From a50193cf7dc8868c71f6ea3d2f988616cb8850eb Mon Sep 17 00:00:00 2001 From: Dave Henderson Date: Sun, 3 Mar 2019 16:03:00 -0500 Subject: Upgrading dependencies Signed-off-by: Dave Henderson --- .../github.com/aws/aws-sdk-go/aws/client/logger.go | 6 + .../aws/aws-sdk-go/aws/ec2metadata/service.go | 3 + .../aws/aws-sdk-go/aws/endpoints/defaults.go | 129 +++++- .../aws-sdk-go/aws/session/cabundle_transport.go | 26 ++ .../aws/session/cabundle_transport_1_5.go | 22 + .../aws/session/cabundle_transport_1_6.go | 23 ++ .../aws/aws-sdk-go/aws/session/session.go | 5 +- vendor/github.com/aws/aws-sdk-go/aws/version.go | 2 +- .../aws/aws-sdk-go/private/protocol/rest/build.go | 7 +- .../github.com/aws/aws-sdk-go/service/ec2/api.go | 442 +++++++++++++++++---- .../github.com/aws/aws-sdk-go/service/ssm/api.go | 251 +++++++++++- vendor/github.com/hashicorp/vault/api/client.go | 32 ++ .../hashicorp/vault/api/output_string.go | 69 ++++ .../github.com/hashicorp/vault/api/sys_health.go | 1 + .../github.com/hashicorp/vault/api/sys_mounts.go | 2 + .../hashicorp/vault/helper/consts/replication.go | 35 +- .../hashicorp/vault/helper/strutil/strutil.go | 30 +- vendor/github.com/pierrec/lz4/block.go | 68 +--- vendor/github.com/pierrec/lz4/decode_amd64.go | 8 + vendor/github.com/pierrec/lz4/decode_amd64.s | 375 +++++++++++++++++ vendor/github.com/pierrec/lz4/decode_other.go | 95 +++++ 21 files changed, 1471 insertions(+), 160 deletions(-) create mode 100644 vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport.go create mode 100644 vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_5.go create mode 100644 vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_6.go create mode 100644 vendor/github.com/hashicorp/vault/api/output_string.go create mode 100644 vendor/github.com/pierrec/lz4/decode_amd64.go create mode 100644 vendor/github.com/pierrec/lz4/decode_amd64.s create mode 100644 vendor/github.com/pierrec/lz4/decode_other.go (limited to 'vendor/github.com') diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go b/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go index ce9fb896..7b5e1276 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go @@ -118,6 +118,12 @@ var LogHTTPResponseHandler = request.NamedHandler{ func logResponse(r *request.Request) { lw := &logWriter{r.Config.Logger, bytes.NewBuffer(nil)} + if r.HTTPResponse == nil { + lw.Logger.Log(fmt.Sprintf(logRespErrMsg, + r.ClientInfo.ServiceName, r.Operation.Name, "request's HTTPResponse is nil")) + return + } + logBody := r.Config.LogLevel.Matches(aws.LogDebugWithHTTPBody) if logBody { r.HTTPResponse.Body = &teeReaderCloser{ diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go index 7d1f66e4..f4438eae 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go @@ -92,6 +92,9 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio svc.Handlers.Send.SwapNamed(request.NamedHandler{ Name: corehandlers.SendHandler.Name, Fn: func(r *request.Request) { + r.HTTPResponse = &http.Response{ + Header: http.Header{}, + } r.Error = awserr.New( request.CanceledErrorCode, "EC2 IMDS access disabled via "+disableServiceEnvVar+" env var", diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index 97486c32..5d024dc8 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -321,9 +321,33 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "api-fips.sagemaker.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "api-fips.sagemaker.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "api-fips.sagemaker.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "api-fips.sagemaker.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "apigateway": service{ @@ -383,6 +407,7 @@ var awsPartition = partition{ }, Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, @@ -479,6 +504,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -873,7 +899,9 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, @@ -940,6 +968,7 @@ var awsPartition = partition{ "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, @@ -991,6 +1020,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -1191,6 +1221,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1293,11 +1324,17 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips": endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "events": service{ @@ -1586,6 +1623,12 @@ var awsPartition = partition{ "kms": service{ Endpoints: endpoints{ + "ProdFips": endpoint{ + Hostname: "kms-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1625,6 +1668,22 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "license-manager": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "lightsail": service{ Endpoints: endpoints{ @@ -1840,6 +1899,12 @@ var awsPartition = partition{ "neptune": service{ Endpoints: endpoints{ + "ap-northeast-1": endpoint{ + Hostname: "rds.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, "ap-southeast-1": endpoint{ Hostname: "rds.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1960,6 +2025,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -2018,6 +2084,8 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, @@ -2079,11 +2147,18 @@ var awsPartition = partition{ }, Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -2469,6 +2544,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -2851,6 +2927,7 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, @@ -3206,6 +3283,12 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "gamelift": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + }, + }, "glacier": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -3486,6 +3569,12 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "athena": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "autoscaling": service{ Endpoints: endpoints{ @@ -3663,6 +3752,12 @@ var awsusgovPartition = partition{ "es": service{ Endpoints: endpoints{ + "fips": endpoint{ + Hostname: "es-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -3689,6 +3784,12 @@ var awsusgovPartition = partition{ }, }, }, + "glue": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "guardduty": service{ IsRegionalized: boxedTrue, Defaults: endpoint{ @@ -3738,6 +3839,12 @@ var awsusgovPartition = partition{ "kms": service{ Endpoints: endpoints{ + "ProdFips": endpoint{ + Hostname: "kms-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -3973,5 +4080,11 @@ var awsusgovPartition = partition{ }, }, }, + "workspaces": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, }, } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport.go b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport.go new file mode 100644 index 00000000..ea9ebb6f --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport.go @@ -0,0 +1,26 @@ +// +build go1.7 + +package session + +import ( + "net" + "net/http" + "time" +) + +// Transport that should be used when a custom CA bundle is specified with the +// SDK. +func getCABundleTransport() *http.Transport { + return &http.Transport{ + Proxy: http.ProxyFromEnvironment, + DialContext: (&net.Dialer{ + Timeout: 30 * time.Second, + KeepAlive: 30 * time.Second, + DualStack: true, + }).DialContext, + MaxIdleConns: 100, + IdleConnTimeout: 90 * time.Second, + TLSHandshakeTimeout: 10 * time.Second, + ExpectContinueTimeout: 1 * time.Second, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_5.go b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_5.go new file mode 100644 index 00000000..fec39dfc --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_5.go @@ -0,0 +1,22 @@ +// +build !go1.6,go1.5 + +package session + +import ( + "net" + "net/http" + "time" +) + +// Transport that should be used when a custom CA bundle is specified with the +// SDK. +func getCABundleTransport() *http.Transport { + return &http.Transport{ + Proxy: http.ProxyFromEnvironment, + Dial: (&net.Dialer{ + Timeout: 30 * time.Second, + KeepAlive: 30 * time.Second, + }).Dial, + TLSHandshakeTimeout: 10 * time.Second, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_6.go b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_6.go new file mode 100644 index 00000000..1c5a5391 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_6.go @@ -0,0 +1,23 @@ +// +build !go1.7,go1.6 + +package session + +import ( + "net" + "net/http" + "time" +) + +// Transport that should be used when a custom CA bundle is specified with the +// SDK. +func getCABundleTransport() *http.Transport { + return &http.Transport{ + Proxy: http.ProxyFromEnvironment, + Dial: (&net.Dialer{ + Timeout: 30 * time.Second, + KeepAlive: 30 * time.Second, + }).Dial, + TLSHandshakeTimeout: 10 * time.Second, + ExpectContinueTimeout: 1 * time.Second, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go index 9bdbafd6..be4b5f07 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go @@ -407,7 +407,10 @@ func loadCustomCABundle(s *Session, bundle io.Reader) error { } } if t == nil { - t = &http.Transport{} + // Nil transport implies `http.DefaultTransport` should be used. Since + // the SDK cannot modify, nor copy the `DefaultTransport` specifying + // the values the next closest behavior. + t = getCABundleTransport() } p, err := loadCertPool(bundle) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index dceb53d6..c1b6a9ef 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.16.30" +const SDKVersion = "1.17.9" diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go index b34f5258..b80f84fb 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go @@ -155,6 +155,9 @@ func buildHeader(header *http.Header, v reflect.Value, name string, tag reflect. return awserr.New("SerializationError", "failed to encode REST request", err) } + name = strings.TrimSpace(name) + str = strings.TrimSpace(str) + header.Add(name, str) return nil @@ -170,8 +173,10 @@ func buildHeaderMap(header *http.Header, v reflect.Value, tag reflect.StructTag) return awserr.New("SerializationError", "failed to encode REST request", err) } + keyStr := strings.TrimSpace(key.String()) + str = strings.TrimSpace(str) - header.Add(prefix+key.String(), str) + header.Add(prefix+keyStr, str) } return nil } diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index 62c1a7cc..7b68164e 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -3142,7 +3142,7 @@ func (c *EC2) CopySnapshotRequest(input *CopySnapshotInput) (req *request.Reques // CopySnapshot API operation for Amazon Elastic Compute Cloud. // // Copies a point-in-time snapshot of an EBS volume and stores it in Amazon -// S3. You can copy the snapshot within the same region or from one region to +// S3. You can copy the snapshot within the same Region or from one Region to // another. You can use the snapshot to create EBS volumes or Amazon Machine // Images (AMIs). The snapshot is copied to the regional endpoint that you send // the HTTP request to. @@ -5160,9 +5160,8 @@ func (c *EC2) CreateReservedInstancesListingRequest(input *CreateReservedInstanc // listing at a time. To get a list of your Standard Reserved Instances, you // can use the DescribeReservedInstances operation. // -// Only Standard Reserved Instances with a capacity reservation can be sold -// in the Reserved Instance Marketplace. Convertible Reserved Instances and -// Standard Reserved Instances with a regional benefit cannot be sold. +// Only Standard Reserved Instances can be sold in the Reserved Instance Marketplace. +// Convertible Reserved Instances cannot be sold. // // The Reserved Instance Marketplace matches sellers who want to resell Standard // Reserved Instance capacity that they no longer need with buyers who want @@ -15558,9 +15557,9 @@ func (c *EC2) DescribeSnapshotsRequest(input *DescribeSnapshotsInput) (req *requ // DescribeSnapshots API operation for Amazon Elastic Compute Cloud. // // Describes one or more of the EBS snapshots available to you. Available snapshots -// include public snapshots available for any AWS account to launch, private -// snapshots that you own, and private snapshots owned by another AWS account -// but for which you've been given explicit create volume permissions. +// include public snapshots available for use by any AWS account, private snapshots +// that you own, and private snapshots owned by another AWS account for which +// you've been given explicit create volume permissions. // // The create volume permissions fall into the following categories: // @@ -22263,6 +22262,80 @@ func (c *EC2) ModifyInstanceCreditSpecificationWithContext(ctx aws.Context, inpu return out, req.Send() } +const opModifyInstanceEventStartTime = "ModifyInstanceEventStartTime" + +// ModifyInstanceEventStartTimeRequest generates a "aws/request.Request" representing the +// client's request for the ModifyInstanceEventStartTime operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyInstanceEventStartTime for more information on using the ModifyInstanceEventStartTime +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyInstanceEventStartTimeRequest method. +// req, resp := client.ModifyInstanceEventStartTimeRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyInstanceEventStartTime +func (c *EC2) ModifyInstanceEventStartTimeRequest(input *ModifyInstanceEventStartTimeInput) (req *request.Request, output *ModifyInstanceEventStartTimeOutput) { + op := &request.Operation{ + Name: opModifyInstanceEventStartTime, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyInstanceEventStartTimeInput{} + } + + output = &ModifyInstanceEventStartTimeOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyInstanceEventStartTime API operation for Amazon Elastic Compute Cloud. +// +// Modifies the start time for a scheduled Amazon EC2 instance event. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyInstanceEventStartTime for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyInstanceEventStartTime +func (c *EC2) ModifyInstanceEventStartTime(input *ModifyInstanceEventStartTimeInput) (*ModifyInstanceEventStartTimeOutput, error) { + req, out := c.ModifyInstanceEventStartTimeRequest(input) + return out, req.Send() +} + +// ModifyInstanceEventStartTimeWithContext is the same as ModifyInstanceEventStartTime with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyInstanceEventStartTime for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyInstanceEventStartTimeWithContext(ctx aws.Context, input *ModifyInstanceEventStartTimeInput, opts ...request.Option) (*ModifyInstanceEventStartTimeOutput, error) { + req, out := c.ModifyInstanceEventStartTimeRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyInstancePlacement = "ModifyInstancePlacement" // ModifyInstancePlacementRequest generates a "aws/request.Request" representing the @@ -32178,8 +32251,8 @@ func (s *ClientData) SetUploadStart(v time.Time) *ClientData { // Describes the authentication methods used by a Client VPN endpoint. Client // VPN supports Active Directory and mutual authentication. For more information, -// see Authentication (vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) -// in the AWS Client VPN Admin Guide. +// see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) +// in the AWS Client VPN Administrator Guide. type ClientVpnAuthentication struct { _ struct{} `type:"structure"` @@ -32223,8 +32296,8 @@ func (s *ClientVpnAuthentication) SetType(v string) *ClientVpnAuthentication { // Describes the authentication method to be used by a Client VPN endpoint. // Client VPN supports Active Directory and mutual authentication. For more -// information, see Authentication (vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) -// in the AWS Client VPN Admin Guide. +// information, see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) +// in the AWS Client VPN Administrator Guide. type ClientVpnAuthenticationRequest struct { _ struct{} `type:"structure"` @@ -32476,7 +32549,9 @@ type ClientVpnEndpoint struct { // Information about the associated target networks. A target network is a subnet // in a VPC. - AssociatedTargetNetworks []*AssociatedTargetNetwork `locationName:"associatedTargetNetwork" locationNameList:"item" type:"list"` + // + // Deprecated: This property is deprecated. To view the target networks associated with a Client VPN endpoint, call DescribeClientVpnTargetNetworks and inspect the clientVpnTargetNetworks response element. + AssociatedTargetNetworks []*AssociatedTargetNetwork `locationName:"associatedTargetNetwork" locationNameList:"item" deprecated:"true" type:"list"` // Information about the authentication method used by the Client VPN endpoint. AuthenticationOptions []*ClientVpnAuthentication `locationName:"authenticationOptions" locationNameList:"item" type:"list"` @@ -32495,17 +32570,18 @@ type ClientVpnEndpoint struct { // The date and time the Client VPN endpoint was created. CreationTime *string `locationName:"creationTime" type:"string"` - // The date and time the Client VPN endpoint was deleted, if applicable. Information - // about deleted Client VPN endpoints is retained for 24 hours, unless a new - // Client VPN is created with the same name. + // The date and time the Client VPN endpoint was deleted, if applicable. DeletionTime *string `locationName:"deletionTime" type:"string"` // A brief description of the endpoint. Description *string `locationName:"description" type:"string"` - // The DNS name to be used by clients when establishing a connection. + // The DNS name to be used by clients when connecting to the Client VPN endpoint. DnsName *string `locationName:"dnsName" type:"string"` + // Information about the DNS servers to be used for DNS resolution. + DnsServers []*string `locationName:"dnsServer" locationNameList:"item" type:"list"` + // The ARN of the server certificate. ServerCertificateArn *string `locationName:"serverCertificateArn" type:"string"` @@ -32515,6 +32591,9 @@ type ClientVpnEndpoint struct { // The current state of the Client VPN endpoint. Status *ClientVpnEndpointStatus `locationName:"status" type:"structure"` + // Any tags assigned to the Client VPN endpoint. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + // The transport protocol used by the Client VPN endpoint. TransportProtocol *string `locationName:"transportProtocol" type:"string" enum:"TransportProtocol"` @@ -32586,6 +32665,12 @@ func (s *ClientVpnEndpoint) SetDnsName(v string) *ClientVpnEndpoint { return s } +// SetDnsServers sets the DnsServers field's value. +func (s *ClientVpnEndpoint) SetDnsServers(v []*string) *ClientVpnEndpoint { + s.DnsServers = v + return s +} + // SetServerCertificateArn sets the ServerCertificateArn field's value. func (s *ClientVpnEndpoint) SetServerCertificateArn(v string) *ClientVpnEndpoint { s.ServerCertificateArn = &v @@ -32604,6 +32689,12 @@ func (s *ClientVpnEndpoint) SetStatus(v *ClientVpnEndpointStatus) *ClientVpnEndp return s } +// SetTags sets the Tags field's value. +func (s *ClientVpnEndpoint) SetTags(v []*Tag) *ClientVpnEndpoint { + s.Tags = v + return s +} + // SetTransportProtocol sets the TransportProtocol field's value. func (s *ClientVpnEndpoint) SetTransportProtocol(v string) *ClientVpnEndpoint { s.TransportProtocol = &v @@ -33419,13 +33510,13 @@ type CopySnapshotInput struct { // A description for the EBS snapshot. Description *string `type:"string"` - // The destination region to use in the PresignedUrl parameter of a snapshot + // The destination Region to use in the PresignedUrl parameter of a snapshot // copy operation. This parameter is only valid for specifying the destination - // region in a PresignedUrl parameter, where it is required. + // Region in a PresignedUrl parameter, where it is required. // // The snapshot copy is sent to the regional endpoint that you sent the HTTP // request to (for example, ec2.us-east-1.amazonaws.com). With the AWS CLI, - // this is specified using the --region parameter or the default region in your + // this is specified using the --region parameter or the default Region in your // AWS configuration file. DestinationRegion *string `locationName:"destinationRegion" type:"string"` @@ -33485,7 +33576,7 @@ type CopySnapshotInput struct { // and the snapshot will move to an error state. PresignedUrl *string `locationName:"presignedUrl" type:"string"` - // The ID of the region that contains the snapshot to be copied. + // The ID of the Region that contains the snapshot to be copied. // // SourceRegion is a required field SourceRegion *string `type:"string" required:"true"` @@ -33952,11 +34043,14 @@ type CreateClientVpnEndpointInput struct { DryRun *bool `type:"boolean"` // The ARN of the server certificate. For more information, see the AWS Certificate - // Manager User Guide (acm/latest/userguide/acm-overview.html) . + // Manager User Guide (https://docs.aws.amazon.com/acm/latest/userguide/). // // ServerCertificateArn is a required field ServerCertificateArn *string `type:"string" required:"true"` + // The tags to apply to the Client VPN endpoint during creation. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The transport protocol to be used by the VPN session. // // Default value: udp @@ -34043,6 +34137,12 @@ func (s *CreateClientVpnEndpointInput) SetServerCertificateArn(v string) *Create return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateClientVpnEndpointInput) SetTagSpecifications(v []*TagSpecification) *CreateClientVpnEndpointInput { + s.TagSpecifications = v + return s +} + // SetTransportProtocol sets the TransportProtocol field's value. func (s *CreateClientVpnEndpointInput) SetTransportProtocol(v string) *CreateClientVpnEndpointInput { s.TransportProtocol = &v @@ -34725,7 +34825,7 @@ type CreateFleetInput struct { // The end date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). // At this point, no new EC2 Fleet requests are placed or able to fulfill the - // request. The default end date is 7 days from the current date. + // request. If no value is specified, the request remains until you cancel it. ValidUntil *time.Time `type:"timestamp"` } @@ -35624,6 +35724,8 @@ type CreateLaunchTemplateInput struct { // Unique, case-sensitive identifier you provide to ensure the idempotency of // the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // + // Constraint: Maximum 128 ASCII characters. ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -35738,6 +35840,8 @@ type CreateLaunchTemplateVersionInput struct { // Unique, case-sensitive identifier you provide to ensure the idempotency of // the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // + // Constraint: Maximum 128 ASCII characters. ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -37787,8 +37891,8 @@ type CreateVolumeInput struct { // The number of I/O operations per second (IOPS) to provision for the volume, // with a maximum ratio of 50 IOPS/GiB. Range is 100 to 64,000 IOPS for volumes - // in most regions. Maximum IOPS of 64,000 is guaranteed only on Nitro-based - // instances (AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // in most Regions. Maximum IOPS of 64,000 is guaranteed only on Nitro-based + // instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). // Other instance families guarantee performance up to 32,000 IOPS. For more // information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. @@ -37850,7 +37954,7 @@ type CreateVolumeInput struct { // Defaults: If no volume type is specified, the default is standard in us-east-1, // eu-west-1, eu-central-1, us-west-2, us-west-1, sa-east-1, ap-northeast-1, // ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-south-1, us-gov-west-1, - // and cn-north-1. In all other regions, EBS defaults to gp2. + // and cn-north-1. In all other Regions, EBS defaults to gp2. VolumeType *string `type:"string" enum:"VolumeType"` } @@ -37931,17 +38035,15 @@ func (s *CreateVolumeInput) SetVolumeType(v string) *CreateVolumeInput { return s } -// Describes the user or group to be added or removed from the permissions for -// a volume. +// Describes the user or group to be added or removed from the list of create +// volume permissions for a volume. type CreateVolumePermission struct { _ struct{} `type:"structure"` - // The specific group that is to be added or removed from a volume's list of - // create volume permissions. + // The group to be added or removed. The possible value is all. Group *string `locationName:"group" type:"string" enum:"PermissionGroup"` - // The specific AWS account ID that is to be added or removed from a volume's - // list of create volume permissions. + // The AWS account ID to be added or removed. UserId *string `locationName:"userId" type:"string"` } @@ -37967,16 +38069,14 @@ func (s *CreateVolumePermission) SetUserId(v string) *CreateVolumePermission { return s } -// Describes modifications to the permissions for a volume. +// Describes modifications to the list of create volume permissions for a volume. type CreateVolumePermissionModifications struct { _ struct{} `type:"structure"` - // Adds a specific AWS account ID or group to a volume's list of create volume - // permissions. + // Adds the specified AWS account ID or group to the list. Add []*CreateVolumePermission `locationNameList:"item" type:"list"` - // Removes a specific AWS account ID or group from a volume's list of create - // volume permissions. + // Removes the specified AWS account ID or group from the list. Remove []*CreateVolumePermission `locationNameList:"item" type:"list"` } @@ -38142,10 +38242,9 @@ type CreateVpcEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // (Gateway endpoint) A policy to attach to the endpoint that controls access - // to the service. The policy must be in valid JSON format. If this parameter - // is not specified, we attach a default policy that allows full access to the - // service. + // A policy to attach to the endpoint that controls access to the service. The + // policy must be in valid JSON format. If this parameter is not specified, + // we attach a default policy that allows full access to the service. PolicyDocument *string `type:"string"` // (Interface endpoint) Indicate whether to associate a private hosted zone @@ -45531,6 +45630,9 @@ type DescribeImagesInput struct { // * block-device-mapping.volume-type - The volume type of the EBS volume // (gp2 | io1 | st1 | sc1 | standard). // + // * block-device-mapping.encrypted - A Boolean that indicates whether the + // EBS volume is encrypted. + // // * description - The description of the image (provided during image creation). // // * ena-support - A Boolean that indicates whether enhanced networking with @@ -46112,7 +46214,7 @@ type DescribeInstanceCreditSpecificationsInput struct { // remaining results, make another call with the returned NextToken value. This // value can be between 5 and 1000. You cannot specify this parameter and the // instance IDs parameter in the same call. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. NextToken *string `type:"string"` @@ -46128,6 +46230,19 @@ func (s DescribeInstanceCreditSpecificationsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstanceCreditSpecificationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstanceCreditSpecificationsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeInstanceCreditSpecificationsInput) SetDryRun(v bool) *DescribeInstanceCreditSpecificationsInput { s.DryRun = &v @@ -46209,12 +46324,18 @@ type DescribeInstanceStatusInput struct { // // * event.description - A description of the event. // + // * event.instance-event-id - The ID of the event whose date and time you + // are modifying. + // // * event.not-after - The latest end time for the scheduled event (for example, // 2014-09-15T17:15:20.000Z). // // * event.not-before - The earliest start time for the scheduled event (for // example, 2014-09-15T17:15:20.000Z). // + // * event.not-before-deadline - The deadline for starting the event (for + // example, 2014-09-15T17:15:20.000Z). + // // * instance-state-code - The code for the instance state, as a 16-bit unsigned // integer. The high byte is used for internal purposes and should be ignored. // The low byte is set based on the state represented. The valid values are @@ -49653,10 +49774,11 @@ func (s *DescribeSnapshotAttributeInput) SetSnapshotId(v string) *DescribeSnapsh type DescribeSnapshotAttributeOutput struct { _ struct{} `type:"structure"` - // A list of permissions for creating volumes from the snapshot. + // The users and groups that have the permissions for creating volumes from + // the snapshot. CreateVolumePermissions []*CreateVolumePermission `locationName:"createVolumePermission" locationNameList:"item" type:"list"` - // A list of product codes. + // The product codes. ProductCodes []*ProductCode `locationName:"productCodes" locationNameList:"item" type:"list"` // The ID of the EBS snapshot. @@ -49753,8 +49875,7 @@ type DescribeSnapshotsInput struct { // to return. NextToken *string `type:"string"` - // Returns the snapshots owned by the specified owner. Multiple owners can be - // specified. + // Describes the snapshots owned by one or more owners. OwnerIds []*string `locationName:"Owner" locationNameList:"Owner" type:"list"` // One or more AWS accounts IDs that can create volumes from the snapshot. @@ -49762,7 +49883,7 @@ type DescribeSnapshotsInput struct { // One or more snapshot IDs. // - // Default: Describes snapshots for which you have launch permissions. + // Default: Describes the snapshots for which you have create volume permissions. SnapshotIds []*string `locationName:"SnapshotId" locationNameList:"SnapshotId" type:"list"` } @@ -55011,19 +55132,16 @@ type EbsBlockDevice struct { Encrypted *bool `locationName:"encrypted" type:"boolean"` // The number of I/O operations per second (IOPS) that the volume supports. - // For io1, this represents the number of IOPS that are provisioned for the - // volume. For gp2, this represents the baseline performance of the volume and - // the rate at which the volume accumulates I/O credits for bursting. For more - // information about General Purpose SSD baseline performance, I/O credits, - // and bursting, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // For io1 volumes, this represents the number of IOPS that are provisioned + // for the volume. For gp2 volumes, this represents the baseline performance + // of the volume and the rate at which the volume accumulates I/O credits for + // bursting. For more information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // // Constraints: Range is 100-16,000 IOPS for gp2 volumes and 100 to 64,000IOPS - // for io1 volumes in most Regions. Maximum