diff --git a/go.mod b/go.mod
index 6a48546..8a28424 100644
--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ require (
github.com/BurntSushi/toml v0.3.1
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883 // indirect
github.com/arolek/p v0.0.0-20191103215535-df3c295ed582
- github.com/aws/aws-sdk-go v1.25.36
+ github.com/aws/aws-sdk-go v1.34.0
github.com/dimfeld/httptreemux v5.0.1+incompatible
github.com/gdey/as v0.0.0-20200311185712-ef9afaad24bb
github.com/gdey/bastet v0.0.0-20190215003618-42f5bd747eb2
@@ -21,11 +21,10 @@ require (
github.com/jackc/fake v0.0.0-20150926172116-812a484cc733 // indirect
github.com/jackc/pgx v3.4.0+incompatible
github.com/jackc/pgx/v4 v4.7.2
- github.com/pkg/errors v0.8.1
+ github.com/pkg/errors v0.9.1
github.com/prometheus/common v0.4.1
github.com/sergi/go-diff v1.0.0 // indirect
github.com/spf13/cobra v0.0.5
github.com/spf13/pflag v1.0.5 // indirect
- golang.org/x/net v0.0.0-20191112182307-2180aed22343 // indirect
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
)
diff --git a/go.sum b/go.sum
index 2c6168d..79c84fc 100644
--- a/go.sum
+++ b/go.sum
@@ -9,8 +9,8 @@ github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo
github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
github.com/arolek/p v0.0.0-20191103215535-df3c295ed582 h1:DugKk4B3PpqfZ1QunDSPqNZDAErQmdCgwurloi1Axaw=
github.com/arolek/p v0.0.0-20191103215535-df3c295ed582/go.mod h1:JPNItmi3yb44Q5QWM+Kh5n9oeRhfcJzPNS90mbLo25U=
-github.com/aws/aws-sdk-go v1.25.36 h1:4+TL/Y2G5hsR1zdfHmjNG1ou1WEqsSWk8v7m1GaDKyo=
-github.com/aws/aws-sdk-go v1.25.36/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
+github.com/aws/aws-sdk-go v1.34.0 h1:brux2dRrlwCF5JhTL7MUT3WUwo9zfDHZZp3+g3Mvlmo=
+github.com/aws/aws-sdk-go v1.34.0/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/cockroachdb/apd v1.1.0 h1:3LFP3629v+1aKXU5Q37mxmRxX/pIu1nijXydLShEq5I=
github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
@@ -45,6 +45,7 @@ github.com/go-spatial/proj v0.2.0 h1:sii5Now3GFEyR9hV2SBJFWFz95s4xSaZmP0aYDk1K6c
github.com/go-spatial/proj v0.2.0/go.mod h1:ePHHp7ITVc4eIVW5sgG/0Eu9RMAGOQUgM/D1ZkccY+0=
github.com/go-spatial/tegola v0.9.0 h1:cYhxIJyhxmafP1l73N4/dSb3JoeM4P1tqxDyGnrYnak=
github.com/go-spatial/tegola v0.9.0/go.mod h1:9XIm2q0HldzRh69l+Ex3mBopGB6OG6dIKJt0vnX6jSY=
+github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
github.com/gofrs/uuid v3.2.0+incompatible h1:y12jRkkFxsd7GpqdSZ+/KCs/fJbqpEXSGd4+jfEaewE=
github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
@@ -117,8 +118,8 @@ github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0f
github.com/jackc/puddle v1.1.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
github.com/jackc/puddle v1.1.1 h1:PJAw7H/9hoWC4Kf3J8iNmL1SwA6E8vfsLqBiL+F6CtI=
github.com/jackc/puddle v1.1.1/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
-github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM=
-github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
+github.com/jmespath/go-jmespath v0.3.0 h1:OS12ieG61fsCg5+qLJ+SsW9NicxNkg3b25OyT2yCeUc=
+github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik=
github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
@@ -155,8 +156,9 @@ github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRW
github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
@@ -225,8 +227,8 @@ golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20191112182307-2180aed22343 h1:00ohfJ4K98s3m6BGUoBd8nyfp4Yl0GoIKvw5abItTjI=
-golang.org/x/net v0.0.0-20191112182307-2180aed22343/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200202094626-16171245cfb2 h1:CCH4IOTTfewWjGOlSp+zGcjutRKlBEZQ6wTn8ozI/nI=
+golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/arn/arn.go b/vendor/github.com/aws/aws-sdk-go/aws/arn/arn.go
new file mode 100644
index 0000000..1c49674
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/aws/arn/arn.go
@@ -0,0 +1,93 @@
+// Package arn provides a parser for interacting with Amazon Resource Names.
+package arn
+
+import (
+ "errors"
+ "strings"
+)
+
+const (
+ arnDelimiter = ":"
+ arnSections = 6
+ arnPrefix = "arn:"
+
+ // zero-indexed
+ sectionPartition = 1
+ sectionService = 2
+ sectionRegion = 3
+ sectionAccountID = 4
+ sectionResource = 5
+
+ // errors
+ invalidPrefix = "arn: invalid prefix"
+ invalidSections = "arn: not enough sections"
+)
+
+// ARN captures the individual fields of an Amazon Resource Name.
+// See http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html for more information.
+type ARN struct {
+ // The partition that the resource is in. For standard AWS regions, the partition is "aws". If you have resources in
+ // other partitions, the partition is "aws-partitionname". For example, the partition for resources in the China
+ // (Beijing) region is "aws-cn".
+ Partition string
+
+ // The service namespace that identifies the AWS product (for example, Amazon S3, IAM, or Amazon RDS). For a list of
+ // namespaces, see
+ // http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces.
+ Service string
+
+ // The region the resource resides in. Note that the ARNs for some resources do not require a region, so this
+ // component might be omitted.
+ Region string
+
+ // The ID of the AWS account that owns the resource, without the hyphens. For example, 123456789012. Note that the
+ // ARNs for some resources don't require an account number, so this component might be omitted.
+ AccountID string
+
+ // The content of this part of the ARN varies by service. It often includes an indicator of the type of resource —
+ // for example, an IAM user or Amazon RDS database - followed by a slash (/) or a colon (:), followed by the
+ // resource name itself. Some services allows paths for resource names, as described in
+ // http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arns-paths.
+ Resource string
+}
+
+// Parse parses an ARN into its constituent parts.
+//
+// Some example ARNs:
+// arn:aws:elasticbeanstalk:us-east-1:123456789012:environment/My App/MyEnvironment
+// arn:aws:iam::123456789012:user/David
+// arn:aws:rds:eu-west-1:123456789012:db:mysql-db
+// arn:aws:s3:::my_corporate_bucket/exampleobject.png
+func Parse(arn string) (ARN, error) {
+ if !strings.HasPrefix(arn, arnPrefix) {
+ return ARN{}, errors.New(invalidPrefix)
+ }
+ sections := strings.SplitN(arn, arnDelimiter, arnSections)
+ if len(sections) != arnSections {
+ return ARN{}, errors.New(invalidSections)
+ }
+ return ARN{
+ Partition: sections[sectionPartition],
+ Service: sections[sectionService],
+ Region: sections[sectionRegion],
+ AccountID: sections[sectionAccountID],
+ Resource: sections[sectionResource],
+ }, nil
+}
+
+// IsARN returns whether the given string is an ARN by looking for
+// whether the string starts with "arn:" and contains the correct number
+// of sections delimited by colons(:).
+func IsARN(arn string) bool {
+ return strings.HasPrefix(arn, arnPrefix) && strings.Count(arn, ":") >= arnSections-1
+}
+
+// String returns the canonical representation of the ARN
+func (arn ARN) String() string {
+ return arnPrefix +
+ arn.Partition + arnDelimiter +
+ arn.Service + arnDelimiter +
+ arn.Region + arnDelimiter +
+ arn.AccountID + arnDelimiter +
+ arn.Resource
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/config.go b/vendor/github.com/aws/aws-sdk-go/aws/config.go
index 93ebbcc..3b809e8 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/config.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/config.go
@@ -43,7 +43,7 @@ type Config struct {
// An optional endpoint URL (hostname only or fully qualified URI)
// that overrides the default generated endpoint for a client. Set this
- // to `""` to use the default generated endpoint.
+ // to `nil` or the value to `""` to use the default generated endpoint.
//
// Note: You must still provide a `Region` value when specifying an
// endpoint for a client.
@@ -138,7 +138,7 @@ type Config struct {
// `ExpectContinueTimeout` for information on adjusting the continue wait
// timeout. https://golang.org/pkg/net/http/#Transport
//
- // You should use this flag to disble 100-Continue if you experience issues
+ // You should use this flag to disable 100-Continue if you experience issues
// with proxies or third party S3 compatible services.
S3Disable100Continue *bool
@@ -161,6 +161,17 @@ type Config struct {
// on GetObject API calls.
S3DisableContentMD5Validation *bool
+ // Set this to `true` to have the S3 service client to use the region specified
+ // in the ARN, when an ARN is provided as an argument to a bucket parameter.
+ S3UseARNRegion *bool
+
+ // Set this to `true` to enable the SDK to unmarshal API response header maps to
+ // normalized lower case map keys.
+ //
+ // For example S3's X-Amz-Meta prefixed header will be unmarshaled to lower case
+ // Metadata member's map keys. The value of the header in the map is unaffected.
+ LowerCaseHeaderMaps *bool
+
// Set this to `true` to disable the EC2Metadata client from overriding the
// default http.Client's Timeout. This is helpful if you do not want the
// EC2Metadata client to create a new http.Client. This options is only
@@ -172,7 +183,7 @@ type Config struct {
//
// Example:
// sess := session.Must(session.NewSession(aws.NewConfig()
- // .WithEC2MetadataDiableTimeoutOverride(true)))
+ // .WithEC2MetadataDisableTimeoutOverride(true)))
//
// svc := s3.New(sess)
//
@@ -183,7 +194,7 @@ type Config struct {
// both IPv4 and IPv6 addressing.
//
// Setting this for a service which does not support dual stack will fail
- // to make requets. It is not recommended to set this value on the session
+ // to make requests. It is not recommended to set this value on the session
// as it will apply to all service clients created with the session. Even
// services which don't support dual stack endpoints.
//
@@ -227,6 +238,7 @@ type Config struct {
// EnableEndpointDiscovery will allow for endpoint discovery on operations that
// have the definition in its model. By default, endpoint discovery is off.
+ // To use EndpointDiscovery, Endpoint should be unset or set to an empty string.
//
// Example:
// sess := session.Must(session.NewSession(&aws.Config{
@@ -385,6 +397,13 @@ func (c *Config) WithS3DisableContentMD5Validation(enable bool) *Config {
}
+// WithS3UseARNRegion sets a config S3UseARNRegion value and
+// returning a Config pointer for chaining
+func (c *Config) WithS3UseARNRegion(enable bool) *Config {
+ c.S3UseARNRegion = &enable
+ return c
+}
+
// WithUseDualStack sets a config UseDualStack value returning a Config
// pointer for chaining.
func (c *Config) WithUseDualStack(enable bool) *Config {
@@ -513,6 +532,10 @@ func mergeInConfig(dst *Config, other *Config) {
dst.S3DisableContentMD5Validation = other.S3DisableContentMD5Validation
}
+ if other.S3UseARNRegion != nil {
+ dst.S3UseARNRegion = other.S3UseARNRegion
+ }
+
if other.UseDualStack != nil {
dst.UseDualStack = other.UseDualStack
}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go b/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go
index 66c5945..2f94463 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go
@@ -2,42 +2,8 @@
package aws
-import "time"
-
-// An emptyCtx is a copy of the Go 1.7 context.emptyCtx type. This is copied to
-// provide a 1.6 and 1.5 safe version of context that is compatible with Go
-// 1.7's Context.
-//
-// An emptyCtx is never canceled, has no values, and has no deadline. It is not
-// struct{}, since vars of this type must have distinct addresses.
-type emptyCtx int
-
-func (*emptyCtx) Deadline() (deadline time.Time, ok bool) {
- return
-}
-
-func (*emptyCtx) Done() <-chan struct{} {
- return nil
-}
-
-func (*emptyCtx) Err() error {
- return nil
-}
-
-func (*emptyCtx) Value(key interface{}) interface{} {
- return nil
-}
-
-func (e *emptyCtx) String() string {
- switch e {
- case backgroundCtx:
- return "aws.BackgroundContext"
- }
- return "unknown empty Context"
-}
-
-var (
- backgroundCtx = new(emptyCtx)
+import (
+ "github.com/aws/aws-sdk-go/internal/context"
)
// BackgroundContext returns a context that will never be canceled, has no
@@ -52,5 +18,5 @@ var (
//
// See https://golang.org/pkg/context for more information on Contexts.
func BackgroundContext() Context {
- return backgroundCtx
+ return context.BackgroundCtx
}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go
index 0c60e61..d95a5eb 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go
@@ -161,7 +161,7 @@ func handleSendError(r *request.Request, err error) {
}
// Catch all request errors, and let the default retrier determine
// if the error is retryable.
- r.Error = awserr.New("RequestError", "send request failed", err)
+ r.Error = awserr.New(request.ErrCodeRequestError, "send request failed", err)
// Override the error with a context canceled error, if that was canceled.
ctx := r.Context()
@@ -225,6 +225,8 @@ var ValidateEndpointHandler = request.NamedHandler{Name: "core.ValidateEndpointH
if r.ClientInfo.SigningRegion == "" && aws.StringValue(r.Config.Region) == "" {
r.Error = aws.ErrMissingRegion
} else if r.ClientInfo.Endpoint == "" {
+ // Was any endpoint provided by the user, or one was derived by the
+ // SDK's endpoint resolver?
r.Error = aws.ErrMissingEndpoint
}
}}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go
new file mode 100644
index 0000000..5852b26
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go
@@ -0,0 +1,22 @@
+// +build !go1.7
+
+package credentials
+
+import (
+ "github.com/aws/aws-sdk-go/internal/context"
+)
+
+// backgroundContext returns a context that will never be canceled, has no
+// values, and no deadline. This context is used by the SDK to provide
+// backwards compatibility with non-context API operations and functionality.
+//
+// Go 1.6 and before:
+// This context function is equivalent to context.Background in the Go stdlib.
+//
+// Go 1.7 and later:
+// The context returned will be the value returned by context.Background()
+//
+// See https://golang.org/pkg/context for more information on Contexts.
+func backgroundContext() Context {
+ return context.BackgroundCtx
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go
new file mode 100644
index 0000000..388b215
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go
@@ -0,0 +1,20 @@
+// +build go1.7
+
+package credentials
+
+import "context"
+
+// backgroundContext returns a context that will never be canceled, has no
+// values, and no deadline. This context is used by the SDK to provide
+// backwards compatibility with non-context API operations and functionality.
+//
+// Go 1.6 and before:
+// This context function is equivalent to context.Background in the Go stdlib.
+//
+// Go 1.7 and later:
+// The context returned will be the value returned by context.Background()
+//
+// See https://golang.org/pkg/context for more information on Contexts.
+func backgroundContext() Context {
+ return context.Background()
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go
new file mode 100644
index 0000000..8152a86
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go
@@ -0,0 +1,39 @@
+// +build !go1.9
+
+package credentials
+
+import "time"
+
+// Context is an copy of the Go v1.7 stdlib's context.Context interface.
+// It is represented as a SDK interface to enable you to use the "WithContext"
+// API methods with Go v1.6 and a Context type such as golang.org/x/net/context.
+//
+// This type, aws.Context, and context.Context are equivalent.
+//
+// See https://golang.org/pkg/context on how to use contexts.
+type Context interface {
+ // Deadline returns the time when work done on behalf of this context
+ // should be canceled. Deadline returns ok==false when no deadline is
+ // set. Successive calls to Deadline return the same results.
+ Deadline() (deadline time.Time, ok bool)
+
+ // Done returns a channel that's closed when work done on behalf of this
+ // context should be canceled. Done may return nil if this context can
+ // never be canceled. Successive calls to Done return the same value.
+ Done() <-chan struct{}
+
+ // Err returns a non-nil error value after Done is closed. Err returns
+ // Canceled if the context was canceled or DeadlineExceeded if the
+ // context's deadline passed. No other values for Err are defined.
+ // After Done is closed, successive calls to Err return the same value.
+ Err() error
+
+ // Value returns the value associated with this context for key, or nil
+ // if no value is associated with key. Successive calls to Value with
+ // the same key returns the same result.
+ //
+ // Use context values only for request-scoped data that transits
+ // processes and API boundaries, not for passing optional parameters to
+ // functions.
+ Value(key interface{}) interface{}
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go
new file mode 100644
index 0000000..4356edb
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go
@@ -0,0 +1,13 @@
+// +build go1.9
+
+package credentials
+
+import "context"
+
+// Context is an alias of the Go stdlib's context.Context interface.
+// It can be used within the SDK's API operation "WithContext" methods.
+//
+// This type, aws.Context, and context.Context are equivalent.
+//
+// See https://golang.org/pkg/context on how to use contexts.
+type Context = context.Context
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go
index 4af5921..9f8fd92 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go
@@ -50,10 +50,11 @@ package credentials
import (
"fmt"
- "sync"
+ "sync/atomic"
"time"
"github.com/aws/aws-sdk-go/aws/awserr"
+ "github.com/aws/aws-sdk-go/internal/sync/singleflight"
)
// AnonymousCredentials is an empty Credential object that can be used as
@@ -106,6 +107,13 @@ type Provider interface {
IsExpired() bool
}
+// ProviderWithContext is a Provider that can retrieve credentials with a Context
+type ProviderWithContext interface {
+ Provider
+
+ RetrieveWithContext(Context) (Value, error)
+}
+
// An Expirer is an interface that Providers can implement to expose the expiration
// time, if known. If the Provider cannot accurately provide this info,
// it should not implement this interface.
@@ -197,24 +205,24 @@ func (e *Expiry) ExpiresAt() time.Time {
// first instance of the credentials Value. All calls to Get() after that
// will return the cached credentials Value until IsExpired() returns true.
type Credentials struct {
- creds Value
- forceRefresh bool
-
- m sync.RWMutex
+ creds atomic.Value
+ sf singleflight.Group
provider Provider
}
// NewCredentials returns a pointer to a new Credentials with the provider set.
func NewCredentials(provider Provider) *Credentials {
- return &Credentials{
- provider: provider,
- forceRefresh: true,
+ c := &Credentials{
+ provider: provider,
}
+ c.creds.Store(Value{})
+ return c
}
-// Get returns the credentials value, or error if the credentials Value failed
-// to be retrieved.
+// GetWithContext returns the credentials value, or error if the credentials
+// Value failed to be retrieved. Will return early if the passed in context is
+// canceled.
//
// Will return the cached credentials Value if it has not expired. If the
// credentials Value has expired the Provider's Retrieve() will be called
@@ -222,31 +230,56 @@ func NewCredentials(provider Provider) *Credentials {
//
// If Credentials.Expire() was called the credentials Value will be force
// expired, and the next call to Get() will cause them to be refreshed.
-func (c *Credentials) Get() (Value, error) {
- // Check the cached credentials first with just the read lock.
- c.m.RLock()
- if !c.isExpired() {
- creds := c.creds
- c.m.RUnlock()
- return creds, nil
+//
+// Passed in Context is equivalent to aws.Context, and context.Context.
+func (c *Credentials) GetWithContext(ctx Context) (Value, error) {
+ if curCreds := c.creds.Load(); !c.isExpired(curCreds) {
+ return curCreds.(Value), nil
}
- c.m.RUnlock()
-
- // Credentials are expired need to retrieve the credentials taking the full
- // lock.
- c.m.Lock()
- defer c.m.Unlock()
-
- if c.isExpired() {
- creds, err := c.provider.Retrieve()
- if err != nil {
- return Value{}, err
- }
- c.creds = creds
- c.forceRefresh = false
+
+ // Cannot pass context down to the actual retrieve, because the first
+ // context would cancel the whole group when there is not direct
+ // association of items in the group.
+ resCh := c.sf.DoChan("", func() (interface{}, error) {
+ return c.singleRetrieve(&suppressedContext{ctx})
+ })
+ select {
+ case res := <-resCh:
+ return res.Val.(Value), res.Err
+ case <-ctx.Done():
+ return Value{}, awserr.New("RequestCanceled",
+ "request context canceled", ctx.Err())
}
+}
- return c.creds, nil
+func (c *Credentials) singleRetrieve(ctx Context) (creds interface{}, err error) {
+ if curCreds := c.creds.Load(); !c.isExpired(curCreds) {
+ return curCreds.(Value), nil
+ }
+
+ if p, ok := c.provider.(ProviderWithContext); ok {
+ creds, err = p.RetrieveWithContext(ctx)
+ } else {
+ creds, err = c.provider.Retrieve()
+ }
+ if err == nil {
+ c.creds.Store(creds)
+ }
+
+ return creds, err
+}
+
+// Get returns the credentials value, or error if the credentials Value failed
+// to be retrieved.
+//
+// Will return the cached credentials Value if it has not expired. If the
+// credentials Value has expired the Provider's Retrieve() will be called
+// to refresh the credentials.
+//
+// If Credentials.Expire() was called the credentials Value will be force
+// expired, and the next call to Get() will cause them to be refreshed.
+func (c *Credentials) Get() (Value, error) {
+ return c.GetWithContext(backgroundContext())
}
// Expire expires the credentials and forces them to be retrieved on the
@@ -255,10 +288,7 @@ func (c *Credentials) Get() (Value, error) {
// This will override the Provider's expired state, and force Credentials
// to call the Provider's Retrieve().
func (c *Credentials) Expire() {
- c.m.Lock()
- defer c.m.Unlock()
-
- c.forceRefresh = true
+ c.creds.Store(Value{})
}
// IsExpired returns if the credentials are no longer valid, and need
@@ -267,33 +297,43 @@ func (c *Credentials) Expire() {
// If the Credentials were forced to be expired with Expire() this will
// reflect that override.
func (c *Credentials) IsExpired() bool {
- c.m.RLock()
- defer c.m.RUnlock()
-
- return c.isExpired()
+ return c.isExpired(c.creds.Load())
}
// isExpired helper method wrapping the definition of expired credentials.
-func (c *Credentials) isExpired() bool {
- return c.forceRefresh || c.provider.IsExpired()
+func (c *Credentials) isExpired(creds interface{}) bool {
+ return creds == nil || creds.(Value) == Value{} || c.provider.IsExpired()
}
// ExpiresAt provides access to the functionality of the Expirer interface of
// the underlying Provider, if it supports that interface. Otherwise, it returns
// an error.
func (c *Credentials) ExpiresAt() (time.Time, error) {
- c.m.RLock()
- defer c.m.RUnlock()
-
expirer, ok := c.provider.(Expirer)
if !ok {
return time.Time{}, awserr.New("ProviderNotExpirer",
- fmt.Sprintf("provider %s does not support ExpiresAt()", c.creds.ProviderName),
+ fmt.Sprintf("provider %s does not support ExpiresAt()", c.creds.Load().(Value).ProviderName),
nil)
}
- if c.forceRefresh {
+ if c.creds.Load().(Value) == (Value{}) {
// set expiration time to the distant past
return time.Time{}, nil
}
return expirer.ExpiresAt(), nil
}
+
+type suppressedContext struct {
+ Context
+}
+
+func (s *suppressedContext) Deadline() (deadline time.Time, ok bool) {
+ return time.Time{}, false
+}
+
+func (s *suppressedContext) Done() <-chan struct{} {
+ return nil
+}
+
+func (s *suppressedContext) Err() error {
+ return nil
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go
index 43d4ed3..92af5b7 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go
@@ -7,6 +7,7 @@ import (
"strings"
"time"
+ "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/client"
"github.com/aws/aws-sdk-go/aws/credentials"
@@ -87,7 +88,14 @@ func NewCredentialsWithClient(client *ec2metadata.EC2Metadata, options ...func(*
// Error will be returned if the request fails, or unable to extract
// the desired credentials.
func (m *EC2RoleProvider) Retrieve() (credentials.Value, error) {
- credsList, err := requestCredList(m.Client)
+ return m.RetrieveWithContext(aws.BackgroundContext())
+}
+
+// RetrieveWithContext retrieves credentials from the EC2 service.
+// Error will be returned if the request fails, or unable to extract
+// the desired credentials.
+func (m *EC2RoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
+ credsList, err := requestCredList(ctx, m.Client)
if err != nil {
return credentials.Value{ProviderName: ProviderName}, err
}
@@ -97,7 +105,7 @@ func (m *EC2RoleProvider) Retrieve() (credentials.Value, error) {
}
credsName := credsList[0]
- roleCreds, err := requestCred(m.Client, credsName)
+ roleCreds, err := requestCred(ctx, m.Client, credsName)
if err != nil {
return credentials.Value{ProviderName: ProviderName}, err
}
@@ -130,8 +138,8 @@ const iamSecurityCredsPath = "iam/security-credentials/"
// requestCredList requests a list of credentials from the EC2 service.
// If there are no credentials, or there is an error making or receiving the request
-func requestCredList(client *ec2metadata.EC2Metadata) ([]string, error) {
- resp, err := client.GetMetadata(iamSecurityCredsPath)
+func requestCredList(ctx aws.Context, client *ec2metadata.EC2Metadata) ([]string, error) {
+ resp, err := client.GetMetadataWithContext(ctx, iamSecurityCredsPath)
if err != nil {
return nil, awserr.New("EC2RoleRequestError", "no EC2 instance role found", err)
}
@@ -154,8 +162,8 @@ func requestCredList(client *ec2metadata.EC2Metadata) ([]string, error) {
//
// If the credentials cannot be found, or there is an error reading the response
// and error will be returned.
-func requestCred(client *ec2metadata.EC2Metadata, credsName string) (ec2RoleCredRespBody, error) {
- resp, err := client.GetMetadata(sdkuri.PathJoin(iamSecurityCredsPath, credsName))
+func requestCred(ctx aws.Context, client *ec2metadata.EC2Metadata, credsName string) (ec2RoleCredRespBody, error) {
+ resp, err := client.GetMetadataWithContext(ctx, sdkuri.PathJoin(iamSecurityCredsPath, credsName))
if err != nil {
return ec2RoleCredRespBody{},
awserr.New("EC2RoleRequestError",
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go
index 1a7af53..785f30d 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go
@@ -116,7 +116,13 @@ func (p *Provider) IsExpired() bool {
// Retrieve will attempt to request the credentials from the endpoint the Provider
// was configured for. And error will be returned if the retrieval fails.
func (p *Provider) Retrieve() (credentials.Value, error) {
- resp, err := p.getCredentials()
+ return p.RetrieveWithContext(aws.BackgroundContext())
+}
+
+// RetrieveWithContext will attempt to request the credentials from the endpoint the Provider
+// was configured for. And error will be returned if the retrieval fails.
+func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
+ resp, err := p.getCredentials(ctx)
if err != nil {
return credentials.Value{ProviderName: ProviderName},
awserr.New("CredentialsEndpointError", "failed to load credentials", err)
@@ -148,7 +154,7 @@ type errorOutput struct {
Message string `json:"message"`
}
-func (p *Provider) getCredentials() (*getCredentialsOutput, error) {
+func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error) {
op := &request.Operation{
Name: "GetCredentials",
HTTPMethod: "GET",
@@ -156,6 +162,7 @@ func (p *Provider) getCredentials() (*getCredentialsOutput, error) {
out := &getCredentialsOutput{}
req := p.Client.NewRequest(op, nil, out)
+ req.SetContext(ctx)
req.HTTPRequest.Header.Set("Accept", "application/json")
if authToken := p.AuthorizationToken; len(authToken) != 0 {
req.HTTPRequest.Header.Set("Authorization", authToken)
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go
index 1980c8c..e624836 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go
@@ -90,6 +90,7 @@ import (
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/credentials"
+ "github.com/aws/aws-sdk-go/internal/sdkio"
)
const (
@@ -142,7 +143,7 @@ const (
// DefaultBufSize limits buffer size from growing to an enormous
// amount due to a faulty process.
- DefaultBufSize = 1024
+ DefaultBufSize = int(8 * sdkio.KibiByte)
// DefaultTimeout default limit on time a process can run.
DefaultTimeout = time.Duration(1) * time.Minute
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go
index e155149..22b5c5d 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go
@@ -17,8 +17,9 @@ var (
ErrSharedCredentialsHomeNotFound = awserr.New("UserHomeNotFound", "user home directory not found.", nil)
)
-// A SharedCredentialsProvider retrieves credentials from the current user's home
-// directory, and keeps track if those credentials are expired.
+// A SharedCredentialsProvider retrieves access key pair (access key ID,
+// secret access key, and session token if present) credentials from the current
+// user's home directory, and keeps track if those credentials are expired.
//
// Profile ini file example: $HOME/.aws/credentials
type SharedCredentialsProvider struct {
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go
index 531139e..cbba1e3 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go
@@ -19,7 +19,9 @@ type StaticProvider struct {
}
// NewStaticCredentials returns a pointer to a new Credentials object
-// wrapping a static credentials value provider.
+// wrapping a static credentials value provider. Token is only required
+// for temporary security credentials retrieved via STS, otherwise an empty
+// string can be passed for this parameter.
func NewStaticCredentials(id, secret, token string) *Credentials {
return NewCredentials(&StaticProvider{Value: Value{
AccessKeyID: id,
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go
index 2e528d1..6846ef6 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go
@@ -87,6 +87,7 @@ import (
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/client"
"github.com/aws/aws-sdk-go/aws/credentials"
+ "github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/internal/sdkrand"
"github.com/aws/aws-sdk-go/service/sts"
)
@@ -118,6 +119,10 @@ type AssumeRoler interface {
AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error)
}
+type assumeRolerWithContext interface {
+ AssumeRoleWithContext(aws.Context, *sts.AssumeRoleInput, ...request.Option) (*sts.AssumeRoleOutput, error)
+}
+
// DefaultDuration is the default amount of time in minutes that the credentials
// will be valid for.
var DefaultDuration = time.Duration(15) * time.Minute
@@ -144,6 +149,13 @@ type AssumeRoleProvider struct {
// Session name, if you wish to reuse the credentials elsewhere.
RoleSessionName string
+ // Optional, you can pass tag key-value pairs to your session. These tags are called session tags.
+ Tags []*sts.Tag
+
+ // A list of keys for session tags that you want to set as transitive.
+ // If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain.
+ TransitiveTagKeys []*string
+
// Expiry duration of the STS credentials. Defaults to 15 minutes if not set.
Duration time.Duration
@@ -157,6 +169,29 @@ type AssumeRoleProvider struct {
// size.
Policy *string
+ // The ARNs of IAM managed policies you want to use as managed session policies.
+ // The policies must exist in the same account as the role.
+ //
+ // This parameter is optional. You can provide up to 10 managed policy ARNs.
+ // However, the plain text that you use for both inline and managed session
+ // policies can't exceed 2,048 characters.
+ //
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
+ //
+ // Passing policies to this operation returns new temporary credentials. The
+ // resulting session's permissions are the intersection of the role's identity-based
+ // policy and the session policies. You can use the role's temporary credentials
+ // in subsequent AWS API calls to access resources in the account that owns
+ // the role. You cannot use session policies to grant more permissions than
+ // those allowed by the identity-based policy of the role that is being assumed.
+ // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
+ // in the IAM User Guide.
+ PolicyArns []*sts.PolicyDescriptorType
+
// The identification number of the MFA device that is associated with the user
// who is making the AssumeRole call. Specify this value if the trust policy
// of the role being assumed includes a condition that requires MFA authentication.
@@ -258,6 +293,11 @@ func NewCredentialsWithClient(svc AssumeRoler, roleARN string, options ...func(*
// Retrieve generates a new set of temporary credentials using STS.
func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) {
+ return p.RetrieveWithContext(aws.BackgroundContext())
+}
+
+// RetrieveWithContext generates a new set of temporary credentials using STS.
+func (p *AssumeRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
// Apply defaults where parameters are not set.
if p.RoleSessionName == "" {
// Try to work out a role name that will hopefully end up unique.
@@ -269,10 +309,13 @@ func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) {
}
jitter := time.Duration(sdkrand.SeededRand.Float64() * p.MaxJitterFrac * float64(p.Duration))
input := &sts.AssumeRoleInput{
- DurationSeconds: aws.Int64(int64((p.Duration - jitter) / time.Second)),
- RoleArn: aws.String(p.RoleARN),
- RoleSessionName: aws.String(p.RoleSessionName),
- ExternalId: p.ExternalID,
+ DurationSeconds: aws.Int64(int64((p.Duration - jitter) / time.Second)),
+ RoleArn: aws.String(p.RoleARN),
+ RoleSessionName: aws.String(p.RoleSessionName),
+ ExternalId: p.ExternalID,
+ Tags: p.Tags,
+ PolicyArns: p.PolicyArns,
+ TransitiveTagKeys: p.TransitiveTagKeys,
}
if p.Policy != nil {
input.Policy = p.Policy
@@ -295,7 +338,15 @@ func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) {
}
}
- roleOutput, err := p.Client.AssumeRole(input)
+ var roleOutput *sts.AssumeRoleOutput
+ var err error
+
+ if c, ok := p.Client.(assumeRolerWithContext); ok {
+ roleOutput, err = c.AssumeRoleWithContext(ctx, input)
+ } else {
+ roleOutput, err = p.Client.AssumeRole(input)
+ }
+
if err != nil {
return credentials.Value{ProviderName: ProviderName}, err
}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go
index b20b633..6feb262 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go
@@ -28,15 +28,34 @@ const (
// compare test values.
var now = time.Now
+// TokenFetcher shuold return WebIdentity token bytes or an error
+type TokenFetcher interface {
+ FetchToken(credentials.Context) ([]byte, error)
+}
+
+// FetchTokenPath is a path to a WebIdentity token file
+type FetchTokenPath string
+
+// FetchToken returns a token by reading from the filesystem
+func (f FetchTokenPath) FetchToken(ctx credentials.Context) ([]byte, error) {
+ data, err := ioutil.ReadFile(string(f))
+ if err != nil {
+ errMsg := fmt.Sprintf("unable to read file at %s", f)
+ return nil, awserr.New(ErrCodeWebIdentity, errMsg, err)
+ }
+ return data, nil
+}
+
// WebIdentityRoleProvider is used to retrieve credentials using
// an OIDC token.
type WebIdentityRoleProvider struct {
credentials.Expiry
+ PolicyArns []*sts.PolicyDescriptorType
client stsiface.STSAPI
ExpiryWindow time.Duration
- tokenFilePath string
+ tokenFetcher TokenFetcher
roleARN string
roleSessionName string
}
@@ -52,9 +71,15 @@ func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName
// NewWebIdentityRoleProvider will return a new WebIdentityRoleProvider with the
// provided stsiface.STSAPI
func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, path string) *WebIdentityRoleProvider {
+ return NewWebIdentityRoleProviderWithToken(svc, roleARN, roleSessionName, FetchTokenPath(path))
+}
+
+// NewWebIdentityRoleProviderWithToken will return a new WebIdentityRoleProvider with the
+// provided stsiface.STSAPI and a TokenFetcher
+func NewWebIdentityRoleProviderWithToken(svc stsiface.STSAPI, roleARN, roleSessionName string, tokenFetcher TokenFetcher) *WebIdentityRoleProvider {
return &WebIdentityRoleProvider{
client: svc,
- tokenFilePath: path,
+ tokenFetcher: tokenFetcher,
roleARN: roleARN,
roleSessionName: roleSessionName,
}
@@ -64,10 +89,16 @@ func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, p
// 'WebIdentityTokenFilePath' specified destination and if that is empty an
// error will be returned.
func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) {
- b, err := ioutil.ReadFile(p.tokenFilePath)
+ return p.RetrieveWithContext(aws.BackgroundContext())
+}
+
+// RetrieveWithContext will attempt to assume a role from a token which is located at
+// 'WebIdentityTokenFilePath' specified destination and if that is empty an
+// error will be returned.
+func (p *WebIdentityRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
+ b, err := p.tokenFetcher.FetchToken(ctx)
if err != nil {
- errMsg := fmt.Sprintf("unable to read file at %s", p.tokenFilePath)
- return credentials.Value{}, awserr.New(ErrCodeWebIdentity, errMsg, err)
+ return credentials.Value{}, awserr.New(ErrCodeWebIdentity, "failed fetching WebIdentity token: ", err)
}
sessionName := p.roleSessionName
@@ -77,10 +108,14 @@ func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) {
sessionName = strconv.FormatInt(now().UnixNano(), 10)
}
req, resp := p.client.AssumeRoleWithWebIdentityRequest(&sts.AssumeRoleWithWebIdentityInput{
+ PolicyArns: p.PolicyArns,
RoleArn: &p.roleARN,
RoleSessionName: &sessionName,
WebIdentityToken: aws.String(string(b)),
})
+
+ req.SetContext(ctx)
+
// InvalidIdentityToken error is a temporary error that can occur
// when assuming an Role with a JWT web identity token.
req.RetryErrorCodes = append(req.RetryErrorCodes, sts.ErrCodeInvalidIdentityTokenException)
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go
index 9186587..835bcd4 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go
@@ -89,7 +89,7 @@ func getMetricException(err awserr.Error) metricException {
code := err.Code()
switch code {
- case "RequestError",
+ case request.ErrCodeRequestError,
request.ErrCodeSerialization,
request.CanceledErrorCode:
return sdkException{
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go
index d126764..a716c02 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go
@@ -4,28 +4,73 @@ import (
"encoding/json"
"fmt"
"net/http"
+ "strconv"
"strings"
"time"
+ "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/internal/sdkuri"
)
+// getToken uses the duration to return a token for EC2 metadata service,
+// or an error if the request failed.
+func (c *EC2Metadata) getToken(ctx aws.Context, duration time.Duration) (tokenOutput, error) {
+ op := &request.Operation{
+ Name: "GetToken",
+ HTTPMethod: "PUT",
+ HTTPPath: "/api/token",
+ }
+
+ var output tokenOutput
+ req := c.NewRequest(op, nil, &output)
+ req.SetContext(ctx)
+
+ // remove the fetch token handler from the request handlers to avoid infinite recursion
+ req.Handlers.Sign.RemoveByName(fetchTokenHandlerName)
+
+ // Swap the unmarshalMetadataHandler with unmarshalTokenHandler on this request.
+ req.Handlers.Unmarshal.Swap(unmarshalMetadataHandlerName, unmarshalTokenHandler)
+
+ ttl := strconv.FormatInt(int64(duration/time.Second), 10)
+ req.HTTPRequest.Header.Set(ttlHeader, ttl)
+
+ err := req.Send()
+
+ // Errors with bad request status should be returned.
+ if err != nil {
+ err = awserr.NewRequestFailure(
+ awserr.New(req.HTTPResponse.Status, http.StatusText(req.HTTPResponse.StatusCode), err),
+ req.HTTPResponse.StatusCode, req.RequestID)
+ }
+
+ return output, err
+}
+
// GetMetadata uses the path provided to request information from the EC2
-// instance metdata service. The content will be returned as a string, or
+// instance metadata service. The content will be returned as a string, or
// error if the request failed.
func (c *EC2Metadata) GetMetadata(p string) (string, error) {
+ return c.GetMetadataWithContext(aws.BackgroundContext(), p)
+}
+
+// GetMetadataWithContext uses the path provided to request information from the EC2
+// instance metadata service. The content will be returned as a string, or
+// error if the request failed.
+func (c *EC2Metadata) GetMetadataWithContext(ctx aws.Context, p string) (string, error) {
op := &request.Operation{
Name: "GetMetadata",
HTTPMethod: "GET",
HTTPPath: sdkuri.PathJoin("/meta-data", p),
}
-
output := &metadataOutput{}
+
req := c.NewRequest(op, nil, output)
- err := req.Send()
+ req.SetContext(ctx)
+
+ err := req.Send()
return output.Content, err
}
@@ -33,6 +78,13 @@ func (c *EC2Metadata) GetMetadata(p string) (string, error) {
// there is no user-data setup for the EC2 instance a "NotFoundError" error
// code will be returned.
func (c *EC2Metadata) GetUserData() (string, error) {
+ return c.GetUserDataWithContext(aws.BackgroundContext())
+}
+
+// GetUserDataWithContext returns the userdata that was configured for the service. If
+// there is no user-data setup for the EC2 instance a "NotFoundError" error
+// code will be returned.
+func (c *EC2Metadata) GetUserDataWithContext(ctx aws.Context) (string, error) {
op := &request.Operation{
Name: "GetUserData",
HTTPMethod: "GET",
@@ -41,13 +93,9 @@ func (c *EC2Metadata) GetUserData() (string, error) {
output := &metadataOutput{}
req := c.NewRequest(op, nil, output)
- req.Handlers.UnmarshalError.PushBack(func(r *request.Request) {
- if r.HTTPResponse.StatusCode == http.StatusNotFound {
- r.Error = awserr.New("NotFoundError", "user-data not found", r.Error)
- }
- })
- err := req.Send()
+ req.SetContext(ctx)
+ err := req.Send()
return output.Content, err
}
@@ -55,6 +103,13 @@ func (c *EC2Metadata) GetUserData() (string, error) {
// instance metadata service for dynamic data. The content will be returned
// as a string, or error if the request failed.
func (c *EC2Metadata) GetDynamicData(p string) (string, error) {
+ return c.GetDynamicDataWithContext(aws.BackgroundContext(), p)
+}
+
+// GetDynamicDataWithContext uses the path provided to request information from the EC2
+// instance metadata service for dynamic data. The content will be returned
+// as a string, or error if the request failed.
+func (c *EC2Metadata) GetDynamicDataWithContext(ctx aws.Context, p string) (string, error) {
op := &request.Operation{
Name: "GetDynamicData",
HTTPMethod: "GET",
@@ -63,8 +118,9 @@ func (c *EC2Metadata) GetDynamicData(p string) (string, error) {
output := &metadataOutput{}
req := c.NewRequest(op, nil, output)
- err := req.Send()
+ req.SetContext(ctx)
+ err := req.Send()
return output.Content, err
}
@@ -72,7 +128,14 @@ func (c *EC2Metadata) GetDynamicData(p string) (string, error) {
// instance. Error is returned if the request fails or is unable to parse
// the response.
func (c *EC2Metadata) GetInstanceIdentityDocument() (EC2InstanceIdentityDocument, error) {
- resp, err := c.GetDynamicData("instance-identity/document")
+ return c.GetInstanceIdentityDocumentWithContext(aws.BackgroundContext())
+}
+
+// GetInstanceIdentityDocumentWithContext retrieves an identity document describing an
+// instance. Error is returned if the request fails or is unable to parse
+// the response.
+func (c *EC2Metadata) GetInstanceIdentityDocumentWithContext(ctx aws.Context) (EC2InstanceIdentityDocument, error) {
+ resp, err := c.GetDynamicDataWithContext(ctx, "instance-identity/document")
if err != nil {
return EC2InstanceIdentityDocument{},
awserr.New("EC2MetadataRequestError",
@@ -91,7 +154,12 @@ func (c *EC2Metadata) GetInstanceIdentityDocument() (EC2InstanceIdentityDocument
// IAMInfo retrieves IAM info from the metadata API
func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) {
- resp, err := c.GetMetadata("iam/info")
+ return c.IAMInfoWithContext(aws.BackgroundContext())
+}
+
+// IAMInfoWithContext retrieves IAM info from the metadata API
+func (c *EC2Metadata) IAMInfoWithContext(ctx aws.Context) (EC2IAMInfo, error) {
+ resp, err := c.GetMetadataWithContext(ctx, "iam/info")
if err != nil {
return EC2IAMInfo{},
awserr.New("EC2MetadataRequestError",
@@ -116,24 +184,36 @@ func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) {
// Region returns the region the instance is running in.
func (c *EC2Metadata) Region() (string, error) {
- resp, err := c.GetMetadata("placement/availability-zone")
+ return c.RegionWithContext(aws.BackgroundContext())
+}
+
+// RegionWithContext returns the region the instance is running in.
+func (c *EC2Metadata) RegionWithContext(ctx aws.Context) (string, error) {
+ ec2InstanceIdentityDocument, err := c.GetInstanceIdentityDocumentWithContext(ctx)
if err != nil {
return "", err
}
-
- if len(resp) == 0 {
- return "", awserr.New("EC2MetadataError", "invalid Region response", nil)
+ // extract region from the ec2InstanceIdentityDocument
+ region := ec2InstanceIdentityDocument.Region
+ if len(region) == 0 {
+ return "", awserr.New("EC2MetadataError", "invalid region received for ec2metadata instance", nil)
}
-
- // returns region without the suffix. Eg: us-west-2a becomes us-west-2
- return resp[:len(resp)-1], nil
+ // returns region
+ return region, nil
}
// Available returns if the application has access to the EC2 Metadata service.
// Can be used to determine if application is running within an EC2 Instance and
// the metadata service is available.
func (c *EC2Metadata) Available() bool {
- if _, err := c.GetMetadata("instance-id"); err != nil {
+ return c.AvailableWithContext(aws.BackgroundContext())
+}
+
+// AvailableWithContext returns if the application has access to the EC2 Metadata service.
+// Can be used to determine if application is running within an EC2 Instance and
+// the metadata service is available.
+func (c *EC2Metadata) AvailableWithContext(ctx aws.Context) bool {
+ if _, err := c.GetMetadataWithContext(ctx, "instance-id"); err != nil {
return false
}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go
index 4c5636e..dc7e051 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go
@@ -13,6 +13,7 @@ import (
"io"
"net/http"
"os"
+ "strconv"
"strings"
"time"
@@ -24,9 +25,25 @@ import (
"github.com/aws/aws-sdk-go/aws/request"
)
-// ServiceName is the name of the service.
-const ServiceName = "ec2metadata"
-const disableServiceEnvVar = "AWS_EC2_METADATA_DISABLED"
+const (
+ // ServiceName is the name of the service.
+ ServiceName = "ec2metadata"
+ disableServiceEnvVar = "AWS_EC2_METADATA_DISABLED"
+
+ // Headers for Token and TTL
+ ttlHeader = "x-aws-ec2-metadata-token-ttl-seconds"
+ tokenHeader = "x-aws-ec2-metadata-token"
+
+ // Named Handler constants
+ fetchTokenHandlerName = "FetchTokenHandler"
+ unmarshalMetadataHandlerName = "unmarshalMetadataHandler"
+ unmarshalTokenHandlerName = "unmarshalTokenHandler"
+ enableTokenProviderHandlerName = "enableTokenProviderHandler"
+
+ // TTL constants
+ defaultTTL = 21600 * time.Second
+ ttlExpirationWindow = 30 * time.Second
+)
// A EC2Metadata is an EC2 Metadata service Client.
type EC2Metadata struct {
@@ -63,8 +80,10 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
// use a shorter timeout than default because the metadata
// service is local if it is running, and to fail faster
// if not running on an ec2 instance.
- Timeout: 5 * time.Second,
+ Timeout: 1 * time.Second,
}
+ // max number of retries on the client operation
+ cfg.MaxRetries = aws.Int(2)
}
svc := &EC2Metadata{
@@ -80,13 +99,27 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
),
}
- svc.Handlers.Unmarshal.PushBack(unmarshalHandler)
+ // token provider instance
+ tp := newTokenProvider(svc, defaultTTL)
+
+ // NamedHandler for fetching token
+ svc.Handlers.Sign.PushBackNamed(request.NamedHandler{
+ Name: fetchTokenHandlerName,
+ Fn: tp.fetchTokenHandler,
+ })
+ // NamedHandler for enabling token provider
+ svc.Handlers.Complete.PushBackNamed(request.NamedHandler{
+ Name: enableTokenProviderHandlerName,
+ Fn: tp.enableTokenProviderHandler,
+ })
+
+ svc.Handlers.Unmarshal.PushBackNamed(unmarshalHandler)
svc.Handlers.UnmarshalError.PushBack(unmarshalError)
svc.Handlers.Validate.Clear()
svc.Handlers.Validate.PushBack(validateEndpointHandler)
// Disable the EC2 Metadata service if the environment variable is set.
- // This shortcirctes the service's functionality to always fail to send
+ // This short-circuits the service's functionality to always fail to send
// requests.
if strings.ToLower(os.Getenv(disableServiceEnvVar)) == "true" {
svc.Handlers.Send.SwapNamed(request.NamedHandler{
@@ -107,7 +140,6 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
for _, option := range opts {
option(svc.Client)
}
-
return svc
}
@@ -119,30 +151,74 @@ type metadataOutput struct {
Content string
}
-func unmarshalHandler(r *request.Request) {
- defer r.HTTPResponse.Body.Close()
- b := &bytes.Buffer{}
- if _, err := io.Copy(b, r.HTTPResponse.Body); err != nil {
- r.Error = awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata response", err)
- return
- }
+type tokenOutput struct {
+ Token string
+ TTL time.Duration
+}
- if data, ok := r.Data.(*metadataOutput); ok {
- data.Content = b.String()
- }
+// unmarshal token handler is used to parse the response of a getToken operation
+var unmarshalTokenHandler = request.NamedHandler{
+ Name: unmarshalTokenHandlerName,
+ Fn: func(r *request.Request) {
+ defer r.HTTPResponse.Body.Close()
+ var b bytes.Buffer
+ if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil {
+ r.Error = awserr.NewRequestFailure(awserr.New(request.ErrCodeSerialization,
+ "unable to unmarshal EC2 metadata response", err), r.HTTPResponse.StatusCode, r.RequestID)
+ return
+ }
+
+ v := r.HTTPResponse.Header.Get(ttlHeader)
+ data, ok := r.Data.(*tokenOutput)
+ if !ok {
+ return
+ }
+
+ data.Token = b.String()
+ // TTL is in seconds
+ i, err := strconv.ParseInt(v, 10, 64)
+ if err != nil {
+ r.Error = awserr.NewRequestFailure(awserr.New(request.ParamFormatErrCode,
+ "unable to parse EC2 token TTL response", err), r.HTTPResponse.StatusCode, r.RequestID)
+ return
+ }
+ t := time.Duration(i) * time.Second
+ data.TTL = t
+ },
+}
+
+var unmarshalHandler = request.NamedHandler{
+ Name: unmarshalMetadataHandlerName,
+ Fn: func(r *request.Request) {
+ defer r.HTTPResponse.Body.Close()
+ var b bytes.Buffer
+ if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil {
+ r.Error = awserr.NewRequestFailure(awserr.New(request.ErrCodeSerialization,
+ "unable to unmarshal EC2 metadata response", err), r.HTTPResponse.StatusCode, r.RequestID)
+ return
+ }
+
+ if data, ok := r.Data.(*metadataOutput); ok {
+ data.Content = b.String()
+ }
+ },
}
func unmarshalError(r *request.Request) {
defer r.HTTPResponse.Body.Close()
- b := &bytes.Buffer{}
- if _, err := io.Copy(b, r.HTTPResponse.Body); err != nil {
- r.Error = awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata error response", err)
+ var b bytes.Buffer
+
+ if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil {
+ r.Error = awserr.NewRequestFailure(
+ awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata error response", err),
+ r.HTTPResponse.StatusCode, r.RequestID)
return
}
// Response body format is not consistent between metadata endpoints.
// Grab the error message as a string and include that as the source error
- r.Error = awserr.New("EC2MetadataError", "failed to make EC2Metadata request", errors.New(b.String()))
+ r.Error = awserr.NewRequestFailure(awserr.New("EC2MetadataError", "failed to make EC2Metadata request", errors.New(b.String())),
+ r.HTTPResponse.StatusCode, r.RequestID)
}
func validateEndpointHandler(r *request.Request) {
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go
new file mode 100644
index 0000000..d0a3a02
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go
@@ -0,0 +1,92 @@
+package ec2metadata
+
+import (
+ "net/http"
+ "sync/atomic"
+ "time"
+
+ "github.com/aws/aws-sdk-go/aws/awserr"
+ "github.com/aws/aws-sdk-go/aws/credentials"
+ "github.com/aws/aws-sdk-go/aws/request"
+)
+
+// A tokenProvider struct provides access to EC2Metadata client
+// and atomic instance of a token, along with configuredTTL for it.
+// tokenProvider also provides an atomic flag to disable the
+// fetch token operation.
+// The disabled member will use 0 as false, and 1 as true.
+type tokenProvider struct {
+ client *EC2Metadata
+ token atomic.Value
+ configuredTTL time.Duration
+ disabled uint32
+}
+
+// A ec2Token struct helps use of token in EC2 Metadata service ops
+type ec2Token struct {
+ token string
+ credentials.Expiry
+}
+
+// newTokenProvider provides a pointer to a tokenProvider instance
+func newTokenProvider(c *EC2Metadata, duration time.Duration) *tokenProvider {
+ return &tokenProvider{client: c, configuredTTL: duration}
+}
+
+// fetchTokenHandler fetches token for EC2Metadata service client by default.
+func (t *tokenProvider) fetchTokenHandler(r *request.Request) {
+
+ // short-circuits to insecure data flow if tokenProvider is disabled.
+ if v := atomic.LoadUint32(&t.disabled); v == 1 {
+ return
+ }
+
+ if ec2Token, ok := t.token.Load().(ec2Token); ok && !ec2Token.IsExpired() {
+ r.HTTPRequest.Header.Set(tokenHeader, ec2Token.token)
+ return
+ }
+
+ output, err := t.client.getToken(r.Context(), t.configuredTTL)
+
+ if err != nil {
+
+ // change the disabled flag on token provider to true,
+ // when error is request timeout error.
+ if requestFailureError, ok := err.(awserr.RequestFailure); ok {
+ switch requestFailureError.StatusCode() {
+ case http.StatusForbidden, http.StatusNotFound, http.StatusMethodNotAllowed:
+ atomic.StoreUint32(&t.disabled, 1)
+ case http.StatusBadRequest:
+ r.Error = requestFailureError
+ }
+
+ // Check if request timed out while waiting for response
+ if e, ok := requestFailureError.OrigErr().(awserr.Error); ok {
+ if e.Code() == request.ErrCodeRequestError {
+ atomic.StoreUint32(&t.disabled, 1)
+ }
+ }
+ }
+ return
+ }
+
+ newToken := ec2Token{
+ token: output.Token,
+ }
+ newToken.SetExpiration(time.Now().Add(output.TTL), ttlExpirationWindow)
+ t.token.Store(newToken)
+
+ // Inject token header to the request.
+ if ec2Token, ok := t.token.Load().(ec2Token); ok {
+ r.HTTPRequest.Header.Set(tokenHeader, ec2Token.token)
+ }
+}
+
+// enableTokenProviderHandler enables the token provider
+func (t *tokenProvider) enableTokenProviderHandler(r *request.Request) {
+ // If the error code status is 401, we enable the token provider
+ if e, ok := r.Error.(awserr.RequestFailure); ok && e != nil &&
+ e.StatusCode() == http.StatusUnauthorized {
+ atomic.StoreUint32(&t.disabled, 0)
+ }
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go
index 343a210..654fb1a 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go
@@ -93,7 +93,7 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol
}
func custAddS3DualStack(p *partition) {
- if p.ID != "aws" {
+ if !(p.ID == "aws" || p.ID == "aws-cn" || p.ID == "aws-us-gov") {
return
}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
index de07715..4f9de24 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
@@ -17,6 +17,7 @@ const (
// AWS Standard partition's regions.
const (
+ AfSouth1RegionID = "af-south-1" // Africa (Cape Town).
ApEast1RegionID = "ap-east-1" // Asia Pacific (Hong Kong).
ApNortheast1RegionID = "ap-northeast-1" // Asia Pacific (Tokyo).
ApNortheast2RegionID = "ap-northeast-2" // Asia Pacific (Seoul).
@@ -24,11 +25,12 @@ const (
ApSoutheast1RegionID = "ap-southeast-1" // Asia Pacific (Singapore).
ApSoutheast2RegionID = "ap-southeast-2" // Asia Pacific (Sydney).
CaCentral1RegionID = "ca-central-1" // Canada (Central).
- EuCentral1RegionID = "eu-central-1" // EU (Frankfurt).
- EuNorth1RegionID = "eu-north-1" // EU (Stockholm).
- EuWest1RegionID = "eu-west-1" // EU (Ireland).
- EuWest2RegionID = "eu-west-2" // EU (London).
- EuWest3RegionID = "eu-west-3" // EU (Paris).
+ EuCentral1RegionID = "eu-central-1" // Europe (Frankfurt).
+ EuNorth1RegionID = "eu-north-1" // Europe (Stockholm).
+ EuSouth1RegionID = "eu-south-1" // Europe (Milan).
+ EuWest1RegionID = "eu-west-1" // Europe (Ireland).
+ EuWest2RegionID = "eu-west-2" // Europe (London).
+ EuWest3RegionID = "eu-west-3" // Europe (Paris).
MeSouth1RegionID = "me-south-1" // Middle East (Bahrain).
SaEast1RegionID = "sa-east-1" // South America (Sao Paulo).
UsEast1RegionID = "us-east-1" // US East (N. Virginia).
@@ -46,7 +48,7 @@ const (
// AWS GovCloud (US) partition's regions.
const (
UsGovEast1RegionID = "us-gov-east-1" // AWS GovCloud (US-East).
- UsGovWest1RegionID = "us-gov-west-1" // AWS GovCloud (US).
+ UsGovWest1RegionID = "us-gov-west-1" // AWS GovCloud (US-West).
)
// AWS ISO (US) partition's regions.
