J+TSTbS7G0pUeMU= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.9/go.mod h1:idky4TER38YIjr2cADF1/ugFMKvZV7p//pVeV5LZbF0= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.9 h1:iEAeF6YC3l4FzlJPP9H3Ko1TXpdjdqWffxXjp8SY6uk= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.9/go.mod h1:kjsXoK23q9Z/tLBrckZLLyvjhZoS+AGrzqzUfEClvMM= +github.com/aws/aws-sdk-go-v2/service/s3 v1.47.5 h1:Keso8lIOS+IzI2MkPZyK6G0LYcK3My2LQ+T5bxghEAY= +github.com/aws/aws-sdk-go-v2/service/s3 v1.47.5/go.mod h1:vADO6Jn+Rq4nDtfwNjhgR84qkZwiC6FqCaXdw/kYwjA= +github.com/aws/aws-sdk-go-v2/service/sqs v1.29.5 h1:cJb4I498c1mrOVrRqYTcnLD65AFqUuseHfzHdNZHL9U= +github.com/aws/aws-sdk-go-v2/service/sqs v1.29.5/go.mod h1:mCUv04gd/7g+/HNzDB4X6dzJuygji0ckvB3Lg/TdG5Y= github.com/aws/aws-sdk-go-v2/service/sso v1.4.2/go.mod h1:NBvT9R1MEF+Ud6ApJKM0G+IkPchKS7p7c2YPKwHmBOk= -github.com/aws/aws-sdk-go-v2/service/sso v1.17.5 h1:kuK22ZsITfzaZEkxEl5H/lhy2k3G4clBtcQBI93RbIc= -github.com/aws/aws-sdk-go-v2/service/sso v1.17.5/go.mod h1:/tLqstwPfJLHYGBB5/c8P1ITI82pcGs7cJQuXku2pOg= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.20.3 h1:l5d5nrTFMhiUWNoLnV7QNI4m42/3WVSXqSyqVy+elGk= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.20.3/go.mod h1:30gKZp2pHQJq3yTmVy+hJKDFynSoYzVqYaxe4yPi+xI= +github.com/aws/aws-sdk-go-v2/service/sso v1.18.5 h1:ldSFWz9tEHAwHNmjx2Cvy1MjP5/L9kNoR0skc6wyOOM= +github.com/aws/aws-sdk-go-v2/service/sso v1.18.5/go.mod h1:CaFfXLYL376jgbP7VKC96uFcU8Rlavak0UlAwk1Dlhc= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.5 h1:2k9KmFawS63euAkY4/ixVNsYYwrwnd5fIvgEKkfZFNM= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.5/go.mod h1:W+nd4wWDVkSUIox9bacmkBP5NMFQeTJ/xqNabpzSR38= github.com/aws/aws-sdk-go-v2/service/sts v1.7.2/go.mod h1:8EzeIqfWt2wWT4rJVu3f21TfrhJ8AEMzVybRNSb/b4g= -github.com/aws/aws-sdk-go-v2/service/sts v1.25.6 h1:39dJNBt35p8dFSnQdoy+QbDaPenTxFqqDQFOb1GDYpE= -github.com/aws/aws-sdk-go-v2/service/sts v1.25.6/go.mod h1:6DKEi+8OnUrqEEh6OCam16AYQHWAOyNgRiUGnHoh7Cg= +github.com/aws/aws-sdk-go-v2/service/sts v1.26.5 h1:5UYvv8JUvllZsRnfrcMQ+hJ9jNICmcgKPAO1CER25Wg= +github.com/aws/aws-sdk-go-v2/service/sts v1.26.5/go.mod h1:XX5gh4CB7wAs4KhcF46G6C8a2i7eupU19dcAAE+EydU= github.com/aws/smithy-go v1.8.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= -github.com/aws/smithy-go v1.17.0 h1:wWJD7LX6PBV6etBUwO0zElG0nWN9rUhp0WdYeHSHAaI= -github.com/aws/smithy-go v1.17.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= +github.com/aws/smithy-go v1.19.0 h1:KWFKQV80DpP3vJrrA9sVAHQ5gc2z8i4EzrLhLlWXcBM= +github.com/aws/smithy-go v1.19.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f h1:ZNv7On9kyUzm7fvRZumSyy/IUiSC7AzL0I1jKKtwooA= github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f/go.mod h1:AuiFmCCPBSrqvVMvuqFuk0qogytodnVFVSN5CeJB8Gc= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -632,8 +632,8 @@ github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 h1:YBftPWNWd4WwGqtY2yeZL2ef8rH github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0/go.mod h1:YN5jB8ie0yfIUg6VvR9Kz84aCaG7AsGZnLjhHbUqwPg= github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 h1:2VTzZjLZBgl62/EtslCrtky5vbi9dd7HrQPQIx6wqiw= github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI= -github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.43 h1:IHnW2UNo8CnKJCKN90Osq+ViH/RzfxeRUBRLzZOA4C0= -github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.43/go.mod h1:vahmnnIdr7LCswcRr+9z5YCTiytyV5qYIYmw7b4QyUE= +github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.44.0.20231208210559-5fe101fe4327 