io1IOPS of 64,000 is guaranteed - // only on Nitro-based instances (AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families guarantee performance up to 32,000 IOPS. For more - // information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // for io1 volumes, in most Regions. The maximum IOPS for io1 of 64,000 is guaranteed + // only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // Other instance families guarantee performance up to 32,000 IOPS. // // Condition: This parameter is required for requests to create io1 volumes; // it is not used in requests to create gp2, st1, sc1, or standard volumes. @@ -55881,10 +55999,6 @@ type EventInformation struct { // * iamFleetRoleInvalid - The Spot Fleet did not have the required permissions // either to launch or terminate an instance. // - // * launchSpecTemporarilyBlacklisted - The configuration is not valid and - // several attempts to launch instances have failed. For more information, - // see the description of the event. - // // * spotFleetRequestConfigurationInvalid - The configuration is not valid. // For more information, see the description of the event. // @@ -55929,6 +56043,10 @@ type EventInformation struct { // // The following are the Information events: // + // * launchSpecTemporarilyBlacklisted - The configuration is not valid and + // several attempts to launch instances have failed. For more information, + // see the description of the event. + // // * launchSpecUnusable - The price in a launch specification is not valid // because it is below the Spot price or the Spot price is above the On-Demand // price. @@ -59549,8 +59667,8 @@ type ImportClientVpnClientCertificateRevocationListInput struct { _ struct{} `type:"structure"` // The client certificate revocation list file. For more information, see Generate - // a Client Certificate Revocation List (vpn/latest/clientvpn-admin/cvpn-working-certificates.html#cvpn-working-certificates-generate) - // in the AWS Client VPN Admin Guide. + // a Client Certificate Revocation List (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-working-certificates.html#cvpn-working-certificates-generate) + // in the AWS Client VPN Administrator Guide. // // CertificateRevocationList is a required field CertificateRevocationList *string `type:"string" required:"true"` @@ -59709,7 +59827,16 @@ type ImportImageInput struct { // see Prerequisites (https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html#prerequisites-image) // in the VM Import/Export User Guide. // - // Valid values: AWS | BYOL + // Valid values include: + // + // * Auto - Detects the source-system operating system (OS) and applies the + // appropriate license. + // + // * AWS - Replaces the source-system license with an AWS license, if appropriate. + // + // * BYOL - Retains the source-system license, if appropriate. + // + // Default value: Auto LicenseType *string `type:"string"` // The operating system of the virtual machine. @@ -62192,8 +62319,17 @@ func (s *InstancePrivateIpAddress) SetPrivateIpAddress(v string) *InstancePrivat type InstanceState struct { _ struct{} `type:"structure"` - // The low byte represents the state. The high byte is used for internal purposes - // and should be ignored. + // The state of the instance as a 16-bit unsigned integer. + // + // The high byte is all of the bits between 2^8 and (2^16)-1, which equals decimal + // values between 256 and 65,535. These numerical values are used for internal + // purposes and should be ignored. + // + // The low byte is all of the bits between 2^0 and (2^8)-1, which equals decimal + // values between 0 and 255. + // + // The valid values for instance-state-code will all be in the range of the + // low byte and they are: // // * 0 : pending // @@ -62206,6 +62342,9 @@ type InstanceState struct { // * 64 : stopping // // * 80 : stopped + // + // You can ignore the high byte value by zeroing out all of the bits above 2^8 + // or 256 in decimal. Code *int64 `locationName:"code" type:"integer"` // The current state of the instance. @@ -62406,11 +62545,17 @@ type InstanceStatusEvent struct { // following text: [Completed]. Description *string `locationName:"description" type:"string"` + // The ID of the event. + InstanceEventId *string `locationName:"instanceEventId" type:"string"` + // The latest scheduled end time for the event. NotAfter *time.Time `locationName:"notAfter" type:"timestamp"` // The earliest scheduled start time for the event. NotBefore *time.Time `locationName:"notBefore" type:"timestamp"` + + // The deadline for starting the event. + NotBeforeDeadline *time.Time `locationName:"notBeforeDeadline" type:"timestamp"` } // String returns the string representation @@ -62435,6 +62580,12 @@ func (s *InstanceStatusEvent) SetDescription(v string) *InstanceStatusEvent { return s } +// SetInstanceEventId sets the InstanceEventId field's value. +func (s *InstanceStatusEvent) SetInstanceEventId(v string) *InstanceStatusEvent { + s.InstanceEventId = &v + return s +} + // SetNotAfter sets the NotAfter field's value. func (s *InstanceStatusEvent) SetNotAfter(v time.Time) *InstanceStatusEvent { s.NotAfter = &v @@ -62447,6 +62598,12 @@ func (s *InstanceStatusEvent) SetNotBefore(v time.Time) *InstanceStatusEvent { return s } +// SetNotBeforeDeadline sets the NotBeforeDeadline field's value. +func (s *InstanceStatusEvent) SetNotBeforeDeadline(v time.Time) *InstanceStatusEvent { + s.NotBeforeDeadline = &v + return s +} + // Describes the status of an instance. type InstanceStatusSummary struct { _ struct{} `type:"structure"` @@ -66253,6 +66410,107 @@ func (s *ModifyInstanceCreditSpecificationOutput) SetUnsuccessfulInstanceCreditS return s } +type ModifyInstanceEventStartTimeInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the event whose date and time you are modifying. + // + // InstanceEventId is a required field + InstanceEventId *string `type:"string" required:"true"` + + // The ID of the instance with the scheduled event. + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` + + // The new date and time when the event will take place. + // + // NotBefore is a required field + NotBefore *time.Time `type:"timestamp" required:"true"` +} + +// String returns the string representation +func (s ModifyInstanceEventStartTimeInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyInstanceEventStartTimeInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyInstanceEventStartTimeInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyInstanceEventStartTimeInput"} + if s.InstanceEventId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceEventId")) + } + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + if s.NotBefore == nil { + invalidParams.Add(request.NewErrParamRequired("NotBefore")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyInstanceEventStartTimeInput) SetDryRun(v bool) *ModifyInstanceEventStartTimeInput { + s.DryRun = &v + return s +} + +// SetInstanceEventId sets the InstanceEventId field's value. +func (s *ModifyInstanceEventStartTimeInput) SetInstanceEventId(v string) *ModifyInstanceEventStartTimeInput { + s.InstanceEventId = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *ModifyInstanceEventStartTimeInput) SetInstanceId(v string) *ModifyInstanceEventStartTimeInput { + s.InstanceId = &v + return s +} + +// SetNotBefore sets the NotBefore field's value. +func (s *ModifyInstanceEventStartTimeInput) SetNotBefore(v time.Time) *ModifyInstanceEventStartTimeInput { + s.NotBefore = &v + return s +} + +type ModifyInstanceEventStartTimeOutput struct { + _ struct{} `type:"structure"` + + // Describes a scheduled event for an instance. + Event *InstanceStatusEvent `locationName:"event" type:"structure"` +} + +// String returns the string representation +func (s ModifyInstanceEventStartTimeOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyInstanceEventStartTimeOutput) GoString() string { + return s.String() +} + +// SetEvent sets the Event field's value. +func (s *ModifyInstanceEventStartTimeOutput) SetEvent(v *InstanceStatusEvent) *ModifyInstanceEventStartTimeOutput { + s.Event = v + return s +} + type ModifyInstancePlacementInput struct { _ struct{} `type:"structure"` @@ -66369,6 +66627,8 @@ type ModifyLaunchTemplateInput struct { // Unique, case-sensitive identifier you provide to ensure the idempotency of // the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // + // Constraint: Maximum 128 ASCII characters. ClientToken *string `type:"string"` // The version number of the launch template to set as the default version. @@ -67448,8 +67708,9 @@ type ModifyVpcEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // (Gateway endpoint) A policy document to attach to the endpoint. The policy - // must be in valid JSON format. + // A policy to attach to the endpoint that controls access to the service. The + // policy must be in valid JSON format. If this parameter is not specified, + // we attach a default policy that allows full access to the service. PolicyDocument *string `type:"string"` // (Interface endpoint) Indicate whether a private hosted zone is associated @@ -75383,6 +75644,9 @@ type RunInstancesInput struct { // You cannot specify this option and the option to assign specific IPv6 addresses // in the same request. You can specify this option if you've specified a minimum // number of instances to launch. + // + // You cannot specify this option and the network interfaces option in the same + // request. Ipv6AddressCount *int64 `type:"integer"` // [EC2-VPC] Specify one or more IPv6 addresses from the range of the subnet @@ -75390,6 +75654,9 @@ type RunInstancesInput struct { // option and the option to assign a number of IPv6 addresses in the same request. // You cannot specify this option if you've specified a minimum number of instances // to launch. + // + // You cannot specify this option and the network interfaces option in the same + // request. Ipv6Addresses []*InstanceIpv6Address `locationName:"Ipv6Address" locationNameList:"item" type:"list"` // The ID of the kernel. @@ -75442,6 +75709,9 @@ type RunInstancesInput struct { Monitoring *RunInstancesMonitoringEnabled `type:"structure"` // One or more network interfaces. + // + // You cannot specify this option and the network interfaces option in the same + // request. NetworkInterfaces []*InstanceNetworkInterfaceSpecification `locationName:"networkInterface" locationNameList:"item" type:"list"` // The placement for the instance. @@ -75454,6 +75724,9 @@ type RunInstancesInput struct { // this option if you've specified the option to designate a private IP address // as the primary IP address in a network interface specification. You cannot // specify this option if you're launching more than one instance in the request. + // + // You cannot specify this option and the network interfaces option in the same + // request. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` // The ID of the RAM disk. @@ -75466,15 +75739,24 @@ type RunInstancesInput struct { // One or more security group IDs. You can create a security group using CreateSecurityGroup. // // Default: Amazon EC2 uses the default security group. + // + // You cannot specify this option and the network interfaces option in the same + // request. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` // [EC2-Classic, default VPC] One or more security group names. For a nondefault // VPC, you must use security group IDs instead. // + // You cannot specify this option and the network interfaces option in the same + // request. + // // Default: Amazon EC2 uses the default security group. SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"SecurityGroup" type:"list"` // [EC2-VPC] The ID of the subnet to launch the instance into. + // + // You cannot specify this option and the network interfaces option in the same + // request. SubnetId *string `type:"string"` // The tags to apply to the resources during launch. You can only tag instances @@ -78470,7 +78752,8 @@ type SpotFleetRequestConfigData struct { // The end date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). // At this point, no new Spot Instance requests are placed or able to fulfill - // the request. The default end date is 7 days from the current date. + // the request. If no value is specified, the Spot Fleet request remains until + // you cancel it. ValidUntil *time.Time `locationName:"validUntil" type:"timestamp"` } @@ -82465,17 +82748,14 @@ type Volume struct { // For Provisioned IOPS SSD volumes, this represents the number of IOPS that // are provisioned for the volume. For General Purpose SSD volumes, this represents // the baseline performance of the volume and the rate at which the volume accumulates - // I/O credits for bursting. For more information about General Purpose SSD - // baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types + // I/O credits for bursting. For more information, see Amazon EBS Volume Types // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // // Constraints: Range is 100-16,000 IOPS for gp2 volumes and 100 to 64,000IOPS - // for io1 volumes in most regions. Maximum io1IOPS of 64,000 is guaranteed - // only on Nitro-based instances (AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families guarantee performance up to 32,000 IOPS. For more - // information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // for io1 volumes, in most Regions. The maximum IOPS for io1 of 64,000 is guaranteed + // only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // Other instance families guarantee performance up to 32,000 IOPS. // // Condition: This parameter is required for requests to create io1 volumes; // it is not used in requests to create gp2, st1, sc1, or standard volumes. @@ -85536,6 +85816,9 @@ const ( // InstanceTypeM524xlarge is a InstanceType enum value InstanceTypeM524xlarge = "m5.24xlarge" + // InstanceTypeM5Metal is a InstanceType enum value + InstanceTypeM5Metal = "m5.metal" + // InstanceTypeM5aLarge is a InstanceType enum value InstanceTypeM5aLarge = "m5a.large" @@ -85572,6 +85855,9 @@ const ( // InstanceTypeM5d24xlarge is a InstanceType enum value InstanceTypeM5d24xlarge = "m5d.24xlarge" + // InstanceTypeM5dMetal is a InstanceType enum value + InstanceTypeM5dMetal = "m5d.metal" + // InstanceTypeH12xlarge is a InstanceType enum value InstanceTypeH12xlarge = "h1.2xlarge" @@ -85602,6 +85888,9 @@ const ( // InstanceTypeZ1d12xlarge is a InstanceType enum value InstanceTypeZ1d12xlarge = "z1d.12xlarge" + // InstanceTypeZ1dMetal is a InstanceType enum value + InstanceTypeZ1dMetal = "z1d.metal" + // InstanceTypeU6tb1Metal is a InstanceType enum value InstanceTypeU6tb1Metal = "u-6tb1.metal" @@ -86009,6 +86298,9 @@ const ( ) const ( + // ResourceTypeClientVpnEndpoint is a ResourceType enum value + ResourceTypeClientVpnEndpoint = "client-vpn-endpoint" + // ResourceTypeCustomerGateway is a ResourceType enum value ResourceTypeCustomerGateway = "customer-gateway" diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go b/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go index db90e623..d495447d 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go @@ -999,8 +999,8 @@ func (c *SSM) CreateResourceDataSyncRequest(input *CreateResourceDataSyncInput) // By default, data is not encrypted in Amazon S3. We strongly recommend that // you enable encryption in Amazon S3 to ensure secure data storage. We also // recommend that you secure access to the Amazon S3 bucket by creating a restrictive -// bucket policy. To view an example of a restrictive Amazon S3 bucket policy -// for Resource Data Sync, see Create a Resource Data Sync for Inventory (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-inventory-datasync-create.html) +// bucket policy. For more information, see Configuring Resource Data Sync for +// Inventory (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-inventory-datasync.html) // in the AWS Systems Manager User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -10945,6 +10945,9 @@ type Activation struct { // The number of managed instances already registered with this activation. RegistrationsCount *int64 `min:"1" type:"integer"` + + // Tags assigned to the activation. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -11011,6 +11014,12 @@ func (s *Activation) SetRegistrationsCount(v int64) *Activation { return s } +// SetTags sets the Tags field's value. +func (s *Activation) SetTags(v []*Tag) *Activation { + s.Tags = v + return s +} + type AddTagsToResourceInput struct { _ struct{} `type:"structure"` @@ -14135,6 +14144,30 @@ type CreateActivationInput struct { // Specify the maximum number of managed instances you want to register. The // default value is 1 instance. RegistrationLimit *int64 `min:"1" type:"integer"` + + // Optional metadata that you assign to a resource. Tags enable you to categorize + // a resource in different ways, such as by purpose, owner, or environment. + // For example, you might want to tag an activation to identify which servers + // or virtual machines (VMs) in your on-premises environment you intend to activate. + // In this case, you could specify the following key name/value pairs: + // + // * Key=OS,Value=Windows + // + // * Key=Environment,Value=Production + // + // When you install SSM Agent on your on-premises servers and VMs, you specify + // an activation ID and code. When you specify the activation ID and code, tags + // assigned to the activation are automatically applied to the on-premises servers + // or VMs. + // + // You can't add tags to or delete tags from an existing activation. You can + // tag your on-premises servers and VMs after they connect to Systems Manager + // for the first time and are assigned a managed instance ID. This means they + // are listed in the AWS Systems Manager console with an ID that is prefixed + // with "mi-". For information about how to add tags to your managed instances, + // see AddTagsToResource. For information about how to remove tags from your + // managed instances, see RemoveTagsFromResource. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -14156,6 +14189,16 @@ func (s *CreateActivationInput) Validate() error { if s.RegistrationLimit != nil && *s.RegistrationLimit < 1 { invalidParams.Add(request.NewErrParamMinValue("RegistrationLimit", 1)) } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -14193,6 +14236,12 @@ func (s *CreateActivationInput) SetRegistrationLimit(v int64) *CreateActivationI return s } +// SetTags sets the Tags field's value. +func (s *CreateActivationInput) SetTags(v []*Tag) *CreateActivationInput { + s.Tags = v + return s +} + type CreateActivationOutput struct { _ struct{} `type:"structure"` @@ -14356,7 +14405,24 @@ type CreateAssociationBatchRequestEntry struct { // set MaxConcurrency to 1 so that executions proceed one at a time. MaxErrors *string `min:"1" type:"string"` - // The name of the configuration document. + // The name of the SSM document that contains the configuration information + // for the instance. You can specify Command, Policy, or Automation documents. + // + // You can specify AWS-predefined documents, documents you created, or a document + // that is shared with you from another account. + // + // For SSM documents that are shared with you from other AWS accounts, you must + // specify the complete SSM document ARN, in the following format: + // + // arn:aws:ssm:region:account-id:document/document-name + // + // For example: + // + // arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document + // + // For AWS-predefined documents and SSM documents you created in your account, + // you only need to specify the document name. For example, AWS-ApplyPatchBaseline + // or My-Document. // // Name is a required field Name *string `type:"string" required:"true"` @@ -14542,7 +14608,24 @@ type CreateAssociationInput struct { // set MaxConcurrency to 1 so that executions proceed one at a time. MaxErrors *string `min:"1" type:"string"` - // The name of the Systems Manager document. + // The name of the SSM document that contains the configuration information + // for the instance. You can specify Command, Policy, or Automation documents. + // + // You can specify AWS-predefined documents, documents you created, or a document + // that is