@@ -97,7 +99,7 @@ var awsPartition = partition{
DNSSuffix: "amazonaws.com",
RegionRegex: regionRegex{
Regexp: func() *regexp.Regexp {
- reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me)\\-\\w+\\-\\d+$")
+ reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me|af)\\-\\w+\\-\\d+$")
return reg
}(),
},
@@ -107,6 +109,9 @@ var awsPartition = partition{
SignatureVersions: []string{"v4"},
},
Regions: regions{
+ "af-south-1": region{
+ Description: "Africa (Cape Town)",
+ },
"ap-east-1": region{
Description: "Asia Pacific (Hong Kong)",
},
@@ -129,19 +134,22 @@ var awsPartition = partition{
Description: "Canada (Central)",
},
"eu-central-1": region{
- Description: "EU (Frankfurt)",
+ Description: "Europe (Frankfurt)",
},
"eu-north-1": region{
- Description: "EU (Stockholm)",
+ Description: "Europe (Stockholm)",
+ },
+ "eu-south-1": region{
+ Description: "Europe (Milan)",
},
"eu-west-1": region{
- Description: "EU (Ireland)",
+ Description: "Europe (Ireland)",
},
"eu-west-2": region{
- Description: "EU (London)",
+ Description: "Europe (London)",
},
"eu-west-3": region{
- Description: "EU (Paris)",
+ Description: "Europe (Paris)",
},
"me-south-1": region{
Description: "Middle East (Bahrain)",
@@ -169,9 +177,10 @@ var awsPartition = partition{
"us-east-1": endpoint{},
},
},
- "acm": service{
+ "access-analyzer": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -181,15 +190,101 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "access-analyzer-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "access-analyzer-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "access-analyzer-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "access-analyzer-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "access-analyzer-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
+ "acm": service{
+
+ Endpoints: endpoints{
+ "af-south-1": endpoint{},
+ "ap-east-1": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "ca-central-1-fips": endpoint{
+ Hostname: "acm-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-1-fips": endpoint{
+ Hostname: "acm-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "us-east-2": endpoint{},
+ "us-east-2-fips": endpoint{
+ Hostname: "acm-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "us-west-1": endpoint{},
+ "us-west-1-fips": endpoint{
+ Hostname: "acm-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "us-west-2": endpoint{},
+ "us-west-2-fips": endpoint{
+ Hostname: "acm-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
},
},
"acm-pca": service{
@@ -209,7 +304,60 @@ var awsPartition = partition{
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "acm-pca-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "acm-pca-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "acm-pca-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "acm-pca-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "acm-pca-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
+ "api.detective": service{
+ Defaults: endpoint{
+ Protocols: []string{"https"},
+ },
+ Endpoints: endpoints{
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
"sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
@@ -220,6 +368,12 @@ var awsPartition = partition{
"api.ecr": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{
+ Hostname: "api.ecr.af-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "af-south-1",
+ },
+ },
"ap-east-1": endpoint{
Hostname: "api.ecr.ap-east-1.amazonaws.com",
CredentialScope: credentialScope{
@@ -274,6 +428,12 @@ var awsPartition = partition{
Region: "eu-north-1",
},
},
+ "eu-south-1": endpoint{
+ Hostname: "api.ecr.eu-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-south-1",
+ },
+ },
"eu-west-1": endpoint{
Hostname: "api.ecr.eu-west-1.amazonaws.com",
CredentialScope: credentialScope{
@@ -292,6 +452,30 @@ var awsPartition = partition{
Region: "eu-west-3",
},
},
+ "fips-us-east-1": endpoint{
+ Hostname: "ecr-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "ecr-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "ecr-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "ecr-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
"me-south-1": endpoint{
Hostname: "api.ecr.me-south-1.amazonaws.com",
CredentialScope: credentialScope{
@@ -330,6 +514,29 @@ var awsPartition = partition{
},
},
},
+ "api.elastic-inference": service{
+
+ Endpoints: endpoints{
+ "ap-northeast-1": endpoint{
+ Hostname: "api.elastic-inference.ap-northeast-1.amazonaws.com",
+ },
+ "ap-northeast-2": endpoint{
+ Hostname: "api.elastic-inference.ap-northeast-2.amazonaws.com",
+ },
+ "eu-west-1": endpoint{
+ Hostname: "api.elastic-inference.eu-west-1.amazonaws.com",
+ },
+ "us-east-1": endpoint{
+ Hostname: "api.elastic-inference.us-east-1.amazonaws.com",
+ },
+ "us-east-2": endpoint{
+ Hostname: "api.elastic-inference.us-east-2.amazonaws.com",
+ },
+ "us-west-2": endpoint{
+ Hostname: "api.elastic-inference.us-west-2.amazonaws.com",
+ },
+ },
+ },
"api.mediatailor": service{
Endpoints: endpoints{
@@ -403,6 +610,7 @@ var awsPartition = partition{
"apigateway": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -412,6 +620,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -425,13 +634,10 @@ var awsPartition = partition{
},
"application-autoscaling": service{
Defaults: endpoint{
- Hostname: "autoscaling.{region}.amazonaws.com",
Protocols: []string{"http", "https"},
- CredentialScope: credentialScope{
- Service: "application-autoscaling",
- },
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -441,6 +647,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -455,6 +662,7 @@ var awsPartition = partition{
"appmesh": service{
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -462,9 +670,12 @@ var awsPartition = partition{
"ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
"us-west-1": endpoint{},
@@ -481,6 +692,7 @@ var awsPartition = partition{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
"eu-central-1": endpoint{},
@@ -503,11 +715,17 @@ var awsPartition = partition{
"ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
+ "us-west-1": endpoint{},
"us-west-2": endpoint{},
},
},
@@ -527,6 +745,7 @@ var awsPartition = partition{
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
"me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
"us-west-1": endpoint{},
@@ -538,6 +757,7 @@ var awsPartition = partition{
Protocols: []string{"http", "https"},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -547,6 +767,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -560,13 +781,10 @@ var awsPartition = partition{
},
"autoscaling-plans": service{
Defaults: endpoint{
- Hostname: "autoscaling.{region}.amazonaws.com",
Protocols: []string{"http", "https"},
- CredentialScope: credentialScope{
- Service: "autoscaling-plans",
- },
},
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -574,8 +792,12 @@ var awsPartition = partition{
"ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
"us-west-1": endpoint{},
@@ -617,15 +839,40 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "fips.batch.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "fips.batch.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "fips.batch.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "fips.batch.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"budgets": service{
@@ -674,12 +921,24 @@ var awsPartition = partition{
"cloud9": service{
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
+ "us-west-1": endpoint{},
"us-west-2": endpoint{},
},
},
@@ -700,6 +959,7 @@ var awsPartition = partition{
"cloudformation": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -709,25 +969,50 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
"me-south-1": endpoint{},
"sa-east-1": endpoint{},
"us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
- },
- },
- "cloudfront": service{
- PartitionEndpoint: "aws-global",
- IsRegionalized: boxedFalse,
-
- Endpoints: endpoints{
- "aws-global": endpoint{
- Hostname: "cloudfront.amazonaws.com",
- Protocols: []string{"http", "https"},
+ "us-east-1-fips": endpoint{
+ Hostname: "cloudformation-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "us-east-2": endpoint{},
+ "us-east-2-fips": endpoint{
+ Hostname: "cloudformation-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "us-west-1": endpoint{},
+ "us-west-1-fips": endpoint{
+ Hostname: "cloudformation-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "us-west-2": endpoint{},
+ "us-west-2-fips": endpoint{
+ Hostname: "cloudformation-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ },
+ },
+ "cloudfront": service{
+ PartitionEndpoint: "aws-global",
+ IsRegionalized: boxedFalse,
+
+ Endpoints: endpoints{
+ "aws-global": endpoint{
+ Hostname: "cloudfront.amazonaws.com",
+ Protocols: []string{"http", "https"},
CredentialScope: credentialScope{
Region: "us-east-1",
},
@@ -756,6 +1041,7 @@ var awsPartition = partition{
},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -765,6 +1051,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -794,6 +1081,7 @@ var awsPartition = partition{
"cloudtrail": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -803,14 +1091,54 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "cloudtrail-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "cloudtrail-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "cloudtrail-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "cloudtrail-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
+ "codeartifact": service{
+
+ Endpoints: endpoints{
+ "ap-northeast-1": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-west-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
- "us-west-1": endpoint{},
"us-west-2": endpoint{},
},
},
@@ -864,6 +1192,7 @@ var awsPartition = partition{
"codecommit": service{
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -892,6 +1221,7 @@ var awsPartition = partition{
"codedeploy": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -901,6 +1231,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -950,24 +1281,76 @@ var awsPartition = partition{
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "sa-east-1": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "codepipeline-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "codepipeline-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "codepipeline-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "codepipeline-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "codepipeline-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
+ "codestar": service{
+
+ Endpoints: endpoints{
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
"us-west-1": endpoint{},
"us-west-2": endpoint{},
},
},
- "codestar": service{
+ "codestar-connections": service{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
"us-west-1": endpoint{},
@@ -986,9 +1369,27 @@ var awsPartition = partition{
"eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "cognito-identity-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "cognito-identity-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "cognito-identity-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-2": endpoint{},
},
},
"cognito-idp": service{
@@ -1003,9 +1404,27 @@ var awsPartition = partition{
"eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "cognito-idp-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "cognito-idp-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "cognito-idp-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-2": endpoint{},
},
},
"cognito-sync": service{
@@ -1029,15 +1448,36 @@ var awsPartition = partition{
Protocols: []string{"https"},
},
Endpoints: endpoints{
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "comprehend-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "comprehend-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "comprehend-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-2": endpoint{},
},
},
"comprehendmedical": service{
@@ -1047,9 +1487,27 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "comprehendmedical-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "comprehendmedical-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "comprehendmedical-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-2": endpoint{},
},
},
"config": service{
@@ -1079,8 +1537,10 @@ var awsPartition = partition{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
+ "ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
"eu-central-1": endpoint{},
+ "eu-west-2": endpoint{},
"us-east-1": endpoint{},
"us-west-2": endpoint{},
},
@@ -1100,6 +1560,7 @@ var awsPartition = partition{
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
"eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
"us-east-1": endpoint{},
"us-west-2": endpoint{},
},
@@ -1133,15 +1594,26 @@ var awsPartition = partition{
"datasync": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "datasync-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
"fips-us-east-1": endpoint{
Hostname: "datasync-fips.us-east-1.amazonaws.com",
CredentialScope: credentialScope{
@@ -1167,6 +1639,7 @@ var awsPartition = partition{
},
},
"me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
"us-west-1": endpoint{},
@@ -1200,6 +1673,7 @@ var awsPartition = partition{
"directconnect": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1209,26 +1683,56 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "directconnect-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "directconnect-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "directconnect-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "directconnect-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"discovery": service{
Endpoints: endpoints{
- "us-west-2": endpoint{},
- },
- },
- "dms": service{
+ "ap-northeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
+ "dms": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1236,17 +1740,24 @@ var awsPartition = partition{
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
- "eu-central-1": endpoint{},
- "eu-north-1": endpoint{},
- "eu-west-1": endpoint{},
- "eu-west-2": endpoint{},
- "eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "dms-fips": endpoint{
+ Hostname: "dms-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"docdb": service{
@@ -1282,6 +1793,12 @@ var awsPartition = partition{
Region: "ap-southeast-2",
},
},
+ "ca-central-1": endpoint{
+ Hostname: "rds.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
"eu-central-1": endpoint{
Hostname: "rds.eu-central-1.amazonaws.com",
CredentialScope: credentialScope{
@@ -1329,6 +1846,7 @@ var awsPartition = partition{
"ds": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1338,13 +1856,46 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "ds-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "ds-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "ds-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "ds-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "ds-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"dynamodb": service{
@@ -1352,6 +1903,7 @@ var awsPartition = partition{
Protocols: []string{"http", "https"},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1367,6 +1919,7 @@ var awsPartition = partition{
},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -1414,6 +1967,7 @@ var awsPartition = partition{
Protocols: []string{"http", "https"},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1423,15 +1977,46 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "ec2-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "ec2-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "ec2-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "ec2-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "ec2-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"ec2metadata": service{
@@ -1448,6 +2033,7 @@ var awsPartition = partition{
"ecs": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1457,20 +2043,48 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "ecs-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "ecs-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "ecs-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "ecs-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
- "elasticache": service{
-
+ "eks": service{
+ Defaults: endpoint{
+ Protocols: []string{"http", "https"},
+ },
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1480,26 +2094,39 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "fips": endpoint{
- Hostname: "elasticache-fips.us-west-1.amazonaws.com",
+ "fips-us-east-1": endpoint{
+ Hostname: "fips.eks.us-east-1.amazonaws.com",
CredentialScope: credentialScope{
- Region: "us-west-1",
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "fips.eks.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "fips.eks.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
},
},
"me-south-1": endpoint{},
"sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
- "us-west-1": endpoint{},
"us-west-2": endpoint{},
},
},
- "elasticbeanstalk": service{
+ "elasticache": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1509,20 +2136,29 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips": endpoint{
+ Hostname: "elasticache-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
- "elasticfilesystem": service{
+ "elasticbeanstalk": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -1530,20 +2166,47 @@ var awsPartition = partition{
"ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "elasticbeanstalk-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "elasticbeanstalk-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "elasticbeanstalk-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "elasticbeanstalk-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
- "elasticloadbalancing": service{
- Defaults: endpoint{
- Protocols: []string{"https"},
- },
+ "elasticfilesystem": service{
+
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1553,41 +2216,245 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
- },
- },
- "elasticmapreduce": service{
- Defaults: endpoint{
- SSLCommonName: "{region}.{service}.{dnsSuffix}",
- Protocols: []string{"https"},
- },
- Endpoints: endpoints{
- "ap-east-1": endpoint{},
- "ap-northeast-1": endpoint{},
- "ap-northeast-2": endpoint{},
- "ap-south-1": endpoint{},
- "ap-southeast-1": endpoint{},
- "ap-southeast-2": endpoint{},
- "ca-central-1": endpoint{},
- "eu-central-1": endpoint{
- SSLCommonName: "{service}.{region}.{dnsSuffix}",
- },
- "eu-north-1": endpoint{},
- "eu-west-1": endpoint{},
- "eu-west-2": endpoint{},
- "eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{
- SSLCommonName: "{service}.{region}.{dnsSuffix}",
+ "fips-af-south-1": endpoint{
+ Hostname: "elasticfilesystem-fips.af-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "af-south-1",
+ },
+ },
+ "fips-ap-east-1": endpoint{
+ Hostname: "elasticfilesystem-fips.ap-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-east-1",
+ },
+ },
+ "fips-ap-northeast-1": endpoint{
+ Hostname: "elasticfilesystem-fips.ap-northeast-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-northeast-1",
+ },
+ },
+ "fips-ap-northeast-2": endpoint{
+ Hostname: "elasticfilesystem-fips.ap-northeast-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-northeast-2",
+ },
+ },
+ "fips-ap-south-1": endpoint{
+ Hostname: "elasticfilesystem-fips.ap-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-south-1",
+ },
+ },
+ "fips-ap-southeast-1": endpoint{
+ Hostname: "elasticfilesystem-fips.ap-southeast-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-southeast-1",
+ },
+ },
+ "fips-ap-southeast-2": endpoint{
+ Hostname: "elasticfilesystem-fips.ap-southeast-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-southeast-2",
+ },
+ },
+ "fips-ca-central-1": endpoint{
+ Hostname: "elasticfilesystem-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-eu-central-1": endpoint{
+ Hostname: "elasticfilesystem-fips.eu-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-central-1",
+ },
+ },
+ "fips-eu-north-1": endpoint{
+ Hostname: "elasticfilesystem-fips.eu-north-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-north-1",
+ },
+ },
+ "fips-eu-south-1": endpoint{
+ Hostname: "elasticfilesystem-fips.eu-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-south-1",
+ },
+ },
+ "fips-eu-west-1": endpoint{
+ Hostname: "elasticfilesystem-fips.eu-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-1",
+ },
+ },
+ "fips-eu-west-2": endpoint{
+ Hostname: "elasticfilesystem-fips.eu-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-2",
+ },
+ },
+ "fips-eu-west-3": endpoint{
+ Hostname: "elasticfilesystem-fips.eu-west-3.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-3",
+ },
+ },
+ "fips-me-south-1": endpoint{
+ Hostname: "elasticfilesystem-fips.me-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "me-south-1",
+ },
+ },
+ "fips-sa-east-1": endpoint{
+ Hostname: "elasticfilesystem-fips.sa-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "sa-east-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "elasticfilesystem-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "elasticfilesystem-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "elasticfilesystem-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "elasticfilesystem-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
+ "elasticloadbalancing": service{
+ Defaults: endpoint{
+ Protocols: []string{"https"},
+ },
+ Endpoints: endpoints{
+ "af-south-1": endpoint{},
+ "ap-east-1": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "elasticloadbalancing-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "elasticloadbalancing-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "elasticloadbalancing-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "elasticloadbalancing-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
+ "elasticmapreduce": service{
+ Defaults: endpoint{
+ SSLCommonName: "{region}.{service}.{dnsSuffix}",
+ Protocols: []string{"https"},
+ },
+ Endpoints: endpoints{
+ "af-south-1": endpoint{},
+ "ap-east-1": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "eu-central-1": endpoint{
+ SSLCommonName: "{service}.{region}.{dnsSuffix}",
+ },
+ "eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "elasticmapreduce-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "elasticmapreduce-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "elasticmapreduce-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "elasticmapreduce-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "elasticmapreduce-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{
+ SSLCommonName: "{service}.{region}.{dnsSuffix}",
},
"us-east-2": endpoint{},
"us-west-1": endpoint{},
@@ -1631,6 +2498,7 @@ var awsPartition = partition{
"es": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1640,6 +2508,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -1660,6 +2529,7 @@ var awsPartition = partition{
"events": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1669,20 +2539,46 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "events-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "events-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "events-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "events-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"firehose": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1692,15 +2588,40 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "firehose-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "firehose-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "firehose-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "firehose-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"fms": service{
@@ -1708,6 +2629,7 @@ var awsPartition = partition{
Protocols: []string{"https"},
},
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -1719,18 +2641,113 @@ var awsPartition = partition{
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-ap-northeast-1": endpoint{
+ Hostname: "fms-fips.ap-northeast-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-northeast-1",
+ },
+ },
+ "fips-ap-northeast-2": endpoint{
+ Hostname: "fms-fips.ap-northeast-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-northeast-2",
+ },
+ },
+ "fips-ap-south-1": endpoint{
+ Hostname: "fms-fips.ap-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-south-1",
+ },
+ },
+ "fips-ap-southeast-1": endpoint{
+ Hostname: "fms-fips.ap-southeast-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-southeast-1",
+ },
+ },
+ "fips-ap-southeast-2": endpoint{
+ Hostname: "fms-fips.ap-southeast-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-southeast-2",
+ },
+ },
+ "fips-ca-central-1": endpoint{
+ Hostname: "fms-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-eu-central-1": endpoint{
+ Hostname: "fms-fips.eu-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-central-1",
+ },
+ },
+ "fips-eu-west-1": endpoint{
+ Hostname: "fms-fips.eu-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-1",
+ },
+ },
+ "fips-eu-west-2": endpoint{
+ Hostname: "fms-fips.eu-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-2",
+ },
+ },
+ "fips-eu-west-3": endpoint{
+ Hostname: "fms-fips.eu-west-3.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-3",
+ },
+ },
+ "fips-sa-east-1": endpoint{
+ Hostname: "fms-fips.sa-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "sa-east-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "fms-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "fms-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "fms-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "fms-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"forecast": service{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
@@ -1741,7 +2758,11 @@ var awsPartition = partition{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
@@ -1751,13 +2772,18 @@ var awsPartition = partition{
"fsx": service{
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
"us-west-1": endpoint{},
@@ -1788,6 +2814,7 @@ var awsPartition = partition{
Protocols: []string{"http", "https"},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1797,15 +2824,46 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "glacier-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "glacier-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "glacier-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "glacier-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "glacier-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"glue": service{
@@ -1823,12 +2881,36 @@ var awsPartition = partition{
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "glue-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "glue-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "glue-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "glue-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"greengrass": service{
@@ -1853,8 +2935,24 @@ var awsPartition = partition{
"groundstation": service{
Endpoints: endpoints{
- "us-east-2": endpoint{},
- "us-west-2": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "fips-us-east-2": endpoint{
+ Hostname: "groundstation-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "groundstation-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-2": endpoint{},
},
},
"guardduty": service{
@@ -1863,6 +2961,7 @@ var awsPartition = partition{
Protocols: []string{"https"},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -1872,6 +2971,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -1913,6 +3013,12 @@ var awsPartition = partition{
"us-east-1": endpoint{},
},
},
+ "honeycode": service{
+
+ Endpoints: endpoints{
+ "us-west-2": endpoint{},
+ },
+ },
"iam": service{
PartitionEndpoint: "aws-global",
IsRegionalized: boxedFalse,
@@ -1924,6 +3030,12 @@ var awsPartition = partition{
Region: "us-east-1",
},
},
+ "iam-fips": endpoint{
+ Hostname: "iam-fips.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
},
},
"importexport": service{
@@ -1952,10 +3064,34 @@ var awsPartition = partition{
"eu-north-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "inspector-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "inspector-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "inspector-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "inspector-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"iot": service{
@@ -1989,6 +3125,7 @@ var awsPartition = partition{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
"eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"us-east-1": endpoint{},
@@ -2076,6 +3213,29 @@ var awsPartition = partition{
},
},
},
+ "iotsecuredtunneling": service{
+
+ Endpoints: endpoints{
+ "ap-east-1": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
"iotthingsgraph": service{
Defaults: endpoint{
CredentialScope: credentialScope{
@@ -2106,6 +3266,7 @@ var awsPartition = partition{
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
"sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
@@ -2116,6 +3277,7 @@ var awsPartition = partition{
"kinesis": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -2125,30 +3287,59 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "kinesis-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "kinesis-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "kinesis-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "kinesis-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"kinesisanalytics": service{
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
"us-west-2": endpoint{},
@@ -2157,17 +3348,27 @@ var awsPartition = partition{
"kinesisvideo": service{
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
+ "us-east-2": endpoint{},
"us-west-2": endpoint{},
},
},
"kms": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -2177,6 +3378,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -2192,18 +3394,27 @@ var awsPartition = partition{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
"eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
+ "us-west-1": endpoint{},
"us-west-2": endpoint{},
},
},
"lambda": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -2213,20 +3424,46 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "lambda-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "lambda-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "lambda-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "lambda-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"license-manager": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -2236,15 +3473,40 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "license-manager-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "license-manager-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "license-manager-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "license-manager-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"lightsail": service{
@@ -2268,6 +3530,7 @@ var awsPartition = partition{
"logs": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -2277,15 +3540,40 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "logs-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "logs-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "logs-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "logs-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"machinelearning": service{
@@ -2295,6 +3583,81 @@ var awsPartition = partition{
"us-east-1": endpoint{},
},
},
+ "macie": service{
+
+ Endpoints: endpoints{
+ "fips-us-east-1": endpoint{
+ Hostname: "macie-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "macie-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "us-east-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
+ "macie2": service{
+
+ Endpoints: endpoints{
+ "ap-east-1": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "macie2-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "macie2-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "macie2-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "macie2-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
+ "managedblockchain": service{
+
+ Endpoints: endpoints{
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "us-east-1": endpoint{},
+ },
+ },
"marketplacecommerceanalytics": service{
Endpoints: endpoints{
@@ -2304,6 +3667,7 @@ var awsPartition = partition{
"mediaconnect": service{
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -2331,14 +3695,45 @@ var awsPartition = partition{
"ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "mediaconvert-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "mediaconvert-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "mediaconvert-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "mediaconvert-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "mediaconvert-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"medialive": service{
@@ -2369,6 +3764,7 @@ var awsPartition = partition{
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -2387,6 +3783,7 @@ var awsPartition = partition{
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
"eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
"us-east-1": endpoint{},
"us-west-2": endpoint{},
},
@@ -2398,6 +3795,7 @@ var awsPartition = partition{
},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -2407,6 +3805,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -2421,7 +3820,11 @@ var awsPartition = partition{
"mgh": service{
Endpoints: endpoints{
- "us-west-2": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"mobileanalytics": service{
@@ -2437,9 +3840,14 @@ var awsPartition = partition{
},
},
Endpoints: endpoints{
- "eu-west-1": endpoint{},
- "us-east-1": endpoint{},
- "us-west-2": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "us-east-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"monitoring": service{
@@ -2447,6 +3855,7 @@ var awsPartition = partition{
Protocols: []string{"http", "https"},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -2456,20 +3865,46 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "monitoring-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "monitoring-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "monitoring-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "monitoring-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"mq": service{
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -2477,6 +3912,7 @@ var awsPartition = partition{
"ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -2504,10 +3940,12 @@ var awsPartition = partition{
Region: "us-west-2",
},
},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"mturk-requester": service{
@@ -2523,6 +3961,12 @@ var awsPartition = partition{
"neptune": service{
Endpoints: endpoints{
+ "ap-east-1": endpoint{
+ Hostname: "rds.ap-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-east-1",
+ },
+ },
"ap-northeast-1": endpoint{
Hostname: "rds.ap-northeast-1.amazonaws.com",
CredentialScope: credentialScope{
@@ -2583,12 +4027,24 @@ var awsPartition = partition{
Region: "eu-west-2",
},
},
+ "eu-west-3": endpoint{
+ Hostname: "rds.eu-west-3.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-3",
+ },
+ },
"me-south-1": endpoint{
Hostname: "rds.me-south-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "me-south-1",
},
},
+ "sa-east-1": endpoint{
+ Hostname: "rds.sa-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "sa-east-1",
+ },
+ },
"us-east-1": endpoint{
Hostname: "rds.us-east-1.amazonaws.com",
CredentialScope: credentialScope{
@@ -2601,6 +4057,12 @@ var awsPartition = partition{
Region: "us-east-2",
},
},
+ "us-west-1": endpoint{
+ Hostname: "rds.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
"us-west-2": endpoint{
Hostname: "rds.us-west-2.amazonaws.com",
CredentialScope: credentialScope{
@@ -2636,6 +4098,12 @@ var awsPartition = partition{
Region: "eu-central-1",
},
},
+ "eu-north-1": endpoint{
+ Hostname: "oidc.eu-north-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-north-1",
+ },
+ },
"eu-west-1": endpoint{
Hostname: "oidc.eu-west-1.amazonaws.com",
CredentialScope: credentialScope{
@@ -2710,9 +4178,70 @@ var awsPartition = partition{
"aws-global": endpoint{
Hostname: "organizations.us-east-1.amazonaws.com",
CredentialScope: credentialScope{
- Region: "us-east-1",
+ Region: "us-east-1",
+ },
+ },
+ "fips-aws-global": endpoint{
+ Hostname: "organizations-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ },
+ },
+ "outposts": service{
+
+ Endpoints: endpoints{
+ "af-south-1": endpoint{},
+ "ap-east-1": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "outposts-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "outposts-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "outposts-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "outposts-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "outposts-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
},
},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"pinpoint": service{
@@ -2722,17 +4251,41 @@ var awsPartition = partition{
},
},
Endpoints: endpoints{
+ "ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
"ap-southeast-2": endpoint{},
"eu-central-1": endpoint{},
"eu-west-1": endpoint{},
- "us-east-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "pinpoint-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "pinpoint-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "us-east-1": endpoint{
+ Hostname: "pinpoint.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "us-west-2": endpoint{
+ Hostname: "pinpoint.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
},
},
"polly": service{
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -2744,11 +4297,36 @@ var awsPartition = partition{
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "polly-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "polly-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "polly-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "polly-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"portal.sso": service{
@@ -2826,6 +4404,10 @@ var awsPartition = partition{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
@@ -2835,6 +4417,8 @@ var awsPartition = partition{
"ram": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -2843,9 +4427,12 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
"us-west-1": endpoint{},
@@ -2855,6 +4442,7 @@ var awsPartition = partition{
"rds": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -2864,11 +4452,42 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
"me-south-1": endpoint{},
- "sa-east-1": endpoint{},
+ "rds-fips.ca-central-1": endpoint{
+ Hostname: "rds-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "rds-fips.us-east-1": endpoint{
+ Hostname: "rds-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "rds-fips.us-east-2": endpoint{
+ Hostname: "rds-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "rds-fips.us-west-1": endpoint{
+ Hostname: "rds-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "rds-fips.us-west-2": endpoint{
+ Hostname: "rds-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{
SSLCommonName: "{service}.{dnsSuffix}",
},
@@ -2880,6 +4499,7 @@ var awsPartition = partition{
"redshift": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -2889,15 +4509,46 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-ca-central-1": endpoint{
+ Hostname: "redshift-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "redshift-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "redshift-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "redshift-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "redshift-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"rekognition": service{
@@ -2911,15 +4562,40 @@ var awsPartition = partition{
"eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "rekognition-fips.us-east-1": endpoint{
+ Hostname: "rekognition-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "rekognition-fips.us-east-2": endpoint{
+ Hostname: "rekognition-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "rekognition-fips.us-west-1": endpoint{
+ Hostname: "rekognition-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "rekognition-fips.us-west-2": endpoint{
+ Hostname: "rekognition-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"resource-groups": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -2929,6 +4605,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -3000,6 +4677,8 @@ var awsPartition = partition{
Protocols: []string{"https"},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -3007,9 +4686,13 @@ var awsPartition = partition{
"ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
"us-west-1": endpoint{},
@@ -3023,9 +4706,14 @@ var awsPartition = partition{
},
},
Endpoints: endpoints{
- "eu-west-1": endpoint{},
- "us-east-1": endpoint{},
- "us-west-2": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "us-east-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"runtime.sagemaker": service{
@@ -3086,7 +4774,8 @@ var awsPartition = partition{
DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}",
},
Endpoints: endpoints{
- "ap-east-1": endpoint{},
+ "af-south-1": endpoint{},
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{
Hostname: "s3.ap-northeast-1.amazonaws.com",
SignatureVersions: []string{"s3", "s3v4"},
@@ -3102,7 +4791,8 @@ var awsPartition = partition{
SignatureVersions: []string{"s3", "s3v4"},
},
"aws-global": endpoint{
- Hostname: "s3.amazonaws.com",
+ Hostname: "s3.amazonaws.com",
+ SignatureVersions: []string{"s3", "s3v4"},
CredentialScope: credentialScope{
Region: "us-east-1",
},
@@ -3110,6 +4800,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{
Hostname: "s3.eu-west-1.amazonaws.com",
SignatureVersions: []string{"s3", "s3v4"},
@@ -3128,7 +4819,10 @@ var awsPartition = partition{
Hostname: "s3.sa-east-1.amazonaws.com",
SignatureVersions: []string{"s3", "s3v4"},
},
- "us-east-1": endpoint{},
+ "us-east-1": endpoint{
+ Hostname: "s3.us-east-1.amazonaws.com",
+ SignatureVersions: []string{"s3", "s3v4"},
+ },
"us-east-2": endpoint{},
"us-west-1": endpoint{
Hostname: "s3.us-west-1.amazonaws.com",
@@ -3304,6 +4998,28 @@ var awsPartition = partition{
},
},
},
+ "schemas": service{
+
+ Endpoints: endpoints{
+ "ap-east-1": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
"sdb": service{
Defaults: endpoint{
Protocols: []string{"http", "https"},
@@ -3325,6 +5041,7 @@ var awsPartition = partition{
"secretsmanager": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3334,6 +5051,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -3372,6 +5090,7 @@ var awsPartition = partition{
"securityhub": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3381,15 +5100,40 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "securityhub-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "securityhub-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "securityhub-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "securityhub-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"serverlessrepo": service{
@@ -3456,6 +5200,8 @@ var awsPartition = partition{
"servicecatalog": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
@@ -3464,9 +5210,11 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
"sa-east-1": endpoint{},
"us-east-1": endpoint{},
"us-east-1-fips": endpoint{
@@ -3498,8 +5246,33 @@ var awsPartition = partition{
},
},
},
- "servicediscovery": service{
-
+ "servicediscovery": service{
+
+ Endpoints: endpoints{
+ "ap-east-1": endpoint{},
+ "ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-south-1": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "ca-central-1": endpoint{},
+ "eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
+ "eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
+ },
+ },
+ "servicequotas": service{
+ Defaults: endpoint{
+ Protocols: []string{"https"},
+ },
Endpoints: endpoints{
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
@@ -3525,6 +5298,10 @@ var awsPartition = partition{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
@@ -3532,18 +5309,31 @@ var awsPartition = partition{
},
},
"shield": service{
- IsRegionalized: boxedFalse,
+ PartitionEndpoint: "aws-global",
+ IsRegionalized: boxedFalse,
Defaults: endpoint{
SSLCommonName: "shield.us-east-1.amazonaws.com",
Protocols: []string{"https"},
},
Endpoints: endpoints{
- "us-east-1": endpoint{},
+ "aws-global": endpoint{
+ Hostname: "shield.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-aws-global": endpoint{
+ Hostname: "shield-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
},
},
"sms": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3553,15 +5343,40 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "sms-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "sms-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "sms-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "sms-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"snowball": service{
@@ -3577,11 +5392,101 @@ var awsPartition = partition{
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-ap-northeast-1": endpoint{
+ Hostname: "snowball-fips.ap-northeast-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-northeast-1",
+ },
+ },
+ "fips-ap-northeast-2": endpoint{
+ Hostname: "snowball-fips.ap-northeast-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-northeast-2",
+ },
+ },
+ "fips-ap-south-1": endpoint{
+ Hostname: "snowball-fips.ap-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-south-1",
+ },
+ },
+ "fips-ap-southeast-1": endpoint{
+ Hostname: "snowball-fips.ap-southeast-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-southeast-1",
+ },
+ },
+ "fips-ap-southeast-2": endpoint{
+ Hostname: "snowball-fips.ap-southeast-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-southeast-2",
+ },
+ },
+ "fips-ca-central-1": endpoint{
+ Hostname: "snowball-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-eu-central-1": endpoint{
+ Hostname: "snowball-fips.eu-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-central-1",
+ },
+ },
+ "fips-eu-west-1": endpoint{
+ Hostname: "snowball-fips.eu-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-1",
+ },
+ },
+ "fips-eu-west-2": endpoint{
+ Hostname: "snowball-fips.eu-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-2",
+ },
+ },
+ "fips-eu-west-3": endpoint{
+ Hostname: "snowball-fips.eu-west-3.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-3",
+ },
+ },
+ "fips-sa-east-1": endpoint{
+ Hostname: "snowball-fips.sa-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "sa-east-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "snowball-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "snowball-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "snowball-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "snowball-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"sns": service{
@@ -3589,6 +5494,7 @@ var awsPartition = partition{
Protocols: []string{"http", "https"},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3598,15 +5504,40 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "sns-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "sns-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "sns-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "sns-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"sqs": service{
@@ -3615,6 +5546,7 @@ var awsPartition = partition{
Protocols: []string{"http", "https"},
},
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3624,6 +5556,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -3664,6 +5597,7 @@ var awsPartition = partition{
"ssm": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3673,20 +5607,70 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "ssm-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "ssm-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "ssm-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "ssm-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "ssm-facade-fips-us-east-1": endpoint{
+ Hostname: "ssm-facade-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "ssm-facade-fips-us-east-2": endpoint{
+ Hostname: "ssm-facade-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "ssm-facade-fips-us-west-1": endpoint{
+ Hostname: "ssm-facade-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "ssm-facade-fips-us-west-2": endpoint{
+ Hostname: "ssm-facade-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"states": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3696,20 +5680,46 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "states-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "states-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "states-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "states-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"storagegateway": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3719,15 +5729,22 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips": endpoint{
+ Hostname: "storagegateway-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"streams.dynamodb": service{
@@ -3798,6 +5815,7 @@ var awsPartition = partition{
PartitionEndpoint: "aws-global",
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3813,6 +5831,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -3863,6 +5882,7 @@ var awsPartition = partition{
"swf": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3872,20 +5892,46 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "swf-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "swf-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "swf-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "swf-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"tagging": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -3895,6 +5941,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -3912,6 +5959,7 @@ var awsPartition = partition{
},
Endpoints: endpoints{
"ap-east-1": endpoint{},
+ "ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
@@ -3921,12 +5969,36 @@ var awsPartition = partition{
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
- "me-south-1": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "fips.transcribe.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "fips.transcribe.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "fips.transcribe.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "fips.transcribe.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{},
+ "sa-east-1": endpoint{},
+ "us-east-1": endpoint{},
+ "us-east-2": endpoint{},
+ "us-west-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"transcribestreaming": service{
@@ -3966,13 +6038,18 @@ var awsPartition = partition{
Protocols: []string{"https"},
},
Endpoints: endpoints{
+ "ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
"ap-south-1": endpoint{},
"ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
+ "eu-north-1": endpoint{},
"eu-west-1": endpoint{},
+ "eu-west-2": endpoint{},
+ "eu-west-3": endpoint{},
"us-east-1": endpoint{},
"us-east-1-fips": endpoint{
Hostname: "translate-fips.us-east-1.amazonaws.com",
@@ -3987,49 +6064,256 @@ var awsPartition = partition{
Region: "us-east-2",
},
},
+ "us-west-1": endpoint{},
"us-west-2": endpoint{},
"us-west-2-fips": endpoint{
Hostname: "translate-fips.us-west-2.amazonaws.com",
CredentialScope: credentialScope{
- Region: "us-west-2",
+ Region: "us-west-2",
+ },
+ },
+ },
+ },
+ "waf": service{
+ PartitionEndpoint: "aws-global",
+ IsRegionalized: boxedFalse,
+
+ Endpoints: endpoints{
+ "aws-fips": endpoint{
+ Hostname: "waf-fips.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "aws-global": endpoint{
+ Hostname: "waf.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ },
+ },
+ "waf-regional": service{
+
+ Endpoints: endpoints{
+ "ap-east-1": endpoint{
+ Hostname: "waf-regional.ap-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-east-1",
+ },
+ },
+ "ap-northeast-1": endpoint{
+ Hostname: "waf-regional.ap-northeast-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-northeast-1",
+ },
+ },
+ "ap-northeast-2": endpoint{
+ Hostname: "waf-regional.ap-northeast-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-northeast-2",
+ },
+ },
+ "ap-south-1": endpoint{
+ Hostname: "waf-regional.ap-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-south-1",
+ },
+ },
+ "ap-southeast-1": endpoint{
+ Hostname: "waf-regional.ap-southeast-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-southeast-1",
+ },
+ },
+ "ap-southeast-2": endpoint{
+ Hostname: "waf-regional.ap-southeast-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-southeast-2",
+ },
+ },
+ "ca-central-1": endpoint{
+ Hostname: "waf-regional.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "eu-central-1": endpoint{
+ Hostname: "waf-regional.eu-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-central-1",
+ },
+ },
+ "eu-north-1": endpoint{
+ Hostname: "waf-regional.eu-north-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-north-1",
+ },
+ },
+ "eu-west-1": endpoint{
+ Hostname: "waf-regional.eu-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-1",
+ },
+ },
+ "eu-west-2": endpoint{
+ Hostname: "waf-regional.eu-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-2",
+ },
+ },
+ "eu-west-3": endpoint{
+ Hostname: "waf-regional.eu-west-3.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-3",
+ },
+ },
+ "fips-ap-east-1": endpoint{
+ Hostname: "waf-regional-fips.ap-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-east-1",
+ },
+ },
+ "fips-ap-northeast-1": endpoint{
+ Hostname: "waf-regional-fips.ap-northeast-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-northeast-1",
+ },
+ },
+ "fips-ap-northeast-2": endpoint{
+ Hostname: "waf-regional-fips.ap-northeast-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-northeast-2",
+ },
+ },
+ "fips-ap-south-1": endpoint{
+ Hostname: "waf-regional-fips.ap-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-south-1",
+ },
+ },
+ "fips-ap-southeast-1": endpoint{
+ Hostname: "waf-regional-fips.ap-southeast-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-southeast-1",
+ },
+ },
+ "fips-ap-southeast-2": endpoint{
+ Hostname: "waf-regional-fips.ap-southeast-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ap-southeast-2",
+ },
+ },
+ "fips-ca-central-1": endpoint{
+ Hostname: "waf-regional-fips.ca-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "ca-central-1",
+ },
+ },
+ "fips-eu-central-1": endpoint{
+ Hostname: "waf-regional-fips.eu-central-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-central-1",
+ },
+ },
+ "fips-eu-north-1": endpoint{
+ Hostname: "waf-regional-fips.eu-north-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-north-1",
+ },
+ },
+ "fips-eu-west-1": endpoint{
+ Hostname: "waf-regional-fips.eu-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-1",
+ },
+ },
+ "fips-eu-west-2": endpoint{
+ Hostname: "waf-regional-fips.eu-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-2",
+ },
+ },
+ "fips-eu-west-3": endpoint{
+ Hostname: "waf-regional-fips.eu-west-3.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "eu-west-3",
+ },
+ },
+ "fips-me-south-1": endpoint{
+ Hostname: "waf-regional-fips.me-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "me-south-1",
+ },
+ },
+ "fips-sa-east-1": endpoint{
+ Hostname: "waf-regional-fips.sa-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "sa-east-1",
+ },
+ },
+ "fips-us-east-1": endpoint{
+ Hostname: "waf-regional-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-east-2": endpoint{
+ Hostname: "waf-regional-fips.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "fips-us-west-1": endpoint{
+ Hostname: "waf-regional-fips.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "waf-regional-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "me-south-1": endpoint{
+ Hostname: "waf-regional.me-south-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "me-south-1",
+ },
+ },
+ "sa-east-1": endpoint{
+ Hostname: "waf-regional.sa-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "sa-east-1",
+ },
+ },
+ "us-east-1": endpoint{
+ Hostname: "waf-regional.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "us-east-2": endpoint{
+ Hostname: "waf-regional.us-east-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-2",
+ },
+ },
+ "us-west-1": endpoint{
+ Hostname: "waf-regional.us-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-1",
},
},
- },
- },
- "waf": service{
- PartitionEndpoint: "aws-global",
- IsRegionalized: boxedFalse,
-
- Endpoints: endpoints{
- "aws-global": endpoint{
- Hostname: "waf.amazonaws.com",
+ "us-west-2": endpoint{
+ Hostname: "waf-regional.us-west-2.amazonaws.com",
CredentialScope: credentialScope{
- Region: "us-east-1",
+ Region: "us-west-2",
},
},
},
},
- "waf-regional": service{
-
- Endpoints: endpoints{
- "ap-northeast-1": endpoint{},
- "ap-northeast-2": endpoint{},
- "ap-south-1": endpoint{},
- "ap-southeast-1": endpoint{},
- "ap-southeast-2": endpoint{},
- "ca-central-1": endpoint{},
- "eu-central-1": endpoint{},
- "eu-north-1": endpoint{},
- "eu-west-1": endpoint{},
- "eu-west-2": endpoint{},
- "eu-west-3": endpoint{},
- "sa-east-1": endpoint{},
- "us-east-1": endpoint{},
- "us-east-2": endpoint{},
- "us-west-1": endpoint{},
- "us-west-2": endpoint{},
- },
- },
"workdocs": service{
Endpoints: endpoints{
@@ -4037,8 +6321,20 @@ var awsPartition = partition{
"ap-southeast-1": endpoint{},
"ap-southeast-2": endpoint{},
"eu-west-1": endpoint{},
- "us-east-1": endpoint{},
- "us-west-2": endpoint{},
+ "fips-us-east-1": endpoint{
+ Hostname: "workdocs-fips.us-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-east-1",
+ },
+ },
+ "fips-us-west-2": endpoint{
+ Hostname: "workdocs-fips.us-west-2.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-west-2",
+ },
+ },
+ "us-east-1": endpoint{},
+ "us-west-2": endpoint{},
},
},
"workmail": service{
@@ -4070,6 +6366,7 @@ var awsPartition = partition{
"xray": service{
Endpoints: endpoints{
+ "af-south-1": endpoint{},
"ap-east-1": endpoint{},
"ap-northeast-1": endpoint{},
"ap-northeast-2": endpoint{},
@@ -4079,6 +6376,7 @@ var awsPartition = partition{
"ca-central-1": endpoint{},
"eu-central-1": endpoint{},
"eu-north-1": endpoint{},
+ "eu-south-1": endpoint{},
"eu-west-1": endpoint{},
"eu-west-2": endpoint{},
"eu-west-3": endpoint{},
@@ -4122,6 +6420,20 @@ var awscnPartition = partition{
},
},
Services: services{
+ "access-analyzer": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
+ "acm": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
"api.ecr": service{
Endpoints: endpoints{
@@ -4139,6 +6451,13 @@ var awscnPartition = partition{
},
},
},
+ "api.sagemaker": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
"apigateway": service{
Endpoints: endpoints{
@@ -4148,17 +6467,26 @@ var awscnPartition = partition{
},
"application-autoscaling": service{
Defaults: endpoint{
- Hostname: "autoscaling.{region}.amazonaws.com.cn",
Protocols: []string{"http", "https"},
- CredentialScope: credentialScope{
- Service: "application-autoscaling",
- },
},
Endpoints: endpoints{
"cn-north-1": endpoint{},
"cn-northwest-1": endpoint{},
},
},
+ "appsync": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ },
+ },
+ "athena": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
"autoscaling": service{
Defaults: endpoint{
Protocols: []string{"http", "https"},
@@ -4168,6 +6496,22 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "autoscaling-plans": service{
+ Defaults: endpoint{
+ Protocols: []string{"http", "https"},
+ },
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
+ "backup": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
"batch": service{
Endpoints: endpoints{
@@ -4175,6 +6519,32 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "budgets": service{
+ PartitionEndpoint: "aws-cn-global",
+ IsRegionalized: boxedFalse,
+
+ Endpoints: endpoints{
+ "aws-cn-global": endpoint{
+ Hostname: "budgets.amazonaws.com.cn",
+ CredentialScope: credentialScope{
+ Region: "cn-northwest-1",
+ },
+ },
+ },
+ },
+ "ce": service{
+ PartitionEndpoint: "aws-cn-global",
+ IsRegionalized: boxedFalse,
+
+ Endpoints: endpoints{
+ "aws-cn-global": endpoint{
+ Hostname: "ce.cn-northwest-1.amazonaws.com.cn",
+ CredentialScope: credentialScope{
+ Region: "cn-northwest-1",
+ },
+ },
+ },
+ },
"cloudformation": service{
Endpoints: endpoints{
@@ -4210,6 +6580,13 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "codecommit": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
"codedeploy": service{
Endpoints: endpoints{
@@ -4230,6 +6607,12 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "cur": service{
+
+ Endpoints: endpoints{
+ "cn-northwest-1": endpoint{},
+ },
+ },
"dax": service{
Endpoints: endpoints{
@@ -4293,6 +6676,15 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "eks": service{
+ Defaults: endpoint{
+ Protocols: []string{"http", "https"},
+ },
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
"elasticache": service{
Endpoints: endpoints{
@@ -4307,6 +6699,25 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "elasticfilesystem": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ "fips-cn-north-1": endpoint{
+ Hostname: "elasticfilesystem-fips.cn-north-1.amazonaws.com.cn",
+ CredentialScope: credentialScope{
+ Region: "cn-north-1",
+ },
+ },
+ "fips-cn-northwest-1": endpoint{
+ Hostname: "elasticfilesystem-fips.cn-northwest-1.amazonaws.com.cn",
+ CredentialScope: credentialScope{
+ Region: "cn-northwest-1",
+ },
+ },
+ },
+ },
"elasticloadbalancing": service{
Defaults: endpoint{
Protocols: []string{"https"},
@@ -4364,6 +6775,7 @@ var awscnPartition = partition{
"glue": service{
Endpoints: endpoints{
+ "cn-north-1": endpoint{},
"cn-northwest-1": endpoint{},
},
},
@@ -4376,6 +6788,13 @@ var awscnPartition = partition{
"cn-north-1": endpoint{},
},
},
+ "health": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
"iam": service{
PartitionEndpoint: "aws-cn-global",
IsRegionalized: boxedFalse,
@@ -4400,6 +6819,20 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "iotsecuredtunneling": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
+ "kafka": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
"kinesis": service{
Endpoints: endpoints{
@@ -4407,6 +6840,13 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "kinesisanalytics": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
"kms": service{
Endpoints: endpoints{
@@ -4455,6 +6895,36 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "neptune": service{
+
+ Endpoints: endpoints{
+ "cn-northwest-1": endpoint{
+ Hostname: "rds.cn-northwest-1.amazonaws.com.cn",
+ CredentialScope: credentialScope{
+ Region: "cn-northwest-1",
+ },
+ },
+ },
+ },
+ "organizations": service{
+ PartitionEndpoint: "aws-cn-global",
+ IsRegionalized: boxedFalse,
+
+ Endpoints: endpoints{
+ "aws-cn-global": endpoint{
+ Hostname: "organizations.cn-northwest-1.amazonaws.com.cn",
+ CredentialScope: credentialScope{
+ Region: "cn-northwest-1",
+ },
+ },
+ "fips-aws-cn-global": endpoint{
+ Hostname: "organizations.cn-northwest-1.amazonaws.com.cn",
+ CredentialScope: credentialScope{
+ Region: "cn-northwest-1",
+ },
+ },
+ },
+ },
"polly": service{
Endpoints: endpoints{
@@ -4475,10 +6945,33 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "route53": service{
+ PartitionEndpoint: "aws-cn-global",
+ IsRegionalized: boxedFalse,
+
+ Endpoints: endpoints{
+ "aws-cn-global": endpoint{
+ Hostname: "route53.amazonaws.com.cn",
+ CredentialScope: credentialScope{
+ Region: "cn-northwest-1",
+ },
+ },
+ },
+ },
+ "runtime.sagemaker": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
"s3": service{
Defaults: endpoint{
Protocols: []string{"http", "https"},
SignatureVersions: []string{"s3v4"},
+
+ HasDualStack: boxedTrue,
+ DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}",
},
Endpoints: endpoints{
"cn-north-1": endpoint{},
@@ -4489,6 +6982,9 @@ var awscnPartition = partition{
Defaults: endpoint{
Protocols: []string{"https"},
SignatureVersions: []string{"s3v4"},
+
+ HasDualStack: boxedTrue,
+ DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}",
},
Endpoints: endpoints{
"cn-north-1": endpoint{
@@ -4507,6 +7003,26 @@ var awscnPartition = partition{
},
},
},
+ "secretsmanager": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
+ "serverlessrepo": service{
+ Defaults: endpoint{
+ Protocols: []string{"https"},
+ },
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{
+ Protocols: []string{"https"},
+ },
+ "cn-northwest-1": endpoint{
+ Protocols: []string{"https"},
+ },
+ },
+ },
"sms": service{
Endpoints: endpoints{
@@ -4517,7 +7033,20 @@ var awscnPartition = partition{
"snowball": service{
Endpoints: endpoints{
- "cn-north-1": endpoint{},
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ "fips-cn-north-1": endpoint{
+ Hostname: "snowball-fips.cn-north-1.amazonaws.com.cn",
+ CredentialScope: credentialScope{
+ Region: "cn-north-1",
+ },
+ },
+ "fips-cn-northwest-1": endpoint{
+ Hostname: "snowball-fips.cn-northwest-1.amazonaws.com.cn",
+ CredentialScope: credentialScope{
+ Region: "cn-northwest-1",
+ },
+ },
},
},
"sns": service{
@@ -4556,7 +7085,8 @@ var awscnPartition = partition{
"storagegateway": service{
Endpoints: endpoints{
- "cn-north-1": endpoint{},
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
},
},
"streams.dynamodb": service{
@@ -4629,6 +7159,13 @@ var awscnPartition = partition{
"cn-northwest-1": endpoint{},
},
},
+ "xray": service{
+
+ Endpoints: endpoints{
+ "cn-north-1": endpoint{},
+ "cn-northwest-1": endpoint{},
+ },
+ },
},
}
@@ -4657,10 +7194,27 @@ var awsusgovPartition = partition{
Description: "AWS GovCloud (US-East)",
},
"us-gov-west-1": region{
- Description: "AWS GovCloud (US)",
+ Description: "AWS GovCloud (US-West)",
},
},
Services: services{
+ "access-analyzer": service{
+
+ Endpoints: endpoints{
+ "us-gov-east-1": endpoint{
+ Hostname: "access-analyzer.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "access-analyzer.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ },
+ },
"acm": service{
Endpoints: endpoints{
@@ -4673,6 +7227,18 @@ var awsusgovPartition = partition{
Protocols: []string{"https"},
},
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "acm-pca.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "acm-pca.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -4680,6 +7246,18 @@ var awsusgovPartition = partition{
"api.ecr": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "ecr-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "ecr-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{
Hostname: "api.ecr.us-gov-east-1.amazonaws.com",
CredentialScope: credentialScope{
@@ -4698,6 +7276,18 @@ var awsusgovPartition = partition{
Endpoints: endpoints{
"us-gov-west-1": endpoint{},
+ "us-gov-west-1-fips": endpoint{
+ Hostname: "api-fips.sagemaker.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-west-1-fips-secondary": endpoint{
+ Hostname: "api.sagemaker.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"apigateway": service{
@@ -4709,7 +7299,8 @@ var awsusgovPartition = partition{
},
"application-autoscaling": service{
Defaults: endpoint{
- Hostname: "autoscaling.{region}.amazonaws.com",
+ Hostname: "autoscaling.{region}.amazonaws.com",
+ Protocols: []string{"http", "https"},
CredentialScope: credentialScope{
Service: "application-autoscaling",
},
@@ -4739,6 +7330,18 @@ var awsusgovPartition = partition{
"athena": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "athena-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "athena-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -4746,25 +7349,72 @@ var awsusgovPartition = partition{
"autoscaling": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Protocols: []string{"http", "https"},
+ },
"us-gov-west-1": endpoint{
Protocols: []string{"http", "https"},
},
},
},
- "clouddirectory": service{
+ "autoscaling-plans": service{
+ Defaults: endpoint{
+ Protocols: []string{"http", "https"},
+ },
+ Endpoints: endpoints{
+ "us-gov-east-1": endpoint{},
+ "us-gov-west-1": endpoint{},
+ },
+ },
+ "backup": service{
Endpoints: endpoints{
+ "us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
},
- "cloudformation": service{
+ "batch": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "batch.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "batch.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
},
+ "clouddirectory": service{
+
+ Endpoints: endpoints{
+ "us-gov-west-1": endpoint{},
+ },
+ },
+ "cloudformation": service{
+
+ Endpoints: endpoints{
+ "us-gov-east-1": endpoint{
+ Hostname: "cloudformation.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "cloudformation.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ },
+ },
"cloudhsm": service{
Endpoints: endpoints{
@@ -4785,20 +7435,48 @@ var awsusgovPartition = partition{
"cloudtrail": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
- "us-gov-west-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "cloudtrail.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "cloudtrail.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"codebuild": service{
Endpoints: endpoints{
"us-gov-east-1": endpoint{},
+ "us-gov-east-1-fips": endpoint{
+ Hostname: "codebuild-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
"us-gov-west-1": endpoint{},
+ "us-gov-west-1-fips": endpoint{
+ Hostname: "codebuild-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"codecommit": service{
Endpoints: endpoints{
+ "fips": endpoint{
+ Hostname: "codecommit-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -4822,11 +7500,59 @@ var awsusgovPartition = partition{
},
},
},
+ "codepipeline": service{
+
+ Endpoints: endpoints{
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "codepipeline-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-west-1": endpoint{},
+ },
+ },
+ "cognito-identity": service{
+
+ Endpoints: endpoints{
+ "us-gov-west-1": endpoint{},
+ },
+ },
+ "cognito-idp": service{
+
+ Endpoints: endpoints{
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "cognito-idp-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-west-1": endpoint{},
+ },
+ },
"comprehend": service{
Defaults: endpoint{
Protocols: []string{"https"},
},
Endpoints: endpoints{
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "comprehend-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-west-1": endpoint{},
+ },
+ },
+ "comprehendmedical": service{
+
+ Endpoints: endpoints{
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "comprehendmedical-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-west-1": endpoint{},
},
},
@@ -4840,32 +7566,78 @@ var awsusgovPartition = partition{
"datasync": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "datasync-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
"fips-us-gov-west-1": endpoint{
Hostname: "datasync-fips.us-gov-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "us-gov-west-1",
},
},
+ "us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
},
"directconnect": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
- "us-gov-west-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "directconnect.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "directconnect.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"dms": service{
Endpoints: endpoints{
+ "dms-fips": endpoint{
+ Hostname: "dms.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
},
+ "docdb": service{
+
+ Endpoints: endpoints{
+ "us-gov-west-1": endpoint{
+ Hostname: "rds.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ },
+ },
"ds": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "ds-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "ds-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -4892,8 +7664,18 @@ var awsusgovPartition = partition{
"ec2": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
- "us-gov-west-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "ec2.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "ec2.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"ec2metadata": service{
@@ -4909,6 +7691,27 @@ var awsusgovPartition = partition{
},
"ecs": service{
+ Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "ecs-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "ecs-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-east-1": endpoint{},
+ "us-gov-west-1": endpoint{},
+ },
+ },
+ "eks": service{
+ Defaults: endpoint{
+ Protocols: []string{"http", "https"},
+ },
Endpoints: endpoints{
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
@@ -4918,7 +7721,7 @@ var awsusgovPartition = partition{
Endpoints: endpoints{
"fips": endpoint{
- Hostname: "elasticache-fips.us-gov-west-1.amazonaws.com",
+ Hostname: "elasticache.us-gov-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "us-gov-west-1",
},
@@ -4930,19 +7733,54 @@ var awsusgovPartition = partition{
"elasticbeanstalk": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
- "us-gov-west-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"elasticfilesystem": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "elasticfilesystem-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "elasticfilesystem-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
},
"elasticloadbalancing": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "elasticloadbalancing-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "elasticloadbalancing-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{
Protocols: []string{"http", "https"},
@@ -4952,12 +7790,36 @@ var awsusgovPartition = partition{
"elasticmapreduce": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "elasticmapreduce.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "elasticmapreduce.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{
Protocols: []string{"https"},
},
},
},
+ "email": service{
+
+ Endpoints: endpoints{
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "email-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-west-1": endpoint{},
+ },
+ },
"es": service{
Endpoints: endpoints{
@@ -4974,13 +7836,35 @@ var awsusgovPartition = partition{
"events": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
- "us-gov-west-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "events.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "events.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"firehose": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "firehose-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "firehose-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -4988,15 +7872,36 @@ var awsusgovPartition = partition{
"glacier": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "glacier.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
"us-gov-west-1": endpoint{
+ Hostname: "glacier.us-gov-west-1.amazonaws.com",
Protocols: []string{"http", "https"},
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
},
},
},
"glue": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "glue-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "glue-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -5007,7 +7912,12 @@ var awsusgovPartition = partition{
Protocols: []string{"https"},
},
Endpoints: endpoints{
- "us-gov-west-1": endpoint{},
+ "us-gov-west-1": endpoint{
+ Hostname: "greengrass.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"guardduty": service{
@@ -5017,6 +7927,12 @@ var awsusgovPartition = partition{
},
Endpoints: endpoints{
"us-gov-west-1": endpoint{},
+ "us-gov-west-1-fips": endpoint{
+ Hostname: "guardduty.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"health": service{
@@ -5036,11 +7952,29 @@ var awsusgovPartition = partition{
Region: "us-gov-west-1",
},
},
+ "iam-govcloud-fips": endpoint{
+ Hostname: "iam.us-gov.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"inspector": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "inspector-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "inspector-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -5055,8 +7989,40 @@ var awsusgovPartition = partition{
"us-gov-west-1": endpoint{},
},
},
+ "iotsecuredtunneling": service{
+
+ Endpoints: endpoints{
+ "us-gov-west-1": endpoint{},
+ },
+ },
+ "kafka": service{
+
+ Endpoints: endpoints{
+ "us-gov-east-1": endpoint{},
+ "us-gov-west-1": endpoint{},
+ },
+ },
"kinesis": service{
+ Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "kinesis-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "kinesis-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-east-1": endpoint{},
+ "us-gov-west-1": endpoint{},
+ },
+ },
+ "kinesisanalytics": service{
+
Endpoints: endpoints{
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
@@ -5078,6 +8044,18 @@ var awsusgovPartition = partition{
"lambda": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "lambda-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "lambda-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -5085,6 +8063,18 @@ var awsusgovPartition = partition{
"license-manager": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "license-manager-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "license-manager-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -5092,14 +8082,29 @@ var awsusgovPartition = partition{
"logs": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
- "us-gov-west-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "logs.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "logs.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"mediaconvert": service{
Endpoints: endpoints{
- "us-gov-west-1": endpoint{},
+ "us-gov-west-1": endpoint{
+ Hostname: "mediaconvert.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"metering.marketplace": service{
@@ -5116,6 +8121,18 @@ var awsusgovPartition = partition{
"monitoring": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "monitoring.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "monitoring.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -5148,11 +8165,50 @@ var awsusgovPartition = partition{
Region: "us-gov-west-1",
},
},
+ "fips-aws-us-gov-global": endpoint{
+ Hostname: "organizations.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ },
+ },
+ "outposts": service{
+
+ Endpoints: endpoints{
+ "us-gov-east-1": endpoint{
+ Hostname: "outposts.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "outposts.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ },
+ },
+ "pinpoint": service{
+ Defaults: endpoint{
+ CredentialScope: credentialScope{
+ Service: "mobiletargeting",
+ },
+ },
+ Endpoints: endpoints{
+ "us-gov-west-1": endpoint{},
},
},
"polly": service{
Endpoints: endpoints{
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "polly-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-west-1": endpoint{},
},
},
@@ -5166,6 +8222,18 @@ var awsusgovPartition = partition{
"rds": service{
Endpoints: endpoints{
+ "rds.us-gov-east-1": endpoint{
+ Hostname: "rds.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "rds.us-gov-west-1": endpoint{
+ Hostname: "rds.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -5173,13 +8241,29 @@ var awsusgovPartition = partition{
"redshift": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
- "us-gov-west-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "redshift.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "redshift.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"rekognition": service{
Endpoints: endpoints{
+ "rekognition-fips.us-gov-west-1": endpoint{
+ Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-west-1": endpoint{},
},
},
@@ -5231,6 +8315,9 @@ var awsusgovPartition = partition{
"s3": service{
Defaults: endpoint{
SignatureVersions: []string{"s3", "s3v4"},
+
+ HasDualStack: boxedTrue,
+ DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}",
},
Endpoints: endpoints{
"fips-us-gov-west-1": endpoint{
@@ -5253,6 +8340,9 @@ var awsusgovPartition = partition{
Defaults: endpoint{
Protocols: []string{"https"},
SignatureVersions: []string{"s3v4"},
+
+ HasDualStack: boxedTrue,
+ DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}",
},
Endpoints: endpoints{
"us-gov-east-1": endpoint{
@@ -5304,22 +8394,56 @@ var awsusgovPartition = partition{
},
},
},
+ "securityhub": service{
+
+ Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "securityhub-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "securityhub-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-east-1": endpoint{},
+ "us-gov-west-1": endpoint{},
+ },
+ },
"serverlessrepo": service{
Defaults: endpoint{
Protocols: []string{"https"},
},
Endpoints: endpoints{
"us-gov-east-1": endpoint{
+ Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com",
Protocols: []string{"https"},
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
},
"us-gov-west-1": endpoint{
+ Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com",
Protocols: []string{"https"},
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
},
},
},
"servicecatalog": service{
Endpoints: endpoints{
+ "us-gov-east-1": endpoint{},
+ "us-gov-east-1-fips": endpoint{
+ Hostname: "servicecatalog-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
"us-gov-west-1": endpoint{},
"us-gov-west-1-fips": endpoint{
Hostname: "servicecatalog-fips.us-gov-west-1.amazonaws.com",
@@ -5332,6 +8456,18 @@ var awsusgovPartition = partition{
"sms": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "sms-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "sms-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -5339,6 +8475,18 @@ var awsusgovPartition = partition{
"snowball": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "snowball-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "snowball-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -5346,25 +8494,67 @@ var awsusgovPartition = partition{
"sns": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "sns.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
"us-gov-west-1": endpoint{
+ Hostname: "sns.us-gov-west-1.amazonaws.com",
Protocols: []string{"http", "https"},
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
},
},
},
"sqs": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "sqs.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
"us-gov-west-1": endpoint{
+ Hostname: "sqs.us-gov-west-1.amazonaws.com",
SSLCommonName: "{region}.queue.{dnsSuffix}",
Protocols: []string{"http", "https"},
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
},
},
},
"ssm": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "ssm.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "ssm.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "ssm-facade-fips-us-gov-east-1": endpoint{
+ Hostname: "ssm-facade.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "ssm-facade-fips-us-gov-west-1": endpoint{
+ Hostname: "ssm-facade.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -5372,6 +8562,18 @@ var awsusgovPartition = partition{
"states": service{
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "states-fips.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "states.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
"us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
@@ -5379,6 +8581,13 @@ var awsusgovPartition = partition{
"storagegateway": service{
Endpoints: endpoints{
+ "fips": endpoint{
+ Hostname: "storagegateway-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
},
@@ -5409,14 +8618,54 @@ var awsusgovPartition = partition{
Endpoints: endpoints{
"us-gov-east-1": endpoint{},
+ "us-gov-east-1-fips": endpoint{
+ Hostname: "sts.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
"us-gov-west-1": endpoint{},
+ "us-gov-west-1-fips": endpoint{
+ Hostname: "sts.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ },
+ },
+ "support": service{
+ PartitionEndpoint: "aws-us-gov-global",
+
+ Endpoints: endpoints{
+ "aws-us-gov-global": endpoint{
+ Hostname: "support.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "support.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"swf": service{
Endpoints: endpoints{
- "us-gov-east-1": endpoint{},
- "us-gov-west-1": endpoint{},
+ "us-gov-east-1": endpoint{
+ Hostname: "swf.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "swf.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"tagging": service{
@@ -5431,6 +8680,19 @@ var awsusgovPartition = partition{
Protocols: []string{"https"},
},
Endpoints: endpoints{
+ "fips-us-gov-east-1": endpoint{
+ Hostname: "fips.transcribe.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "fips.transcribe.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-east-1": endpoint{},
"us-gov-west-1": endpoint{},
},
},
@@ -5451,7 +8713,18 @@ var awsusgovPartition = partition{
"waf-regional": service{
Endpoints: endpoints{
- "us-gov-west-1": endpoint{},
+ "fips-us-gov-west-1": endpoint{
+ Hostname: "waf-regional-fips.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
+ "us-gov-west-1": endpoint{
+ Hostname: "waf-regional.us-gov-west-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-west-1",
+ },
+ },
},
},
"workspaces": service{
@@ -5460,6 +8733,13 @@ var awsusgovPartition = partition{
"us-gov-west-1": endpoint{},
},
},
+ "xray": service{
+
+ Endpoints: endpoints{
+ "us-gov-east-1": endpoint{},
+ "us-gov-west-1": endpoint{},
+ },
+ },
},
}
@@ -5514,11 +8794,7 @@ var awsisoPartition = partition{
},
"application-autoscaling": service{
Defaults: endpoint{
- Hostname: "autoscaling.{region}.amazonaws.com",
Protocols: []string{"http", "https"},
- CredentialScope: credentialScope{
- Service: "application-autoscaling",
- },
},
Endpoints: endpoints{
"us-iso-east-1": endpoint{},
@@ -5550,6 +8826,14 @@ var awsisoPartition = partition{
"us-iso-east-1": endpoint{},
},
},
+ "comprehend": service{
+ Defaults: endpoint{
+ Protocols: []string{"https"},
+ },
+ Endpoints: endpoints{
+ "us-iso-east-1": endpoint{},
+ },
+ },
"config": service{
Endpoints: endpoints{
@@ -5571,6 +8855,12 @@ var awsisoPartition = partition{
"dms": service{
Endpoints: endpoints{
+ "dms-fips": endpoint{
+ Hostname: "dms.us-iso-east-1.c2s.ic.gov",
+ CredentialScope: credentialScope{
+ Region: "us-iso-east-1",
+ },
+ },
"us-iso-east-1": endpoint{},
},
},
@@ -5633,6 +8923,12 @@ var awsisoPartition = partition{
},
},
},
+ "es": service{
+
+ Endpoints: endpoints{
+ "us-iso-east-1": endpoint{},
+ },
+ },
"events": service{
Endpoints: endpoints{
@@ -5809,6 +9105,20 @@ var awsisoPartition = partition{
"us-iso-east-1": endpoint{},
},
},
+ "transcribe": service{
+ Defaults: endpoint{
+ Protocols: []string{"https"},
+ },
+ Endpoints: endpoints{
+ "us-iso-east-1": endpoint{},
+ },
+ },
+ "transcribestreaming": service{
+
+ Endpoints: endpoints{
+ "us-iso-east-1": endpoint{},
+ },
+ },
"workspaces": service{
Endpoints: endpoints{
@@ -5846,11 +9156,7 @@ var awsisobPartition = partition{
Services: services{
"application-autoscaling": service{
Defaults: endpoint{
- Hostname: "autoscaling.{region}.amazonaws.com",
Protocols: []string{"http", "https"},
- CredentialScope: credentialScope{
- Service: "application-autoscaling",
- },
},
Endpoints: endpoints{
"us-isob-east-1": endpoint{},
@@ -5891,6 +9197,12 @@ var awsisobPartition = partition{
"dms": service{
Endpoints: endpoints{
+ "dms-fips": endpoint{
+ Hostname: "dms.us-isob-east-1.sc2s.sgov.gov",
+ CredentialScope: credentialScope{
+ Region: "us-isob-east-1",
+ },
+ },
"us-isob-east-1": endpoint{},
},
},
@@ -5990,6 +9302,18 @@ var awsisobPartition = partition{
"us-isob-east-1": endpoint{},
},
},
+ "lambda": service{
+
+ Endpoints: endpoints{
+ "us-isob-east-1": endpoint{},
+ },
+ },
+ "license-manager": service{
+
+ Endpoints: endpoints{
+ "us-isob-east-1": endpoint{},
+ },
+ },
"logs": service{
Endpoints: endpoints{
@@ -6046,6 +9370,12 @@ var awsisobPartition = partition{
"us-isob-east-1": endpoint{},
},
},
+ "ssm": service{
+
+ Endpoints: endpoints{
+ "us-isob-east-1": endpoint{},
+ },
+ },
"states": service{
Endpoints: endpoints{
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go
index 1f53d9c..ca956e5 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go
@@ -317,7 +317,7 @@ func (p Partition) EndpointFor(service, region string, opts ...func(*Options)) (
// Regions returns a map of Regions indexed by their ID. This is useful for
// enumerating over the regions in a partition.
func (p Partition) Regions() map[string]Region {
- rs := map[string]Region{}
+ rs := make(map[string]Region, len(p.p.Regions))
for id, r := range p.p.Regions {
rs[id] = Region{
id: id,
@@ -332,7 +332,7 @@ func (p Partition) Regions() map[string]Region {
// Services returns a map of Service indexed by their ID. This is useful for
// enumerating over the services in a partition.
func (p Partition) Services() map[string]Service {
- ss := map[string]Service{}
+ ss := make(map[string]Service, len(p.p.Services))
for id := range p.p.Services {
ss[id] = Service{
id: id,
@@ -419,7 +419,7 @@ func (s Service) Regions() map[string]Region {
// A region is the AWS region the service exists in. Whereas a Endpoint is
// an URL that can be resolved to a instance of a service.
func (s Service) Endpoints() map[string]Endpoint {
- es := map[string]Endpoint{}
+ es := make(map[string]Endpoint, len(s.p.Services[s.id].Endpoints))
for id := range s.p.Services[s.id].Endpoints {
es[id] = Endpoint{
id: id,
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go
index eb2ac83..7736137 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go
@@ -7,6 +7,8 @@ import (
"strings"
)
+var regionValidationRegex = regexp.MustCompile(`^[[:alnum:]]([[:alnum:]\-]*[[:alnum:]])?$`)
+
type partitions []partition
func (ps partitions) EndpointFor(service, region string, opts ...func(*Options)) (ResolvedEndpoint, error) {
@@ -124,7 +126,7 @@ func (p partition) EndpointFor(service, region string, opts ...func(*Options)) (
defs := []endpoint{p.Defaults, s.Defaults}
- return e.resolve(service, p.ID, region, p.DNSSuffix, defs, opt), nil
+ return e.resolve(service, p.ID, region, p.DNSSuffix, defs, opt)
}
func serviceList(ss services) []string {
@@ -233,7 +235,7 @@ func getByPriority(s []string, p []string, def string) string {
return s[0]
}
-func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs []endpoint, opts Options) ResolvedEndpoint {
+func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs []endpoint, opts Options) (ResolvedEndpoint, error) {
var merged endpoint
for _, def := range defs {
merged.mergeIn(def)
@@ -260,6 +262,10 @@ func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs [
region = signingRegion
}
+ if !validateInputRegion(region) {
+ return ResolvedEndpoint{}, fmt.Errorf("invalid region identifier format provided")
+ }
+
u := strings.Replace(hostname, "{service}", service, 1)
u = strings.Replace(u, "{region}", region, 1)
u = strings.Replace(u, "{dnsSuffix}", dnsSuffix, 1)
@@ -274,7 +280,7 @@ func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs [
SigningName: signingName,
SigningNameDerived: signingNameDerived,
SigningMethod: getByPriority(e.SignatureVersions, signerPriority, defaultSigner),
- }
+ }, nil
}
func getEndpointScheme(protocols []string, disableSSL bool) string {
@@ -339,3 +345,7 @@ const (
boxedFalse
boxedTrue
)
+
+func validateInputRegion(region string) bool {
+ return regionValidationRegex.MatchString(region)
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go
index 185b073..e819ab6 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go
@@ -10,6 +10,7 @@ import (
type Handlers struct {
Validate HandlerList
Build HandlerList
+ BuildStream HandlerList
Sign HandlerList
Send HandlerList
ValidateResponse HandlerList
@@ -28,6 +29,7 @@ func (h *Handlers) Copy() Handlers {
return Handlers{
Validate: h.Validate.copy(),
Build: h.Build.copy(),
+ BuildStream: h.BuildStream.copy(),
Sign: h.Sign.copy(),
Send: h.Send.copy(),
ValidateResponse: h.ValidateResponse.copy(),
@@ -46,6 +48,7 @@ func (h *Handlers) Copy() Handlers {
func (h *Handlers) Clear() {
h.Validate.Clear()
h.Build.Clear()
+ h.BuildStream.Clear()
h.Send.Clear()
h.Sign.Clear()
h.Unmarshal.Clear()
@@ -67,6 +70,9 @@ func (h *Handlers) IsEmpty() bool {
if h.Build.Len() != 0 {
return false
}
+ if h.BuildStream.Len() != 0 {
+ return false
+ }
if h.Send.Len() != 0 {
return false
}
@@ -320,3 +326,18 @@ func MakeAddToUserAgentFreeFormHandler(s string) func(*Request) {
AddToUserAgent(r, s)
}
}
+
+// WithSetRequestHeaders updates the operation request's HTTP header to contain
+// the header key value pairs provided. If the header key already exists in the
+// request's HTTP header set, the existing value(s) will be replaced.