h1:K6QjlStZMBeYt5nHli/OC4MQe8clqHR2KUxyd237g5c= +github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.44.0.20231208210559-5fe101fe4327/go.mod h1:roO9Btzl+fvOFhvDN7CuPf6n60K6Yh0ykzwxhwbMK90= github.com/hashicorp/consul/api v1.13.0 h1:2hnLQ0GjQvw7f3O61jMO8gbasZviZTrt9R8WzgiirHc= github.com/hashicorp/consul/api v1.13.0/go.mod h1:ZlVrynguJKcYr54zGaDbaL3fOvKC9m72FhPvA8T35KQ= github.com/hashicorp/consul/sdk v0.8.0 h1:OJtKBtEjboEZvG6AOUdh4Z1Zbyu0WcxQ0qatRrZHTVU= From c701ad1e2adbbe7ea39344039a494f8d63dc8a52 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 8 Dec 2023 13:46:04 -0800 Subject: [PATCH 2/6] Adds tests for STS endpoint override --- .../remote-state/s3/backend_complete_test.go | 331 ++++++++++++++++++ 1 file changed, 331 insertions(+) diff --git a/internal/backend/remote-state/s3/backend_complete_test.go b/internal/backend/remote-state/s3/backend_complete_test.go index 9f32f8d51bf5..3ab712201e17 100644 --- a/internal/backend/remote-state/s3/backend_complete_test.go +++ b/internal/backend/remote-state/s3/backend_complete_test.go @@ -2410,3 +2410,334 @@ func configureBackend(t *testing.T, config map[string]any) (*Backend, tfdiags.Di func sharedConfigCredentialsSource(filename string) string { return fmt.Sprintf(sharedConfigCredentialsProvider+": %s", filename) } + +func TestStsEndpoint(t *testing.T) { + type settype int + const ( + setNone settype = iota + setValid + setInvalid + ) + testcases := map[string]struct { + Config map[string]any + SetServiceEndpoint settype + SetEnv string + SetInvalidEnv string + // Use string at index 1 for valid endpoint url and index 2 for invalid endpoint url + ConfigFile string + ExpectedCredentials aws.Credentials + }{ + "service config": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetServiceEndpoint: setValid, + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "service config overrides service envvar": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetServiceEndpoint: setValid, + SetInvalidEnv: "AWS_ENDPOINT_URL_STS", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "service config overrides base envvar": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetServiceEndpoint: setValid, + SetInvalidEnv: "AWS_ENDPOINT_URL", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "service config overrides service config_file": { + Config: map[string]any{ + "profile": "default", + }, + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +services = sts-test + +[services sts-test] +sts = + endpoint_url = %[2]s +`, + SetServiceEndpoint: setValid, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + "service config overrides base config_file": { + Config: map[string]any{ + "profile": "default", + }, + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +endpoint_url = %[2]s +`, + SetServiceEndpoint: setValid, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + "service envvar": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetEnv: "AWS_ENDPOINT_URL_STS", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "base envvar": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetEnv: "AWS_ENDPOINT_URL", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "service envvar overrides base envvar": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetEnv: "AWS_ENDPOINT_URL_STS", + SetInvalidEnv: "AWS_ENDPOINT_URL", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "service config_file": { + Config: map[string]any{ + "profile": "default", + }, + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +services = sts-test + +[services sts-test] +sts = + endpoint_url = %[1]s +`, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + "service config_file overrides base config_file": { + Config: map[string]any{ + "profile": "default", + }, + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +services = sts-test +endpoint_url = %[2]s + +[services sts-test] +sts = + endpoint_url = %[1]s +`, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + "service envvar overrides service config_file": { + Config: map[string]any{ + "profile": "default", + }, + SetEnv: "AWS_ENDPOINT_URL_STS", + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +services = sts-test + +[services sts-test] +sts = + endpoint_url = %[2]s +`, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + "base envvar overrides service config_file": { + Config: map[string]any{ + "profile": "default", + }, + SetEnv: "AWS_ENDPOINT_URL", + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +services = sts-test + +[services sts-test] +sts = + endpoint_url = %[2]s +`, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + "base config_file": { + Config: map[string]any{ + "profile": "default", + }, + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +endpoint_url = %[1]s +`, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + "base envvar overrides base config_file": { + Config: map[string]any{ + "profile": "default", + }, + SetEnv: "AWS_ENDPOINT_URL", + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +endpoint_url = %[2]s +`, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + "service envvar overrides base config_file": { + Config: map[string]any{ + "profile": "default", + }, + SetEnv: "AWS_ENDPOINT_URL_STS", + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +endpoint_url = %[2]s +`, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + } + + for name, testcase := range testcases { + testcase := testcase + + t.Run(name, func(t *testing.T) { + servicemocks.InitSessionTestEnv(t) + + // Populate required fields + testcase.Config["bucket"] = "bucket" + testcase.Config["key"] = "key" + testcase.Config["region"] = "us-west-2" + + ts := servicemocks.MockAwsApiServer("STS", []*servicemocks.MockEndpoint{ + servicemocks.MockStsGetCallerIdentityValidEndpoint, + }) + defer ts.Close() + stsEndpoint := ts.URL + + invalidTS := servicemocks.MockAwsApiServer("STS", []*servicemocks.MockEndpoint{ + servicemocks.MockStsGetCallerIdentityInvalidEndpointAccessDenied, + }) + defer invalidTS.Close() + stsInvalidEndpoint := invalidTS.URL + + if testcase.SetServiceEndpoint == setValid { + testcase.Config["endpoints"] = map[string]any{ + "sts": stsEndpoint, + } + } + if testcase.SetEnv != "" { + t.Setenv(testcase.SetEnv, stsEndpoint) + } + if testcase.SetInvalidEnv != "" { + t.Setenv(testcase.SetInvalidEnv, stsInvalidEndpoint) + } + if testcase.ConfigFile != "" { + tempDir := t.TempDir() + filename := writeSharedConfigFile(t, testcase.Config, tempDir, fmt.Sprintf(testcase.ConfigFile, stsEndpoint, stsInvalidEndpoint)) + testcase.ExpectedCredentials.Source = sharedConfigCredentialsSource(filename) + } + + b, diags := configureBackend(t, testcase.Config) + if diags.HasErrors() { + t.Fatalf("configuring backend: %s", diagnosticsString(diags)) + } + + ctx := context.TODO() + + credentialsValue, err := b.awsConfig.Credentials.Retrieve(ctx) + if err != nil { + t.Fatalf("unexpected credentials Retrieve() error: %s", err) + } + + if diff := cmp.Diff(credentialsValue, testcase.ExpectedCredentials, cmpopts.IgnoreFields(aws.Credentials{}, "Expires")); diff != "" { + t.Fatalf("unexpected credentials: (- got, + expected)\n%s", diff) + } + }) + } +} + +func writeSharedConfigFile(t *testing.T, config map[string]any, tempDir, content string) string { + t.Helper() + + file, err := os.Create(filepath.Join(tempDir, "aws-sdk-go-base-shared-configuration-file")) + if err != nil { + t.Fatalf("creating shared configuration file: %s", err) + } + + _, err = file.WriteString(content) + if err != nil { + t.Fatalf(" writing shared configuration file: %s", err) + } + + config["shared_config_files"] = []any{file.Name()} + + return file.Name() +} From c9eae74ba783d65ca04fbc6ea6e2806f686a189e Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 8 Dec 2023 14:27:14 -0800 Subject: [PATCH 3/6] Adds tests to handle legacy config and envvars --- .../remote-state/s3/backend_complete_test.go | 218 +++++++++++++++--- 1 file changed, 191 insertions(+), 27 deletions(-) diff --git a/internal/backend/remote-state/s3/backend_complete_test.go b/internal/backend/remote-state/s3/backend_complete_test.go index 3ab712201e17..b9a0d52b8269 100644 --- a/internal/backend/remote-state/s3/backend_complete_test.go +++ b/internal/backend/remote-state/s3/backend_complete_test.go @@ -2419,14 +2419,17 @@ func TestStsEndpoint(t *testing.T) { setInvalid ) testcases := map[string]struct { - Config map[string]any - SetServiceEndpoint settype - SetEnv string - SetInvalidEnv string + Config map[string]any + SetServiceEndpoint settype + SetServiceEndpointLegacy settype + SetEnv string + SetInvalidEnv string // Use string at index 1 for valid endpoint url and index 2 for invalid endpoint url ConfigFile string ExpectedCredentials aws.Credentials }{ + // Service Config + "service config": { Config: map[string]any{ "access_key": servicemocks.MockStaticAccessKey, @@ -2446,6 +2449,16 @@ func TestStsEndpoint(t *testing.T) { ExpectedCredentials: mockdata.MockStaticCredentials, }, + "service config overrides service envvar legacy": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetServiceEndpoint: setValid, + SetInvalidEnv: "AWS_STS_ENDPOINT", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + "service config overrides base envvar": { Config: map[string]any{ "access_key": servicemocks.MockStaticAccessKey, @@ -2496,21 +2509,95 @@ endpoint_url = %[2]s }, }, - "service envvar": { + // Service Config Legacy + + "service config legacy": { Config: map[string]any{ "access_key": servicemocks.MockStaticAccessKey, "secret_key": servicemocks.MockStaticSecretKey, }, - SetEnv: "AWS_ENDPOINT_URL_STS", - ExpectedCredentials: mockdata.MockStaticCredentials, + SetServiceEndpointLegacy: setValid, + ExpectedCredentials: mockdata.MockStaticCredentials, }, - "base envvar": { + "service config legacy overrides service envvar": { Config: map[string]any{ "access_key": servicemocks.MockStaticAccessKey, "secret_key": servicemocks.MockStaticSecretKey, }, - SetEnv: "AWS_ENDPOINT_URL", + SetServiceEndpointLegacy: setValid, + SetInvalidEnv: "AWS_ENDPOINT_URL_STS", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "service config legacy overrides service envvar legacy": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetServiceEndpointLegacy: setValid, + SetInvalidEnv: "AWS_STS_ENDPOINT", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "service config legacy overrides base envvar": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetServiceEndpointLegacy: setValid, + SetInvalidEnv: "AWS_ENDPOINT_URL", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "service config legacy