diff options
| author | Dave Henderson <dhenderson@gmail.com> | 2018-08-29 20:39:35 -0400 |
|---|---|---|
| committer | Dave Henderson <dhenderson@gmail.com> | 2018-08-29 20:39:35 -0400 |
| commit | c685affef751c8f53026ec67d2ef947c46f66ada (patch) | |
| tree | 48b163e88b1e112a1d7b93b5b8088bea25ffb18e /vendor/github.com | |
| parent | 0977f31ee3085f9ea7b5628eb5a2bac91c6ec163 (diff) | |
Updating dependencies
Signed-off-by: Dave Henderson <dhenderson@gmail.com>
Diffstat (limited to 'vendor/github.com')
40 files changed, 1331 insertions, 491 deletions
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go index ed086992..a270844d 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go @@ -158,13 +158,14 @@ func (e *Expiry) SetExpiration(expiration time.Time, window time.Duration) { // IsExpired returns if the credentials are expired. func (e *Expiry) IsExpired() bool { - if e.CurrentTime == nil { - e.CurrentTime = time.Now + curTime := e.CurrentTime + if curTime == nil { + curTime = time.Now } - return e.expiration.Before(e.CurrentTime()) + return e.expiration.Before(curTime()) } -// A Credentials provides synchronous safe retrieval of AWS credentials Value. +// A Credentials provides concurrency safe retrieval of AWS credentials Value. // Credentials will cache the credentials value until they expire. Once the value // expires the next Get will attempt to retrieve valid credentials. // diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go index 74f72de0..c04ba06c 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go @@ -84,6 +84,7 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol custAddEC2Metadata(p) custAddS3DualStack(p) custRmIotDataService(p) + custFixAppAutoscalingChina(p) } return ps, nil @@ -122,6 +123,27 @@ func custRmIotDataService(p *partition) { delete(p.Services, "data.iot") } +func custFixAppAutoscalingChina(p *partition) { + if p.ID != "aws-cn" { + return + } + + const serviceName = "application-autoscaling" + s, ok := p.Services[serviceName] + if !ok { + return + } + + const expectHostname = `autoscaling.{region}.amazonaws.com` + if e, a := s.Defaults.Hostname, expectHostname; e != a { + fmt.Printf("custFixAppAutoscalingChina: ignoring customization, expected %s, got %s\n", e, a) + return + } + + s.Defaults.Hostname = expectHostname + ".cn" + p.Services[serviceName] = s +} + type decodeModelError struct { awsError } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index 8e823bec..86788100 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -50,6 +50,7 @@ const ( AcmPcaServiceID = "acm-pca" // AcmPca. ApiMediatailorServiceID = "api.mediatailor" // ApiMediatailor. ApiPricingServiceID = "api.pricing" // ApiPricing. + ApiSagemakerServiceID = "api.sagemaker" // ApiSagemaker. ApigatewayServiceID = "apigateway" // Apigateway. ApplicationAutoscalingServiceID = "application-autoscaling" // ApplicationAutoscaling. Appstream2ServiceID = "appstream2" // Appstream2. @@ -112,6 +113,7 @@ const ( ImportexportServiceID = "importexport" // Importexport. InspectorServiceID = "inspector" // Inspector. IotServiceID = "iot" // Iot. + IotanalyticsServiceID = "iotanalytics" // Iotanalytics. KinesisServiceID = "kinesis" // Kinesis. KinesisanalyticsServiceID = "kinesisanalytics" // Kinesisanalytics. KinesisvideoServiceID = "kinesisvideo" // Kinesisvideo. @@ -146,7 +148,6 @@ const ( RuntimeLexServiceID = "runtime.lex" // RuntimeLex. RuntimeSagemakerServiceID = "runtime.sagemaker" // RuntimeSagemaker. S3ServiceID = "s3" // S3. - SagemakerServiceID = "sagemaker" // Sagemaker. SdbServiceID = "sdb" // Sdb. SecretsmanagerServiceID = "secretsmanager" // Secretsmanager. ServerlessrepoServiceID = "serverlessrepo" // Serverlessrepo. @@ -304,6 +305,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -330,6 +332,19 @@ var awsPartition = partition{ "us-east-1": endpoint{}, }, }, + "api.sagemaker": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "apigateway": service{ Endpoints: endpoints{ @@ -394,10 +409,13 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -453,6 +471,7 @@ var awsPartition = partition{ "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -787,10 +806,11 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, }, }, "config": service{ @@ -1030,11 +1050,17 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips": endpoint{ + Hostname: "elasticache-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "elasticbeanstalk": service{ @@ -1060,6 +1086,7 @@ var awsPartition = partition{ "elasticfilesystem": service{ Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, @@ -1095,7 +1122,7 @@ var awsPartition = partition{ "elasticmapreduce": service{ Defaults: endpoint{ SSLCommonName: "{region}.{service}.{dnsSuffix}", - Protocols: []string{"http", "https"}, + Protocols: []string{"https"}, }, Endpoints: endpoints{ "ap-northeast-1": endpoint{}, @@ -1195,11 +1222,15 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1264,6 +1295,7 @@ var awsPartition = partition{ "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, @@ -1281,6 +1313,7 @@ var awsPartition = partition{ "ap-northeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, "us-east-1": endpoint{}, "us-west-2": endpoint{}, }, @@ -1377,6 +1410,15 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "iotanalytics": service{ + + Endpoints: endpoints{ + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "kinesis": service{ Endpoints: endpoints{ @@ -1400,9 +1442,10 @@ var awsPartition = partition{ "kinesisanalytics": service{ Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "kinesisvideo": service{ @@ -1530,6 +1573,7 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, @@ -1558,6 +1602,7 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, @@ -1816,6 +1861,7 @@ var awsPartition = partition{ "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1858,6 +1904,9 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1923,17 +1972,6 @@ var awsPartition = partition{ }, }, }, - "sagemaker": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, "sdb": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -2195,6 +2233,7 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, @@ -2495,7 +2534,7 @@ var awscnPartition = partition{ }, "application-autoscaling": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", + Hostname: "autoscaling.{region}.amazonaws.com.cn", Protocols: []string{"http", "https"}, CredentialScope: credentialScope{ Service: "application-autoscaling", @@ -2631,7 +2670,7 @@ var awscnPartition = partition{ }, "elasticmapreduce": service{ Defaults: endpoint{ - Protocols: []string{"http", "https"}, + Protocols: []string{"https"}, }, Endpoints: endpoints{ "cn-north-1": endpoint{}, @@ -2960,6 +2999,12 @@ var awsusgovPartition = partition{ "elasticache": service{ Endpoints: endpoints{ + "fips": endpoint{ + Hostname: "elasticache-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-west-1": endpoint{}, }, }, @@ -2981,7 +3026,7 @@ var awsusgovPartition = partition{ Endpoints: endpoints{ "us-gov-west-1": endpoint{ - Protocols: []string{"http", "https"}, + Protocols: []string{"https"}, }, }, }, @@ -3024,6 +3069,16 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "iot": service{ + Defaults: endpoint{ + CredentialScope: credentialScope{ + Service: "execute-api", + }, + }, + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "kinesis": service{ Endpoints: endpoints{ @@ -3140,6 +3195,12 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "states": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "storagegateway": service{ Endpoints: endpoints{ diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index 05885623..e84bbc7f 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.15.0" +const SDKVersion = "1.15.24" diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go index 07764c86..1bfe45f6 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go @@ -94,8 +94,6 @@ func (b *xmlBuilder) buildStruct(value reflect.Value, current *XMLNode, tag refl return nil } - fieldAdded := false - // unwrap payloads if payload := tag.Get("payload"); payload != "" { field, _ := value.Type().FieldByName(payload) @@ -123,6 +121,8 @@ func (b *xmlBuilder) buildStruct(value reflect.Value, current *XMLNode, tag refl child.Attr = append(child.Attr, ns) } + var payloadFields, nonPayloadFields int + t := value.Type() for i := 0; i < value.NumField(); i++ { member := elemOf(value.Field(i)) @@ -137,8 +137,10 @@ func (b *xmlBuilder) buildStruct(value reflect.Value, current *XMLNode, tag refl mTag := field.Tag if mTag.Get("location") != "" { // skip non-body members + nonPayloadFields++ continue } + payloadFields++ if protocol.CanSetIdempotencyToken(value.Field(i), field) { token := protocol.GetIdempotencyToken() @@ -153,11 +155,11 @@ func (b *xmlBuilder) buildStruct(value reflect.Value, current *XMLNode, tag refl if err := b.buildValue(member, child, mTag); err != nil { return err } - - fieldAdded = true } - if fieldAdded { // only append this child if we have one ore more valid members + // Only case where the child shape is not added is if the shape only contains + // non-payload fields, e.g headers/query. + if !(payloadFields == 0 && nonPayloadFields > 0) { current.AddChild(child) } diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index f965ecbd..292fd5c5 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -287,17 +287,21 @@ func (c *EC2) AllocateAddressRequest(input *AllocateAddressInput) (req *request. // AllocateAddress API operation for Amazon Elastic Compute Cloud. // -// Allocates an Elastic IP address. +// Allocates an Elastic IP address to your AWS account. After you allocate the +// Elastic IP address you can associate it with an instance or network interface. +// After you release an Elastic IP address, it is released to the IP address +// pool and can be allocated to a different AWS account. +// +// [EC2-VPC] If you release an Elastic IP address, you might be able to recover +// it. You cannot recover an Elastic IP address that you released after it is +// allocated to another AWS account. You cannot recover an Elastic IP address +// for EC2-Classic. To attempt to recover an Elastic IP address that you released, +// specify it in this operation. // // An Elastic IP address is for use either in the EC2-Classic platform or in // a VPC. By default, you can allocate 5 Elastic IP addresses for EC2-Classic // per region and 5 Elastic IP addresses for EC2-VPC per region. // -// If you release an Elastic IP address for use in a VPC, you might be able -// to recover it. To recover an Elastic IP address that you released, specify -// it in the Address parameter. Note that you cannot recover an Elastic IP address -// that you released after it is allocated to another AWS account. -// // For more information, see Elastic IP Addresses (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) // in the Amazon Elastic Compute Cloud User Guide. // @@ -616,6 +620,7 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // AssociateAddress API operation for Amazon Elastic Compute Cloud. // // Associates an Elastic IP address with an instance or a network interface. +// Before you can use an Elastic IP address, you must allocate it to your account. // // An Elastic IP address is for use in either the EC2-Classic platform or in // a VPC. For more information, see Elastic IP Addresses (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) @@ -880,7 +885,7 @@ func (c *EC2) AssociateRouteTableRequest(input *AssociateRouteTableInput) (req * // an association ID, which you need in order to disassociate the route table // from the subnet later. A route table can be associated with multiple subnets. // -// For more information about route tables, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1198,8 +1203,8 @@ func (c *EC2) AttachInternetGatewayRequest(input *AttachInternetGatewayInput) (r // AttachInternetGateway API operation for Amazon Elastic Compute Cloud. // -// Attaches an Internet gateway to a VPC, enabling connectivity between the -// Internet and the VPC. For more information about your VPC and Internet gateway, +// Attaches an internet gateway to a VPC, enabling connectivity between the +// internet and the VPC. For more information about your VPC and internet gateway, // see the Amazon Virtual Private Cloud User Guide (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2845,12 +2850,12 @@ func (c *EC2) CreateDefaultVpcRequest(input *CreateDefaultVpcInput) (req *reques // in the Amazon Virtual Private Cloud User Guide. You cannot specify the components // of the default VPC yourself. // -// You can create a default VPC if you deleted your previous default VPC. You -// cannot have more than one default VPC per region. +// iIf you deleted your previous default VPC, you can create a default VPC. +// You cannot have more than one default VPC per Region. // // If your account supports EC2-Classic, you cannot use this action to create -// a default VPC in a region that supports EC2-Classic. If you want a default -// VPC in a region that supports EC2-Classic, see "I really want a default VPC +// a default VPC in a Region that supports EC2-Classic. If you want a default +// VPC in a Region that supports EC2-Classic, see "I really want a default VPC // for my existing EC2 account. Is that possible?" in the Default VPCs FAQ (http://aws.amazon.com/vpc/faqs/#Default_VPCs). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2934,9 +2939,9 @@ func (c *EC2) CreateDhcpOptionsRequest(input *CreateDhcpOptionsInput) (req *requ // * domain-name-servers - The IP addresses of up to four domain name servers, // or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. // If specifying more than one domain name server, specify the IP addresses -// in a single parameter, separated by commas. If you want your instance -// to receive a custom DNS hostname as specified in domain-name, you must -// set domain-name-servers to a custom DNS server. +// in a single parameter, separated by commas. ITo have your instance to +// receive a custom DNS hostname as specified in domain-name, you must set +// domain-name-servers to a custom DNS server. // // * domain-name - If you're using AmazonProvidedDNS in us-east-1, specify // ec2.internal. If you're using AmazonProvidedDNS in another region, specify @@ -2960,10 +2965,9 @@ func (c *EC2) CreateDhcpOptionsRequest(input *CreateDhcpOptionsInput) (req *requ // // Your VPC automatically starts out with a set of DHCP options that includes // only a DNS server that we provide (AmazonProvidedDNS). If you create a set -// of options, and if your VPC has an Internet gateway, make sure to set the +// of options, and if your VPC has an internet gateway, make sure to set the // domain-name-servers option either to AmazonProvidedDNS or to a domain name -// server of your choice. For more information about DHCP options, see DHCP -// Options Sets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// server of your choice. For more information, see DHCP Options Sets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3038,9 +3042,9 @@ func (c *EC2) CreateEgressOnlyInternetGatewayRequest(input *CreateEgressOnlyInte // CreateEgressOnlyInternetGateway API operation for Amazon Elastic Compute Cloud. // -// [IPv6 only] Creates an egress-only Internet gateway for your VPC. An egress-only -// Internet gateway is used to enable outbound communication over IPv6 from -// instances in your VPC to the Internet, and prevents hosts outside of your +// [IPv6 only] Creates an egress-only internet gateway for your VPC. An egress-only +// internet gateway is used to enable outbound communication over IPv6 from +// instances in your VPC to the internet, and prevents hosts outside of your // VPC from initiating an IPv6 connection with your instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3195,16 +3199,19 @@ func (c *EC2) CreateFlowLogsRequest(input *CreateFlowLogsInput) (req *request.Re // CreateFlowLogs API