+func WithSetRequestHeaders(h map[string]string) Option {
+ return withRequestHeader(h).SetRequestHeaders
+}
+
+type withRequestHeader map[string]string
+
+func (h withRequestHeader) SetRequestHeaders(r *Request) {
+ for k, v := range h {
+ r.HTTPRequest.Header[k] = []string{v}
+ }
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go
index 5217814..d597c6e 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go
@@ -36,6 +36,10 @@ const (
// API request that was canceled. Requests given a aws.Context may
// return this error when canceled.
CanceledErrorCode = "RequestCanceled"
+
+ // ErrCodeRequestError is an error preventing the SDK from continuing to
+ // process the request.
+ ErrCodeRequestError = "RequestError"
)
// A Request is the service request to be made.
@@ -51,6 +55,7 @@ type Request struct {
HTTPRequest *http.Request
HTTPResponse *http.Response
Body io.ReadSeeker
+ streamingBody io.ReadCloser
BodyStart int64 // offset from beginning of Body that the request body starts
Params interface{}
Error error
@@ -130,8 +135,6 @@ func New(cfg aws.Config, clientInfo metadata.ClientInfo, handlers Handlers,
err = awserr.New("InvalidEndpointURL", "invalid endpoint uri", err)
}
- SanitizeHostForHeader(httpReq)
-
r := &Request{
Config: cfg,
ClientInfo: clientInfo,
@@ -295,6 +298,13 @@ func (r *Request) SetReaderBody(reader io.ReadSeeker) {
r.ResetBody()
}
+// SetStreamingBody set the reader to be used for the request that will stream
+// bytes to the server. Request's Body must not be set to any reader.
+func (r *Request) SetStreamingBody(reader io.ReadCloser) {
+ r.streamingBody = reader
+ r.SetReaderBody(aws.ReadSeekCloser(reader))
+}
+
// Presign returns the request's signed URL. Error will be returned
// if the signing fails. The expire parameter is only used for presigned Amazon
// S3 API requests. All other AWS services will use a fixed expiration
@@ -414,11 +424,17 @@ func (r *Request) Sign() error {
return r.Error
}
+ SanitizeHostForHeader(r.HTTPRequest)
+
r.Handlers.Sign.Run(r)
return r.Error
}
func (r *Request) getNextRequestBody() (body io.ReadCloser, err error) {
+ if r.streamingBody != nil {
+ return r.streamingBody, nil
+ }
+
if r.safeBody != nil {
r.safeBody.Close()
}
@@ -623,6 +639,10 @@ func getHost(r *http.Request) string {
return r.Host
}
+ if r.URL == nil {
+ return ""
+ }
+
return r.URL.Host
}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go
index 8015acc..752ae47 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go
@@ -75,7 +75,7 @@ func (d noOpRetryer) RetryRules(_ *Request) time.Duration {
// retryableCodes is a collection of service response codes which are retry-able
// without any further action.
var retryableCodes = map[string]struct{}{
- "RequestError": {},
+ ErrCodeRequestError: {},
"RequestTimeout": {},
ErrCodeResponseTimeout: {},
"RequestTimeoutException": {}, // Glacier's flavor of RequestTimeout
@@ -83,6 +83,7 @@ var retryableCodes = map[string]struct{}{
var throttleCodes = map[string]struct{}{
"ProvisionedThroughputExceededException": {},
+ "ThrottledException": {}, // SNS, XRay, ResourceGroupsTagging API
"Throttling": {},
"ThrottlingException": {},
"RequestLimitExceeded": {},
@@ -91,6 +92,7 @@ var throttleCodes = map[string]struct{}{
"TooManyRequestsException": {}, // Lambda functions
"PriorRequestNotComplete": {}, // Route53
"TransactionInProgressException": {},
+ "EC2ThrottledException": {}, // EC2
}
// credsExpiredCodes is a collection of error codes which signify the credentials
@@ -176,8 +178,8 @@ func shouldRetryError(origErr error) bool {
origErr := err.OrigErr()
var shouldRetry bool
if origErr != nil {
- shouldRetry := shouldRetryError(origErr)
- if err.Code() == "RequestError" && !shouldRetry {
+ shouldRetry = shouldRetryError(origErr)
+ if err.Code() == ErrCodeRequestError && !shouldRetry {
return false
}
}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go
index cc64e24..fe6dac1 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go
@@ -3,6 +3,7 @@ package session
import (
"fmt"
"os"
+ "time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
@@ -206,7 +207,14 @@ func credsFromAssumeRole(cfg aws.Config,
sharedCfg.RoleARN,
func(opt *stscreds.AssumeRoleProvider) {
opt.RoleSessionName = sharedCfg.RoleSessionName
- opt.Duration = sessOpts.AssumeRoleDuration
+
+ if sessOpts.AssumeRoleDuration == 0 &&
+ sharedCfg.AssumeRoleDuration != nil &&
+ *sharedCfg.AssumeRoleDuration/time.Minute > 15 {
+ opt.Duration = *sharedCfg.AssumeRoleDuration
+ } else if sessOpts.AssumeRoleDuration != 0 {
+ opt.Duration = sessOpts.AssumeRoleDuration
+ }
// Assume role with external ID
if len(sharedCfg.ExternalID) > 0 {
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go
index 4092ab8..c1e0e9c 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go
@@ -4,6 +4,7 @@ import (
"fmt"
"os"
"strconv"
+ "strings"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials"
@@ -141,6 +142,12 @@ type envConfig struct {
// AWS_S3_US_EAST_1_REGIONAL_ENDPOINT=regional
// This can take value as `regional` or `legacy`
S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint
+
+ // Specifies if the S3 service should allow ARNs to direct the region
+ // the client's requests are sent to.
+ //
+ // AWS_S3_USE_ARN_REGION=true
+ S3UseARNRegion bool
}
var (
@@ -201,6 +208,9 @@ var (
s3UsEast1RegionalEndpoint = []string{
"AWS_S3_US_EAST_1_REGIONAL_ENDPOINT",
}
+ s3UseARNRegionEnvKey = []string{
+ "AWS_S3_USE_ARN_REGION",
+ }
)
// loadEnvConfig retrieves the SDK's environment configuration.
@@ -307,6 +317,21 @@ func envConfigLoad(enableSharedConfig bool) (envConfig, error) {
}
}
+ var s3UseARNRegion string
+ setFromEnvVal(&s3UseARNRegion, s3UseARNRegionEnvKey)
+ if len(s3UseARNRegion) != 0 {
+ switch {
+ case strings.EqualFold(s3UseARNRegion, "false"):
+ cfg.S3UseARNRegion = false
+ case strings.EqualFold(s3UseARNRegion, "true"):
+ cfg.S3UseARNRegion = true
+ default:
+ return envConfig{}, fmt.Errorf(
+ "invalid value for environment variable, %s=%s, need true or false",
+ s3UseARNRegionEnvKey[0], s3UseARNRegion)
+ }
+ }
+
return cfg, nil
}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go
index ab6daac..0ff4996 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go
@@ -580,6 +580,14 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config,
cfg.Credentials = creds
}
+ cfg.S3UseARNRegion = userCfg.S3UseARNRegion
+ if cfg.S3UseARNRegion == nil {
+ cfg.S3UseARNRegion = &envCfg.S3UseARNRegion
+ }
+ if cfg.S3UseARNRegion == nil {
+ cfg.S3UseARNRegion = &sharedCfg.S3UseARNRegion
+ }
+
return nil
}
@@ -634,15 +642,22 @@ func (s *Session) ClientConfig(service string, cfgs ...*aws.Config) client.Confi
region := aws.StringValue(s.Config.Region)
resolved, err := s.resolveEndpoint(service, region, s.Config)
- if err != nil && s.Config.Logger != nil {
- s.Config.Logger.Log(fmt.Sprintf(
- "ERROR: unable to resolve endpoint for service %q, region %q, err: %v",
- service, region, err))
+ if err != nil {
+ s.Handlers.Validate.PushBack(func(r *request.Request) {
+ if len(r.ClientInfo.Endpoint) != 0 {
+ // Error occurred while resolving endpoint, but the request
+ // being invoked has had an endpoint specified after the client
+ // was created.
+ return
+ }
+ r.Error = err
+ })
}
return client.Config{
Config: s.Config,
Handlers: s.Handlers,
+ PartitionID: resolved.PartitionID,
Endpoint: resolved.URL,
SigningRegion: resolved.SigningRegion,
SigningNameDerived: resolved.SigningNameDerived,
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go
index 1d7b049..680805a 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go
@@ -2,6 +2,7 @@ package session
import (
"fmt"
+ "time"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/credentials"
@@ -16,12 +17,13 @@ const (
sessionTokenKey = `aws_session_token` // optional
// Assume Role Credentials group
- roleArnKey = `role_arn` // group required
- sourceProfileKey = `source_profile` // group required (or credential_source)
- credentialSourceKey = `credential_source` // group required (or source_profile)
- externalIDKey = `external_id` // optional
- mfaSerialKey = `mfa_serial` // optional
- roleSessionNameKey = `role_session_name` // optional
+ roleArnKey = `role_arn` // group required
+ sourceProfileKey = `source_profile` // group required (or credential_source)
+ credentialSourceKey = `credential_source` // group required (or source_profile)
+ externalIDKey = `external_id` // optional
+ mfaSerialKey = `mfa_serial` // optional
+ roleSessionNameKey = `role_session_name` // optional
+ roleDurationSecondsKey = "duration_seconds" // optional
// CSM options
csmEnabledKey = `csm_enabled`
@@ -51,6 +53,9 @@ const (
// loading configuration from the config files if another profile name
// is not provided.
DefaultSharedConfigProfile = `default`
+
+ // S3 ARN Region Usage
+ s3UseARNRegionKey = "s3_use_arn_region"
)
// sharedConfig represents the configuration fields of the SDK config files.
@@ -70,10 +75,11 @@ type sharedConfig struct {
CredentialProcess string
WebIdentityTokenFile string
- RoleARN string
- RoleSessionName string
- ExternalID string
- MFASerial string
+ RoleARN string
+ RoleSessionName string
+ ExternalID string
+ MFASerial string
+ AssumeRoleDuration *time.Duration
SourceProfileName string
SourceProfile *sharedConfig
@@ -89,6 +95,7 @@ type sharedConfig struct {
//
// endpoint_discovery_enabled = true
EnableEndpointDiscovery *bool
+
// CSM Options
CSMEnabled *bool
CSMHost string
@@ -106,6 +113,12 @@ type sharedConfig struct {
// s3_us_east_1_regional_endpoint = regional
// This can take value as `LegacyS3UsEast1Endpoint` or `RegionalS3UsEast1Endpoint`
S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint
+
+ // Specifies if the S3 service should allow ARNs to direct the region
+ // the client's requests are sent to.
+ //
+ // s3_use_arn_region=true
+ S3UseARNRegion bool
}
type sharedConfigFile struct {
@@ -264,6 +277,11 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e
updateString(&cfg.CredentialSource, section, credentialSourceKey)
updateString(&cfg.Region, section, regionKey)
+ if section.Has(roleDurationSecondsKey) {
+ d := time.Duration(section.Int(roleDurationSecondsKey)) * time.Second
+ cfg.AssumeRoleDuration = &d
+ }
+
if v := section.String(stsRegionalEndpointSharedKey); len(v) != 0 {
sre, err := endpoints.GetSTSRegionalEndpoint(v)
if err != nil {
@@ -306,6 +324,8 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e
updateString(&cfg.CSMPort, section, csmPortKey)
updateString(&cfg.CSMClientID, section, csmClientIDKey)
+ updateBool(&cfg.S3UseARNRegion, section, s3UseARNRegionKey)
+
return nil
}
@@ -398,6 +418,15 @@ func updateString(dst *string, section ini.Section, key string) {
*dst = section.String(key)
}
+// updateBool will only update the dst with the value in the section key, key
+// is present in the section.
+func updateBool(dst *bool, section ini.Section, key string) {
+ if !section.Has(key) {
+ return
+ }
+ *dst = section.Bool(key)
+}
+
// updateBoolPtr will only update the dst with the value in the section key,
// key is present in the section.
func updateBoolPtr(dst **bool, section ini.Section, key string) {
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go
index 244c86d..07ea799 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go
@@ -1,8 +1,7 @@
package v4
import (
- "net/http"
- "strings"
+ "github.com/aws/aws-sdk-go/internal/strings"
)
// validator houses a set of rule needed for validation of a
@@ -61,7 +60,7 @@ type patterns []string
// been found
func (p patterns) IsValid(value string) bool {
for _, pattern := range p {
- if strings.HasPrefix(http.CanonicalHeaderKey(value), pattern) {
+ if strings.HasPrefixFold(value, pattern) {
return true
}
}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go
new file mode 100644
index 0000000..f35fc86
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go
@@ -0,0 +1,13 @@
+// +build !go1.7
+
+package v4
+
+import (
+ "net/http"
+
+ "github.com/aws/aws-sdk-go/aws"
+)
+
+func requestContext(r *http.Request) aws.Context {
+ return aws.BackgroundContext()
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go
new file mode 100644
index 0000000..fed5c85
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go
@@ -0,0 +1,13 @@
+// +build go1.7
+
+package v4
+
+import (
+ "net/http"
+
+ "github.com/aws/aws-sdk-go/aws"
+)
+
+func requestContext(r *http.Request) aws.Context {
+ return r.Context()
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go
new file mode 100644
index 0000000..02cbd97
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go
@@ -0,0 +1,63 @@
+package v4
+
+import (
+ "encoding/hex"
+ "strings"
+ "time"
+
+ "github.com/aws/aws-sdk-go/aws/credentials"
+)
+
+type credentialValueProvider interface {
+ Get() (credentials.Value, error)
+}
+
+// StreamSigner implements signing of event stream encoded payloads
+type StreamSigner struct {
+ region string
+ service string
+
+ credentials credentialValueProvider
+
+ prevSig []byte
+}
+
+// NewStreamSigner creates a SigV4 signer used to sign Event Stream encoded messages
+func NewStreamSigner(region, service string, seedSignature []byte, credentials *credentials.Credentials) *StreamSigner {
+ return &StreamSigner{
+ region: region,
+ service: service,
+ credentials: credentials,
+ prevSig: seedSignature,
+ }
+}
+
+// GetSignature takes an event stream encoded headers and payload and returns a signature
+func (s *StreamSigner) GetSignature(headers, payload []byte, date time.Time) ([]byte, error) {
+ credValue, err := s.credentials.Get()
+ if err != nil {
+ return nil, err
+ }
+
+ sigKey := deriveSigningKey(s.region, s.service, credValue.SecretAccessKey, date)
+
+ keyPath := buildSigningScope(s.region, s.service, date)
+
+ stringToSign := buildEventStreamStringToSign(headers, payload, s.prevSig, keyPath, date)
+
+ signature := hmacSHA256(sigKey, []byte(stringToSign))
+ s.prevSig = signature
+
+ return signature, nil
+}
+
+func buildEventStreamStringToSign(headers, payload, prevSig []byte, scope string, date time.Time) string {
+ return strings.Join([]string{
+ "AWS4-HMAC-SHA256-PAYLOAD",
+ formatTime(date),
+ scope,
+ hex.EncodeToString(prevSig),
+ hex.EncodeToString(hashSHA256(headers)),
+ hex.EncodeToString(hashSHA256(payload)),
+ }, "\n")
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go
index 8104793..d71f7b3 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go
@@ -76,9 +76,14 @@ import (
)
const (
+ authorizationHeader = "Authorization"
+ authHeaderSignatureElem = "Signature="
+ signatureQueryKey = "X-Amz-Signature"
+
authHeaderPrefix = "AWS4-HMAC-SHA256"
timeFormat = "20060102T150405Z"
shortTimeFormat = "20060102"
+ awsV4Request = "aws4_request"
// emptyStringSHA256 is a SHA256 of an empty string
emptyStringSHA256 = `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
@@ -87,9 +92,9 @@ const (
var ignoredHeaders = rules{
blacklist{
mapRule{
- "Authorization": struct{}{},
- "User-Agent": struct{}{},
- "X-Amzn-Trace-Id": struct{}{},
+ authorizationHeader: struct{}{},
+ "User-Agent": struct{}{},
+ "X-Amzn-Trace-Id": struct{}{},
},
},
}
@@ -229,11 +234,9 @@ type signingCtx struct {
DisableURIPathEscaping bool
- credValues credentials.Value
- isPresign bool
- formattedTime string
- formattedShortTime string
- unsignedPayload bool
+ credValues credentials.Value
+ isPresign bool
+ unsignedPayload bool
bodyDigest string
signedHeaders string
@@ -337,7 +340,7 @@ func (v4 Signer) signWithBody(r *http.Request, body io.ReadSeeker, service, regi
}
var err error
- ctx.credValues, err = v4.Credentials.Get()
+ ctx.credValues, err = v4.Credentials.GetWithContext(requestContext(r))
if err != nil {
return http.Header{}, err
}
@@ -532,39 +535,56 @@ func (ctx *signingCtx) build(disableHeaderHoisting bool) error {
ctx.buildSignature() // depends on string to sign
if ctx.isPresign {
- ctx.Request.URL.RawQuery += "&X-Amz-Signature=" + ctx.signature
+ ctx.Request.URL.RawQuery += "&" + signatureQueryKey + "=" + ctx.signature
} else {
parts := []string{
authHeaderPrefix + " Credential=" + ctx.credValues.AccessKeyID + "/" + ctx.credentialString,
"SignedHeaders=" + ctx.signedHeaders,
- "Signature=" + ctx.signature,
+ authHeaderSignatureElem + ctx.signature,
}
- ctx.Request.Header.Set("Authorization", strings.Join(parts, ", "))
+ ctx.Request.Header.Set(authorizationHeader, strings.Join(parts, ", "))
}
return nil
}
-func (ctx *signingCtx) buildTime() {
- ctx.formattedTime = ctx.Time.UTC().Format(timeFormat)
- ctx.formattedShortTime = ctx.Time.UTC().Format(shortTimeFormat)
+// GetSignedRequestSignature attempts to extract the signature of the request.
+// Returning an error if the request is unsigned, or unable to extract the
+// signature.
+func GetSignedRequestSignature(r *http.Request) ([]byte, error) {
+
+ if auth := r.Header.Get(authorizationHeader); len(auth) != 0 {
+ ps := strings.Split(auth, ", ")
+ for _, p := range ps {
+ if idx := strings.Index(p, authHeaderSignatureElem); idx >= 0 {
+ sig := p[len(authHeaderSignatureElem):]
+ if len(sig) == 0 {
+ return nil, fmt.Errorf("invalid request signature authorization header")
+ }
+ return hex.DecodeString(sig)
+ }
+ }
+ }
+
+ if sig := r.URL.Query().Get("X-Amz-Signature"); len(sig) != 0 {
+ return hex.DecodeString(sig)
+ }
+
+ return nil, fmt.Errorf("request not signed")
+}
+func (ctx *signingCtx) buildTime() {
if ctx.isPresign {
duration := int64(ctx.ExpireTime / time.Second)
- ctx.Query.Set("X-Amz-Date", ctx.formattedTime)
+ ctx.Query.Set("X-Amz-Date", formatTime(ctx.Time))
ctx.Query.Set("X-Amz-Expires", strconv.FormatInt(duration, 10))
} else {
- ctx.Request.Header.Set("X-Amz-Date", ctx.formattedTime)
+ ctx.Request.Header.Set("X-Amz-Date", formatTime(ctx.Time))
}
}
func (ctx *signingCtx) buildCredentialString() {
- ctx.credentialString = strings.Join([]string{
- ctx.formattedShortTime,
- ctx.Region,
- ctx.ServiceName,
- "aws4_request",
- }, "/")
+ ctx.credentialString = buildSigningScope(ctx.Region, ctx.ServiceName, ctx.Time)
if ctx.isPresign {
ctx.Query.Set("X-Amz-Credential", ctx.credValues.AccessKeyID+"/"+ctx.credentialString)
@@ -588,8 +608,7 @@ func (ctx *signingCtx) buildCanonicalHeaders(r rule, header http.Header) {
var headers []string
headers = append(headers, "host")
for k, v := range header {
- canonicalKey := http.CanonicalHeaderKey(k)
- if !r.IsValid(canonicalKey) {
+ if !r.IsValid(k) {
continue // ignored header
}
if ctx.SignedHeaderVals == nil {
@@ -653,19 +672,15 @@ func (ctx *signingCtx) buildCanonicalString() {
func (ctx *signingCtx) buildStringToSign() {
ctx.stringToSign = strings.Join([]string{
authHeaderPrefix,
- ctx.formattedTime,
+ formatTime(ctx.Time),
ctx.credentialString,
- hex.EncodeToString(makeSha256([]byte(ctx.canonicalString))),
+ hex.EncodeToString(hashSHA256([]byte(ctx.canonicalString))),
}, "\n")
}
func (ctx *signingCtx) buildSignature() {
- secret := ctx.credValues.SecretAccessKey
- date := makeHmac([]byte("AWS4"+secret), []byte(ctx.formattedShortTime))
- region := makeHmac(date, []byte(ctx.Region))
- service := makeHmac(region, []byte(ctx.ServiceName))
- credentials := makeHmac(service, []byte("aws4_request"))
- signature := makeHmac(credentials, []byte(ctx.stringToSign))
+ creds := deriveSigningKey(ctx.Region, ctx.ServiceName, ctx.credValues.SecretAccessKey, ctx.Time)
+ signature := hmacSHA256(creds, []byte(ctx.stringToSign))
ctx.signature = hex.EncodeToString(signature)
}
@@ -726,13 +741,13 @@ func (ctx *signingCtx) removePresign() {
ctx.Query.Del("X-Amz-SignedHeaders")
}
-func makeHmac(key []byte, data []byte) []byte {
+func hmacSHA256(key []byte, data []byte) []byte {
hash := hmac.New(sha256.New, key)
hash.Write(data)
return hash.Sum(nil)
}
-func makeSha256(data []byte) []byte {
+func hashSHA256(data []byte) []byte {
hash := sha256.New()
hash.Write(data)
return hash.Sum(nil)
@@ -804,3 +819,28 @@ func stripExcessSpaces(vals []string) {
vals[i] = string(buf[:m])
}
}
+
+func buildSigningScope(region, service string, dt time.Time) string {
+ return strings.Join([]string{
+ formatShortTime(dt),
+ region,
+ service,
+ awsV4Request,
+ }, "/")
+}
+
+func deriveSigningKey(region, service, secretKey string, dt time.Time) []byte {
+ kDate := hmacSHA256([]byte("AWS4"+secretKey), []byte(formatShortTime(dt)))
+ kRegion := hmacSHA256(kDate, []byte(region))
+ kService := hmacSHA256(kRegion, []byte(service))
+ signingKey := hmacSHA256(kService, []byte(awsV4Request))
+ return signingKey
+}
+
+func formatShortTime(dt time.Time) string {
+ return dt.UTC().Format(shortTimeFormat)
+}
+
+func formatTime(dt time.Time) string {
+ return dt.UTC().Format(timeFormat)
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/types.go b/vendor/github.com/aws/aws-sdk-go/aws/types.go
index 4550915..98751ee 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/types.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/types.go
@@ -2,6 +2,7 @@ package aws
import (
"io"
+ "strings"
"sync"
"github.com/aws/aws-sdk-go/internal/sdkio"
@@ -205,3 +206,59 @@ func (b *WriteAtBuffer) Bytes() []byte {
defer b.m.Unlock()
return b.buf
}
+
+// MultiCloser is a utility to close multiple io.Closers within a single
+// statement.
+type MultiCloser []io.Closer
+
+// Close closes all of the io.Closers making up the MultiClosers. Any
+// errors that occur while closing will be returned in the order they
+// occur.
+func (m MultiCloser) Close() error {
+ var errs errors
+ for _, c := range m {
+ err := c.Close()
+ if err != nil {
+ errs = append(errs, err)
+ }
+ }
+ if len(errs) != 0 {
+ return errs
+ }
+
+ return nil
+}
+
+type errors []error
+
+func (es errors) Error() string {
+ var parts []string
+ for _, e := range es {
+ parts = append(parts, e.Error())
+ }
+
+ return strings.Join(parts, "\n")
+}
+
+// CopySeekableBody copies the seekable body to an io.Writer
+func CopySeekableBody(dst io.Writer, src io.ReadSeeker) (int64, error) {
+ curPos, err := src.Seek(0, sdkio.SeekCurrent)
+ if err != nil {
+ return 0, err
+ }
+
+ // copy errors may be assumed to be from the body.
+ n, err := io.Copy(dst, src)
+ if err != nil {
+ return n, err
+ }
+
+ // seek back to the first position after reading to reset
+ // the body for transmission.
+ _, err = src.Seek(curPos, sdkio.SeekStart)
+ if err != nil {
+ return n, err
+ }
+
+ return n, nil
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go
index 24256bf..08127d6 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/version.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go
@@ -5,4 +5,4 @@ package aws
const SDKName = "aws-sdk-go"
// SDKVersion is the version of this SDK
-const SDKVersion = "1.25.36"
+const SDKVersion = "1.34.0"
diff --git a/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go b/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go
new file mode 100644
index 0000000..876dcb3
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go
@@ -0,0 +1,40 @@
+// +build !go1.7
+
+package context
+
+import "time"
+
+// An emptyCtx is a copy of the Go 1.7 context.emptyCtx type. This is copied to
+// provide a 1.6 and 1.5 safe version of context that is compatible with Go
+// 1.7's Context.
+//
+// An emptyCtx is never canceled, has no values, and has no deadline. It is not
+// struct{}, since vars of this type must have distinct addresses.
+type emptyCtx int
+
+func (*emptyCtx) Deadline() (deadline time.Time, ok bool) {
+ return
+}
+
+func (*emptyCtx) Done() <-chan struct{} {
+ return nil
+}
+
+func (*emptyCtx) Err() error {
+ return nil
+}
+
+func (*emptyCtx) Value(key interface{}) interface{} {
+ return nil
+}
+
+func (e *emptyCtx) String() string {
+ switch e {
+ case BackgroundCtx:
+ return "aws.BackgroundContext"
+ }
+ return "unknown empty Context"
+}
+
+// BackgroundCtx is the common base context.
+var BackgroundCtx = new(emptyCtx)
diff --git a/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go b/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go
new file mode 100644
index 0000000..d008ae2
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go
@@ -0,0 +1,11 @@
+package strings
+
+import (
+ "strings"
+)
+
+// HasPrefixFold tests whether the string s begins with prefix, interpreted as UTF-8 strings,
+// under Unicode case-folding.
+func HasPrefixFold(s, prefix string) bool {
+ return len(s) >= len(prefix) && strings.EqualFold(s[0:len(prefix)], prefix)
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE
new file mode 100644
index 0000000..6a66aea
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2009 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+ * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+ * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go
new file mode 100644
index 0000000..14ad0c5
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go
@@ -0,0 +1,120 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package singleflight provides a duplicate function call suppression
+// mechanism.
+package singleflight
+
+import "sync"
+
+// call is an in-flight or completed singleflight.Do call
+type call struct {
+ wg sync.WaitGroup
+
+ // These fields are written once before the WaitGroup is done
+ // and are only read after the WaitGroup is done.
+ val interface{}
+ err error
+
+ // forgotten indicates whether Forget was called with this call's key
+ // while the call was still in flight.
+ forgotten bool
+
+ // These fields are read and written with the singleflight
+ // mutex held before the WaitGroup is done, and are read but
+ // not written after the WaitGroup is done.
+ dups int
+ chans []chan<- Result
+}
+
+// Group represents a class of work and forms a namespace in
+// which units of work can be executed with duplicate suppression.
+type Group struct {
+ mu sync.Mutex // protects m
+ m map[string]*call // lazily initialized
+}
+
+// Result holds the results of Do, so they can be passed
+// on a channel.
+type Result struct {
+ Val interface{}
+ Err error
+ Shared bool
+}
+
+// Do executes and returns the results of the given function, making
+// sure that only one execution is in-flight for a given key at a
+// time. If a duplicate comes in, the duplicate caller waits for the
+// original to complete and receives the same results.
+// The return value shared indicates whether v was given to multiple callers.
+func (g *Group) Do(key string, fn func() (interface{}, error)) (v interface{}, err error, shared bool) {
+ g.mu.Lock()
+ if g.m == nil {
+ g.m = make(map[string]*call)
+ }
+ if c, ok := g.m[key]; ok {
+ c.dups++
+ g.mu.Unlock()
+ c.wg.Wait()
+ return c.val, c.err, true
+ }
+ c := new(call)
+ c.wg.Add(1)
+ g.m[key] = c
+ g.mu.Unlock()
+
+ g.doCall(c, key, fn)
+ return c.val, c.err, c.dups > 0
+}
+
+// DoChan is like Do but returns a channel that will receive the
+// results when they are ready.
+func (g *Group) DoChan(key string, fn func() (interface{}, error)) <-chan Result {
+ ch := make(chan Result, 1)
+ g.mu.Lock()
+ if g.m == nil {
+ g.m = make(map[string]*call)
+ }
+ if c, ok := g.m[key]; ok {
+ c.dups++
+ c.chans = append(c.chans, ch)
+ g.mu.Unlock()
+ return ch
+ }
+ c := &call{chans: []chan<- Result{ch}}
+ c.wg.Add(1)
+ g.m[key] = c
+ g.mu.Unlock()
+
+ go g.doCall(c, key, fn)
+
+ return ch
+}
+
+// doCall handles the single call for a key.
+func (g *Group) doCall(c *call, key string, fn func() (interface{}, error)) {
+ c.val, c.err = fn()
+ c.wg.Done()
+
+ g.mu.Lock()
+ if !c.forgotten {
+ delete(g.m, key)
+ }
+ for _, ch := range c.chans {
+ ch <- Result{c.val, c.err, c.dups > 0}
+ }
+ g.mu.Unlock()
+}
+
+// Forget tells the singleflight to forget about a key. Future calls
+// to Do for this key will call the function rather than waiting for
+// an earlier call to complete.
+func (g *Group) Forget(key string) {
+ g.mu.Lock()
+ if c, ok := g.m[key]; ok {
+ c.forgotten = true
+ }
+ delete(g.m, key)
+ g.mu.Unlock()
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/checksum/content_md5.go b/vendor/github.com/aws/aws-sdk-go/private/checksum/content_md5.go
new file mode 100644
index 0000000..e045f38
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/private/checksum/content_md5.go
@@ -0,0 +1,53 @@
+package checksum
+
+import (
+ "crypto/md5"
+ "encoding/base64"
+ "fmt"
+
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/aws/awserr"
+ "github.com/aws/aws-sdk-go/aws/request"
+)
+
+const contentMD5Header = "Content-Md5"
+
+// AddBodyContentMD5Handler computes and sets the HTTP Content-MD5 header for requests that
+// require it.
+func AddBodyContentMD5Handler(r *request.Request) {
+ // if Content-MD5 header is already present, return
+ if v := r.HTTPRequest.Header.Get(contentMD5Header); len(v) != 0 {
+ return
+ }
+
+ // if S3DisableContentMD5Validation flag is set, return
+ if aws.BoolValue(r.Config.S3DisableContentMD5Validation) {
+ return
+ }
+
+ // if request is presigned, return
+ if r.IsPresigned() {
+ return
+ }
+
+ // if body is not seekable, return
+ if !aws.IsReaderSeekable(r.Body) {
+ if r.Config.Logger != nil {
+ r.Config.Logger.Log(fmt.Sprintf(
+ "Unable to compute Content-MD5 for unseekable body, S3.%s",
+ r.Operation.Name))
+ }
+ return
+ }
+
+ h := md5.New()
+
+ if _, err := aws.CopySeekableBody(h, r.Body); err != nil {
+ r.Error = awserr.New("ContentMD5", "failed to compute body MD5", err)
+ return
+ }
+
+ // encode the md5 checksum in base64 and set the request header.
+ v := base64.StdEncoding.EncodeToString(h.Sum(nil))
+ r.HTTPRequest.Header.Set(contentMD5Header, v)
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/debug.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/debug.go
index ecc7bf8..1510549 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/debug.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/debug.go
@@ -101,7 +101,7 @@ func (hs *decodedHeaders) UnmarshalJSON(b []byte) error {
}
headers.Set(h.Name, value)
}
- (*hs) = decodedHeaders(headers)
+ *hs = decodedHeaders(headers)
return nil
}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/decode.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/decode.go
index 4b972b2..4743393 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/decode.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/decode.go
@@ -21,10 +21,24 @@ type Decoder struct {
// NewDecoder initializes and returns a Decoder for decoding event
// stream messages from the reader provided.
-func NewDecoder(r io.Reader) *Decoder {
- return &Decoder{
+func NewDecoder(r io.Reader, opts ...func(*Decoder)) *Decoder {
+ d := &Decoder{
r: r,
}
+
+ for _, opt := range opts {
+ opt(d)
+ }
+
+ return d
+}
+
+// DecodeWithLogger adds a logger to be used by the decoder when decoding
+// stream events.
+func DecodeWithLogger(logger aws.Logger) func(*Decoder) {
+ return func(d *Decoder) {
+ d.logger = logger
+ }
}
// Decode attempts to decode a single message from the event stream reader.
@@ -40,6 +54,15 @@ func (d *Decoder) Decode(payloadBuf []byte) (m Message, err error) {
}()
}
+ m, err = Decode(reader, payloadBuf)
+
+ return m, err
+}
+
+// Decode attempts to decode a single message from the event stream reader.
+// Will return the event stream message, or error if Decode fails to read
+// the message from the reader.
+func Decode(reader io.Reader, payloadBuf []byte) (m Message, err error) {
crc := crc32.New(crc32IEEETable)
hashReader := io.TeeReader(reader, crc)
@@ -72,12 +95,6 @@ func (d *Decoder) Decode(payloadBuf []byte) (m Message, err error) {
return m, nil
}
-// UseLogger specifies the Logger that that the decoder should use to log the
-// message decode to.
-func (d *Decoder) UseLogger(logger aws.Logger) {
- d.logger = logger
-}
-
func logMessageDecode(logger aws.Logger, msgBuf *bytes.Buffer, msg Message, decodeErr error) {
w := bytes.NewBuffer(nil)
defer func() { logger.Log(w.String()) }()
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/encode.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/encode.go
index 150a609..ffade3b 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/encode.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/encode.go
@@ -3,61 +3,107 @@ package eventstream
import (
"bytes"
"encoding/binary"
+ "encoding/hex"
+ "encoding/json"
+ "fmt"
"hash"
"hash/crc32"
"io"
+
+ "github.com/aws/aws-sdk-go/aws"
)
// Encoder provides EventStream message encoding.
type Encoder struct {
- w io.Writer
+ w io.Writer
+ logger aws.Logger
headersBuf *bytes.Buffer
}
// NewEncoder initializes and returns an Encoder to encode Event Stream
// messages to an io.Writer.
-func NewEncoder(w io.Writer) *Encoder {
- return &Encoder{
+func NewEncoder(w io.Writer, opts ...func(*Encoder)) *Encoder {
+ e := &Encoder{
w: w,
headersBuf: bytes.NewBuffer(nil),
}
+
+ for _, opt := range opts {
+ opt(e)
+ }
+
+ return e
+}
+
+// EncodeWithLogger adds a logger to be used by the encode when decoding
+// stream events.
+func EncodeWithLogger(logger aws.Logger) func(*Encoder) {
+ return func(d *Encoder) {
+ d.logger = logger
+ }
}
// Encode encodes a single EventStream message to the io.Writer the Encoder
// was created with. An error is returned if writing the message fails.
-func (e *Encoder) Encode(msg Message) error {
+func (e *Encoder) Encode(msg Message) (err error) {
e.headersBuf.Reset()
- err := encodeHeaders(e.headersBuf, msg.Headers)
- if err != nil {
+ writer := e.w
+ if e.logger != nil {
+ encodeMsgBuf := bytes.NewBuffer(nil)
+ writer = io.MultiWriter(writer, encodeMsgBuf)
+ defer func() {
+ logMessageEncode(e.logger, encodeMsgBuf, msg, err)
+ }()
+ }
+
+ if err = EncodeHeaders(e.headersBuf, msg.Headers); err != nil {
return err
}
crc := crc32.New(crc32IEEETable)
- hashWriter := io.MultiWriter(e.w, crc)
+ hashWriter := io.MultiWriter(writer, crc)
headersLen := uint32(e.headersBuf.Len())
payloadLen := uint32(len(msg.Payload))
- if err := encodePrelude(hashWriter, crc, headersLen, payloadLen); err != nil {
+ if err = encodePrelude(hashWriter, crc, headersLen, payloadLen); err != nil {
return err
}
if headersLen > 0 {
- if _, err := io.Copy(hashWriter, e.headersBuf); err != nil {
+ if _, err = io.Copy(hashWriter, e.headersBuf); err != nil {
return err
}
}
if payloadLen > 0 {
- if _, err := hashWriter.Write(msg.Payload); err != nil {
+ if _, err = hashWriter.Write(msg.Payload); err != nil {
return err
}
}
msgCRC := crc.Sum32()
- return binary.Write(e.w, binary.BigEndian, msgCRC)
+ return binary.Write(writer, binary.BigEndian, msgCRC)
+}
+
+func logMessageEncode(logger aws.Logger, msgBuf *bytes.Buffer, msg Message, encodeErr error) {
+ w := bytes.NewBuffer(nil)
+ defer func() { logger.Log(w.String()) }()
+
+ fmt.Fprintf(w, "Message to encode:\n")
+ encoder := json.NewEncoder(w)
+ if err := encoder.Encode(msg); err != nil {
+ fmt.Fprintf(w, "Failed to get encoded message, %v\n", err)
+ }
+
+ if encodeErr != nil {
+ fmt.Fprintf(w, "Encode error: %v\n", encodeErr)
+ return
+ }
+
+ fmt.Fprintf(w, "Raw message:\n%s\n", hex.Dump(msgBuf.Bytes()))
}
func encodePrelude(w io.Writer, crc hash.Hash32, headersLen, payloadLen uint32) error {
@@ -86,7 +132,9 @@ func encodePrelude(w io.Writer, crc hash.Hash32, headersLen, payloadLen uint32)
return nil
}
-func encodeHeaders(w io.Writer, headers Headers) error {
+// EncodeHeaders writes the header values to the writer encoded in the event
+// stream format. Returns an error if a header fails to encode.
+func EncodeHeaders(w io.Writer, headers Headers) error {
for _, h := range headers {
hn := headerName{
Len: uint8(len(h.Name)),
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/error.go
index 5ea5a98..34c2e89 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/error.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/error.go
@@ -1,6 +1,9 @@
package eventstreamapi
-import "fmt"
+import (
+ "fmt"
+ "sync"
+)
type messageError struct {
code string
@@ -22,3 +25,53 @@ func (e messageError) Error() string {
func (e messageError) OrigErr() error {
return nil
}
+
+// OnceError wraps the behavior of recording an error
+// once and signal on a channel when this has occurred.
+// Signaling is done by closing of the channel.
+//
+// Type is safe for concurrent usage.
+type OnceError struct {
+ mu sync.RWMutex
+ err error
+ ch chan struct{}
+}
+
+// NewOnceError return a new OnceError
+func NewOnceError() *OnceError {
+ return &OnceError{
+ ch: make(chan struct{}, 1),
+ }
+}
+
+// Err acquires a read-lock and returns an
+// error if one has been set.
+func (e *OnceError) Err() error {
+ e.mu.RLock()
+ err := e.err
+ e.mu.RUnlock()
+
+ return err
+}
+
+// SetError acquires a write-lock and will set
+// the underlying error value if one has not been set.
+func (e *OnceError) SetError(err error) {
+ if err == nil {
+ return
+ }
+
+ e.mu.Lock()
+ if e.err == nil {
+ e.err = err
+ close(e.ch)
+ }
+ e.mu.Unlock()
+}
+
+// ErrorSet returns a channel that will be used to signal
+// that an error has been set. This channel will be closed
+// when the error value has been set for OnceError.
+func (e *OnceError) ErrorSet() <-chan struct{} {
+ return e.ch
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/api.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/reader.go
similarity index 76%
rename from vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/api.go
rename to vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/reader.go
index 97937c8..0e4aa42 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/reader.go
@@ -2,9 +2,7 @@ package eventstreamapi
import (
"fmt"
- "io"
- "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/private/protocol"
"github.com/aws/aws-sdk-go/private/protocol/eventstream"
)
@@ -15,27 +13,8 @@ type Unmarshaler interface {
UnmarshalEvent(protocol.PayloadUnmarshaler, eventstream.Message) error
}
-// EventStream headers with specific meaning to async API functionality.
-const (
- MessageTypeHeader = `:message-type` // Identifies type of message.
- EventMessageType = `event`
- ErrorMessageType = `error`
- ExceptionMessageType = `exception`
-
- // Message Events
- EventTypeHeader = `:event-type` // Identifies message event type e.g. "Stats".
-
- // Message Error
- ErrorCodeHeader = `:error-code`
- ErrorMessageHeader = `:error-message`
-
- // Message Exception
- ExceptionTypeHeader = `:exception-type`
-)
-
// EventReader provides reading from the EventStream of an reader.
type EventReader struct {
- reader io.ReadCloser
decoder *eventstream.Decoder
unmarshalerForEventType func(string) (Unmarshaler, error)
@@ -47,27 +26,18 @@ type EventReader struct {
// NewEventReader returns a EventReader built from the reader and unmarshaler
// provided. Use ReadStream method to start reading from the EventStream.
func NewEventReader(
- reader io.ReadCloser,
+ decoder *eventstream.Decoder,
payloadUnmarshaler protocol.PayloadUnmarshaler,
unmarshalerForEventType func(string) (Unmarshaler, error),
) *EventReader {
return &EventReader{
- reader: reader,
- decoder: eventstream.NewDecoder(reader),
+ decoder: decoder,
payloadUnmarshaler: payloadUnmarshaler,
unmarshalerForEventType: unmarshalerForEventType,
payloadBuf: make([]byte, 10*1024),
}
}
-// UseLogger instructs the EventReader to use the logger and log level
-// specified.
-func (r *EventReader) UseLogger(logger aws.Logger, logLevel aws.LogLevelType) {
- if logger != nil && logLevel.Matches(aws.LogDebugWithEventStreamBody) {
- r.decoder.UseLogger(logger)
- }
-}
-
// ReadEvent attempts to read a message from the EventStream and return the
// unmarshaled event value that the message is for.
//
@@ -95,15 +65,27 @@ func (r *EventReader) ReadEvent() (event interface{}, err error) {
case EventMessageType:
return r.unmarshalEventMessage(msg)
case ExceptionMessageType:
- err = r.unmarshalEventException(msg)
- return nil, err
+ return nil, r.unmarshalEventException(msg)
case ErrorMessageType:
return nil, r.unmarshalErrorMessage(msg)
default:
- return nil, fmt.Errorf("unknown eventstream message type, %v", typ)
+ return nil, &UnknownMessageTypeError{
+ Type: typ, Message: msg.Clone(),
+ }
}
}
+// UnknownMessageTypeError provides an error when a message is received from
+// the stream, but the reader is unable to determine what kind of message it is.
+type UnknownMessageTypeError struct {
+ Type string
+ Message eventstream.Message
+}
+
+func (e *UnknownMessageTypeError) Error() string {
+ return "unknown eventstream message type, " + e.Type
+}
+
func (r *EventReader) unmarshalEventMessage(
msg eventstream.Message,
) (event interface{}, err error) {
@@ -174,11 +156,6 @@ func (r *EventReader) unmarshalErrorMessage(msg eventstream.Message) (err error)
return msgErr
}
-// Close closes the EventReader's EventStream reader.
-func (r *EventReader) Close() error {
- return r.reader.Close()
-}
-
// GetHeaderString returns the value of the header as a string. If the header
// is not set or the value is not a string an error will be returned.
func GetHeaderString(msg eventstream.Message, headerName string) (string, error) {
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/shared.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/shared.go
new file mode 100644
index 0000000..e46b8ac
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/shared.go
@@ -0,0 +1,23 @@
+package eventstreamapi
+
+// EventStream headers with specific meaning to async API functionality.
+const (
+ ChunkSignatureHeader = `:chunk-signature` // chunk signature for message
+ DateHeader = `:date` // Date header for signature
+
+ // Message header and values
+ MessageTypeHeader = `:message-type` // Identifies type of message.
+ EventMessageType = `event`
+ ErrorMessageType = `error`
+ ExceptionMessageType = `exception`
+
+ // Message Events
+ EventTypeHeader = `:event-type` // Identifies message event type e.g. "Stats".
+
+ // Message Error
+ ErrorCodeHeader = `:error-code`
+ ErrorMessageHeader = `:error-message`
+
+ // Message Exception
+ ExceptionTypeHeader = `:exception-type`
+)
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/signer.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/signer.go
new file mode 100644
index 0000000..3a7ba5c
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/signer.go
@@ -0,0 +1,123 @@
+package eventstreamapi
+
+import (
+ "bytes"
+ "strings"
+ "time"
+
+ "github.com/aws/aws-sdk-go/private/protocol/eventstream"
+)
+
+var timeNow = time.Now
+
+// StreamSigner defines an interface for the implementation of signing of event stream payloads
+type StreamSigner interface {
+ GetSignature(headers, payload []byte, date time.Time) ([]byte, error)
+}
+
+// SignEncoder envelopes event stream messages
+// into an event stream message payload with included
+// signature headers using the provided signer and encoder.
+type SignEncoder struct {
+ signer StreamSigner
+ encoder Encoder
+ bufEncoder *BufferEncoder
+
+ closeErr error
+ closed bool
+}
+
+// NewSignEncoder returns a new SignEncoder using the provided stream signer and
+// event stream encoder.
+func NewSignEncoder(signer StreamSigner, encoder Encoder) *SignEncoder {
+ // TODO: Need to pass down logging
+
+ return &SignEncoder{
+ signer: signer,
+ encoder: encoder,
+ bufEncoder: NewBufferEncoder(),
+ }
+}
+
+// Close encodes a final event stream signing envelope with an empty event stream
+// payload. This final end-frame is used to mark the conclusion of the stream.
+func (s *SignEncoder) Close() error {
+ if s.closed {
+ return s.closeErr
+ }
+
+ if err := s.encode([]byte{}); err != nil {
+ if strings.Contains(err.Error(), "on closed pipe") {
+ return nil
+ }
+
+ s.closeErr = err
+ s.closed = true
+ return s.closeErr
+ }
+
+ return nil
+}
+
+// Encode takes the provided message and add envelopes the message
+// with the required signature.
+func (s *SignEncoder) Encode(msg eventstream.Message) error {
+ payload, err := s.bufEncoder.Encode(msg)
+ if err != nil {
+ return err
+ }
+
+ return s.encode(payload)
+}
+
+func (s SignEncoder) encode(payload []byte) error {
+ date := timeNow()
+
+ var msg eventstream.Message
+ msg.Headers.Set(DateHeader, eventstream.TimestampValue(date))
+ msg.Payload = payload
+
+ var headers bytes.Buffer
+ if err := eventstream.EncodeHeaders(&headers, msg.Headers); err != nil {
+ return err
+ }
+
+ sig, err := s.signer.GetSignature(headers.Bytes(), msg.Payload, date)
+ if err != nil {
+ return err
+ }
+
+ msg.Headers.Set(ChunkSignatureHeader, eventstream.BytesValue(sig))
+
+ return s.encoder.Encode(msg)
+}
+
+// BufferEncoder is a utility that provides a buffered
+// event stream encoder
+type BufferEncoder struct {
+ encoder Encoder
+ buffer *bytes.Buffer
+}
+
+// NewBufferEncoder returns a new BufferEncoder initialized
+// with a 1024 byte buffer.
+func NewBufferEncoder() *BufferEncoder {
+ buf := bytes.NewBuffer(make([]byte, 1024))
+ return &BufferEncoder{
+ encoder: eventstream.NewEncoder(buf),
+ buffer: buf,
+ }
+}
+
+// Encode returns the encoded message as a byte slice.
+// The returned byte slice will be modified on the next encode call
+// and should not be held onto.
+func (e *BufferEncoder) Encode(msg eventstream.Message) ([]byte, error) {
+ e.buffer.Reset()
+
+ if err := e.encoder.Encode(msg); err != nil {
+ return nil, err
+ }
+
+ return e.buffer.Bytes(), nil
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/stream_writer.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/stream_writer.go
new file mode 100644
index 0000000..433bb16
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/stream_writer.go
@@ -0,0 +1,129 @@
+package eventstreamapi
+
+import (
+ "fmt"
+ "io"
+ "sync"
+
+ "github.com/aws/aws-sdk-go/aws"
+)
+
+// StreamWriter provides concurrent safe writing to an event stream.
+type StreamWriter struct {
+ eventWriter *EventWriter
+ stream chan eventWriteAsyncReport
+
+ done chan struct{}
+ closeOnce sync.Once
+ err *OnceError
+
+ streamCloser io.Closer
+}
+
+// NewStreamWriter returns a StreamWriter for the event writer, and stream
+// closer provided.
+func NewStreamWriter(eventWriter *EventWriter, streamCloser io.Closer) *StreamWriter {
+ w := &StreamWriter{
+ eventWriter: eventWriter,
+ streamCloser: streamCloser,
+ stream: make(chan eventWriteAsyncReport),
+ done: make(chan struct{}),
+ err: NewOnceError(),
+ }
+ go w.writeStream()
+
+ return w
+}
+
+// Close terminates the writers ability to write new events to the stream. Any
+// future call to Send will fail with an error.
+func (w *StreamWriter) Close() error {
+ w.closeOnce.Do(w.safeClose)
+ return w.Err()
+}
+
+func (w *StreamWriter) safeClose() {
+ close(w.done)
+}
+
+// ErrorSet returns a channel which will be closed
+// if an error occurs.
+func (w *StreamWriter) ErrorSet() <-chan struct{} {
+ return w.err.ErrorSet()
+}
+
+// Err returns any error that occurred while attempting to write an event to the
+// stream.
+func (w *StreamWriter) Err() error {
+ return w.err.Err()
+}
+
+// Send writes a single event to the stream returning an error if the write
+// failed.
+//
+// Send may be called concurrently. Events will be written to the stream
+// safely.
+func (w *StreamWriter) Send(ctx aws.Context, event Marshaler) error {
+ if err := w.Err(); err != nil {
+ return err
+ }
+
+ resultCh := make(chan error)
+ wrapped := eventWriteAsyncReport{
+ Event: event,
+ Result: resultCh,
+ }
+
+ select {
+ case w.stream <- wrapped:
+ case <-ctx.Done():
+ return ctx.Err()
+ case <-w.done:
+ return fmt.Errorf("stream closed, unable to send event")
+ }
+
+ select {
+ case err := <-resultCh:
+ return err
+ case <-ctx.Done():
+ return ctx.Err()
+ case <-w.done:
+ return fmt.Errorf("stream closed, unable to send event")
+ }
+}
+
+func (w *StreamWriter) writeStream() {
+ defer w.Close()
+
+ for {
+ select {
+ case wrapper := <-w.stream:
+ err := w.eventWriter.WriteEvent(wrapper.Event)
+ wrapper.ReportResult(w.done, err)
+ if err != nil {
+ w.err.SetError(err)
+ return
+ }
+
+ case <-w.done:
+ if err := w.streamCloser.Close(); err != nil {
+ w.err.SetError(err)
+ }
+ return
+ }
+ }
+}
+
+type eventWriteAsyncReport struct {
+ Event Marshaler
+ Result chan<- error
+}
+
+func (e eventWriteAsyncReport) ReportResult(cancel <-chan struct{}, err error) bool {
+ select {
+ case e.Result <- err:
+ return true
+ case <-cancel:
+ return false
+ }
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/writer.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/writer.go
new file mode 100644
index 0000000..10a3823
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/writer.go
@@ -0,0 +1,109 @@
+package eventstreamapi
+
+import (
+ "github.com/aws/aws-sdk-go/private/protocol"
+ "github.com/aws/aws-sdk-go/private/protocol/eventstream"
+)
+
+// Marshaler provides a marshaling interface for event types to event stream
+// messages.
+type Marshaler interface {
+ MarshalEvent(protocol.PayloadMarshaler) (eventstream.Message, error)
+}
+
+// Encoder is an stream encoder that will encode an event stream message for
+// the transport.
+type Encoder interface {
+ Encode(eventstream.Message) error
+}
+
+// EventWriter provides a wrapper around the underlying event stream encoder
+// for an io.WriteCloser.
+type EventWriter struct {
+ encoder Encoder
+ payloadMarshaler protocol.PayloadMarshaler
+ eventTypeFor func(Marshaler) (string, error)
+}
+
+// NewEventWriter returns a new event stream writer, that will write to the
+// writer provided. Use the WriteEvent method to write an event to the stream.
+func NewEventWriter(encoder Encoder, pm protocol.PayloadMarshaler, eventTypeFor func(Marshaler) (string, error),
+) *EventWriter {
+ return &EventWriter{
+ encoder: encoder,
+ payloadMarshaler: pm,
+ eventTypeFor: eventTypeFor,
+ }
+}
+
+// WriteEvent writes an event to the stream. Returns an error if the event
+// fails to marshal into a message, or writing to the underlying writer fails.
+func (w *EventWriter) WriteEvent(event Marshaler) error {
+ msg, err := w.marshal(event)
+ if err != nil {
+ return err
+ }
+
+ return w.encoder.Encode(msg)
+}
+
+func (w *EventWriter) marshal(event Marshaler) (eventstream.Message, error) {
+ eventType, err := w.eventTypeFor(event)
+ if err != nil {
+ return eventstream.Message{}, err
+ }
+
+ msg, err := event.MarshalEvent(w.payloadMarshaler)
+ if err != nil {
+ return eventstream.Message{}, err
+ }
+
+ msg.Headers.Set(EventTypeHeader, eventstream.StringValue(eventType))
+ return msg, nil
+}
+
+//type EventEncoder struct {
+// encoder Encoder
+// ppayloadMarshaler protocol.PayloadMarshaler
+// eventTypeFor func(Marshaler) (string, error)
+//}
+//
+//func (e EventEncoder) Encode(event Marshaler) error {
+// msg, err := e.marshal(event)
+// if err != nil {
+// return err
+// }
+//
+// return w.encoder.Encode(msg)
+//}
+//
+//func (e EventEncoder) marshal(event Marshaler) (eventstream.Message, error) {
+// eventType, err := w.eventTypeFor(event)
+// if err != nil {
+// return eventstream.Message{}, err
+// }
+//
+// msg, err := event.MarshalEvent(w.payloadMarshaler)
+// if err != nil {
+// return eventstream.Message{}, err
+// }
+//
+// msg.Headers.Set(EventTypeHeader, eventstream.StringValue(eventType))
+// return msg, nil
+//}
+//
+//func (w *EventWriter) marshal(event Marshaler) (eventstream.Message, error) {
+// eventType, err := w.eventTypeFor(event)
+// if err != nil {
+// return eventstream.Message{}, err
+// }
+//
+// msg, err := event.MarshalEvent(w.payloadMarshaler)
+// if err != nil {
+// return eventstream.Message{}, err
+// }
+//
+// msg.Headers.Set(EventTypeHeader, eventstream.StringValue(eventType))
+// return msg, nil
+//}
+//
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/header.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/header.go
index 3b44dde..f6f8c56 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/header.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/header.go
@@ -52,6 +52,15 @@ func (hs *Headers) Del(name string) {
}
}
+// Clone returns a deep copy of the headers
+func (hs Headers) Clone() Headers {
+ o := make(Headers, 0, len(hs))
+ for _, h := range hs {
+ o.Set(h.Name, h.Value)
+ }
+ return o
+}
+
func decodeHeaders(r io.Reader) (Headers, error) {
hs := Headers{}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/header_value.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/header_value.go
index e3fc076..9f509d8 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/header_value.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/header_value.go
@@ -461,6 +461,11 @@ func (v *TimestampValue) decode(r io.Reader) error {
return nil
}
+// MarshalJSON implements the json.Marshaler interface
+func (v TimestampValue) MarshalJSON() ([]byte, error) {
+ return []byte(v.String()), nil
+}
+
func timeFromEpochMilli(t int64) time.Time {
secs := t / 1e3
msec := t % 1e3
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/message.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/message.go
index 2dc012a..f7427da 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/message.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/message.go
@@ -27,7 +27,7 @@ func (m *Message) rawMessage() (rawMessage, error) {
if len(m.Headers) > 0 {
var headers bytes.Buffer
- if err := encodeHeaders(&headers, m.Headers); err != nil {
+ if err := EncodeHeaders(&headers, m.Headers); err != nil {
return rawMessage{}, err
}
raw.Headers = headers.Bytes()
@@ -57,6 +57,20 @@ func (m *Message) rawMessage() (rawMessage, error) {
return raw, nil
}
+// Clone returns a deep copy of the message.
+func (m Message) Clone() Message {
+ var payload []byte
+ if m.Payload != nil {
+ payload = make([]byte, len(m.Payload))
+ copy(payload, m.Payload)
+ }
+
+ return Message{
+ Headers: m.Headers.Clone(),
+ Payload: payload,
+ }
+}
+
type messagePrelude struct {
Length uint32
HeadersLen uint32
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go
index ea0da79..5e94996 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go
@@ -7,6 +7,7 @@ import (
"fmt"
"io"
"reflect"
+ "strings"
"time"
"github.com/aws/aws-sdk-go/aws"
@@ -45,10 +46,31 @@ func UnmarshalJSON(v interface{}, stream io.Reader) error {
return err
}
- return unmarshalAny(reflect.ValueOf(v), out, "")
+ return unmarshaler{}.unmarshalAny(reflect.ValueOf(v), out, "")
}
-func unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag) error {
+// UnmarshalJSONCaseInsensitive reads a stream and unmarshals the result into the
+// object v. Ignores casing for structure members.
+func UnmarshalJSONCaseInsensitive(v interface{}, stream io.Reader) error {
+ var out interface{}
+
+ err := json.NewDecoder(stream).Decode(&out)
+ if err == io.EOF {
+ return nil
+ } else if err != nil {
+ return err
+ }
+
+ return unmarshaler{
+ caseInsensitive: true,
+ }.unmarshalAny(reflect.ValueOf(v), out, "")
+}
+
+type unmarshaler struct {
+ caseInsensitive bool
+}
+
+func (u unmarshaler) unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag) error {
vtype := value.Type()
if vtype.Kind() == reflect.Ptr {
vtype = vtype.Elem() // check kind of actual element type
@@ -80,17 +102,17 @@ func unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag)
if field, ok := vtype.FieldByName("_"); ok {
tag = field.Tag
}
- return unmarshalStruct(value, data, tag)
+ return u.unmarshalStruct(value, data, tag)
case "list":
- return unmarshalList(value, data, tag)
+ return u.unmarshalList(value, data, tag)
case "map":
- return unmarshalMap(value, data, tag)
+ return u.unmarshalMap(value, data, tag)
default:
- return unmarshalScalar(value, data, tag)
+ return u.unmarshalScalar(value, data, tag)
}
}
-func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTag) error {
+func (u unmarshaler) unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTag) error {
if data == nil {
return nil
}
@@ -114,7 +136,7 @@ func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTa
// unwrap any payloads
if payload := tag.Get("payload"); payload != "" {
field, _ := t.FieldByName(payload)
- return unmarshalAny(value.FieldByName(payload), data, field.Tag)
+ return u.unmarshalAny(value.FieldByName(payload), data, field.Tag)
}
for i := 0; i < t.NumField(); i++ {
@@ -128,9 +150,19 @@ func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTa
if locName := field.Tag.Get("locationName"); locName != "" {
name = locName
}
+ if u.caseInsensitive {
+ if _, ok := mapData[name]; !ok {
+ // Fallback to uncased name search if the exact name didn't match.
+ for kn, v := range mapData {
+ if strings.EqualFold(kn, name) {
+ mapData[name] = v
+ }
+ }
+ }
+ }
member := value.FieldByIndex(field.Index)
- err := unmarshalAny(member, mapData[name], field.Tag)
+ err := u.unmarshalAny(member, mapData[name], field.Tag)
if err != nil {
return err
}
@@ -138,7 +170,7 @@ func unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTa
return nil
}
-func unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) error {
+func (u unmarshaler) unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) error {
if data == nil {
return nil
}
@@ -153,7 +185,7 @@ func unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag)
}
for i, c := range listData {
- err := unmarshalAny(value.Index(i), c, "")
+ err := u.unmarshalAny(value.Index(i), c, "")
if err != nil {
return err
}
@@ -162,7 +194,7 @@ func unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag)
return nil
}
-func unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag) error {
+func (u unmarshaler) unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag) error {
if data == nil {
return nil
}
@@ -179,14 +211,14 @@ func unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag)
kvalue := reflect.ValueOf(k)
vvalue := reflect.New(value.Type().Elem()).Elem()
- unmarshalAny(vvalue, v, "")
+ u.unmarshalAny(vvalue, v, "")
value.SetMapIndex(kvalue, vvalue)
}
return nil
}
-func unmarshalScalar(value reflect.Value, data interface{}, tag reflect.StructTag) error {
+func (u unmarshaler) unmarshalScalar(value reflect.Value, data interface{}, tag reflect.StructTag) error {
switch d := data.(type) {
case nil:
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go
index bfedc9f..a029217 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go
@@ -2,12 +2,10 @@
// requests and responses.
package jsonrpc
-//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/input/json.json build_test.go
-//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/output/json.json unmarshal_test.go
+//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/json.json build_test.go
+//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/json.json unmarshal_test.go
import (
- "strings"
-
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/private/protocol/json/jsonutil"
@@ -16,17 +14,26 @@ import (
var emptyJSON = []byte("{}")
-// BuildHandler is a named request handler for building jsonrpc protocol requests
-var BuildHandler = request.NamedHandler{Name: "awssdk.jsonrpc.Build", Fn: Build}
-
-// UnmarshalHandler is a named request handler for unmarshaling jsonrpc protocol requests
-var UnmarshalHandler = request.NamedHandler{Name: "awssdk.jsonrpc.Unmarshal", Fn: Unmarshal}
+// BuildHandler is a named request handler for building jsonrpc protocol
+// requests
+var BuildHandler = request.NamedHandler{
+ Name: "awssdk.jsonrpc.Build",
+ Fn: Build,
+}
-// UnmarshalMetaHandler is a named request handler for unmarshaling jsonrpc protocol request metadata
-var UnmarshalMetaHandler = request.NamedHandler{Name: "awssdk.jsonrpc.UnmarshalMeta", Fn: UnmarshalMeta}
+// UnmarshalHandler is a named request handler for unmarshaling jsonrpc
+// protocol requests
+var UnmarshalHandler = request.NamedHandler{
+ Name: "awssdk.jsonrpc.Unmarshal",
+ Fn: Unmarshal,
+}
-// UnmarshalErrorHandler is a named request handler for unmarshaling jsonrpc protocol request errors
-var UnmarshalErrorHandler = request.NamedHandler{Name: "awssdk.jsonrpc.UnmarshalError", Fn: UnmarshalError}
+// UnmarshalMetaHandler is a named request handler for unmarshaling jsonrpc
+// protocol request metadata
+var UnmarshalMetaHandler = request.NamedHandler{
+ Name: "awssdk.jsonrpc.UnmarshalMeta",
+ Fn: UnmarshalMeta,
+}
// Build builds a JSON payload for a JSON RPC request.
func Build(req *request.Request) {
@@ -79,32 +86,3 @@ func Unmarshal(req *request.Request) {
func UnmarshalMeta(req *request.Request) {
rest.UnmarshalMeta(req)
}
-
-// UnmarshalError unmarshals an error response for a JSON RPC service.
-func UnmarshalError(req *request.Request) {
- defer req.HTTPResponse.Body.Close()
-
- var jsonErr jsonErrorResponse
- err := jsonutil.UnmarshalJSONError(&jsonErr, req.HTTPResponse.Body)
- if err != nil {
- req.Error = awserr.NewRequestFailure(
- awserr.New(request.ErrCodeSerialization,
- "failed to unmarshal error message", err),
- req.HTTPResponse.StatusCode,
- req.RequestID,
- )
- return
- }
-
- codes := strings.SplitN(jsonErr.Code, "#", 2)
- req.Error = awserr.NewRequestFailure(
- awserr.New(codes[len(codes)-1], jsonErr.Message, nil),
- req.HTTPResponse.StatusCode,
- req.RequestID,
- )
-}
-
-type jsonErrorResponse struct {
- Code string `json:"__type"`
- Message string `json:"message"`
-}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go
new file mode 100644
index 0000000..c0c52e2
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go
@@ -0,0 +1,107 @@
+package jsonrpc
+
+import (
+ "bytes"
+ "io"
+ "io/ioutil"
+ "net/http"
+ "strings"
+
+ "github.com/aws/aws-sdk-go/aws/awserr"
+ "github.com/aws/aws-sdk-go/aws/request"
+ "github.com/aws/aws-sdk-go/private/protocol"
+ "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil"
+)
+
+// UnmarshalTypedError provides unmarshaling errors API response errors
+// for both typed and untyped errors.