overrides service config_file": { + Config: map[string]any{ + "profile": "default", + }, + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +services = sts-test + +[services sts-test] +sts = + endpoint_url = %[2]s +`, + SetServiceEndpointLegacy: setValid, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + "service config legacy overrides base config_file": { + Config: map[string]any{ + "profile": "default", + }, + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +endpoint_url = %[2]s +`, + SetServiceEndpointLegacy: setValid, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + // Service Envvar + + "service envvar": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetEnv: "AWS_ENDPOINT_URL_STS", ExpectedCredentials: mockdata.MockStaticCredentials, }, @@ -2524,10 +2611,11 @@ endpoint_url = %[2]s ExpectedCredentials: mockdata.MockStaticCredentials, }, - "service config_file": { + "service envvar overrides service config_file": { Config: map[string]any{ "profile": "default", }, + SetEnv: "AWS_ENDPOINT_URL_STS", ConfigFile: ` [default] aws_access_key_id = DefaultSharedCredentialsAccessKey @@ -2536,7 +2624,7 @@ services = sts-test [services sts-test] sts = - endpoint_url = %[1]s + endpoint_url = %[2]s `, ExpectedCredentials: aws.Credentials{ AccessKeyID: "DefaultSharedCredentialsAccessKey", @@ -2545,20 +2633,59 @@ sts = }, }, - "service config_file overrides base config_file": { + "service envvar overrides base config_file": { Config: map[string]any{ "profile": "default", }, + SetEnv: "AWS_ENDPOINT_URL_STS", ConfigFile: ` [default] aws_access_key_id = DefaultSharedCredentialsAccessKey aws_secret_access_key = DefaultSharedCredentialsSecretKey -services = sts-test endpoint_url = %[2]s +`, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + // Service Envvar Legacy + + "service envvar legacy": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetEnv: "AWS_STS_ENDPOINT", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "service envvar legacy overrides base envvar": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetEnv: "AWS_STS_ENDPOINT", + SetInvalidEnv: "AWS_ENDPOINT_URL", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "service envvar legacy overrides service config_file": { + Config: map[string]any{ + "profile": "default", + }, + SetEnv: "AWS_STS_ENDPOINT", + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +services = sts-test [services sts-test] sts = - endpoint_url = %[1]s + endpoint_url = %[2]s `, ExpectedCredentials: aws.Credentials{ AccessKeyID: "DefaultSharedCredentialsAccessKey", @@ -2567,11 +2694,30 @@ sts = }, }, - "service envvar overrides service config_file": { + "service envvar legacy overrides base config_file": { + Config: map[string]any{ + "profile": "default", + }, + SetEnv: "AWS_STS_ENDPOINT", + ConfigFile: ` +[default] +aws_access_key_id = DefaultSharedCredentialsAccessKey +aws_secret_access_key = DefaultSharedCredentialsSecretKey +endpoint_url = %[2]s +`, + ExpectedCredentials: aws.Credentials{ + AccessKeyID: "DefaultSharedCredentialsAccessKey", + SecretAccessKey: "DefaultSharedCredentialsSecretKey", + Source: sharedConfigCredentialsProvider, + }, + }, + + // Service Config File + + "service config_file": { Config: map[string]any{ "profile": "default", }, - SetEnv: "AWS_ENDPOINT_URL_STS", ConfigFile: ` [default] aws_access_key_id = DefaultSharedCredentialsAccessKey @@ -2580,7 +2726,7 @@ services = sts-test [services sts-test] sts = - endpoint_url = %[2]s + endpoint_url = %[1]s `, ExpectedCredentials: aws.Credentials{ AccessKeyID: "DefaultSharedCredentialsAccessKey", @@ -2589,20 +2735,20 @@ sts = }, }, - "base envvar overrides service config_file": { + "service config_file overrides base config_file": { Config: map[string]any{ "profile": "default", }, - SetEnv: "AWS_ENDPOINT_URL", ConfigFile: ` [default] aws_access_key_id = DefaultSharedCredentialsAccessKey aws_secret_access_key = DefaultSharedCredentialsSecretKey services = sts-test +endpoint_url = %[2]s [services sts-test] sts = - endpoint_url = %[2]s + endpoint_url = %[1]s `, ExpectedCredentials: aws.Credentials{ AccessKeyID: "DefaultSharedCredentialsAccessKey", @@ -2611,15 +2757,31 @@ sts = }, }, - "base config_file": { + // Base envvar + + "base envvar": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetEnv: "AWS_ENDPOINT_URL", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + + "base envvar overrides service config_file": { Config: map[string]any{ "profile": "default", }, + SetEnv: "AWS_ENDPOINT_URL", ConfigFile: ` [default] aws_access_key_id = DefaultSharedCredentialsAccessKey aws_secret_access_key = DefaultSharedCredentialsSecretKey -endpoint_url = %[1]s +services = sts-test + +[services sts-test] +sts = + endpoint_url = %[2]s `, ExpectedCredentials: aws.Credentials{ AccessKeyID: "DefaultSharedCredentialsAccessKey", @@ -2628,16 +2790,15 @@ endpoint_url = %[1]s }, }, - "base envvar overrides base config_file": { + "base config_file": { Config: map[string]any{ "profile": "default", }, - SetEnv: "AWS_ENDPOINT_URL", ConfigFile: ` [default] aws_access_key_id = DefaultSharedCredentialsAccessKey aws_secret_access_key = DefaultSharedCredentialsSecretKey -endpoint_url = %[2]s +endpoint_url = %[1]s `, ExpectedCredentials: aws.Credentials{ AccessKeyID: "DefaultSharedCredentialsAccessKey", @@ -2646,11 +2807,11 @@ endpoint_url = %[2]s }, }, - "service envvar overrides base config_file": { + "base envvar overrides base config_file": { Config: map[string]any{ "profile": "default", }, - SetEnv: "AWS_ENDPOINT_URL_STS", + SetEnv: "AWS_ENDPOINT_URL", ConfigFile: ` [default] aws_access_key_id = DefaultSharedCredentialsAccessKey @@ -2693,6 +2854,9 @@ endpoint_url = %[2]s "sts": stsEndpoint, } } + if testcase.SetServiceEndpointLegacy == setValid { + testcase.Config["sts_endpoint"] = stsEndpoint + } if testcase.SetEnv != "" { t.Setenv(testcase.SetEnv, stsEndpoint) } From a8028da56f34e41ffd1bc951dd9dd690b9b7433e Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 8 Dec 2023 14:30:22 -0800 Subject: [PATCH 4/6] Adds test for standard envvar overriding legacy envvar --- .../backend/remote-state/s3/backend_complete_test.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/internal/backend/remote-state/s3/backend_complete_test.go b/internal/backend/remote-state/s3/backend_complete_test.go index b9a0d52b8269..8621172174ae 100644 --- a/internal/backend/remote-state/s3/backend_complete_test.go +++ b/internal/backend/remote-state/s3/backend_complete_test.go @@ -2651,6 +2651,16 @@ endpoint_url = %[2]s }, }, + "service envvar overrides service envvar legacy": { + Config: map[string]any{ + "access_key": servicemocks.MockStaticAccessKey, + "secret_key": servicemocks.MockStaticSecretKey, + }, + SetEnv: "AWS_ENDPOINT_URL_STS", + SetInvalidEnv: "AWS_STS_ENDPOINT", + ExpectedCredentials: mockdata.MockStaticCredentials, + }, + // Service Envvar Legacy "service envvar legacy": { From 29708f0784719d747dece0c1f77228a6d33202a7 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 8 Dec 2023 15:44:59 -0800 Subject: [PATCH 5/6] Documents `AWS_ENDPOINT_URL` environment