operation for Amazon Elastic Compute Cloud. // -// Creates one or more flow logs to capture IP traffic for a specific network -// interface, subnet, or VPC. Flow logs are delivered to a specified log group -// in Amazon CloudWatch Logs. If you specify a VPC or subnet in the request, -// a log stream is created in CloudWatch Logs for each network interface in -// the subnet or VPC. Log streams can include information about accepted and -// rejected traffic to a network interface. You can view the data in your log -// streams using Amazon CloudWatch Logs. +// Creates one or more flow logs to capture information about IP traffic for +// a specific network interface, subnet, or VPC. // -// In your request, you must also specify an IAM role that has permission to -// publish logs to CloudWatch Logs. +// Flow log data for a monitored network interface is recorded as flow log records, +// which are log events consisting of fields that describe the traffic flow. +// For more information, see Flow Log Records (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-log-records) +// in the Amazon Virtual Private Cloud User Guide. +// +// When publishing to CloudWatch Logs, flow log records are published to a log +// group, and each network interface has a unique log stream in the log group. +// When publishing to Amazon S3, flow log records for all of the monitored network +// interfaces are published to a single log file object that is stored in the +// specified bucket. // // For more information, see VPC Flow Logs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html) // in the Amazon Virtual Private Cloud User Guide. @@ -3524,10 +3531,10 @@ func (c *EC2) CreateInternetGatewayRequest(input *CreateInternetGatewayInput) (r // CreateInternetGateway API operation for Amazon Elastic Compute Cloud. // -// Creates an Internet gateway for use with a VPC. After creating the Internet +// Creates an internet gateway for use with a VPC. After creating the internet // gateway, you attach it to a VPC using AttachInternetGateway. // -// For more information about your VPC and Internet gateway, see the Amazon +// For more information about your VPC and internet gateway, see the Amazon // Virtual Private Cloud User Guide (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3925,7 +3932,7 @@ func (c *EC2) CreateNetworkAclRequest(input *CreateNetworkAclInput) (req *reques // Creates a network ACL in a VPC. Network ACLs provide an optional layer of // security (in addition to security groups) for the instances in your VPC. // -// For more information about network ACLs, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4431,9 +4438,9 @@ func (c *EC2) CreateRouteRequest(input *CreateRouteInput) (req *request.Request, // // Creates a route in a route table within a VPC. // -// You must specify one of the following targets: Internet gateway or virtual +// You must specify one of the following targets: internet gateway or virtual // private gateway, NAT instance, NAT gateway, VPC peering connection, network -// interface, or egress-only Internet gateway. +// interface, or egress-only internet gateway. // // When determining how to route traffic, we use the route with the most specific // match. For example, traffic is destined for the IPv4 address 192.0.2.3, and @@ -4525,7 +4532,7 @@ func (c *EC2) CreateRouteTableRequest(input *CreateRouteTableInput) (req *reques // Creates a route table for the specified VPC. After you create a route table, // you can add routes and associate the table with a subnet. // -// For more information about route tables, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4884,13 +4891,13 @@ func (c *EC2) CreateSubnetRequest(input *CreateSubnetInput) (req *request.Reques // // Creates a subnet in an existing VPC. // -// When you create each subnet, you provide the VPC ID and the IPv4 CIDR block -// you want for the subnet. After you create a subnet, you can't change its -// CIDR block. The size of the subnet's IPv4 CIDR block can be the same as a -// VPC's IPv4 CIDR block, or a subset of a VPC's IPv4 CIDR block. If you create -// more than one subnet in a VPC, the subnets' CIDR blocks must not overlap. -// The smallest IPv4 subnet (and VPC) you can create uses a /28 netmask (16 -// IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses). +// When you create each subnet, you provide the VPC ID and IPv4 CIDR block for +// the subnet. After you create a subnet, you can't change its CIDR block. The +// size of the subnet's IPv4 CIDR block can be the same as a VPC's IPv4 CIDR +// block, or a subset of a VPC's IPv4 CIDR block. If you create more than one +// subnet in a VPC, the subnets' CIDR blocks must not overlap. The smallest +// IPv4 subnet (and VPC) you can create uses a /28 netmask (16 IPv4 addresses), +// and the largest uses a /16 netmask (65,536 IPv4 addresses). // // If you've associated an IPv6 CIDR block with your VPC, you can create a subnet // with an IPv6 CIDR block that uses a /64 prefix length. @@ -5161,8 +5168,8 @@ func (c *EC2) CreateVpcRequest(input *CreateVpcInput) (req *request.Request, out // // Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can // create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 -// netmask (65,536 IPv4 addresses). To help you decide how big to make your -// VPC, see Your VPC and Subnets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) +// netmask (65,536 IPv4 addresses). For more information about how large to +// make your VPC, see Your VPC and Subnets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) // in the Amazon Virtual Private Cloud User Guide. // // You can optionally request an Amazon-provided IPv6 CIDR block for the VPC. @@ -5170,8 +5177,8 @@ func (c *EC2) CreateVpcRequest(input *CreateVpcInput) (req *request.Request, out // pool of IPv6 addresses. You cannot choose the IPv6 range for your VPC. // // By default, each instance you launch in the VPC has the default DHCP options, -// which includes only a default DNS server that we provide (AmazonProvidedDNS). -// For more information about DHCP options, see DHCP Options Sets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// which include only a default DNS server that we provide (AmazonProvidedDNS). +// For more information, see DHCP Options Sets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // You can specify the instance tenancy value for the VPC when you create it. @@ -5504,7 +5511,7 @@ func (c *EC2) CreateVpcPeeringConnectionRequest(input *CreateVpcPeeringConnectio // // Requests a VPC peering connection between two VPCs: a requester VPC that // you own and an accepter VPC with which to create the connection. The accepter -// VPC can belong to another AWS account and can be in a different region to +// VPC can belong to another AWS account and can be in a different Region to // the requester VPC. The requester VPC and accepter VPC cannot have overlapping // CIDR blocks. // @@ -6002,7 +6009,7 @@ func (c *EC2) DeleteEgressOnlyInternetGatewayRequest(input *DeleteEgressOnlyInte // DeleteEgressOnlyInternetGateway API operation for Amazon Elastic Compute Cloud. // -// Deletes an egress-only Internet gateway. +// Deletes an egress-only internet gateway. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6306,7 +6313,7 @@ func (c *EC2) DeleteInternetGatewayRequest(input *DeleteInternetGatewayInput) (r // DeleteInternetGateway API operation for Amazon Elastic Compute Cloud. // -// Deletes the specified Internet gateway. You must detach the Internet gateway +// Deletes the specified internet gateway. You must detach the internet gateway // from the VPC before you can delete it. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -8844,7 +8851,7 @@ func (c *EC2) DescribeClassicLinkInstancesRequest(input *DescribeClassicLinkInst // // Describes one or more of your linked EC2-Classic instances. This request // only returns information about EC2-Classic instances linked to a VPC through -// ClassicLink; you cannot use this request to return information about other +// ClassicLink. You cannot use this request to return information about other // instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -9077,7 +9084,7 @@ func (c *EC2) DescribeDhcpOptionsRequest(input *DescribeDhcpOptionsInput) (req * // // Describes one or more of your DHCP options sets. // -// For more information about DHCP options sets, see DHCP Options Sets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// For more information, see DHCP Options Sets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -9152,7 +9159,7 @@ func (c *EC2) DescribeEgressOnlyInternetGatewaysRequest(input *DescribeEgressOnl // DescribeEgressOnlyInternetGateways API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your egress-only Internet gateways. +// Describes one or more of your egress-only internet gateways. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11083,7 +11090,7 @@ func (c *EC2) DescribeInternetGatewaysRequest(input *DescribeInternetGatewaysInp // DescribeInternetGateways API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your Internet gateways. +// Describes one or more of your internet gateways. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11465,7 +11472,7 @@ func (c *EC2) DescribeNatGatewaysRequest(input *DescribeNatGatewaysInput) (req * // DescribeNatGateways API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of the your NAT gateways. +// Describes one or more of your NAT gateways. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11591,7 +11598,7 @@ func (c *EC2) DescribeNetworkAclsRequest(input *DescribeNetworkAclsInput) (req * // // Describes one or more of your network ACLs. // -// For more information about network ACLs, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -12665,7 +12672,7 @@ func (c *EC2) DescribeRouteTablesRequest(input *DescribeRouteTablesInput) (req * // with the main route table. This command does not return the subnet ID for // implicit associations. // -// For more information about route tables, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13966,7 +13973,7 @@ func (c *EC2) DescribeSubnetsRequest(input *DescribeSubnetsInput) (req *request. // // Describes one or more of your subnets. // -// For more information about subnets, see Your VPC and Subnets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) +// For more information, see Your VPC and Subnets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15702,8 +15709,8 @@ func (c *EC2) DetachInternetGatewayRequest(input *DetachInternetGatewayInput) (r // DetachInternetGateway API operation for Amazon Elastic Compute Cloud. // -// Detaches an Internet gateway from a VPC, disabling connectivity between the -// Internet and the VPC. The VPC must not contain any running instances with +// Detaches an internet gateway from a VPC, disabling connectivity between the +// internet and the VPC. The VPC must not contain any running instances with // Elastic IP addresses or public IPv4 addresses. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -16178,8 +16185,8 @@ func (c *EC2) DisableVpcClassicLinkDnsSupportRequest(input *DisableVpcClassicLin // // Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve // to public IP addresses when addressed between a linked EC2-Classic instance -// and instances in the VPC to which it's linked. For more information about -// ClassicLink, see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) +// and instances in the VPC to which it's linked. For more information, see +// ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -16807,7 +16814,7 @@ func (c *EC2) EnableVpcClassicLinkRequest(input *EnableVpcClassicLinkInput) (req // // Enables a VPC for ClassicLink. You can then link EC2-Classic instances to // your ClassicLink-enabled VPC to allow communication over private IP addresses. -// You cannot enable your VPC for ClassicLink if any of your VPC's route tables +// You cannot enable your VPC for ClassicLink if any of your VPC route tables // have existing routes for address ranges within the 10.0.0.0/8 IP address // range, excluding local routes for VPCs in the 10.0.0.0/16 and 10.1.0.0/16 // IP address ranges. For more information, see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) @@ -16889,8 +16896,8 @@ func (c *EC2) EnableVpcClassicLinkDnsSupportRequest(input *EnableVpcClassicLinkD // the DNS hostname of a linked EC2-Classic instance resolves to its private // IP address when addressed from an instance in the VPC to which it's linked. // Similarly, the DNS hostname of an instance in a VPC resolves to its private -// IP address when addressed from a linked EC2-Classic instance. For more information -// about ClassicLink, see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) +// IP address when addressed from a linked EC2-Classic instance. For more information, +// see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -16968,20 +16975,20 @@ func (c *EC2) GetConsoleOutputRequest(input *GetConsoleOutputInput) (req *reques // Gets the console output for the specified instance. For Linux instances, // the instance console output displays the exact console output that would // normally be displayed on a physical monitor attached to a computer. For Windows -// instances, the instance console output includes output from the EC2Config -// service. -// -// GetConsoleOutput returns up to 64 KB of console output shortly after it's -// generated by the instance. +// instances, the instance console output includes the last three system event +// log errors. // // By default, the console output returns buffered information that was posted // shortly after an instance transition state (start, stop, reboot, or terminate). // This information is available for at least one hour after the most recent -// post. +// post. Only the most recent 64 KB of console output is available. // // You can optionally retrieve the latest serial console output at any time -// during the instance lifecycle. This option is only supported on C5, M5, and -// i3.metal instances. +// during the instance lifecycle. This option is supported on instance types +// that use the Nitro hypervisor. +// +// For more information, see Instance Console Output (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html#instance-console-console-output) +// in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -19607,6 +19614,11 @@ func (c *EC2) ModifyVpcEndpointServicePermissionsRequest(input *ModifyVpcEndpoin // You can add or remove permissions for service consumers (IAM users, IAM roles, // and AWS accounts) to connect to your endpoint service. // +// If you grant permissions to all principals, the service is public. Any users +// who know the name of a public service can send a request to attach an endpoint. +// If the service does not require manual approval, attachments are automatically +// approved. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -19780,7 +19792,7 @@ func (c *EC2) ModifyVpcTenancyRequest(input *ModifyVpcTenancyInput) (req *reques // into the VPC have a tenancy of default, unless you specify otherwise during // launch. The tenancy of any existing instances in the VPC is not affected. // -// For more information about Dedicated Instances, see Dedicated Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html) +// For more information, see Dedicated Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -20859,7 +20871,7 @@ func (c *EC2) ReplaceNetworkAclAssociationRequest(input *ReplaceNetworkAclAssoci // // Changes which network ACL a subnet is associated with. By default when you // create a subnet, it's automatically associated with the default network ACL. -// For more information about network ACLs, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // This is an idempotent operation. @@ -20938,8 +20950,8 @@ func (c *EC2) ReplaceNetworkAclEntryRequest(input *ReplaceNetworkAclEntryInput) // ReplaceNetworkAclEntry API operation for Amazon Elastic Compute Cloud. // -// Replaces an entry (rule) in a network ACL. For more information about network -// ACLs, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// Replaces an entry (rule) in a network ACL. For more information, see Network +// ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -21017,11 +21029,11 @@ func (c *EC2) ReplaceRouteRequest(input *ReplaceRouteInput) (req *request.Reques // ReplaceRoute API operation for Amazon Elastic Compute Cloud. // // Replaces an existing route within a route table in a VPC. You must provide -// only one of the following: Internet gateway or virtual private gateway, NAT +// only one of the following: internet gateway or virtual private gateway, NAT // instance, NAT gateway, VPC peering connection, network interface, or egress-only -// Internet gateway. +// internet gateway. // -// For more information about route tables, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -24151,7 +24163,8 @@ func (s *AssociateRouteTableInput) SetSubnetId(v string) *AssociateRouteTableInp type AssociateRouteTableOutput struct { _ struct{} `type:"structure"` - // The route table association ID (needed to disassociate the route table). + // The route table association ID. This ID is required for disassociating the + // route table. AssociationId *string `locationName:"associationId" type:"string"` } @@ -24468,7 +24481,7 @@ type AttachInternetGatewayInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The ID of the Internet gateway. + // The ID of the internet gateway. // // InternetGatewayId is a required field InternetGatewayId *string `locationName:"internetGatewayId" type:"string" required:"true"` @@ -27588,8 +27601,8 @@ func (s *CreateDhcpOptionsOutput) SetDhcpOptions(v *DhcpOptions) *CreateDhcpOpti type CreateEgressOnlyInternetGatewayInput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -27598,7 +27611,7 @@ type CreateEgressOnlyInternetGatewayInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the VPC for which to create the egress-only Internet gateway. + // The ID of the VPC for which to create the egress-only internet gateway. // // VpcId is a required field VpcId *string `type:"string" required:"true"` @@ -27648,11 +27661,11 @@ func (s *CreateEgressOnlyInternetGatewayInput) SetVpcId(v string) *CreateEgressO type CreateEgressOnlyInternetGatewayOutput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. ClientToken *string `locationName:"clientToken" type:"string"` - // Information about the egress-only Internet gateway. + // Information about the egress-only internet gateway. EgressOnlyInternetGateway *EgressOnlyInternetGateway `locationName:"egressOnlyInternetGateway" type:"structure"` } @@ -27892,20 +27905,44 @@ func (s *CreateFleetOutput) SetFleetId(v string) *CreateFleetOutput { type CreateFlowLogsInput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` - // The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs - // log group. + // The ARN for the IAM role that's used to post flow logs to a log group. + DeliverLogsPermissionArn *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Specifies the destination to which the flow log data is to be published. + // Flow log data can be published to an CloudWatch Logs log group or an Amazon + // S3 bucket. The value specified for this parameter depends on the value specified + // for LogDestinationType. // - // DeliverLogsPermissionArn is a required field - DeliverLogsPermissionArn *string `type:"string" required:"true"` + // If LogDestinationType is not specified or cloud-watch-logs, specify the Amazon + // Resource Name (ARN) of the CloudWatch Logs log group. + // + // If LogDestinationType is s3, specify the ARN of the Amazon S3 bucket. You + // can also specify a subfolder in the bucket. To specify a subfolder in the + // bucket, use the following ARN format: bucket_ARN/subfolder_name/. For example, + // to specify a subfolder named my-logs in a bucket named my-bucket, use the + // following ARN: arn:aws:s3:::my-bucket/my-logs/. + LogDestination *string `type:"string"` - // The name of the CloudWatch log group. + // Specifies the type of destination to which the flow log data is to be published. + // Flow log data can be published to CloudWatch Logs or Amazon S3. To publish + // flow log data to CloudWatch Logs, specify cloud-watch-logs. To publish flow + // log data to Amazon S3, specify s3. // - // LogGroupName is a required field - LogGroupName *string `type:"string" required:"true"` + // Default: cloud-watch-logs + LogDestinationType *string `type:"string" enum:"LogDestinationType"` + + // The name of the log group. + LogGroupName *string `type:"string"` // One or more subnet, network interface, or VPC IDs. // @@ -27938,12 +27975,6 @@ func (s CreateFlowLogsInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateFlowLogsInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateFlowLogsInput"} - if s.DeliverLogsPermissionArn == nil { - invalidParams.Add(request.NewErrParamRequired("DeliverLogsPermissionArn")) - } - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } if s.ResourceIds == nil { invalidParams.Add(request.NewErrParamRequired("ResourceIds")) } @@ -27972,6 +28003,24 @@ func (s *CreateFlowLogsInput) SetDeliverLogsPermissionArn(v string) *CreateFlowL return s } +// SetDryRun sets the DryRun field's value. +func (s *CreateFlowLogsInput) SetDryRun(v bool) *CreateFlowLogsInput { + s.DryRun = &v + return s +} + +// SetLogDestination sets the LogDestination field's value. +func (s *CreateFlowLogsInput) SetLogDestination(v string) *CreateFlowLogsInput { + s.LogDestination = &v + return s +} + +// SetLogDestinationType sets the LogDestinationType field's value. +func (s *CreateFlowLogsInput) SetLogDestinationType(v string) *CreateFlowLogsInput { + s.LogDestinationType = &v + return s +} + // SetLogGroupName sets the LogGroupName field's value. func (s *CreateFlowLogsInput) SetLogGroupName(v string) *CreateFlowLogsInput { s.LogGroupName = &v @@ -28000,8 +28049,8 @@ func (s *CreateFlowLogsInput) SetTrafficType(v string) *CreateFlowLogsInput { type CreateFlowLogsOutput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. ClientToken *string `locationName:"clientToken" type:"string"` // The IDs of the flow logs. @@ -28404,7 +28453,7 @@ func (s *CreateInternetGatewayInput) SetDryRun(v bool) *CreateInternetGatewayInp type CreateInternetGatewayOutput struct { _ struct{} `type:"structure"` - // Information about the Internet gateway. + // Information about the internet gateway. InternetGateway *InternetGateway `locationName:"internetGateway" type:"structure"` } @@ -28775,8 +28824,8 @@ type CreateNatGatewayInput struct { // AllocationId is a required field AllocationId *string `type:"string" required:"true"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // Constraint: Maximum 64 ASCII characters. ClientToken *string `type:"string"` @@ -28901,11 +28950,11 @@ type CreateNetworkAclEntryInput struct { // The protocol. A value of -1 or all means all protocols. If you specify all, // -1, or a protocol number other than 6 (tcp), 17 (udp), or 1 (icmp), traffic - // on all ports is allowed, regardless of any ports or ICMP types or codes you - // specify. If you specify protocol 58 (ICMPv6) and specify an IPv4 CIDR block, - // traffic for all ICMP types and codes allowed, regardless of any that you - // specify. If you specify protocol 58 (ICMPv6) and specify an IPv6 CIDR block, - // you must specify an ICMP type and code. + // on all ports is allowed, regardless of any ports or ICMP types or codes that + // you specify. If you specify protocol 58 (ICMPv6) and specify an IPv4 CIDR + // block, traffic for all ICMP types and codes allowed, regardless of any that + // you specify. If you specify protocol 58 (ICMPv6) and specify an IPv6 CIDR + // block, you must specify an ICMP type and code. // // Protocol is a required field Protocol *string `locationName:"protocol" type:"string" required:"true"` @@ -29582,10 +29631,10 @@ type CreateRouteInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // [IPv6 traffic only] The ID of an egress-only Internet gateway. + // [IPv6 traffic only] The ID of an egress-only internet gateway. EgressOnlyInternetGatewayId *string `locationName:"egressOnlyInternetGatewayId" type:"string"` - // The ID of an Internet gateway or virtual private gateway attached to your + // The ID of an internet gateway or virtual private gateway attached to your // VPC. GatewayId *string `locationName:"gatewayId" type:"string"` @@ -31641,7 +31690,7 @@ type DeleteEgressOnlyInternetGatewayInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the egress-only Internet gateway. + // The ID of the egress-only internet gateway. // // EgressOnlyInternetGatewayId is a required field EgressOnlyInternetGatewayId *string `type:"string" required:"true"` @@ -31914,6 +31963,12 @@ func (s *DeleteFleetsOutput) SetUnsuccessfulFleetDeletions(v []*DeleteFleetError type DeleteFlowLogsInput struct { _ struct{} `type:"structure"` + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + // One or more flow log IDs. // // FlowLogIds is a required field @@ -31943,6 +31998,12 @@ func (s *DeleteFlowLogsInput) Validate() error { return nil } +// SetDryRun sets the DryRun field's value. +func (s *DeleteFlowLogsInput) SetDryRun(v bool) *DeleteFlowLogsInput { + s.DryRun = &v + return s +} + // SetFlowLogIds sets the FlowLogIds field's value. func (s *DeleteFlowLogsInput) SetFlowLogIds(v []*string) *DeleteFlowLogsInput { s.FlowLogIds = v @@ -32056,7 +32117,7 @@ type DeleteInternetGatewayInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The ID of the Internet gateway. + // The ID of the internet gateway. // // InternetGatewayId is a required field InternetGatewayId *string `locationName:"internetGatewayId" type:"string" required:"true"` @@ -34473,7 +34534,9 @@ type DescribeClassicLinkInstancesInput struct { // to find all resources assigned a tag with a specific key, regardless of // the tag value. // - // * vpc-id - The ID of the VPC that the instance is linked to. + // * vpc-id - The ID of the VPC to which the instance is linked. + // + // vpc-id - The ID of the VPC that the instance is linked to. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // One or more instance IDs. Must be instances linked to a VPC through ClassicLink. @@ -34482,7 +34545,7 @@ type DescribeClassicLinkInstancesInput struct { // The maximum number of results to return for the request in a single page. // The remaining results of the initial request can be seen by sending another // request with the returned NextToken value. This value can be between 5 and - // 1000; if MaxResults is given a value larger than 1000, only 1000 results + // 1000. If MaxResults is given a value larger than 1000, only 1000 results // are returned. You cannot specify this parameter and the instance IDs parameter // in the same request. // @@ -34818,12 +34881,12 @@ type DescribeEgressOnlyInternetGatewaysInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more egress-only Internet gateway IDs. + // One or more egress-only internet gateway IDs. EgressOnlyInternetGatewayIds []*string `locationName:"EgressOnlyInternetGatewayId" locationNameList:"item" type:"list"` // The maximum number of results to return for the request in a single page. // The remaining results can be seen by sending another request with the returned - // NextToken value. This value can be between 5 and 1000; if MaxResults is given + // NextToken value. This value can be between 5 and 1000. If MaxResults is given // a value larger than 1000, only 1000 results are returned. MaxResults *int64 `type:"integer"` @@ -34868,7 +34931,7 @@ func (s *DescribeEgressOnlyInternetGatewaysInput) SetNextToken(v string) *Descri type DescribeEgressOnlyInternetGatewaysOutput struct { _ struct{} `type:"structure"` - // Information about the egress-only Internet gateways. + // Information about the egress-only internet gateways. EgressOnlyInternetGateways []*EgressOnlyInternetGateway `locationName:"egressOnlyInternetGatewaySet" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. @@ -35456,17 +35519,27 @@ func (s *DescribeFleetsOutput) SetNextToken(v string) *DescribeFleetsOutput { type DescribeFlowLogsInput struct { _ struct{} `type:"structure"` + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + // One or more filters. // // * deliver-log-status - The status of the logs delivery (SUCCESS | FAILED). // + // * log-destination-type - The type of destination to which the flow log + // publishes data. Possible destination types include cloud-watch-logs and + // S3. + // // * flow-log-id - The ID of the flow log. // // * log-group-name - The name of the log group. // // * resource-id - The ID of the VPC, subnet, or network interface. // - // * traffic-type - The type of traffic (ACCEPT | REJECT | ALL) + // * traffic-type - The type of traffic (ACCEPT | REJECT | ALL). Filter []*Filter `locationNameList:"Filter" type:"list"` // One or more flow log IDs. @@ -35474,7 +35547,7 @@ type DescribeFlowLogsInput struct { // The maximum number of results to return for the request in a single page. // The remaining results can be seen by sending another request with the returned - // NextToken value. This value can be between 5 and 1000; if MaxResults is given + // NextToken value. This value can be between 5 and 1000. If MaxResults is given // a value larger than 1000, only 1000 results are returned. You cannot specify // this parameter and the flow log IDs parameter in the same request. MaxResults *int64 `type:"integer"` @@ -35493,6 +35566,12 @@ func (s DescribeFlowLogsInput) GoString() string { return s.String() } +// SetDryRun sets the DryRun field's value. +func (s *DescribeFlowLogsInput) SetDryRun(v bool) *DescribeFlowLogsInput { + s.DryRun = &v + return s +} + // SetFilter sets the Filter field's value. func (s *DescribeFlowLogsInput) SetFilter(v []*Filter) *DescribeFlowLogsInput { s.Filter = v @@ -37710,9 +37789,9 @@ type DescribeInternetGatewaysInput struct { // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more Internet gateway IDs. + // One or more internet gateway IDs. // - // Default: Describes all your Internet gateways. + // Default: Describes all your internet gateways. InternetGatewayIds []*string `locationName:"internetGatewayId" locationNameList:"item" type:"list"` } @@ -37748,7 +37827,7 @@ func (s *DescribeInternetGatewaysInput) SetInternetGatewayIds(v []*string) *Desc type DescribeInternetGatewaysOutput struct { _ struct{} `type:"structure"` - // Information about one or more Internet gateways. + // Information about one or more internet gateways. InternetGateways []*InternetGateway `locationName:"internetGatewaySet" locationNameList:"item" type:"list"` } @@ -41797,7 +41876,9 @@ type DescribeVolumeAttributeInput struct { _ struct{} `type:"structure"` // The attribute of the volume. This parameter is required. - Attribute *string `type:"string" enum:"VolumeAttributeName"` + // + // Attribute is a required field + Attribute *string `type:"string" required:"true" enum:"VolumeAttributeName"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -41824,6 +41905,9 @@ func (s DescribeVolumeAttributeInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *DescribeVolumeAttributeInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DescribeVolumeAttributeInput"} + if s.Attribute == nil { + invalidParams.Add(request.NewErrParamRequired("Attribute")) + } if s.VolumeId == nil { invalidParams.Add(request.NewErrParamRequired("VolumeId")) } @@ -43751,7 +43835,7 @@ type DetachInternetGatewayInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The ID of the Internet gateway. + // The ID of the internet gateway. // // InternetGatewayId is a required field InternetGatewayId *string `locationName:"internetGatewayId" type:"string" required:"true"` @@ -45112,14 +45196,14 @@ func (s *EbsInstanceBlockDeviceSpecification) SetVolumeId(v string) *EbsInstance