+type UnmarshalTypedError struct {
+ exceptions map[string]func(protocol.ResponseMetadata) error
+}
+
+// NewUnmarshalTypedError returns an UnmarshalTypedError initialized for the
+// set of exception names to the error unmarshalers
+func NewUnmarshalTypedError(exceptions map[string]func(protocol.ResponseMetadata) error) *UnmarshalTypedError {
+ return &UnmarshalTypedError{
+ exceptions: exceptions,
+ }
+}
+
+// UnmarshalError attempts to unmarshal the HTTP response error as a known
+// error type. If unable to unmarshal the error type, the generic SDK error
+// type will be used.
+func (u *UnmarshalTypedError) UnmarshalError(
+ resp *http.Response,
+ respMeta protocol.ResponseMetadata,
+) (error, error) {
+
+ var buf bytes.Buffer
+ var jsonErr jsonErrorResponse
+ teeReader := io.TeeReader(resp.Body, &buf)
+ err := jsonutil.UnmarshalJSONError(&jsonErr, teeReader)
+ if err != nil {
+ return nil, err
+ }
+ body := ioutil.NopCloser(&buf)
+
+ // Code may be separated by hash(#), with the last element being the code
+ // used by the SDK.
+ codeParts := strings.SplitN(jsonErr.Code, "#", 2)
+ code := codeParts[len(codeParts)-1]
+ msg := jsonErr.Message
+
+ if fn, ok := u.exceptions[code]; ok {
+ // If exception code is know, use associated constructor to get a value
+ // for the exception that the JSON body can be unmarshaled into.
+ v := fn(respMeta)
+ err := jsonutil.UnmarshalJSONCaseInsensitive(v, body)
+ if err != nil {
+ return nil, err
+ }
+
+ return v, nil
+ }
+
+ // fallback to unmodeled generic exceptions
+ return awserr.NewRequestFailure(
+ awserr.New(code, msg, nil),
+ respMeta.StatusCode,
+ respMeta.RequestID,
+ ), nil
+}
+
+// UnmarshalErrorHandler is a named request handler for unmarshaling jsonrpc
+// protocol request errors
+var UnmarshalErrorHandler = request.NamedHandler{
+ Name: "awssdk.jsonrpc.UnmarshalError",
+ Fn: UnmarshalError,
+}
+
+// UnmarshalError unmarshals an error response for a JSON RPC service.
+func UnmarshalError(req *request.Request) {
+ defer req.HTTPResponse.Body.Close()
+
+ var jsonErr jsonErrorResponse
+ err := jsonutil.UnmarshalJSONError(&jsonErr, req.HTTPResponse.Body)
+ if err != nil {
+ req.Error = awserr.NewRequestFailure(
+ awserr.New(request.ErrCodeSerialization,
+ "failed to unmarshal error message", err),
+ req.HTTPResponse.StatusCode,
+ req.RequestID,
+ )
+ return
+ }
+
+ codes := strings.SplitN(jsonErr.Code, "#", 2)
+ req.Error = awserr.NewRequestFailure(
+ awserr.New(codes[len(codes)-1], jsonErr.Message, nil),
+ req.HTTPResponse.StatusCode,
+ req.RequestID,
+ )
+}
+
+type jsonErrorResponse struct {
+ Code string `json:"__type"`
+ Message string `json:"message"`
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go
index e21614a..0ea0647 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go
@@ -64,7 +64,7 @@ func (h HandlerPayloadMarshal) MarshalPayload(w io.Writer, v interface{}) error
metadata.ClientInfo{},
request.Handlers{},
nil,
- &request.Operation{HTTPMethod: "GET"},
+ &request.Operation{HTTPMethod: "PUT"},
v,
nil,
)
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go
new file mode 100644
index 0000000..9d521dc
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go
@@ -0,0 +1,49 @@
+package protocol
+
+import (
+ "fmt"
+ "strings"
+
+ "github.com/aws/aws-sdk-go/aws/awserr"
+ "github.com/aws/aws-sdk-go/aws/request"
+)
+
+// RequireHTTPMinProtocol request handler is used to enforce that
+// the target endpoint supports the given major and minor HTTP protocol version.
+type RequireHTTPMinProtocol struct {
+ Major, Minor int
+}
+
+// Handler will mark the request.Request with an error if the
+// target endpoint did not connect with the required HTTP protocol
+// major and minor version.
+func (p RequireHTTPMinProtocol) Handler(r *request.Request) {
+ if r.Error != nil || r.HTTPResponse == nil {
+ return
+ }
+
+ if !strings.HasPrefix(r.HTTPResponse.Proto, "HTTP") {
+ r.Error = newMinHTTPProtoError(p.Major, p.Minor, r)
+ }
+
+ if r.HTTPResponse.ProtoMajor < p.Major || r.HTTPResponse.ProtoMinor < p.Minor {
+ r.Error = newMinHTTPProtoError(p.Major, p.Minor, r)
+ }
+}
+
+// ErrCodeMinimumHTTPProtocolError error code is returned when the target endpoint
+// did not match the required HTTP major and minor protocol version.
+const ErrCodeMinimumHTTPProtocolError = "MinimumHTTPProtocolError"
+
+func newMinHTTPProtoError(major, minor int, r *request.Request) error {
+ return awserr.NewRequestFailure(
+ awserr.New("MinimumHTTPProtocolError",
+ fmt.Sprintf(
+ "operation requires minimum HTTP protocol of HTTP/%d.%d, but was %s",
+ major, minor, r.HTTPResponse.Proto,
+ ),
+ nil,
+ ),
+ r.HTTPResponse.StatusCode, r.RequestID,
+ )
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go
index 0cb99eb..d40346a 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go
@@ -1,7 +1,7 @@
// Package query provides serialization of AWS query requests, and responses.
package query
-//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/input/query.json build_test.go
+//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/query.json build_test.go
import (
"net/url"
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go
index f69c1ef..9231e95 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go
@@ -1,6 +1,6 @@
package query
-//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/output/query.json unmarshal_test.go
+//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/query.json unmarshal_test.go
import (
"encoding/xml"
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go
index 74e361e..92f8b4d 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go
@@ -15,6 +15,7 @@ import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/request"
+ awsStrings "github.com/aws/aws-sdk-go/internal/strings"
"github.com/aws/aws-sdk-go/private/protocol"
)
@@ -28,7 +29,9 @@ var UnmarshalMetaHandler = request.NamedHandler{Name: "awssdk.rest.UnmarshalMeta
func Unmarshal(r *request.Request) {
if r.DataFilled() {
v := reflect.Indirect(reflect.ValueOf(r.Data))
- unmarshalBody(r, v)
+ if err := unmarshalBody(r, v); err != nil {
+ r.Error = err
+ }
}
}
@@ -40,12 +43,21 @@ func UnmarshalMeta(r *request.Request) {
r.RequestID = r.HTTPResponse.Header.Get("X-Amz-Request-Id")
}
if r.DataFilled() {
- v := reflect.Indirect(reflect.ValueOf(r.Data))
- unmarshalLocationElements(r, v)
+ if err := UnmarshalResponse(r.HTTPResponse, r.Data, aws.BoolValue(r.Config.LowerCaseHeaderMaps)); err != nil {
+ r.Error = err
+ }
}
}
-func unmarshalBody(r *request.Request, v reflect.Value) {
+// UnmarshalResponse attempts to unmarshal the REST response headers to
+// the data type passed in. The type must be a pointer. An error is returned
+// with any error unmarshaling the response into the target datatype.
+func UnmarshalResponse(resp *http.Response, data interface{}, lowerCaseHeaderMaps bool) error {
+ v := reflect.Indirect(reflect.ValueOf(data))
+ return unmarshalLocationElements(resp, v, lowerCaseHeaderMaps)
+}
+
+func unmarshalBody(r *request.Request, v reflect.Value) error {
if field, ok := v.Type().FieldByName("_"); ok {
if payloadName := field.Tag.Get("payload"); payloadName != "" {
pfield, _ := v.Type().FieldByName(payloadName)
@@ -57,35 +69,38 @@ func unmarshalBody(r *request.Request, v reflect.Value) {
defer r.HTTPResponse.Body.Close()
b, err := ioutil.ReadAll(r.HTTPResponse.Body)
if err != nil {
- r.Error = awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
- } else {
- payload.Set(reflect.ValueOf(b))
+ return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
}
+
+ payload.Set(reflect.ValueOf(b))
+
case *string:
defer r.HTTPResponse.Body.Close()
b, err := ioutil.ReadAll(r.HTTPResponse.Body)
if err != nil {
- r.Error = awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
- } else {
- str := string(b)
- payload.Set(reflect.ValueOf(&str))
+ return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
}
+
+ str := string(b)
+ payload.Set(reflect.ValueOf(&str))
+
default:
switch payload.Type().String() {
case "io.ReadCloser":
payload.Set(reflect.ValueOf(r.HTTPResponse.Body))
+
case "io.ReadSeeker":
b, err := ioutil.ReadAll(r.HTTPResponse.Body)
if err != nil {
- r.Error = awserr.New(request.ErrCodeSerialization,
+ return awserr.New(request.ErrCodeSerialization,
"failed to read response body", err)
- return
}
payload.Set(reflect.ValueOf(ioutil.NopCloser(bytes.NewReader(b))))
+
default:
io.Copy(ioutil.Discard, r.HTTPResponse.Body)
- defer r.HTTPResponse.Body.Close()
- r.Error = awserr.New(request.ErrCodeSerialization,
+ r.HTTPResponse.Body.Close()
+ return awserr.New(request.ErrCodeSerialization,
"failed to decode REST response",
fmt.Errorf("unknown payload type %s", payload.Type()))
}
@@ -94,9 +109,11 @@ func unmarshalBody(r *request.Request, v reflect.Value) {
}
}
}
+
+ return nil
}
-func unmarshalLocationElements(r *request.Request, v reflect.Value) {
+func unmarshalLocationElements(resp *http.Response, v reflect.Value, lowerCaseHeaderMaps bool) error {
for i := 0; i < v.NumField(); i++ {
m, field := v.Field(i), v.Type().Field(i)
if n := field.Name; n[0:1] == strings.ToLower(n[0:1]) {
@@ -111,26 +128,25 @@ func unmarshalLocationElements(r *request.Request, v reflect.Value) {
switch field.Tag.Get("location") {
case "statusCode":
- unmarshalStatusCode(m, r.HTTPResponse.StatusCode)
+ unmarshalStatusCode(m, resp.StatusCode)
+
case "header":
- err := unmarshalHeader(m, r.HTTPResponse.Header.Get(name), field.Tag)
+ err := unmarshalHeader(m, resp.Header.Get(name), field.Tag)
if err != nil {
- r.Error = awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
- break
+ return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
}
+
case "headers":
prefix := field.Tag.Get("locationName")
- err := unmarshalHeaderMap(m, r.HTTPResponse.Header, prefix)
+ err := unmarshalHeaderMap(m, resp.Header, prefix, lowerCaseHeaderMaps)
if err != nil {
- r.Error = awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
- break
+ awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
}
}
}
- if r.Error != nil {
- return
- }
}
+
+ return nil
}
func unmarshalStatusCode(v reflect.Value, statusCode int) {
@@ -145,7 +161,7 @@ func unmarshalStatusCode(v reflect.Value, statusCode int) {
}
}
-func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string) error {
+func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string, normalize bool) error {
if len(headers) == 0 {
return nil
}
@@ -153,8 +169,12 @@ func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string) err
case map[string]*string: // we only support string map value types
out := map[string]*string{}
for k, v := range headers {
- k = http.CanonicalHeaderKey(k)
- if strings.HasPrefix(strings.ToLower(k), strings.ToLower(prefix)) {
+ if awsStrings.HasPrefixFold(k, prefix) {
+ if normalize == true {
+ k = strings.ToLower(k)
+ } else {
+ k = http.CanonicalHeaderKey(k)
+ }
out[k[len(prefix):]] = &v[0]
}
}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go
index af4f615..2e0e205 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go
@@ -2,30 +2,35 @@
// requests and responses.
package restjson
-//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/input/rest-json.json build_test.go
-//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/output/rest-json.json unmarshal_test.go
+//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/rest-json.json build_test.go
+//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/rest-json.json unmarshal_test.go
import (
- "strings"
-
- "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/request"
- "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil"
"github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
"github.com/aws/aws-sdk-go/private/protocol/rest"
)
-// BuildHandler is a named request handler for building restjson protocol requests
-var BuildHandler = request.NamedHandler{Name: "awssdk.restjson.Build", Fn: Build}
-
-// UnmarshalHandler is a named request handler for unmarshaling restjson protocol requests
-var UnmarshalHandler = request.NamedHandler{Name: "awssdk.restjson.Unmarshal", Fn: Unmarshal}
+// BuildHandler is a named request handler for building restjson protocol
+// requests
+var BuildHandler = request.NamedHandler{
+ Name: "awssdk.restjson.Build",
+ Fn: Build,
+}
-// UnmarshalMetaHandler is a named request handler for unmarshaling restjson protocol request metadata
-var UnmarshalMetaHandler = request.NamedHandler{Name: "awssdk.restjson.UnmarshalMeta", Fn: UnmarshalMeta}
+// UnmarshalHandler is a named request handler for unmarshaling restjson
+// protocol requests
+var UnmarshalHandler = request.NamedHandler{
+ Name: "awssdk.restjson.Unmarshal",
+ Fn: Unmarshal,
+}
-// UnmarshalErrorHandler is a named request handler for unmarshaling restjson protocol request errors
-var UnmarshalErrorHandler = request.NamedHandler{Name: "awssdk.restjson.UnmarshalError", Fn: UnmarshalError}
+// UnmarshalMetaHandler is a named request handler for unmarshaling restjson
+// protocol request metadata
+var UnmarshalMetaHandler = request.NamedHandler{
+ Name: "awssdk.restjson.UnmarshalMeta",
+ Fn: UnmarshalMeta,
+}
// Build builds a request for the REST JSON protocol.
func Build(r *request.Request) {
@@ -52,37 +57,3 @@ func Unmarshal(r *request.Request) {
func UnmarshalMeta(r *request.Request) {
rest.UnmarshalMeta(r)
}
-
-// UnmarshalError unmarshals a response error for the REST JSON protocol.
-func UnmarshalError(r *request.Request) {
- defer r.HTTPResponse.Body.Close()
-
- var jsonErr jsonErrorResponse
- err := jsonutil.UnmarshalJSONError(&jsonErr, r.HTTPResponse.Body)
- if err != nil {
- r.Error = awserr.NewRequestFailure(
- awserr.New(request.ErrCodeSerialization,
- "failed to unmarshal response error", err),
- r.HTTPResponse.StatusCode,
- r.RequestID,
- )
- return
- }
-
- code := r.HTTPResponse.Header.Get("X-Amzn-Errortype")
- if code == "" {
- code = jsonErr.Code
- }
-
- code = strings.SplitN(code, ":", 2)[0]
- r.Error = awserr.NewRequestFailure(
- awserr.New(code, jsonErr.Message, nil),
- r.HTTPResponse.StatusCode,
- r.RequestID,
- )
-}
-
-type jsonErrorResponse struct {
- Code string `json:"code"`
- Message string `json:"message"`
-}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go
new file mode 100644
index 0000000..d756d8c
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go
@@ -0,0 +1,134 @@
+package restjson
+
+import (
+ "bytes"
+ "io"
+ "io/ioutil"
+ "net/http"
+ "strings"
+
+ "github.com/aws/aws-sdk-go/aws/awserr"
+ "github.com/aws/aws-sdk-go/aws/request"
+ "github.com/aws/aws-sdk-go/private/protocol"
+ "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil"
+ "github.com/aws/aws-sdk-go/private/protocol/rest"
+)
+
+const (
+ errorTypeHeader = "X-Amzn-Errortype"
+ errorMessageHeader = "X-Amzn-Errormessage"
+)
+
+// UnmarshalTypedError provides unmarshaling errors API response errors
+// for both typed and untyped errors.
+type UnmarshalTypedError struct {
+ exceptions map[string]func(protocol.ResponseMetadata) error
+}
+
+// NewUnmarshalTypedError returns an UnmarshalTypedError initialized for the
+// set of exception names to the error unmarshalers
+func NewUnmarshalTypedError(exceptions map[string]func(protocol.ResponseMetadata) error) *UnmarshalTypedError {
+ return &UnmarshalTypedError{
+ exceptions: exceptions,
+ }
+}
+
+// UnmarshalError attempts to unmarshal the HTTP response error as a known
+// error type. If unable to unmarshal the error type, the generic SDK error
+// type will be used.
+func (u *UnmarshalTypedError) UnmarshalError(
+ resp *http.Response,
+ respMeta protocol.ResponseMetadata,
+) (error, error) {
+
+ code := resp.Header.Get(errorTypeHeader)
+ msg := resp.Header.Get(errorMessageHeader)
+
+ body := resp.Body
+ if len(code) == 0 {
+ // If unable to get code from HTTP headers have to parse JSON message
+ // to determine what kind of exception this will be.
+ var buf bytes.Buffer
+ var jsonErr jsonErrorResponse
+ teeReader := io.TeeReader(resp.Body, &buf)
+ err := jsonutil.UnmarshalJSONError(&jsonErr, teeReader)
+ if err != nil {
+ return nil, err
+ }
+
+ body = ioutil.NopCloser(&buf)
+ code = jsonErr.Code
+ msg = jsonErr.Message
+ }
+
+ // If code has colon separators remove them so can compare against modeled
+ // exception names.
+ code = strings.SplitN(code, ":", 2)[0]
+
+ if fn, ok := u.exceptions[code]; ok {
+ // If exception code is know, use associated constructor to get a value
+ // for the exception that the JSON body can be unmarshaled into.
+ v := fn(respMeta)
+ if err := jsonutil.UnmarshalJSONCaseInsensitive(v, body); err != nil {
+ return nil, err
+ }
+
+ if err := rest.UnmarshalResponse(resp, v, true); err != nil {
+ return nil, err
+ }
+
+ return v, nil
+ }
+
+ // fallback to unmodeled generic exceptions
+ return awserr.NewRequestFailure(
+ awserr.New(code, msg, nil),
+ respMeta.StatusCode,
+ respMeta.RequestID,
+ ), nil
+}
+
+// UnmarshalErrorHandler is a named request handler for unmarshaling restjson
+// protocol request errors
+var UnmarshalErrorHandler = request.NamedHandler{
+ Name: "awssdk.restjson.UnmarshalError",
+ Fn: UnmarshalError,
+}
+
+// UnmarshalError unmarshals a response error for the REST JSON protocol.
+func UnmarshalError(r *request.Request) {
+ defer r.HTTPResponse.Body.Close()
+
+ var jsonErr jsonErrorResponse
+ err := jsonutil.UnmarshalJSONError(&jsonErr, r.HTTPResponse.Body)
+ if err != nil {
+ r.Error = awserr.NewRequestFailure(
+ awserr.New(request.ErrCodeSerialization,
+ "failed to unmarshal response error", err),
+ r.HTTPResponse.StatusCode,
+ r.RequestID,
+ )
+ return
+ }
+
+ code := r.HTTPResponse.Header.Get(errorTypeHeader)
+ if code == "" {
+ code = jsonErr.Code
+ }
+ msg := r.HTTPResponse.Header.Get(errorMessageHeader)
+ if msg == "" {
+ msg = jsonErr.Message
+ }
+
+ code = strings.SplitN(code, ":", 2)[0]
+ r.Error = awserr.NewRequestFailure(
+ awserr.New(code, jsonErr.Message, nil),
+ r.HTTPResponse.StatusCode,
+ r.RequestID,
+ )
+}
+
+type jsonErrorResponse struct {
+ Code string `json:"code"`
+ Message string `json:"message"`
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/restxml/restxml.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/restxml/restxml.go
index 07a6187..b1ae364 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/restxml/restxml.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/restxml/restxml.go
@@ -2,8 +2,8 @@
// requests and responses.
package restxml
-//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/input/rest-xml.json build_test.go
-//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/output/rest-xml.json unmarshal_test.go
+//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/rest-xml.json build_test.go
+//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/rest-xml.json unmarshal_test.go
import (
"bytes"
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go
index 05d4ff5..d2f6dae 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go
@@ -56,7 +56,8 @@ func FormatTime(name string, t time.Time) string {
case ISO8601TimeFormatName:
return t.Format(ISO8601OutputTimeFormat)
case UnixTimeFormatName:
- return strconv.FormatInt(t.Unix(), 10)
+ ms := t.UnixNano() / int64(time.Millisecond)
+ return strconv.FormatFloat(float64(ms)/1e3, 'f', -1, 64)
default:
panic("unknown timestamp format name, " + name)
}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go
index da1a681..f614ef8 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go
@@ -19,3 +19,9 @@ func UnmarshalDiscardBody(r *request.Request) {
io.Copy(ioutil.Discard, r.HTTPResponse.Body)
r.HTTPResponse.Body.Close()
}
+
+// ResponseMetadata provides the SDK response metadata attributes.
+type ResponseMetadata struct {
+ StatusCode int
+ RequestID string
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go
new file mode 100644
index 0000000..cc857f1
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go
@@ -0,0 +1,65 @@
+package protocol
+
+import (
+ "net/http"
+
+ "github.com/aws/aws-sdk-go/aws/awserr"
+ "github.com/aws/aws-sdk-go/aws/request"
+)
+
+// UnmarshalErrorHandler provides unmarshaling errors API response errors for
+// both typed and untyped errors.
+type UnmarshalErrorHandler struct {
+ unmarshaler ErrorUnmarshaler
+}
+
+// ErrorUnmarshaler is an abstract interface for concrete implementations to
+// unmarshal protocol specific response errors.
+type ErrorUnmarshaler interface {
+ UnmarshalError(*http.Response, ResponseMetadata) (error, error)
+}
+
+// NewUnmarshalErrorHandler returns an UnmarshalErrorHandler
+// initialized for the set of exception names to the error unmarshalers
+func NewUnmarshalErrorHandler(unmarshaler ErrorUnmarshaler) *UnmarshalErrorHandler {
+ return &UnmarshalErrorHandler{
+ unmarshaler: unmarshaler,
+ }
+}
+
+// UnmarshalErrorHandlerName is the name of the named handler.
+const UnmarshalErrorHandlerName = "awssdk.protocol.UnmarshalError"
+
+// NamedHandler returns a NamedHandler for the unmarshaler using the set of
+// errors the unmarshaler was initialized for.
+func (u *UnmarshalErrorHandler) NamedHandler() request.NamedHandler {
+ return request.NamedHandler{
+ Name: UnmarshalErrorHandlerName,
+ Fn: u.UnmarshalError,
+ }
+}
+
+// UnmarshalError will attempt to unmarshal the API response's error message
+// into either a generic SDK error type, or a typed error corresponding to the
+// errors exception name.
+func (u *UnmarshalErrorHandler) UnmarshalError(r *request.Request) {
+ defer r.HTTPResponse.Body.Close()
+
+ respMeta := ResponseMetadata{
+ StatusCode: r.HTTPResponse.StatusCode,
+ RequestID: r.RequestID,
+ }
+
+ v, err := u.unmarshaler.UnmarshalError(r.HTTPResponse, respMeta)
+ if err != nil {
+ r.Error = awserr.NewRequestFailure(
+ awserr.New(request.ErrCodeSerialization,
+ "failed to unmarshal response error", err),
+ respMeta.StatusCode,
+ respMeta.RequestID,
+ )
+ return
+ }
+
+ r.Error = v
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go
index cf981fe..09ad951 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go
@@ -8,6 +8,7 @@ import (
"reflect"
"sort"
"strconv"
+ "strings"
"time"
"github.com/aws/aws-sdk-go/private/protocol"
@@ -60,6 +61,14 @@ func (b *xmlBuilder) buildValue(value reflect.Value, current *XMLNode, tag refle
return nil
}
+ xml := tag.Get("xml")
+ if len(xml) != 0 {
+ name := strings.SplitAfterN(xml, ",", 2)[0]
+ if name == "-" {
+ return nil
+ }
+ }
+
t := tag.Get("type")
if t == "" {
switch value.Kind() {
diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go
index 7108d38..107c053 100644
--- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go
+++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go
@@ -64,6 +64,14 @@ func UnmarshalXML(v interface{}, d *xml.Decoder, wrapper string) error {
// parse deserializes any value from the XMLNode. The type tag is used to infer the type, or reflect
// will be used to determine the type from r.
func parse(r reflect.Value, node *XMLNode, tag reflect.StructTag) error {
+ xml := tag.Get("xml")
+ if len(xml) != 0 {
+ name := strings.SplitAfterN(xml, ",", 2)[0]
+ if name == "-" {
+ return nil
+ }
+ }
+
rtype := r.Type()
if rtype.Kind() == reflect.Ptr {
rtype = rtype.Elem() // check kind of actual element type
diff --git a/vendor/github.com/aws/aws-sdk-go/service/batch/api.go b/vendor/github.com/aws/aws-sdk-go/service/batch/api.go
index 2794304..025c323 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/batch/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/batch/api.go
@@ -70,13 +70,13 @@ func (c *Batch) CancelJobRequest(input *CancelJobInput) (req *request.Request, o
// See the AWS API reference guide for AWS Batch's
// API operation CancelJob for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/CancelJob
@@ -193,13 +193,13 @@ func (c *Batch) CreateComputeEnvironmentRequest(input *CreateComputeEnvironmentI
// See the AWS API reference guide for AWS Batch's
// API operation CreateComputeEnvironment for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/CreateComputeEnvironment
@@ -285,13 +285,13 @@ func (c *Batch) CreateJobQueueRequest(input *CreateJobQueueInput) (req *request.
// See the AWS API reference guide for AWS Batch's
// API operation CreateJobQueue for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/CreateJobQueue
@@ -374,13 +374,13 @@ func (c *Batch) DeleteComputeEnvironmentRequest(input *DeleteComputeEnvironmentI
// See the AWS API reference guide for AWS Batch's
// API operation DeleteComputeEnvironment for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/DeleteComputeEnvironment
@@ -464,13 +464,13 @@ func (c *Batch) DeleteJobQueueRequest(input *DeleteJobQueueInput) (req *request.
// See the AWS API reference guide for AWS Batch's
// API operation DeleteJobQueue for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/DeleteJobQueue
@@ -540,7 +540,8 @@ func (c *Batch) DeregisterJobDefinitionRequest(input *DeregisterJobDefinitionInp
// DeregisterJobDefinition API operation for AWS Batch.
//
-// Deregisters an AWS Batch job definition.
+// Deregisters an AWS Batch job definition. Job definitions will be permanently
+// deleted after 180 days.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -549,13 +550,13 @@ func (c *Batch) DeregisterJobDefinitionRequest(input *DeregisterJobDefinitionInp
// See the AWS API reference guide for AWS Batch's
// API operation DeregisterJobDefinition for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/DeregisterJobDefinition
@@ -643,13 +644,13 @@ func (c *Batch) DescribeComputeEnvironmentsRequest(input *DescribeComputeEnviron
// See the AWS API reference guide for AWS Batch's
// API operation DescribeComputeEnvironments for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/DescribeComputeEnvironments
@@ -786,13 +787,13 @@ func (c *Batch) DescribeJobDefinitionsRequest(input *DescribeJobDefinitionsInput
// See the AWS API reference guide for AWS Batch's
// API operation DescribeJobDefinitions for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/DescribeJobDefinitions
@@ -928,13 +929,13 @@ func (c *Batch) DescribeJobQueuesRequest(input *DescribeJobQueuesInput) (req *re
// See the AWS API reference guide for AWS Batch's
// API operation DescribeJobQueues for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/DescribeJobQueues
@@ -1064,13 +1065,13 @@ func (c *Batch) DescribeJobsRequest(input *DescribeJobsInput) (req *request.Requ
// See the AWS API reference guide for AWS Batch's
// API operation DescribeJobs for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/DescribeJobs
@@ -1165,13 +1166,13 @@ func (c *Batch) ListJobsRequest(input *ListJobsInput) (req *request.Request, out
// See the AWS API reference guide for AWS Batch's
// API operation ListJobs for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/ListJobs
@@ -1301,13 +1302,13 @@ func (c *Batch) RegisterJobDefinitionRequest(input *RegisterJobDefinitionInput)
// See the AWS API reference guide for AWS Batch's
// API operation RegisterJobDefinition for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/RegisterJobDefinition
@@ -1386,13 +1387,13 @@ func (c *Batch) SubmitJobRequest(input *SubmitJobInput) (req *request.Request, o
// See the AWS API reference guide for AWS Batch's
// API operation SubmitJob for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/SubmitJob
@@ -1473,13 +1474,13 @@ func (c *Batch) TerminateJobRequest(input *TerminateJobInput) (req *request.Requ
// See the AWS API reference guide for AWS Batch's
// API operation TerminateJob for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/TerminateJob
@@ -1557,13 +1558,13 @@ func (c *Batch) UpdateComputeEnvironmentRequest(input *UpdateComputeEnvironmentI
// See the AWS API reference guide for AWS Batch's
// API operation UpdateComputeEnvironment for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/UpdateComputeEnvironment
@@ -1641,13 +1642,13 @@ func (c *Batch) UpdateJobQueueRequest(input *UpdateJobQueueInput) (req *request.
// See the AWS API reference guide for AWS Batch's
// API operation UpdateJobQueue for usage and error information.
//
-// Returned Error Codes:
-// * ErrCodeClientException "ClientException"
+// Returned Error Types:
+// * ClientException
// These errors are usually caused by a client action, such as using an action
// or resource on behalf of a user that doesn't have permissions to use the
// action or resource, or specifying an identifier that is not valid.
//
-// * ErrCodeServerException "ServerException"
+// * ServerException
// These errors are usually caused by a server issue.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/batch-2016-08-10/UpdateJobQueue
@@ -1973,6 +1974,64 @@ func (s CancelJobOutput) GoString() string {
return s.String()
}
+// These errors are usually caused by a client action, such as using an action
+// or resource on behalf of a user that doesn't have permissions to use the
+// action or resource, or specifying an identifier that is not valid.
+type ClientException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation
+func (s ClientException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ClientException) GoString() string {
+ return s.String()
+}
+
+func newErrorClientException(v protocol.ResponseMetadata) error {
+ return &ClientException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ClientException) Code() string {
+ return "ClientException"
+}
+
+// Message returns the exception's message.
+func (s *ClientException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ClientException) OrigErr() error {
+ return nil
+}
+
+func (s *ClientException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ClientException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ClientException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
// An object representing an AWS Batch compute environment.
type ComputeEnvironmentDetail struct {
_ struct{} `type:"structure"`
@@ -2155,13 +2214,16 @@ type ComputeResource struct {
// limits (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html).
// If this is not specified, the default is BEST_FIT, which will use only the
// best fitting instance type, waiting for additional capacity if it's not available.
- // This allocation strategy keeps costs lower but can limit scaling. BEST_FIT_PROGRESSIVE
- // will select an additional instance type that is large enough to meet the
- // requirements of the jobs in the queue, with a preference for an instance
- // type with a lower cost. SPOT_CAPACITY_OPTIMIZED is only available for Spot
- // Instance compute resources and will select an additional instance type that
- // is large enough to meet the requirements of the jobs in the queue, with a
- // preference for an instance type that is less likely to be interrupted.
+ // This allocation strategy keeps costs lower but can limit scaling. If you
+ // are using Spot Fleets with BEST_FIT then the Spot Fleet IAM Role must be
+ // specified. BEST_FIT_PROGRESSIVE will select additional instance types that
+ // are large enough to meet the requirements of the jobs in the queue, with
+ // a preference for instance types with a lower cost per vCPU. SPOT_CAPACITY_OPTIMIZED
+ // is only available for Spot Instance compute resources and will select additional
+ // instance types that are large enough to meet the requirements of the jobs
+ // in the queue, with a preference for instance types that are less likely to
+ // be interrupted. For more information, see Allocation Strategies (https://docs.aws.amazon.com/batch/latest/userguide/allocation-strategies.html)
+ // in the AWS Batch User Guide.
AllocationStrategy *string `locationName:"allocationStrategy" type:"string" enum:"CRAllocationStrategy"`
// The maximum percentage that a Spot Instance price can be when compared with
@@ -2238,8 +2300,9 @@ type ComputeResource struct {
SecurityGroupIds []*string `locationName:"securityGroupIds" type:"list"`
// The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied
- // to a SPOT compute environment. For more information, see Amazon EC2 Spot
- // Fleet Role (https://docs.aws.amazon.com/batch/latest/userguide/spot_fleet_IAM_role.html)
+ // to a SPOT compute environment. This role is required if the allocation strategy
+ // set to BEST_FIT or if the allocation strategy is not specified. For more
+ // information, see Amazon EC2 Spot Fleet Role (https://docs.aws.amazon.com/batch/latest/userguide/spot_fleet_IAM_role.html)
// in the AWS Batch User Guide.
SpotIamFleetRole *string `locationName:"spotIamFleetRole" type:"string"`
@@ -4091,7 +4154,7 @@ type JobDetail struct {
// state.
CreatedAt *int64 `locationName:"createdAt" type:"long"`
- // A list of job names or IDs on which this job depends.
+ // A list of job IDs on which this job depends.
DependsOn []*JobDependency `locationName:"dependsOn" type:"list"`
// The job definition that is used by this job.
@@ -5445,6 +5508,62 @@ func (s *RetryStrategy) SetAttempts(v int64) *RetryStrategy {
return s
}
+// These errors are usually caused by a server issue.
+type ServerException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation
+func (s ServerException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ServerException) GoString() string {
+ return s.String()
+}
+
+func newErrorServerException(v protocol.ResponseMetadata) error {
+ return &ServerException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ServerException) Code() string {
+ return "ServerException"
+}
+
+// Message returns the exception's message.
+func (s *ServerException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ServerException) OrigErr() error {
+ return nil
+}
+
+func (s *ServerException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ServerException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ServerException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
type SubmitJobInput struct {
_ struct{} `type:"structure"`
@@ -5473,8 +5592,9 @@ type SubmitJobInput struct {
// begin.
DependsOn []*JobDependency `locationName:"dependsOn" type:"list"`
- // The job definition used by this job. This value can be either a name:revision
- // or the Amazon Resource Name (ARN) for the job definition.
+ // The job definition used by this job. This value can be one of name, name:revision,
+ // or the Amazon Resource Name (ARN) for the job definition. If name is specified
+ // without a revision then the latest active revision is used.
//
// JobDefinition is a required field
JobDefinition *string `locationName:"jobDefinition" type:"string" required:"true"`
diff --git a/vendor/github.com/aws/aws-sdk-go/service/batch/errors.go b/vendor/github.com/aws/aws-sdk-go/service/batch/errors.go
index eb30865..ae25085 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/batch/errors.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/batch/errors.go
@@ -2,6 +2,10 @@
package batch
+import (
+ "github.com/aws/aws-sdk-go/private/protocol"
+)
+
const (
// ErrCodeClientException for service response error code
@@ -18,3 +22,8 @@ const (
// These errors are usually caused by a server issue.
ErrCodeServerException = "ServerException"
)
+
+var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
+ "ClientException": newErrorClientException,
+ "ServerException": newErrorServerException,
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/batch/service.go b/vendor/github.com/aws/aws-sdk-go/service/batch/service.go
index e4f63ee..184de63 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/batch/service.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/batch/service.go
@@ -8,6 +8,7 @@ import (
"github.com/aws/aws-sdk-go/aws/client/metadata"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/aws/signer/v4"
+ "github.com/aws/aws-sdk-go/private/protocol"
"github.com/aws/aws-sdk-go/private/protocol/restjson"
)
@@ -31,7 +32,7 @@ var initRequest func(*request.Request)
const (
ServiceName = "batch" // Name of service.
EndpointsID = ServiceName // ID to lookup a service endpoint with.
- ServiceID = "Batch" // ServiceID is a unique identifer of a specific service.
+ ServiceID = "Batch" // ServiceID is a unique identifier of a specific service.
)
// New creates a new instance of the Batch client with a session.
@@ -39,6 +40,8 @@ const (
// aws.Config parameter to add your extra config.
//
// Example:
+// mySession := session.Must(session.NewSession())
+//
// // Create a Batch client from just a session.
// svc := batch.New(mySession)
//
@@ -72,7 +75,9 @@ func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint,
svc.Handlers.Build.PushBackNamed(restjson.BuildHandler)
svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler)
svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler)
- svc.Handlers.UnmarshalError.PushBackNamed(restjson.UnmarshalErrorHandler)
+ svc.Handlers.UnmarshalError.PushBackNamed(
+ protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(),
+ )
// Run custom client initialization if present
if initClient != nil {
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/api.go b/vendor/github.com/aws/aws-sdk-go/service/s3/api.go
index a979c59..8aadf3c 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/api.go
@@ -7,7 +7,6 @@ import (
"fmt"
"io"
"sync"
- "sync/atomic"
"time"
"github.com/aws/aws-sdk-go/aws"
@@ -15,11 +14,13 @@ import (
"github.com/aws/aws-sdk-go/aws/awsutil"
"github.com/aws/aws-sdk-go/aws/client"
"github.com/aws/aws-sdk-go/aws/request"
+ "github.com/aws/aws-sdk-go/private/checksum"
"github.com/aws/aws-sdk-go/private/protocol"
"github.com/aws/aws-sdk-go/private/protocol/eventstream"
"github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi"
"github.com/aws/aws-sdk-go/private/protocol/rest"
"github.com/aws/aws-sdk-go/private/protocol/restxml"
+ "github.com/aws/aws-sdk-go/service/s3/internal/arn"
)
const opAbortMultipartUpload = "AbortMultipartUpload"
@@ -66,11 +67,31 @@ func (c *S3) AbortMultipartUploadRequest(input *AbortMultipartUploadInput) (req
// AbortMultipartUpload API operation for Amazon Simple Storage Service.
//
-// Aborts a multipart upload.
+// This operation aborts a multipart upload. After a multipart upload is aborted,
+// no additional parts can be uploaded using that upload ID. The storage consumed
+// by any previously uploaded parts will be freed. However, if any part uploads
+// are currently in progress, those part uploads might or might not succeed.
+// As a result, it might be necessary to abort a given multipart upload multiple
+// times in order to completely free all storage consumed by all parts.
//
// To verify that all parts have been removed, so you don't get charged for
-// the part storage, you should call the List Parts operation and ensure the
-// parts list is empty.
+// the part storage, you should call the ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html)
+// operation and ensure that the parts list is empty.
+//
+// For information about permissions required to use the multipart upload API,
+// see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html).
+//
+// The following operations are related to AbortMultipartUpload:
+//
+// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)
+//
+// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)
+//
+// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html)
+//
+// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html)
+//
+// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -151,6 +172,65 @@ func (c *S3) CompleteMultipartUploadRequest(input *CompleteMultipartUploadInput)
//
// Completes a multipart upload by assembling previously uploaded parts.
//
+// You first initiate the multipart upload and then upload all parts using the
+// UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)
+// operation. After successfully uploading all relevant parts of an upload,
+// you call this operation to complete the upload. Upon receiving this request,
+// Amazon S3 concatenates all the parts in ascending order by part number to
+// create a new object. In the Complete Multipart Upload request, you must provide
+// the parts list. You must ensure that the parts list is complete. This operation
+// concatenates the parts that you provide in the list. For each part in the
+// list, you must provide the part number and the ETag value, returned after
+// that part was uploaded.
+//
+// Processing of a Complete Multipart Upload request could take several minutes
+// to complete. After Amazon S3 begins processing the request, it sends an HTTP
+// response header that specifies a 200 OK response. While processing is in
+// progress, Amazon S3 periodically sends white space characters to keep the
+// connection from timing out. Because a request could fail after the initial
+// 200 OK response has been sent, it is important that you check the response
+// body to determine whether the request succeeded.
+//
+// Note that if CompleteMultipartUpload fails, applications should be prepared
+// to retry the failed requests. For more information, see Amazon S3 Error Best
+// Practices (https://docs.aws.amazon.com/AmazonS3/latest/dev/ErrorBestPractices.html).
+//
+// For more information about multipart uploads, see Uploading Objects Using
+// Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html).
+//
+// For information about permissions required to use the multipart upload API,
+// see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html).
+//
+// CompleteMultipartUpload has the following special errors:
+//
+// * Error code: EntityTooSmall Description: Your proposed upload is smaller
+// than the minimum allowed object size. Each part must be at least 5 MB
+// in size, except the last part. 400 Bad Request
+//
+// * Error code: InvalidPart Description: One or more of the specified parts
+// could not be found. The part might not have been uploaded, or the specified
+// entity tag might not have matched the part's entity tag. 400 Bad Request
+//
+// * Error code: InvalidPartOrder Description: The list of parts was not
+// in ascending order. The parts list must be specified in order by part
+// number. 400 Bad Request
+//
+// * Error code: NoSuchUpload Description: The specified multipart upload
+// does not exist. The upload ID might be invalid, or the multipart upload
+// might have been aborted or completed. 404 Not Found
+//
+// The following operations are related to CompleteMultipartUpload:
+//
+// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)
+//
+// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)
+//
+// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html)
+//
+// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html)
+//
+// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -225,6 +305,153 @@ func (c *S3) CopyObjectRequest(input *CopyObjectInput) (req *request.Request, ou
//
// Creates a copy of an object that is already stored in Amazon S3.
//
+// You can store individual objects of up to 5 TB in Amazon S3. You create a
+// copy of your object up to 5 GB in size in a single atomic operation using
+// this API. However, to copy an object greater than 5 GB, you must use the
+// multipart upload Upload Part - Copy API. For more information, see Copy Object
+// Using the REST Multipart Upload API (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjctsUsingRESTMPUapi.html).
+//
+// All copy requests must be authenticated. Additionally, you must have read
+// access to the source object and write access to the destination bucket. For
+// more information, see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html).
+// Both the Region that you want to copy the object from and the Region that
+// you want to copy the object to must be enabled for your account.
+//
+// A copy request might return an error when Amazon S3 receives the copy request
+// or while Amazon S3 is copying the files. If the error occurs before the copy
+// operation starts, you receive a standard Amazon S3 error. If the error occurs
+// during the copy operation, the error response is embedded in the 200 OK response.
+// This means that a 200 OK response can contain either a success or an error.
+// Design your application to parse the contents of the response and handle
+// it appropriately.
+//
+// If the copy is successful, you receive a response with information about
+// the copied object.
+//
+// If the request is an HTTP 1.1 request, the response is chunk encoded. If
+// it were not, it would not contain the content-length, and you would need
+// to read the entire body.
+//
+// The copy request charge is based on the storage class and Region that you
+// specify for the destination object. For pricing information, see Amazon S3
+// pricing (https://aws.amazon.com/s3/pricing/).
+//
+// Amazon S3 transfer acceleration does not support cross-Region copies. If
+// you request a cross-Region copy using a transfer acceleration endpoint, you
+// get a 400 Bad Request error. For more information, see Transfer Acceleration
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html).
+//
+// Metadata
+//
+// When copying an object, you can preserve all metadata (default) or specify
+// new metadata. However, the ACL is not preserved and is set to private for
+// the user making the request. To override the default ACL setting, specify
+// a new ACL when generating a copy request. For more information, see Using
+// ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html).
+//
+// To specify whether you want the object metadata copied from the source object
+// or replaced with metadata provided in the request, you can optionally add
+// the x-amz-metadata-directive header. When you grant permissions, you can
+// use the s3:x-amz-metadata-directive condition key to enforce certain metadata
+// behavior when objects are uploaded. For more information, see Specifying
+// Conditions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html)
+// in the Amazon S3 Developer Guide. For a complete list of Amazon S3-specific
+// condition keys, see Actions, Resources, and Condition Keys for Amazon S3
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html).
+//
+// x-amz-copy-source-if Headers
+//
+// To only copy an object under certain conditions, such as whether the Etag
+// matches or whether the object was modified before or after a specified date,
+// use the following request parameters:
+//
+// * x-amz-copy-source-if-match
+//
+// * x-amz-copy-source-if-none-match
+//
+// * x-amz-copy-source-if-unmodified-since
+//
+// * x-amz-copy-source-if-modified-since
+//
+// If both the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since
+// headers are present in the request and evaluate as follows, Amazon S3 returns
+// 200 OK and copies the data:
+//
+// * x-amz-copy-source-if-match condition evaluates to true
+//
+// * x-amz-copy-source-if-unmodified-since condition evaluates to false
+//
+// If both the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since
+// headers are present in the request and evaluate as follows, Amazon S3 returns
+// the 412 Precondition Failed response code:
+//
+// * x-amz-copy-source-if-none-match condition evaluates to false
+//
+// * x-amz-copy-source-if-modified-since condition evaluates to true
+//
+// All headers with the x-amz- prefix, including x-amz-copy-source, must be
+// signed.
+//
+// Encryption
+//
+// The source object that you are copying can be encrypted or unencrypted. The
+// source object can be encrypted with server-side encryption using AWS managed
+// encryption keys (SSE-S3 or SSE-KMS) or by using a customer-provided encryption
+// key. With server-side encryption, Amazon S3 encrypts your data as it writes
+// it to disks in its data centers and decrypts the data when you access it.
+//
+// You can optionally use the appropriate encryption-related headers to request
+// server-side encryption for the target object. You have the option to provide
+// your own encryption key or use SSE-S3 or SSE-KMS, regardless of the form
+// of server-side encryption that was used to encrypt the source object. You
+// can even request encryption if the source object was not encrypted. For more
+// information about server-side encryption, see Using Server-Side Encryption
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html).
+//
+// Access Control List (ACL)-Specific Request Headers
+//
+// When copying an object, you can optionally use headers to grant ACL-based
+// permissions. By default, all objects are private. Only the owner has full
+// access control. When adding a new object, you can grant permissions to individual
+// AWS accounts or to predefined groups defined by Amazon S3. These permissions
+// are then added to the ACL on the object. For more information, see Access
+// Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html)
+// and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html).
+//
+// Storage Class Options
+//
+// You can use the CopyObject operation to change the storage class of an object
+// that is already stored in Amazon S3 using the StorageClass parameter. For
+// more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html)
+// in the Amazon S3 Service Developer Guide.
+//
+// Versioning
+//
+// By default, x-amz-copy-source identifies the current version of an object
+// to copy. If the current version is a delete marker, Amazon S3 behaves as
+// if the object was deleted. To copy a different version, use the versionId
+// subresource.
+//
+// If you enable versioning on the target bucket, Amazon S3 generates a unique
+// version ID for the object being copied. This version ID is different from
+// the version ID of the source object. Amazon S3 returns the version ID of
+// the copied object in the x-amz-version-id response header in the response.
+//
+// If you do not enable versioning or suspend it on the target bucket, the version
+// ID that Amazon S3 generates is always null.
+//
+// If the source object's storage class is GLACIER, you must restore a copy
+// of this object before you can use it as a source object for the copy operation.
+// For more information, see RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html).
+//
+// The following operations are related to CopyObject:
+//
+// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
+//
+// For more information, see Copying Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectsExamples.html).
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -235,7 +462,7 @@ func (c *S3) CopyObjectRequest(input *CopyObjectInput) (req *request.Request, ou
// Returned Error Codes:
// * ErrCodeObjectNotInActiveTierError "ObjectNotInActiveTierError"
// The source object of the COPY operation is not in the active tier and is
-// only stored in Amazon Glacier.
+// only stored in Amazon S3 Glacier.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CopyObject
func (c *S3) CopyObject(input *CopyObjectInput) (*CopyObjectOutput, error) {
@@ -303,7 +530,67 @@ func (c *S3) CreateBucketRequest(input *CreateBucketInput) (req *request.Request
// CreateBucket API operation for Amazon Simple Storage Service.
//
-// Creates a new bucket.
+// Creates a new bucket. To create a bucket, you must register with Amazon S3
+// and have a valid AWS Access Key ID to authenticate requests. Anonymous requests
+// are never allowed to create buckets. By creating the bucket, you become the
+// bucket owner.
+//
+// Not every string is an acceptable bucket name. For information on bucket
+// naming restrictions, see Working with Amazon S3 Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html).
+//
+// By default, the bucket is created in the US East (N. Virginia) Region. You
+// can optionally specify a Region in the request body. You might choose a Region
+// to optimize latency, minimize costs, or address regulatory requirements.
+// For example, if you reside in Europe, you will probably find it advantageous
+// to create buckets in the Europe (Ireland) Region. For more information, see
+// How to Select a Region for Your Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro).
+//
+// If you send your create bucket request to the s3.amazonaws.com endpoint,
+// the request goes to the us-east-1 Region. Accordingly, the signature calculations
+// in Signature Version 4 must use us-east-1 as the Region, even if the location
+// constraint in the request specifies another Region where the bucket is to
+// be created. If you create a bucket in a Region other than US East (N. Virginia),
+// your application must be able to handle 307 redirect. For more information,
+// see Virtual Hosting of Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html).
+//
+// When creating a bucket using this operation, you can optionally specify the
+// accounts or groups that should be granted specific permissions on the bucket.
+// There are two ways to grant the appropriate permissions using the request
+// headers.
+//
+// * Specify a canned ACL using the x-amz-acl request header. Amazon S3 supports
+// a set of predefined ACLs, known as canned ACLs. Each canned ACL has a
+// predefined set of grantees and permissions. For more information, see
+// Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).
+//
+// * Specify access permissions explicitly using the x-amz-grant-read, x-amz-grant-write,
+// x-amz-grant-read-acp, x-amz-grant-write-acp, and x-amz-grant-full-control
+// headers. These headers map to the set of permissions Amazon S3 supports
+// in an ACL. For more information, see Access Control List (ACL) Overview
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). You
+// specify each grantee as a type=value pair, where the type is one of the
+// following: id – if the value specified is the canonical user ID of an
+// AWS account uri – if you are granting permissions to a predefined group
+// emailAddress – if the value specified is the email address of an AWS
+// account Using email addresses to specify a grantee is only supported in
+// the following AWS Regions: US East (N. Virginia) US West (N. California)
+// US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific
+// (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all
+// the Amazon S3 supported Regions and endpoints, see Regions and Endpoints
+// (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in
+// the AWS General Reference. For example, the following x-amz-grant-read
+// header grants the AWS accounts identified by account IDs permissions to
+// read object data and its metadata: x-amz-grant-read: id="11112222333",
+// id="444455556666"
+//
+// You can use either a canned ACL or specify access permissions explicitly.
+// You cannot do both.
+//
+// The following operations are related to CreateBucket:
+//
+// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)
+//
+// * DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -318,6 +605,11 @@ func (c *S3) CreateBucketRequest(input *CreateBucketInput) (req *request.Request
// by all users of the system. Please select a different name and try again.
//
// * ErrCodeBucketAlreadyOwnedByYou "BucketAlreadyOwnedByYou"
+// The bucket you tried to create already exists, and you own it. Amazon S3
+// returns this error in all AWS Regions except in the North Virginia Region.
+// For legacy compatibility, if you re-create an existing bucket that you already
+// own in the North Virginia Region, Amazon S3 returns 200 OK and resets the
+// bucket access control lists (ACLs).
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateBucket
func (c *S3) CreateBucket(input *CreateBucketInput) (*CreateBucketOutput, error) {
@@ -385,13 +677,155 @@ func (c *S3) CreateMultipartUploadRequest(input *CreateMultipartUploadInput) (re
// CreateMultipartUpload API operation for Amazon Simple Storage Service.
//
-// Initiates a multipart upload and returns an upload ID.
+// This operation initiates a multipart upload and returns an upload ID. This
+// upload ID is used to associate all of the parts in the specific multipart
+// upload. You specify this upload ID in each of your subsequent upload part
+// requests (see UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)).
+// You also include this upload ID in the final request to either complete or
+// abort the multipart upload request.
//
-// Note: After you initiate multipart upload and upload one or more parts, you
-// must either complete or abort multipart upload in order to stop getting charged
-// for storage of the uploaded parts. Only after you either complete or abort
-// multipart upload, Amazon S3 frees up the parts storage and stops charging
-// you for the parts storage.
+// For more information about multipart uploads, see Multipart Upload Overview
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html).
+//
+// If you have configured a lifecycle rule to abort incomplete multipart uploads,
+// the upload must complete within the number of days specified in the bucket
+// lifecycle configuration. Otherwise, the incomplete multipart upload becomes
+// eligible for an abort operation and Amazon S3 aborts the multipart upload.
+// For more information, see Aborting Incomplete Multipart Uploads Using a Bucket
+// Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config).
+//
+// For information about the permissions required to use the multipart upload
+// API, see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html).
+//
+// For request signing, multipart upload is just a series of regular requests.
+// You initiate a multipart upload, send one or more requests to upload parts,
+// and then complete the multipart upload process. You sign each request individually.
+// There is nothing special about signing multipart upload requests. For more
+// information about signing, see Authenticating Requests (AWS Signature Version
+// 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html).
+//
+// After you initiate a multipart upload and upload one or more parts, to stop
+// being charged for storing the uploaded parts, you must either complete or
+// abort the multipart upload. Amazon S3 frees up the space used to store the
+// parts and stop charging you for storing them only after you either complete
+// or abort a multipart upload.
+//
+// You can optionally request server-side encryption. For server-side encryption,
+// Amazon S3 encrypts your data as it writes it to disks in its data centers
+// and decrypts it when you access it. You can provide your own encryption key,
+// or use AWS Key Management Service (AWS KMS) customer master keys (CMKs) or
+// Amazon S3-managed encryption keys. If you choose to provide your own encryption
+// key, the request headers you provide in UploadPart (AmazonS3/latest/API/API_UploadPart.html)
+// and UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html)
+// requests must match the headers you used in the request to initiate the upload
+// by using CreateMultipartUpload.
+//
+// To perform a multipart upload with encryption using an AWS KMS CMK, the requester
+// must have permission to the kms:Encrypt, kms:Decrypt, kms:ReEncrypt*, kms:GenerateDataKey*,
+// and kms:DescribeKey actions on the key. These permissions are required because
+// Amazon S3 must decrypt and read data from the encrypted file parts before
+// it completes the multipart upload.
+//
+// If your AWS Identity and Access Management (IAM) user or role is in the same
+// AWS account as the AWS KMS CMK, then you must have these permissions on the
+// key policy. If your IAM user or role belongs to a different account than
+// the key, then you must have the permissions on both the key policy and your
+// IAM user or role.
+//
+// For more information, see Protecting Data Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html).
+//
+// Access Permissions
+//
+// When copying an object, you can optionally specify the accounts or groups
+// that should be granted specific permissions on the new object. There are
+// two ways to grant the permissions using the request headers:
+//
+// * Specify a canned ACL with the x-amz-acl request header. For more information,
+// see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).
+//
+// * Specify access permissions explicitly with the x-amz-grant-read, x-amz-grant-read-acp,
+// x-amz-grant-write-acp, and x-amz-grant-full-control headers. These parameters
+// map to the set of permissions that Amazon S3 supports in an ACL. For more
+// information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html).
+//
+// You can use either a canned ACL or specify access permissions explicitly.
+// You cannot do both.
+//
+// Server-Side- Encryption-Specific Request Headers
+//
+// You can optionally tell Amazon S3 to encrypt data at rest using server-side
+// encryption. Server-side encryption is for data encryption at rest. Amazon
+// S3 encrypts your data as it writes it to disks in its data centers and decrypts
+// it when you access it. The option you use depends on whether you want to
+// use AWS managed encryption keys or provide your own encryption key.
+//
+// * Use encryption keys managed by Amazon S3 or customer master keys (CMKs)
+// stored in AWS Key Management Service (AWS KMS) – If you want AWS to
+// manage the keys used to encrypt data, specify the following headers in
+// the request. x-amz-server-side-encryption x-amz-server-side-encryption-aws-kms-key-id
+// x-amz-server-side-encryption-context If you specify x-amz-server-side-encryption:aws:kms,
+// but don't provide x-amz-server-side-encryption-aws-kms-key-id, Amazon
+// S3 uses the AWS managed CMK in AWS KMS to protect the data. All GET and
+// PUT requests for an object protected by AWS KMS fail if you don't make
+// them with SSL or by using SigV4. For more information about server-side
+// encryption with CMKs stored in AWS KMS (SSE-KMS), see Protecting Data
+// Using Server-Side Encryption with CMKs stored in AWS KMS (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html).
+//
+// * Use customer-provided encryption keys – If you want to manage your
+// own encryption keys, provide all the following headers in the request.
+// x-amz-server-side-encryption-customer-algorithm x-amz-server-side-encryption-customer-key
+// x-amz-server-side-encryption-customer-key-MD5 For more information about
+// server-side encryption with CMKs stored in AWS KMS (SSE-KMS), see Protecting
+// Data Using Server-Side Encryption with CMKs stored in AWS KMS (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html).
+//
+// Access-Control-List (ACL)-Specific Request Headers
+//
+// You also can use the following access control–related headers with this
+// operation. By default, all objects are private. Only the owner has full access
+// control. When adding a new object, you can grant permissions to individual
+// AWS accounts or to predefined groups defined by Amazon S3. These permissions
+// are then added to the access control list (ACL) on the object. For more information,
+// see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html).
+// With this operation, you can grant access permissions using one of the following
+// two methods:
+//
+// * Specify a canned ACL (x-amz-acl) — Amazon S3 supports a set of predefined
+// ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees
+// and permissions. For more information, see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).
+//
+// * Specify access permissions explicitly — To explicitly grant access
+// permissions to specific AWS accounts or groups, use the following headers.
+// Each header maps to specific permissions that Amazon S3 supports in an
+// ACL. For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html).
+// In the header, you specify a list of grantees who get the specific permission.
+// To grant permissions explicitly, use: x-amz-grant-read x-amz-grant-write
+// x-amz-grant-read-acp x-amz-grant-write-acp x-amz-grant-full-control You
+// specify each grantee as a type=value pair, where the type is one of the
+// following: id – if the value specified is the canonical user ID of an
+// AWS account uri – if you are granting permissions to a predefined group
+// emailAddress – if the value specified is the email address of an AWS
+// account Using email addresses to specify a grantee is only supported in
+// the following AWS Regions: US East (N. Virginia) US West (N. California)
+// US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific
+// (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all
+// the Amazon S3 supported Regions and endpoints, see Regions and Endpoints
+// (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in
+// the AWS General Reference. For example, the following x-amz-grant-read
+// header grants the AWS accounts identified by account IDs permissions to
+// read object data and its metadata: x-amz-grant-read: id="11112222333",
+// id="444455556666"
+//
+// The following operations are related to CreateMultipartUpload:
+//
+// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)
+//
+// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html)
+//
+// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html)
+//
+// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html)
+//
+// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -466,8 +900,14 @@ func (c *S3) DeleteBucketRequest(input *DeleteBucketInput) (req *request.Request
// DeleteBucket API operation for Amazon Simple Storage Service.
//
-// Deletes the bucket. All objects (including all object versions and Delete
-// Markers) in the bucket must be deleted before the bucket itself can be deleted.
+// Deletes the bucket. All objects (including all object versions and delete
+// markers) in the bucket must be deleted before the bucket itself can be deleted.
+//
+// Related Resources
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
+//
+// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -547,7 +987,20 @@ func (c *S3) DeleteBucketAnalyticsConfigurationRequest(input *DeleteBucketAnalyt
//
// To use this operation, you must have permissions to perform the s3:PutAnalyticsConfiguration
// action. The bucket owner has this permission by default. The bucket owner
-// can grant this permission to others.
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// For information about the Amazon S3 analytics feature, see Amazon S3 Analytics
+// – Storage Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html).
+//
+// The following operations are related to DeleteBucketAnalyticsConfiguration:
+//
+// * GetBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html)
+//
+// * ListBucketAnalyticsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html)
+//
+// * PutBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -622,7 +1075,20 @@ func (c *S3) DeleteBucketCorsRequest(input *DeleteBucketCorsInput) (req *request
// DeleteBucketCors API operation for Amazon Simple Storage Service.
//
-// Deletes the CORS configuration information set for the bucket.
+// Deletes the cors configuration information set for the bucket.
+//
+// To use this operation, you must have permission to perform the s3:PutBucketCORS
+// action. The bucket owner has this permission by default and can grant this
+// permission to others.
+//
+// For information about cors, see Enabling Cross-Origin Resource Sharing (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Related Resources:
+//
+// * PutBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html)
+//
+// * RESTOPTIONSobject (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTOPTIONSobject.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -697,7 +1163,23 @@ func (c *S3) DeleteBucketEncryptionRequest(input *DeleteBucketEncryptionInput) (
// DeleteBucketEncryption API operation for Amazon Simple Storage Service.
//
-// Deletes the server-side encryption configuration from the bucket.
+// This implementation of the DELETE operation removes default encryption from
+// the bucket. For information about the Amazon S3 default encryption feature,
+// see Amazon S3 Default Bucket Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// To use this operation, you must have permissions to perform the s3:PutEncryptionConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Related Resources
+//
+// * PutBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html)
+//
+// * GetBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -775,6 +1257,23 @@ func (c *S3) DeleteBucketInventoryConfigurationRequest(input *DeleteBucketInvent
// Deletes an inventory configuration (identified by the inventory ID) from
// the bucket.
//
+// To use this operation, you must have permissions to perform the s3:PutInventoryConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// For information about the Amazon S3 inventory feature, see Amazon S3 Inventory
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html).
+//
+// Operations related to DeleteBucketInventoryConfiguration include:
+//
+// * GetBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html)
+//
+// * PutBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html)
+//
+// * ListBucketInventoryConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -848,7 +1347,27 @@ func (c *S3) DeleteBucketLifecycleRequest(input *DeleteBucketLifecycleInput) (re
// DeleteBucketLifecycle API operation for Amazon Simple Storage Service.
//
-// Deletes the lifecycle configuration from the bucket.
+// Deletes the lifecycle configuration from the specified bucket. Amazon S3
+// removes all the lifecycle configuration rules in the lifecycle subresource
+// associated with the bucket. Your objects never expire, and Amazon S3 no longer
+// automatically deletes any objects on the basis of rules contained in the
+// deleted lifecycle configuration.
+//
+// To use this operation, you must have permission to perform the s3:PutLifecycleConfiguration
+// action. By default, the bucket owner has this permission and the bucket owner
+// can grant this permission to others.
+//
+// There is usually some time lag before lifecycle configuration deletion is
+// fully propagated to all the Amazon S3 systems.
+//
+// For more information about the object expiration, see Elements to Describe
+// Lifecycle Actions (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#intro-lifecycle-rules-actions).
+//
+// Related actions include:
+//
+// * PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)
+//
+// * GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -923,8 +1442,28 @@ func (c *S3) DeleteBucketMetricsConfigurationRequest(input *DeleteBucketMetricsC
// DeleteBucketMetricsConfiguration API operation for Amazon Simple Storage Service.
//
-// Deletes a metrics configuration (specified by the metrics configuration ID)
-// from the bucket.
+// Deletes a metrics configuration for the Amazon CloudWatch request metrics
+// (specified by the metrics configuration ID) from the bucket. Note that this
+// doesn't include the daily storage metrics.
+//
+// To use this operation, you must have permissions to perform the s3:PutMetricsConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// For information about CloudWatch request metrics for Amazon S3, see Monitoring
+// Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html).
+//
+// The following operations are related to DeleteBucketMetricsConfiguration:
+//
+// * GetBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html)
+//
+// * PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html)
+//
+// * ListBucketMetricsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html)
+//
+// * Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -999,7 +1538,29 @@ func (c *S3) DeleteBucketPolicyRequest(input *DeleteBucketPolicyInput) (req *req
// DeleteBucketPolicy API operation for Amazon Simple Storage Service.
//
-// Deletes the policy from the bucket.
+// This implementation of the DELETE operation uses the policy subresource to
+// delete the policy of a specified bucket. If you are using an identity other
+// than the root user of the AWS account that owns the bucket, the calling identity
+// must have the DeleteBucketPolicy permissions on the specified bucket and
+// belong to the bucket owner's account to use this operation.
+//
+// If you don't have DeleteBucketPolicy permissions, Amazon S3 returns a 403
+// Access Denied error. If you have the correct permissions, but you're not
+// using an identity that belongs to the bucket owner's account, Amazon S3 returns
+// a 405 Method Not Allowed error.
+//
+// As a security precaution, the root user of the AWS account that owns a bucket
+// can always use this operation, even if the policy explicitly denies the root
+// user the ability to perform this action.
+//
+// For more information about bucket policies, see Using Bucket Policies and
+// UserPolicies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html).
+//
+// The following operations are related to DeleteBucketPolicy
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
+//
+// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1074,10 +1635,26 @@ func (c *S3) DeleteBucketReplicationRequest(input *DeleteBucketReplicationInput)
// DeleteBucketReplication API operation for Amazon Simple Storage Service.
//
-// Deletes the replication configuration from the bucket. For information about
-// replication configuration, see Cross-Region Replication (CRR) (https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html)
+// Deletes the replication configuration from the bucket.
+//
+// To use this operation, you must have permissions to perform the s3:PutReplicationConfiguration
+// action. The bucket owner has these permissions by default and can grant it
+// to others. For more information about permissions, see Permissions Related
+// to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// It can take a while for the deletion of a replication configuration to fully
+// propagate.
+//
+// For information about replication configuration, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html)
// in the Amazon S3 Developer Guide.
//
+// The following operations are related to DeleteBucketReplication:
+//
+// * PutBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html)
+//
+// * GetBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -1153,6 +1730,16 @@ func (c *S3) DeleteBucketTaggingRequest(input *DeleteBucketTaggingInput) (req *r
//
// Deletes the tags from the bucket.
//
+// To use this operation, you must have permission to perform the s3:PutBucketTagging
+// action. By default, the bucket owner has this permission and can grant this
+// permission to others.
+//
+// The following operations are related to DeleteBucketTagging:
+//
+// * GetBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html)
+//
+// * PutBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -1226,7 +1813,26 @@ func (c *S3) DeleteBucketWebsiteRequest(input *DeleteBucketWebsiteInput) (req *r
// DeleteBucketWebsite API operation for Amazon Simple Storage Service.