variable and endpoints configured in shared config files --- website/docs/language/settings/backends/s3.mdx | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/website/docs/language/settings/backends/s3.mdx b/website/docs/language/settings/backends/s3.mdx index f21ff0e4b7cc..c425672b0303 100644 --- a/website/docs/language/settings/backends/s3.mdx +++ b/website/docs/language/settings/backends/s3.mdx @@ -214,6 +214,13 @@ The optional argument `endpoints` contains the following arguments: * `sts` - (Optional) Custom endpoint URL for the AWS STS API. This can also be sourced from the environment variable `AWS_ENDPOINT_URL_STS` or the deprecated environment variable `AWS_STS_ENDPOINT`. +The environment variable `AWS_ENDPOINT_URL` can be used to set a base endpoint URL for all services. + +Endpoints can also be overridden using the [AWS shared configuration file](https://docs.aws.amazon.com/sdkref/latest/guide/feature-ss-endpoints.html#ss-endpoints-config). +Setting the parameter `endpoint_url` on a profile will set that endpoint for all services. +To set endpoints for specific services, create a `services` section and set the `endpoint_url` parameters for each desired service. +Endpoints set for specific services will override the base endpoint configured in the profile. + #### Assume Role Configuration Assuming an IAM Role can be configured in two ways. From 1989693dae6f3f20604036b96d43b59a195dfa7f Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Tue, 12 Dec 2023 11:33:03 -0800 Subject: [PATCH 6/6] Updates dependencies --- go.mod | 4 +--- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index c04986067840..a679106dc8c6 100644 --- a/go.mod +++ b/go.mod @@ -33,7 +33,7 @@ require ( github.com/golang/mock v1.6.0 github.com/google/go-cmp v0.6.0 github.com/google/uuid v1.3.1 - github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.43 + github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.45 github.com/hashicorp/consul/api v1.13.0 github.com/hashicorp/consul/sdk v0.8.0 github.com/hashicorp/copywrite v0.16.3 @@ -276,5 +276,3 @@ require ( ) go 1.21.5 - -replace github.com/hashicorp/aws-sdk-go-base/v2 => github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.44.0.20231208210559-5fe101fe4327 diff --git a/go.sum b/go.sum index 73fea87d53a4..c4538f822249 100644 --- a/go.sum +++ b/go.sum @@ -632,8 +632,8 @@ github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 h1:YBftPWNWd4WwGqtY2yeZL2ef8rH github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0/go.mod h1:YN5jB8ie0yfIUg6VvR9Kz84aCaG7AsGZnLjhHbUqwPg= github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 h1:2VTzZjLZBgl62/EtslCrtky5vbi9dd7HrQPQIx6wqiw= github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI= -github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.44.0.20231208210559-5fe101fe4327 h1:K6QjlStZMBeYt5nHli/OC4MQe8clqHR2KUxyd237g5c= -github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.44.0.20231208210559-5fe101fe4327/go.mod h1:roO9Btzl+fvOFhvDN7CuPf6n60K6Yh0ykzwxhwbMK90= +github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.45 h1:esKaa1l2oJiARVIa20DPxgID9V7FyFfert7X1FWg1HU= +github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.45/go.mod h1:roO9Btzl+fvOFhvDN7CuPf6n60K6Yh0ykzwxhwbMK90= github.com/hashicorp/consul/api v1.13.0 h1:2hnLQ0GjQvw7f3O61jMO8gbasZviZTrt9R8WzgiirHc= github.com/hashicorp/consul/api v1.13.0/go.mod h1:ZlVrynguJKcYr54zGaDbaL3fOvKC9m72FhPvA8T35KQ= github.com/hashicorp/consul/sdk v0.8.0 h1:OJtKBtEjboEZvG6AOUdh4Z1Zbyu0WcxQ0qatRrZHTVU=