return s } -// Describes an egress-only Internet gateway. +// Describes an egress-only internet gateway. type EgressOnlyInternetGateway struct { _ struct{} `type:"structure"` - // Information about the attachment of the egress-only Internet gateway. + // Information about the attachment of the egress-only internet gateway. Attachments []*InternetGatewayAttachment `locationName:"attachmentSet" locationNameList:"item" type:"list"` - // The ID of the egress-only Internet gateway. + // The ID of the egress-only internet gateway. EgressOnlyInternetGatewayId *string `locationName:"egressOnlyInternetGatewayId" type:"string"` } @@ -46499,11 +46583,11 @@ type FlowLog struct { CreationTime *time.Time `locationName:"creationTime" type:"timestamp"` // Information about the error that occurred. Rate limited indicates that CloudWatch - // logs throttling has been applied for one or more network interfaces, or that - // you've reached the limit on the number of CloudWatch Logs log groups that - // you can create. Access error indicates that the IAM role associated with - // the flow log does not have sufficient permissions to publish to CloudWatch - // Logs. Unknown error indicates an internal error. + // Logs throttling has been applied for one or more network interfaces, or that + // you've reached the limit on the number of log groups that you can create. + // Access error indicates that the IAM role associated with the flow log does + // not have sufficient permissions to publish to CloudWatch Logs. Unknown error + // indicates an internal error. DeliverLogsErrorMessage *string `locationName:"deliverLogsErrorMessage" type:"string"` // The ARN of the IAM role that posts logs to CloudWatch Logs. @@ -46518,6 +46602,18 @@ type FlowLog struct { // The status of the flow log (ACTIVE). FlowLogStatus *string `locationName:"flowLogStatus" type:"string"` + // Specifies the destination to which the flow log data is published. Flow log + // data can be published to an CloudWatch Logs log group or an Amazon S3 bucket. + // If the flow log publishes to CloudWatch Logs, this element indicates the + // Amazon Resource Name (ARN) of the CloudWatch Logs log group to which the + // data is published. If the flow log publishes to Amazon S3, this element indicates + // the ARN of the Amazon S3 bucket to which the data is published. + LogDestination *string `locationName:"logDestination" type:"string"` + + // Specifies the type of destination to which the flow log data is published. + // Flow log data can be published to CloudWatch Logs or Amazon S3. + LogDestinationType *string `locationName:"logDestinationType" type:"string" enum:"LogDestinationType"` + // The name of the flow log group. LogGroupName *string `locationName:"logGroupName" type:"string"` @@ -46574,6 +46670,18 @@ func (s *FlowLog) SetFlowLogStatus(v string) *FlowLog { return s } +// SetLogDestination sets the LogDestination field's value. +func (s *FlowLog) SetLogDestination(v string) *FlowLog { + s.LogDestination = &v + return s +} + +// SetLogDestinationType sets the LogDestinationType field's value. +func (s *FlowLog) SetLogDestinationType(v string) *FlowLog { + s.LogDestinationType = &v + return s +} + // SetLogGroupName sets the LogGroupName field's value. func (s *FlowLog) SetLogGroupName(v string) *FlowLog { s.LogGroupName = &v @@ -51222,17 +51330,17 @@ func (s *InstanceStatusSummary) SetStatus(v string) *InstanceStatusSummary { return s } -// Describes an Internet gateway. +// Describes an internet gateway. type InternetGateway struct { _ struct{} `type:"structure"` - // Any VPCs attached to the Internet gateway. + // Any VPCs attached to the internet gateway. Attachments []*InternetGatewayAttachment `locationName:"attachmentSet" locationNameList:"item" type:"list"` - // The ID of the Internet gateway. + // The ID of the internet gateway. InternetGatewayId *string `locationName:"internetGatewayId" type:"string"` - // Any tags assigned to the Internet gateway. + // Any tags assigned to the internet gateway. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -51264,12 +51372,12 @@ func (s *InternetGateway) SetTags(v []*Tag) *InternetGateway { return s } -// Describes the attachment of a VPC to an Internet gateway or an egress-only -// Internet gateway. +// Describes the attachment of a VPC to an internet gateway or an egress-only +// internet gateway. type InternetGatewayAttachment struct { _ struct{} `type:"structure"` - // The current state of the attachment. For an Internet gateway, the state is + // The current state of the attachment. For an internet gateway, the state is // available when attached to a VPC; otherwise, this value is not returned. State *string `locationName:"state" type:"string" enum:"AttachmentStatus"` @@ -55209,8 +55317,8 @@ type ModifyVpcAttributeInput struct { // Indicates whether the DNS resolution is supported for the VPC. If enabled, // queries to the Amazon provided DNS server at the 169.254.169.253 IP address, // or the reserved IP address at the base of the VPC network range "plus two" - // will succeed. If disabled, the Amazon provided DNS service in the VPC that - // resolves public DNS hostnames to IP addresses is not enabled. + // succeed. If disabled, the Amazon provided DNS service in the VPC that resolves + // public DNS hostnames to IP addresses is not enabled. // // You cannot modify the DNS resolution and DNS hostnames attributes in the // same request. Use separate requests for each attribute. @@ -55634,8 +55742,9 @@ func (s *ModifyVpcEndpointServiceConfigurationOutput) SetReturn(v bool) *ModifyV type ModifyVpcEndpointServicePermissionsInput struct { _ struct{} `type:"structure"` - // One or more Amazon Resource Names (ARNs) of principals for which to allow - // permission. Specify * to allow all principals. + // The Amazon Resource Names (ARN) of one or more principals. Permissions are + // granted to the principals in this list. To grant permissions to all principals, + // specify an asterisk (*). AddAllowedPrincipals []*string `locationNameList:"item" type:"list"` // Checks whether you have the required permissions for the action, without @@ -55644,8 +55753,8 @@ type ModifyVpcEndpointServicePermissionsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more Amazon Resource Names (ARNs) of principals for which to remove - // permission. + // The Amazon Resource Names (ARN) of one or more principals. Permissions are + // revoked for principals in this list. RemoveAllowedPrincipals []*string `locationNameList:"item" type:"list"` // The ID of the service. @@ -57325,7 +57434,7 @@ type Placement struct { // The Availability Zone of the instance. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` - // The name of the placement group the instance is in (for cluster compute instances). + // The name of the placement group the instance is in. GroupName *string `locationName:"groupName" type:"string"` // The ID of the Dedicated Host on which the instance resides. This parameter @@ -57784,7 +57893,7 @@ func (s *ProductCode) SetProductCodeType(v string) *ProductCode { type PropagatingVgw struct { _ struct{} `type:"structure"` - // The ID of the virtual private gateway (VGW). + // The ID of the virtual private gateway. GatewayId *string `locationName:"gatewayId" type:"string"` } @@ -59190,10 +59299,10 @@ type ReplaceNetworkAclEntryInput struct { // The IP protocol. You can specify all or -1 to mean all protocols. If you // specify all, -1, or a protocol number other than tcp, udp, or icmp, traffic // on all ports is allowed, regardless of any ports or ICMP types or codes you - // specify. If you specify protocol 58 (ICMPv6) and specify an IPv4 CIDR block, - // traffic for all ICMP types and codes allowed, regardless of any that you - // specify. If you specify protocol 58 (ICMPv6) and specify an IPv6 CIDR block, - // you must specify an ICMP type and code. + // that specify. If you specify protocol 58 (ICMPv6) and specify an IPv4 CIDR + // block, traffic for all ICMP types and codes allowed, regardless of any that + // you specify. If you specify protocol 58 (ICMPv6) and specify an IPv6 CIDR + // block, you must specify an ICMP type and code. // // Protocol is a required field Protocol *string `locationName:"protocol" type:"string" required:"true"` @@ -59322,12 +59431,12 @@ func (s ReplaceNetworkAclEntryOutput) GoString() string { type ReplaceRouteInput struct { _ struct{} `type:"structure"` - // The IPv4 CIDR address block used for the destination match. The value you - // provide must match the CIDR of an existing route in the table. + // The IPv4 CIDR address block used for the destination match. The value that + // you provide must match the CIDR of an existing route in the table. DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` - // The IPv6 CIDR address block used for the destination match. The value you - // provide must match the CIDR of an existing route in the table. + // The IPv6 CIDR address block used for the destination match. The value that + // you provide must match the CIDR of an existing route in the table. DestinationIpv6CidrBlock *string `locationName:"destinationIpv6CidrBlock" type:"string"` // Checks whether you have the required permissions for the action, without @@ -59336,10 +59445,10 @@ type ReplaceRouteInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // [IPv6 traffic only] The ID of an egress-only Internet gateway. + // [IPv6 traffic only] The ID of an egress-only internet gateway. EgressOnlyInternetGatewayId *string `locationName:"egressOnlyInternetGatewayId" type:"string"` - // The ID of an Internet gateway or virtual private gateway. + // The ID of an internet gateway or virtual private gateway. GatewayId *string `locationName:"gatewayId" type:"string"` // The ID of a NAT instance in your VPC. @@ -62279,7 +62388,7 @@ type Route struct { // The prefix of the AWS service. DestinationPrefixListId *string `locationName:"destinationPrefixListId" type:"string"` - // The ID of the egress-only Internet gateway. + // The ID of the egress-only internet gateway. EgressOnlyInternetGatewayId *string `locationName:"egressOnlyInternetGatewayId" type:"string"` // The ID of a gateway attached to your VPC. @@ -66715,8 +66824,8 @@ type Subnet struct { // The Availability Zone of the subnet. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` - // The number of unused private IPv4 addresses in the subnet. Note that the - // IPv4 addresses for any stopped instances are considered unavailable. + // The number of unused private IPv4 addresses in the subnet. The IPv4 addresses + // for any stopped instances are considered unavailable. AvailableIpAddressCount *int64 `locationName:"availableIpAddressCount" type:"integer"` // The IPv4 CIDR block assigned to the subnet. @@ -70610,6 +70719,27 @@ const ( // InstanceTypeT22xlarge is a InstanceType enum value InstanceTypeT22xlarge = "t2.2xlarge" + // InstanceTypeT3Nano is a InstanceType enum value + InstanceTypeT3Nano = "t3.nano" + + // InstanceTypeT3Micro is a InstanceType enum value + InstanceTypeT3Micro = "t3.micro" + + // InstanceTypeT3Small is a InstanceType enum value + InstanceTypeT3Small = "t3.small" + + // InstanceTypeT3Medium is a InstanceType enum value + InstanceTypeT3Medium = "t3.medium" + + // InstanceTypeT3Large is a InstanceType enum value + InstanceTypeT3Large = "t3.large" + + // InstanceTypeT3Xlarge is a InstanceType enum value + InstanceTypeT3Xlarge = "t3.xlarge" + + // InstanceTypeT32xlarge is a InstanceType enum value + InstanceTypeT32xlarge = "t3.2xlarge" + // InstanceTypeM1Small is a InstanceType enum value InstanceTypeM1Small = "m1.small" @@ -71070,6 +71200,14 @@ const ( ) const ( + // LogDestinationTypeCloudWatchLogs is a LogDestinationType enum value + LogDestinationTypeCloudWatchLogs = "cloud-watch-logs" + + // LogDestinationTypeS3 is a LogDestinationType enum value + LogDestinationTypeS3 = "s3" +) + +const ( // MarketTypeSpot is a MarketType enum value MarketTypeSpot = "spot" ) diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go b/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go index e6cb90eb..85f12a98 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go @@ -356,8 +356,8 @@ func (c *SSM) CreateAssociationRequest(input *CreateAssociationInput) (req *requ // or targets. // // When you associate a document with one or more instances using instance IDs -// or tags, the SSM Agent running on the instance processes the document and -// configures the instance as specified. +// or tags, SSM Agent running on the instance processes the document and configures +// the instance as specified. // // If you associate a document with an instance that already has an associated // document, the system throws the AssociationAlreadyExists exception. @@ -489,8 +489,8 @@ func (c *SSM) CreateAssociationBatchRequest(input *CreateAssociationBatchInput) // or targets. // // When you associate a document with one or more instances using instance IDs -// or tags, the SSM Agent running on the instance processes the document and -// configures the instance as specified. +// or tags, SSM Agent running on the instance processes the document and configures +// the instance as specified. // // If you associate a document with an instance that already has an associated // document, the system throws the AssociationAlreadyExists exception. @@ -5187,12 +5187,19 @@ func (c *SSM) GetInventoryRequest(input *GetInventoryInput) (req *request.Reques // The filter name is not valid. Verify the you entered the correct name and // try again. // +// * ErrCodeInvalidInventoryGroupException "InvalidInventoryGroupException" +// The specified inventory group is not valid. +// // * ErrCodeInvalidNextToken "InvalidNextToken" // The specified token is not valid. // // * ErrCodeInvalidTypeNameException "InvalidTypeNameException" // The parameter type name is not valid. // +// * ErrCodeInvalidAggregatorException "InvalidAggregatorException" +// The specified aggregator is not valid for inventory groups. Verify that the +// aggregator uses a valid inventory type such as AWS:Application or AWS:InstanceInformation. +// // * ErrCodeInvalidResultAttributeException "InvalidResultAttributeException" // The specified inventory item result attribute is not valid. // @@ -6431,6 +6438,36 @@ func (c *SSM) LabelParameterVersionRequest(input *LabelParameterVersionInput) (r // LabelParameterVersion API operation for Amazon Simple Systems Manager (SSM). // +// A parameter label is a user-defined alias to help you manage different versions +// of a parameter. When you modify a parameter, Systems Manager automatically +// saves a new version and increments the version number by one. A label can +// help you remember the purpose of a parameter when there are multiple versions. +// +// Parameter labels have the following requirements and restrictions. +// +// * A version of a parameter can have a maximum of 10 labels. +// +// * You can't attach the same label to different versions of the same parameter. +// For example, if version 1 has the label Production, then you can't attach +// Production to version 2. +// +// * You can move a label from one version of a parameter to another. +// +// * You can't create a label when you create a new parameter. You must attach +// a label to a specific version of a parameter. +// +// * You can't delete a parameter label. If you no longer want to use a parameter +// label, then you must move it to a different version of a parameter. +// +// * A label can have a maximum of 100 characters. +// +// * Labels can contain letters (case sensitive), numbers, periods (.), hyphens +// (-), or underscores (_). +// +// * Labels can't begin with a number, "aws," or "ssm" (not case sensitive). +// If a label fails to meet these requirements, then the label is not associated +// with a parameter and the system displays it in the list of InvalidLabels. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -6454,6 +6491,7 @@ func (c *SSM) LabelParameterVersionRequest(input *LabelParameterVersionInput) (r // and version, and try again. // // * ErrCodeParameterVersionLabelLimitExceeded "ParameterVersionLabelLimitExceeded" +// A parameter version can have a maximum of ten labels. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/LabelParameterVersion func (c *SSM) LabelParameterVersion(input *LabelParameterVersionInput) (*LabelParameterVersionOutput, error) { @@ -11302,6 +11340,9 @@ type AutomationExecution struct { // The target of the execution. Target *string `type:"string"` + // The specified key-value mapping of document parameters to target resources. + TargetMaps []map[string][]*string `type:"list"` + // The parameter name. TargetParameterName *string `min:"1" type:"string"` @@ -11439,6 +11480,12 @@ func (s *AutomationExecution) SetTarget(v string) *AutomationExecution { return s } +// SetTargetMaps sets the TargetMaps field's value. +func (s *AutomationExecution) SetTargetMaps(v []map[string][]*string) *AutomationExecution { + s.TargetMaps = v + return s +} + // SetTargetParameterName sets the TargetParameterName field's value. func (s *AutomationExecution) SetTargetParameterName(v string) *AutomationExecution { s.TargetParameterName = &v @@ -11571,6 +11618,9 @@ type AutomationExecutionMetadata struct { // The list of execution outputs as defined in the Automation document. Target *string `type:"string"` + // The specified key-value mapping of document parameters to target resources. + TargetMaps []map[string][]*string `type:"list"` + // The list of execution outputs as defined in the Automation document. TargetParameterName *string `min:"1" type:"string"` @@ -11696,6 +11746,12 @@ func (s *AutomationExecutionMetadata) SetTarget(v string) *AutomationExecutionMe return s } +// SetTargetMaps sets the TargetMaps field's value. +func (s *AutomationExecutionMetadata) SetTargetMaps(v []map[string][]*string) *AutomationExecutionMetadata { + s.TargetMaps = v + return s +} + // SetTargetParameterName sets the TargetParameterName field's value. func (s *AutomationExecutionMetadata) SetTargetParameterName(v string) *AutomationExecutionMetadata { s.TargetParameterName = &v @@ -21819,6 +21875,11 @@ type InventoryAggregator struct { // The inventory type and attribute name for aggregation. Expression *string `min:"1" type:"string"` + + // A user-defined set of one or more filters on which to aggregate inventory + // data. Groups return a count of resources that match and don't match the specified + // criteria. + Groups []*InventoryGroup `min:"1" type:"list"` } // String returns the string representation @@ -21840,6 +21901,9 @@ func (s *InventoryAggregator) Validate() error { if s.Expression != nil && len(*s.Expression) < 1 { invalidParams.Add(request.NewErrParamMinLen("Expression", 1)) } + if s.Groups != nil && len(s.Groups) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Groups", 1)) + } if s.Aggregators != nil { for i, v := range s.Aggregators { if v == nil { @@ -21850,6 +21914,16 @@ func (s *InventoryAggregator) Validate() error { } } } + if s.Groups != nil { + for i, v := range s.Groups { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Groups", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -21869,6 +21943,12 @@ func (s *InventoryAggregator) SetExpression(v string) *InventoryAggregator { return s } +// SetGroups sets the Groups field's value. +func (s *InventoryAggregator) SetGroups(v []*InventoryGroup) *InventoryAggregator { + s.Groups = v + return s +} + // Status information returned by the DeleteInventory action. type InventoryDeletionStatusItem struct { _ struct{} `type:"structure"` @@ -22105,6 +22185,79 @@ func (s *InventoryFilter) SetValues(v []*string) *InventoryFilter { return s } +// A user-defined set of one or more filters on which to aggregate inventory +// data. Groups return a count of resources that match and don't match the specified +// criteria. +type InventoryGroup struct { + _ struct{} `type:"structure"` + + // Filters define the criteria for the group. The matchingCount field displays + // the number of resources that match the criteria. The notMatchingCount field + // displays the number of resources that don't match the criteria. + // + // Filters is a required field + Filters []*InventoryFilter `min:"1" type:"list" required:"true"` + + // The name of the group. + // + // Name is a required field + Name *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s InventoryGroup) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InventoryGroup) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *InventoryGroup) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "InventoryGroup"} + if s.Filters == nil { + invalidParams.Add(request.NewErrParamRequired("Filters")) + } + if s.Filters != nil && len(s.Filters) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Filters", 1)) + } + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilters sets the Filters field's value. +func (s *InventoryGroup) SetFilters(v []*InventoryFilter) *InventoryGroup { + s.Filters = v + return s +} + +// SetName sets the Name field's value. +func (s *InventoryGroup) SetName(v string) *InventoryGroup { + s.Name = &v + return s +} + // Information collected from managed instances based on your inventory policy // document type InventoryItem struct { @@ -22418,12 +22571,19 @@ func (s *InventoryResultItem) SetTypeName(v string) *InventoryResultItem { type LabelParameterVersionInput struct { _ struct{} `type:"structure"` + // One or more labels to attach to the specified parameter version. + // // Labels is a required field Labels []*string `min:"1" type:"list" required:"true"` + // The parameter name on which you want to attach one or more labels. + // // Name is a required field Name *string `min:"1" type:"string" required:"true"` + // The specific version of the parameter on which you want to attach one or + // more labels. If no version is specified, the system attaches the label to + // the latest version.) ParameterVersion *int64 `type:"long"` } @@ -22480,6 +22640,9 @@ func (s *LabelParameterVersionInput) SetParameterVersion(v int64) *LabelParamete type LabelParameterVersionOutput struct { _ struct{} `type:"structure"` + // The label does not meet the requirements. For information about parameter + // label requirements, see Labeling Parameters (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-labels.html) + // in the AWS Systems Manager User Guide. InvalidLabels []*string `min:"1" type:"list"` } @@ -27514,10 +27677,20 @@ type RegisterTaskWithMaintenanceWindowInput struct { // order with tasks that have the same priority scheduled in parallel. Priority *int64 `type:"integer"` - // The role that should be assumed when executing the task. + // The role to assume when running the Maintenance Window task. + // + // If you do not specify a service role ARN, Systems Manager will use your account's + // service-linked role for Systems Manager by default. If no service-linked + // role for Systems Manager exists in your account, it will be created when + // you run RegisterTaskWithMaintenanceWindow without specifying a service role + // ARN. // - // ServiceRoleArn is a required field - ServiceRoleArn *string `type:"string" required:"true"` + // For more information, see Service-Linked Role Permissions for Systems Manager + // (http://docs.aws.amazon.com/systems-manager/latest/userguide/using-service-linked-roles.html#slr-permissions) + // and Should I Use a Service-Linked Role or a Custom Service Role to Run Maintenance + // Window Tasks? (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html#maintenance-window-tasks-service-role) + // in the AWS Systems Manager User Guide. + ServiceRoleArn *string `type:"string"` // The targets (either instances or Maintenance Window targets). // @@ -27594,9 +27767,6 @@ func (s *RegisterTaskWithMaintenanceWindowInput) Validate() error { if s.Name != nil && len(*s.Name) < 3 { invalidParams.Add(request.NewErrParamMinLen("Name", 3)) } - if s.ServiceRoleArn == nil { - invalidParams.Add(request.NewErrParamRequired("ServiceRoleArn")) - } if s.Targets == nil { invalidParams.Add(request.NewErrParamRequired("Targets")) } @@ -28813,6 +28983,10 @@ type StartAutomationExecutionInput struct { // in the Automation document. Parameters map[string][]*string `min:"1" type:"map"` + // A key-value mapping of document parameters to target resources. Both Targets + // and TargetMaps cannot be specified together. + TargetMaps []map[string][]*string `type:"list"` + // The name of the parameter used as the target resource for the rate-controlled // execution. Required if you specify Targets. TargetParameterName *string `min:"1" type:"string"` @@ -28911,6 +29085,12 @@ func (s *StartAutomationExecutionInput) SetParameters(v map[string][]*string) *S return s } +// SetTargetMaps sets the TargetMaps field's value. +func (s *StartAutomationExecutionInput) SetTargetMaps(v []map[string][]*string) *StartAutomationExecutionInput { + s.TargetMaps = v + return s +} + // SetTargetParameterName sets the TargetParameterName field's value. func (s *StartAutomationExecutionInput) SetTargetParameterName(v string) *StartAutomationExecutionInput { s.TargetParameterName = &v @@ -30271,6 +30451,18 @@ type UpdateMaintenanceWindowTaskInput struct { // The IAM service role ARN to modify. The system assumes this role during task // execution. + // + // If you do not specify a service role ARN, Systems Manager will use your account's + // service-linked role for Systems Manager by default. If no service-linked + // role for Systems Manager exists in your account, it will be created when + // you run RegisterTaskWithMaintenanceWindow without specifying a service role + // ARN. + // + // For more information, see Service-Linked Role Permissions for Systems Manager + // (http://docs.aws.amazon.com/systems-manager/latest/userguide/using-service-linked-roles.html#slr-permissions) + // and Should I Use a Service-Linked Role or a Custom Service Role to Run Maintenance + // Window Tasks? (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html#maintenance-window-tasks-service-role) + // in the AWS Systems Manager User Guide. ServiceRoleArn *string `type:"string"` // The targets (either instances or tags) to modify. Instances are specified @@ -31100,6 +31292,12 @@ const ( // CommandFilterKeyStatus is a CommandFilterKey enum value CommandFilterKeyStatus = "Status" + + // CommandFilterKeyExecutionStage is a CommandFilterKey enum value + CommandFilterKeyExecutionStage = "ExecutionStage" + + // CommandFilterKeyDocumentName is a CommandFilterKey enum value + CommandFilterKeyDocumentName = "DocumentName" ) const ( @@ -31385,6 +31583,9 @@ const ( // InventoryQueryOperatorTypeGreaterThan is a InventoryQueryOperatorType enum value InventoryQueryOperatorTypeGreaterThan = "GreaterThan" + + // InventoryQueryOperatorTypeExists is a InventoryQueryOperatorType enum value + InventoryQueryOperatorTypeExists = "Exists" ) const ( diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go b/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go index 4c7cf3e3..0c4e6ceb 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go @@ -196,6 +196,13 @@ const ( // or ActivationCode and try again. ErrCodeInvalidActivationId = "InvalidActivationId" + // ErrCodeInvalidAggregatorException for service response error code + // "InvalidAggregatorException". + // + // The specified aggregator is not valid for inventory groups. Verify that the + // aggregator uses a valid inventory type such as AWS:Application or AWS:InstanceInformation. + ErrCodeInvalidAggregatorException = "InvalidAggregatorException" + // ErrCodeInvalidAllowedPatternException for service response error code // "InvalidAllowedPatternException". // @@ -335,6 +342,12 @@ const ( // The specified filter value is not valid. ErrCodeInvalidInstanceInformationFilterValue = "InvalidInstanceInformationFilterValue" + // ErrCodeInvalidInventoryGroupException for service response error code + // "InvalidInventoryGroupException". + // + // The specified inventory group is not valid. + ErrCodeInvalidInventoryGroupException = "InvalidInventoryGroupException" + // ErrCodeInvalidInventoryItemContextException for service response error code // "InvalidInventoryItemContextException". // @@ -526,6 +539,8 @@ const ( // ErrCodeParameterVersionLabelLimitExceeded for service response error code // "ParameterVersionLabelLimitExceeded". + // + // A parameter version can have a maximum of ten labels. ErrCodeParameterVersionLabelLimitExceeded = "ParameterVersionLabelLimitExceeded" // ErrCodeParameterVersionNotFound for service response error code diff --git a/vendor/github.com/davecgh/go-spew/LICENSE b/vendor/github.com/davecgh/go-spew/LICENSE index c8364161..bc52e96f 100644 --- a/vendor/github.com/davecgh/go-spew/LICENSE +++ b/vendor/github.com/davecgh/go-spew/LICENSE @@ -2,7 +2,7 @@ ISC License Copyright (c) 2012-2016 Dave Collins <dave@davec.name> -Permission to use, copy, modify, and distribute this software for any +Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. diff --git a/vendor/github.com/davecgh/go-spew/spew/bypass.go b/vendor/github.com/davecgh/go-spew/spew/bypass.go index 8a4a6589..79299478 100644 --- a/vendor/github.com/davecgh/go-spew/spew/bypass.go +++ b/vendor/github.com/davecgh/go-spew/spew/bypass.go @@ -16,7 +16,9 @@ // when the code is not running on Google App Engine, compiled by GopherJS, and // "-tags safe" is not added to the go build command line. The "disableunsafe" // tag is deprecated and thus should not be used. -// +build !js,!appengine,!safe,!disableunsafe +// Go versions prior to 1.4 are disabled because they use a different layout +// for interfaces which make the implementation of unsafeReflectValue more complex. +// +build !js,!appengine,!safe,!disableunsafe,go1.4 package spew @@ -34,80 +36,49 @@ const ( ptrSize = unsafe.Sizeof((*byte)(nil)) ) +type flag uintptr + var ( - // offsetPtr, offsetScalar, and offsetFlag are the offsets for the - // internal reflect.Value fields. These values are valid before golang - // commit ecccf07e7f9d which changed the format. The are also valid - // after commit 82f48826c6c7 which changed the format again to mirror - // the original format. Code in the init function updates these offsets - // as necessary. - offsetPtr = uintptr(ptrSize) - offsetScalar = uintptr(0) - offsetFlag = uintptr(ptrSize * 2) - - // flagKindWidth and flagKindShift indicate various bits that the - // reflect package uses internally to track kind information. - // - // flagRO indicates whether or not the value field of a reflect.Value is - // read-only. - // - // flagIndir indicates whether the value field of a reflect.Value is - // the actual data or a pointer to the data. - // - // These values are valid before golang commit 90a7c3c86944 which - // changed their positions. Code in the init function updates these - // flags as necessary. - flagKindWidth = uintptr(5) - flagKindShift = uintptr(flagKindWidth - 1) - flagRO = uintptr(1 << 0) - flagIndir = uintptr(1 << 1) + // flagRO indicates whether the value field of a reflect.Value + // is read-only. + flagRO flag + + // flagAddr indicates whether the address of the reflect.Value's + // value may be taken. + flagAddr flag ) -func init() { - // Older versions of reflect.Value stored small integers directly in the - // ptr field (which is named val in the older versions). Versions - // between commits ecccf07e7f9d and 82f48826c6c7 added a new field named - // scalar for this purpose which unfortunately came before the flag - // field, so the offset of the flag field is different for those - // versions. - // - // This code constructs a new reflect.Value from a known small integer - // and checks if the size of the reflect.Value struct indicates it has - // the scalar field. When it does, the offsets are updated accordingly. - vv := reflect.ValueOf(0xf00) - if