//
-// This operation removes the website configuration from the bucket.
+// This operation removes the website configuration for a bucket. Amazon S3
+// returns a 200 OK response upon successfully deleting a website configuration
+// on the specified bucket. You will get a 200 OK response if the website configuration
+// you are trying to delete does not exist on the bucket. Amazon S3 returns
+// a 404 response if the bucket specified in the request does not exist.
+//
+// This DELETE operation requires the S3:DeleteBucketWebsite permission. By
+// default, only the bucket owner can delete the website configuration attached
+// to a bucket. However, bucket owners can grant other users permission to delete
+// the website configuration by writing a bucket policy granting them the S3:DeleteBucketWebsite
+// permission.
+//
+// For more information about hosting websites, see Hosting Websites on Amazon
+// S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html).
+//
+// The following operations are related to DeleteBucketWebsite:
+//
+// * GetBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketWebsite.html)
+//
+// * PutBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1304,6 +1910,30 @@ func (c *S3) DeleteObjectRequest(input *DeleteObjectInput) (req *request.Request
// marker, which becomes the latest version of the object. If there isn't a
// null version, Amazon S3 does not remove any objects.
//
+// To remove a specific version, you must be the bucket owner and you must use
+// the version Id subresource. Using this subresource permanently deletes the
+// version. If the object deleted is a delete marker, Amazon S3 sets the response
+// header, x-amz-delete-marker, to true.
+//
+// If the object you want to delete is in a bucket where the bucket versioning
+// configuration is MFA Delete enabled, you must include the x-amz-mfa request
+// header in the DELETE versionId request. Requests that include x-amz-mfa must
+// use HTTPS.
+//
+// For more information about MFA Delete, see Using MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html).
+// To see sample requests that use versioning, see Sample Request (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectDELETE.html#ExampleVersionObjectDelete).
+//
+// You can delete objects by explicitly calling the DELETE Object API or configure
+// its lifecycle (PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html))
+// to enable Amazon S3 to remove them for you. If you want to block users or
+// accounts from removing or deleting objects from your bucket, you must deny
+// them the s3:DeleteObject, s3:DeleteObjectVersion, and s3:PutLifeCycleConfiguration
+// actions.
+//
+// The following operation is related to DeleteObject:
+//
+// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -1376,7 +2006,21 @@ func (c *S3) DeleteObjectTaggingRequest(input *DeleteObjectTaggingInput) (req *r
// DeleteObjectTagging API operation for Amazon Simple Storage Service.
//
-// Removes the tag-set from an existing object.
+// Removes the entire tag set from the specified object. For more information
+// about managing object tags, see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html).
+//
+// To use this operation, you must have permission to perform the s3:DeleteObjectTagging
+// action.
+//
+// To delete tags of a specific object version, add the versionId query parameter
+// in the request. You will need permission for the s3:DeleteObjectVersionTagging
+// action.
+//
+// The following operations are related to DeleteBucketMetricsConfiguration:
+//
+// * PutObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html)
+//
+// * GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1445,13 +2089,57 @@ func (c *S3) DeleteObjectsRequest(input *DeleteObjectsInput) (req *request.Reque
output = &DeleteObjectsOutput{}
req = c.newRequest(op, input, output)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// DeleteObjects API operation for Amazon Simple Storage Service.
//
// This operation enables you to delete multiple objects from a bucket using
-// a single HTTP request. You may specify up to 1000 keys.
+// a single HTTP request. If you know the object keys that you want to delete,
+// then this operation provides a suitable alternative to sending individual
+// delete requests, reducing per-request overhead.
+//
+// The request contains a list of up to 1000 keys that you want to delete. In
+// the XML, you provide the object key names, and optionally, version IDs if
+// you want to delete a specific version of the object from a versioning-enabled
+// bucket. For each key, Amazon S3 performs a delete operation and returns the
+// result of that delete, success, or failure, in the response. Note that if
+// the object specified in the request is not found, Amazon S3 returns the result
+// as deleted.
+//
+// The operation supports two modes for the response: verbose and quiet. By
+// default, the operation uses verbose mode in which the response includes the
+// result of deletion of each key in your request. In quiet mode the response
+// includes only keys where the delete operation encountered an error. For a
+// successful deletion, the operation does not return any information about
+// the delete in the response body.
+//
+// When performing this operation on an MFA Delete enabled bucket, that attempts
+// to delete any versioned objects, you must include an MFA token. If you do
+// not provide one, the entire request will fail, even if there are non-versioned
+// objects you are trying to delete. If you provide an invalid token, whether
+// there are versioned keys in the request or not, the entire Multi-Object Delete
+// request will fail. For information about MFA Delete, see MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete).
+//
+// Finally, the Content-MD5 header is required for all Multi-Object Delete requests.
+// Amazon S3 uses the header value to ensure that your request body has not
+// been altered in transit.
+//
+// The following operations are related to DeleteObjects:
+//
+// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)
+//
+// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)
+//
+// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html)
+//
+// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html)
+//
+// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1526,7 +2214,21 @@ func (c *S3) DeletePublicAccessBlockRequest(input *DeletePublicAccessBlockInput)
// DeletePublicAccessBlock API operation for Amazon Simple Storage Service.
//
-// Removes the PublicAccessBlock configuration from an Amazon S3 bucket.
+// Removes the PublicAccessBlock configuration for an Amazon S3 bucket. To use
+// this operation, you must have the s3:PutBucketPublicAccessBlock permission.
+// For more information about permissions, see Permissions Related to Bucket
+// Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// The following operations are related to DeletePublicAccessBlock:
+//
+// * Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html)
+//
+// * GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html)
+//
+// * PutPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html)
+//
+// * GetBucketPolicyStatus (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1600,7 +2302,33 @@ func (c *S3) GetBucketAccelerateConfigurationRequest(input *GetBucketAccelerateC
// GetBucketAccelerateConfiguration API operation for Amazon Simple Storage Service.
//
-// Returns the accelerate configuration of a bucket.
+// This implementation of the GET operation uses the accelerate subresource
+// to return the Transfer Acceleration state of a bucket, which is either Enabled
+// or Suspended. Amazon S3 Transfer Acceleration is a bucket-level feature that
+// enables you to perform faster data transfers to and from Amazon S3.
+//
+// To use this operation, you must have permission to perform the s3:GetAccelerateConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// You set the Transfer Acceleration state of an existing bucket to Enabled
+// or Suspended by using the PutBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAccelerateConfiguration.html)
+// operation.
+//
+// A GET accelerate request does not return a state value for a bucket that
+// has no transfer acceleration state. A bucket has no Transfer Acceleration
+// state if a state has never been set on the bucket.
+//
+// For more information about transfer acceleration, see Transfer Acceleration
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Related Resources
+//
+// * PutBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAccelerateConfiguration.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1674,7 +2402,15 @@ func (c *S3) GetBucketAclRequest(input *GetBucketAclInput) (req *request.Request
// GetBucketAcl API operation for Amazon Simple Storage Service.
//
-// Gets the access control policy for the bucket.
+// This implementation of the GET operation uses the acl subresource to return
+// the access control list (ACL) of a bucket. To use GET to return the ACL of
+// the bucket, you must have READ_ACP access to the bucket. If READ_ACP permission
+// is granted to the anonymous user, you can return the ACL of the bucket without
+// using an authorization header.
+//
+// Related Resources
+//
+// * ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1748,8 +2484,27 @@ func (c *S3) GetBucketAnalyticsConfigurationRequest(input *GetBucketAnalyticsCon
// GetBucketAnalyticsConfiguration API operation for Amazon Simple Storage Service.
//
-// Gets an analytics configuration for the bucket (specified by the analytics
-// configuration ID).
+// This implementation of the GET operation returns an analytics configuration
+// (identified by the analytics configuration ID) from the bucket.
+//
+// To use this operation, you must have permissions to perform the s3:GetAnalyticsConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// For information about Amazon S3 analytics feature, see Amazon S3 Analytics
+// – Storage Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Related Resources
+//
+// * DeleteBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html)
+//
+// * ListBucketAnalyticsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html)
+//
+// * PutBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1823,7 +2578,20 @@ func (c *S3) GetBucketCorsRequest(input *GetBucketCorsInput) (req *request.Reque
// GetBucketCors API operation for Amazon Simple Storage Service.
//
-// Returns the CORS configuration for the bucket.
+// Returns the cors configuration information set for the bucket.
+//
+// To use this operation, you must have permission to perform the s3:GetBucketCORS
+// action. By default, the bucket owner has this permission and can grant it
+// to others.
+//
+// For more information about cors, see Enabling Cross-Origin Resource Sharing
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html).
+//
+// The following operations are related to GetBucketCors:
+//
+// * PutBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html)
+//
+// * DeleteBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketCors.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1897,7 +2665,21 @@ func (c *S3) GetBucketEncryptionRequest(input *GetBucketEncryptionInput) (req *r
// GetBucketEncryption API operation for Amazon Simple Storage Service.
//
-// Returns the server-side encryption configuration of a bucket.
+// Returns the default encryption configuration for an Amazon S3 bucket. For
+// information about the Amazon S3 default encryption feature, see Amazon S3
+// Default Bucket Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html).
+//
+// To use this operation, you must have permission to perform the s3:GetEncryptionConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// The following operations are related to GetBucketEncryption:
+//
+// * PutBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html)
+//
+// * DeleteBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1971,8 +2753,25 @@ func (c *S3) GetBucketInventoryConfigurationRequest(input *GetBucketInventoryCon
// GetBucketInventoryConfiguration API operation for Amazon Simple Storage Service.
//
-// Returns an inventory configuration (identified by the inventory ID) from
-// the bucket.
+// Returns an inventory configuration (identified by the inventory configuration
+// ID) from the bucket.
+//
+// To use this operation, you must have permissions to perform the s3:GetInventoryConfiguration
+// action. The bucket owner has this permission by default and can grant this
+// permission to others. For more information about permissions, see Permissions
+// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// For information about the Amazon S3 inventory feature, see Amazon S3 Inventory
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html).
+//
+// The following operations are related to GetBucketInventoryConfiguration:
+//
+// * DeleteBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html)
+//
+// * ListBucketInventoryConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html)
+//
+// * PutBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -2051,7 +2850,34 @@ func (c *S3) GetBucketLifecycleRequest(input *GetBucketLifecycleInput) (req *req
// GetBucketLifecycle API operation for Amazon Simple Storage Service.
//
-// No longer used, see the GetBucketLifecycleConfiguration operation.
+//
+// For an updated version of this API, see GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html).
+// If you configured a bucket lifecycle using the filter element, you should
+// see the updated version of this topic. This topic is provided for backward
+// compatibility.
+//
+// Returns the lifecycle configuration information set on the bucket. For information
+// about lifecycle configuration, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html).
+//
+// To use this operation, you must have permission to perform the s3:GetLifecycleConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// GetBucketLifecycle has the following special error:
+//
+// * Error code: NoSuchLifecycleConfiguration Description: The lifecycle
+// configuration does not exist. HTTP Status Code: 404 Not Found SOAP Fault
+// Code Prefix: Client
+//
+// The following operations are related to GetBucketLifecycle:
+//
+// * GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html)
+//
+// * PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html)
+//
+// * DeleteBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -2129,7 +2955,37 @@ func (c *S3) GetBucketLifecycleConfigurationRequest(input *GetBucketLifecycleCon
// GetBucketLifecycleConfiguration API operation for Amazon Simple Storage Service.
//
-// Returns the lifecycle configuration information set on the bucket.
+//
+// Bucket lifecycle configuration now supports specifying a lifecycle rule using
+// an object key name prefix, one or more object tags, or a combination of both.
+// Accordingly, this section describes the latest API. The response describes
+// the new filter element that you can use to specify a filter to select a subset
+// of objects to which the rule applies. If you are still using previous version
+// of the lifecycle configuration, it works. For the earlier API description,
+// see GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html).
+//
+// Returns the lifecycle configuration information set on the bucket. For information
+// about lifecycle configuration, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html).
+//
+// To use this operation, you must have permission to perform the s3:GetLifecycleConfiguration
+// action. The bucket owner has this permission, by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// GetBucketLifecycleConfiguration has the following special error:
+//
+// * Error code: NoSuchLifecycleConfiguration Description: The lifecycle
+// configuration does not exist. HTTP Status Code: 404 Not Found SOAP Fault
+// Code Prefix: Client
+//
+// The following operations are related to GetBucketLifecycleConfiguration:
+//
+// * GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html)
+//
+// * PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html)
+//
+// * DeleteBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -2203,7 +3059,17 @@ func (c *S3) GetBucketLocationRequest(input *GetBucketLocationInput) (req *reque
// GetBucketLocation API operation for Amazon Simple Storage Service.
//
-// Returns the region the bucket resides in.
+// Returns the Region the bucket resides in. You set the bucket's Region using
+// the LocationConstraint request parameter in a CreateBucket request. For more
+// information, see CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html).
+//
+// To use this implementation of the operation, you must be the bucket owner.
+//
+// The following operations are related to GetBucketLocation:
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -2280,6 +3146,12 @@ func (c *S3) GetBucketLoggingRequest(input *GetBucketLoggingInput) (req *request
// Returns the logging status of a bucket and the permissions users have to
// view and modify that status. To use GET, you must be the bucket owner.
//
+// The following operations are related to GetBucketLogging:
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
+//
+// * PutBucketLogging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLogging.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -2353,7 +3225,26 @@ func (c *S3) GetBucketMetricsConfigurationRequest(input *GetBucketMetricsConfigu
// GetBucketMetricsConfiguration API operation for Amazon Simple Storage Service.
//
// Gets a metrics configuration (specified by the metrics configuration ID)
-// from the bucket.
+// from the bucket. Note that this doesn't include the daily storage metrics.
+//
+// To use this operation, you must have permissions to perform the s3:GetMetricsConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// For information about CloudWatch request metrics for Amazon S3, see Monitoring
+// Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html).
+//
+// The following operations are related to GetBucketMetricsConfiguration:
+//
+// * PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html)
+//
+// * DeleteBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html)
+//
+// * ListBucketMetricsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html)
+//
+// * Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -2432,7 +3323,7 @@ func (c *S3) GetBucketNotificationRequest(input *GetBucketNotificationConfigurat
// GetBucketNotification API operation for Amazon Simple Storage Service.
//
-// No longer used, see the GetBucketNotificationConfiguration operation.
+// No longer used, see GetBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -2512,6 +3403,22 @@ func (c *S3) GetBucketNotificationConfigurationRequest(input *GetBucketNotificat
//
// Returns the notification configuration of a bucket.
//
+// If notifications are not enabled on the bucket, the operation returns an
+// empty NotificationConfiguration element.
+//
+// By default, you must be the bucket owner to read the notification configuration
+// of a bucket. However, the bucket owner can use a bucket policy to grant permission
+// to other users to read this configuration with the s3:GetBucketNotification
+// permission.
+//
+// For more information about setting and reading the notification configuration
+// on a bucket, see Setting Up Notification of Bucket Events (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html).
+// For more information about bucket policies, see Using Bucket Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html).
+//
+// The following operation is related to GetBucketNotification:
+//
+// * PutBucketNotification (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotification.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -2584,7 +3491,26 @@ func (c *S3) GetBucketPolicyRequest(input *GetBucketPolicyInput) (req *request.R
// GetBucketPolicy API operation for Amazon Simple Storage Service.
//
-// Returns the policy of a specified bucket.
+// Returns the policy of a specified bucket. If you are using an identity other
+// than the root user of the AWS account that owns the bucket, the calling identity
+// must have the GetBucketPolicy permissions on the specified bucket and belong
+// to the bucket owner's account in order to use this operation.
+//
+// If you don't have GetBucketPolicy permissions, Amazon S3 returns a 403 Access
+// Denied error. If you have the correct permissions, but you're not using an
+// identity that belongs to the bucket owner's account, Amazon S3 returns a
+// 405 Method Not Allowed error.
+//
+// As a security precaution, the root user of the AWS account that owns a bucket
+// can always use this operation, even if the policy explicitly denies the root
+// user the ability to perform this action.
+//
+// For more information about bucket policies, see Using Bucket Policies and
+// User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html).
+//
+// The following operation is related to GetBucketPolicy:
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -2659,7 +3585,22 @@ func (c *S3) GetBucketPolicyStatusRequest(input *GetBucketPolicyStatusInput) (re
// GetBucketPolicyStatus API operation for Amazon Simple Storage Service.
//
// Retrieves the policy status for an Amazon S3 bucket, indicating whether the
-// bucket is public.
+// bucket is public. In order to use this operation, you must have the s3:GetBucketPolicyStatus
+// permission. For more information about Amazon S3 permissions, see Specifying
+// Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html).
+//
+// For more information about when Amazon S3 considers a bucket public, see
+// The Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status).
+//
+// The following operations are related to GetBucketPolicyStatus:
+//
+// * Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html)
+//
+// * GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html)
+//
+// * PutPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html)
+//
+// * DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -2739,6 +3680,26 @@ func (c *S3) GetBucketReplicationRequest(input *GetBucketReplicationInput) (req
// to all Amazon S3 systems. Therefore, a get request soon after put or delete
// can return a wrong result.
//
+// For information about replication configuration, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// This operation requires permissions for the s3:GetReplicationConfiguration
+// action. For more information about permissions, see Using Bucket Policies
+// and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html).
+//
+// If you include the Filter element in a replication configuration, you must
+// also include the DeleteMarkerReplication and Priority elements. The response
+// also returns those elements.
+//
+// For information about GetBucketReplication errors, see List of replication-related
+// error codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ReplicationErrorCodeList)
+//
+// The following operations are related to GetBucketReplication:
+//
+// * PutBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html)
+//
+// * DeleteBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketReplication.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -2811,7 +3772,13 @@ func (c *S3) GetBucketRequestPaymentRequest(input *GetBucketRequestPaymentInput)
// GetBucketRequestPayment API operation for Amazon Simple Storage Service.
//
-// Returns the request payment configuration of a bucket.
+// Returns the request payment configuration of a bucket. To use this version
+// of the operation, you must be the bucket owner. For more information, see
+// Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html).
+//
+// The following operations are related to GetBucketRequestPayment:
+//
+// * ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -2887,6 +3854,21 @@ func (c *S3) GetBucketTaggingRequest(input *GetBucketTaggingInput) (req *request
//
// Returns the tag set associated with the bucket.
//
+// To use this operation, you must have permission to perform the s3:GetBucketTagging
+// action. By default, the bucket owner has this permission and can grant this
+// permission to others.
+//
+// GetBucketTagging has the following special error:
+//
+// * Error code: NoSuchTagSetError Description: There is no tag set associated
+// with the bucket.
+//
+// The following operations are related to GetBucketTagging:
+//
+// * PutBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html)
+//
+// * DeleteBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -2961,6 +3943,20 @@ func (c *S3) GetBucketVersioningRequest(input *GetBucketVersioningInput) (req *r
//
// Returns the versioning state of a bucket.
//
+// To retrieve the versioning state of a bucket, you must be the bucket owner.
+//
+// This implementation also returns the MFA Delete status of the versioning
+// state. If the MFA Delete status is enabled, the bucket owner must use an
+// authentication device to change the versioning state of the bucket.
+//
+// The following operations are related to GetBucketVersioning:
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
+//
+// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)
+//
+// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -3033,7 +4029,21 @@ func (c *S3) GetBucketWebsiteRequest(input *GetBucketWebsiteInput) (req *request
// GetBucketWebsite API operation for Amazon Simple Storage Service.
//
-// Returns the website configuration for a bucket.
+// Returns the website configuration for a bucket. To host website on Amazon
+// S3, you can configure a bucket as website by adding a website configuration.
+// For more information about hosting websites, see Hosting Websites on Amazon
+// S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html).
+//
+// This GET operation requires the S3:GetBucketWebsite permission. By default,
+// only the bucket owner can read the bucket website configuration. However,
+// bucket owners can allow other users to read the website configuration by
+// writing a bucket policy granting them the S3:GetBucketWebsite permission.
+//
+// The following operations are related to DeleteBucketWebsite:
+//
+// * DeleteBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketWebsite.html)
+//
+// * PutBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3107,7 +4117,132 @@ func (c *S3) GetObjectRequest(input *GetObjectInput) (req *request.Request, outp
// GetObject API operation for Amazon Simple Storage Service.
//
-// Retrieves objects from Amazon S3.
+// Retrieves objects from Amazon S3. To use GET, you must have READ access to
+// the object. If you grant READ access to the anonymous user, you can return
+// the object without using an authorization header.
+//
+// An Amazon S3 bucket has no directory hierarchy such as you would find in
+// a typical computer file system. You can, however, create a logical hierarchy
+// by using object key names that imply a folder structure. For example, instead
+// of naming an object sample.jpg, you can name it photos/2006/February/sample.jpg.
+//
+// To get an object from such a logical hierarchy, specify the full key name
+// for the object in the GET operation. For a virtual hosted-style request example,
+// if you have the object photos/2006/February/sample.jpg, specify the resource
+// as /photos/2006/February/sample.jpg. For a path-style request example, if
+// you have the object photos/2006/February/sample.jpg in the bucket named examplebucket,
+// specify the resource as /examplebucket/photos/2006/February/sample.jpg. For
+// more information about request types, see HTTP Host Header Bucket Specification
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingSpecifyBucket).
+//
+// To distribute large files to many people, you can save bandwidth costs by
+// using BitTorrent. For more information, see Amazon S3 Torrent (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3Torrent.html).
+// For more information about returning the ACL of an object, see GetObjectAcl
+// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html).
+//
+// If the object you are retrieving is stored in the GLACIER or DEEP_ARCHIVE
+// storage classes, before you can retrieve the object you must first restore
+// a copy using RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html).
+// Otherwise, this operation returns an InvalidObjectStateError error. For information
+// about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html).
+//
+// Encryption request headers, like x-amz-server-side-encryption, should not
+// be sent for GET requests if your object uses server-side encryption with
+// CMKs stored in AWS KMS (SSE-KMS) or server-side encryption with Amazon S3–managed
+// encryption keys (SSE-S3). If your object does use these types of keys, you’ll
+// get an HTTP 400 BadRequest error.
+//
+// If you encrypt an object by using server-side encryption with customer-provided
+// encryption keys (SSE-C) when you store the object in Amazon S3, then when
+// you GET the object, you must use the following headers:
+//
+// * x-amz-server-side-encryption-customer-algorithm
+//
+// * x-amz-server-side-encryption-customer-key
+//
+// * x-amz-server-side-encryption-customer-key-MD5
+//
+// For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided
+// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html).
+//
+// Assuming you have permission to read object tags (permission for the s3:GetObjectVersionTagging
+// action), the response also returns the x-amz-tagging-count header that provides
+// the count of number of tags associated with the object. You can use GetObjectTagging
+// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html)
+// to retrieve the tag set associated with an object.
+//
+// Permissions
+//
+// You need the s3:GetObject permission for this operation. For more information,
+// see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html).
+// If the object you request does not exist, the error Amazon S3 returns depends
+// on whether you also have the s3:ListBucket permission.
+//
+// * If you have the s3:ListBucket permission on the bucket, Amazon S3 will
+// return an HTTP status code 404 ("no such key") error.
+//
+// * If you don’t have the s3:ListBucket permission, Amazon S3 will return
+// an HTTP status code 403 ("access denied") error.
+//
+// Versioning
+//
+// By default, the GET operation returns the current version of an object. To
+// return a different version, use the versionId subresource.
+//
+// If the current version of the object is a delete marker, Amazon S3 behaves
+// as if the object was deleted and includes x-amz-delete-marker: true in the
+// response.
+//
+// For more information about versioning, see PutBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html).
+//
+// Overriding Response Header Values
+//
+// There are times when you want to override certain response header values
+// in a GET response. For example, you might override the Content-Disposition
+// response header value in your GET request.
+//
+// You can override values for a set of response headers using the following
+// query parameters. These response header values are sent only on a successful
+// request, that is, when status code 200 OK is returned. The set of headers
+// you can override using these parameters is a subset of the headers that Amazon
+// S3 accepts when you create an object. The response headers that you can override
+// for the GET response are Content-Type, Content-Language, Expires, Cache-Control,
+// Content-Disposition, and Content-Encoding. To override these header values
+// in the GET response, you use the following request parameters.
+//
+// You must sign the request, either using an Authorization header or a presigned
+// URL, when using these parameters. They cannot be used with an unsigned (anonymous)
+// request.
+//
+// * response-content-type
+//
+// * response-content-language
+//
+// * response-expires
+//
+// * response-cache-control
+//
+// * response-content-disposition
+//
+// * response-content-encoding
+//
+// Additional Considerations about Request Headers
+//
+// If both of the If-Match and If-Unmodified-Since headers are present in the
+// request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since
+// condition evaluates to false; then, S3 returns 200 OK and the data requested.
+//
+// If both of the If-None-Match and If-Modified-Since headers are present in
+// the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since
+// condition evaluates to true; then, S3 returns 304 Not Modified response code.
+//
+// For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232).
+//
+// The following operations are related to GetObject:
+//
+// * ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html)
+//
+// * GetObjectAcl (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3186,7 +4321,21 @@ func (c *S3) GetObjectAclRequest(input *GetObjectAclInput) (req *request.Request
// GetObjectAcl API operation for Amazon Simple Storage Service.
//
-// Returns the access control list (ACL) of an object.
+// Returns the access control list (ACL) of an object. To use this operation,
+// you must have READ_ACP access to the object.
+//
+// Versioning
+//
+// By default, GET returns ACL information about the current version of an object.
+// To return ACL information about a different version, use the versionId subresource.
+//
+// The following operations are related to GetObjectAcl:
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
+//
+// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html)
+//
+// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3265,7 +4414,8 @@ func (c *S3) GetObjectLegalHoldRequest(input *GetObjectLegalHoldInput) (req *req
// GetObjectLegalHold API operation for Amazon Simple Storage Service.
//
-// Gets an object's current Legal Hold status.
+// Gets an object's current Legal Hold status. For more information, see Locking
+// Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3339,9 +4489,10 @@ func (c *S3) GetObjectLockConfigurationRequest(input *GetObjectLockConfiguration
// GetObjectLockConfiguration API operation for Amazon Simple Storage Service.
//
-// Gets the object lock configuration for a bucket. The rule specified in the
-// object lock configuration will be applied by default to every new object
-// placed in the specified bucket.
+// Gets the Object Lock configuration for a bucket. The rule specified in the
+// Object Lock configuration will be applied by default to every new object
+// placed in the specified bucket. For more information, see Locking Objects
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3415,7 +4566,8 @@ func (c *S3) GetObjectRetentionRequest(input *GetObjectRetentionInput) (req *req
// GetObjectRetention API operation for Amazon Simple Storage Service.
//
-// Retrieves an object's retention settings.
+// Retrieves an object's retention settings. For more information, see Locking
+// Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3489,7 +4641,25 @@ func (c *S3) GetObjectTaggingRequest(input *GetObjectTaggingInput) (req *request
// GetObjectTagging API operation for Amazon Simple Storage Service.
//
-// Returns the tag-set of an object.
+// Returns the tag-set of an object. You send the GET request against the tagging
+// subresource associated with the object.
+//
+// To use this operation, you must have permission to perform the s3:GetObjectTagging
+// action. By default, the GET operation returns information about current version
+// of an object. For a versioned bucket, you can have multiple versions of an
+// object in your bucket. To retrieve tags of any other version, use the versionId
+// query parameter. You also need permission for the s3:GetObjectVersionTagging
+// action.
+//
+// By default, the bucket owner has this permission and can grant this permission
+// to others.
+//
+// For information about the Amazon S3 object tagging feature, see Object Tagging
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html).
+//
+// The following operation is related to GetObjectTagging:
+//
+// * PutObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3563,7 +4733,19 @@ func (c *S3) GetObjectTorrentRequest(input *GetObjectTorrentInput) (req *request
// GetObjectTorrent API operation for Amazon Simple Storage Service.
//
-// Return torrent files from a bucket.
+// Return torrent files from a bucket. BitTorrent can save you bandwidth when
+// you're distributing large files. For more information about BitTorrent, see
+// Amazon S3 Torrent (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3Torrent.html).
+//
+// You can get torrent only for objects that are less than 5 GB in size and
+// that are not encrypted using server-side encryption with customer-provided
+// encryption key.
+//
+// To use GET, you must have READ access to the object.
+//
+// The following operation is related to GetObjectTorrent:
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3637,7 +4819,30 @@ func (c *S3) GetPublicAccessBlockRequest(input *GetPublicAccessBlockInput) (req
// GetPublicAccessBlock API operation for Amazon Simple Storage Service.
//
-// Retrieves the PublicAccessBlock configuration for an Amazon S3 bucket.
+// Retrieves the PublicAccessBlock configuration for an Amazon S3 bucket. To
+// use this operation, you must have the s3:GetBucketPublicAccessBlock permission.
+// For more information about Amazon S3 permissions, see Specifying Permissions
+// in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html).
+//
+// When Amazon S3 evaluates the PublicAccessBlock configuration for a bucket
+// or an object, it checks the PublicAccessBlock configuration for both the
+// bucket (or the bucket that contains the object) and the bucket owner's account.
+// If the PublicAccessBlock settings are different between the bucket and the
+// account, Amazon S3 uses the most restrictive combination of the bucket-level
+// and account-level settings.
+//
+// For more information about when Amazon S3 considers a bucket or an object
+// public, see The Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status).
+//
+// The following operations are related to GetPublicAccessBlock:
+//
+// * Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html)
+//
+// * PutPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html)
+//
+// * GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html)
+//
+// * DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3713,7 +4918,15 @@ func (c *S3) HeadBucketRequest(input *HeadBucketInput) (req *request.Request, ou
// HeadBucket API operation for Amazon Simple Storage Service.
//
// This operation is useful to determine if a bucket exists and you have permission
-// to access it.
+// to access it. The operation returns a 200 OK if the bucket exists and you
+// have permission to access it. Otherwise, the operation might return responses
+// such as 404 Not Found and 403 Forbidden.
+//
+// To use this operation, you must have permissions to perform the s3:ListBucket
+// action. The bucket owner has this permission by default and can grant this
+// permission to others. For more information about permissions, see Permissions
+// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3796,6 +5009,63 @@ func (c *S3) HeadObjectRequest(input *HeadObjectInput) (req *request.Request, ou
// object itself. This operation is useful if you're only interested in an object's
// metadata. To use HEAD, you must have READ access to the object.
//
+// A HEAD request has the same options as a GET operation on an object. The
+// response is identical to the GET response except that there is no response
+// body.
+//
+// If you encrypt an object by using server-side encryption with customer-provided
+// encryption keys (SSE-C) when you store the object in Amazon S3, then when
+// you retrieve the metadata from the object, you must use the following headers:
+//
+// * x-amz-server-side-encryption-customer-algorithm
+//
+// * x-amz-server-side-encryption-customer-key
+//
+// * x-amz-server-side-encryption-customer-key-MD5
+//
+// For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided
+// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html).
+//
+// Encryption request headers, like x-amz-server-side-encryption, should not
+// be sent for GET requests if your object uses server-side encryption with
+// CMKs stored in AWS KMS (SSE-KMS) or server-side encryption with Amazon S3–managed
+// encryption keys (SSE-S3). If your object does use these types of keys, you’ll
+// get an HTTP 400 BadRequest error.
+//
+// Request headers are limited to 8 KB in size. For more information, see Common
+// Request Headers (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html).
+//
+// Consider the following when using request headers:
+//
+// * Consideration 1 – If both of the If-Match and If-Unmodified-Since
+// headers are present in the request as follows: If-Match condition evaluates
+// to true, and; If-Unmodified-Since condition evaluates to false; Then Amazon
+// S3 returns 200 OK and the data requested.
+//
+// * Consideration 2 – If both of the If-None-Match and If-Modified-Since
+// headers are present in the request as follows: If-None-Match condition
+// evaluates to false, and; If-Modified-Since condition evaluates to true;
+// Then Amazon S3 returns the 304 Not Modified response code.
+//
+// For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232).
+//
+// Permissions
+//
+// You need the s3:GetObject permission for this operation. For more information,
+// see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html).
+// If the object you request does not exist, the error Amazon S3 returns depends
+// on whether you also have the s3:ListBucket permission.
+//
+// * If you have the s3:ListBucket permission on the bucket, Amazon S3 returns
+// an HTTP status code 404 ("no such key") error.
+//
+// * If you don’t have the s3:ListBucket permission, Amazon S3 returns
+// an HTTP status code 403 ("access denied") error.
+//
+// The following operation is related to HeadObject:
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
+//
// See http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#RESTErrorResponses
// for more information on returned errors.
//
@@ -3871,7 +5141,33 @@ func (c *S3) ListBucketAnalyticsConfigurationsRequest(input *ListBucketAnalytics
// ListBucketAnalyticsConfigurations API operation for Amazon Simple Storage Service.
//
-// Lists the analytics configurations for the bucket.
+// Lists the analytics configurations for the bucket. You can have up to 1,000
+// analytics configurations per bucket.
+//
+// This operation supports list pagination and does not return more than 100
+// configurations at a time. You should always check the IsTruncated element
+// in the response. If there are no more configurations to list, IsTruncated
+// is set to false. If there are more configurations to list, IsTruncated is
+// set to true, and there will be a value in NextContinuationToken. You use
+// the NextContinuationToken value to continue the pagination of the list by
+// passing the value in continuation-token in the request to GET the next page.
+//
+// To use this operation, you must have permissions to perform the s3:GetAnalyticsConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// For information about Amazon S3 analytics feature, see Amazon S3 Analytics
+// – Storage Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html).
+//
+// The following operations are related to ListBucketAnalyticsConfigurations:
+//
+// * GetBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html)
+//
+// * DeleteBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html)
+//
+// * PutBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -3945,7 +5241,33 @@ func (c *S3) ListBucketInventoryConfigurationsRequest(input *ListBucketInventory
// ListBucketInventoryConfigurations API operation for Amazon Simple Storage Service.
//
-// Returns a list of inventory configurations for the bucket.
+// Returns a list of inventory configurations for the bucket. You can have up
+// to 1,000 analytics configurations per bucket.
+//
+// This operation supports list pagination and does not return more than 100
+// configurations at a time. Always check the IsTruncated element in the response.
+// If there are no more configurations to list, IsTruncated is set to false.
+// If there are more configurations to list, IsTruncated is set to true, and
+// there is a value in NextContinuationToken. You use the NextContinuationToken
+// value to continue the pagination of the list by passing the value in continuation-token
+// in the request to GET the next page.
+//
+// To use this operation, you must have permissions to perform the s3:GetInventoryConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// For information about the Amazon S3 inventory feature, see Amazon S3 Inventory
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html)
+//
+// The following operations are related to ListBucketInventoryConfigurations:
+//
+// * GetBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html)
+//
+// * DeleteBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html)
+//
+// * PutBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -4019,7 +5341,34 @@ func (c *S3) ListBucketMetricsConfigurationsRequest(input *ListBucketMetricsConf
// ListBucketMetricsConfigurations API operation for Amazon Simple Storage Service.
//
-// Lists the metrics configurations for the bucket.
+// Lists the metrics configurations for the bucket. The metrics configurations
+// are only for the request metrics of the bucket and do not provide information
+// on daily storage metrics. You can have up to 1,000 configurations per bucket.
+//
+// This operation supports list pagination and does not return more than 100
+// configurations at a time. Always check the IsTruncated element in the response.
+// If there are no more configurations to list, IsTruncated is set to false.
+// If there are more configurations to list, IsTruncated is set to true, and
+// there is a value in NextContinuationToken. You use the NextContinuationToken
+// value to continue the pagination of the list by passing the value in continuation-token
+// in the request to GET the next page.
+//
+// To use this operation, you must have permissions to perform the s3:GetMetricsConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// For more information about metrics configurations and CloudWatch request
+// metrics, see Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html).
+//
+// The following operations are related to ListBucketMetricsConfigurations:
+//
+// * PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html)
+//
+// * GetBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html)
+//
+// * DeleteBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -4173,7 +5522,40 @@ func (c *S3) ListMultipartUploadsRequest(input *ListMultipartUploadsInput) (req
// ListMultipartUploads API operation for Amazon Simple Storage Service.
//
-// This operation lists in-progress multipart uploads.
+// This operation lists in-progress multipart uploads. An in-progress multipart
+// upload is a multipart upload that has been initiated using the Initiate Multipart
+// Upload request, but has not yet been completed or aborted.
+//
+// This operation returns at most 1,000 multipart uploads in the response. 1,000
+// multipart uploads is the maximum number of uploads a response can include,
+// which is also the default value. You can further limit the number of uploads
+// in a response by specifying the max-uploads parameter in the response. If
+// additional multipart uploads satisfy the list criteria, the response will
+// contain an IsTruncated element with the value true. To list the additional
+// multipart uploads, use the key-marker and upload-id-marker request parameters.
+//
+// In the response, the uploads are sorted by key. If your application has initiated
+// more than one multipart upload using the same object key, then uploads in
+// the response are first sorted by key. Additionally, uploads are sorted in
+// ascending order within each key by the upload initiation time.
+//
+// For more information on multipart uploads, see Uploading Objects Using Multipart
+// Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html).
+//
+// For information on permissions required to use the multipart upload API,
+// see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html).
+//
+// The following operations are related to ListMultipartUploads:
+//
+// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)
+//
+// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)
+//
+// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html)
+//
+// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html)
+//
+// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -4305,7 +5687,24 @@ func (c *S3) ListObjectVersionsRequest(input *ListObjectVersionsInput) (req *req
// ListObjectVersions API operation for Amazon Simple Storage Service.
//
-// Returns metadata about all of the versions of objects in a bucket.
+// Returns metadata about all of the versions of objects in a bucket. You can
+// also use request parameters as selection criteria to return metadata about
+// a subset of all the object versions.
+//
+// A 200 OK response can contain valid or invalid XML. Make sure to design your
+// application to parse the contents of the response and handle it appropriately.
+//
+// To use this operation, you must have READ access to the bucket.
+//
+// The following operations are related to ListObjectVersions:
+//
+// * ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html)
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
+//
+// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)
+//
+// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -4437,9 +5836,28 @@ func (c *S3) ListObjectsRequest(input *ListObjectsInput) (req *request.Request,
// ListObjects API operation for Amazon Simple Storage Service.
//
-// Returns some or all (up to 1000) of the objects in a bucket. You can use
+// Returns some or all (up to 1,000) of the objects in a bucket. You can use
// the request parameters as selection criteria to return a subset of the objects
-// in a bucket.
+// in a bucket. A 200 OK response can contain valid or invalid XML. Be sure
+// to design your application to parse the contents of the response and handle
+// it appropriately.
+//
+// This API has been revised. We recommend that you use the newer version, ListObjectsV2
+// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html),
+// when developing applications. For backward compatibility, Amazon S3 continues
+// to support ListObjects.
+//
+// The following operations are related to ListObjects:
+//
+// * ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html)
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
+//
+// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
+//
+// * ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -4576,10 +5994,35 @@ func (c *S3) ListObjectsV2Request(input *ListObjectsV2Input) (req *request.Reque
// ListObjectsV2 API operation for Amazon Simple Storage Service.
//
-// Returns some or all (up to 1000) of the objects in a bucket. You can use
+// Returns some or all (up to 1,000) of the objects in a bucket. You can use
// the request parameters as selection criteria to return a subset of the objects
-// in a bucket. Note: ListObjectsV2 is the revised List Objects API and we recommend
-// you use this revised API for new application development.
+// in a bucket. A 200 OK response can contain valid or invalid XML. Make sure
+// to design your application to parse the contents of the response and handle
+// it appropriately.
+//
+// To use this operation, you must have READ access to the bucket.
+//
+// To use this operation in an AWS Identity and Access Management (IAM) policy,
+// you must have permissions to perform the s3:ListBucket action. The bucket
+// owner has this permission by default and can grant this permission to others.
+// For more information about permissions, see Permissions Related to Bucket
+// Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// This section describes the latest revision of the API. We recommend that
+// you use this revised API for application development. For backward compatibility,
+// Amazon S3 continues to support the prior version of this API, ListObjects
+// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html).
+//
+// To get a list of your buckets, see ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html).
+//
+// The following operations are related to ListObjectsV2:
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
+//
+// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -4717,6 +6160,33 @@ func (c *S3) ListPartsRequest(input *ListPartsInput) (req *request.Request, outp
// ListParts API operation for Amazon Simple Storage Service.
//
// Lists the parts that have been uploaded for a specific multipart upload.
+// This operation must include the upload ID, which you obtain by sending the
+// initiate multipart upload request (see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)).
+// This request returns a maximum of 1,000 uploaded parts. The default number
+// of parts returned is 1,000 parts. You can restrict the number of parts returned
+// by specifying the max-parts request parameter. If your multipart upload consists
+// of more than 1,000 parts, the response returns an IsTruncated field with
+// the value of true, and a NextPartNumberMarker element. In subsequent ListParts
+// requests you can include the part-number-marker query string parameter and
+// set its value to the NextPartNumberMarker field value from the previous response.
+//
+// For more information on multipart uploads, see Uploading Objects Using Multipart
+// Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html).
+//
+// For information on permissions required to use the multipart upload API,
+// see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html).
+//
+// The following operations are related to ListParts:
+//
+// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)
+//
+// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)
+//
+// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html)
+//
+// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html)
+//
+// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -4843,7 +6313,41 @@ func (c *S3) PutBucketAccelerateConfigurationRequest(input *PutBucketAccelerateC
// PutBucketAccelerateConfiguration API operation for Amazon Simple Storage Service.
//
-// Sets the accelerate configuration of an existing bucket.
+// Sets the accelerate configuration of an existing bucket. Amazon S3 Transfer
+// Acceleration is a bucket-level feature that enables you to perform faster
+// data transfers to Amazon S3.
+//
+// To use this operation, you must have permission to perform the s3:PutAccelerateConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// The Transfer Acceleration state of a bucket can be set to one of the following
+// two values:
+//
+// * Enabled – Enables accelerated data transfers to the bucket.
+//
+// * Suspended – Disables accelerated data transfers to the bucket.
+//
+// The GetBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAccelerateConfiguration.html)
+// operation returns the transfer acceleration state of a bucket.
+//
+// After setting the Transfer Acceleration state of a bucket to Enabled, it
+// might take up to thirty minutes before the data transfer rates to the bucket
+// increase.
+//
+// The name of the bucket used for Transfer Acceleration must be DNS-compliant
+// and must not contain periods (".").
+//
+// For more information about transfer acceleration, see Transfer Acceleration
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html).
+//
+// The following operations are related to PutBucketAccelerateConfiguration:
+//
+// * GetBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAccelerateConfiguration.html)
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -4913,12 +6417,101 @@ func (c *S3) PutBucketAclRequest(input *PutBucketAclInput) (req *request.Request
output = &PutBucketAclOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutBucketAcl API operation for Amazon Simple Storage Service.
//
-// Sets the permissions on a bucket using access control lists (ACL).
+// Sets the permissions on an existing bucket using access control lists (ACL).
+// For more information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html).
+// To set the ACL of a bucket, you must have WRITE_ACP permission.
+//
+// You can use one of the following two ways to set a bucket's permissions:
+//
+// * Specify the ACL in the request body
+//
+// * Specify permissions using request headers
+//
+// You cannot specify access permission using both the body and the request
+// headers.
+//
+// Depending on your application needs, you may choose to set the ACL on a bucket
+// using either the request body or the headers. For example, if you have an
+// existing application that updates a bucket ACL using the request body, then
+// you can continue to use that approach.
+//
+// Access Permissions
+//
+// You can set access permissions using one of the following methods:
+//
+// * Specify a canned ACL with the x-amz-acl request header. Amazon S3 supports
+// a set of predefined ACLs, known as canned ACLs. Each canned ACL has a
+// predefined set of grantees and permissions. Specify the canned ACL name
+// as the value of x-amz-acl. If you use this header, you cannot use other
+// access control-specific headers in your request. For more information,
+// see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).
+//
+// * Specify access permissions explicitly with the x-amz-grant-read, x-amz-grant-read-acp,
+// x-amz-grant-write-acp, and x-amz-grant-full-control headers. When using
+// these headers, you specify explicit access permissions and grantees (AWS
+// accounts or Amazon S3 groups) who will receive the permission. If you
+// use these ACL-specific headers, you cannot use the x-amz-acl header to
+// set a canned ACL. These parameters map to the set of permissions that
+// Amazon S3 supports in an ACL. For more information, see Access Control
+// List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html).
+// You specify each grantee as a type=value pair, where the type is one of
+// the following: id – if the value specified is the canonical user ID
+// of an AWS account uri – if you are granting permissions to a predefined
+// group emailAddress – if the value specified is the email address of
+// an AWS account Using email addresses to specify a grantee is only supported
+// in the following AWS Regions: US East (N. Virginia) US West (N. California)
+// US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific
+// (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all
+// the Amazon S3 supported Regions and endpoints, see Regions and Endpoints
+// (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in
+// the AWS General Reference. For example, the following x-amz-grant-write
+// header grants create, overwrite, and delete objects permission to LogDelivery
+// group predefined by Amazon S3 and two AWS accounts identified by their
+// email addresses. x-amz-grant-write: uri="http://acs.amazonaws.com/groups/s3/LogDelivery",
+// id="111122223333", id="555566667777"
+//
+// You can use either a canned ACL or specify access permissions explicitly.
+// You cannot do both.
+//
+// Grantee Values
+//
+// You can specify the person (grantee) to whom you're assigning access rights
+// (using request elements) in the following ways:
+//
+// * By the person's ID: <>ID<><>GranteesEmail<>
+// DisplayName is optional and ignored in the request
+//
+// * By URI: <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<>
+//
+// * By Email address: <>Grantees@email.com<>lt;/Grantee>
+// The grantee is resolved to the CanonicalUser and, in a response to a GET
+// Object acl request, appears as the CanonicalUser. Using email addresses
+// to specify a grantee is only supported in the following AWS Regions: US
+// East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific
+// (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland)
+// South America (São Paulo) For a list of all the Amazon S3 supported Regions
+// and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region)
+// in the AWS General Reference.
+//
+// Related Resources
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
+//
+// * DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)
+//
+// * GetObjectAcl (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -4994,7 +6587,50 @@ func (c *S3) PutBucketAnalyticsConfigurationRequest(input *PutBucketAnalyticsCon
// PutBucketAnalyticsConfiguration API operation for Amazon Simple Storage Service.
//
// Sets an analytics configuration for the bucket (specified by the analytics
-// configuration ID).
+// configuration ID). You can have up to 1,000 analytics configurations per
+// bucket.
+//
+// You can choose to have storage class analysis export analysis reports sent
+// to a comma-separated values (CSV) flat file. See the DataExport request element.
+// Reports are updated daily and are based on the object filters that you configure.
+// When selecting data export, you specify a destination bucket and an optional
+// destination prefix where the file is written. You can export the data to
+// a destination bucket in a different account. However, the destination bucket
+// must be in the same Region as the bucket that you are making the PUT analytics
+// configuration to. For more information, see Amazon S3 Analytics – Storage
+// Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html).
+//
+// You must create a bucket policy on the destination bucket where the exported
+// file is written to grant permissions to Amazon S3 to write objects to the
+// bucket. For an example policy, see Granting Permissions for Amazon S3 Inventory
+// and Storage Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-9).
+//
+// To use this operation, you must have permissions to perform the s3:PutAnalyticsConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// Special Errors
+//
+// * HTTP Error: HTTP 400 Bad Request Code: InvalidArgument Cause: Invalid
+// argument.
+//
+// * HTTP Error: HTTP 400 Bad Request Code: TooManyConfigurations Cause:
+// You are attempting to create a new configuration but have already reached
+// the 1,000-configuration limit.
+//
+// * HTTP Error: HTTP 403 Forbidden Code: AccessDenied Cause: You are not
+// the owner of the specified bucket, or you do not have the s3:PutAnalyticsConfiguration
+// bucket permission to set the configuration on the bucket.
+//
+// Related Resources
+//
+// * GetBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html)
+//
+// * DeleteBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html)
+//
+// * ListBucketAnalyticsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5064,12 +6700,58 @@ func (c *S3) PutBucketCorsRequest(input *PutBucketCorsInput) (req *request.Reque
output = &PutBucketCorsOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutBucketCors API operation for Amazon Simple Storage Service.
//
-// Sets the CORS configuration for a bucket.
+// Sets the cors configuration for your bucket. If the configuration exists,
+// Amazon S3 replaces it.
+//
+// To use this operation, you must be allowed to perform the s3:PutBucketCORS
+// action. By default, the bucket owner has this permission and can grant it
+// to others.
+//
+// You set this configuration on a bucket so that the bucket can service cross-origin
+// requests. For example, you might want to enable a request whose origin is
+// http://www.example.com to access your Amazon S3 bucket at my.example.bucket.com
+// by using the browser's XMLHttpRequest capability.
+//
+// To enable cross-origin resource sharing (CORS) on a bucket, you add the cors
+// subresource to the bucket. The cors subresource is an XML document in which
+// you configure rules that identify origins and the HTTP methods that can be
+// executed on your bucket. The document is limited to 64 KB in size.
+//
+// When Amazon S3 receives a cross-origin request (or a pre-flight OPTIONS request)
+// against a bucket, it evaluates the cors configuration on the bucket and uses
+// the first CORSRule rule that matches the incoming browser request to enable
+// a cross-origin request. For a rule to match, the following conditions must
+// be met:
+//
+// * The request's Origin header must match AllowedOrigin elements.
+//
+// * The request method (for example, GET, PUT, HEAD, and so on) or the Access-Control-Request-Method
+// header in case of a pre-flight OPTIONS request must be one of the AllowedMethod
+// elements.
+//
+// * Every header specified in the Access-Control-Request-Headers request
+// header of a pre-flight request must match an AllowedHeader element.
+//
+// For more information about CORS, go to Enabling Cross-Origin Resource Sharing
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the Amazon
+// Simple Storage Service Developer Guide.
+//
+// Related Resources
+//
+// * GetBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketCors.html)
+//
+// * DeleteBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketCors.html)
+//
+// * RESTOPTIONSobject (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTOPTIONSobject.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5139,13 +6821,38 @@ func (c *S3) PutBucketEncryptionRequest(input *PutBucketEncryptionInput) (req *r
output = &PutBucketEncryptionOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutBucketEncryption API operation for Amazon Simple Storage Service.
//
-// Creates a new server-side encryption configuration (or replaces an existing
-// one, if present).
+// This implementation of the PUT operation uses the encryption subresource
+// to set the default encryption state of an existing bucket.
+//
+// This implementation of the PUT operation sets default encryption for a bucket
+// using server-side encryption with Amazon S3-managed keys SSE-S3 or AWS KMS
+// customer master keys (CMKs) (SSE-KMS). For information about the Amazon S3
+// default encryption feature, see Amazon S3 Default Bucket Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html).
+//
+// This operation requires AWS Signature Version 4. For more information, see
+// Authenticating Requests (AWS Signature Version 4) (sig-v4-authenticating-requests.html).
+//
+// To use this operation, you must have permissions to perform the s3:PutEncryptionConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Related Resources
+//
+// * GetBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html)
+//
+// * DeleteBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5220,8 +6927,54 @@ func (c *S3) PutBucketInventoryConfigurationRequest(input *PutBucketInventoryCon
// PutBucketInventoryConfiguration API operation for Amazon Simple Storage Service.
//
-// Adds an inventory configuration (identified by the inventory ID) from the
-// bucket.
+// This implementation of the PUT operation adds an inventory configuration
+// (identified by the inventory ID) to the bucket. You can have up to 1,000
+// inventory configurations per bucket.
+//
+// Amazon S3 inventory generates inventories of the objects in the bucket on
+// a daily or weekly basis, and the results are published to a flat file. The
+// bucket that is inventoried is called the source bucket, and the bucket where
+// the inventory flat file is stored is called the destination bucket. The destination
+// bucket must be in the same AWS Region as the source bucket.
+//
+// When you configure an inventory for a source bucket, you specify the destination
+// bucket where you want the inventory to be stored, and whether to generate
+// the inventory daily or weekly. You can also configure what object metadata
+// to include and whether to inventory all object versions or only current versions.
+// For more information, see Amazon S3 Inventory (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// You must create a bucket policy on the destination bucket to grant permissions
+// to Amazon S3 to write objects to the bucket in the defined location. For
+// an example policy, see Granting Permissions for Amazon S3 Inventory and Storage
+// Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-9).
+//
+// To use this operation, you must have permissions to perform the s3:PutInventoryConfiguration
+// action. The bucket owner has this permission by default and can grant this
+// permission to others. For more information about permissions, see Permissions
+// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Special Errors
+//
+// * HTTP 400 Bad Request Error Code: InvalidArgument Cause: Invalid Argument
+//
+// * HTTP 400 Bad Request Error Code: TooManyConfigurations Cause: You are
+// attempting to create a new configuration but have already reached the
+// 1,000-configuration limit.
+//
+// * HTTP 403 Forbidden Error Code: AccessDenied Cause: You are not the owner
+// of the specified bucket, or you do not have the s3:PutInventoryConfiguration
+// bucket permission to set the configuration on the bucket.
+//
+// Related Resources
+//
+// * GetBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html)
+//
+// * DeleteBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html)
+//
+// * ListBucketInventoryConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5296,12 +7049,64 @@ func (c *S3) PutBucketLifecycleRequest(input *PutBucketLifecycleInput) (req *req
output = &PutBucketLifecycleOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutBucketLifecycle API operation for Amazon Simple Storage Service.
//
-// No longer used, see the PutBucketLifecycleConfiguration operation.
+//
+// For an updated version of this API, see PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html).
+// This version has been deprecated. Existing lifecycle configurations will
+// work. For new lifecycle configurations, use the updated API.
+//
+// Creates a new lifecycle configuration for the bucket or replaces an existing
+// lifecycle configuration. For information about lifecycle configuration, see
+// Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// By default, all Amazon S3 resources, including buckets, objects, and related
+// subresources (for example, lifecycle configuration and website configuration)
+// are private. Only the resource owner, the AWS account that created the resource,
+// can access it. The resource owner can optionally grant access permissions
+// to others by writing an access policy. For this operation, users must get
+// the s3:PutLifecycleConfiguration permission.
+//
+// You can also explicitly deny permissions. Explicit denial also supersedes
+// any other permissions. If you want to prevent users or accounts from removing
+// or deleting objects from your bucket, you must deny them permissions for
+// the following actions:
+//
+// * s3:DeleteObject
+//
+// * s3:DeleteObjectVersion
+//
+// * s3:PutLifecycleConfiguration
+//
+// For more information about permissions, see Managing Access Permissions to
+// your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// For more examples of transitioning objects to storage classes such as STANDARD_IA
+// or ONEZONE_IA, see Examples of Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#lifecycle-configuration-examples).
+//
+// Related Resources
+//
+// * GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html)(Deprecated)
+//
+// * GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html)
+//
+// * RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html)
+//
+// * By default, a resource owner—in this case, a bucket owner, which is
+// the AWS account that created the bucket—can perform any of the operations.
+// A resource owner can also grant others permission to perform the operation.
+// For more information, see the following topics in the Amazon Simple Storage
+// Service Developer Guide: Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html)
+// Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5375,13 +7180,78 @@ func (c *S3) PutBucketLifecycleConfigurationRequest(input *PutBucketLifecycleCon
output = &PutBucketLifecycleConfigurationOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutBucketLifecycleConfiguration API operation for Amazon Simple Storage Service.
//
-// Sets lifecycle configuration for your bucket. If a lifecycle configuration
-// exists, it replaces it.
+// Creates a new lifecycle configuration for the bucket or replaces an existing
+// lifecycle configuration. For information about lifecycle configuration, see
+// Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// Bucket lifecycle configuration now supports specifying a lifecycle rule using
+// an object key name prefix, one or more object tags, or a combination of both.
+// Accordingly, this section describes the latest API. The previous version
+// of the API supported filtering based only on an object key name prefix, which
+// is supported for backward compatibility. For the related API description,
+// see PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html).
+//
+// Rules
+//
+// You specify the lifecycle configuration in your request body. The lifecycle
+// configuration is specified as XML consisting of one or more rules. Each rule
+// consists of the following:
+//
+// * Filter identifying a subset of objects to which the rule applies. The
+// filter can be based on a key name prefix, object tags, or a combination
+// of both.
+//
+// * Status whether the rule is in effect.
+//
+// * One or more lifecycle transition and expiration actions that you want
+// Amazon S3 to perform on the objects identified by the filter. If the state
+// of your bucket is versioning-enabled or versioning-suspended, you can
+// have many versions of the same object (one current version and zero or
+// more noncurrent versions). Amazon S3 provides predefined actions that
+// you can specify for current and noncurrent object versions.
+//
+// For more information, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html)
+// and Lifecycle Configuration Elements (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html).
+//
+// Permissions
+//
+// By default, all Amazon S3 resources are private, including buckets, objects,
+// and related subresources (for example, lifecycle configuration and website
+// configuration). Only the resource owner (that is, the AWS account that created
+// it) can access the resource. The resource owner can optionally grant access
+// permissions to others by writing an access policy. For this operation, a
+// user must get the s3:PutLifecycleConfiguration permission.
+//
+// You can also explicitly deny permissions. Explicit deny also supersedes any
+// other permissions. If you want to block users or accounts from removing or
+// deleting objects from your bucket, you must deny them permissions for the
+// following actions:
+//
+// * s3:DeleteObject
+//
+// * s3:DeleteObjectVersion
+//
+// * s3:PutLifecycleConfiguration
+//
+// For more information about permissions, see Managing Access Permissions to
+// Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// The following are related to PutBucketLifecycleConfiguration:
+//
+// * Examples of Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-configuration-examples.html)
+//
+// * GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html)
+//
+// * DeleteBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5451,15 +7321,63 @@ func (c *S3) PutBucketLoggingRequest(input *PutBucketLoggingInput) (req *request
output = &PutBucketLoggingOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutBucketLogging API operation for Amazon Simple Storage Service.
//
// Set the logging parameters for a bucket and to specify permissions for who
-// can view and modify the logging parameters. To set the logging status of
+// can view and modify the logging parameters. All logs are saved to buckets
+// in the same AWS Region as the source bucket. To set the logging status of
// a bucket, you must be the bucket owner.
//
+// The bucket owner is automatically granted FULL_CONTROL to all logs. You use
+// the Grantee request element to grant access to other people. The Permissions
+// request element specifies the kind of access the grantee has to the logs.
+//
+// Grantee Values
+//
+// You can specify the person (grantee) to whom you're assigning access rights
+// (using request elements) in the following ways:
+//
+// * By the person's ID: <>ID<><>GranteesEmail<>
+// DisplayName is optional and ignored in the request.
+//
+// * By Email address: <>Grantees@email.com<>
+// The grantee is resolved to the CanonicalUser and, in a response to a GET
+// Object acl request, appears as the CanonicalUser.
+//
+// * By URI: <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<>
+//
+// To enable logging, you use LoggingEnabled and its children request elements.
+// To disable logging, you use an empty BucketLoggingStatus request element:
+//
+//
+//
+// For more information about server access logging, see Server Access Logging
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html).
+//
+// For more information about creating a bucket, see CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html).
+// For more information about returning the logging status of a bucket, see
+// GetBucketLogging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html).
+//
+// The following operations are related to PutBucketLogging:
+//
+// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)
+//
+// * DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
+//
+// * GetBucketLogging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -5534,7 +7452,33 @@ func (c *S3) PutBucketMetricsConfigurationRequest(input *PutBucketMetricsConfigu
// PutBucketMetricsConfiguration API operation for Amazon Simple Storage Service.
//
// Sets a metrics configuration (specified by the metrics configuration ID)
-// for the bucket.
+// for the bucket. You can have up to 1,000 metrics configurations per bucket.
+// If you're updating an existing metrics configuration, note that this is a
+// full replacement of the existing metrics configuration. If you don't include
+// the elements you want to keep, they are erased.
+//
+// To use this operation, you must have permissions to perform the s3:PutMetricsConfiguration
+// action. The bucket owner has this permission by default. The bucket owner
+// can grant this permission to others. For more information about permissions,
+// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// For information about CloudWatch request metrics for Amazon S3, see Monitoring
+// Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html).
+//
+// The following operations are related to PutBucketMetricsConfiguration:
+//
+// * DeleteBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html)
+//
+// * PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html)
+//
+// * ListBucketMetricsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html)
+//
+// GetBucketLifecycle has the following special error:
+//
+// * Error code: TooManyConfigurations Description: You are attempting to
+// create a new configuration but have already reached the 1,000-configuration
+// limit. HTTP Status Code: HTTP 400 Bad Request
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5609,12 +7553,17 @@ func (c *S3) PutBucketNotificationRequest(input *PutBucketNotificationInput) (re
output = &PutBucketNotificationOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutBucketNotification API operation for Amazon Simple Storage Service.
//
-// No longer used, see the PutBucketNotificationConfiguration operation.
+// No longer used, see the PutBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotificationConfiguration.html)
+// operation.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5693,7 +7642,55 @@ func (c *S3) PutBucketNotificationConfigurationRequest(input *PutBucketNotificat
// PutBucketNotificationConfiguration API operation for Amazon Simple Storage Service.
//
-// Enables notifications of specified events for a bucket.
+// Enables notifications of specified events for a bucket. For more information
+// about event notifications, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html).
+//
+// Using this API, you can replace an existing notification configuration. The
+// configuration is an XML file that defines the event types that you want Amazon
+// S3 to publish and the destination where you want Amazon S3 to publish an
+// event notification when it detects an event of the specified type.
+//
+// By default, your bucket has no event notifications configured. That is, the
+// notification configuration will be an empty NotificationConfiguration.
+//
+//
+//
+//
+//
+// This operation replaces the existing notification configuration with the
+// configuration you include in the request body.
+//
+// After Amazon S3 receives this request, it first verifies that any Amazon
+// Simple Notification Service (Amazon SNS) or Amazon Simple Queue Service (Amazon
+// SQS) destination exists, and that the bucket owner has permission to publish
+// to it by sending a test notification. In the case of AWS Lambda destinations,
+// Amazon S3 verifies that the Lambda function permissions grant Amazon S3 permission
+// to invoke the function from the Amazon S3 bucket. For more information, see
+// Configuring Notifications for Amazon S3 Events (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html).
+//
+// You can disable notifications by adding the empty NotificationConfiguration
+// element.
+//
+// By default, only the bucket owner can configure notifications on a bucket.
+// However, bucket owners can use a bucket policy to grant permission to other
+// users to set this configuration with s3:PutBucketNotification permission.
+//
+// The PUT notification is an atomic operation. For example, suppose your notification
+// configuration includes SNS topic, SQS queue, and Lambda function configurations.
+// When you send a PUT request with this configuration, Amazon S3 sends test
+// messages to your SNS topic. If the message fails, the entire PUT operation
+// will fail, and Amazon S3 will not add the configuration to your bucket.
+//
+// Responses
+//
+// If the configuration in the request body includes only one TopicConfiguration
+// specifying only the s3:ReducedRedundancyLostObject event type, the response
+// will also include the x-amz-sns-test-message-id header containing the message
+// ID of the test notification sent to the topic.
+//
+// The following operation is related to PutBucketNotificationConfiguration:
+//
+// * GetBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5763,12 +7760,37 @@ func (c *S3) PutBucketPolicyRequest(input *PutBucketPolicyInput) (req *request.R
output = &PutBucketPolicyOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutBucketPolicy API operation for Amazon Simple Storage Service.
//
-// Applies an Amazon S3 bucket policy to an Amazon S3 bucket.
+// Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using
+// an identity other than the root user of the AWS account that owns the bucket,
+// the calling identity must have the PutBucketPolicy permissions on the specified
+// bucket and belong to the bucket owner's account in order to use this operation.
+//
+// If you don't have PutBucketPolicy permissions, Amazon S3 returns a 403 Access
+// Denied error. If you have the correct permissions, but you're not using an
+// identity that belongs to the bucket owner's account, Amazon S3 returns a
+// 405 Method Not Allowed error.
+//
+// As a security precaution, the root user of the AWS account that owns a bucket
+// can always use this operation, even if the policy explicitly denies the root
+// user the ability to perform this action.
+//
+// For more information about bucket policies, see Using Bucket Policies and
+// User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html).
+//
+// The following operations are related to PutBucketPolicy:
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
+//
+// * DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5838,15 +7860,74 @@ func (c *S3) PutBucketReplicationRequest(input *PutBucketReplicationInput) (req
output = &PutBucketReplicationOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutBucketReplication API operation for Amazon Simple Storage Service.
//
// Creates a replication configuration or replaces an existing one. For more
-// information, see Cross-Region Replication (CRR) (https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html)
+// information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html)
// in the Amazon S3 Developer Guide.
//
+// To perform this operation, the user or role performing the operation must
+// have the iam:PassRole (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html)
+// permission.
+//
+// Specify the replication configuration in the request body. In the replication
+// configuration, you provide the name of the destination bucket where you want
+// Amazon S3 to replicate objects, the IAM role that Amazon S3 can assume to
+// replicate objects on your behalf, and other relevant information.
+//
+// A replication configuration must include at least one rule, and can contain
+// a maximum of 1,000. Each rule identifies a subset of objects to replicate
+// by filtering the objects in the source bucket. To choose additional subsets
+// of objects to replicate, add a rule for each subset. All rules must specify
+// the same destination bucket.
+//
+// To specify a subset of the objects in the source bucket to apply a replication
+// rule to, add the Filter element as a child of the Rule element. You can filter
+// objects based on an object key prefix, one or more object tags, or both.
+// When you add the Filter element in the configuration, you must also add the
+// following elements: DeleteMarkerReplication, Status, and Priority.