shared with you from another account. + // + // For SSM documents that are shared with you from other AWS accounts, you must + // specify the complete SSM document ARN, in the following format: + // + // arn:partition:ssm:region:account-id:document/document-name + // + // For example: + // + // arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document + // + // For AWS-predefined documents and SSM documents you created in your account, + // you only need to specify the document name. For example, AWS-ApplyPatchBaseline + // or My-Document. // // Name is a required field Name *string `type:"string" required:"true"` @@ -14739,6 +14822,19 @@ type CreateDocumentInput struct { // Name is a required field Name *string `type:"string" required:"true"` + // Optional metadata that you assign to a resource. Tags enable you to categorize + // a resource in different ways, such as by purpose, owner, or environment. + // For example, you might want to tag an SSM document to identify the types + // of targets or the environment where it will run. In this case, you could + // specify the following key name/value pairs: + // + // * Key=OS,Value=Windows + // + // * Key=Environment,Value=Production + // + // To add tags to an existing SSM document, use the AddTagsToResource action. + Tags []*Tag `type:"list"` + // Specify a target type to define the kinds of resources the document can run // on. For example, to run a document on EC2 instances, specify the following // value: /AWS::EC2::Instance. If you specify a value of '/' the document can @@ -14786,6 +14882,16 @@ func (s *CreateDocumentInput) Validate() error { } } } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -14823,6 +14929,12 @@ func (s *CreateDocumentInput) SetName(v string) *CreateDocumentInput { return s } +// SetTags sets the Tags field's value. +func (s *CreateDocumentInput) SetTags(v []*Tag) *CreateDocumentInput { + s.Tags = v + return s +} + // SetTargetType sets the TargetType field's value. func (s *CreateDocumentInput) SetTargetType(v string) *CreateDocumentInput { s.TargetType = &v @@ -14915,6 +15027,22 @@ type CreateMaintenanceWindowInput struct { // Window to become active. StartDate allows you to delay activation of the // Maintenance Window until the specified future date. StartDate *string `type:"string"` + + // Optional metadata that you assign to a resource. Tags enable you to categorize + // a resource in different ways, such as by purpose, owner, or environment. + // For example, you might want to tag a Maintenance Window to identify the type + // of tasks it will run, the types of targets, and the environment it will run + // in. In this case, you could specify the following key name/value pairs: + // + // * Key=TaskType,Value=AgentUpdate + // + // * Key=OS,Value=Windows + // + // * Key=Environment,Value=Production + // + // To add tags to an existing Maintenance Window, use the AddTagsToResource + // action. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -14960,6 +15088,16 @@ func (s *CreateMaintenanceWindowInput) Validate() error { if s.Schedule != nil && len(*s.Schedule) < 1 { invalidParams.Add(request.NewErrParamMinLen("Schedule", 1)) } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -15027,6 +15165,12 @@ func (s *CreateMaintenanceWindowInput) SetStartDate(v string) *CreateMaintenance return s } +// SetTags sets the Tags field's value. +func (s *CreateMaintenanceWindowInput) SetTags(v []*Tag) *CreateMaintenanceWindowInput { + s.Tags = v + return s +} + type CreateMaintenanceWindowOutput struct { _ struct{} `type:"structure"` @@ -15080,7 +15224,7 @@ type CreatePatchBaselineInput struct { // A description of the patch baseline. Description *string `min:"1" type:"string"` - // A set of global filters used to exclude patches from the baseline. + // A set of global filters used to include patches in the baseline. GlobalFilters *PatchFilterGroup `type:"structure"` // The name of the patch baseline. @@ -15118,6 +15262,19 @@ type CreatePatchBaselineInput struct { // Information about the patches to use to update the instances, including target // operating systems and source repositories. Applies to Linux instances only. Sources []*PatchSource `type:"list"` + + // Optional metadata that you assign to a resource. Tags enable you to categorize + // a resource in different ways, such as by purpose, owner, or environment. + // For example, you might want to tag a patch baseline to identify the severity + // level of patches it specifies and the operating system family it applies + // to. In this case, you could specify the following key name/value pairs: + // + // * Key=PatchSeverity,Value=Critical + // + // * Key=OS,Value=Windows + // + // To add tags to an existing patch baseline, use the AddTagsToResource action. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -15165,6 +15322,16 @@ func (s *CreatePatchBaselineInput) Validate() error { } } } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -15244,6 +15411,12 @@ func (s *CreatePatchBaselineInput) SetSources(v []*PatchSource) *CreatePatchBase return s } +// SetTags sets the Tags field's value. +func (s *CreatePatchBaselineInput) SetTags(v []*Tag) *CreatePatchBaselineInput { + s.Tags = v + return s +} + type CreatePatchBaselineOutput struct { _ struct{} `type:"structure"` @@ -16668,8 +16841,8 @@ type DescribeAssociationInput struct { // Specify the association version to retrieve. To view the latest version, // either specify $LATEST for this parameter, or omit this parameter. To view - // a list of all associations for an instance, use ListInstanceAssociations. - // To get a list of versions for a specific association, use ListAssociationVersions. + // a list of all associations for an instance, use ListAssociations. To get + // a list of versions for a specific association, use ListAssociationVersions. AssociationVersion *string `type:"string"` // The instance ID. @@ -28193,6 +28366,8 @@ func (s *PatchComplianceData) SetTitle(v string) *PatchComplianceData { // // * WindowsServer2016 // +// * WindowsServer2019 +// // * * // // Use a wildcard character (*) to target all supported operating system versions. @@ -28409,6 +28584,10 @@ func (s *PatchComplianceData) SetTitle(v string) *PatchComplianceData { // // * RedhatEnterpriseLinux7.4 // +// * RedhatEnterpriseLinux7.5 +// +// * RedhatEnterpriseLinux7.6 +// // * * // // Use a wildcard character (*) to target all supported operating system versions. @@ -28531,6 +28710,10 @@ func (s *PatchComplianceData) SetTitle(v string) *PatchComplianceData { // // * CentOS7.4 // +// * CentOS7.5 +// +// * CentOS7.6 +// // * * // // Use a wildcard character (*) to target all supported operating system versions. @@ -29374,6 +29557,23 @@ type PutParameterInput struct { // Overwrite an existing parameter. If not specified, will default to "false". Overwrite *bool `type:"boolean"` + // Optional metadata that you assign to a resource. Tags enable you to categorize + // a resource in different ways, such as by purpose, owner, or environment. + // For example, you might want to tag a Systems Manager parameter to identify + // the type of resource to which it applies, the environment, or the type of + // configuration data referenced by the parameter. In this case, you could specify + // the following key name/value pairs: + // + // * Key=Resource,Value=S3bucket + // + // * Key=OS,Value=Windows + // + // * Key=ParameterType,Value=LicenseKey + // + // To add tags to an existing Systems Manager parameter, use the AddTagsToResource + // action. + Tags []*Tag `type:"list"` + // The type of parameter that you want to add to the system. // // Items in a StringList must be separated by a comma (,). You can't use other @@ -29423,6 +29623,16 @@ func (s *PutParameterInput) Validate() error { if s.Value != nil && len(*s.Value) < 1 { invalidParams.Add(request.NewErrParamMinLen("Value", 1)) } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -29460,6 +29670,12 @@ func (s *PutParameterInput) SetOverwrite(v bool) *PutParameterInput { return s } +// SetTags sets the Tags field's value. +func (s *PutParameterInput) SetTags(v []*Tag) *PutParameterInput { + s.Tags = v + return s +} + // SetType sets the Type field's value. func (s *PutParameterInput) SetType(v string) *PutParameterInput { s.Type = &v @@ -32459,7 +32675,24 @@ type UpdateAssociationInput struct { // set MaxConcurrency to 1 so that executions proceed one at a time. MaxErrors *string `min:"1" type:"string"` - // The name of the association document. + // The name of the SSM document that contains the configuration information + // for the instance. You can specify Command, Policy, or Automation documents. + // + // You can specify AWS-predefined documents, documents you created, or a document + // that is shared with you from another account. + // + // For SSM documents that are shared with you from other AWS accounts, you must + // specify the complete SSM document ARN, in the following format: + // + // arn:aws:ssm:region:account-id:document/document-name + // + // For example: + // + // arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document + // + // For AWS-predefined documents and SSM documents you created in your account, + // you only need to specify the document name. For example, AWS-ApplyPatchBaseline + // or My-Document. Name *string `type:"string"` // An Amazon S3 bucket where you want to store the results of this request. @@ -33888,7 +34121,7 @@ type UpdatePatchBaselineInput struct { // A description of the patch baseline. Description *string `min:"1" type:"string"` - // A set of global filters used to exclude patches from the baseline. + // A set of global filters used to include patches in the baseline. GlobalFilters *PatchFilterGroup `type:"structure"` // The name of the patch baseline. diff --git a/vendor/github.com/hashicorp/vault/api/client.go b/vendor/github.com/hashicorp/vault/api/client.go index 136b730a..80ccd7d5 100644 --- a/vendor/github.com/hashicorp/vault/api/client.go +++ b/vendor/github.com/hashicorp/vault/api/client.go @@ -84,6 +84,14 @@ type Config struct { // then that limiter will be used. Note that an