unsafe.Sizeof(vv) == (ptrSize * 4) { - offsetScalar = ptrSize * 2 - offsetFlag = ptrSize * 3 - } +// flagKindMask holds the bits that make up the kind +// part of the flags field. In all the supported versions, +// it is in the lower 5 bits. +const flagKindMask = flag(0x1f) - // Commit 90a7c3c86944 changed the flag positions such that the low - // order bits are the kind. This code extracts the kind from the flags - // field and ensures it's the correct type. When it's not, the flag - // order has been changed to the newer format, so the flags are updated - // accordingly. - upf := unsafe.Pointer(uintptr(unsafe.Pointer(&vv)) + offsetFlag) - upfv := *(*uintptr)(upf) - flagKindMask := uintptr((1<<flagKindWidth - 1) << flagKindShift) - if (upfv&flagKindMask)>>flagKindShift != uintptr(reflect.Int) { - flagKindShift = 0 - flagRO = 1 << 5 - flagIndir = 1 << 6 - - // Commit adf9b30e5594 modified the flags to separate the - // flagRO flag into two bits which specifies whether or not the - // field is embedded. This causes flagIndir to move over a bit - // and means that flagRO is the combination of either of the - // original flagRO bit and the new bit. - // - // This code detects the change by extracting what used to be - // the indirect bit to ensure it's set. When it's not, the flag - // order has been changed to the newer format, so the flags are - // updated accordingly. - if upfv&flagIndir == 0 { - flagRO = 3 << 5 - flagIndir = 1 << 7 - } +// Different versions of Go have used different +// bit layouts for the flags type. This table +// records the known combinations. +var okFlags = []struct { + ro, addr flag +}{{ + // From Go 1.4 to 1.5 + ro: 1 << 5, + addr: 1 << 7, +}, { + // Up to Go tip. + ro: 1<<5 | 1<<6, + addr: 1 << 8, +}} + +var flagValOffset = func() uintptr { + field, ok := reflect.TypeOf(reflect.Value{}).FieldByName("flag") + if !ok { + panic("reflect.Value has no flag field") } + return field.Offset +}() + +// flagField returns a pointer to the flag field of a reflect.Value. +func flagField(v *reflect.Value) *flag { + return (*flag)(unsafe.Pointer(uintptr(unsafe.Pointer(v)) + flagValOffset)) } // unsafeReflectValue converts the passed reflect.Value into a one that bypasses @@ -119,34 +90,56 @@ func init() { // This allows us to check for implementations of the Stringer and error // interfaces to be used for pretty printing ordinarily unaddressable and // inaccessible values such as unexported struct fields. -func unsafeReflectValue(v reflect.Value) (rv reflect.Value) { - indirects := 1 - vt := v.Type() - upv := unsafe.Pointer(uintptr(unsafe.Pointer(&v)) + offsetPtr) - rvf := *(*uintptr)(unsafe.Pointer(uintptr(unsafe.Pointer(&v)) + offsetFlag)) - if rvf&flagIndir != 0 { - vt = reflect.PtrTo(v.Type()) - indirects++ - } else if offsetScalar != 0 { - // The value is in the scalar field when it's not one of the - // reference types. - switch vt.Kind() { - case reflect.Uintptr: - case reflect.Chan: - case reflect.Func: - case reflect.Map: - case reflect.Ptr: - case reflect.UnsafePointer: - default: - upv = unsafe.Pointer(uintptr(unsafe.Pointer(&v)) + - offsetScalar) - } +func unsafeReflectValue(v reflect.Value) reflect.Value { + if !v.IsValid() || (v.CanInterface() && v.CanAddr()) { + return v } + flagFieldPtr := flagField(&v) + *flagFieldPtr &^= flagRO + *flagFieldPtr |= flagAddr + return v +} - pv := reflect.NewAt(vt, upv) - rv = pv - for i := 0; i < indirects; i++ { - rv = rv.Elem() +// Sanity checks against future reflect package changes +// to the type or semantics of the Value.flag field. +func init() { + field, ok := reflect.TypeOf(reflect.Value{}).FieldByName("flag") + if !ok { + panic("reflect.Value has no flag field") + } + if field.Type.Kind() != reflect.TypeOf(flag(0)).Kind() { + panic("reflect.Value flag field has changed kind") + } + type t0 int + var t struct { + A t0 + // t0 will have flagEmbedRO set. + t0 + // a will have flagStickyRO set + a t0 + } + vA := reflect.ValueOf(t).FieldByName("A") + va := reflect.ValueOf(t).FieldByName("a") + vt0 := reflect.ValueOf(t).FieldByName("t0") + + // Infer flagRO from the difference between the flags + // for the (otherwise identical) fields in t. + flagPublic := *flagField(&vA) + flagWithRO := *flagField(&va) | *flagField(&vt0) + flagRO = flagPublic ^ flagWithRO + + // Infer flagAddr from the difference between a value + // taken from a pointer and not. + vPtrA := reflect.ValueOf(&t).Elem().FieldByName("A") + flagNoPtr := *flagField(&vA) + flagPtr := *flagField(&vPtrA) + flagAddr = flagNoPtr ^ flagPtr + + // Check that the inferred flags tally with one of the known versions. + for _, f := range okFlags { + if flagRO == f.ro && flagAddr == f.addr { + return + } } - return rv + panic("reflect.Value read-only flag has changed semantics") } diff --git a/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go b/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go index 1fe3cf3d..205c28d6 100644 --- a/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go +++ b/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go @@ -16,7 +16,7 @@ // when the code is running on Google App Engine, compiled by GopherJS, or // "-tags safe" is added to the go build command line. The "disableunsafe" // tag is deprecated and thus should not be used. -// +build js appengine safe disableunsafe +// +build js appengine safe disableunsafe !go1.4 package spew diff --git a/vendor/github.com/davecgh/go-spew/spew/common.go b/vendor/github.com/davecgh/go-spew/spew/common.go index 7c519ff4..1be8ce94 100644 --- a/vendor/github.com/davecgh/go-spew/spew/common.go +++ b/vendor/github.com/davecgh/go-spew/spew/common.go @@ -180,7 +180,7 @@ func printComplex(w io.Writer, c complex128, floatPrecision int) { w.Write(closeParenBytes) } -// printHexPtr outputs a uintptr formatted as hexidecimal with a leading '0x' +// printHexPtr outputs a uintptr formatted as hexadecimal with a leading '0x' // prefix to Writer w. func printHexPtr(w io.Writer, p uintptr) { // Null pointer. diff --git a/vendor/github.com/davecgh/go-spew/spew/dump.go b/vendor/github.com/davecgh/go-spew/spew/dump.go index df1d582a..f78d89fc 100644 --- a/vendor/github.com/davecgh/go-spew/spew/dump.go +++ b/vendor/github.com/davecgh/go-spew/spew/dump.go @@ -35,16 +35,16 @@ var ( // cCharRE is a regular expression that matches a cgo char. // It is used to detect character arrays to hexdump them. - cCharRE = regexp.MustCompile("^.*\\._Ctype_char$") + cCharRE = regexp.MustCompile(`^.*\._Ctype_char$`) // cUnsignedCharRE is a regular expression that matches a cgo unsigned // char. It is used to detect unsigned character arrays to hexdump // them. - cUnsignedCharRE = regexp.MustCompile("^.*\\._Ctype_unsignedchar$") + cUnsignedCharRE = regexp.MustCompile(`^.*\._Ctype_unsignedchar$`) // cUint8tCharRE is a regular expression that matches a cgo uint8_t. // It is used to detect uint8_t arrays to hexdump them. - cUint8tCharRE = regexp.MustCompile("^.*\\._Ctype_uint8_t$") + cUint8tCharRE = regexp.MustCompile(`^.*\._Ctype_uint8_t$`) ) // dumpState contains information about the state of a dump operation. @@ -143,10 +143,10 @@ func (d *dumpState) dumpPtr(v reflect.Value) { // Display dereferenced value. d.w.Write(openParenBytes) switch { - case nilFound == true: + case nilFound: d.w.Write(nilAngleBytes) - case cycleFound == true: + case cycleFound: d.w.Write(circularBytes) default: diff --git a/vendor/github.com/davecgh/go-spew/spew/format.go b/vendor/github.com/davecgh/go-spew/spew/format.go index c49875ba..b04edb7d 100644 --- a/vendor/github.com/davecgh/go-spew/spew/format.go +++ b/vendor/github.com/davecgh/go-spew/spew/format.go @@ -182,10 +182,10 @@ func (f *formatState) formatPtr(v reflect.Value) { // Display dereferenced value. switch { - case nilFound == true: + case nilFound: f.fs.Write(nilAngleBytes) - case cycleFound == true: + case cycleFound: f.fs.Write(circularShortBytes) default: diff --git a/vendor/github.com/go-ini/ini/file.go b/vendor/github.com/go-ini/ini/file.go index d7982c32..1a3186b9 100644 --- a/vendor/github.com/go-ini/ini/file.go +++ b/vendor/github.com/go-ini/ini/file.go @@ -237,13 +237,18 @@ func (f *File) writeToBuffer(indent string) (*bytes.Buffer, error) { for i, sname := range f.sectionList { sec := f.Section(sname) if len(sec.Comment) > 0 { - if sec.Comment[0] != '#' && sec.Comment[0] != ';' { - sec.Comment = "; " + sec.Comment - } else { - sec.Comment = sec.Comment[:1] + " " + strings.TrimSpace(sec.Comment[1:]) - } - if _, err := buf.WriteString(sec.Comment + LineBreak); err != nil { - return nil, err + // Support multiline comments + lines := strings.Split(sec.Comment, LineBreak) + for i := range lines { + if lines[i][0] != '#' && lines[i][0] != ';' { + lines[i] = "; " + lines[i] + } else { + lines[i] = lines[i][:1] + " " + strings.TrimSpace(lines[i][1:]) + } + + if _, err := buf.WriteString(lines[i] + LineBreak); err != nil { + return nil, err + } } } @@ -300,17 +305,19 @@ func (f *File) writeToBuffer(indent string) (*bytes.Buffer, error) { if len(indent) > 0 && sname != DEFAULT_SECTION { buf.WriteString(indent) } - if key.Comment[0] != '#' && key.Comment[0] != ';' { - key.Comment = "; " + key.Comment - } else { - key.Comment = key.Comment[:1] + " " + strings.TrimSpace(key.Comment[1:]) - } // Support multiline comments - key.Comment = strings.Replace(key.Comment, "\n", "\n; ", -1) + lines := strings.Split(key.Comment, LineBreak) + for i := range lines { + if lines[i][0] != '#' && lines[i][0] != ';' { + lines[i] = "; " + lines[i] + } else { + lines[i] = lines[i][:1] + " " + strings.TrimSpace(lines[i][1:]) + } - if _, err := buf.WriteString(key.Comment + LineBreak); err != nil { - return nil, err + if _, err := buf.WriteString(lines[i] + LineBreak); err != nil { + return nil, err + } } } diff --git a/vendor/github.com/go-ini/ini/ini.go b/vendor/github.com/go-ini/ini/ini.go index 595f6002..cb55997a 100644 --- a/vendor/github.com/go-ini/ini/ini.go +++ b/vendor/github.com/go-ini/ini/ini.go @@ -34,7 +34,7 @@ const ( // Maximum allowed depth when recursively substituing variable names. _DEPTH_VALUES = 99 - _VERSION = "1.38.1" + _VERSION = "1.38.2" ) // Version returns current package version literal. @@ -204,7 +204,7 @@ func InsensitiveLoad(source interface{}, others ...interface{}) (*File, error) { return LoadSources(LoadOptions{Insensitive: true}, source, others...) } -// InsensitiveLoad has exactly same functionality as Load function +// ShadowLoad has exactly same functionality as Load function // except it allows have shadow keys. func ShadowLoad(source interface{}, others ...interface{}) (*File, error) { return LoadSources(LoadOptions{AllowShadows: true}, source, others...) diff --git a/vendor/github.com/gosimple/slug/languages_substitution.go b/vendor/github.com/gosimple/slug/languages_substitution.go index ba8ad018..f1127406 100644 --- a/vendor/github.com/gosimple/slug/languages_substitution.go +++ b/vendor/github.com/gosimple/slug/languages_substitution.go @@ -24,6 +24,11 @@ var defaultSub = map[rune]string{ '―': "-", // horizontal bar } +var nlSub = map[rune]string{ + '&': "en", + '@': "at", +} + var deSub = map[rune]string{ '&': "und", '@': "an", diff --git a/vendor/github.com/gosimple/slug/slug.go b/vendor/github.com/gosimple/slug/slug.go index bd3ec51a..a1b5f19b 100644 --- a/vendor/github.com/gosimple/slug/slug.go +++ b/vendor/github.com/gosimple/slug/slug.go @@ -62,6 +62,8 @@ func MakeLang(s string, lang string) (slug string) { slug = SubstituteRune(slug, esSub) case "gr": slug = SubstituteRune(slug, grSub) + case "nl": + slug = SubstituteRune(slug, nlSub) default: // fallback to "en" if lang not found slug = SubstituteRune(slug, enSub) } diff --git a/vendor/github.com/hashicorp/vault/api/client.go b/vendor/github.com/hashicorp/vault/api/client.go index 7ebde594..c7ced823 100644 --- a/vendor/github.com/hashicorp/vault/api/client.go +++ b/vendor/github.com/hashicorp/vault/api/client.go @@ -19,6 +19,7 @@ import ( "github.com/hashicorp/go-cleanhttp" retryablehttp "github.com/hashicorp/go-retryablehttp" "github.com/hashicorp/go-rootcerts" + "github.com/hashicorp/vault/helper/consts" "github.com/hashicorp/vault/helper/parseutil" "golang.org/x/net/http2" "golang.org/x/time/rate" @@ -464,6 +465,19 @@ func (c *Client) SetMFACreds(creds []string) { c.mfaCreds = creds } +// SetNamespace sets the namespace supplied either via the environment +// variable or via the command line. +func (c *Client) SetNamespace(namespace string) { + c.modifyLock.Lock() + defer c.modifyLock.Unlock() + + if c.headers == nil { + c.headers = make(http.Header) + } + + c.headers.Set(consts.NamespaceHeaderName, namespace) +} + // Token returns the access token being used by this client. It will // return the empty string if there is no token set. func (c *Client) Token() string { @@ -490,6 +504,26 @@ func (c *Client) ClearToken() { c.token = "" } +// Headers gets the current set of headers used for requests. This returns a +// copy; to modify it make modifications locally and use SetHeaders. +func (c *Client) Headers() http.Header { + c.modifyLock.RLock() + defer c.modifyLock.RUnlock() + + if c.headers == nil { + return nil + } + + ret := make(http.Header) + for k, v := range c.headers { + for _, val := range v { + ret[k] = append(ret[k], val) + } + } + + return ret +} + // SetHeaders sets the headers to be used for future requests. func (c *Client) SetHeaders(headers http.Header) { c.modifyLock.Lock() diff --git a/vendor/github.com/hashicorp/vault/api/logical.go b/vendor/github.com/hashicorp/vault/api/logical.go index 5add065f..d13daac6 100644 --- a/vendor/github.com/hashicorp/vault/api/logical.go +++ b/vendor/github.com/hashicorp/vault/api/logical.go @@ -5,6 +5,7 @@ import ( "context" "fmt" "io" + "net/url" "os" "github.com/hashicorp/errwrap" @@ -46,8 +47,26 @@ func (c *Client) Logical() *Logical { } func (c *Logical) Read(path string) (*Secret, error) { + return c.ReadWithData(path, nil) +} + +func (c *Logical) ReadWithData(path string, data map[string][]string) (*Secret, error) { r := c.c.NewRequest("GET", "/v1/"+path) + var values url.Values + for k, v := range data { + if values == nil { + values = make(url.Values) + } + for _, val := range v { + values.Add(k, val) + } + } + + if values != nil { + r.Params = values + } + ctx, cancelFunc := context.WithCancel(context.Background()) defer cancelFunc() resp, err := c.c.RawRequestWithContext(ctx, r) diff --git a/vendor/github.com/hashicorp/vault/api/sys_audit.go b/vendor/github.com/hashicorp/vault/api/sys_audit.go index 3c195ad2..2448c036 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_audit.go +++ b/vendor/github.com/hashicorp/vault/api/sys_audit.go @@ -2,6 +2,7 @@ package api import ( "context" + "errors" "fmt" "github.com/mitchellh/mapstructure" @@ -25,17 +26,24 @@ func (c *Sys) AuditHash(path string, input string) (string, error) { } defer resp.Body.Close() - type d struct { - Hash string `json:"hash"` - } - - var result d - err = resp.DecodeJSON(&result) + secret, err := ParseSecret(resp.Body) if err != nil { return "", err } + if secret == nil || secret.Data == nil { + return "", errors.New("data from server response is empty") + } - return result.Hash, err + hash, ok := secret.Data["hash"] + if !ok { + return "", errors.New("hash not found in response data") + } + hashStr, ok := hash.(string) + if !ok { + return "", errors.New("could not parse hash in response data") + } + + return hashStr, nil } func (c *Sys) ListAudit() (map[string]*Audit, error) { @@ -50,29 +58,18 @@ func (c *Sys) ListAudit() (map[string]*Audit, error) { } defer resp.Body.Close() - var result map[string]interface{} - err = resp.DecodeJSON(&result) + secret, err := ParseSecret(resp.Body) if err != nil { return nil, err } + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") + } mounts := map[string]*Audit{} - for k, v := range result { - switch v.