+//
+// The latest version of the replication configuration XML is V2. XML V2 replication
+// configurations are those that contain the Filter element for rules, and rules
+// that specify S3 Replication Time Control (S3 RTC). In XML V2 replication
+// configurations, Amazon S3 doesn't replicate delete markers. Therefore, you
+// must set the DeleteMarkerReplication element to Disabled. For backward compatibility,
+// Amazon S3 continues to support the XML V1 replication configuration.
+//
+// For information about enabling versioning on a bucket, see Using Versioning
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html).
+//
+// By default, a resource owner, in this case the AWS account that created the
+// bucket, can perform this operation. The resource owner can also grant others
+// permissions to perform the operation. For more information about permissions,
+// see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// Handling Replication of Encrypted Objects
+//
+// By default, Amazon S3 doesn't replicate objects that are stored at rest using
+// server-side encryption with CMKs stored in AWS KMS. To replicate AWS KMS-encrypted
+// objects, add the following: SourceSelectionCriteria, SseKmsEncryptedObjects,
+// Status, EncryptionConfiguration, and ReplicaKmsKeyID. For information about
+// replication configuration, see Replicating Objects Created with SSE Using
+// CMKs stored in AWS KMS (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-config-for-kms-objects.html).
+//
+// For information on PutBucketReplication errors, see List of replication-related
+// error codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ReplicationErrorCodeList)
+//
+// The following operations are related to PutBucketReplication:
+//
+// * GetBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html)
+//
+// * DeleteBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketReplication.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -5915,6 +7996,10 @@ func (c *S3) PutBucketRequestPaymentRequest(input *PutBucketRequestPaymentInput)
output = &PutBucketRequestPaymentOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
@@ -5923,8 +8008,14 @@ func (c *S3) PutBucketRequestPaymentRequest(input *PutBucketRequestPaymentInput)
// Sets the request payment configuration for a bucket. By default, the bucket
// owner pays for downloads from the bucket. This configuration parameter enables
// the bucket owner (only) to specify that the person requesting the download
-// will be charged for the download. Documentation on requester pays buckets
-// can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html
+// will be charged for the download. For more information, see Requester Pays
+// Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html).
+//
+// The following operations are related to PutBucketRequestPayment:
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
+//
+// * GetBucketRequestPayment (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketRequestPayment.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -5994,6 +8085,10 @@ func (c *S3) PutBucketTaggingRequest(input *PutBucketTaggingInput) (req *request
output = &PutBucketTaggingOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
@@ -6001,6 +8096,47 @@ func (c *S3) PutBucketTaggingRequest(input *PutBucketTaggingInput) (req *request
//
// Sets the tags for a bucket.
//
+// Use tags to organize your AWS bill to reflect your own cost structure. To
+// do this, sign up to get your AWS account bill with tag key values included.
+// Then, to see the cost of combined resources, organize your billing information
+// according to resources with the same tag key values. For example, you can
+// tag several resources with a specific application name, and then organize
+// your billing information to see the total cost of that application across
+// several services. For more information, see Cost Allocation and Tagging (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html).
+//
+// Within a bucket, if you add a tag that has the same key as an existing tag,
+// the new value overwrites the old value. For more information, see Using Cost
+// Allocation in Amazon S3 Bucket Tags (https://docs.aws.amazon.com/AmazonS3/latest/dev/CostAllocTagging.html).
+//
+// To use this operation, you must have permissions to perform the s3:PutBucketTagging
+// action. The bucket owner has this permission by default and can grant this
+// permission to others. For more information about permissions, see Permissions
+// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
+//
+// PutBucketTagging has the following special errors:
+//
+// * Error code: InvalidTagError Description: The tag provided was not a
+// valid tag. This error can occur if the tag did not pass input validation.
+// For information about tag restrictions, see User-Defined Tag Restrictions
+// (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html)
+// and AWS-Generated Cost Allocation Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/aws-tag-restrictions.html).
+//
+// * Error code: MalformedXMLError Description: The XML provided does not
+// match the schema.
+//
+// * Error code: OperationAbortedError Description: A conflicting conditional
+// operation is currently in progress against this resource. Please try again.
+//
+// * Error code: InternalError Description: The service was unable to apply
+// the provided tag to the bucket.
+//
+// The following operations are related to PutBucketTagging:
+//
+// * GetBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html)
+//
+// * DeleteBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -6069,6 +8205,10 @@ func (c *S3) PutBucketVersioningRequest(input *PutBucketVersioningInput) (req *r
output = &PutBucketVersioningOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
@@ -6077,6 +8217,39 @@ func (c *S3) PutBucketVersioningRequest(input *PutBucketVersioningInput) (req *r
// Sets the versioning state of an existing bucket. To set the versioning state,
// you must be the bucket owner.
//
+// You can set the versioning state with one of the following values:
+//
+// Enabled—Enables versioning for the objects in the bucket. All objects added
+// to the bucket receive a unique version ID.
+//
+// Suspended—Disables versioning for the objects in the bucket. All objects
+// added to the bucket receive the version ID null.
+//
+// If the versioning state has never been set on a bucket, it has no versioning
+// state; a GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html)
+// request does not return a versioning state value.
+//
+// If the bucket owner enables MFA Delete in the bucket versioning configuration,
+// the bucket owner must include the x-amz-mfa request header and the Status
+// and the MfaDelete request elements in a request to set the versioning state
+// of the bucket.
+//
+// If you have an object expiration lifecycle policy in your non-versioned bucket
+// and you want to maintain the same permanent delete behavior when you enable
+// versioning, you must add a noncurrent expiration policy. The noncurrent expiration
+// lifecycle policy will manage the deletes of the noncurrent object versions
+// in the version-enabled bucket. (A version-enabled bucket maintains one current
+// and zero or more noncurrent object versions.) For more information, see Lifecycle
+// and Versioning (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-and-other-bucket-config).
+//
+// Related Resources
+//
+// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
+//
+// * DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)
+//
+// * GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -6145,12 +8318,81 @@ func (c *S3) PutBucketWebsiteRequest(input *PutBucketWebsiteInput) (req *request
output = &PutBucketWebsiteOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutBucketWebsite API operation for Amazon Simple Storage Service.
//
-// Set the website configuration for a bucket.
+// Sets the configuration of the website that is specified in the website subresource.
+// To configure a bucket as a website, you can add this subresource on the bucket
+// with website configuration information such as the file name of the index
+// document and any redirect rules. For more information, see Hosting Websites
+// on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html).
+//
+// This PUT operation requires the S3:PutBucketWebsite permission. By default,
+// only the bucket owner can configure the website attached to a bucket; however,
+// bucket owners can allow other users to set the website configuration by writing
+// a bucket policy that grants them the S3:PutBucketWebsite permission.
+//
+// To redirect all website requests sent to the bucket's website endpoint, you
+// add a website configuration with the following elements. Because all requests
+// are sent to another website, you don't need to provide index document name
+// for the bucket.
+//
+// * WebsiteConfiguration
+//
+// * RedirectAllRequestsTo
+//
+// * HostName
+//
+// * Protocol
+//
+// If you want granular control over redirects, you can use the following elements
+// to add routing rules that describe conditions for redirecting requests and
+// information about the redirect destination. In this case, the website configuration
+// must provide an index document for the bucket, because some requests might
+// not be redirected.
+//
+// * WebsiteConfiguration
+//
+// * IndexDocument
+//
+// * Suffix
+//
+// * ErrorDocument
+//
+// * Key
+//
+// * RoutingRules
+//
+// * RoutingRule
+//
+// * Condition
+//
+// * HttpErrorCodeReturnedEquals
+//
+// * KeyPrefixEquals
+//
+// * Redirect
+//
+// * Protocol
+//
+// * HostName
+//
+// * ReplaceKeyPrefixWith
+//
+// * ReplaceKeyWith
+//
+// * HttpRedirectCode
+//
+// Amazon S3 has a limitation of 50 routing rules per website configuration.
+// If you require more than 50 routing rules, you can use object redirect. For
+// more information, see Configuring an Object Redirect (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html)
+// in the Amazon Simple Storage Service Developer Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -6224,7 +8466,71 @@ func (c *S3) PutObjectRequest(input *PutObjectInput) (req *request.Request, outp
// PutObject API operation for Amazon Simple Storage Service.
//
-// Adds an object to a bucket.
+// Adds an object to a bucket. You must have WRITE permissions on a bucket to
+// add an object to it.
+//
+// Amazon S3 never adds partial objects; if you receive a success response,
+// Amazon S3 added the entire object to the bucket.
+//
+// Amazon S3 is a distributed system. If it receives multiple write requests
+// for the same object simultaneously, it overwrites all but the last object
+// written. Amazon S3 does not provide object locking; if you need this, make
+// sure to build it into your application layer or use versioning instead.
+//
+// To ensure that data is not corrupted traversing the network, use the Content-MD5
+// header. When you use this header, Amazon S3 checks the object against the
+// provided MD5 value and, if they do not match, returns an error. Additionally,
+// you can calculate the MD5 while putting an object to Amazon S3 and compare
+// the returned ETag to the calculated MD5 value.
+//
+// The Content-MD5 header is required for any request to upload an object with
+// a retention period configured using Amazon S3 Object Lock. For more information
+// about Amazon S3 Object Lock, see Amazon S3 Object Lock Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Server-side Encryption
+//
+// You can optionally request server-side encryption. With server-side encryption,
+// Amazon S3 encrypts your data as it writes it to disks in its data centers
+// and decrypts the data when you access it. You have the option to provide
+// your own encryption key or use AWS managed encryption keys. For more information,
+// see Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html).
+//
+// Access Control List (ACL)-Specific Request Headers
+//
+// You can use headers to grant ACL- based permissions. By default, all objects
+// are private. Only the owner has full access control. When adding a new object,
+// you can grant permissions to individual AWS accounts or to predefined groups
+// defined by Amazon S3. These permissions are then added to the ACL on the
+// object. For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html)
+// and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html).
+//
+// Storage Class Options
+//
+// By default, Amazon S3 uses the STANDARD storage class to store newly created
+// objects. The STANDARD storage class provides high durability and high availability.
+// Depending on performance needs, you can specify a different storage class.
+// For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html)
+// in the Amazon S3 Service Developer Guide.
+//
+// Versioning
+//
+// If you enable versioning for a bucket, Amazon S3 automatically generates
+// a unique version ID for the object being stored. Amazon S3 returns this ID
+// in the response. When you enable versioning for a bucket, if Amazon S3 receives
+// multiple write requests for the same object simultaneously, it stores all
+// of the objects.
+//
+// For more information about versioning, see Adding Objects to Versioning Enabled
+// Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html).
+// For information about returning the versioning state of a bucket, see GetBucketVersioning
+// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html).
+//
+// Related Resources
+//
+// * CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html)
+//
+// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -6293,13 +8599,97 @@ func (c *S3) PutObjectAclRequest(input *PutObjectAclInput) (req *request.Request
output = &PutObjectAclOutput{}
req = c.newRequest(op, input, output)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutObjectAcl API operation for Amazon Simple Storage Service.
//
-// uses the acl subresource to set the access control list (ACL) permissions
-// for an object that already exists in a bucket
+// Uses the acl subresource to set the access control list (ACL) permissions
+// for an object that already exists in a bucket. You must have WRITE_ACP permission
+// to set the ACL of an object.
+//
+// Depending on your application needs, you can choose to set the ACL on an
+// object using either the request body or the headers. For example, if you
+// have an existing application that updates a bucket ACL using the request
+// body, you can continue to use that approach. For more information, see Access
+// Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html)
+// in the Amazon S3 Developer Guide.
+//
+// Access Permissions
+//
+// You can set access permissions using one of the following methods:
+//
+// * Specify a canned ACL with the x-amz-acl request header. Amazon S3 supports
+// a set of predefined ACLs, known as canned ACLs. Each canned ACL has a
+// predefined set of grantees and permissions. Specify the canned ACL name
+// as the value of x-amz-acl. If you use this header, you cannot use other
+// access control-specific headers in your request. For more information,
+// see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).
+//
+// * Specify access permissions explicitly with the x-amz-grant-read, x-amz-grant-read-acp,
+// x-amz-grant-write-acp, and x-amz-grant-full-control headers. When using
+// these headers, you specify explicit access permissions and grantees (AWS
+// accounts or Amazon S3 groups) who will receive the permission. If you
+// use these ACL-specific headers, you cannot use x-amz-acl header to set
+// a canned ACL. These parameters map to the set of permissions that Amazon
+// S3 supports in an ACL. For more information, see Access Control List (ACL)
+// Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html).
+// You specify each grantee as a type=value pair, where the type is one of
+// the following: id – if the value specified is the canonical user ID
+// of an AWS account uri – if you are granting permissions to a predefined
+// group emailAddress – if the value specified is the email address of
+// an AWS account Using email addresses to specify a grantee is only supported
+// in the following AWS Regions: US East (N. Virginia) US West (N. California)
+// US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific
+// (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all
+// the Amazon S3 supported Regions and endpoints, see Regions and Endpoints
+// (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in
+// the AWS General Reference. For example, the following x-amz-grant-read
+// header grants list objects permission to the two AWS accounts identified
+// by their email addresses. x-amz-grant-read: emailAddress="xyz@amazon.com",
+// emailAddress="abc@amazon.com"
+//
+// You can use either a canned ACL or specify access permissions explicitly.
+// You cannot do both.
+//
+// Grantee Values
+//
+// You can specify the person (grantee) to whom you're assigning access rights
+// (using request elements) in the following ways:
+//
+// * By the person's ID: <>ID<><>GranteesEmail<>
+// DisplayName is optional and ignored in the request.
+//
+// * By URI: <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<>
+//
+// * By Email address: <>Grantees@email.com<>lt;/Grantee>
+// The grantee is resolved to the CanonicalUser and, in a response to a GET
+// Object acl request, appears as the CanonicalUser. Using email addresses
+// to specify a grantee is only supported in the following AWS Regions: US
+// East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific
+// (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland)
+// South America (São Paulo) For a list of all the Amazon S3 supported Regions
+// and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region)
+// in the AWS General Reference.
+//
+// Versioning
+//
+// The ACL of an object is set at the object version level. By default, PUT
+// sets the ACL of the current version of an object. To set the ACL of a different
+// version, use the versionId subresource.
+//
+// Related Resources
+//
+// * CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html)
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -6373,6 +8763,10 @@ func (c *S3) PutObjectLegalHoldRequest(input *PutObjectLegalHoldInput) (req *req
output = &PutObjectLegalHoldOutput{}
req = c.newRequest(op, input, output)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
@@ -6380,6 +8774,10 @@ func (c *S3) PutObjectLegalHoldRequest(input *PutObjectLegalHoldInput) (req *req
//
// Applies a Legal Hold configuration to the specified object.
//
+// Related Resources
+//
+// * Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -6447,15 +8845,26 @@ func (c *S3) PutObjectLockConfigurationRequest(input *PutObjectLockConfiguration
output = &PutObjectLockConfigurationOutput{}
req = c.newRequest(op, input, output)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutObjectLockConfiguration API operation for Amazon Simple Storage Service.
//
-// Places an object lock configuration on the specified bucket. The rule specified
-// in the object lock configuration will be applied by default to every new
+// Places an Object Lock configuration on the specified bucket. The rule specified
+// in the Object Lock configuration will be applied by default to every new
// object placed in the specified bucket.
//
+// DefaultRetention requires either Days or Years. You can't specify both at
+// the same time.
+//
+// Related Resources
+//
+// * Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -6523,6 +8932,10 @@ func (c *S3) PutObjectRetentionRequest(input *PutObjectRetentionInput) (req *req
output = &PutObjectRetentionOutput{}
req = c.newRequest(op, input, output)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
@@ -6530,6 +8943,10 @@ func (c *S3) PutObjectRetentionRequest(input *PutObjectRetentionInput) (req *req
//
// Places an Object Retention configuration on an object.
//
+// Related Resources
+//
+// * Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -6597,12 +9014,53 @@ func (c *S3) PutObjectTaggingRequest(input *PutObjectTaggingInput) (req *request
output = &PutObjectTaggingOutput{}
req = c.newRequest(op, input, output)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutObjectTagging API operation for Amazon Simple Storage Service.
//
-// Sets the supplied tag-set to an object that already exists in a bucket
+// Sets the supplied tag-set to an object that already exists in a bucket.
+//
+// A tag is a key-value pair. You can associate tags with an object by sending
+// a PUT request against the tagging subresource that is associated with the
+// object. You can retrieve tags by sending a GET request. For more information,
+// see GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html).
+//
+// For tagging-related restrictions related to characters and encodings, see
+// Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html).
+// Note that Amazon S3 limits the maximum number of tags to 10 tags per object.
+//
+// To use this operation, you must have permission to perform the s3:PutObjectTagging
+// action. By default, the bucket owner has this permission and can grant this
+// permission to others.
+//
+// To put tags of any other version, use the versionId query parameter. You
+// also need permission for the s3:PutObjectVersionTagging action.
+//
+// For information about the Amazon S3 object tagging feature, see Object Tagging
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html).
+//
+// Special Errors
+//
+// * Code: InvalidTagError Cause: The tag provided was not a valid tag. This
+// error can occur if the tag did not pass input validation. For more information,
+// see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html).
+//
+// * Code: MalformedXMLError Cause: The XML provided does not match the schema.
+//
+// * Code: OperationAbortedError Cause: A conflicting conditional operation
+// is currently in progress against this resource. Please try again.
+//
+// * Code: InternalError Cause: The service was unable to apply the provided
+// tag to the object.
+//
+// Related Resources
+//
+// * GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -6672,13 +9130,39 @@ func (c *S3) PutPublicAccessBlockRequest(input *PutPublicAccessBlockInput) (req
output = &PutPublicAccessBlockOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ req.Handlers.Build.PushBackNamed(request.NamedHandler{
+ Name: "contentMd5Handler",
+ Fn: checksum.AddBodyContentMD5Handler,
+ })
return
}
// PutPublicAccessBlock API operation for Amazon Simple Storage Service.
//
// Creates or modifies the PublicAccessBlock configuration for an Amazon S3
-// bucket.
+// bucket. To use this operation, you must have the s3:PutBucketPublicAccessBlock
+// permission. For more information about Amazon S3 permissions, see Specifying
+// Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html).
+//
+// When Amazon S3 evaluates the PublicAccessBlock configuration for a bucket
+// or an object, it checks the PublicAccessBlock configuration for both the
+// bucket (or the bucket that contains the object) and the bucket owner's account.
+// If the PublicAccessBlock configurations are different between the bucket
+// and the account, Amazon S3 uses the most restrictive combination of the bucket-level
+// and account-level settings.
+//
+// For more information about when Amazon S3 considers a bucket or an object
+// public, see The Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status).
+//
+// Related Resources
+//
+// * GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html)
+//
+// * DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html)
+//
+// * GetBucketPolicyStatus (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html)
+//
+// * Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -6754,6 +9238,192 @@ func (c *S3) RestoreObjectRequest(input *RestoreObjectInput) (req *request.Reque
//
// Restores an archived copy of an object back into Amazon S3
//
+// This operation performs the following types of requests:
+//
+// * select - Perform a select query on an archived object
+//
+// * restore an archive - Restore an archived object
+//
+// To use this operation, you must have permissions to perform the s3:RestoreObject
+// action. The bucket owner has this permission by default and can grant this
+// permission to others. For more information about permissions, see Permissions
+// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources)
+// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Querying Archives with Select Requests
+//
+// You use a select type of request to perform SQL queries on archived objects.
+// The archived objects that are being queried by the select request must be
+// formatted as uncompressed comma-separated values (CSV) files. You can run
+// queries and custom analytics on your archived data without having to restore
+// your data to a hotter Amazon S3 tier. For an overview about select requests,
+// see Querying Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/querying-glacier-archives.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// When making a select request, do the following:
+//
+// * Define an output location for the select query's output. This must be
+// an Amazon S3 bucket in the same AWS Region as the bucket that contains
+// the archive object that is being queried. The AWS account that initiates
+// the job must have permissions to write to the S3 bucket. You can specify
+// the storage class and encryption for the output objects stored in the
+// bucket. For more information about output, see Querying Archived Objects
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/querying-glacier-archives.html)
+// in the Amazon Simple Storage Service Developer Guide. For more information
+// about the S3 structure in the request body, see the following: PutObject
+// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) Managing
+// Access with ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html)
+// in the Amazon Simple Storage Service Developer Guide Protecting Data Using
+// Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html)
+// in the Amazon Simple Storage Service Developer Guide
+//
+// * Define the SQL expression for the SELECT type of restoration for your
+// query in the request body's SelectParameters structure. You can use expressions
+// like the following examples. The following expression returns all records
+// from the specified object. SELECT * FROM Object Assuming that you are
+// not using any headers for data stored in the object, you can specify columns
+// with positional headers. SELECT s._1, s._2 FROM Object s WHERE s._3 >
+// 100 If you have headers and you set the fileHeaderInfo in the CSV structure
+// in the request body to USE, you can specify headers in the query. (If
+// you set the fileHeaderInfo field to IGNORE, the first row is skipped for
+// the query.) You cannot mix ordinal positions with header column names.
+// SELECT s.Id, s.FirstName, s.SSN FROM S3Object s
+//
+// For more information about using SQL with S3 Glacier Select restore, see
+// SQL Reference for Amazon S3 Select and S3 Glacier Select (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// When making a select request, you can also do the following:
+//
+// * To expedite your queries, specify the Expedited tier. For more information
+// about tiers, see "Restoring Archives," later in this topic.
+//
+// * Specify details about the data serialization format of both the input
+// object that is being queried and the serialization of the CSV-encoded
+// query results.
+//
+// The following are additional important facts about the select feature:
+//
+// * The output results are new Amazon S3 objects. Unlike archive retrievals,
+// they are stored until explicitly deleted-manually or through a lifecycle
+// policy.
+//
+// * You can issue more than one select request on the same Amazon S3 object.
+// Amazon S3 doesn't deduplicate requests, so avoid issuing duplicate requests.
+//
+// * Amazon S3 accepts a select request even if the object has already been
+// restored. A select request doesn’t return error response 409.
+//
+// Restoring Archives
+//
+// Objects in the GLACIER and DEEP_ARCHIVE storage classes are archived. To
+// access an archived object, you must first initiate a restore request. This
+// restores a temporary copy of the archived object. In a restore request, you
+// specify the number of days that you want the restored copy to exist. After
+// the specified period, Amazon S3 deletes the temporary copy but the object
+// remains archived in the GLACIER or DEEP_ARCHIVE storage class that object
+// was restored from.
+//
+// To restore a specific object version, you can provide a version ID. If you
+// don't provide a version ID, Amazon S3 restores the current version.
+//
+// The time it takes restore jobs to finish depends on which storage class the
+// object is being restored from and which data access tier you specify.
+//
+// When restoring an archived object (or using a select request), you can specify
+// one of the following data access tier options in the Tier element of the
+// request body:
+//
+// * Expedited - Expedited retrievals allow you to quickly access your data
+// stored in the GLACIER storage class when occasional urgent requests for
+// a subset of archives are required. For all but the largest archived objects
+// (250 MB+), data accessed using Expedited retrievals are typically made
+// available within 1–5 minutes. Provisioned capacity ensures that retrieval
+// capacity for Expedited retrievals is available when you need it. Expedited
+// retrievals and provisioned capacity are not available for the DEEP_ARCHIVE
+// storage class.
+//
+// * Standard - S3 Standard retrievals allow you to access any of your archived
+// objects within several hours. This is the default option for the GLACIER
+// and DEEP_ARCHIVE retrieval requests that do not specify the retrieval
+// option. S3 Standard retrievals typically complete within 3-5 hours from
+// the GLACIER storage class and typically complete within 12 hours from
+// the DEEP_ARCHIVE storage class.
+//
+// * Bulk - Bulk retrievals are Amazon S3 Glacier’s lowest-cost retrieval
+// option, enabling you to retrieve large amounts, even petabytes, of data
+// inexpensively in a day. Bulk retrievals typically complete within 5-12
+// hours from the GLACIER storage class and typically complete within 48
+// hours from the DEEP_ARCHIVE storage class.
+//
+// For more information about archive retrieval options and provisioned capacity
+// for Expedited data access, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// You can use Amazon S3 restore speed upgrade to change the restore speed to
+// a faster speed while it is in progress. You upgrade the speed of an in-progress
+// restoration by issuing another restore request to the same object, setting
+// a new Tier request element. When issuing a request to upgrade the restore
+// tier, you must choose a tier that is faster than the tier that the in-progress
+// restore is using. You must not change any other parameters, such as the Days
+// request element. For more information, see Upgrading the Speed of an In-Progress
+// Restore (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html#restoring-objects-upgrade-tier.title.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// To get the status of object restoration, you can send a HEAD request. Operations
+// return the x-amz-restore header, which provides information about the restoration
+// status, in the response. You can use Amazon S3 event notifications to notify
+// you when a restore is initiated or completed. For more information, see Configuring
+// Amazon S3 Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// After restoring an archived object, you can update the restoration period
+// by reissuing the request with a new period. Amazon S3 updates the restoration
+// period relative to the current time and charges only for the request-there
+// are no data transfer charges. You cannot update the restoration period when
+// Amazon S3 is actively processing your current restore request for the object.
+//
+// If your bucket has a lifecycle configuration with a rule that includes an
+// expiration action, the object expiration overrides the life span that you
+// specify in a restore request. For example, if you restore an object copy
+// for 10 days, but the object is scheduled to expire in 3 days, Amazon S3 deletes
+// the object in 3 days. For more information about lifecycle configuration,
+// see PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)
+// and Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html)
+// in Amazon Simple Storage Service Developer Guide.
+//
+// Responses
+//
+// A successful operation returns either the 200 OK or 202 Accepted status code.
+//
+// * If the object copy is not previously restored, then Amazon S3 returns
+// 202 Accepted in the response.
+//
+// * If the object copy is previously restored, Amazon S3 returns 200 OK
+// in the response.
+//
+// Special Errors
+//
+// * Code: RestoreAlreadyInProgress Cause: Object restore is already in progress.
+// (This error does not apply to SELECT type requests.) HTTP Status Code:
+// 409 Conflict SOAP Fault Code Prefix: Client
+//
+// * Code: GlacierExpeditedRetrievalNotAvailable Cause: S3 Glacier expedited
+// retrievals are currently not available. Try again later. (Returned if
+// there is insufficient capacity to process the Expedited request. This
+// error applies only to Expedited retrievals and not to S3 Standard or Bulk
+// retrievals.) HTTP Status Code: 503 SOAP Fault Code Prefix: N/A
+//
+// Related Resources
+//
+// * PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)
+//
+// * GetBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html)
+//
+// * SQL Reference for Amazon S3 Select and S3 Glacier Select (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference.html)
+// in the Amazon Simple Storage Service Developer Guide
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -6763,7 +9433,7 @@ func (c *S3) RestoreObjectRequest(input *RestoreObjectInput) (req *request.Reque
//
// Returned Error Codes:
// * ErrCodeObjectAlreadyInActiveTierError "ObjectAlreadyInActiveTierError"
-// This operation is not allowed against this storage tier
+// This operation is not allowed against this storage tier.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/RestoreObject
func (c *S3) RestoreObject(input *RestoreObjectInput) (*RestoreObjectOutput, error) {
@@ -6826,20 +9496,106 @@ func (c *S3) SelectObjectContentRequest(input *SelectObjectContentInput) (req *r
output = &SelectObjectContentOutput{}
req = c.newRequest(op, input, output)
+
+ es := newSelectObjectContentEventStream()
+ req.Handlers.Unmarshal.PushBack(es.setStreamCloser)
+ output.EventStream = es
+
req.Handlers.Send.Swap(client.LogHTTPResponseHandler.Name, client.LogHTTPResponseHeaderHandler)
req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, rest.UnmarshalHandler)
- req.Handlers.Unmarshal.PushBack(output.runEventStreamLoop)
+ req.Handlers.Unmarshal.PushBack(es.runOutputStream)
+ req.Handlers.Unmarshal.PushBack(es.runOnStreamPartClose)
return
}
// SelectObjectContent API operation for Amazon Simple Storage Service.
//
// This operation filters the contents of an Amazon S3 object based on a simple
-// Structured Query Language (SQL) statement. In the request, along with the
-// SQL expression, you must also specify a data serialization format (JSON or
-// CSV) of the object. Amazon S3 uses this to parse object data into records,
-// and returns only records that match the specified SQL expression. You must
-// also specify the data serialization format for the response.
+// structured query language (SQL) statement. In the request, along with the
+// SQL expression, you must also specify a data serialization format (JSON,
+// CSV, or Apache Parquet) of the object. Amazon S3 uses this format to parse
+// object data into records, and returns only records that match the specified
+// SQL expression. You must also specify the data serialization format for the
+// response.
+//
+// For more information about Amazon S3 Select, see Selecting Content from Objects
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/selecting-content-from-objects.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// For more information about using SQL with Amazon S3 Select, see SQL Reference
+// for Amazon S3 Select and S3 Glacier Select (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Permissions
+//
+// You must have s3:GetObject permission for this operation. Amazon S3 Select
+// does not support anonymous access. For more information about permissions,
+// see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Object Data Formats
+//
+// You can use Amazon S3 Select to query objects that have the following format
+// properties:
+//
+// * CSV, JSON, and Parquet - Objects must be in CSV, JSON, or Parquet format.
+//
+// * UTF-8 - UTF-8 is the only encoding type Amazon S3 Select supports.
+//
+// * GZIP or BZIP2 - CSV and JSON files can be compressed using GZIP or BZIP2.
+// GZIP and BZIP2 are the only compression formats that Amazon S3 Select
+// supports for CSV and JSON files. Amazon S3 Select supports columnar compression
+// for Parquet using GZIP or Snappy. Amazon S3 Select does not support whole-object
+// compression for Parquet objects.
+//
+// * Server-side encryption - Amazon S3 Select supports querying objects
+// that are protected with server-side encryption. For objects that are encrypted
+// with customer-provided encryption keys (SSE-C), you must use HTTPS, and
+// you must use the headers that are documented in the GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html).
+// For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided
+// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html)
+// in the Amazon Simple Storage Service Developer Guide. For objects that
+// are encrypted with Amazon S3 managed encryption keys (SSE-S3) and customer
+// master keys (CMKs) stored in AWS Key Management Service (SSE-KMS), server-side
+// encryption is handled transparently, so you don't need to specify anything.
+// For more information about server-side encryption, including SSE-S3 and
+// SSE-KMS, see Protecting Data Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Working with the Response Body
+//
+// Given the response size is unknown, Amazon S3 Select streams the response
+// as a series of messages and includes a Transfer-Encoding header with chunked
+// as its value in the response. For more information, see Appendix: SelectObjectContent
+// Response (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTSelectObjectAppendix.html) .
+//
+// GetObject Support
+//
+// The SelectObjectContent operation does not support the following GetObject
+// functionality. For more information, see GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html).
+//
+// * Range: Although you can specify a scan range for an Amazon S3 Select
+// request (see SelectObjectContentRequest - ScanRange (https://docs.aws.amazon.com/AmazonS3/latest/API/API_SelectObjectContent.html#AmazonS3-SelectObjectContent-request-ScanRange)
+// in the request parameters), you cannot specify the range of bytes of an
+// object to return.
+//
+// * GLACIER, DEEP_ARCHIVE and REDUCED_REDUNDANCY storage classes: You cannot
+// specify the GLACIER, DEEP_ARCHIVE, or REDUCED_REDUNDANCY storage classes.
+// For more information, about storage classes see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#storage-class-intro)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Special Errors
+//
+// For a list of special errors for this operation, see List of SELECT Object
+// Content Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#SelectObjectContentErrorCodeList)
+//
+// Related Resources
+//
+// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
+//
+// * GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html)
+//
+// * PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -6869,38 +9625,182 @@ func (c *S3) SelectObjectContentWithContext(ctx aws.Context, input *SelectObject
return out, req.Send()
}
-const opUploadPart = "UploadPart"
+var _ awserr.Error
-// UploadPartRequest generates a "aws/request.Request" representing the
-// client's request for the UploadPart operation. The "output" return
-// value will be populated with the request's response once the request completes
-// successfully.
-//
-// Use "Send" method on the returned Request to send the API call to the service.
-// the "output" return value is not valid until after Send returns without error.
-//
-// See UploadPart for more information on using the UploadPart
-// API call, and error handling.
-//
-// This method is useful when you want to inject custom logic or configuration
-// into the SDK's request lifecycle. Such as custom headers, or retry logic.
-//
-//
-// // Example sending a request using the UploadPartRequest method.
-// req, resp := client.UploadPartRequest(params)
-//
-// err := req.Send()
-// if err == nil { // resp is now filled
-// fmt.Println(resp)
-// }
-//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/UploadPart
-func (c *S3) UploadPartRequest(input *UploadPartInput) (req *request.Request, output *UploadPartOutput) {
- op := &request.Operation{
- Name: opUploadPart,
- HTTPMethod: "PUT",
- HTTPPath: "/{Bucket}/{Key+}",
- }
+// SelectObjectContentEventStream provides the event stream handling for the SelectObjectContent.
+type SelectObjectContentEventStream struct {
+
+ // Reader is the EventStream reader for the SelectObjectContentEventStream
+ // events. This value is automatically set by the SDK when the API call is made
+ // Use this member when unit testing your code with the SDK to mock out the
+ // EventStream Reader.
+ //
+ // Must not be nil.
+ Reader SelectObjectContentEventStreamReader
+
+ outputReader io.ReadCloser
+
+ // StreamCloser is the io.Closer for the EventStream connection. For HTTP
+ // EventStream this is the response Body. The stream will be closed when
+ // the Close method of the EventStream is called.
+ StreamCloser io.Closer
+
+ done chan struct{}
+ closeOnce sync.Once
+ err *eventstreamapi.OnceError
+}
+
+func newSelectObjectContentEventStream() *SelectObjectContentEventStream {
+ return &SelectObjectContentEventStream{
+ done: make(chan struct{}),
+ err: eventstreamapi.NewOnceError(),
+ }
+}
+
+func (es *SelectObjectContentEventStream) setStreamCloser(r *request.Request) {
+ es.StreamCloser = r.HTTPResponse.Body
+}
+
+func (es *SelectObjectContentEventStream) runOnStreamPartClose(r *request.Request) {
+ if es.done == nil {
+ return
+ }
+ go es.waitStreamPartClose()
+
+}
+
+func (es *SelectObjectContentEventStream) waitStreamPartClose() {
+ var outputErrCh <-chan struct{}
+ if v, ok := es.Reader.(interface{ ErrorSet() <-chan struct{} }); ok {
+ outputErrCh = v.ErrorSet()
+ }
+ var outputClosedCh <-chan struct{}
+ if v, ok := es.Reader.(interface{ Closed() <-chan struct{} }); ok {
+ outputClosedCh = v.Closed()
+ }
+
+ select {
+ case <-es.done:
+ case <-outputErrCh:
+ es.err.SetError(es.Reader.Err())
+ es.Close()
+ case <-outputClosedCh:
+ if err := es.Reader.Err(); err != nil {
+ es.err.SetError(es.Reader.Err())
+ }
+ es.Close()
+ }
+}
+
+// Events returns a channel to read events from.
+//
+// These events are:
+//
+// * ContinuationEvent
+// * EndEvent
+// * ProgressEvent
+// * RecordsEvent
+// * StatsEvent
+// * SelectObjectContentEventStreamUnknownEvent
+func (es *SelectObjectContentEventStream) Events() <-chan SelectObjectContentEventStreamEvent {
+ return es.Reader.Events()
+}
+
+func (es *SelectObjectContentEventStream) runOutputStream(r *request.Request) {
+ var opts []func(*eventstream.Decoder)
+ if r.Config.Logger != nil && r.Config.LogLevel.Matches(aws.LogDebugWithEventStreamBody) {
+ opts = append(opts, eventstream.DecodeWithLogger(r.Config.Logger))
+ }
+
+ unmarshalerForEvent := unmarshalerForSelectObjectContentEventStreamEvent{
+ metadata: protocol.ResponseMetadata{
+ StatusCode: r.HTTPResponse.StatusCode,
+ RequestID: r.RequestID,
+ },
+ }.UnmarshalerForEventName
+
+ decoder := eventstream.NewDecoder(r.HTTPResponse.Body, opts...)
+ eventReader := eventstreamapi.NewEventReader(decoder,
+ protocol.HandlerPayloadUnmarshal{
+ Unmarshalers: r.Handlers.UnmarshalStream,
+ },
+ unmarshalerForEvent,
+ )
+
+ es.outputReader = r.HTTPResponse.Body
+ es.Reader = newReadSelectObjectContentEventStream(eventReader)
+}
+
+// Close closes the stream. This will also cause the stream to be closed.
+// Close must be called when done using the stream API. Not calling Close
+// may result in resource leaks.
+//
+// You can use the closing of the Reader's Events channel to terminate your
+// application's read from the API's stream.
+//
+func (es *SelectObjectContentEventStream) Close() (err error) {
+ es.closeOnce.Do(es.safeClose)
+ return es.Err()
+}
+
+func (es *SelectObjectContentEventStream) safeClose() {
+ if es.done != nil {
+ close(es.done)
+ }
+
+ es.Reader.Close()
+ if es.outputReader != nil {
+ es.outputReader.Close()
+ }
+
+ es.StreamCloser.Close()
+}
+
+// Err returns any error that occurred while reading or writing EventStream
+// Events from the service API's response. Returns nil if there were no errors.
+func (es *SelectObjectContentEventStream) Err() error {
+ if err := es.err.Err(); err != nil {
+ return err
+ }
+ if err := es.Reader.Err(); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+const opUploadPart = "UploadPart"
+
+// UploadPartRequest generates a "aws/request.Request" representing the
+// client's request for the UploadPart operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See UploadPart for more information on using the UploadPart
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the UploadPartRequest method.
+// req, resp := client.UploadPartRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/UploadPart
+func (c *S3) UploadPartRequest(input *UploadPartInput) (req *request.Request, output *UploadPartOutput) {
+ op := &request.Operation{
+ Name: opUploadPart,
+ HTTPMethod: "PUT",
+ HTTPPath: "/{Bucket}/{Key+}",
+ }
if input == nil {
input = &UploadPartInput{}
@@ -6915,12 +9815,88 @@ func (c *S3) UploadPartRequest(input *UploadPartInput) (req *request.Request, ou
//
// Uploads a part in a multipart upload.
//
+// In this operation, you provide part data in your request. However, you have
+// an option to specify your existing Amazon S3 object as a data source for
+// the part you are uploading. To upload a part from an existing object, you
+// use the UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html)
+// operation.
+//
+// You must initiate a multipart upload (see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html))
+// before you can upload any part. In response to your initiate request, Amazon
+// S3 returns an upload ID, a unique identifier, that you must include in your
+// upload part request.
+//
+// Part numbers can be any number from 1 to 10,000, inclusive. A part number
+// uniquely identifies a part and also defines its position within the object
+// being created. If you upload a new part using the same part number that was
+// used with a previous part, the previously uploaded part is overwritten. Each
+// part must be at least 5 MB in size, except the last part. There is no size
+// limit on the last part of your multipart upload.
+//
+// To ensure that data is not corrupted when traversing the network, specify
+// the Content-MD5 header in the upload part request. Amazon S3 checks the part
+// data against the provided MD5 value. If they do not match, Amazon S3 returns
+// an error.
+//
// Note: After you initiate multipart upload and upload one or more parts, you
// must either complete or abort multipart upload in order to stop getting charged
// for storage of the uploaded parts. Only after you either complete or abort
// multipart upload, Amazon S3 frees up the parts storage and stops charging
// you for the parts storage.
//
+// For more information on multipart uploads, go to Multipart Upload Overview
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in the
+// Amazon Simple Storage Service Developer Guide .
+//
+// For information on the permissions required to use the multipart upload API,
+// go to Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// You can optionally request server-side encryption where Amazon S3 encrypts
+// your data as it writes it to disks in its data centers and decrypts it for
+// you when you access it. You have the option of providing your own encryption
+// key, or you can use the AWS managed encryption keys. If you choose to provide
+// your own encryption key, the request headers you provide in the request must
+// match the headers you used in the request to initiate the upload by using
+// CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html).
+// For more information, go to Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Server-side encryption is supported by the S3 Multipart Upload actions. Unless
+// you are using a customer-provided encryption key, you don't need to specify
+// the encryption parameters in each UploadPart request. Instead, you only need
+// to specify the server-side encryption parameters in the initial Initiate
+// Multipart request. For more information, see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html).
+//
+// If you requested server-side encryption using a customer-provided encryption
+// key in your initiate multipart upload request, you must provide identical
+// encryption information in each part upload using the following headers.
+//
+// * x-amz-server-side-encryption-customer-algorithm
+//
+// * x-amz-server-side-encryption-customer-key
+//
+// * x-amz-server-side-encryption-customer-key-MD5
+//
+// Special Errors
+//
+// * Code: NoSuchUpload Cause: The specified multipart upload does not exist.
+// The upload ID might be invalid, or the multipart upload might have been
+// aborted or completed. HTTP Status Code: 404 Not Found SOAP Fault Code
+// Prefix: Client
+//
+// Related Resources
+//
+// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)
+//
+// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html)
+//
+// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html)
+//
+// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html)
+//
+// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html)
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -6993,7 +9969,95 @@ func (c *S3) UploadPartCopyRequest(input *UploadPartCopyInput) (req *request.Req
// UploadPartCopy API operation for Amazon Simple Storage Service.
//
-// Uploads a part by copying data from an existing object as data source.
+// Uploads a part by copying data from an existing object as data source. You
+// specify the data source by adding the request header x-amz-copy-source in
+// your request and a byte range by adding the request header x-amz-copy-source-range
+// in your request.
+//
+// The minimum allowable part size for a multipart upload is 5 MB. For more
+// information about multipart upload limits, go to Quick Facts (https://docs.aws.amazon.com/AmazonS3/latest/dev/qfacts.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// Instead of using an existing object as part data, you might use the UploadPart
+// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) operation
+// and provide data in your request.
+//
+// You must initiate a multipart upload before you can upload any part. In response
+// to your initiate request. Amazon S3 returns a unique identifier, the upload
+// ID, that you must include in your upload part request.
+//
+// For more information about using the UploadPartCopy operation, see the following:
+//
+// * For conceptual information about multipart uploads, see Uploading Objects
+// Using Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// * For information about permissions required to use the multipart upload
+// API, see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// * For information about copying objects using a single atomic operation
+// vs. the multipart upload, see Operations on Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectOperations.html)
+// in the Amazon Simple Storage Service Developer Guide.
+//
+// * For information about using server-side encryption with customer-provided
+// encryption keys with the UploadPartCopy operation, see CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html)
+// and UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html).
+//
+// Note the following additional considerations about the request headers x-amz-copy-source-if-match,
+// x-amz-copy-source-if-none-match, x-amz-copy-source-if-unmodified-since, and
+// x-amz-copy-source-if-modified-since:
+//
+// * Consideration 1 - If both of the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since
+// headers are present in the request as follows: x-amz-copy-source-if-match
+// condition evaluates to true, and; x-amz-copy-source-if-unmodified-since
+// condition evaluates to false; Amazon S3 returns 200 OK and copies the
+// data.
+//
+// * Consideration 2 - If both of the x-amz-copy-source-if-none-match and
+// x-amz-copy-source-if-modified-since headers are present in the request
+// as follows: x-amz-copy-source-if-none-match condition evaluates to false,
+// and; x-amz-copy-source-if-modified-since condition evaluates to true;
+// Amazon S3 returns 412 Precondition Failed response code.
+//
+// Versioning
+//
+// If your bucket has versioning enabled, you could have multiple versions of
+// the same object. By default, x-amz-copy-source identifies the current version
+// of the object to copy. If the current version is a delete marker and you
+// don't specify a versionId in the x-amz-copy-source, Amazon S3 returns a 404
+// error, because the object does not exist. If you specify versionId in the
+// x-amz-copy-source and the versionId is a delete marker, Amazon S3 returns
+// an HTTP 400 error, because you are not allowed to specify a delete marker
+// as a version for the x-amz-copy-source.
+//
+// You can optionally specify a specific version of the source object to copy
+// by adding the versionId subresource as shown in the following example:
+//
+// x-amz-copy-source: /bucket/object?versionId=version id
+//
+// Special Errors
+//
+// * Code: NoSuchUpload Cause: The specified multipart upload does not exist.
+// The upload ID might be invalid, or the multipart upload might have been
+// aborted or completed. HTTP Status Code: 404 Not Found
+//
+// * Code: InvalidRequest Cause: The specified copy source is not supported
+// as a byte-range copy source. HTTP Status Code: 400 Bad Request
+//
+// Related Resources
+//
+// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)
+//
+// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)
+//
+// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html)
+//
+// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html)
+//
+// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html)
+//
+// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -7055,7 +10119,14 @@ func (s *AbortIncompleteMultipartUpload) SetDaysAfterInitiation(v int64) *AbortI
type AbortMultipartUploadInput struct {
_ struct{} `locationName:"AbortMultipartUploadRequest" type:"structure"`
- // Name of the bucket to which the multipart upload was initiated.
+ // The bucket name to which the upload was taking place.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
//
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -7065,10 +10136,11 @@ type AbortMultipartUploadInput struct {
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// Upload ID that identifies the multipart upload.
@@ -7143,6 +10215,20 @@ func (s *AbortMultipartUploadInput) SetUploadId(v string) *AbortMultipartUploadI
return s
}
+func (s *AbortMultipartUploadInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *AbortMultipartUploadInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type AbortMultipartUploadOutput struct {
_ struct{} `type:"structure"`
@@ -7345,9 +10431,6 @@ func (s *AnalyticsAndOperator) SetTags(v []*Tag) *AnalyticsAndOperator {
// Specifies the configuration and any analyses for the analytics filter of
// an Amazon S3 bucket.
-//
-// For more information, see GET Bucket analytics (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETAnalyticsConfig.html)
-// in the Amazon Simple Storage Service API Reference.
type AnalyticsConfiguration struct {
_ struct{} `type:"structure"`
@@ -7466,6 +10549,9 @@ func (s *AnalyticsExportDestination) SetS3BucketDestination(v *AnalyticsS3Bucket
return s
}
+// The filter used to describe a set of objects for analyses. A filter must
+// have exactly one prefix, one tag, or one conjunction (AnalyticsAndOperator).
+// If no filter is provided, all objects will be considered in any analysis.
type AnalyticsFilter struct {
_ struct{} `type:"structure"`
@@ -7528,6 +10614,7 @@ func (s *AnalyticsFilter) SetTag(v *Tag) *AnalyticsFilter {
return s
}
+// Contains information about where to publish the analytics results.
type AnalyticsS3BucketDestination struct {
_ struct{} `type:"structure"`
@@ -7536,8 +10623,11 @@ type AnalyticsS3BucketDestination struct {
// Bucket is a required field
Bucket *string `type:"string" required:"true"`
- // The account ID that owns the destination bucket. If no account ID is provided,
- // the owner will not be validated prior to exporting data.
+ // The account ID that owns the destination S3 bucket. If no account ID is provided,
+ // the owner is not validated before exporting data.
+ //
+ // Although this value is optional, we strongly recommend that you set it to
+ // help prevent problems if the destination bucket ownership changes.
BucketAccountId *string `type:"string"`
// Specifies the file format used when exporting data to Amazon S3.
@@ -7606,6 +10696,8 @@ func (s *AnalyticsS3BucketDestination) SetPrefix(v string) *AnalyticsS3BucketDes
return s
}
+// In terms of implementation, a Bucket is a resource. An Amazon S3 bucket name
+// is globally unique, and the namespace is shared by all AWS accounts.
type Bucket struct {
_ struct{} `type:"structure"`
@@ -7689,6 +10781,7 @@ func (s *BucketLifecycleConfiguration) SetRules(v []*LifecycleRule) *BucketLifec
return s
}
+// Container for logging status information.
type BucketLoggingStatus struct {
_ struct{} `type:"structure"`
@@ -7737,7 +10830,8 @@ func (s *BucketLoggingStatus) SetLoggingEnabled(v *LoggingEnabled) *BucketLoggin
type CORSConfiguration struct {
_ struct{} `type:"structure"`
- // A set of allowed origins and methods.
+ // A set of origins and methods (cross-origin access that you want to allow).
+ // You can add up to 100 rules to the configuration.
//
// CORSRules is a required field
CORSRules []*CORSRule `locationName:"CORSRule" type:"list" flattened:"true" required:"true"`
@@ -7869,7 +10963,8 @@ func (s *CORSRule) SetMaxAgeSeconds(v int64) *CORSRule {
return s
}
-// Describes how a CSV-formatted input object is formatted.
+// Describes how an uncompressed comma-separated values (CSV)-formatted input
+// object is formatted.
type CSVInput struct {
_ struct{} `type:"structure"`
@@ -7878,24 +10973,45 @@ type CSVInput struct {
// to TRUE may lower performance.
AllowQuotedRecordDelimiter *bool `type:"boolean"`
- // The single character used to indicate a row should be ignored when present
- // at the start of a row.
+ // A single character used to indicate that a row should be ignored when the
+ // character is present at the start of that row. You can specify any character
+ // to indicate a comment line.
Comments *string `type:"string"`
- // The value used to separate individual fields in a record.
+ // A single character used to separate individual fields in a record. You can
+ // specify an arbitrary delimiter.
FieldDelimiter *string `type:"string"`
- // Describes the first line of input. Valid values: None, Ignore, Use.
+ // Describes the first line of input. Valid values are:
+ //
+ // * NONE: First line is not a header.
+ //
+ // * IGNORE: First line is a header, but you can't use the header values
+ // to indicate the column in an expression. You can use column position (such
+ // as _1, _2, …) to indicate the column (SELECT s._1 FROM OBJECT s).
+ //
+ // * Use: First line is a header, and you can use the header value to identify
+ // a column in an expression (SELECT "name" FROM OBJECT).
FileHeaderInfo *string `type:"string" enum:"FileHeaderInfo"`
- // Value used for escaping where the field delimiter is part of the value.
+ // A single character used for escaping when the field delimiter is part of
+ // the value. For example, if the value is a, b, Amazon S3 wraps this field
+ // value in quotation marks, as follows: " a , b ".
+ //
+ // Type: String
+ //
+ // Default: "
+ //
+ // Ancestors: CSV
QuoteCharacter *string `type:"string"`
- // The single character used for escaping the quote character inside an already
- // escaped value.
+ // A single character used for escaping the quotation mark character inside
+ // an already escaped value. For example, the value """ a , b """ is parsed
+ // as " a , b ".
QuoteEscapeCharacter *string `type:"string"`
- // The value used to separate individual records.
+ // A single character used to separate individual records in the input. Instead
+ // of the default value, you can specify an arbitrary delimiter.
RecordDelimiter *string `type:"string"`
}
@@ -7951,24 +11067,33 @@ func (s *CSVInput) SetRecordDelimiter(v string) *CSVInput {
return s
}
-// Describes how CSV-formatted results are formatted.
+// Describes how uncompressed comma-separated values (CSV)-formatted results
+// are formatted.
type CSVOutput struct {
_ struct{} `type:"structure"`
- // The value used to separate individual fields in a record.
+ // The value used to separate individual fields in a record. You can specify
+ // an arbitrary delimiter.
FieldDelimiter *string `type:"string"`
- // The value used for escaping where the field delimiter is part of the value.
+ // A single character used for escaping when the field delimiter is part of
+ // the value. For example, if the value is a, b, Amazon S3 wraps this field
+ // value in quotation marks, as follows: " a , b ".
QuoteCharacter *string `type:"string"`
- // Th single character used for escaping the quote character inside an already
+ // The single character used for escaping the quote character inside an already
// escaped value.
QuoteEscapeCharacter *string `type:"string"`
- // Indicates whether or not all output fields should be quoted.
+ // Indicates whether to use quotation marks around output fields.
+ //
+ // * ALWAYS: Always use quotation marks for output fields.
+ //
+ // * ASNEEDED: Use quotation marks for output fields when needed.
QuoteFields *string `type:"string" enum:"QuoteFields"`
- // The value used to separate individual records.
+ // A single character used to separate individual records in the output. Instead
+ // of the default value, you can specify an arbitrary delimiter.
RecordDelimiter *string `type:"string"`
}
@@ -8012,9 +11137,12 @@ func (s *CSVOutput) SetRecordDelimiter(v string) *CSVOutput {
return s
}
+// Container for specifying the AWS Lambda notification configuration.
type CloudFunctionConfiguration struct {
_ struct{} `type:"structure"`
+ // Lambda cloud function ARN that Amazon S3 can invoke when it detects events
+ // of the specified type.
CloudFunction *string `type:"string"`
// The bucket event for which to send notifications.
@@ -8022,12 +11150,14 @@ type CloudFunctionConfiguration struct {
// Deprecated: Event has been deprecated
Event *string `deprecated:"true" type:"string" enum:"Event"`
+ // Bucket events for which to send notifications.
Events []*string `locationName:"Event" type:"list" flattened:"true"`
// An optional unique identifier for configurations in a notification configuration.
// If you don't provide one, Amazon S3 will assign an ID.
Id *string `type:"string"`
+ // The role supporting the invocation of the Lambda function
InvocationRole *string `type:"string"`
}
@@ -8071,9 +11201,15 @@ func (s *CloudFunctionConfiguration) SetInvocationRole(v string) *CloudFunctionC
return s
}
+// Container for all (if there are any) keys between Prefix and the next occurrence
+// of the string specified by a delimiter. CommonPrefixes lists keys that act
+// like subdirectories in the directory specified by Prefix. For example, if
+// the prefix is notes/ and the delimiter is a slash (/) as in notes/summer/july,
+// the common prefix is notes/summer/.
type CommonPrefix struct {
_ struct{} `type:"structure"`
+ // Container for the specified common prefix.
Prefix *string `type:"string"`
}
@@ -8096,20 +11232,28 @@ func (s *CommonPrefix) SetPrefix(v string) *CommonPrefix {
type CompleteMultipartUploadInput struct {
_ struct{} `locationName:"CompleteMultipartUploadRequest" type:"structure" payload:"MultipartUpload"`
+ // Name of the bucket to which the multipart upload was initiated.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // Object key for which the multipart upload was initiated.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
+ // The container for the multipart upload request information.
MultipartUpload *CompletedMultipartUpload `locationName:"CompleteMultipartUpload" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
+ // ID for the initiated multipart upload.
+ //
// UploadId is a required field
UploadId *string `location:"querystring" locationName:"uploadId" type:"string" required:"true"`
}
@@ -8186,35 +11330,61 @@ func (s *CompleteMultipartUploadInput) SetUploadId(v string) *CompleteMultipartU
return s
}
+func (s *CompleteMultipartUploadInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *CompleteMultipartUploadInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type CompleteMultipartUploadOutput struct {
_ struct{} `type:"structure"`
+ // The name of the bucket that contains the newly created object.
Bucket *string `type:"string"`
- // Entity tag of the object.
+ // Entity tag that identifies the newly created object's data. Objects with
+ // different object data will have different entity tags. The entity tag is
+ // an opaque string. The entity tag may or may not be an MD5 digest of the object
+ // data. If the entity tag is not an MD5 digest of the object data, it will
+ // contain one or more nonhexadecimal characters and/or will consist of less
+ // than 32 or more than 32 hexadecimal digits.
ETag *string `type:"string"`
// If the object expiration is configured, this will contain the expiration
// date (expiry-date) and rule ID (rule-id). The value of rule-id is URL encoded.
Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"`
+ // The object key of the newly created object.
Key *string `min:"1" type:"string"`
+ // The URI that identifies the newly created object.
Location *string `type:"string"`
// If present, indicates that the requester was successfully charged for the
// request.
RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"`
- // If present, specifies the ID of the AWS Key Management Service (KMS) master
- // encryption key that was used for the object.
+ // If present, specifies the ID of the AWS Key Management Service (AWS KMS)
+ // symmetric customer managed customer master key (CMK) that was used for the
+ // object.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // If you specified server-side encryption either with an Amazon S3-managed
+ // encryption key or an AWS KMS customer master key (CMK) in your initiate multipart
+ // upload request, the response includes this header. It confirms the encryption
+ // algorithm that Amazon S3 used to encrypt the object.
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
- // Version of the object.
+ // Version ID of the newly created object, in case the bucket has versioning
+ // turned on.
VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"`
}
@@ -8289,9 +11459,11 @@ func (s *CompleteMultipartUploadOutput) SetVersionId(v string) *CompleteMultipar
return s
}
+// The container for the completed multipart upload details.
type CompletedMultipartUpload struct {
_ struct{} `type:"structure"`
+ // Array of CompletedPart data types.
Parts []*CompletedPart `locationName:"Part" type:"list" flattened:"true"`
}
@@ -8311,6 +11483,7 @@ func (s *CompletedMultipartUpload) SetParts(v []*CompletedPart) *CompletedMultip
return s
}
+// Details of the parts that were uploaded.
type CompletedPart struct {
_ struct{} `type:"structure"`
@@ -8344,7 +11517,10 @@ func (s *CompletedPart) SetPartNumber(v int64) *CompletedPart {
return s
}
-// Specifies a condition that must be met for a redirect to apply.
+// A container for describing a condition that must be met for the specified
+// redirect to apply. For example, 1. If request is for pages in the /docs folder,
+// redirect to the /documents folder. 2. If request results in HTTP error 4xx,
+// redirect request to another host where you might process the error.
type Condition struct {
_ struct{} `type:"structure"`
@@ -8413,12 +11589,21 @@ func (s *ContinuationEvent) UnmarshalEvent(
return nil
}
+// MarshalEvent marshals the type into an stream event value. This method
+// should only used internally within the SDK's EventStream handling.
+func (s *ContinuationEvent) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstream.Message, err error) {
+ msg.Headers.Set(eventstreamapi.MessageTypeHeader, eventstream.StringValue(eventstreamapi.EventMessageType))
+ return msg, err
+}
+
type CopyObjectInput struct {
_ struct{} `locationName:"CopyObjectRequest" type:"structure"`
// The canned ACL to apply to the object.
ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"`
+ // The name of the destination bucket.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -8458,7 +11643,8 @@ type CopyObjectInput struct {
// Copies the object if it hasn't been modified since the specified time.
CopySourceIfUnmodifiedSince *time.Time `location:"header" locationName:"x-amz-copy-source-if-unmodified-since" type:"timestamp"`
- // Specifies the algorithm to use when decrypting the source object (e.g., AES256).
+ // Specifies the algorithm to use when decrypting the source object (for example,
+ // AES256).
CopySourceSSECustomerAlgorithm *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-algorithm" type:"string"`
// Specifies the customer-provided encryption key for Amazon S3 to use to decrypt
@@ -8467,8 +11653,8 @@ type CopyObjectInput struct {
CopySourceSSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-key" type:"string" sensitive:"true"`
// Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321.
- // Amazon S3 uses this header for a message integrity check to ensure the encryption
- // key was transmitted without error.
+ // Amazon S3 uses this header for a message integrity check to ensure that the
+ // encryption key was transmitted without error.
CopySourceSSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-key-MD5" type:"string"`
// The date and time at which the object is no longer cacheable.
@@ -8486,6 +11672,8 @@ type CopyObjectInput struct {
// Allows grantee to write the ACL for the applicable object.
GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"`
+ // The key of the destination object.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
@@ -8499,31 +11687,33 @@ type CopyObjectInput struct {
// Specifies whether you want to apply a Legal Hold to the copied object.
ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"`
- // The object lock mode that you want to apply to the copied object.
+ // The Object Lock mode that you want to apply to the copied object.
ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"`
- // The date and time when you want the copied object's object lock to expire.
+ // The date and time when you want the copied object's Object Lock to expire.
ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
- // Specifies the algorithm to use to when encrypting the object (e.g., AES256).
+ // Specifies the algorithm to use to when encrypting the object (for example,
+ // AES256).
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// Specifies the customer-provided encryption key for Amazon S3 to use in encrypting
// data. This value is used to store the object and then it is discarded; Amazon
- // does not store the encryption key. The key must be appropriate for use with
- // the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
+ // S3 does not store the encryption key. The key must be appropriate for use
+ // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
// header.
SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"`
// Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321.
- // Amazon S3 uses this header for a message integrity check to ensure the encryption
- // key was transmitted without error.
+ // Amazon S3 uses this header for a message integrity check to ensure that the
+ // encryption key was transmitted without error.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
// Specifies the AWS KMS Encryption Context to use for object encryption. The
@@ -8533,12 +11723,14 @@ type CopyObjectInput struct {
// Specifies the AWS KMS key ID to use for object encryption. All GET and PUT
// requests for an object protected by AWS KMS will fail if not made via SSL
- // or using SigV4. Documentation on configuring any of the officially supported
- // AWS SDKs and CLI can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
+ // or using SigV4. For information about configuring using any of the officially
+ // supported AWS SDKs and AWS CLI, see Specifying the Signature Version in Request
+ // Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version)
+ // in the Amazon S3 Developer Guide.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // The server-side encryption algorithm used when storing this object in Amazon
+ // S3 (for example, AES256, aws:kms).
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
// The type of storage to use for the object. Defaults to 'STANDARD'.
@@ -8546,7 +11738,7 @@ type CopyObjectInput struct {
// The tag-set for the object destination object this value must be used in
// conjunction with the TaggingDirective. The tag-set must be encoded as URL
- // Query parameters
+ // Query parameters.
Tagging *string `location:"header" locationName:"x-amz-tagging" type:"string"`
// Specifies whether the object tag-set are copied from the source object or
@@ -8837,11 +12029,27 @@ func (s *CopyObjectInput) SetWebsiteRedirectLocation(v string) *CopyObjectInput
return s
}
+func (s *CopyObjectInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *CopyObjectInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type CopyObjectOutput struct {
_ struct{} `type:"structure" payload:"CopyObjectResult"`
+ // Container for all response elements.
CopyObjectResult *CopyObjectResult `type:"structure"`
+ // Version of the copied object in the destination bucket.
CopySourceVersionId *string `location:"header" locationName:"x-amz-copy-source-version-id" type:"string"`
// If the object expiration is configured, the response includes this header.
@@ -8857,7 +12065,7 @@ type CopyObjectOutput struct {
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// If server-side encryption with a customer-provided encryption key was requested,
- // the response will include this header to provide round trip message integrity
+ // the response will include this header to provide round-trip message integrity
// verification of the customer-provided encryption key.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
@@ -8866,12 +12074,13 @@ type CopyObjectOutput struct {
// the encryption context key-value pairs.
SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"`
- // If present, specifies the ID of the AWS Key Management Service (KMS) master
- // encryption key that was used for the object.
+ // If present, specifies the ID of the AWS Key Management Service (AWS KMS)
+ // symmetric customer managed customer master key (CMK) that was used for the
+ // object.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // The server-side encryption algorithm used when storing this object in Amazon
+ // S3 (for example, AES256, aws:kms).
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
// Version ID of the newly created copy.
@@ -8948,11 +12157,16 @@ func (s *CopyObjectOutput) SetVersionId(v string) *CopyObjectOutput {
return s
}
+// Container for all response elements.
type CopyObjectResult struct {
_ struct{} `type:"structure"`
+ // Returns the ETag of the new object. The ETag reflects only changes to the
+ // contents of an object, not its metadata. The source and destination ETag
+ // is identical for a successfully copied object.
ETag *string `type:"string"`
+ // Returns the date that the object was last modified.
LastModified *time.Time `type:"timestamp"`
}
@@ -8978,6 +12192,7 @@ func (s *CopyObjectResult) SetLastModified(v time.Time) *CopyObjectResult {
return s
}
+// Container for all response elements.
type CopyPartResult struct {
_ struct{} `type:"structure"`
@@ -9010,11 +12225,12 @@ func (s *CopyPartResult) SetLastModified(v time.Time) *CopyPartResult {
return s
}
+// The configuration information for the bucket.
type CreateBucketConfiguration struct {
_ struct{} `type:"structure"`
- // Specifies the region where the bucket will be created. If you don't specify
- // a region, the bucket is created in US East (N. Virginia) Region (us-east-1).
+ // Specifies the Region where the bucket will be created. If you don't specify
+ // a Region, the bucket is created in the US East (N. Virginia) Region (us-east-1).
LocationConstraint *string `type:"string" enum:"BucketLocationConstraint"`
}
@@ -9040,9 +12256,12 @@ type CreateBucketInput struct {
// The canned ACL to apply to the bucket.
ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"BucketCannedACL"`
+ // The name of the bucket to create.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // The configuration information for the bucket.
CreateBucketConfiguration *CreateBucketConfiguration `locationName:"CreateBucketConfiguration" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
// Allows grantee the read, write, read ACP, and write ACP permissions on the
@@ -9061,8 +12280,7 @@ type CreateBucketInput struct {
// Allows grantee to write the ACL for the applicable bucket.
GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"`
- // Specifies whether you want Amazon S3 object lock to be enabled for the new
- // bucket.
+ // Specifies whether you want S3 Object Lock to be enabled for the new bucket.
ObjectLockEnabledForBucket *bool `location:"header" locationName:"x-amz-bucket-object-lock-enabled" type:"boolean"`
}
@@ -9156,6 +12374,9 @@ func (s *CreateBucketInput) SetObjectLockEnabledForBucket(v bool) *CreateBucketI
type CreateBucketOutput struct {
_ struct{} `type:"structure"`
+ // Specifies the Region where the bucket will be created. If you are creating
+ // a bucket on the US East (N. Virginia) Region (us-east-1), you do not need
+ // to specify the location.
Location *string `location:"header" locationName:"Location" type:"string"`
}
@@ -9181,6 +12402,8 @@ type CreateMultipartUploadInput struct {
// The canned ACL to apply to the object.
ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"`
+ // The name of the bucket to which to initiate the upload
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -9216,6 +12439,8 @@ type CreateMultipartUploadInput struct {
// Allows grantee to write the ACL for the applicable object.
GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"`
+ // Object key for which the multipart upload is to be initiated.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
@@ -9225,31 +12450,33 @@ type CreateMultipartUploadInput struct {
// Specifies whether you want to apply a Legal Hold to the uploaded object.
ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"`
- // Specifies the object lock mode that you want to apply to the uploaded object.
+ // Specifies the Object Lock mode that you want to apply to the uploaded object.
ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"`
- // Specifies the date and time when you want the object lock to expire.
+ // Specifies the date and time when you want the Object Lock to expire.
ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
- // Specifies the algorithm to use to when encrypting the object (e.g., AES256).
+ // Specifies the algorithm to use to when encrypting the object (for example,
+ // AES256).
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// Specifies the customer-provided encryption key for Amazon S3 to use in encrypting
// data. This value is used to store the object and then it is discarded; Amazon
- // does not store the encryption key. The key must be appropriate for use with
- // the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
+ // S3 does not store the encryption key. The key must be appropriate for use
+ // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
// header.
SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"`
// Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321.
- // Amazon S3 uses this header for a message integrity check to ensure the encryption
- // key was transmitted without error.
+ // Amazon S3 uses this header for a message integrity check to ensure that the
+ // encryption key was transmitted without error.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
// Specifies the AWS KMS Encryption Context to use for object encryption. The
@@ -9257,20 +12484,22 @@ type CreateMultipartUploadInput struct {
// encryption context key-value pairs.
SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"`
- // Specifies the AWS KMS key ID to use for object encryption. All GET and PUT
- // requests for an object protected by AWS KMS will fail if not made via SSL
- // or using SigV4. Documentation on configuring any of the officially supported
- // AWS SDKs and CLI can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
+ // Specifies the ID of the symmetric customer managed AWS KMS CMK to use for
+ // object encryption. All GET and PUT requests for an object protected by AWS
+ // KMS will fail if not made via SSL or using SigV4. For information about configuring
+ // using any of the officially supported AWS SDKs and AWS CLI, see Specifying
+ // the Signature Version in Request Authentication (https://docs.aws.amazon.com/http:/docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version)
+ // in the Amazon S3 Developer Guide.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // The server-side encryption algorithm used when storing this object in Amazon
+ // S3 (for example, AES256, aws:kms).
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
// The type of storage to use for the object. Defaults to 'STANDARD'.
StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"`
- // The tag-set for the object. The tag-set must be encoded as URL Query parameters
+ // The tag-set for the object. The tag-set must be encoded as URL Query parameters.
Tagging *string `location:"header" locationName:"x-amz-tagging" type:"string"`
// If the bucket is configured as a website, redirects requests for this object
@@ -9487,17 +12716,47 @@ func (s *CreateMultipartUploadInput) SetWebsiteRedirectLocation(v string) *Creat
return s
}
+func (s *CreateMultipartUploadInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *CreateMultipartUploadInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type CreateMultipartUploadOutput struct {
_ struct{} `type:"structure"`
- // Date when multipart upload will become eligible for abort operation by lifecycle.
+ // If the bucket has a lifecycle rule configured with an action to abort incomplete
+ // multipart uploads and the prefix in the lifecycle rule matches the object
+ // name in the request, the response includes this header. The header indicates
+ // when the initiated multipart upload becomes eligible for an abort operation.
+ // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket
+ // Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config).
+ //
+ // The response also includes the x-amz-abort-rule-id header that provides the
+ // ID of the lifecycle configuration rule that defines this action.
AbortDate *time.Time `location:"header" locationName:"x-amz-abort-date" type:"timestamp"`
- // Id of the lifecycle rule that makes a multipart upload eligible for abort
- // operation.
+ // This header is returned along with the x-amz-abort-date header. It identifies
+ // the applicable lifecycle configuration rule that defines the action to abort
+ // incomplete multipart uploads.
AbortRuleId *string `location:"header" locationName:"x-amz-abort-rule-id" type:"string"`
// Name of the bucket to which the multipart upload was initiated.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
Bucket *string `locationName:"Bucket" type:"string"`
// Object key for which the multipart upload was initiated.
@@ -9513,7 +12772,7 @@ type CreateMultipartUploadOutput struct {
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// If server-side encryption with a customer-provided encryption key was requested,
- // the response will include this header to provide round trip message integrity
+ // the response will include this header to provide round-trip message integrity
// verification of the customer-provided encryption key.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
@@ -9522,12 +12781,13 @@ type CreateMultipartUploadOutput struct {
// the encryption context key-value pairs.
SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"`
- // If present, specifies the ID of the AWS Key Management Service (KMS) master
- // encryption key that was used for the object.
+ // If present, specifies the ID of the AWS Key Management Service (AWS KMS)
+ // symmetric customer managed customer master key (CMK) that was used for the
+ // object.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // The server-side encryption algorithm used when storing this object in Amazon
+ // S3 (for example, AES256, aws:kms).
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
// ID for the initiated multipart upload.
@@ -9617,7 +12877,7 @@ func (s *CreateMultipartUploadOutput) SetUploadId(v string) *CreateMultipartUplo
return s
}
-// The container element for specifying the default object lock retention settings
+// The container element for specifying the default Object Lock retention settings
// for new objects placed in the specified bucket.
type DefaultRetention struct {
_ struct{} `type:"structure"`
@@ -9625,7 +12885,7 @@ type DefaultRetention struct {
// The number of days that you want to specify for the default retention period.
Days *int64 `type:"integer"`
- // The default object lock retention mode you want to apply to new objects placed
+ // The default Object Lock retention mode you want to apply to new objects placed
// in the specified bucket.
Mode *string `type:"string" enum:"ObjectLockRetentionMode"`
@@ -9661,9 +12921,12 @@ func (s *DefaultRetention) SetYears(v int64) *DefaultRetention {
return s
}
+// Container for the objects to delete.
type Delete struct {
_ struct{} `type:"structure"`
+ // The objects to delete.
+ //
// Objects is a required field
Objects []*ObjectIdentifier `locationName:"Object" type:"list" flattened:"true" required:"true"`
@@ -9779,6 +13042,20 @@ func (s *DeleteBucketAnalyticsConfigurationInput) SetId(v string) *DeleteBucketA
return s
}
+func (s *DeleteBucketAnalyticsConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketAnalyticsConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketAnalyticsConfigurationOutput struct {
_ struct{} `type:"structure"`
}
@@ -9796,6 +13073,8 @@ func (s DeleteBucketAnalyticsConfigurationOutput) GoString() string {
type DeleteBucketCorsInput struct {
_ struct{} `locationName:"DeleteBucketCorsRequest" type:"structure"`
+ // Specifies the bucket whose cors configuration is being deleted.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -9839,6 +13118,20 @@ func (s *DeleteBucketCorsInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *DeleteBucketCorsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketCorsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketCorsOutput struct {
_ struct{} `type:"structure"`
}
@@ -9902,6 +13195,20 @@ func (s *DeleteBucketEncryptionInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *DeleteBucketEncryptionInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketEncryptionInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketEncryptionOutput struct {
_ struct{} `type:"structure"`
}
@@ -9919,6 +13226,8 @@ func (s DeleteBucketEncryptionOutput) GoString() string {
type DeleteBucketInput struct {
_ struct{} `locationName:"DeleteBucketRequest" type:"structure"`
+ // Specifies the bucket being deleted.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -9962,6 +13271,20 @@ func (s *DeleteBucketInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *DeleteBucketInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketInventoryConfigurationInput struct {
_ struct{} `locationName:"DeleteBucketInventoryConfigurationRequest" type:"structure"`
@@ -10024,6 +13347,20 @@ func (s *DeleteBucketInventoryConfigurationInput) SetId(v string) *DeleteBucketI
return s
}
+func (s *DeleteBucketInventoryConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketInventoryConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketInventoryConfigurationOutput struct {
_ struct{} `type:"structure"`
}
@@ -10041,6 +13378,8 @@ func (s DeleteBucketInventoryConfigurationOutput) GoString() string {
type DeleteBucketLifecycleInput struct {
_ struct{} `locationName:"DeleteBucketLifecycleRequest" type:"structure"`
+ // The bucket name of the lifecycle to delete.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -10084,6 +13423,20 @@ func (s *DeleteBucketLifecycleInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *DeleteBucketLifecycleInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketLifecycleInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketLifecycleOutput struct {
_ struct{} `type:"structure"`
}
@@ -10160,6 +13513,20 @@ func (s *DeleteBucketMetricsConfigurationInput) SetId(v string) *DeleteBucketMet
return s
}
+func (s *DeleteBucketMetricsConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketMetricsConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketMetricsConfigurationOutput struct {
_ struct{} `type:"structure"`
}
@@ -10191,6 +13558,8 @@ func (s DeleteBucketOutput) GoString() string {
type DeleteBucketPolicyInput struct {
_ struct{} `locationName:"DeleteBucketPolicyRequest" type:"structure"`
+ // The bucket name.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -10234,6 +13603,20 @@ func (s *DeleteBucketPolicyInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *DeleteBucketPolicyInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketPolicyInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketPolicyOutput struct {
_ struct{} `type:"structure"`
}
@@ -10253,9 +13636,6 @@ type DeleteBucketReplicationInput struct {
// The bucket name.
//
- // It can take a while to propagate the deletion of a replication configuration
- // to all Amazon S3 systems.
- //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -10299,6 +13679,20 @@ func (s *DeleteBucketReplicationInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *DeleteBucketReplicationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketReplicationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketReplicationOutput struct {
_ struct{} `type:"structure"`
}
@@ -10316,6 +13710,8 @@ func (s DeleteBucketReplicationOutput) GoString() string {
type DeleteBucketTaggingInput struct {
_ struct{} `locationName:"DeleteBucketTaggingRequest" type:"structure"`
+ // The bucket that has the tag set to be removed.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -10359,6 +13755,20 @@ func (s *DeleteBucketTaggingInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *DeleteBucketTaggingInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketTaggingInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketTaggingOutput struct {
_ struct{} `type:"structure"`
}
@@ -10376,6 +13786,8 @@ func (s DeleteBucketTaggingOutput) GoString() string {
type DeleteBucketWebsiteInput struct {
_ struct{} `locationName:"DeleteBucketWebsiteRequest" type:"structure"`
+ // The bucket name for which you want to remove the website configuration.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -10419,6 +13831,20 @@ func (s *DeleteBucketWebsiteInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *DeleteBucketWebsiteInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteBucketWebsiteInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteBucketWebsiteOutput struct {
_ struct{} `type:"structure"`
}
@@ -10433,6 +13859,7 @@ func (s DeleteBucketWebsiteOutput) GoString() string {
return s.String()
}
+// Information about the delete marker.
type DeleteMarkerEntry struct {
_ struct{} `type:"structure"`
@@ -10446,6 +13873,7 @@ type DeleteMarkerEntry struct {
// Date and time the object was last modified.
LastModified *time.Time `type:"timestamp"`
+ // The account that created the delete marker.>
Owner *Owner `type:"structure"`
// Version ID of an object.
@@ -10492,11 +13920,21 @@ func (s *DeleteMarkerEntry) SetVersionId(v string) *DeleteMarkerEntry {
return s
}
-// Specifies whether Amazon S3 should replicate delete makers.
+// Specifies whether Amazon S3 replicates the delete markers. If you specify
+// a Filter, you must specify this element. However, in the latest version of
+// replication configuration (when Filter is specified), Amazon S3 doesn't replicate
+// delete markers. Therefore, the DeleteMarkerReplication element can contain
+// only Disabled. For an example configuration, see Basic Rule
+// Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config).
+//
+// If you don't specify the Filter element, Amazon S3 assumes that the replication
+// configuration is the earlier version, V1. In the earlier version, Amazon
+// S3 handled replication of delete markers differently. For more information,
+// see Backward Compatibility (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations).
type DeleteMarkerReplication struct {
_ struct{} `type:"structure"`
- // The status of the delete marker replication.
+ // Indicates whether to replicate delete markers.
//
// In the current implementation, Amazon S3 doesn't replicate the delete markers.
// The status must be Disabled.
@@ -10522,24 +13960,38 @@ func (s *DeleteMarkerReplication) SetStatus(v string) *DeleteMarkerReplication {
type DeleteObjectInput struct {
_ struct{} `locationName:"DeleteObjectRequest" type:"structure"`
+ // The bucket name of the bucket containing the object.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
- // Indicates whether Amazon S3 object lock should bypass governance-mode restrictions
+ // Indicates whether S3 Object Lock should bypass Governance-mode restrictions
// to process this operation.
BypassGovernanceRetention *bool `location:"header" locationName:"x-amz-bypass-governance-retention" type:"boolean"`
+ // Key name of the object to delete.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
// The concatenation of the authentication device's serial number, a space,
- // and the value that is displayed on your authentication device.
+ // and the value that is displayed on your authentication device. Required to
+ // permanently delete a versioned object if versioning is configured with MFA
+ // delete enabled.
MFA *string `location:"header" locationName:"x-amz-mfa" type:"string"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// VersionId used to reference a specific version of the object.
@@ -10621,6 +14073,20 @@ func (s *DeleteObjectInput) SetVersionId(v string) *DeleteObjectInput {
return s
}
+func (s *DeleteObjectInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteObjectInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteObjectOutput struct {
_ struct{} `type:"structure"`
@@ -10668,9 +14134,20 @@ func (s *DeleteObjectOutput) SetVersionId(v string) *DeleteObjectOutput {
type DeleteObjectTaggingInput struct {
_ struct{} `locationName:"DeleteObjectTaggingRequest" type:"structure"`
+ // The bucket name containing the objects from which to remove the tags.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // Name of the object key.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
@@ -10735,6 +14212,20 @@ func (s *DeleteObjectTaggingInput) SetVersionId(v string) *DeleteObjectTaggingIn
return s
}
+func (s *DeleteObjectTaggingInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteObjectTaggingInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteObjectTaggingOutput struct {
_ struct{} `type:"structure"`
@@ -10761,25 +14252,39 @@ func (s *DeleteObjectTaggingOutput) SetVersionId(v string) *DeleteObjectTaggingO
type DeleteObjectsInput struct {
_ struct{} `locationName:"DeleteObjectsRequest" type:"structure" payload:"Delete"`
+ // The bucket name containing the objects to delete.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
// Specifies whether you want to delete this object even if it has a Governance-type
- // object lock in place. You must have sufficient permissions to perform this
+ // Object Lock in place. You must have sufficient permissions to perform this
// operation.
BypassGovernanceRetention *bool `location:"header" locationName:"x-amz-bypass-governance-retention" type:"boolean"`
+ // Container for the request.
+ //
// Delete is a required field
Delete *Delete `locationName:"Delete" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
// The concatenation of the authentication device's serial number, a space,
- // and the value that is displayed on your authentication device.
+ // and the value that is displayed on your authentication device. Required to
+ // permanently delete a versioned object if versioning is configured with MFA
+ // delete enabled.
MFA *string `location:"header" locationName:"x-amz-mfa" type:"string"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
}
@@ -10854,11 +14359,29 @@ func (s *DeleteObjectsInput) SetRequestPayer(v string) *DeleteObjectsInput {
return s
}
+func (s *DeleteObjectsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeleteObjectsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeleteObjectsOutput struct {
_ struct{} `type:"structure"`
+ // Container element for a successful delete. It identifies the object that
+ // was successfully deleted.
Deleted []*DeletedObject `type:"list" flattened:"true"`
+ // Container for a failed delete operation that describes the object that Amazon
+ // S3 attempted to delete and the error it encountered.
Errors []*Error `locationName:"Error" type:"list" flattened:"true"`
// If present, indicates that the requester was successfully charged for the
@@ -10942,6 +14465,20 @@ func (s *DeletePublicAccessBlockInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *DeletePublicAccessBlockInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *DeletePublicAccessBlockInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type DeletePublicAccessBlockOutput struct {
_ struct{} `type:"structure"`
}
@@ -10956,15 +14493,24 @@ func (s DeletePublicAccessBlockOutput) GoString() string {
return s.String()
}
+// Information about the deleted object.
type DeletedObject struct {
_ struct{} `type:"structure"`
+ // Specifies whether the versioned object that was permanently deleted was (true)
+ // or was not (false) a delete marker. In a simple DELETE, this header indicates
+ // whether (true) or not (false) a delete marker was created.
DeleteMarker *bool `type:"boolean"`
+ // The version ID of the delete marker created as a result of the DELETE operation.
+ // If you delete a specific object version, the value returned by this header
+ // is the version ID of the object version deleted.
DeleteMarkerVersionId *string `type:"string"`
+ // The name of the deleted object.
Key *string `min:"1" type:"string"`
+ // The version ID of the deleted object.
VersionId *string `type:"string"`
}
@@ -11003,7 +14549,7 @@ func (s *DeletedObject) SetVersionId(v string) *DeletedObject {
}
// Specifies information about where to publish analysis or configuration results
-// for an Amazon S3 bucket.
+// for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).
type Destination struct {
_ struct{} `type:"structure"`
@@ -11018,17 +14564,12 @@ type Destination struct {
// direct Amazon S3 to change replica ownership to the AWS account that owns
// the destination bucket by specifying the AccessControlTranslation property,
// this is the account ID of the destination bucket owner. For more information,
- // see Cross-Region Replication Additional Configuration: Change Replica Owner
- // (https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in
- // the Amazon Simple Storage Service Developer Guide.
+ // see Replication Additional Configuration: Changing the Replica Owner (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-change-owner.html)
+ // in the Amazon Simple Storage Service Developer Guide.
Account *string `type:"string"`
// The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to
- // store replicas of the object identified by the rule.
- //
- // A replication configuration can replicate objects to only one destination
- // bucket. If there are multiple rules in your replication configuration, all
- // rules must specify the same destination bucket.
+ // store the results.
//
// Bucket is a required field
Bucket *string `type:"string" required:"true"`
@@ -11037,9 +14578,19 @@ type Destination struct {
// is specified, you must specify this element.
EncryptionConfiguration *EncryptionConfiguration `type:"structure"`
- // The storage class to use when replicating objects, such as standard or reduced
- // redundancy. By default, Amazon S3 uses the storage class of the source object
- // to create the object replica.
+ // A container specifying replication metrics-related settings enabling metrics
+ // and Amazon S3 events for S3 Replication Time Control (S3 RTC). Must be specified
+ // together with a ReplicationTime block.
+ Metrics *Metrics `type:"structure"`
+
+ // A container specifying S3 Replication Time Control (S3 RTC), including whether
+ // S3 RTC is enabled and the time when all objects and operations on objects
+ // must be replicated. Must be specified together with a Metrics block.
+ ReplicationTime *ReplicationTime `type:"structure"`
+
+ // The storage class to use when replicating objects, such as S3 Standard or
+ // reduced redundancy. By default, Amazon S3 uses the storage class of the source
+ // object to create the object replica.
//
// For valid values, see the StorageClass element of the PUT Bucket replication
// (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html)
@@ -11068,6 +14619,16 @@ func (s *Destination) Validate() error {
invalidParams.AddNested("AccessControlTranslation", err.(request.ErrInvalidParams))
}
}
+ if s.Metrics != nil {
+ if err := s.Metrics.Validate(); err != nil {
+ invalidParams.AddNested("Metrics", err.(request.ErrInvalidParams))
+ }
+ }
+ if s.ReplicationTime != nil {
+ if err := s.ReplicationTime.Validate(); err != nil {
+ invalidParams.AddNested("ReplicationTime", err.(request.ErrInvalidParams))
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
@@ -11106,19 +14667,30 @@ func (s *Destination) SetEncryptionConfiguration(v *EncryptionConfiguration) *De
return s
}
+// SetMetrics sets the Metrics field's value.
+func (s *Destination) SetMetrics(v *Metrics) *Destination {
+ s.Metrics = v
+ return s
+}
+
+// SetReplicationTime sets the ReplicationTime field's value.
+func (s *Destination) SetReplicationTime(v *ReplicationTime) *Destination {
+ s.ReplicationTime = v
+ return s
+}
+
// SetStorageClass sets the StorageClass field's value.
func (s *Destination) SetStorageClass(v string) *Destination {
s.StorageClass = &v
return s
}
-// Describes the server-side encryption that will be applied to the restore
-// results.
+// Contains the type of server-side encryption used.
type Encryption struct {
_ struct{} `type:"structure"`
// The server-side encryption algorithm used when storing job results in Amazon
- // S3 (e.g., AES256, aws:kms).
+ // S3 (for example, AES256, aws:kms).
//
// EncryptionType is a required field
EncryptionType *string `type:"string" required:"true" enum:"ServerSideEncryption"`
@@ -11127,8 +14699,11 @@ type Encryption struct {
// the encryption context for the restore results.
KMSContext *string `type:"string"`
- // If the encryption type is aws:kms, this optional value specifies the AWS
- // KMS key ID to use for encryption of job results.
+ // If the encryption type is aws:kms, this optional value specifies the ID of
+ // the symmetric customer managed AWS KMS CMK to use for encryption of job results.
+ // Amazon S3 only supports symmetric CMKs. For more information, see Using Symmetric
+ // and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html)
+ // in the AWS Key Management Service Developer Guide.
KMSKeyId *string `type:"string" sensitive:"true"`
}
@@ -11178,8 +14753,12 @@ func (s *Encryption) SetKMSKeyId(v string) *Encryption {
type EncryptionConfiguration struct {
_ struct{} `type:"structure"`
- // Specifies the AWS KMS Key ID (Key ARN or Alias ARN) for the destination bucket.
- // Amazon S3 uses this key to encrypt replica objects.
+ // Specifies the ID (Key ARN or Alias ARN) of the customer managed customer
+ // master key (CMK) stored in AWS Key Management Service (KMS) for the destination
+ // bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only
+ // supports symmetric customer managed CMKs. For more information, see Using
+ // Symmetric and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html)
+ // in the AWS Key Management Service Developer Guide.
ReplicaKmsKeyID *string `type:"string"`
}
@@ -11199,6 +14778,9 @@ func (s *EncryptionConfiguration) SetReplicaKmsKeyID(v string) *EncryptionConfig
return s
}
+// A message that indicates the request is complete and no more messages will
+// be sent. You should not assume that the request is complete until the client
+// receives an EndEvent.
type EndEvent struct {
_ struct{} `locationName:"EndEvent" type:"structure"`
}
@@ -11225,15 +14807,382 @@ func (s *EndEvent) UnmarshalEvent(
return nil
}
+// MarshalEvent marshals the type into an stream event value. This method
+// should only used internally within the SDK's EventStream handling.
+func (s *EndEvent) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstream.Message, err error) {
+ msg.Headers.Set(eventstreamapi.MessageTypeHeader, eventstream.StringValue(eventstreamapi.EventMessageType))
+ return msg, err
+}
+
+// Container for all error elements.
type Error struct {
_ struct{} `type:"structure"`
+ // The error code is a string that uniquely identifies an error condition. It
+ // is meant to be read and understood by programs that detect and handle errors
+ // by type.
+ //
+ // Amazon S3 error codes
+ //
+ // * Code: AccessDenied Description: Access Denied HTTP Status Code: 403
+ // Forbidden SOAP Fault Code Prefix: Client
+ //
+ // * Code: AccountProblem Description: There is a problem with your AWS account
+ // that prevents the operation from completing successfully. Contact AWS
+ // Support for further assistance. HTTP Status Code: 403 Forbidden SOAP Fault
+ // Code Prefix: Client
+ //
+ // * Code: AllAccessDisabled Description: All access to this Amazon S3 resource
+ // has been disabled. Contact AWS Support for further assistance. HTTP Status
+ // Code: 403 Forbidden SOAP Fault Code Prefix: Client
+ //
+ // * Code: AmbiguousGrantByEmailAddress Description: The email address you
+ // provided is associated with more than one account. HTTP Status Code: 400
+ // Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: AuthorizationHeaderMalformed Description: The authorization header
+ // you provided is invalid. HTTP Status Code: 400 Bad Request HTTP Status
+ // Code: N/A
+ //
+ // * Code: BadDigest Description: The Content-MD5 you specified did not match
+ // what we received. HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix:
+ // Client
+ //
+ // * Code: BucketAlreadyExists Description: The requested bucket name is
+ // not available. The bucket namespace is shared by all users of the system.
+ // Please select a different name and try again. HTTP Status Code: 409 Conflict
+ // SOAP Fault Code Prefix: Client
+ //
+ // * Code: BucketAlreadyOwnedByYou Description: The bucket you tried to create
+ // already exists, and you own it. Amazon S3 returns this error in all AWS
+ // Regions except in the North Virginia Region. For legacy compatibility,
+ // if you re-create an existing bucket that you already own in the North
+ // Virginia Region, Amazon S3 returns 200 OK and resets the bucket access
+ // control lists (ACLs). Code: 409 Conflict (in all Regions except the North
+ // Virginia Region) SOAP Fault Code Prefix: Client
+ //
+ // * Code: BucketNotEmpty Description: The bucket you tried to delete is
+ // not empty. HTTP Status Code: 409 Conflict SOAP Fault Code Prefix: Client
+ //
+ // * Code: CredentialsNotSupported Description: This request does not support
+ // credentials. HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix:
+ // Client
+ //
+ // * Code: CrossLocationLoggingProhibited Description: Cross-location logging
+ // not allowed. Buckets in one geographic location cannot log information
+ // to a bucket in another location. HTTP Status Code: 403 Forbidden SOAP
+ // Fault Code Prefix: Client
+ //
+ // * Code: EntityTooSmall Description: Your proposed upload is smaller than
+ // the minimum allowed object size. HTTP Status Code: 400 Bad Request SOAP
+ // Fault Code Prefix: Client
+ //
+ // * Code: EntityTooLarge Description: Your proposed upload exceeds the maximum
+ // allowed object size. HTTP Status Code: 400 Bad Request SOAP Fault Code
+ // Prefix: Client
+ //
+ // * Code: ExpiredToken Description: The provided token has expired. HTTP
+ // Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: IllegalVersioningConfigurationException Description: Indicates
+ // that the versioning configuration specified in the request is invalid.
+ // HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: IncompleteBody Description: You did not provide the number of
+ // bytes specified by the Content-Length HTTP header HTTP Status Code: 400
+ // Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: IncorrectNumberOfFilesInPostRequest Description: POST requires
+ // exactly one file upload per request. HTTP Status Code: 400 Bad Request
+ // SOAP Fault Code Prefix: Client
+ //
+ // * Code: InlineDataTooLarge Description: Inline data exceeds the maximum
+ // allowed size. HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix:
+ // Client
+ //
+ // * Code: InternalError Description: We encountered an internal error. Please
+ // try again. HTTP Status Code: 500 Internal Server Error SOAP Fault Code
+ // Prefix: Server
+ //
+ // * Code: InvalidAccessKeyId Description: The AWS access key ID you provided
+ // does not exist in our records. HTTP Status Code: 403 Forbidden SOAP Fault
+ // Code Prefix: Client
+ //
+ // * Code: InvalidAddressingHeader Description: You must specify the Anonymous
+ // role. HTTP Status Code: N/A SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidArgument Description: Invalid Argument HTTP Status Code:
+ // 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidBucketName Description: The specified bucket is not valid.
+ // HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidBucketState Description: The request is not valid with
+ // the current state of the bucket. HTTP Status Code: 409 Conflict SOAP Fault
+ // Code Prefix: Client
+ //
+ // * Code: InvalidDigest Description: The Content-MD5 you specified is not
+ // valid. HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidEncryptionAlgorithmError Description: The encryption request
+ // you specified is not valid. The valid value is AES256. HTTP Status Code:
+ // 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidLocationConstraint Description: The specified location
+ // constraint is not valid. For more information about Regions, see How to
+ // Select a Region for Your Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro).
+ // HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidObjectState Description: The operation is not valid for
+ // the current state of the object. HTTP Status Code: 403 Forbidden SOAP
+ // Fault Code Prefix: Client
+ //
+ // * Code: InvalidPart Description: One or more of the specified parts could
+ // not be found. The part might not have been uploaded, or the specified
+ // entity tag might not have matched the part's entity tag. HTTP Status Code:
+ // 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidPartOrder Description: The list of parts was not in ascending
+ // order. Parts list must be specified in order by part number. HTTP Status
+ // Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidPayer Description: All access to this object has been disabled.
+ // Please contact AWS Support for further assistance. HTTP Status Code: 403
+ // Forbidden SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidPolicyDocument Description: The content of the form does
+ // not meet the conditions specified in the policy document. HTTP Status
+ // Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidRange Description: The requested range cannot be satisfied.
+ // HTTP Status Code: 416 Requested Range Not Satisfiable SOAP Fault Code
+ // Prefix: Client
+ //
+ // * Code: InvalidRequest Description: Please use AWS4-HMAC-SHA256. HTTP
+ // Status Code: 400 Bad Request Code: N/A
+ //
+ // * Code: InvalidRequest Description: SOAP requests must be made over an
+ // HTTPS connection. HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix:
+ // Client
+ //
+ // * Code: InvalidRequest Description: Amazon S3 Transfer Acceleration is
+ // not supported for buckets with non-DNS compliant names. HTTP Status Code:
+ // 400 Bad Request Code: N/A
+ //
+ // * Code: InvalidRequest Description: Amazon S3 Transfer Acceleration is
+ // not supported for buckets with periods (.) in their names. HTTP Status
+ // Code: 400 Bad Request Code: N/A
+ //
+ // * Code: InvalidRequest Description: Amazon S3 Transfer Accelerate endpoint
+ // only supports virtual style requests. HTTP Status Code: 400 Bad Request
+ // Code: N/A
+ //
+ // * Code: InvalidRequest Description: Amazon S3 Transfer Accelerate is not
+ // configured on this bucket. HTTP Status Code: 400 Bad Request Code: N/A
+ //
+ // * Code: InvalidRequest Description: Amazon S3 Transfer Accelerate is disabled
+ // on this bucket. HTTP Status Code: 400 Bad Request Code: N/A
+ //
+ // * Code: InvalidRequest Description: Amazon S3 Transfer Acceleration is
+ // not supported on this bucket. Contact AWS Support for more information.
+ // HTTP Status Code: 400 Bad Request Code: N/A
+ //
+ // * Code: InvalidRequest Description: Amazon S3 Transfer Acceleration cannot
+ // be enabled on this bucket. Contact AWS Support for more information. HTTP
+ // Status Code: 400 Bad Request Code: N/A
+ //
+ // * Code: InvalidSecurity Description: The provided security credentials
+ // are not valid. HTTP Status Code: 403 Forbidden SOAP Fault Code Prefix:
+ // Client
+ //
+ // * Code: InvalidSOAPRequest Description: The SOAP request body is invalid.
+ // HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidStorageClass Description: The storage class you specified
+ // is not valid. HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix:
+ // Client
+ //
+ // * Code: InvalidTargetBucketForLogging Description: The target bucket for
+ // logging does not exist, is not owned by you, or does not have the appropriate
+ // grants for the log-delivery group. HTTP Status Code: 400 Bad Request SOAP
+ // Fault Code Prefix: Client
+ //
+ // * Code: InvalidToken Description: The provided token is malformed or otherwise
+ // invalid. HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: InvalidURI Description: Couldn't parse the specified URI. HTTP
+ // Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: KeyTooLongError Description: Your key is too long. HTTP Status
+ // Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: MalformedACLError Description: The XML you provided was not well-formed
+ // or did not validate against our published schema. HTTP Status Code: 400
+ // Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: MalformedPOSTRequest Description: The body of your POST request
+ // is not well-formed multipart/form-data. HTTP Status Code: 400 Bad Request
+ // SOAP Fault Code Prefix: Client
+ //
+ // * Code: MalformedXML Description: This happens when the user sends malformed
+ // XML (XML that doesn't conform to the published XSD) for the configuration.
+ // The error message is, "The XML you provided was not well-formed or did
+ // not validate against our published schema." HTTP Status Code: 400 Bad
+ // Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: MaxMessageLengthExceeded Description: Your request was too big.
+ // HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: MaxPostPreDataLengthExceededError Description: Your POST request
+ // fields preceding the upload file were too large. HTTP Status Code: 400
+ // Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: MetadataTooLarge Description: Your metadata headers exceed the
+ // maximum allowed metadata size. HTTP Status Code: 400 Bad Request SOAP
+ // Fault Code Prefix: Client
+ //
+ // * Code: MethodNotAllowed Description: The specified method is not allowed
+ // against this resource. HTTP Status Code: 405 Method Not Allowed SOAP Fault
+ // Code Prefix: Client
+ //
+ // * Code: MissingAttachment Description: A SOAP attachment was expected,
+ // but none were found. HTTP Status Code: N/A SOAP Fault Code Prefix: Client
+ //
+ // * Code: MissingContentLength Description: You must provide the Content-Length
+ // HTTP header. HTTP Status Code: 411 Length Required SOAP Fault Code Prefix:
+ // Client
+ //
+ // * Code: MissingRequestBodyError Description: This happens when the user
+ // sends an empty XML document as a request. The error message is, "Request
+ // body is empty." HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix:
+ // Client
+ //
+ // * Code: MissingSecurityElement Description: The SOAP 1.1 request is missing
+ // a security element. HTTP Status Code: 400 Bad Request SOAP Fault Code
+ // Prefix: Client
+ //
+ // * Code: MissingSecurityHeader Description: Your request is missing a required
+ // header. HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: NoLoggingStatusForKey Description: There is no such thing as a
+ // logging status subresource for a key. HTTP Status Code: 400 Bad Request
+ // SOAP Fault Code Prefix: Client
+ //
+ // * Code: NoSuchBucket Description: The specified bucket does not exist.
+ // HTTP Status Code: 404 Not Found SOAP Fault Code Prefix: Client
+ //
+ // * Code: NoSuchBucketPolicy Description: The specified bucket does not
+ // have a bucket policy. HTTP Status Code: 404 Not Found SOAP Fault Code
+ // Prefix: Client
+ //
+ // * Code: NoSuchKey Description: The specified key does not exist. HTTP
+ // Status Code: 404 Not Found SOAP Fault Code Prefix: Client
+ //
+ // * Code: NoSuchLifecycleConfiguration Description: The lifecycle configuration
+ // does not exist. HTTP Status Code: 404 Not Found SOAP Fault Code Prefix:
+ // Client
+ //
+ // * Code: NoSuchUpload Description: The specified multipart upload does
+ // not exist. The upload ID might be invalid, or the multipart upload might
+ // have been aborted or completed. HTTP Status Code: 404 Not Found SOAP Fault
+ // Code Prefix: Client
+ //
+ // * Code: NoSuchVersion Description: Indicates that the version ID specified
+ // in the request does not match an existing version. HTTP Status Code: 404
+ // Not Found SOAP Fault Code Prefix: Client
+ //
+ // * Code: NotImplemented Description: A header you provided implies functionality
+ // that is not implemented. HTTP Status Code: 501 Not Implemented SOAP Fault
+ // Code Prefix: Server
+ //
+ // * Code: NotSignedUp Description: Your account is not signed up for the
+ // Amazon S3 service. You must sign up before you can use Amazon S3. You
+ // can sign up at the following URL: https://aws.amazon.com/s3 HTTP Status
+ // Code: 403 Forbidden SOAP Fault Code Prefix: Client
+ //
+ // * Code: OperationAborted Description: A conflicting conditional operation
+ // is currently in progress against this resource. Try again. HTTP Status
+ // Code: 409 Conflict SOAP Fault Code Prefix: Client
+ //
+ // * Code: PermanentRedirect Description: The bucket you are attempting to
+ // access must be addressed using the specified endpoint. Send all future
+ // requests to this endpoint. HTTP Status Code: 301 Moved Permanently SOAP
+ // Fault Code Prefix: Client
+ //
+ // * Code: PreconditionFailed Description: At least one of the preconditions
+ // you specified did not hold. HTTP Status Code: 412 Precondition Failed
+ // SOAP Fault Code Prefix: Client
+ //
+ // * Code: Redirect Description: Temporary redirect. HTTP Status Code: 307
+ // Moved Temporarily SOAP Fault Code Prefix: Client
+ //
+ // * Code: RestoreAlreadyInProgress Description: Object restore is already
+ // in progress. HTTP Status Code: 409 Conflict SOAP Fault Code Prefix: Client
+ //
+ // * Code: RequestIsNotMultiPartContent Description: Bucket POST must be
+ // of the enclosure-type multipart/form-data. HTTP Status Code: 400 Bad Request
+ // SOAP Fault Code Prefix: Client
+ //
+ // * Code: RequestTimeout Description: Your socket connection to the server
+ // was not read from or written to within the timeout period. HTTP Status
+ // Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: RequestTimeTooSkewed Description: The difference between the request
+ // time and the server's time is too large. HTTP Status Code: 403 Forbidden
+ // SOAP Fault Code Prefix: Client
+ //
+ // * Code: RequestTorrentOfBucketError Description: Requesting the torrent
+ // file of a bucket is not permitted. HTTP Status Code: 400 Bad Request SOAP
+ // Fault Code Prefix: Client
+ //
+ // * Code: SignatureDoesNotMatch Description: The request signature we calculated
+ // does not match the signature you provided. Check your AWS secret access
+ // key and signing method. For more information, see REST Authentication
+ // (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html)
+ // and SOAP Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/SOAPAuthentication.html)
+ // for details. HTTP Status Code: 403 Forbidden SOAP Fault Code Prefix: Client
+ //
+ // * Code: ServiceUnavailable Description: Reduce your request rate. HTTP
+ // Status Code: 503 Service Unavailable SOAP Fault Code Prefix: Server
+ //
+ // * Code: SlowDown Description: Reduce your request rate. HTTP Status Code:
+ // 503 Slow Down SOAP Fault Code Prefix: Server
+ //
+ // * Code: TemporaryRedirect Description: You are being redirected to the
+ // bucket while DNS updates. HTTP Status Code: 307 Moved Temporarily SOAP
+ // Fault Code Prefix: Client
+ //
+ // * Code: TokenRefreshRequired Description: The provided token must be refreshed.
+ // HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: TooManyBuckets Description: You have attempted to create more
+ // buckets than allowed. HTTP Status Code: 400 Bad Request SOAP Fault Code
+ // Prefix: Client
+ //
+ // * Code: UnexpectedContent Description: This request does not support content.
+ // HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: UnresolvableGrantByEmailAddress Description: The email address
+ // you provided does not match any account on record. HTTP Status Code: 400
+ // Bad Request SOAP Fault Code Prefix: Client
+ //
+ // * Code: UserKeyMustBeSpecified Description: The bucket POST must contain
+ // the specified field name. If it is specified, check the order of the fields.
+ // HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client
Code *string `type:"string"`
+ // The error key.
Key *string `min:"1" type:"string"`
+ // The error message contains a generic description of the error condition in
+ // English. It is intended for a human audience. Simple programs display the
+ // message directly to the end user if they encounter an error condition they
+ // don't know how or don't care to handle. Sophisticated programs with more
+ // exhaustive error handling and proper internationalization are more likely
+ // to ignore the error message.
Message *string `type:"string"`
+ // The version ID of the error.
VersionId *string `type:"string"`
}
@@ -11271,6 +15220,7 @@ func (s *Error) SetVersionId(v string) *Error {
return s
}
+// The error information.
type ErrorDocument struct {
_ struct{} `type:"structure"`
@@ -11306,9 +15256,48 @@ func (s *ErrorDocument) Validate() error {
return nil
}
-// SetKey sets the Key field's value.
-func (s *ErrorDocument) SetKey(v string) *ErrorDocument {
- s.Key = &v
+// SetKey sets the Key field's value.
+func (s *ErrorDocument) SetKey(v string) *ErrorDocument {
+ s.Key = &v
+ return s
+}
+
+// Optional configuration to replicate existing source bucket objects. For more
+// information, see Replicating Existing Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication)
+// in the Amazon S3 Developer Guide.
+type ExistingObjectReplication struct {
+ _ struct{} `type:"structure"`
+
+ // Status is a required field
+ Status *string `type:"string" required:"true" enum:"ExistingObjectReplicationStatus"`
+}
+
+// String returns the string representation
+func (s ExistingObjectReplication) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ExistingObjectReplication) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ExistingObjectReplication) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ExistingObjectReplication"}
+ if s.Status == nil {
+ invalidParams.Add(request.NewErrParamRequired("Status"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetStatus sets the Status field's value.
+func (s *ExistingObjectReplication) SetStatus(v string) *ExistingObjectReplication {
+ s.Status = &v
return s
}
@@ -11398,6 +15387,20 @@ func (s *GetBucketAccelerateConfigurationInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketAccelerateConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketAccelerateConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketAccelerateConfigurationOutput struct {
_ struct{} `type:"structure"`
@@ -11424,6 +15427,8 @@ func (s *GetBucketAccelerateConfigurationOutput) SetStatus(v string) *GetBucketA
type GetBucketAclInput struct {
_ struct{} `locationName:"GetBucketAclRequest" type:"structure"`
+ // Specifies the S3 bucket whose ACL is being requested.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -11467,12 +15472,27 @@ func (s *GetBucketAclInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketAclInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketAclInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketAclOutput struct {
_ struct{} `type:"structure"`
// A list of grants.
Grants []*Grant `locationName:"AccessControlList" locationNameList:"Grant" type:"list"`
+ // Container for the bucket owner's display name and ID.
Owner *Owner `type:"structure"`
}
@@ -11560,6 +15580,20 @@ func (s *GetBucketAnalyticsConfigurationInput) SetId(v string) *GetBucketAnalyti
return s
}
+func (s *GetBucketAnalyticsConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketAnalyticsConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketAnalyticsConfigurationOutput struct {
_ struct{} `type:"structure" payload:"AnalyticsConfiguration"`
@@ -11586,6 +15620,8 @@ func (s *GetBucketAnalyticsConfigurationOutput) SetAnalyticsConfiguration(v *Ana
type GetBucketCorsInput struct {
_ struct{} `locationName:"GetBucketCorsRequest" type:"structure"`
+ // The bucket name for which to get the cors configuration.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -11629,9 +15665,25 @@ func (s *GetBucketCorsInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketCorsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketCorsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketCorsOutput struct {
_ struct{} `type:"structure"`
+ // A set of origins and methods (cross-origin access that you want to allow).
+ // You can add up to 100 rules to the configuration.
CORSRules []*CORSRule `locationName:"CORSRule" type:"list" flattened:"true"`
}
@@ -11700,6 +15752,20 @@ func (s *GetBucketEncryptionInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketEncryptionInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketEncryptionInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketEncryptionOutput struct {
_ struct{} `type:"structure" payload:"ServerSideEncryptionConfiguration"`
@@ -11785,6 +15851,20 @@ func (s *GetBucketInventoryConfigurationInput) SetId(v string) *GetBucketInvento
return s
}
+func (s *GetBucketInventoryConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketInventoryConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketInventoryConfigurationOutput struct {
_ struct{} `type:"structure" payload:"InventoryConfiguration"`
@@ -11811,6 +15891,8 @@ func (s *GetBucketInventoryConfigurationOutput) SetInventoryConfiguration(v *Inv
type GetBucketLifecycleConfigurationInput struct {
_ struct{} `locationName:"GetBucketLifecycleConfigurationRequest" type:"structure"`
+ // The name of the bucket for which to get the lifecycle information.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -11854,9 +15936,24 @@ func (s *GetBucketLifecycleConfigurationInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketLifecycleConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketLifecycleConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketLifecycleConfigurationOutput struct {
_ struct{} `type:"structure"`
+ // Container for a lifecycle rule.
Rules []*LifecycleRule `locationName:"Rule" type:"list" flattened:"true"`
}
@@ -11879,6 +15976,8 @@ func (s *GetBucketLifecycleConfigurationOutput) SetRules(v []*LifecycleRule) *Ge
type GetBucketLifecycleInput struct {
_ struct{} `locationName:"GetBucketLifecycleRequest" type:"structure"`
+ // The name of the bucket for which to get the lifecycle information.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -11922,9 +16021,24 @@ func (s *GetBucketLifecycleInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketLifecycleInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketLifecycleInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketLifecycleOutput struct {
_ struct{} `type:"structure"`
+ // Container for a lifecycle rule.
Rules []*Rule `locationName:"Rule" type:"list" flattened:"true"`
}
@@ -11947,6 +16061,8 @@ func (s *GetBucketLifecycleOutput) SetRules(v []*Rule) *GetBucketLifecycleOutput
type GetBucketLocationInput struct {
_ struct{} `locationName:"GetBucketLocationRequest" type:"structure"`
+ // The name of the bucket for which to get the location.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -11990,9 +16106,26 @@ func (s *GetBucketLocationInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketLocationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketLocationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketLocationOutput struct {
_ struct{} `type:"structure"`
+ // Specifies the Region where the bucket resides. For a list of all the Amazon
+ // S3 supported location constraints by Region, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region).
+ // Buckets in Region us-east-1 have a LocationConstraint of null.
LocationConstraint *string `type:"string" enum:"BucketLocationConstraint"`
}
@@ -12015,6 +16148,8 @@ func (s *GetBucketLocationOutput) SetLocationConstraint(v string) *GetBucketLoca
type GetBucketLoggingInput struct {
_ struct{} `locationName:"GetBucketLoggingRequest" type:"structure"`
+ // The bucket name for which to get the logging information.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -12058,6 +16193,20 @@ func (s *GetBucketLoggingInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketLoggingInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketLoggingInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketLoggingOutput struct {
_ struct{} `type:"structure"`
@@ -12146,6 +16295,20 @@ func (s *GetBucketMetricsConfigurationInput) SetId(v string) *GetBucketMetricsCo
return s
}
+func (s *GetBucketMetricsConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketMetricsConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketMetricsConfigurationOutput struct {
_ struct{} `type:"structure" payload:"MetricsConfiguration"`
@@ -12172,7 +16335,7 @@ func (s *GetBucketMetricsConfigurationOutput) SetMetricsConfiguration(v *Metrics
type GetBucketNotificationConfigurationRequest struct {
_ struct{} `locationName:"GetBucketNotificationConfigurationRequest" type:"structure"`
- // Name of the bucket to get the notification configuration for.
+ // Name of the bucket for which to get the notification configuration.
//
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -12217,9 +16380,25 @@ func (s *GetBucketNotificationConfigurationRequest) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketNotificationConfigurationRequest) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketNotificationConfigurationRequest) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketPolicyInput struct {
_ struct{} `locationName:"GetBucketPolicyRequest" type:"structure"`
+ // The bucket name for which to get the bucket policy.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -12263,6 +16442,20 @@ func (s *GetBucketPolicyInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketPolicyInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketPolicyInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketPolicyOutput struct {
_ struct{} `type:"structure" payload:"Policy"`
@@ -12334,6 +16527,20 @@ func (s *GetBucketPolicyStatusInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketPolicyStatusInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketPolicyStatusInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketPolicyStatusOutput struct {
_ struct{} `type:"structure" payload:"PolicyStatus"`
@@ -12360,6 +16567,8 @@ func (s *GetBucketPolicyStatusOutput) SetPolicyStatus(v *PolicyStatus) *GetBucke
type GetBucketReplicationInput struct {
_ struct{} `locationName:"GetBucketReplicationRequest" type:"structure"`
+ // The bucket name for which to get the replication information.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -12403,6 +16612,20 @@ func (s *GetBucketReplicationInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketReplicationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketReplicationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketReplicationOutput struct {
_ struct{} `type:"structure" payload:"ReplicationConfiguration"`
@@ -12430,6 +16653,8 @@ func (s *GetBucketReplicationOutput) SetReplicationConfiguration(v *ReplicationC
type GetBucketRequestPaymentInput struct {
_ struct{} `locationName:"GetBucketRequestPaymentRequest" type:"structure"`
+ // The name of the bucket for which to get the payment request configuration
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -12473,6 +16698,20 @@ func (s *GetBucketRequestPaymentInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketRequestPaymentInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketRequestPaymentInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketRequestPaymentOutput struct {
_ struct{} `type:"structure"`
@@ -12499,6 +16738,8 @@ func (s *GetBucketRequestPaymentOutput) SetPayer(v string) *GetBucketRequestPaym
type GetBucketTaggingInput struct {
_ struct{} `locationName:"GetBucketTaggingRequest" type:"structure"`
+ // The name of the bucket for which to get the tagging information.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -12542,9 +16783,25 @@ func (s *GetBucketTaggingInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketTaggingInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketTaggingInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketTaggingOutput struct {
_ struct{} `type:"structure"`
+ // Contains the tag set.
+ //
// TagSet is a required field
TagSet []*Tag `locationNameList:"Tag" type:"list" required:"true"`
}
@@ -12568,6 +16825,8 @@ func (s *GetBucketTaggingOutput) SetTagSet(v []*Tag) *GetBucketTaggingOutput {
type GetBucketVersioningInput struct {
_ struct{} `locationName:"GetBucketVersioningRequest" type:"structure"`
+ // The name of the bucket for which to get the versioning information.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -12611,6 +16870,20 @@ func (s *GetBucketVersioningInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketVersioningInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketVersioningInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketVersioningOutput struct {
_ struct{} `type:"structure"`
@@ -12648,6 +16921,8 @@ func (s *GetBucketVersioningOutput) SetStatus(v string) *GetBucketVersioningOutp
type GetBucketWebsiteInput struct {
_ struct{} `locationName:"GetBucketWebsiteRequest" type:"structure"`
+ // The bucket name for which to get the website configuration.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -12691,17 +16966,34 @@ func (s *GetBucketWebsiteInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetBucketWebsiteInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetBucketWebsiteInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetBucketWebsiteOutput struct {
_ struct{} `type:"structure"`
+ // The object key name of the website error document to use for 4XX class errors.
ErrorDocument *ErrorDocument `type:"structure"`
+ // The name of the index document for the website (for example index.html).
IndexDocument *IndexDocument `type:"structure"`
// Specifies the redirect behavior of all requests to a website endpoint of
// an Amazon S3 bucket.
RedirectAllRequestsTo *RedirectAllRequestsTo `type:"structure"`
+ // Rules that define when a redirect is applied and the redirect behavior.
RoutingRules []*RoutingRule `locationNameList:"RoutingRule" type:"list"`
}
@@ -12742,16 +17034,28 @@ func (s *GetBucketWebsiteOutput) SetRoutingRules(v []*RoutingRule) *GetBucketWeb
type GetObjectAclInput struct {
_ struct{} `locationName:"GetObjectAclRequest" type:"structure"`
+ // The bucket name that contains the object for which to get the ACL information.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // The key of the object for which to get the ACL information.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// VersionId used to reference a specific version of the object.
@@ -12821,12 +17125,27 @@ func (s *GetObjectAclInput) SetVersionId(v string) *GetObjectAclInput {
return s
}
+func (s *GetObjectAclInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetObjectAclInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetObjectAclOutput struct {
_ struct{} `type:"structure"`
// A list of grants.
Grants []*Grant `locationName:"AccessControlList" locationNameList:"Grant" type:"list"`
+ // Container for the bucket owner's display name and ID.
Owner *Owner `type:"structure"`
// If present, indicates that the requester was successfully charged for the
@@ -12865,6 +17184,15 @@ func (s *GetObjectAclOutput) SetRequestCharged(v string) *GetObjectAclOutput {
type GetObjectInput struct {
_ struct{} `locationName:"GetObjectRequest" type:"structure"`
+ // The bucket name containing the object.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -12884,6 +17212,8 @@ type GetObjectInput struct {
// otherwise return a 412 (precondition failed).
IfUnmodifiedSince *time.Time `location:"header" locationName:"If-Unmodified-Since" type:"timestamp"`
+ // Key of the object to get.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
@@ -12893,13 +17223,17 @@ type GetObjectInput struct {
PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer"`
// Downloads the specified range bytes of an object. For more information about
- // the HTTP Range header, go to http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.
+ // the HTTP Range header, see https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
+ // (https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35).
+ //
+ // Amazon S3 doesn't support retrieving multiple ranges of data per GET request.
Range *string `location:"header" locationName:"Range" type:"string"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// Sets the Cache-Control header of the response.
@@ -12920,19 +17254,20 @@ type GetObjectInput struct {
// Sets the Expires header of the response.
ResponseExpires *time.Time `location:"querystring" locationName:"response-expires" type:"timestamp"`
- // Specifies the algorithm to use to when encrypting the object (e.g., AES256).
+ // Specifies the algorithm to use to when encrypting the object (for example,
+ // AES256).
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// Specifies the customer-provided encryption key for Amazon S3 to use in encrypting
// data. This value is used to store the object and then it is discarded; Amazon
- // does not store the encryption key. The key must be appropriate for use with
- // the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
+ // S3 does not store the encryption key. The key must be appropriate for use
+ // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
// header.
SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"`
// Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321.
- // Amazon S3 uses this header for a message integrity check to ensure the encryption
- // key was transmitted without error.
+ // Amazon S3 uses this header for a message integrity check to ensure that the
+ // encryption key was transmitted without error.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
// VersionId used to reference a specific version of the object.
@@ -13099,10 +17434,32 @@ func (s *GetObjectInput) SetVersionId(v string) *GetObjectInput {
return s
}
+func (s *GetObjectInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetObjectInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetObjectLegalHoldInput struct {
_ struct{} `locationName:"GetObjectLegalHoldRequest" type:"structure"`
- // The bucket containing the object whose Legal Hold status you want to retrieve.
+ // The bucket name containing the object whose Legal Hold status you want to
+ // retrieve.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
//
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -13112,10 +17469,11 @@ type GetObjectLegalHoldInput struct {
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// The version ID of the object whose Legal Hold status you want to retrieve.
@@ -13185,6 +17543,20 @@ func (s *GetObjectLegalHoldInput) SetVersionId(v string) *GetObjectLegalHoldInpu
return s
}
+func (s *GetObjectLegalHoldInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetObjectLegalHoldInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetObjectLegalHoldOutput struct {
_ struct{} `type:"structure" payload:"LegalHold"`
@@ -13211,7 +17583,7 @@ func (s *GetObjectLegalHoldOutput) SetLegalHold(v *ObjectLockLegalHold) *GetObje
type GetObjectLockConfigurationInput struct {
_ struct{} `locationName:"GetObjectLockConfigurationRequest" type:"structure"`
- // The bucket whose object lock configuration you want to retrieve.
+ // The bucket whose Object Lock configuration you want to retrieve.
//
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -13256,10 +17628,24 @@ func (s *GetObjectLockConfigurationInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetObjectLockConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetObjectLockConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetObjectLockConfigurationOutput struct {
_ struct{} `type:"structure" payload:"ObjectLockConfiguration"`
- // The specified bucket's object lock configuration.
+ // The specified bucket's Object Lock configuration.
ObjectLockConfiguration *ObjectLockConfiguration `type:"structure"`
}
@@ -13282,6 +17668,7 @@ func (s *GetObjectLockConfigurationOutput) SetObjectLockConfiguration(v *ObjectL
type GetObjectOutput struct {
_ struct{} `type:"structure" payload:"Body"`
+ // Indicates that a range of bytes was specified.
AcceptRanges *string `location:"header" locationName:"accept-ranges" type:"string"`
// Object data.
@@ -13315,11 +17702,11 @@ type GetObjectOutput struct {
DeleteMarker *bool `location:"header" locationName:"x-amz-delete-marker" type:"boolean"`
// An ETag is an opaque identifier assigned by a web server to a specific version
- // of a resource found at a URL
+ // of a resource found at a URL.
ETag *string `location:"header" locationName:"ETag" type:"string"`
// If the object expiration is configured (see PUT Bucket lifecycle), the response
- // includes this header. It includes the expiry-date and rule-id key value pairs
+ // includes this header. It includes the expiry-date and rule-id key-value pairs
// providing object expiration information. The value of the rule-id is URL
// encoded.
Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"`
@@ -13331,6 +17718,10 @@ type GetObjectOutput struct {
LastModified *time.Time `location:"header" locationName:"Last-Modified" type:"timestamp"`
// A map of metadata to store with the object in S3.
+ //
+ // By default unmarshaled keys are written as a map keys in following canonicalized format:
+ // the first letter and any letter following a hyphen will be capitalized, and the rest as lowercase.
+ // Set `aws.Config.LowerCaseHeaderMaps` to `true` to write unmarshaled keys to the map as lowercase.
Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"`
// This is set to the number of metadata entries not returned in x-amz-meta
@@ -13343,15 +17734,17 @@ type GetObjectOutput struct {
// returned if you have permission to view an object's legal hold status.
ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"`
- // The object lock mode currently in place for this object.
+ // The Object Lock mode currently in place for this object.
ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"`
- // The date and time when this object's object lock will expire.
+ // The date and time when this object's Object Lock will expire.
ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"`
// The count of parts this object has.
PartsCount *int64 `location:"header" locationName:"x-amz-mp-parts-count" type:"integer"`
+ // Amazon S3 can return this if your request involves a bucket that is either
+ // a source or destination in a replication rule.
ReplicationStatus *string `location:"header" locationName:"x-amz-replication-status" type:"string" enum:"ReplicationStatus"`
// If present, indicates that the requester was successfully charged for the
@@ -13368,18 +17761,21 @@ type GetObjectOutput struct {
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// If server-side encryption with a customer-provided encryption key was requested,
- // the response will include this header to provide round trip message integrity
+ // the response will include this header to provide round-trip message integrity
// verification of the customer-provided encryption key.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
- // If present, specifies the ID of the AWS Key Management Service (KMS) master
- // encryption key that was used for the object.
+ // If present, specifies the ID of the AWS Key Management Service (AWS KMS)
+ // symmetric customer managed customer master key (CMK) that was used for the
+ // object.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // The server-side encryption algorithm used when storing this object in Amazon
+ // S3 (for example, AES256, aws:kms).
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
+ // Provides storage class information of the object. Amazon S3 returns this
+ // header for all objects except for S3 Standard storage class objects.
StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"`
// The number of tags, if any, on the object.
@@ -13593,7 +17989,15 @@ func (s *GetObjectOutput) SetWebsiteRedirectLocation(v string) *GetObjectOutput
type GetObjectRetentionInput struct {
_ struct{} `locationName:"GetObjectRetentionRequest" type:"structure"`
- // The bucket containing the object whose retention settings you want to retrieve.
+ // The bucket name containing the object whose retention settings you want to
+ // retrieve.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
//
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -13603,10 +18007,11 @@ type GetObjectRetentionInput struct {
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// The version ID for the object whose retention settings you want to retrieve.
@@ -13676,6 +18081,20 @@ func (s *GetObjectRetentionInput) SetVersionId(v string) *GetObjectRetentionInpu
return s
}
+func (s *GetObjectRetentionInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetObjectRetentionInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetObjectRetentionOutput struct {
_ struct{} `type:"structure" payload:"Retention"`
@@ -13702,12 +18121,24 @@ func (s *GetObjectRetentionOutput) SetRetention(v *ObjectLockRetention) *GetObje
type GetObjectTaggingInput struct {
_ struct{} `locationName:"GetObjectTaggingRequest" type:"structure"`
+ // The bucket name containing the object for which to get the tagging information.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // Object key for which to get the tagging information.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
+ // The versionId of the object for which to get the tagging information.
VersionId *string `location:"querystring" locationName:"versionId" type:"string"`
}
@@ -13762,18 +18193,35 @@ func (s *GetObjectTaggingInput) SetKey(v string) *GetObjectTaggingInput {
return s
}
-// SetVersionId sets the VersionId field's value.
-func (s *GetObjectTaggingInput) SetVersionId(v string) *GetObjectTaggingInput {
- s.VersionId = &v
- return s
+// SetVersionId sets the VersionId field's value.
+func (s *GetObjectTaggingInput) SetVersionId(v string) *GetObjectTaggingInput {
+ s.VersionId = &v
+ return s
+}
+
+func (s *GetObjectTaggingInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetObjectTaggingInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
}
type GetObjectTaggingOutput struct {
_ struct{} `type:"structure"`
+ // Contains the tag set.
+ //
// TagSet is a required field
TagSet []*Tag `locationNameList:"Tag" type:"list" required:"true"`
+ // The versionId of the object for which you got the tagging information.
VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"`
}
@@ -13802,16 +18250,22 @@ func (s *GetObjectTaggingOutput) SetVersionId(v string) *GetObjectTaggingOutput
type GetObjectTorrentInput struct {
_ struct{} `locationName:"GetObjectTorrentRequest" type:"structure"`
+ // The name of the bucket containing the object for which to get the torrent
+ // files.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // The object key for which to get the information.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
}
@@ -13872,9 +18326,24 @@ func (s *GetObjectTorrentInput) SetRequestPayer(v string) *GetObjectTorrentInput
return s
}
+func (s *GetObjectTorrentInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetObjectTorrentInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetObjectTorrentOutput struct {
_ struct{} `type:"structure" payload:"Body"`
+ // A Bencoded dictionary as defined by the BitTorrent specification
Body io.ReadCloser `type:"blob"`
// If present, indicates that the requester was successfully charged for the
@@ -13953,6 +18422,20 @@ func (s *GetPublicAccessBlockInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *GetPublicAccessBlockInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *GetPublicAccessBlockInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type GetPublicAccessBlockOutput struct {
_ struct{} `type:"structure" payload:"PublicAccessBlockConfiguration"`
@@ -13977,10 +18460,11 @@ func (s *GetPublicAccessBlockOutput) SetPublicAccessBlockConfiguration(v *Public
return s
}
+// Container for S3 Glacier job parameters.
type GlacierJobParameters struct {
_ struct{} `type:"structure"`
- // Glacier retrieval tier at which the restore will be processed.
+ // S3 Glacier retrieval tier at which the restore will be processed.
//
// Tier is a required field
Tier *string `type:"string" required:"true" enum:"Tier"`
@@ -14015,9 +18499,11 @@ func (s *GlacierJobParameters) SetTier(v string) *GlacierJobParameters {
return s
}
+// Container for grant information.
type Grant struct {
_ struct{} `type:"structure"`
+ // The person being granted permissions.
Grantee *Grantee `type:"structure" xmlPrefix:"xsi" xmlURI:"http://www.w3.org/2001/XMLSchema-instance"`
// Specifies the permission given to the grantee.
@@ -14061,6 +18547,7 @@ func (s *Grant) SetPermission(v string) *Grant {
return s
}
+// Container for the person being granted permissions.
type Grantee struct {
_ struct{} `type:"structure" xmlPrefix:"xsi" xmlURI:"http://www.w3.org/2001/XMLSchema-instance"`
@@ -14068,6 +18555,29 @@ type Grantee struct {
DisplayName *string `type:"string"`
// Email address of the grantee.
+ //
+ // Using email addresses to specify a grantee is only supported in the following
+ // AWS Regions:
+ //
+ // * US East (N. Virginia)
+ //
+ // * US West (N. California)
+ //
+ // * US West (Oregon)
+ //
+ // * Asia Pacific (Singapore)
+ //
+ // * Asia Pacific (Sydney)
+ //
+ // * Asia Pacific (Tokyo)
+ //
+ // * Europe (Ireland)
+ //
+ // * South America (São Paulo)
+ //
+ // For a list of all the Amazon S3 supported Regions and endpoints, see Regions
+ // and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region)
+ // in the AWS General Reference.
EmailAddress *string `type:"string"`
// The canonical user ID of the grantee.
@@ -14138,6 +18648,8 @@ func (s *Grantee) SetURI(v string) *Grantee {
type HeadBucketInput struct {
_ struct{} `locationName:"HeadBucketRequest" type:"structure"`
+ // The bucket name.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
}
@@ -14181,6 +18693,20 @@ func (s *HeadBucketInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *HeadBucketInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *HeadBucketInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type HeadBucketOutput struct {
_ struct{} `type:"structure"`
}
@@ -14198,6 +18724,8 @@ func (s HeadBucketOutput) GoString() string {
type HeadObjectInput struct {
_ struct{} `locationName:"HeadObjectRequest" type:"structure"`
+ // The name of the bucket containing the object.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -14217,6 +18745,8 @@ type HeadObjectInput struct {
// otherwise return a 412 (precondition failed).
IfUnmodifiedSince *time.Time `location:"header" locationName:"If-Unmodified-Since" type:"timestamp"`
+ // The object key.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
@@ -14227,28 +18757,32 @@ type HeadObjectInput struct {
PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer"`
// Downloads the specified range bytes of an object. For more information about
- // the HTTP Range header, go to http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.
+ // the HTTP Range header, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.
+ //
+ // Amazon S3 doesn't support retrieving multiple ranges of data per GET request.
Range *string `location:"header" locationName:"Range" type:"string"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
- // Specifies the algorithm to use to when encrypting the object (e.g., AES256).
+ // Specifies the algorithm to use to when encrypting the object (for example,
+ // AES256).
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// Specifies the customer-provided encryption key for Amazon S3 to use in encrypting
// data. This value is used to store the object and then it is discarded; Amazon
- // does not store the encryption key. The key must be appropriate for use with
- // the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
+ // S3 does not store the encryption key. The key must be appropriate for use
+ // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
// header.
SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"`
// Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321.
- // Amazon S3 uses this header for a message integrity check to ensure the encryption
- // key was transmitted without error.
+ // Amazon S3 uses this header for a message integrity check to ensure that the
+ // encryption key was transmitted without error.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
// VersionId used to reference a specific version of the object.
@@ -14379,9 +18913,24 @@ func (s *HeadObjectInput) SetVersionId(v string) *HeadObjectInput {
return s
}
+func (s *HeadObjectInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *HeadObjectInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type HeadObjectOutput struct {
_ struct{} `type:"structure"`
+ // Indicates that a range of bytes was specified.
AcceptRanges *string `location:"header" locationName:"accept-ranges" type:"string"`
// Specifies caching behavior along the request/reply chain.
@@ -14409,11 +18958,11 @@ type HeadObjectOutput struct {
DeleteMarker *bool `location:"header" locationName:"x-amz-delete-marker" type:"boolean"`
// An ETag is an opaque identifier assigned by a web server to a specific version
- // of a resource found at a URL
+ // of a resource found at a URL.