empty Limiter // is equivalent blocking all events. Limiter *rate.Limiter + + // OutputCurlString causes the actual request to return an error of type + // *OutputStringError. Type asserting the error message will allow + // fetching a cURL-compatible string for the operation. + // + // Note: It is not thread-safe to set this and make concurrent requests + // with the same client. Cloning a client will not clone this value. + OutputCurlString bool } // TLSConfig contains the parameters needed to configure TLS on the HTTP client @@ -438,6 +446,24 @@ func (c *Client) SetClientTimeout(timeout time.Duration) { c.config.Timeout = timeout } +func (c *Client) OutputCurlString() bool { + c.modifyLock.RLock() + c.config.modifyLock.RLock() + defer c.config.modifyLock.RUnlock() + c.modifyLock.RUnlock() + + return c.config.OutputCurlString +} + +func (c *Client) SetOutputCurlString(curl bool) { + c.modifyLock.RLock() + c.config.modifyLock.Lock() + defer c.config.modifyLock.Unlock() + c.modifyLock.RUnlock() + + c.config.OutputCurlString = curl +} + // CurrentWrappingLookupFunc sets a lookup function that returns desired wrap TTLs // for a given operation and path func (c *Client) CurrentWrappingLookupFunc() WrappingLookupFunc { @@ -662,6 +688,7 @@ func (c *Client) RawRequestWithContext(ctx context.Context, r *Request) (*Respon backoff := c.config.Backoff httpClient := c.config.HttpClient timeout := c.config.Timeout + outputCurlString := c.config.OutputCurlString c.config.modifyLock.RUnlock() c.modifyLock.RUnlock() @@ -688,6 +715,11 @@ START: return nil, fmt.Errorf("nil request created") } + if outputCurlString { + LastOutputStringError = &OutputStringError{Request: req} + return nil, LastOutputStringError + } + if timeout != 0 { ctx, _ = context.WithTimeout(ctx, timeout) } diff --git a/vendor/github.com/hashicorp/vault/api/output_string.go b/vendor/github.com/hashicorp/vault/api/output_string.go new file mode 100644 index 00000000..ebfdad6c --- /dev/null +++ b/vendor/github.com/hashicorp/vault/api/output_string.go @@ -0,0 +1,69 @@ +package api + +import ( + "fmt" + "strings" + + retryablehttp "github.com/hashicorp/go-retryablehttp" +) + +const ( + ErrOutputStringRequest = "output a string, please" +) + +var ( + LastOutputStringError *OutputStringError +) + +type OutputStringError struct { + *retryablehttp.Request + parsingError error + parsedCurlString string +} + +func (d *OutputStringError) Error() string { + if d.parsedCurlString == "" { + d.parseRequest() + if d.parsingError != nil { + return d.parsingError.Error() + } + } + + return ErrOutputStringRequest +} + +func (d *OutputStringError) parseRequest() { + body, err := d.Request.BodyBytes() + if err != nil { + d.parsingError = err + return + } + + // Build cURL string + d.parsedCurlString = "curl " + d.parsedCurlString = fmt.Sprintf("%s-X %s ", d.parsedCurlString, d.Request.Method) + for k, v := range d.Request.Header { + for _, h := range v { + if strings.ToLower(k) == "x-vault-token" { + h = `$(vault print token)` + } + d.parsedCurlString = fmt.Sprintf("%s-H \"%s: %s\" ", d.parsedCurlString, k, h) + } + } + + if len(body) > 0 { + // We need to escape single quotes since that's what we're using to + // quote the body + escapedBody := strings.Replace(string(body), "'", "'\"'\"'", -1) + d.parsedCurlString = fmt.Sprintf("%s-d '%s' ", d.parsedCurlString, escapedBody) + } + + d.parsedCurlString = fmt.Sprintf("%s%s", d.parsedCurlString, d.Request.URL.String()) +} + +func (d *OutputStringError) CurlString() string { + if d.parsedCurlString == "" { + d.parseRequest() + } + return d.parsedCurlString +} diff --git a/vendor/github.com/hashicorp/vault/api/sys_health.go b/vendor/github.com/hashicorp/vault/api/sys_health.go index e4c60d44..d5d77960 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_health.go +++ b/vendor/github.com/hashicorp/vault/api/sys_health.go @@ -30,6 +30,7 @@ type HealthResponse struct { Initialized bool `json:"initialized"` Sealed bool `json:"sealed"` Standby bool `json:"standby"` + PerformanceStandby bool `json:"performance_standby"` ReplicationPerformanceMode string `json:"replication_performance_mode"` ReplicationDRMode string `json:"replication_dr_mode"` ServerTimeUTC int64 `json:"server_time_utc"` diff --git a/vendor/github.com/hashicorp/vault/api/sys_mounts.go b/vendor/github.com/hashicorp/vault/api/sys_mounts.go index f5993c70..993a1b67 100644 --- a/vendor/github.com/hashicorp/vault/api/sys_mounts.go +++ b/vendor/github.com/hashicorp/vault/api/sys_mounts.go @@ -151,6 +151,7 @@ type MountConfigInput struct { AuditNonHMACResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"` ListingVisibility string `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"` PassthroughRequestHeaders []string `json:"passthrough_request_headers,omitempty" mapstructure:"passthrough_request_headers"` + AllowedResponseHeaders []string `json:"allowed_response_headers,omitempty" mapstructure:"allowed_response_headers"` TokenType string `json:"token_type,omitempty" mapstructure:"token_type"` // Deprecated: This field will always be blank for newer server responses. @@ -175,6 +176,7 @@ type MountConfigOutput struct { AuditNonHMACResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"` ListingVisibility string `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"` PassthroughRequestHeaders []string `json:"passthrough_request_headers,omitempty" mapstructure:"passthrough_request_headers"` + AllowedResponseHeaders []string `json:"allowed_response_headers,omitempty" mapstructure:"allowed_response_headers"` TokenType string `json:"token_type,omitempty" mapstructure:"token_type"` // Deprecated: This field will always be blank for newer server responses. diff --git a/vendor/github.com/hashicorp/vault/helper/consts/replication.go b/vendor/github.com/hashicorp/vault/helper/consts/replication.go index bdad1552..a7e0edea 100644 --- a/vendor/github.com/hashicorp/vault/helper/consts/replication.go +++ b/vendor/github.com/hashicorp/vault/helper/consts/replication.go @@ -16,7 +16,7 @@ const ( // ensure no overlap between old and new values. ReplicationUnknown ReplicationState = 0 - ReplicationPerformancePrimary ReplicationState = 1 << iota + ReplicationPerformancePrimary ReplicationState = 1 << iota // Note -- iota is 5 here! ReplicationPerformanceSecondary OldSplitReplicationBootstrapping ReplicationDRPrimary @@ -51,6 +51,39 @@ func (r ReplicationState) string() string { return "unknown" } +func (r ReplicationState) StateStrings() []string { + var ret []string + if r.HasState(ReplicationPerformanceSecondary) { + ret = append(ret, "perf-secondary") + } + if r.HasState(ReplicationPerformancePrimary) { + ret = append(ret, "perf-primary") + } + if r.HasState(ReplicationPerformanceBootstrapping) { + ret = append(ret, "perf-bootstrapping") + } + if r.HasState(ReplicationPerformanceDisabled) { + ret = append(ret, "perf-disabled") + } + if r.HasState(ReplicationDRPrimary) { + ret = append(ret, "dr-primary") + } + if r.HasState(ReplicationDRSecondary) { + ret = append(ret, "dr-secondary") + } + if r.HasState(ReplicationDRBootstrapping) { + ret = append(ret, "dr-bootstrapping") + } + if r.HasState(ReplicationDRDisabled) { + ret = append(ret, "dr-disabled") + } + if r.HasState(ReplicationPerformanceStandby) { + ret = append(ret, "perfstandby") + } + + return ret +} + func (r ReplicationState) GetDRString() string { switch { case r.HasState(ReplicationDRBootstrapping): diff --git a/vendor/github.com/hashicorp/vault/helper/strutil/strutil.go b/vendor/github.com/hashicorp/vault/helper/strutil/strutil.go index f5bf00a9..3b54b720 100644 --- a/vendor/github.com/hashicorp/vault/helper/strutil/strutil.go +++ b/vendor/github.com/hashicorp/vault/helper/strutil/strutil.go @@ -301,6 +301,24 @@ func EquivalentSlices(a, b []string) bool { return true } +// EqualStringMaps tests whether two map[string]string objects are equal. +// Equal means both maps have the same sets of keys and values. This function +// is 6-10x faster than a call to reflect.DeepEqual(). +func EqualStringMaps(a, b map[string]string) bool { + if len(a) != len(b) { + return false + } + + for k := range a { + v, ok := b[k] + if !ok || a[k] != v { + return false + } + } + + return true +} + // StrListDelete removes the first occurrence of the given item from the slice // of strings if the item exists. func StrListDelete(s []string, d string) []string { @@ -367,9 +385,19 @@ func MergeSlices(args ...[]string) []string { // result will also remove any duplicated values in set A regardless of whether // that matches any values in set B. func Difference(a, b []string, lowercase bool) []string { - if len(a) == 0 || len(b) == 0 { + if len(a) == 0 { return a } + if len(b) == 0 { + if !lowercase { + return a + } + newA := make([]string, len(a)) + for i, v := range a { + newA[i] = strings.ToLower(v) + } + return newA + } a = RemoveDuplicates(a, lowercase) b = RemoveDuplicates(b, lowercase) diff --git a/vendor/github.com/pierrec/lz4/block.go b/vendor/github.com/pierrec/lz4/block.go index 07863cef..d96e0e76 100644 --- a/vendor/github.com/pierrec/lz4/block.go +++ b/vendor/github.com/pierrec/lz4/block.go @@ -30,75 +30,17 @@ func CompressBlockBound(n int) int { // The destination buffer must be sized appropriately. // // An error is returned if the source data is invalid or the destination buffer is too small. -func UncompressBlock(src, dst []byte) (si int, err error) { - defer func() { - // It is now faster to let the runtime panic and recover on out of bound slice access - // than checking indices as we go along. - if recover() != nil { - err = ErrInvalidSourceShortBuffer - } - }() +func UncompressBlock(src, dst []byte) (di int, err error) { sn := len(src) if sn == 0 { return 0, nil } - var di int - - for { - // Literals and match lengths (token). - b := int(src[si]) - si++ - - // Literals. - if lLen := b >> 4; lLen > 0 { - if lLen == 0xF { - for src[si] == 0xFF { - lLen += 0xFF - si++ - } - lLen += int(src[si]) - si++ - } - i := si - si += lLen - di += copy(dst[di:di+si-i], src[i:si]) - if si >= sn { - return di, nil - } - } - - si++ - _ = src[si] // Bound check elimination. - offset := int(src[si-1]) | int(src[si])<<8 - si++ - - // Match. - mLen := b & 0xF - if mLen == 0xF { - for src[si] == 0xFF { - mLen += 0xFF - si++ - } - mLen += int(src[si]) - si++ - } - mLen += minMatch - - // Copy the match. - i := di - offset - if offset > 0 && mLen >= offset { - // Efficiently copy the match dst[di-offset:di] into the dst slice. - bytesToCopy := offset * (mLen / offset) - expanded := dst[i:] - for n := offset; n <= bytesToCopy+offset; n *= 2 { - copy(expanded[n:], expanded[:n]) - } - di += bytesToCopy - mLen -= bytesToCopy - } - di += copy(dst[di:di+mLen], dst[i:i+mLen]) + di = decodeBlock(dst, src) + if di < 0 { + return 0, ErrInvalidSourceShortBuffer } + return di, nil } // CompressBlock compresses the source buffer into the destination one. diff --git a/vendor/github.com/pierrec/lz4/decode_amd64.go b/vendor/github.com/pierrec/lz4/decode_amd64.go new file mode 100644 index 00000000..43cc14fb --- /dev/null +++ b/vendor/github.com/pierrec/lz4/decode_amd64.go @@ -0,0 +1,8 @@ +// +build !appengine +// +build gc +// +build !noasm + +package lz4 + +//go:noescape +func decodeBlock(dst, src []byte) int diff --git a/vendor/github.com/pierrec/lz4/decode_amd64.s b/vendor/github.com/pierrec/lz4/decode_amd64.s new file mode 100644 index 00000000..20fef397 --- /dev/null +++ b/vendor/github.com/pierrec/lz4/decode_amd64.s @@ -0,0 +1,375 @@ +// +build !appengine +// +build gc +// +build !noasm + +#include "textflag.h" + +// AX scratch +// BX scratch +// CX scratch +// DX token +// +// DI &dst +// SI &src +// R8 &dst + len(dst) +// R9 &src + len(src) +// R11 &dst +// R12 short output end +// R13 short input end +// func decodeBlock(dst, src []byte) int +// using 50 bytes of stack currently +TEXT ·decodeBlock(SB), NOSPLIT, $64-56 + MOVQ dst_base+0(FP), DI + MOVQ DI, R11 + MOVQ dst_len+8(FP), R8 + ADDQ DI, R8 + + MOVQ src_base+24(FP), SI + MOVQ src_len+32(FP), R9 + ADDQ SI, R9 + + // shortcut ends + // short output end + MOVQ R8, R12 + SUBQ $32, R12 + // short input end + MOVQ R9, R13 + SUBQ $16, R13 + +loop: + // for si < len(src) + CMPQ SI, R9 + JGE end + + // token := uint32(src[si]) + MOVBQZX (SI), DX + INCQ SI + + // lit_len = token >> 4 + // if lit_len > 0 + // CX = lit_len + MOVQ DX, CX + SHRQ $4, CX + + // if lit_len != 0xF + CMPQ CX, $0xF + JEQ lit_len_loop_pre + CMPQ DI, R12 + JGE lit_len_loop_pre + CMPQ SI, R13 + JGE lit_len_loop_pre + + // copy shortcut + + // A two-stage shortcut for the most common case: + // 1) If the literal length is 0..14, and there is enough space, + // enter the shortcut and copy 16 bytes on behalf of the literals + // (in the fast mode, only 8 bytes can be safely copied this way). + // 2) Further if the match length is 4..18, copy 18 bytes in a similar + // manner; but we ensure that there's enough space in the output for + // those 18 bytes earlier, upon entering the shortcut (in other words, + // there is a combined check for both stages). + + // copy literal + MOVOU (SI), X0 + MOVOU X0, (DI) + ADDQ CX, DI + ADDQ CX, SI + + MOVQ DX, CX + ANDQ $0xF, CX + + // The second stage: prepare for match copying, decode full info. + // If it doesn't work out, the info won't be wasted. + // offset := uint16(data[:2]) + MOVWQZX (SI), DX + ADDQ $2, SI + + MOVQ DI, AX + SUBQ DX, AX + CMPQ AX, DI + JGT err_short_buf + + // if we can't do the second stage then jump straight to read the + // match length, we already have the offset. + CMPQ CX, $0xF + JEQ match_len_loop_pre + CMPQ DX, $8 + JLT match_len_loop_pre + CMPQ AX, R11 + JLT err_short_buf + + // memcpy(op + 0, match + 0, 8); + MOVQ (AX), BX + MOVQ BX, (DI) + // memcpy(op + 8, match + 8, 8); + MOVQ 8(AX), BX + MOVQ BX, 8(DI) + // memcpy(op +16, match +16, 2); + MOVW 16(AX), BX + MOVW BX, 16(DI) + + ADDQ $4, DI // minmatch + ADDQ CX, DI + + // shortcut complete, load next token + JMP loop + +lit_len_loop_pre: + // if lit_len > 0 + CMPQ CX, $0 + JEQ offset + CMPQ CX, $0xF + JNE copy_literal + +lit_len_loop: + // for src[si] == 0xFF + CMPB (SI), $0xFF + JNE lit_len_finalise + + // bounds check src[si+1] + MOVQ SI, AX + ADDQ $1, AX + CMPQ AX, R9 + JGT err_short_buf + + // lit_len += 0xFF + ADDQ $0xFF, CX + INCQ SI + JMP lit_len_loop + +lit_len_finalise: + // lit_len += int(src[si]) + // si++ + MOVBQZX (SI), AX + ADDQ AX, CX + INCQ SI + +copy_literal: + // bounds check src and dst + MOVQ SI, AX + ADDQ CX, AX + CMPQ AX, R9 + JGT err_short_buf + + MOVQ DI, AX + ADDQ CX, AX + CMPQ AX, R8 + JGT err_short_buf + + // whats a good cut off to call memmove? + CMPQ CX, $16 + JGT memmove_lit + + // if len(dst[di:]) < 16 + MOVQ R8, AX + SUBQ DI, AX + CMPQ AX, $16 + JLT memmove_lit + + // if len(src[si:]) < 16 + MOVQ R9, AX + SUBQ SI, AX + CMPQ AX, $16 + JLT memmove_lit + + MOVOU (SI), X0 + MOVOU X0, (DI) + + JMP finish_lit_copy + +memmove_lit: + // memmove(to, from, len) + MOVQ DI, 0(SP) + MOVQ SI, 8(SP) + MOVQ CX, 16(SP) + // spill + MOVQ DI, 24(SP) + MOVQ SI, 32(SP) + MOVQ CX, 40(SP) // need len to inc SI, DI after + MOVB DX, 48(SP) + CALL runtime·memmove(SB) + + // restore registers + MOVQ 24(SP), DI + MOVQ 32(SP), SI + MOVQ 40(SP), CX + MOVB 48(SP), DX + + // recalc initial values + MOVQ dst_base+0(FP), R8 + MOVQ R8, R11 + ADDQ dst_len+8(FP), R8 + MOVQ src_base+24(FP), R9 + ADDQ src_len+32(FP), R9 + MOVQ R8, R12 + SUBQ $32, R12 + MOVQ R9, R13 + SUBQ $16, R13 + +finish_lit_copy: + ADDQ CX, SI + ADDQ CX, DI + + CMPQ SI, R9 + JGE end + +offset: + // CX := mLen + // free up DX to use for offset + MOVQ DX, CX + + MOVQ SI, AX + ADDQ $2, AX + CMPQ AX, R9 + JGT err_short_buf + + // offset + // DX := int(src[si]) | int(src[si+1])<<8 + MOVWQZX (SI), DX + ADDQ $2, SI + + // 0 offset is invalid + CMPQ DX, $0 + JEQ err_corrupt + + ANDB $0xF, CX + +match_len_loop_pre: + // if mlen != 0xF + CMPB CX, $0xF + JNE copy_match + +match_len_loop: + // for src[si] == 0xFF + // lit_len += 0xFF + CMPB (SI), $0xFF + JNE match_len_finalise + + // bounds check src[si+1] + MOVQ SI, AX + ADDQ $1, AX + CMPQ AX, R9 + JGT err_short_buf + + ADDQ $0xFF, CX + INCQ SI + JMP match_len_loop + +match_len_finalise: + // lit_len += int(src[si]) + // si++ + MOVBQZX (SI), AX + ADDQ AX, CX + INCQ SI + +copy_match: + // mLen += minMatch + ADDQ $4, CX + + // check we have match_len bytes left in dst + // di+match_len < len(dst) + MOVQ DI, AX + ADDQ CX, AX + CMPQ AX, R8 + JGT err_short_buf + + // DX = offset + // CX = match_len + // BX = &dst + (di - offset) + MOVQ DI, BX + SUBQ DX, BX + + // check BX is within dst + // if BX < &dst + CMPQ BX, R11 + JLT err_short_buf + + // if offset + match_len < di + MOVQ BX, AX + ADDQ CX, AX + CMPQ DI, AX + JGT copy_interior_match + + // AX := len(dst[:di]) + // MOVQ DI, AX + // SUBQ R11, AX + + // copy 16 bytes at a time + // if di-offset < 16 copy 16-(di-offset) bytes to di + // then do the remaining + +copy_match_loop: + // for match_len >= 0 + // dst[di] = dst[i] + // di++ + // i++ + MOVB (BX), AX + MOVB AX, (DI) + INCQ DI + INCQ BX + DECQ CX + + CMPQ CX, $0 + JGT copy_match_loop + + JMP loop + +copy_interior_match: + CMPQ CX, $16 + JGT memmove_match + + // if len(dst[di:]) < 16 + MOVQ R8, AX + SUBQ DI, AX + CMPQ AX, $16 + JLT memmove_match + + MOVOU (BX), X0 + MOVOU X0, (DI) + + ADDQ CX, DI + JMP loop + +memmove_match: + // memmove(to, from, len) + MOVQ DI, 0(SP) + MOVQ BX, 8(SP) + MOVQ CX, 16(SP) + // spill + MOVQ DI, 24(SP) + MOVQ SI, 32(SP) + MOVQ CX, 40(SP) // need len to inc SI, DI after + CALL runtime·memmove(SB) + + // restore registers + MOVQ 24(SP), DI + MOVQ 32(SP), SI + MOVQ 40(SP), CX + + // recalc initial values + MOVQ dst_base+0(FP), R8 + MOVQ R8, R11 // TODO: make these sensible numbers + ADDQ dst_len+8(FP), R8 + MOVQ src_base+24(FP), R9 + ADDQ src_len+32(FP), R9 + MOVQ R8, R12 + SUBQ $32, R12 + MOVQ R9, R13 + SUBQ $16, R13 + + ADDQ CX, DI + JMP loop + +err_corrupt: + MOVQ $-1, ret+48(FP) + RET + +err_short_buf: + MOVQ $-2, ret+48(FP) + RET + +end: + SUBQ R11, DI + MOVQ DI, ret+48(FP) + RET diff --git a/vendor/github.com/pierrec/lz4/decode_other.go b/vendor/github.com/pierrec/lz4/decode_other.go new file mode 100644 index 00000000..b83a19a4 --- /dev/null +++ b/vendor/github.com/pierrec/lz4/decode_other.go @@ -0,0 +1,95 @@ +// +build !amd64 appengine !gc noasm + +package lz4 + +func decodeBlock(dst, src []byte) (ret int) { + defer func() { + // It is now faster to let the runtime panic and recover on out of bound slice access + // than checking indices as we go along. + if recover() != nil { + ret = -2 + } + }() + + var si, di int + for { + // Literals and match lengths (token). + b := int(src[si]) + si++ + + // Literals. + if lLen := b >> 4; lLen > 0 { + switch { + case lLen < 0xF && di+18 < len(dst) && si+16 < len(src): + // Shortcut 1 + // if we have enough room in src and dst, and the literals length + // is small enough (0..14) then copy all 16 bytes, even if not all + // are part of the literals. + copy(dst[di:], src[si:si+16]) + si += lLen + di += lLen + if mLen := b & 0xF; mLen < 0xF { + // Shortcut 2 + // if the match length (4..18) fits within the literals, then copy + // all 18 bytes, even if not all are part of the literals. + mLen += 4 + if offset := int(src[si]) | int(src[si+1])<<8; mLen <= offset { + i := di - offset + copy(dst[di:], dst[i:i+18]) + si += 2 + di += mLen + continue + } + } + case lLen == 0xF: + for src[si] == 0xFF { + lLen += 0xFF + si++ + } + lLen += int(src[si]) + si++ + fallthrough + default: + copy(dst[di:di+lLen], src[si:si+lLen]) + si += lLen + di += lLen + } + } + if si >= len(src) { + return di + } + + offset := int(src[si]) | int(src[si+1])<<8 + if offset == 0 { + return -2 + } + si += 2 + + // Match. + mLen := b & 0xF + if mLen == 0xF { + for src[si] == 0xFF { + mLen += 0xFF + si++ + } + mLen += int(src[si]) + si++ + } + mLen += minMatch + + // Copy the match. + expanded := dst[di-offset:] + if mLen > offset { + // Efficiently copy the match dst[di-offset:di] into the dst slice. + bytesToCopy := offset * (mLen / offset) + for n := offset; n <= bytesToCopy+offset; n *= 2 { + copy(expanded[n:], expanded[:n]) + } + di += bytesToCopy + mLen -= bytesToCopy + } + di += copy(dst[di:di+mLen], expanded[:mLen]) + } + + return di +} -- cgit v1.2.3