(type) { - case map[string]interface{}: - default: - continue - } - var res Audit - err = mapstructure.Decode(v, &res) - if err != nil { - return nil, err - } - // Not a mount, some other api.Secret data - if res.Type == "" { - continue - } - mounts[k] = &res + err = mapstructure.Decode(secret.Data, &mounts) + if err != nil { + return nil, err } return mounts, nil @@ -124,16 +121,16 @@ func (c *Sys) DisableAudit(path string) error { // documentation. Please refer to that documentation for more details. type EnableAuditOptions struct { - Type string `json:"type"` - Description string `json:"description"` - Options map[string]string `json:"options"` - Local bool `json:"local"` + Type string `json:"type" mapstructure:"type"` + Description string `json:"description" mapstructure:"description"` + Options map[string]string `json:"options" mapstructure:"options"` + Local bool `json:"local" mapstructure:"local"` } type Audit struct { - Path string - Type string - Description string - Options map[string]string - Local bool + Type string `json:"type" mapstructure:"type"` + Description string `json:"description" mapstructure:"description"` + Options map[string]string `json:"options" mapstructure:"options"` + Local bool `json:"local" mapstructure:"local"` + Path string `json:"path" mapstructure:"path"` } diff --git a/vendor/github.com/hashicorp/vault/api/sys_auth.go b/vendor/github.com/hashicorp/vault/api/sys_auth.go index 7d3a3f8c..447c5d54 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_auth.go +++ b/vendor/github.com/hashicorp/vault/api/sys_auth.go @@ -2,6 +2,7 @@ package api import ( "context" + "errors" "fmt" "github.com/mitchellh/mapstructure" @@ -18,29 +19,18 @@ func (c *Sys) ListAuth() (map[string]*AuthMount, error) { } defer resp.Body.Close() - var result map[string]interface{} - err = resp.DecodeJSON(&result) + secret, err := ParseSecret(resp.Body) if err != nil { return nil, err } + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") + } mounts := map[string]*AuthMount{} - for k, v := range result { - switch v.(type) { - case map[string]interface{}: - default: - continue - } - var res AuthMount - err = mapstructure.Decode(v, &res) - if err != nil { - return nil, err - } - // Not a mount, some other api.Secret data - if res.Type == "" { - continue - } - mounts[k] = &res + err = mapstructure.Decode(secret.Data, &mounts) + if err != nil { + return nil, err } return mounts, nil diff --git a/vendor/github.com/hashicorp/vault/api/sys_capabilities.go b/vendor/github.com/hashicorp/vault/api/sys_capabilities.go index d4242a2a..242acf96 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_capabilities.go +++ b/vendor/github.com/hashicorp/vault/api/sys_capabilities.go @@ -2,7 +2,10 @@ package api import ( "context" + "errors" "fmt" + + "github.com/mitchellh/mapstructure" ) func (c *Sys) CapabilitiesSelf(path string) ([]string, error) { @@ -33,22 +36,19 @@ func (c *Sys) Capabilities(token, path string) ([]string, error) { } defer resp.Body.Close() - var result map[string]interface{} - err = resp.DecodeJSON(&result) + secret, err := ParseSecret(resp.Body) if err != nil { return nil, err } - - if result["capabilities"] == nil { - return nil, nil - } - var capabilities []string - capabilitiesRaw, ok := result["capabilities"].([]interface{}) - if !ok { - return nil, fmt.Errorf("error interpreting returned capabilities") + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") } - for _, capability := range capabilitiesRaw { - capabilities = append(capabilities, capability.(string)) + + var res []string + err = mapstructure.Decode(secret.Data[path], &res) + if err != nil { + return nil, err } - return capabilities, nil + + return res, nil } diff --git a/vendor/github.com/hashicorp/vault/api/sys_config_cors.go b/vendor/github.com/hashicorp/vault/api/sys_config_cors.go index 94ccbd72..d153a47c 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_config_cors.go +++ b/vendor/github.com/hashicorp/vault/api/sys_config_cors.go @@ -1,6 +1,11 @@ package api -import "context" +import ( + "context" + "errors" + + "github.com/mitchellh/mapstructure" +) func (c *Sys) CORSStatus() (*CORSResponse, error) { r := c.c.NewRequest("GET", "/v1/sys/config/cors") @@ -13,8 +18,20 @@ func (c *Sys) CORSStatus() (*CORSResponse, error) { } defer resp.Body.Close() + secret, err := ParseSecret(resp.Body) + if err != nil { + return nil, err + } + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") + } + var result CORSResponse - err = resp.DecodeJSON(&result) + err = mapstructure.Decode(secret.Data, &result) + if err != nil { + return nil, err + } + return &result, err } @@ -32,8 +49,20 @@ func (c *Sys) ConfigureCORS(req *CORSRequest) (*CORSResponse, error) { } defer resp.Body.Close() + secret, err := ParseSecret(resp.Body) + if err != nil { + return nil, err + } + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") + } + var result CORSResponse - err = resp.DecodeJSON(&result) + err = mapstructure.Decode(secret.Data, &result) + if err != nil { + return nil, err + } + return &result, err } @@ -48,18 +77,29 @@ func (c *Sys) DisableCORS() (*CORSResponse, error) { } defer resp.Body.Close() + secret, err := ParseSecret(resp.Body) + if err != nil { + return nil, err + } + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") + } + var result CORSResponse - err = resp.DecodeJSON(&result) - return &result, err + err = mapstructure.Decode(secret.Data, &result) + if err != nil { + return nil, err + } + return &result, err } type CORSRequest struct { - AllowedOrigins string `json:"allowed_origins"` - Enabled bool `json:"enabled"` + AllowedOrigins string `json:"allowed_origins" mapstructure:"allowed_origins"` + Enabled bool `json:"enabled" mapstructure:"enabled"` } type CORSResponse struct { - AllowedOrigins string `json:"allowed_origins"` - Enabled bool `json:"enabled"` + AllowedOrigins string `json:"allowed_origins" mapstructure:"allowed_origins"` + Enabled bool `json:"enabled" mapstructure:"enabled"` } diff --git a/vendor/github.com/hashicorp/vault/api/sys_generate_root.go b/vendor/github.com/hashicorp/vault/api/sys_generate_root.go index ec7314da..66f72dff 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_generate_root.go +++ b/vendor/github.com/hashicorp/vault/api/sys_generate_root.go @@ -119,4 +119,6 @@ type GenerateRootStatusResponse struct { EncodedToken string `json:"encoded_token"` EncodedRootToken string `json:"encoded_root_token"` PGPFingerprint string `json:"pgp_fingerprint"` + OTP string `json:"otp"` + OTPLength int `json:"otp_length"` } diff --git a/vendor/github.com/hashicorp/vault/api/sys_health.go b/vendor/github.com/hashicorp/vault/api/sys_health.go index f49d05b6..bd74e826 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_health.go +++ b/vendor/github.com/hashicorp/vault/api/sys_health.go @@ -11,6 +11,7 @@ func (c *Sys) Health() (*HealthResponse, error) { r.Params.Add("sealedcode", "299") r.Params.Add("standbycode", "299") r.Params.Add("drsecondarycode", "299") + r.Params.Add("performancestandbycode", "299") ctx, cancelFunc := context.WithCancel(context.Background()) defer cancelFunc() diff --git a/vendor/github.com/hashicorp/vault/api/sys_leader.go b/vendor/github.com/hashicorp/vault/api/sys_leader.go index 170a55ff..dfef8345 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_leader.go +++ b/vendor/github.com/hashicorp/vault/api/sys_leader.go @@ -19,8 +19,10 @@ func (c *Sys) Leader() (*LeaderResponse, error) { } type LeaderResponse struct { - HAEnabled bool `json:"ha_enabled"` - IsSelf bool `json:"is_self"` - LeaderAddress string `json:"leader_address"` - LeaderClusterAddress string `json:"leader_cluster_address"` + HAEnabled bool `json:"ha_enabled"` + IsSelf bool `json:"is_self"` + LeaderAddress string `json:"leader_address"` + LeaderClusterAddress string `json:"leader_cluster_address"` + PerfStandby bool `json:"performance_standby"` + PerfStandbyLastRemoteWAL uint64 `json:"performance_standby_last_remote_wal"` } diff --git a/vendor/github.com/hashicorp/vault/api/sys_mounts.go b/vendor/github.com/hashicorp/vault/api/sys_mounts.go index 29a469f3..8a32b095 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_mounts.go +++ b/vendor/github.com/hashicorp/vault/api/sys_mounts.go @@ -2,6 +2,7 @@ package api import ( "context" + "errors" "fmt" "github.com/mitchellh/mapstructure" @@ -18,29 +19,18 @@ func (c *Sys) ListMounts() (map[string]*MountOutput, error) { } defer resp.Body.Close() - var result map[string]interface{} - err = resp.DecodeJSON(&result) + secret, err := ParseSecret(resp.Body) if err != nil { return nil, err } + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") + } mounts := map[string]*MountOutput{} - for k, v := range result { - switch v.(type) { - case map[string]interface{}: - default: - continue - } - var res MountOutput - err = mapstructure.Decode(v, &res) - if err != nil { - return nil, err - } - // Not a mount, some other api.Secret data - if res.Type == "" { - continue - } - mounts[k] = &res + err = mapstructure.Decode(secret.Data, &mounts) + if err != nil { + return nil, err } return mounts, nil @@ -121,8 +111,16 @@ func (c *Sys) MountConfig(path string) (*MountConfigOutput, error) { } defer resp.Body.Close() + secret, err := ParseSecret(resp.Body) + if err != nil { + return nil, err + } + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") + } + var result MountConfigOutput - err = resp.DecodeJSON(&result) + err = mapstructure.Decode(secret.Data, &result) if err != nil { return nil, err } diff --git a/vendor/github.com/hashicorp/vault/api/sys_plugins.go b/vendor/github.com/hashicorp/vault/api/sys_plugins.go index 218f8e93..b2f18d94 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_plugins.go +++ b/vendor/github.com/hashicorp/vault/api/sys_plugins.go @@ -12,7 +12,7 @@ type ListPluginsInput struct{} // ListPluginsResponse is the response from the ListPlugins call. type ListPluginsResponse struct { // Names is the list of names of the plugins. - Names []string + Names []string `json:"names"` } // ListPlugins lists all plugins in the catalog and returns their names as a diff --git a/vendor/github.com/hashicorp/vault/api/sys_policy.go b/vendor/github.com/hashicorp/vault/api/sys_policy.go index 4b535fb3..1fa32597 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_policy.go +++ b/vendor/github.com/hashicorp/vault/api/sys_policy.go @@ -2,7 +2,10 @@ package api import ( "context" + "errors" "fmt" + + "github.com/mitchellh/mapstructure" ) func (c *Sys) ListPolicies() ([]string, error) { @@ -16,29 +19,25 @@ func (c *Sys) ListPolicies() ([]string, error) { } defer resp.Body.Close() - var result map[string]interface{} - err = resp.DecodeJSON(&result) + secret, err := ParseSecret(resp.Body) if err != nil { return nil, err } - - var ok bool - if _, ok = result["policies"]; !ok { - return nil, fmt.Errorf("policies not found in response") + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") } - listRaw := result["policies"].([]interface{}) - var policies []string - - for _, val := range listRaw { - policies = append(policies, val.(string)) + var result []string + err = mapstructure.Decode(secret.Data["policies"], &result) + if err != nil { + return nil, err } - return policies, err + return result, err } func (c *Sys) GetPolicy(name string) (string, error) { - r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/policy/%s", name)) + r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/policies/acl/%s", name)) ctx, cancelFunc := context.WithCancel(context.Background()) defer cancelFunc() @@ -53,16 +52,15 @@ func (c *Sys) GetPolicy(name string) (string, error) { return "", err } - var result map[string]interface{} - err = resp.DecodeJSON(&result) + secret, err := ParseSecret(resp.Body) if err != nil { return "", err } - - if rulesRaw, ok := result["rules"]; ok { - return rulesRaw.(string), nil + if secret == nil || secret.Data == nil { + return "", errors.New("data from server response is empty") } - if policyRaw, ok := result["policy"]; ok { + + if policyRaw, ok := secret.Data["policy"]; ok { return policyRaw.(string), nil } diff --git a/vendor/github.com/hashicorp/vault/api/sys_rekey.go b/vendor/github.com/hashicorp/vault/api/sys_rekey.go index 89ad11d5..55f1a703 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_rekey.go +++ b/vendor/github.com/hashicorp/vault/api/sys_rekey.go @@ -1,6 +1,11 @@ package api -import "context" +import ( + "context" + "errors" + + "github.com/mitchellh/mapstructure" +) func (c *Sys) RekeyStatus() (*RekeyStatusResponse, error) { r := c.c.NewRequest("GET", "/v1/sys/rekey/init") @@ -211,8 +216,20 @@ func (c *Sys) RekeyRetrieveBackup() (*RekeyRetrieveResponse, error) { } defer resp.Body.Close() + secret, err := ParseSecret(resp.Body) + if err != nil { + return nil, err + } + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") + } + var result RekeyRetrieveResponse - err = resp.DecodeJSON(&result) + err = mapstructure.Decode(secret.Data, &result) + if err != nil { + return nil, err + } + return &result, err } @@ -227,8 +244,20 @@ func (c *Sys) RekeyRetrieveRecoveryBackup() (*RekeyRetrieveResponse, error) { } defer resp.Body.Close() + secret, err := ParseSecret(resp.Body) + if err != nil { + return nil, err + } + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") + } + var result RekeyRetrieveResponse - err = resp.DecodeJSON(&result) + err = mapstructure.Decode(secret.Data, &result) + if err != nil { + return nil, err + } + return &result, err } @@ -340,9 +369,9 @@ type RekeyUpdateResponse struct { } type RekeyRetrieveResponse struct { - Nonce string `json:"nonce"` - Keys map[string][]string `json:"keys"` - KeysB64 map[string][]string `json:"keys_base64"` + Nonce string `json:"nonce" mapstructure:"nonce"` + Keys map[string][]string `json:"keys" mapstructure:"keys"` + KeysB64 map[string][]string `json:"keys_base64" mapstructure:"keys_base64"` } type RekeyVerificationStatusResponse struct { diff --git a/vendor/github.com/hashicorp/vault/api/sys_rotate.go b/vendor/github.com/hashicorp/vault/api/sys_rotate.go index c7f97ce3..c525feb0 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_rotate.go +++ b/vendor/github.com/hashicorp/vault/api/sys_rotate.go @@ -2,6 +2,8 @@ package api import ( "context" + "encoding/json" + "errors" "time" ) @@ -28,9 +30,45 @@ func (c *Sys) KeyStatus() (*KeyStatus, error) { } defer resp.Body.Close() - result := new(KeyStatus) - err = resp.DecodeJSON(result) - return result, err + secret, err := ParseSecret(resp.Body) + if err != nil { + return nil, err + } + if secret == nil || secret.Data == nil { + return nil, errors.New("data from server response is empty") + } + + var result KeyStatus + + termRaw, ok := secret.Data["term"] + if !ok { + return nil, errors.New("term not found in response") + } + term, ok := termRaw.(json.Number) + if !ok { + return nil, errors.New("could not convert term to a number") + } + term64, err := term.Int64() + if err != nil { + return nil, err + } + result.Term = int(term64) + + installTimeRaw, ok := secret.Data["install_time"] + if !ok { + return nil, errors.New("install_time not found in response") + } + installTimeStr, ok := installTimeRaw.(string) + if !ok { + return nil, errors.New("could not convert install_time to a string") + } + installTime, err := time.Parse(time.RFC3339Nano, installTimeStr) + if err != nil { + return nil, err + } + result.InstallTime = installTime + + return &result, err } type KeyStatus struct { diff --git a/vendor/github.com/hashicorp/vault/api/sys_stepdown.go b/vendor/github.com/hashicorp/vault/api/sys_stepdown.go index 21db3d8e..55dc6fbc 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_stepdown.go +++ b/vendor/github.com/hashicorp/vault/api/sys_stepdown.go @@ -8,8 +8,8 @@ func (c *Sys) StepDown() error { ctx, cancelFunc := context.WithCancel(context.Background()) defer cancelFunc() resp, err := c.c.RawRequestWithContext(ctx, r) - if err == nil { - defer resp.Body.Close() + if resp != nil && resp.Body != nil { + resp.Body.Close() } return err } diff --git a/vendor/github.com/hashicorp/vault/helper/consts/consts.go b/vendor/github.com/hashicorp/vault/helper/consts/consts.go new file mode 100644 index 00000000..972a69f4 --- /dev/null +++ b/vendor/github.com/hashicorp/vault/helper/consts/consts.go @@ -0,0 +1,14 @@ +package consts + +const ( + // ExpirationRestoreWorkerCount specifies the number of workers to use while + // restoring leases into the expiration manager + ExpirationRestoreWorkerCount = 64 + + // NamespaceHeaderName is the header set to specify which namespace the + // request is indented for. + NamespaceHeaderName = "X-Vault-Namespace" + + // AuthHeaderName is the name of the header containing the token. + AuthHeaderName = "X-Vault-Token" +) diff --git a/vendor/github.com/hashicorp/vault/helper/consts/error.go b/vendor/github.com/hashicorp/vault/helper/consts/error.go new file mode 100644 index 00000000..06977d5d --- /dev/null +++ b/vendor/github.com/hashicorp/vault/helper/consts/error.go @@ -0,0 +1,16 @@ +package consts + +import "errors" + +var ( + // ErrSealed is returned if an operation is performed on a sealed barrier. + // No operation is expected to succeed before unsealing + ErrSealed = errors.New("Vault is sealed") + + // ErrStandby is returned if an operation is performed on a standby Vault. + // No operation is expected to succeed until active. + ErrStandby = errors.New("Vault is in standby mode") + + // Used when .. is used in a path + ErrPathContainsParentReferences = errors.New("path cannot contain parent references") +) diff --git a/vendor/github.com/hashicorp/vault/helper/consts/replication.go b/vendor/github.com/hashicorp/vault/helper/consts/replication.go new file mode 100644 index 00000000..bdad1552 --- /dev/null +++ b/vendor/github.com/hashicorp/vault/helper/consts/replication.go @@ -0,0 +1,87 @@ +package consts + +import "time" + +type ReplicationState uint32 + +var ReplicationStaleReadTimeout = 2 * time.Second + +const ( + _ ReplicationState = iota + OldReplicationPrimary + OldReplicationSecondary + OldReplicationBootstrapping + // Don't add anything here. Adding anything to this Old block would cause + // the rest of the values to change below. This was done originally to + // ensure no overlap between old and new values. + + ReplicationUnknown ReplicationState = 0 + ReplicationPerformancePrimary ReplicationState = 1 << iota + ReplicationPerformanceSecondary + OldSplitReplicationBootstrapping + ReplicationDRPrimary + ReplicationDRSecondary + ReplicationPerformanceBootstrapping + ReplicationDRBootstrapping + ReplicationPerformanceDisabled + ReplicationDRDisabled + ReplicationPerformanceStandby +) + +func (r ReplicationState) string() string { + switch r { + case ReplicationPerformanceSecondary: + return "secondary" + case ReplicationPerformancePrimary: + return "primary" + case ReplicationPerformanceBootstrapping: + return "bootstrapping" + case ReplicationPerformanceDisabled: + return "disabled" + case ReplicationDRPrimary: + return "primary" + case ReplicationDRSecondary: + return "secondary" + case ReplicationDRBootstrapping: + return "bootstrapping" + case ReplicationDRDisabled: + return "disabled" + } + + return "unknown" +} + +func (r ReplicationState) GetDRString() string { + switch { + case r.HasState(ReplicationDRBootstrapping): + return ReplicationDRBootstrapping.string() + case r.HasState(ReplicationDRPrimary): + return ReplicationDRPrimary.string() + case r.HasState(ReplicationDRSecondary): + return ReplicationDRSecondary.string() + case r.HasState(ReplicationDRDisabled): + return ReplicationDRDisabled.string() + default: + return "unknown" + } +} + +func (r ReplicationState) GetPerformanceString() string { + switch { + case r.HasState(ReplicationPerformanceBootstrapping): + return ReplicationPerformanceBootstrapping.string() + case r.HasState(ReplicationPerformancePrimary): + return ReplicationPerformancePrimary.string() + case r.HasState(ReplicationPerformanceSecondary): + return ReplicationPerformanceSecondary.string() + case r.HasState(ReplicationPerformanceDisabled): + return ReplicationPerformanceDisabled.string() + default: + return "unknown" + } +} + +func (r ReplicationState) HasState(flag ReplicationState) bool { return r&flag != 0 } +func (r *ReplicationState) AddState(flag ReplicationState) { *r |= flag } +func (r *ReplicationState) ClearState(flag ReplicationState) { *r &= ^flag } +func (r *ReplicationState) ToggleState(flag ReplicationState) { *r ^= flag } diff --git a/vendor/github.com/hashicorp/vault/helper/strutil/strutil.go b/vendor/github.com/hashicorp/vault/helper/strutil/strutil.go index a77e60d1..8d84c1e4 100644 --- a/vendor/github.com/hashicorp/vault/helper/strutil/strutil.go +++ b/vendor/github.com/hashicorp/vault/helper/strutil/strutil.go @@ -43,9 +43,9 @@ func StrListSubset(super, sub []string) bool { return true } -// Parses a comma separated list of strings into a slice of strings. -// The return slice will be sorted and will not contain duplicate or -// empty items. +// ParseDedupAndSortStrings parses a comma separated list of strings +// into a slice of strings. The return slice will be sorted and will +// not contain duplicate or empty items. func ParseDedupAndSortStrings(input string, sep string) []string { input = strings.TrimSpace(input) parsed := []string{} @@ -56,9 +56,10 @@ func ParseDedupAndSortStrings(input string, sep string) []string { return RemoveDuplicates(strings.Split(input, sep), false) } -// Parses a comma separated list of strings into a slice of strings. -// The return slice will be sorted and will not contain duplicate or -// empty items. The values will be converted to lower case. +// ParseDedupLowercaseAndSortStrings parses a comma separated list of +// strings into a slice of strings. The return slice will be sorted and +// will not contain duplicate or empty items. The values will be converted +// to lower case. func ParseDedupLowercaseAndSortStrings(input string, sep string) []string { input = strings.TrimSpace(input) parsed := []string{} @@ -69,8 +70,8 @@ func ParseDedupLowercaseAndSortStrings(input string, sep string) []string { return RemoveDuplicates(strings.Split(input, sep), true) } -// Parses a comma separated list of `<key>=<value>` tuples into a -// map[string]string. +// ParseKeyValues parses a comma separated list of `<key>=<value>` tuples +// into a map[string]string. func ParseKeyValues(input string, out map[string]string, sep string) error { if out == nil { return fmt.Errorf("'out is nil") @@ -97,8 +98,8 @@ func ParseKeyValues(input string, out map[string]string, sep string) error { return nil } -// Parses arbitrary <key,value> tuples. The input can be one of -// the following: +// ParseArbitraryKeyValues parses arbitrary <key,value> tuples. The input +// can be one of the following: // * JSON string // * Base64 encoded JSON string // * Comma separated list of `<key>=<value>` pairs @@ -144,8 +145,8 @@ func ParseArbitraryKeyValues(input string, out map[string]string, sep string) er return nil } -// Parses a `sep`-separated list of strings into a -// []string. +// ParseStringSlice parses a `sep`-separated list of strings into a +// []string with surrounding whitespace removed. // // The output will always be a valid slice but may be of length zero. func ParseStringSlice(input string, sep string) []string { @@ -157,14 +158,14 @@ func ParseStringSlice(input string, sep string) []string { splitStr := strings.Split(input, sep) ret := make([]string, len(splitStr)) for i, val := range splitStr { - ret[i] = val + ret[i] = strings.TrimSpace(val) } return ret } -// Parses arbitrary string slice. The input can be one of -// the following: +// ParseArbitraryStringSlice parses arbitrary string slice. The input +// can be one of the following: // * JSON string // * Base64 encoded JSON string // * `sep` separated list of values @@ -215,8 +216,9 @@ func TrimStrings(items []string) []string { return ret } -// Removes duplicate and empty elements from a slice of strings. This also may -// convert the items in the slice to lower case and returns a sorted slice. +// RemoveDuplicates removes duplicate and empty elements from a slice of +// strings. This also may convert the items in the slice to lower case and +// returns a sorted slice. func RemoveDuplicates(items []string, lowercase bool) []string { itemsMap := map[string]bool{} for _, item := range items { @@ -230,7 +232,7 @@ func RemoveDuplicates(items []string, lowercase bool) []string { itemsMap[item] = true } items = make([]string, 0, len(itemsMap)) - for item, _ := range itemsMap { + for item := range itemsMap { items = append(items, item) } sort.Strings(items) @@ -260,10 +262,10 @@ func EquivalentSlices(a, b []string) bool { // Now we'll build our checking slices var sortedA, sortedB []string - for keyA, _ := range mapA { + for keyA := range mapA { sortedA = append(sortedA, keyA) } - for keyB, _ := range mapB { + for keyB := range mapB { sortedB = append(sortedB, keyB) } sort.Strings(sortedA) @@ -299,6 +301,8 @@ func StrListDelete(s []string, d string) []string { return s } +// GlobbedStringsMatch compares item to val with support for a leading and/or +// trailing wildcard '*' in item. func GlobbedStringsMatch(item, val string) bool { if len(item) < 2 { return val == item @@ -325,3 +329,20 @@ func AppendIfMissing(slice []string, i string) []string { } return append(slice, i) } + +// MergeSlices adds an arbitrary number of slices together, uniquely +func MergeSlices(args ...[]string) []string { + all := map[string]struct{}{} + for _, slice := range args { + for _, v := range slice { + all[v] = struct{}{} + } + } + + result := make([]string, 0, len(all)) + for k, _ := range all { + result = append(result, k) + } + sort.Strings(result) + return result +} diff --git a/vendor/github.com/mitchellh/go-homedir/homedir.go b/vendor/github.com/mitchellh/go-homedir/homedir.go index acbb605d..fb87bef9 100644 --- a/vendor/github.com/mitchellh/go-homedir/homedir.go +++ b/vendor/github.com/mitchellh/go-homedir/homedir.go @@ -141,14 +141,16 @@ func dirWindows() (string, error) { return home, nil } + // Prefer standard environment variable USERPROFILE + if home := os.Getenv("USERPROFILE"); home != "" { + return home, nil + } + drive := os.Getenv("HOMEDRIVE") path := os.Getenv("HOMEPATH") home := drive + path if drive == "" || path == "" { - home = os.Getenv("USERPROFILE") - } - if home == "" { - return "", errors.New("HOMEDRIVE, HOMEPATH, and USERPROFILE are blank") + return "", errors.New("HOMEDRIVE, HOMEPATH, or USERPROFILE are blank") } return home, nil diff --git a/vendor/github.com/spf13/pflag/bytes.go b/vendor/github.com/spf13/pflag/bytes.go index 12c58db9..67d53045 100644 --- a/vendor/github.com/spf13/pflag/bytes.go +++ b/vendor/github.com/spf13/pflag/bytes.go @@ -1,6 +1,7 @@ package pflag import ( + "encoding/base64" "encoding/hex" "fmt" "strings" @@ -9,10 +10,12 @@ import ( // BytesHex adapts []byte for use as a flag. Value of flag is HEX encoded type bytesHexValue []byte +// String implements pflag.Value.String. func (bytesHex bytesHexValue) String() string { return fmt.Sprintf("%X", []byte(bytesHex)) } +// Set implements pflag.Value.Set. func (bytesHex *bytesHexValue) Set(value string) error { bin, err := hex.DecodeString(strings.TrimSpace(value)) @@ -25,6 +28,7 @@ func (bytesHex *bytesHexValue) Set(value string) error { return nil } +// Type implements pflag.Value.Type. func (*bytesHexValue) Type() string { return "bytesHex" } @@ -103,3 +107,103 @@ func BytesHex(name string, value []byte, usage string) *[]byte { func BytesHexP(name, shorthand string, value []byte, usage string) *[]byte { return CommandLine.BytesHexP(name, shorthand, value, usage) } + +// BytesBase64 adapts []byte for use as a flag. Value of flag is Base64 encoded +type bytesBase64Value []byte + +// String implements pflag.Value.String. +func (bytesBase64 bytesBase64Value) String() string { + return base64.StdEncoding.EncodeToString([]byte(bytesBase64)) +} + +// Set implements pflag.Value.Set. +func (bytesBase64 *bytesBase64Value) Set(value string) error { + bin, err := base64.StdEncoding.DecodeString(strings.TrimSpace(value)) + + if err != nil { + return err + } + + *bytesBase64 = bin + + return nil +} + +// Type implements pflag.Value.Type. +func (*bytesBase64Value) Type() string { + return "bytesBase64" +} + +func newBytesBase64Value(val []byte, p *[]byte) *bytesBase64Value { + *p = val + return (*bytesBase64Value)(p) +} + +func bytesBase64ValueConv(sval string) (interface{}, error) { + + bin, err := base64.StdEncoding.DecodeString(sval) + if err == nil { + return bin, nil + } + + return nil, fmt.Errorf("invalid string being converted to Bytes: %s %s", sval, err) +} + +// GetBytesBase64 return the []byte value of a flag with the given name +func (f *FlagSet) GetBytesBase64(name string) ([]byte, error) { + val, err := f.getFlagType(name, "bytesBase64", bytesBase64ValueConv) + + if err != nil { + return []byte{}, err + } + + return val.([]byte), nil +} + +// BytesBase64Var defines an []byte flag with specified name, default value, and usage string. +// The argument p points to an []byte variable in which to store the value of the flag. +func (f *FlagSet) BytesBase64Var(p *[]byte, name string, value []byte, usage string) { + f.VarP(newBytesBase64Value(value, p), name, "", usage) +} + +// BytesBase64VarP is like BytesBase64Var, but accepts a shorthand letter that can be used after a single dash. +func (f *FlagSet) BytesBase64VarP(p *[]byte, name, shorthand string, value []byte, usage string) { + f.VarP(newBytesBase64Value(value, p), name, shorthand, usage) +} + +// BytesBase64Var defines an []byte flag with specified name, default value, and usage string. +// The argument p points to an []byte variable in which to store the value of the flag. +func BytesBase64Var(p *[]byte, name string, value []byte, usage string) { + CommandLine.VarP(newBytesBase64Value(value, p), name, "", usage) +} + +// BytesBase64VarP is like BytesBase64Var, but accepts a shorthand letter that can be used after a single dash. +func BytesBase64VarP(p *[]byte, name, shorthand string, value []byte, usage string) { + CommandLine.VarP(newBytesBase64Value(value, p), name, shorthand, usage) +} + +// BytesBase64 defines an []byte flag with specified name, default value, and usage string. +// The return value is the address of an []byte variable that stores the value of the flag. +func (f *FlagSet) BytesBase64(name string, value []byte, usage string) *[]byte { + p := new([]byte) + f.BytesBase64VarP(p, name, "", value, usage) + return p +} + +// BytesBase64P is like BytesBase64, but accepts a shorthand letter that can be used after a single dash. +func (f *FlagSet) BytesBase64P(name, shorthand string, value []byte, usage string) *[]byte { + p := new([]byte) + f.BytesBase64VarP(p, name, shorthand, value, usage) + return p +} + +// BytesBase64 defines an []byte flag with specified name, default value, and usage string. +// The return value is the address of an []byte variable that stores the value of the flag. +func BytesBase64(name string, value []byte, usage string) *[]byte { + return CommandLine.BytesBase64P(name, "", value, usage) +} + +// BytesBase64P is like BytesBase64, but accepts a shorthand letter that can be used after a single dash. +func BytesBase64P(name, shorthand string, value []byte, usage string) *[]byte { + return CommandLine.BytesBase64P(name, shorthand, value, usage) +} diff --git a/vendor/github.com/spf13/pflag/flag.go b/vendor/github.com/spf13/pflag/flag.go index 5eadc84e..5cc710cc 100644 --- a/vendor/github.com/spf13/pflag/flag.go +++ b/vendor/github.com/spf13/pflag/flag.go @@ -990,11 +990,12 @@ func (f *FlagSet) parseLongArg(s string, args []string, fn parseFunc) (a []strin } func (f *FlagSet) parseSingleShortArg(shorthands string, args []string, fn parseFunc) (outShorts string, outArgs []string, err error) { + outArgs = args + if strings.HasPrefix(shorthands, "test.") { return } - outArgs = args outShorts = shorthands[1:] c := shorthands[0] |