ETag *string `location:"header" locationName:"ETag" type:"string"`
// If the object expiration is configured (see PUT Bucket lifecycle), the response
- // includes this header. It includes the expiry-date and rule-id key value pairs
+ // includes this header. It includes the expiry-date and rule-id key-value pairs
// providing object expiration information. The value of the rule-id is URL
// encoded.
Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"`
@@ -14425,6 +18974,10 @@ type HeadObjectOutput struct {
LastModified *time.Time `location:"header" locationName:"Last-Modified" type:"timestamp"`
// A map of metadata to store with the object in S3.
+ //
+ // By default unmarshaled keys are written as a map keys in following canonicalized format:
+ // the first letter and any letter following a hyphen will be capitalized, and the rest as lowercase.
+ // Set `aws.Config.LowerCaseHeaderMaps` to `true` to write unmarshaled keys to the map as lowercase.
Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"`
// This is set to the number of metadata entries not returned in x-amz-meta
@@ -14433,26 +18986,70 @@ type HeadObjectOutput struct {
// you can create metadata whose values are not legal HTTP headers.
MissingMeta *int64 `location:"header" locationName:"x-amz-missing-meta" type:"integer"`
- // The Legal Hold status for the specified object.
+ // Specifies whether a legal hold is in effect for this object. This header
+ // is only returned if the requester has the s3:GetObjectLegalHold permission.
+ // This header is not returned if the specified version of this object has never
+ // had a legal hold applied. For more information about S3 Object Lock, see
+ // Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html).
ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"`
- // The object lock mode currently in place for this object.
+ // The Object Lock mode, if any, that's in effect for this object. This header
+ // is only returned if the requester has the s3:GetObjectRetention permission.
+ // For more information about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html).
ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"`
- // The date and time when this object's object lock expires.
+ // The date and time when the Object Lock retention period expires. This header
+ // is only returned if the requester has the s3:GetObjectRetention permission.
ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"`
// The count of parts this object has.
PartsCount *int64 `location:"header" locationName:"x-amz-mp-parts-count" type:"integer"`
+ // Amazon S3 can return this header if your request involves a bucket that is
+ // either a source or destination in a replication rule.
+ //
+ // In replication, you have a source bucket on which you configure replication
+ // and destination bucket where Amazon S3 stores object replicas. When you request
+ // an object (GetObject) or object metadata (HeadObject) from these buckets,
+ // Amazon S3 will return the x-amz-replication-status header in the response
+ // as follows:
+ //
+ // * If requesting an object from the source bucket — Amazon S3 will return
+ // the x-amz-replication-status header if the object in your request is eligible
+ // for replication. For example, suppose that in your replication configuration,
+ // you specify object prefix TaxDocs requesting Amazon S3 to replicate objects
+ // with key prefix TaxDocs. Any objects you upload with this key name prefix,
+ // for example TaxDocs/document1.pdf, are eligible for replication. For any
+ // object request with this key name prefix, Amazon S3 will return the x-amz-replication-status
+ // header with value PENDING, COMPLETED or FAILED indicating object replication
+ // status.
+ //
+ // * If requesting an object from the destination bucket — Amazon S3 will
+ // return the x-amz-replication-status header with value REPLICA if the object
+ // in your request is a replica that Amazon S3 created.
+ //
+ // For more information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html).
ReplicationStatus *string `location:"header" locationName:"x-amz-replication-status" type:"string" enum:"ReplicationStatus"`
// If present, indicates that the requester was successfully charged for the
// request.
RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"`
- // Provides information about object restoration operation and expiration time
- // of the restored object copy.
+ // If the object is an archived object (an object whose storage class is GLACIER),
+ // the response includes this header if either the archive restoration is in
+ // progress (see RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html)
+ // or an archive copy is already restored.
+ //
+ // If an archive copy is already restored, the header value indicates when Amazon
+ // S3 is scheduled to delete the object copy. For example:
+ //
+ // x-amz-restore: ongoing-request="false", expiry-date="Fri, 23 Dec 2012 00:00:00
+ // GMT"
+ //
+ // If the object restoration is in progress, the header returns the value ongoing-request="true".
+ //
+ // For more information about archiving objects, see Transitioning Objects:
+ // General Considerations (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations).
Restore *string `location:"header" locationName:"x-amz-restore" type:"string"`
// If server-side encryption with a customer-provided encryption key was requested,
@@ -14461,18 +19058,25 @@ type HeadObjectOutput struct {
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// If server-side encryption with a customer-provided encryption key was requested,
- // the response will include this header to provide round trip message integrity
+ // the response will include this header to provide round-trip message integrity
// verification of the customer-provided encryption key.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
- // If present, specifies the ID of the AWS Key Management Service (KMS) master
- // encryption key that was used for the object.
+ // If present, specifies the ID of the AWS Key Management Service (AWS KMS)
+ // symmetric customer managed customer master key (CMK) that was used for the
+ // object.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // If the object is stored using server-side encryption either with an AWS KMS
+ // customer master key (CMK) or an Amazon S3-managed encryption key, the response
+ // includes this header with the value of the server-side encryption algorithm
+ // used when storing this object in Amazon S3 (for example, AES256, aws:kms).
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
+ // Provides storage class information of the object. Amazon S3 returns this
+ // header for all objects except for S3 Standard storage class objects.
+ //
+ // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html).
StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"`
// Version of the object.
@@ -14662,13 +19266,15 @@ func (s *HeadObjectOutput) SetWebsiteRedirectLocation(v string) *HeadObjectOutpu
return s
}
+// Container for the Suffix element.
type IndexDocument struct {
_ struct{} `type:"structure"`
// A suffix that is appended to a request that is for a directory on the website
- // endpoint (e.g. if the suffix is index.html and you make a request to samplebucket/images/
- // the data that is returned will be for the object with the key name images/index.html)
- // The suffix must not be empty and must not include a slash character.
+ // endpoint (for example,if the suffix is index.html and you make a request
+ // to samplebucket/images/ the data that is returned will be for the object
+ // with the key name images/index.html) The suffix must not be empty and must
+ // not include a slash character.
//
// Suffix is a required field
Suffix *string `type:"string" required:"true"`
@@ -14703,6 +19309,7 @@ func (s *IndexDocument) SetSuffix(v string) *IndexDocument {
return s
}
+// Container element that identifies who initiated the multipart upload.
type Initiator struct {
_ struct{} `type:"structure"`
@@ -14923,6 +19530,7 @@ func (s *InventoryConfiguration) SetSchedule(v *InventorySchedule) *InventoryCon
return s
}
+// Specifies the inventory configuration for an Amazon S3 bucket.
type InventoryDestination struct {
_ struct{} `type:"structure"`
@@ -14972,10 +19580,10 @@ func (s *InventoryDestination) SetS3BucketDestination(v *InventoryS3BucketDestin
type InventoryEncryption struct {
_ struct{} `type:"structure"`
- // Specifies the use of SSE-KMS to encrypt delivered Inventory reports.
+ // Specifies the use of SSE-KMS to encrypt delivered inventory reports.
SSEKMS *SSEKMS `locationName:"SSE-KMS" type:"structure"`
- // Specifies the use of SSE-S3 to encrypt delivered Inventory reports.
+ // Specifies the use of SSE-S3 to encrypt delivered inventory reports.
SSES3 *SSES3 `locationName:"SSE-S3" type:"structure"`
}
@@ -15016,6 +19624,8 @@ func (s *InventoryEncryption) SetSSES3(v *SSES3) *InventoryEncryption {
return s
}
+// Specifies an inventory filter. The inventory only includes objects that meet
+// the filter's criteria.
type InventoryFilter struct {
_ struct{} `type:"structure"`
@@ -15054,13 +19664,19 @@ func (s *InventoryFilter) SetPrefix(v string) *InventoryFilter {
return s
}
+// Contains the bucket name, file format, bucket owner (optional), and prefix
+// (optional) where inventory results are published.
type InventoryS3BucketDestination struct {
_ struct{} `type:"structure"`
- // The ID of the account that owns the destination bucket.
+ // The account ID that owns the destination S3 bucket. If no account ID is provided,
+ // the owner is not validated before exporting data.
+ //
+ // Although this value is optional, we strongly recommend that you set it to
+ // help prevent problems if the destination bucket ownership changes.
AccountId *string `type:"string"`
- // The Amazon resource name (ARN) of the bucket where inventory results will
+ // The Amazon Resource Name (ARN) of the bucket where inventory results will
// be published.
//
// Bucket is a required field
@@ -15147,6 +19763,7 @@ func (s *InventoryS3BucketDestination) SetPrefix(v string) *InventoryS3BucketDes
return s
}
+// Specifies the schedule for generating inventory results.
type InventorySchedule struct {
_ struct{} `type:"structure"`
@@ -15185,6 +19802,7 @@ func (s *InventorySchedule) SetFrequency(v string) *InventorySchedule {
return s
}
+// Specifies JSON as object's input serialization format.
type JSONInput struct {
_ struct{} `type:"structure"`
@@ -15208,10 +19826,12 @@ func (s *JSONInput) SetType(v string) *JSONInput {
return s
}
+// Specifies JSON as request's output serialization format.
type JSONOutput struct {
_ struct{} `type:"structure"`
- // The value used to separate individual records in the output.
+ // The value used to separate individual records in the output. If no value
+ // is specified, Amazon S3 uses a newline character ('\n').
RecordDelimiter *string `type:"string"`
}
@@ -15235,7 +19855,7 @@ func (s *JSONOutput) SetRecordDelimiter(v string) *JSONOutput {
type KeyFilter struct {
_ struct{} `type:"structure"`
- // A list of containers for the key value pair that defines the criteria for
+ // A list of containers for the key-value pair that defines the criteria for
// the filter rule.
FilterRules []*FilterRule `locationName:"FilterRule" type:"list" flattened:"true"`
}
@@ -15333,9 +19953,12 @@ func (s *LambdaFunctionConfiguration) SetLambdaFunctionArn(v string) *LambdaFunc
return s
}
+// Container for lifecycle rules. You can add as many as 1000 rules.
type LifecycleConfiguration struct {
_ struct{} `type:"structure"`
+ // Specifies lifecycle configuration rules for an Amazon S3 bucket.
+ //
// Rules is a required field
Rules []*Rule `locationName:"Rule" type:"list" flattened:"true" required:"true"`
}
@@ -15379,6 +20002,7 @@ func (s *LifecycleConfiguration) SetRules(v []*Rule) *LifecycleConfiguration {
return s
}
+// Container for the expiration for the lifecycle of the object.
type LifecycleExpiration struct {
_ struct{} `type:"structure"`
@@ -15425,6 +20049,7 @@ func (s *LifecycleExpiration) SetExpiredObjectDeleteMarker(v bool) *LifecycleExp
return s
}
+// A lifecycle rule for individual objects in an Amazon S3 bucket.
type LifecycleRule struct {
_ struct{} `type:"structure"`
@@ -15435,6 +20060,8 @@ type LifecycleRule struct {
// in the Amazon Simple Storage Service Developer Guide.
AbortIncompleteMultipartUpload *AbortIncompleteMultipartUpload `type:"structure"`
+ // Specifies the expiration for the lifecycle of the object in the form of date,
+ // days and, whether the object has a delete marker.
Expiration *LifecycleExpiration `type:"structure"`
// The Filter is used to identify objects that a Lifecycle Rule applies to.
@@ -15451,6 +20078,11 @@ type LifecycleRule struct {
// period in the object's lifetime.
NoncurrentVersionExpiration *NoncurrentVersionExpiration `type:"structure"`
+ // Specifies the transition rule for the lifecycle rule that describes when
+ // noncurrent objects transition to a specific storage class. If your bucket
+ // is versioning-enabled (or versioning is suspended), you can set this action
+ // to request that Amazon S3 transition noncurrent object versions to a specific
+ // storage class at a set period in the object's lifetime.
NoncurrentVersionTransitions []*NoncurrentVersionTransition `locationName:"NoncurrentVersionTransition" type:"list" flattened:"true"`
// Prefix identifying one or more objects to which the rule applies. This is
@@ -15465,6 +20097,7 @@ type LifecycleRule struct {
// Status is a required field
Status *string `type:"string" required:"true" enum:"ExpirationStatus"`
+ // Specifies when an Amazon S3 object transitions to a specified storage class.
Transitions []*Transition `locationName:"Transition" type:"list" flattened:"true"`
}
@@ -15556,6 +20189,7 @@ func (s *LifecycleRule) SetTransitions(v []*Transition) *LifecycleRule {
type LifecycleRuleAndOperator struct {
_ struct{} `type:"structure"`
+ // Prefix identifying one or more objects to which the rule applies.
Prefix *string `type:"string"`
// All of these tags must exist in the object's tag set in order for the rule
@@ -15728,13 +20362,28 @@ func (s *ListBucketAnalyticsConfigurationsInput) SetContinuationToken(v string)
return s
}
+func (s *ListBucketAnalyticsConfigurationsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *ListBucketAnalyticsConfigurationsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type ListBucketAnalyticsConfigurationsOutput struct {
_ struct{} `type:"structure"`
// The list of analytics configurations for a bucket.
AnalyticsConfigurationList []*AnalyticsConfiguration `locationName:"AnalyticsConfiguration" type:"list" flattened:"true"`
- // The ContinuationToken that represents where this request began.
+ // The marker that is used as a starting point for this analytics configuration
+ // list response. This value is present if it was sent in the request.
ContinuationToken *string `type:"string"`
// Indicates whether the returned list of analytics configurations is complete.
@@ -15842,6 +20491,20 @@ func (s *ListBucketInventoryConfigurationsInput) SetContinuationToken(v string)
return s
}
+func (s *ListBucketInventoryConfigurationsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *ListBucketInventoryConfigurationsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type ListBucketInventoryConfigurationsOutput struct {
_ struct{} `type:"structure"`
@@ -15852,8 +20515,9 @@ type ListBucketInventoryConfigurationsOutput struct {
// The list of inventory configurations for a bucket.
InventoryConfigurationList []*InventoryConfiguration `locationName:"InventoryConfiguration" type:"list" flattened:"true"`
- // Indicates whether the returned list of inventory configurations is truncated
- // in this response. A value of true indicates that the list is truncated.
+ // Tells whether the returned list of inventory configurations is complete.
+ // A value of true indicates that the list is not complete and the NextContinuationToken
+ // is provided for a subsequent request.
IsTruncated *bool `type:"boolean"`
// The marker used to continue this inventory configuration listing. Use the
@@ -15956,6 +20620,20 @@ func (s *ListBucketMetricsConfigurationsInput) SetContinuationToken(v string) *L
return s
}
+func (s *ListBucketMetricsConfigurationsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *ListBucketMetricsConfigurationsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type ListBucketMetricsConfigurationsOutput struct {
_ struct{} `type:"structure"`
@@ -16029,8 +20707,10 @@ func (s ListBucketsInput) GoString() string {
type ListBucketsOutput struct {
_ struct{} `type:"structure"`
+ // The list of buckets owned by the requestor.
Buckets []*Bucket `locationNameList:"Bucket" type:"list"`
+ // The owner of the buckets listed.
Owner *Owner `type:"structure"`
}
@@ -16059,10 +20739,26 @@ func (s *ListBucketsOutput) SetOwner(v *Owner) *ListBucketsOutput {
type ListMultipartUploadsInput struct {
_ struct{} `locationName:"ListMultipartUploadsRequest" type:"structure"`
+ // Name of the bucket to which the multipart upload was initiated.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
// Character you use to group keys.
+ //
+ // All keys that contain the same string between the prefix, if specified, and
+ // the first occurrence of the delimiter after the prefix are grouped under
+ // a single result element, CommonPrefixes. If you don't specify the prefix
+ // parameter, then the substring starts at the beginning of the key. The keys
+ // that are grouped under CommonPrefixes result element are not returned elsewhere
+ // in the response.
Delimiter *string `location:"querystring" locationName:"delimiter" type:"string"`
// Requests Amazon S3 to encode the object keys in the response and specifies
@@ -16075,6 +20771,13 @@ type ListMultipartUploadsInput struct {
// Together with upload-id-marker, this parameter specifies the multipart upload
// after which listing should begin.
+ //
+ // If upload-id-marker is not specified, only the keys lexicographically greater
+ // than the specified key-marker will be included in the list.
+ //
+ // If upload-id-marker is specified, any multipart uploads for a key equal to
+ // the key-marker might also be included, provided those multipart uploads have
+ // upload IDs lexicographically greater than the specified upload-id-marker.
KeyMarker *string `location:"querystring" locationName:"key-marker" type:"string"`
// Sets the maximum number of multipart uploads, from 1 to 1,000, to return
@@ -16083,12 +20786,16 @@ type ListMultipartUploadsInput struct {
MaxUploads *int64 `location:"querystring" locationName:"max-uploads" type:"integer"`
// Lists in-progress uploads only for those keys that begin with the specified
- // prefix.
+ // prefix. You can use prefixes to separate a bucket into different grouping
+ // of keys. (You can think of using prefix to make groups in the same way you'd
+ // use a folder in a file system.)
Prefix *string `location:"querystring" locationName:"prefix" type:"string"`
// Together with key-marker, specifies the multipart upload after which listing
// should begin. If key-marker is not specified, the upload-id-marker parameter
- // is ignored.
+ // is ignored. Otherwise, any multipart uploads for a key equal to the key-marker
+ // might be included in the list only if they have an upload ID lexicographically
+ // greater than the specified upload-id-marker.
UploadIdMarker *string `location:"querystring" locationName:"upload-id-marker" type:"string"`
}
@@ -16167,17 +20874,42 @@ func (s *ListMultipartUploadsInput) SetUploadIdMarker(v string) *ListMultipartUp
return s
}
+func (s *ListMultipartUploadsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *ListMultipartUploadsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type ListMultipartUploadsOutput struct {
_ struct{} `type:"structure"`
// Name of the bucket to which the multipart upload was initiated.
Bucket *string `type:"string"`
+ // If you specify a delimiter in the request, then the result returns each distinct
+ // key prefix containing the delimiter in a CommonPrefixes element. The distinct
+ // key prefixes are returned in the Prefix child element.
CommonPrefixes []*CommonPrefix `type:"list" flattened:"true"`
+ // Contains the delimiter you specified in the request. If you don't specify
+ // a delimiter in your request, this element is absent from the response.
Delimiter *string `type:"string"`
// Encoding type used by Amazon S3 to encode object keys in the response.
+ //
+ // If you specify encoding-type request parameter, Amazon S3 includes this element
+ // in the response, and returns encoded key name values in the following response
+ // elements:
+ //
+ // Delimiter, KeyMarker, Prefix, NextKeyMarker, Key.
EncodingType *string `type:"string" enum:"EncodingType"`
// Indicates whether the returned list of multipart uploads is truncated. A
@@ -16208,6 +20940,8 @@ type ListMultipartUploadsOutput struct {
// Upload ID after which listing began.
UploadIdMarker *string `type:"string"`
+ // Container for elements related to a particular multipart upload. A response
+ // can contain zero or more Upload elements.
Uploads []*MultipartUpload `locationName:"Upload" type:"list" flattened:"true"`
}
@@ -16303,10 +21037,23 @@ func (s *ListMultipartUploadsOutput) SetUploads(v []*MultipartUpload) *ListMulti
type ListObjectVersionsInput struct {
_ struct{} `locationName:"ListObjectVersionsRequest" type:"structure"`
+ // The bucket name that contains the objects.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
- // A delimiter is a character you use to group keys.
+ // A delimiter is a character that you specify to group keys. All keys that
+ // contain the same string between the prefix and the first occurrence of the
+ // delimiter are grouped under a single result element in CommonPrefixes. These
+ // groups are counted as one result against the max-keys limitation. These keys
+ // are not returned elsewhere in the response.
Delimiter *string `location:"querystring" locationName:"delimiter" type:"string"`
// Requests Amazon S3 to encode the object keys in the response and specifies
@@ -16320,11 +21067,19 @@ type ListObjectVersionsInput struct {
// Specifies the key to start with when listing objects in a bucket.
KeyMarker *string `location:"querystring" locationName:"key-marker" type:"string"`
- // Sets the maximum number of keys returned in the response. The response might
- // contain fewer keys but will never contain more.
+ // Sets the maximum number of keys returned in the response. By default the
+ // API returns up to 1,000 key names. The response might contain fewer keys
+ // but will never contain more. If additional keys satisfy the search criteria,
+ // but were not returned because max-keys was exceeded, the response contains
+ // true. To return the additional keys, see key-marker
+ // and version-id-marker.
MaxKeys *int64 `location:"querystring" locationName:"max-keys" type:"integer"`
- // Limits the response to keys that begin with the specified prefix.
+ // Use this parameter to select only those keys that begin with the specified
+ // prefix. You can use prefixes to separate a bucket into different groupings
+ // of keys. (You can think of using prefix to make groups in the same way you'd
+ // use a folder in a file system.) You can use prefix with delimiter to roll
+ // up numerous objects into a single result under CommonPrefixes.
Prefix *string `location:"querystring" locationName:"prefix" type:"string"`
// Specifies the object version you want to start listing from.
@@ -16406,42 +21161,81 @@ func (s *ListObjectVersionsInput) SetVersionIdMarker(v string) *ListObjectVersio
return s
}
+func (s *ListObjectVersionsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *ListObjectVersionsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type ListObjectVersionsOutput struct {
_ struct{} `type:"structure"`
+ // All of the keys rolled up into a common prefix count as a single return when
+ // calculating the number of returns.
CommonPrefixes []*CommonPrefix `type:"list" flattened:"true"`
+ // Container for an object that is a delete marker.
DeleteMarkers []*DeleteMarkerEntry `locationName:"DeleteMarker" type:"list" flattened:"true"`
+ // The delimiter grouping the included keys. A delimiter is a character that
+ // you specify to group keys. All keys that contain the same string between
+ // the prefix and the first occurrence of the delimiter are grouped under a
+ // single result element in CommonPrefixes. These groups are counted as one
+ // result against the max-keys limitation. These keys are not returned elsewhere
+ // in the response.
Delimiter *string `type:"string"`
- // Encoding type used by Amazon S3 to encode object keys in the response.
+ // Encoding type used by Amazon S3 to encode object key names in the XML response.
+ //
+ // If you specify encoding-type request parameter, Amazon S3 includes this element
+ // in the response, and returns encoded key name values in the following response
+ // elements:
+ //
+ // KeyMarker, NextKeyMarker, Prefix, Key, and Delimiter.
EncodingType *string `type:"string" enum:"EncodingType"`
- // A flag that indicates whether or not Amazon S3 returned all of the results
- // that satisfied the search criteria. If your results were truncated, you can
- // make a follow-up paginated request using the NextKeyMarker and NextVersionIdMarker
+ // A flag that indicates whether Amazon S3 returned all of the results that
+ // satisfied the search criteria. If your results were truncated, you can make
+ // a follow-up paginated request using the NextKeyMarker and NextVersionIdMarker
// response parameters as a starting place in another request to return the
// rest of the results.
IsTruncated *bool `type:"boolean"`
- // Marks the last Key returned in a truncated response.
+ // Marks the last key returned in a truncated response.
KeyMarker *string `type:"string"`
+ // Specifies the maximum number of objects to return.
MaxKeys *int64 `type:"integer"`
+ // Bucket name.
Name *string `type:"string"`
- // Use this value for the key marker request parameter in a subsequent request.
+ // When the number of responses exceeds the value of MaxKeys, NextKeyMarker
+ // specifies the first key not returned that satisfies the search criteria.
+ // Use this value for the key-marker request parameter in a subsequent request.
NextKeyMarker *string `type:"string"`
- // Use this value for the next version id marker parameter in a subsequent request.
+ // When the number of responses exceeds the value of MaxKeys, NextVersionIdMarker
+ // specifies the first object version not returned that satisfies the search
+ // criteria. Use this value for the version-id-marker request parameter in a
+ // subsequent request.
NextVersionIdMarker *string `type:"string"`
+ // Selects objects that start with the value supplied by this parameter.
Prefix *string `type:"string"`
+ // Marks the last version of the key returned in a truncated response.
VersionIdMarker *string `type:"string"`
+ // Container for version information.
Versions []*ObjectVersion `locationName:"Version" type:"list" flattened:"true"`
}
@@ -16536,6 +21330,8 @@ func (s *ListObjectVersionsOutput) SetVersions(v []*ObjectVersion) *ListObjectVe
type ListObjectsInput struct {
_ struct{} `locationName:"ListObjectsRequest" type:"structure"`
+ // The name of the bucket containing the objects.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -16553,8 +21349,9 @@ type ListObjectsInput struct {
// Specifies the key to start with when listing objects in a bucket.
Marker *string `location:"querystring" locationName:"marker" type:"string"`
- // Sets the maximum number of keys returned in the response. The response might
- // contain fewer keys but will never contain more.
+ // Sets the maximum number of keys returned in the response. By default the
+ // API returns up to 1,000 key names. The response might contain fewer keys
+ // but will never contain more.
MaxKeys *int64 `location:"querystring" locationName:"max-keys" type:"integer"`
// Limits the response to keys that begin with the specified prefix.
@@ -16641,37 +21438,77 @@ func (s *ListObjectsInput) SetRequestPayer(v string) *ListObjectsInput {
return s
}
+func (s *ListObjectsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *ListObjectsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type ListObjectsOutput struct {
_ struct{} `type:"structure"`
+ // All of the keys rolled up in a common prefix count as a single return when
+ // calculating the number of returns.
+ //
+ // A response can contain CommonPrefixes only if you specify a delimiter.
+ //
+ // CommonPrefixes contains all (if there are any) keys between Prefix and the
+ // next occurrence of the string specified by the delimiter.
+ //
+ // CommonPrefixes lists keys that act like subdirectories in the directory specified
+ // by Prefix.
+ //
+ // For example, if the prefix is notes/ and the delimiter is a slash (/) as
+ // in notes/summer/july, the common prefix is notes/summer/. All of the keys
+ // that roll up into a common prefix count as a single return when calculating
+ // the number of returns.
CommonPrefixes []*CommonPrefix `type:"list" flattened:"true"`
+ // Metadata about each object returned.
Contents []*Object `type:"list" flattened:"true"`
+ // Causes keys that contain the same string between the prefix and the first
+ // occurrence of the delimiter to be rolled up into a single result element
+ // in the CommonPrefixes collection. These rolled-up keys are not returned elsewhere
+ // in the response. Each rolled-up result counts as only one return against
+ // the MaxKeys value.
Delimiter *string `type:"string"`
// Encoding type used by Amazon S3 to encode object keys in the response.
EncodingType *string `type:"string" enum:"EncodingType"`
- // A flag that indicates whether or not Amazon S3 returned all of the results
- // that satisfied the search criteria.
+ // A flag that indicates whether Amazon S3 returned all of the results that
+ // satisfied the search criteria.
IsTruncated *bool `type:"boolean"`
+ // Indicates where in the bucket listing begins. Marker is included in the response
+ // if it was sent with the request.
Marker *string `type:"string"`
+ // The maximum number of keys returned in the response body.
MaxKeys *int64 `type:"integer"`
+ // Bucket name.
Name *string `type:"string"`
// When response is truncated (the IsTruncated element value in the response
// is true), you can use the key name in this field as marker in the subsequent
// request to get next set of objects. Amazon S3 lists objects in alphabetical
// order Note: This element is returned only if you have delimiter request parameter
- // specified. If response does not include the NextMaker and it is truncated,
+ // specified. If response does not include the NextMarker and it is truncated,
// you can use the value of the last Key in the response as the marker in the
// subsequent request to get the next set of object keys.
NextMarker *string `type:"string"`
+ // Keys that begin with the indicated prefix.
Prefix *string `type:"string"`
}
@@ -16748,14 +21585,21 @@ func (s *ListObjectsOutput) SetPrefix(v string) *ListObjectsOutput {
type ListObjectsV2Input struct {
_ struct{} `locationName:"ListObjectsV2Request" type:"structure"`
- // Name of the bucket to list.
+ // Bucket name to list.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
//
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
// ContinuationToken indicates Amazon S3 that the list is being continued on
// this bucket with a token. ContinuationToken is obfuscated and is not a real
- // key
+ // key.
ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"`
// A delimiter is a character you use to group keys.
@@ -16766,11 +21610,12 @@ type ListObjectsV2Input struct {
// The owner field is not present in listV2 by default, if you want to return
// owner field with each key in the result then set the fetch owner field to
- // true
+ // true.
FetchOwner *bool `location:"querystring" locationName:"fetch-owner" type:"boolean"`
- // Sets the maximum number of keys returned in the response. The response might
- // contain fewer keys but will never contain more.
+ // Sets the maximum number of keys returned in the response. By default the
+ // API returns up to 1,000 key names. The response might contain fewer keys
+ // but will never contain more.
MaxKeys *int64 `location:"querystring" locationName:"max-keys" type:"integer"`
// Limits the response to keys that begin with the specified prefix.
@@ -16782,7 +21627,7 @@ type ListObjectsV2Input struct {
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// StartAfter is where you want Amazon S3 to start listing from. Amazon S3 starts
- // listing after this specified key. StartAfter can be any key in the bucket
+ // listing after this specified key. StartAfter can be any key in the bucket.
StartAfter *string `location:"querystring" locationName:"start-after" type:"string"`
}
@@ -16873,29 +21718,65 @@ func (s *ListObjectsV2Input) SetStartAfter(v string) *ListObjectsV2Input {
return s
}
+func (s *ListObjectsV2Input) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *ListObjectsV2Input) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type ListObjectsV2Output struct {
_ struct{} `type:"structure"`
+ // All of the keys rolled up into a common prefix count as a single return when
+ // calculating the number of returns.
+ //
+ // A response can contain CommonPrefixes only if you specify a delimiter.
+ //
// CommonPrefixes contains all (if there are any) keys between Prefix and the
- // next occurrence of the string specified by delimiter
+ // next occurrence of the string specified by a delimiter.
+ //
+ // CommonPrefixes lists keys that act like subdirectories in the directory specified
+ // by Prefix.
+ //
+ // For example, if the prefix is notes/ and the delimiter is a slash (/) as
+ // in notes/summer/july, the common prefix is notes/summer/. All of the keys
+ // that roll up into a common prefix count as a single return when calculating
+ // the number of returns.
CommonPrefixes []*CommonPrefix `type:"list" flattened:"true"`
// Metadata about each object returned.
Contents []*Object `type:"list" flattened:"true"`
- // ContinuationToken indicates Amazon S3 that the list is being continued on
- // this bucket with a token. ContinuationToken is obfuscated and is not a real
- // key
+ // If ContinuationToken was sent with the request, it is included in the response.
ContinuationToken *string `type:"string"`
- // A delimiter is a character you use to group keys.
+ // Causes keys that contain the same string between the prefix and the first
+ // occurrence of the delimiter to be rolled up into a single result element
+ // in the CommonPrefixes collection. These rolled-up keys are not returned elsewhere
+ // in the response. Each rolled-up result counts as only one return against
+ // the MaxKeys value.
Delimiter *string `type:"string"`
- // Encoding type used by Amazon S3 to encode object keys in the response.
+ // Encoding type used by Amazon S3 to encode object key names in the XML response.
+ //
+ // If you specify the encoding-type request parameter, Amazon S3 includes this
+ // element in the response, and returns encoded key name values in the following
+ // response elements:
+ //
+ // Delimiter, Prefix, Key, and StartAfter.
EncodingType *string `type:"string" enum:"EncodingType"`
- // A flag that indicates whether or not Amazon S3 returned all of the results
- // that satisfied the search criteria.
+ // Set to false if all of the results were returned. Set to true if more keys
+ // are available to return. If the number of results exceeds that specified
+ // by MaxKeys, all of the results might not be returned.
IsTruncated *bool `type:"boolean"`
// KeyCount is the number of keys returned with this request. KeyCount will
@@ -16903,24 +21784,31 @@ type ListObjectsV2Output struct {
// result will include less than equals 50 keys
KeyCount *int64 `type:"integer"`
- // Sets the maximum number of keys returned in the response. The response might
- // contain fewer keys but will never contain more.
+ // Sets the maximum number of keys returned in the response. By default the
+ // API returns up to 1,000 key names. The response might contain fewer keys
+ // but will never contain more.
MaxKeys *int64 `type:"integer"`
- // Name of the bucket to list.
+ // Bucket name.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
Name *string `type:"string"`
- // NextContinuationToken is sent when isTruncated is true which means there
+ // NextContinuationToken is sent when isTruncated is true, which means there
// are more keys in the bucket that can be listed. The next list requests to
// Amazon S3 can be continued with this NextContinuationToken. NextContinuationToken
// is obfuscated and is not a real key
NextContinuationToken *string `type:"string"`
- // Limits the response to keys that begin with the specified prefix.
+ // Keys that begin with the indicated prefix.
Prefix *string `type:"string"`
- // StartAfter is where you want Amazon S3 to start listing from. Amazon S3 starts
- // listing after this specified key. StartAfter can be any key in the bucket
+ // If StartAfter was sent with the request, it is included in the response.
StartAfter *string `type:"string"`
}
@@ -17009,9 +21897,20 @@ func (s *ListObjectsV2Output) SetStartAfter(v string) *ListObjectsV2Output {
type ListPartsInput struct {
_ struct{} `locationName:"ListPartsRequest" type:"structure"`
+ // Name of the bucket to which the parts are being uploaded.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // Object key for which the multipart upload was initiated.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
@@ -17022,10 +21921,11 @@ type ListPartsInput struct {
// part numbers will be listed.
PartNumberMarker *int64 `location:"querystring" locationName:"part-number-marker" type:"integer"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// Upload ID identifying the multipart upload whose parts are being listed.
@@ -17112,23 +22012,51 @@ func (s *ListPartsInput) SetUploadId(v string) *ListPartsInput {
return s
}
+func (s *ListPartsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *ListPartsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type ListPartsOutput struct {
_ struct{} `type:"structure"`
- // Date when multipart upload will become eligible for abort operation by lifecycle.
+ // If the bucket has a lifecycle rule configured with an action to abort incomplete
+ // multipart uploads and the prefix in the lifecycle rule matches the object
+ // name in the request, then the response includes this header indicating when
+ // the initiated multipart upload will become eligible for abort operation.
+ // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket
+ // Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config).
+ //
+ // The response will also include the x-amz-abort-rule-id header that will provide
+ // the ID of the lifecycle configuration rule that defines this action.
AbortDate *time.Time `location:"header" locationName:"x-amz-abort-date" type:"timestamp"`
- // Id of the lifecycle rule that makes a multipart upload eligible for abort
- // operation.
+ // This header is returned along with the x-amz-abort-date header. It identifies
+ // applicable lifecycle configuration rule that defines the action to abort
+ // incomplete multipart uploads.
AbortRuleId *string `location:"header" locationName:"x-amz-abort-rule-id" type:"string"`
// Name of the bucket to which the multipart upload was initiated.
Bucket *string `type:"string"`
- // Identifies who initiated the multipart upload.
+ // Container element that identifies who initiated the multipart upload. If
+ // the initiator is an AWS account, this element provides the same information
+ // as the Owner element. If the initiator is an IAM User, this element provides
+ // the user ARN and display name.
Initiator *Initiator `type:"structure"`
- // Indicates whether the returned list of parts is truncated.
+ // Indicates whether the returned list of parts is truncated. A true value indicates
+ // that the list was truncated. A list can be truncated if the number of parts
+ // exceeds the limit returned in the MaxParts element.
IsTruncated *bool `type:"boolean"`
// Object key for which the multipart upload was initiated.
@@ -17142,18 +22070,26 @@ type ListPartsOutput struct {
// in a subsequent request.
NextPartNumberMarker *int64 `type:"integer"`
+ // Container element that identifies the object owner, after the object is created.
+ // If multipart upload is initiated by an IAM user, this element provides the
+ // parent account ID and display name.
Owner *Owner `type:"structure"`
- // Part number after which listing begins.
+ // When a list is truncated, this element specifies the last part in the list,
+ // as well as the value to use for the part-number-marker request parameter
+ // in a subsequent request.
PartNumberMarker *int64 `type:"integer"`
+ // Container for elements related to a particular part. A response can contain
+ // zero or more Part elements.
Parts []*Part `locationName:"Part" type:"list" flattened:"true"`
// If present, indicates that the requester was successfully charged for the
// request.
RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"`
- // The class of storage used to store the object.
+ // Class of storage (STANDARD or REDUCED_REDUNDANCY) used to store the uploaded
+ // object.
StorageClass *string `type:"string" enum:"StorageClass"`
// Upload ID identifying the multipart upload whose parts are being listed.
@@ -17261,7 +22197,8 @@ func (s *ListPartsOutput) SetUploadId(v string) *ListPartsOutput {
return s
}
-// Describes an S3 location that will receive the results of the restore request.
+// Describes an Amazon S3 location that will receive the results of the restore
+// request.
type Location struct {
_ struct{} `type:"structure"`
@@ -17276,8 +22213,7 @@ type Location struct {
// The canned ACL to apply to the restore results.
CannedACL *string `type:"string" enum:"ObjectCannedACL"`
- // Describes the server-side encryption that will be applied to the restore
- // results.
+ // Contains the type of server-side encryption used.
Encryption *Encryption `type:"structure"`
// The prefix that is prepended to the restore results for this request.
@@ -17399,13 +22335,14 @@ type LoggingEnabled struct {
// Specifies the bucket where you want Amazon S3 to store server access logs.
// You can have your logs delivered to any bucket that you own, including the
// same bucket that is being logged. You can also configure multiple buckets
- // to deliver their logs to the same target bucket. In this case you should
+ // to deliver their logs to the same target bucket. In this case, you should
// choose a different TargetPrefix for each source bucket so that the delivered
// log files can be distinguished by key.
//
// TargetBucket is a required field
TargetBucket *string `type:"string" required:"true"`
+ // Container for granting information.
TargetGrants []*TargetGrant `locationNameList:"Grant" type:"list"`
// A prefix for all log object keys. If you store log files from multiple Amazon
@@ -17474,8 +22411,10 @@ func (s *LoggingEnabled) SetTargetPrefix(v string) *LoggingEnabled {
type MetadataEntry struct {
_ struct{} `type:"structure"`
+ // Name of the Object.
Name *string `type:"string"`
+ // Value of the Object.
Value *string `type:"string"`
}
@@ -17501,6 +22440,65 @@ func (s *MetadataEntry) SetValue(v string) *MetadataEntry {
return s
}
+// A container specifying replication metrics-related settings enabling metrics
+// and Amazon S3 events for S3 Replication Time Control (S3 RTC). Must be specified
+// together with a ReplicationTime block.
+type Metrics struct {
+ _ struct{} `type:"structure"`
+
+ // A container specifying the time threshold for emitting the s3:Replication:OperationMissedThreshold
+ // event.
+ //
+ // EventThreshold is a required field
+ EventThreshold *ReplicationTimeValue `type:"structure" required:"true"`
+
+ // Specifies whether the replication metrics are enabled.
+ //
+ // Status is a required field
+ Status *string `type:"string" required:"true" enum:"MetricsStatus"`
+}
+
+// String returns the string representation
+func (s Metrics) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Metrics) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *Metrics) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "Metrics"}
+ if s.EventThreshold == nil {
+ invalidParams.Add(request.NewErrParamRequired("EventThreshold"))
+ }
+ if s.Status == nil {
+ invalidParams.Add(request.NewErrParamRequired("Status"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetEventThreshold sets the EventThreshold field's value.
+func (s *Metrics) SetEventThreshold(v *ReplicationTimeValue) *Metrics {
+ s.EventThreshold = v
+ return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *Metrics) SetStatus(v string) *Metrics {
+ s.Status = &v
+ return s
+}
+
+// A conjunction (logical AND) of predicates, which is used in evaluating a
+// metrics filter. The operator must have at least two predicates, and an object
+// must match all of the predicates in order for the filter to apply.
type MetricsAndOperator struct {
_ struct{} `type:"structure"`
@@ -17614,6 +22612,9 @@ func (s *MetricsConfiguration) SetId(v string) *MetricsConfiguration {
return s
}
+// Specifies a metrics configuration filter. The metrics configuration only
+// includes objects that meet the filter's criteria. A filter must be a prefix,
+// a tag, or a conjunction (MetricsAndOperator).
type MetricsFilter struct {
_ struct{} `type:"structure"`
@@ -17677,6 +22678,7 @@ func (s *MetricsFilter) SetTag(v *Tag) *MetricsFilter {
return s
}
+// Container for the MultipartUpload for the Amazon S3 object.
type MultipartUpload struct {
_ struct{} `type:"structure"`
@@ -17689,6 +22691,7 @@ type MultipartUpload struct {
// Key of the object for which the multipart upload was initiated.
Key *string `min:"1" type:"string"`
+ // Specifies the owner of the object that is part of the multipart upload.
Owner *Owner `type:"structure"`
// The class of storage used to store the object.
@@ -17788,8 +22791,8 @@ type NoncurrentVersionTransition struct {
// Specifies the number of days an object is noncurrent before Amazon S3 can
// perform the associated action. For information about the noncurrent days
- // calculations, see How Amazon S3 Calculates When an Object Became Noncurrent
- // (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html)
+ // calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent
+ // (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations)
// in the Amazon Simple Storage Service Developer Guide.
NoncurrentDays *int64 `type:"integer"`
@@ -17908,10 +22911,17 @@ func (s *NotificationConfiguration) SetTopicConfigurations(v []*TopicConfigurati
type NotificationConfigurationDeprecated struct {
_ struct{} `type:"structure"`
+ // Container for specifying the AWS Lambda notification configuration.
CloudFunctionConfiguration *CloudFunctionConfiguration `type:"structure"`
+ // This data type is deprecated. This data type specifies the configuration
+ // for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue
+ // when Amazon S3 detects specified events.
QueueConfiguration *QueueConfigurationDeprecated `type:"structure"`
+ // This data type is deprecated. A container for specifying the configuration
+ // for publication of messages to an Amazon Simple Notification Service (Amazon
+ // SNS) topic when Amazon S3 detects specified events.
TopicConfiguration *TopicConfigurationDeprecated `type:"structure"`
}
@@ -17969,17 +22979,39 @@ func (s *NotificationConfigurationFilter) SetKey(v *KeyFilter) *NotificationConf
return s
}
+// An object consists of data and its descriptive metadata.
type Object struct {
_ struct{} `type:"structure"`
+ // The entity tag is a hash of the object. The ETag reflects changes only to
+ // the contents of an object, not its metadata. The ETag may or may not be an
+ // MD5 digest of the object data. Whether or not it is depends on how the object
+ // was created and how it is encrypted as described below:
+ //
+ // * Objects created by the PUT Object, POST Object, or Copy operation, or
+ // through the AWS Management Console, and are encrypted by SSE-S3 or plaintext,
+ // have ETags that are an MD5 digest of their object data.
+ //
+ // * Objects created by the PUT Object, POST Object, or Copy operation, or
+ // through the AWS Management Console, and are encrypted by SSE-C or SSE-KMS,
+ // have ETags that are not an MD5 digest of their object data.
+ //
+ // * If an object is created by either the Multipart Upload or Part Copy
+ // operation, the ETag is not an MD5 digest, regardless of the method of
+ // encryption.
ETag *string `type:"string"`
+ // The name that you assign to an object. You use the object key to retrieve
+ // the object.
Key *string `min:"1" type:"string"`
+ // The date the Object was Last Modified
LastModified *time.Time `type:"timestamp"`
+ // The owner of the object
Owner *Owner `type:"structure"`
+ // Size in bytes of the object
Size *int64 `type:"integer"`
// The class of storage used to store the object.
@@ -18032,6 +23064,7 @@ func (s *Object) SetStorageClass(v string) *Object {
return s
}
+// Object Identifier is unique value to identify objects.
type ObjectIdentifier struct {
_ struct{} `type:"structure"`
@@ -18082,14 +23115,14 @@ func (s *ObjectIdentifier) SetVersionId(v string) *ObjectIdentifier {
return s
}
-// The container element for object lock configuration parameters.
+// The container element for Object Lock configuration parameters.
type ObjectLockConfiguration struct {
_ struct{} `type:"structure"`
- // Indicates whether this bucket has an object lock configuration enabled.
+ // Indicates whether this bucket has an Object Lock configuration enabled.
ObjectLockEnabled *string `type:"string" enum:"ObjectLockEnabled"`
- // The object lock rule in place for the specified object.
+ // The Object Lock rule in place for the specified object.
Rule *ObjectLockRule `type:"structure"`
}
@@ -18146,7 +23179,7 @@ type ObjectLockRetention struct {
// Indicates the Retention mode for the specified object.
Mode *string `type:"string" enum:"ObjectLockRetentionMode"`
- // The date on which this object lock retention expires.
+ // The date on which this Object Lock Retention will expire.
RetainUntilDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`
}
@@ -18172,7 +23205,7 @@ func (s *ObjectLockRetention) SetRetainUntilDate(v time.Time) *ObjectLockRetenti
return s
}
-// The container element for an object lock rule.
+// The container element for an Object Lock rule.
type ObjectLockRule struct {
_ struct{} `type:"structure"`
@@ -18197,9 +23230,11 @@ func (s *ObjectLockRule) SetDefaultRetention(v *DefaultRetention) *ObjectLockRul
return s
}
+// The version of an object.
type ObjectVersion struct {
_ struct{} `type:"structure"`
+ // The entity tag is an MD5 hash of that version of the object.
ETag *string `type:"string"`
// Specifies whether the object is (true) or is not (false) the latest version
@@ -18212,6 +23247,7 @@ type ObjectVersion struct {
// Date and time the object was last modified.
LastModified *time.Time `type:"timestamp"`
+ // Specifies the owner of the object.
Owner *Owner `type:"structure"`
// Size in bytes of the object.
@@ -18354,11 +23390,14 @@ func (s *OutputSerialization) SetJSON(v *JSONOutput) *OutputSerialization {
return s
}
+// Container for the owner's display name and ID.
type Owner struct {
_ struct{} `type:"structure"`
+ // Container for the display name of the owner.
DisplayName *string `type:"string"`
+ // Container for the ID of the owner.
ID *string `type:"string"`
}
@@ -18384,6 +23423,7 @@ func (s *Owner) SetID(v string) *Owner {
return s
}
+// Container for Parquet.
type ParquetInput struct {
_ struct{} `type:"structure"`
}
@@ -18398,6 +23438,7 @@ func (s ParquetInput) GoString() string {
return s.String()
}
+// Container for elements related to a part.
type Part struct {
_ struct{} `type:"structure"`
@@ -18474,6 +23515,7 @@ func (s *PolicyStatus) SetIsPublic(v bool) *PolicyStatus {
return s
}
+// This data type contains information about progress of an operation.
type Progress struct {
_ struct{} `type:"structure"`
@@ -18515,6 +23557,7 @@ func (s *Progress) SetBytesScanned(v int64) *Progress {
return s
}
+// This data type contains information about the progress event of an operation.
type ProgressEvent struct {
_ struct{} `locationName:"ProgressEvent" type:"structure" payload:"Details"`
@@ -18555,7 +23598,23 @@ func (s *ProgressEvent) UnmarshalEvent(
return nil
}
-// Specifies the Block Public Access configuration for an Amazon S3 bucket.
+// MarshalEvent marshals the type into an stream event value. This method
+// should only used internally within the SDK's EventStream handling.
+func (s *ProgressEvent) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstream.Message, err error) {
+ msg.Headers.Set(eventstreamapi.MessageTypeHeader, eventstream.StringValue(eventstreamapi.EventMessageType))
+ var buf bytes.Buffer
+ if err = pm.MarshalPayload(&buf, s); err != nil {
+ return eventstream.Message{}, err
+ }
+ msg.Payload = buf.Bytes()
+ return msg, err
+}
+
+// The PublicAccessBlock configuration that you want to apply to this Amazon
+// S3 bucket. You can enable the configuration options in any combination. For
+// more information about when Amazon S3 considers a bucket or object public,
+// see The Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status)
+// in the Amazon Simple Storage Service Developer Guide.
type PublicAccessBlockConfiguration struct {
_ struct{} `type:"structure"`
@@ -18568,6 +23627,8 @@ type PublicAccessBlockConfiguration struct {
//
// * PUT Object calls fail if the request includes a public ACL.
//
+ // * PUT Bucket calls fail if the request includes a public ACL.
+ //
// Enabling this setting doesn't affect existing policies or ACLs.
BlockPublicAcls *bool `locationName:"BlockPublicAcls" type:"boolean"`
@@ -18634,7 +23695,7 @@ func (s *PublicAccessBlockConfiguration) SetRestrictPublicBuckets(v bool) *Publi
type PutBucketAccelerateConfigurationInput struct {
_ struct{} `locationName:"PutBucketAccelerateConfigurationRequest" type:"structure" payload:"AccelerateConfiguration"`
- // Specifies the Accelerate Configuration you want to set for the bucket.
+ // Container for setting the transfer acceleration state.
//
// AccelerateConfiguration is a required field
AccelerateConfiguration *AccelerateConfiguration `locationName:"AccelerateConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
@@ -18693,6 +23754,20 @@ func (s *PutBucketAccelerateConfigurationInput) getBucket() (v string) {
return *s.Bucket
}
+func (s *PutBucketAccelerateConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketAccelerateConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketAccelerateConfigurationOutput struct {
_ struct{} `type:"structure"`
}
@@ -18716,6 +23791,8 @@ type PutBucketAclInput struct {
// Contains the elements that set the ACL permissions for an object per grantee.
AccessControlPolicy *AccessControlPolicy `locationName:"AccessControlPolicy" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
+ // The bucket to which to apply the ACL.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -18822,6 +23899,20 @@ func (s *PutBucketAclInput) SetGrantWriteACP(v string) *PutBucketAclInput {
return s
}
+func (s *PutBucketAclInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketAclInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketAclOutput struct {
_ struct{} `type:"structure"`
}
@@ -18917,6 +24008,20 @@ func (s *PutBucketAnalyticsConfigurationInput) SetId(v string) *PutBucketAnalyti
return s
}
+func (s *PutBucketAnalyticsConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketAnalyticsConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketAnalyticsConfigurationOutput struct {
_ struct{} `type:"structure"`
}
@@ -18934,6 +24039,8 @@ func (s PutBucketAnalyticsConfigurationOutput) GoString() string {
type PutBucketCorsInput struct {
_ struct{} `locationName:"PutBucketCorsRequest" type:"structure" payload:"CORSConfiguration"`
+ // Specifies the bucket impacted by the corsconfiguration.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -18999,6 +24106,20 @@ func (s *PutBucketCorsInput) SetCORSConfiguration(v *CORSConfiguration) *PutBuck
return s
}
+func (s *PutBucketCorsInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketCorsInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketCorsOutput struct {
_ struct{} `type:"structure"`
}
@@ -19017,9 +24138,9 @@ type PutBucketEncryptionInput struct {
_ struct{} `locationName:"PutBucketEncryptionRequest" type:"structure" payload:"ServerSideEncryptionConfiguration"`
// Specifies default encryption for a bucket using server-side encryption with
- // Amazon S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS). For information
- // about the Amazon S3 default encryption feature, see Amazon S3 Default Bucket
- // Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html)
+ // Amazon S3-managed keys (SSE-S3) or customer master keys stored in AWS KMS
+ // (SSE-KMS). For information about the Amazon S3 default encryption feature,
+ // see Amazon S3 Default Bucket Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html)
// in the Amazon Simple Storage Service Developer Guide.
//
// Bucket is a required field
@@ -19084,6 +24205,20 @@ func (s *PutBucketEncryptionInput) SetServerSideEncryptionConfiguration(v *Serve
return s
}
+func (s *PutBucketEncryptionInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketEncryptionInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketEncryptionOutput struct {
_ struct{} `type:"structure"`
}
@@ -19179,6 +24314,20 @@ func (s *PutBucketInventoryConfigurationInput) SetInventoryConfiguration(v *Inve
return s
}
+func (s *PutBucketInventoryConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketInventoryConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketInventoryConfigurationOutput struct {
_ struct{} `type:"structure"`
}
@@ -19196,12 +24345,12 @@ func (s PutBucketInventoryConfigurationOutput) GoString() string {
type PutBucketLifecycleConfigurationInput struct {
_ struct{} `locationName:"PutBucketLifecycleConfigurationRequest" type:"structure" payload:"LifecycleConfiguration"`
+ // The name of the bucket for which to set the configuration.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
- // Specifies the lifecycle configuration for objects in an Amazon S3 bucket.
- // For more information, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html)
- // in the Amazon Simple Storage Service Developer Guide.
+ // Container for lifecycle rules. You can add as many as 1,000 rules.
LifecycleConfiguration *BucketLifecycleConfiguration `locationName:"LifecycleConfiguration" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
}
@@ -19255,6 +24404,20 @@ func (s *PutBucketLifecycleConfigurationInput) SetLifecycleConfiguration(v *Buck
return s
}
+func (s *PutBucketLifecycleConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketLifecycleConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketLifecycleConfigurationOutput struct {
_ struct{} `type:"structure"`
}
@@ -19275,6 +24438,7 @@ type PutBucketLifecycleInput struct {
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // Container for lifecycle rules. You can add as many as 1000 rules.
LifecycleConfiguration *LifecycleConfiguration `locationName:"LifecycleConfiguration" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
}
@@ -19328,6 +24492,20 @@ func (s *PutBucketLifecycleInput) SetLifecycleConfiguration(v *LifecycleConfigur
return s
}
+func (s *PutBucketLifecycleInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketLifecycleInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketLifecycleOutput struct {
_ struct{} `type:"structure"`
}
@@ -19345,9 +24523,13 @@ func (s PutBucketLifecycleOutput) GoString() string {
type PutBucketLoggingInput struct {
_ struct{} `locationName:"PutBucketLoggingRequest" type:"structure" payload:"BucketLoggingStatus"`
+ // The name of the bucket for which to set the logging parameters.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // Container for logging status information.
+ //
// BucketLoggingStatus is a required field
BucketLoggingStatus *BucketLoggingStatus `locationName:"BucketLoggingStatus" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
}
@@ -19405,6 +24587,20 @@ func (s *PutBucketLoggingInput) SetBucketLoggingStatus(v *BucketLoggingStatus) *
return s
}
+func (s *PutBucketLoggingInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketLoggingInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketLoggingOutput struct {
_ struct{} `type:"structure"`
}
@@ -19500,6 +24696,20 @@ func (s *PutBucketMetricsConfigurationInput) SetMetricsConfiguration(v *MetricsC
return s
}
+func (s *PutBucketMetricsConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketMetricsConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketMetricsConfigurationOutput struct {
_ struct{} `type:"structure"`
}
@@ -19517,6 +24727,8 @@ func (s PutBucketMetricsConfigurationOutput) GoString() string {
type PutBucketNotificationConfigurationInput struct {
_ struct{} `locationName:"PutBucketNotificationConfigurationRequest" type:"structure" payload:"NotificationConfiguration"`
+ // The name of the bucket.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -19580,6 +24792,20 @@ func (s *PutBucketNotificationConfigurationInput) SetNotificationConfiguration(v
return s
}
+func (s *PutBucketNotificationConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketNotificationConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketNotificationConfigurationOutput struct {
_ struct{} `type:"structure"`
}
@@ -19597,9 +24823,13 @@ func (s PutBucketNotificationConfigurationOutput) GoString() string {
type PutBucketNotificationInput struct {
_ struct{} `locationName:"PutBucketNotificationRequest" type:"structure" payload:"NotificationConfiguration"`
+ // The name of the bucket.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // The container for the configuration.
+ //
// NotificationConfiguration is a required field
NotificationConfiguration *NotificationConfigurationDeprecated `locationName:"NotificationConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
}
@@ -19652,6 +24882,20 @@ func (s *PutBucketNotificationInput) SetNotificationConfiguration(v *Notificatio
return s
}
+func (s *PutBucketNotificationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketNotificationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketNotificationOutput struct {
_ struct{} `type:"structure"`
}
@@ -19669,6 +24913,8 @@ func (s PutBucketNotificationOutput) GoString() string {
type PutBucketPolicyInput struct {
_ struct{} `locationName:"PutBucketPolicyRequest" type:"structure" payload:"Policy"`
+ // The name of the bucket.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -19736,6 +24982,20 @@ func (s *PutBucketPolicyInput) SetPolicy(v string) *PutBucketPolicyInput {
return s
}
+func (s *PutBucketPolicyInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketPolicyInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketPolicyOutput struct {
_ struct{} `type:"structure"`
}
@@ -19753,6 +25013,8 @@ func (s PutBucketPolicyOutput) GoString() string {
type PutBucketReplicationInput struct {
_ struct{} `locationName:"PutBucketReplicationRequest" type:"structure" payload:"ReplicationConfiguration"`
+ // The name of the bucket
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -19762,7 +25024,6 @@ type PutBucketReplicationInput struct {
// ReplicationConfiguration is a required field
ReplicationConfiguration *ReplicationConfiguration `locationName:"ReplicationConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
- // A token that allows Amazon S3 object lock to be enabled for an existing bucket.
Token *string `location:"header" locationName:"x-amz-bucket-object-lock-token" type:"string"`
}
@@ -19825,6 +25086,20 @@ func (s *PutBucketReplicationInput) SetToken(v string) *PutBucketReplicationInpu
return s
}
+func (s *PutBucketReplicationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketReplicationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketReplicationOutput struct {
_ struct{} `type:"structure"`
}
@@ -19842,9 +25117,13 @@ func (s PutBucketReplicationOutput) GoString() string {
type PutBucketRequestPaymentInput struct {
_ struct{} `locationName:"PutBucketRequestPaymentRequest" type:"structure" payload:"RequestPaymentConfiguration"`
+ // The bucket name.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // Container for Payer.
+ //
// RequestPaymentConfiguration is a required field
RequestPaymentConfiguration *RequestPaymentConfiguration `locationName:"RequestPaymentConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
}
@@ -19902,6 +25181,20 @@ func (s *PutBucketRequestPaymentInput) SetRequestPaymentConfiguration(v *Request
return s
}
+func (s *PutBucketRequestPaymentInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketRequestPaymentInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketRequestPaymentOutput struct {
_ struct{} `type:"structure"`
}
@@ -19919,9 +25212,13 @@ func (s PutBucketRequestPaymentOutput) GoString() string {
type PutBucketTaggingInput struct {
_ struct{} `locationName:"PutBucketTaggingRequest" type:"structure" payload:"Tagging"`
+ // The bucket name.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // Container for the TagSet and Tag elements.
+ //
// Tagging is a required field
Tagging *Tagging `locationName:"Tagging" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
}
@@ -19979,6 +25276,20 @@ func (s *PutBucketTaggingInput) SetTagging(v *Tagging) *PutBucketTaggingInput {
return s
}
+func (s *PutBucketTaggingInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketTaggingInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketTaggingOutput struct {
_ struct{} `type:"structure"`
}
@@ -19996,6 +25307,8 @@ func (s PutBucketTaggingOutput) GoString() string {
type PutBucketVersioningInput struct {
_ struct{} `locationName:"PutBucketVersioningRequest" type:"structure" payload:"VersioningConfiguration"`
+ // The bucket name.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -20003,9 +25316,7 @@ type PutBucketVersioningInput struct {
// and the value that is displayed on your authentication device.
MFA *string `location:"header" locationName:"x-amz-mfa" type:"string"`
- // Describes the versioning state of an Amazon S3 bucket. For more information,
- // see PUT Bucket versioning (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html)
- // in the Amazon Simple Storage Service API Reference.
+ // Container for setting the versioning state.
//
// VersioningConfiguration is a required field
VersioningConfiguration *VersioningConfiguration `locationName:"VersioningConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
@@ -20065,6 +25376,20 @@ func (s *PutBucketVersioningInput) SetVersioningConfiguration(v *VersioningConfi
return s
}
+func (s *PutBucketVersioningInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketVersioningInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketVersioningOutput struct {
_ struct{} `type:"structure"`
}
@@ -20082,10 +25407,12 @@ func (s PutBucketVersioningOutput) GoString() string {
type PutBucketWebsiteInput struct {
_ struct{} `locationName:"PutBucketWebsiteRequest" type:"structure" payload:"WebsiteConfiguration"`
+ // The bucket name.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
- // Specifies website configuration parameters for an Amazon S3 bucket.
+ // Container for the request.
//
// WebsiteConfiguration is a required field
WebsiteConfiguration *WebsiteConfiguration `locationName:"WebsiteConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
@@ -20144,6 +25471,20 @@ func (s *PutBucketWebsiteInput) SetWebsiteConfiguration(v *WebsiteConfiguration)
return s
}
+func (s *PutBucketWebsiteInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutBucketWebsiteInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutBucketWebsiteOutput struct {
_ struct{} `type:"structure"`
}
@@ -20161,12 +25502,23 @@ func (s PutBucketWebsiteOutput) GoString() string {
type PutObjectAclInput struct {
_ struct{} `locationName:"PutObjectAclRequest" type:"structure" payload:"AccessControlPolicy"`
- // The canned ACL to apply to the object.
+ // The canned ACL to apply to the object. For more information, see Canned ACL
+ // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).
ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"`
// Contains the elements that set the ACL permissions for an object per grantee.
AccessControlPolicy *AccessControlPolicy `locationName:"AccessControlPolicy" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
+ // The bucket name that contains the object to which you want to attach the
+ // ACL.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -20186,13 +25538,16 @@ type PutObjectAclInput struct {
// Allows grantee to write the ACL for the applicable bucket.
GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"`
+ // Key for which the PUT operation was initiated.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// VersionId used to reference a specific version of the object.
@@ -20309,6 +25664,20 @@ func (s *PutObjectAclInput) SetVersionId(v string) *PutObjectAclInput {
return s
}
+func (s *PutObjectAclInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutObjectAclInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutObjectAclOutput struct {
_ struct{} `type:"structure"`
@@ -20336,44 +25705,62 @@ func (s *PutObjectAclOutput) SetRequestCharged(v string) *PutObjectAclOutput {
type PutObjectInput struct {
_ struct{} `locationName:"PutObjectRequest" type:"structure" payload:"Body"`
- // The canned ACL to apply to the object.
+ // The canned ACL to apply to the object. For more information, see Canned ACL
+ // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).
ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"`
// Object data.
Body io.ReadSeeker `type:"blob"`
- // Name of the bucket to which the PUT operation was initiated.
+ // Bucket name to which the PUT operation was initiated.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
//
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
- // Specifies caching behavior along the request/reply chain.
+ // Can be used to specify caching behavior along the request/reply chain. For
+ // more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9
+ // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9).
CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"`
- // Specifies presentational information for the object.
+ // Specifies presentational information for the object. For more information,
+ // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1).
ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"`
// Specifies what content encodings have been applied to the object and thus
// what decoding mechanisms must be applied to obtain the media-type referenced
- // by the Content-Type header field.
+ // by the Content-Type header field. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11
+ // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11).
ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"`
// The language the content is in.
ContentLanguage *string `location:"header" locationName:"Content-Language" type:"string"`
// Size of the body in bytes. This parameter is useful when the size of the
- // body cannot be determined automatically.
+ // body cannot be determined automatically. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13
+ // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13).
ContentLength *int64 `location:"header" locationName:"Content-Length" type:"long"`
- // The base64-encoded 128-bit MD5 digest of the part data. This parameter is
- // auto-populated when using the command from the CLI. This parameted is required
- // if object lock parameters are specified.
+ // The base64-encoded 128-bit MD5 digest of the message (without the headers)
+ // according to RFC 1864. This header can be used as a message integrity check
+ // to verify that the data is the same data that was originally sent. Although
+ // it is optional, we recommend using the Content-MD5 mechanism as an end-to-end
+ // integrity check. For more information about REST request authentication,
+ // see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html).
ContentMD5 *string `location:"header" locationName:"Content-MD5" type:"string"`
- // A standard MIME type describing the format of the object data.
+ // A standard MIME type describing the format of the contents. For more information,
+ // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17).
ContentType *string `location:"header" locationName:"Content-Type" type:"string"`
- // The date and time at which the object is no longer cacheable.
+ // The date and time at which the object is no longer cacheable. For more information,
+ // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21).
Expires *time.Time `location:"header" locationName:"Expires" type:"timestamp"`
// Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.
@@ -20396,34 +25783,37 @@ type PutObjectInput struct {
// A map of metadata to store with the object in S3.
Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"`
- // The Legal Hold status that you want to apply to the specified object.
+ // Specifies whether a legal hold will be applied to this object. For more information
+ // about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html).
ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"`
- // The object lock mode that you want to apply to this object.
+ // The Object Lock mode that you want to apply to this object.
ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"`
- // The date and time when you want this object's object lock to expire.
+ // The date and time when you want this object's Object Lock to expire.
ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
- // Specifies the algorithm to use to when encrypting the object (e.g., AES256).
+ // Specifies the algorithm to use to when encrypting the object (for example,
+ // AES256).
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// Specifies the customer-provided encryption key for Amazon S3 to use in encrypting
// data. This value is used to store the object and then it is discarded; Amazon
- // does not store the encryption key. The key must be appropriate for use with
- // the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
+ // S3 does not store the encryption key. The key must be appropriate for use
+ // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
// header.
SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"`
// Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321.
- // Amazon S3 uses this header for a message integrity check to ensure the encryption
- // key was transmitted without error.
+ // Amazon S3 uses this header for a message integrity check to ensure that the
+ // encryption key was transmitted without error.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
// Specifies the AWS KMS Encryption Context to use for object encryption. The
@@ -20431,17 +25821,24 @@ type PutObjectInput struct {
// encryption context key-value pairs.
SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"`
- // Specifies the AWS KMS key ID to use for object encryption. All GET and PUT
- // requests for an object protected by AWS KMS will fail if not made via SSL
- // or using SigV4. Documentation on configuring any of the officially supported
- // AWS SDKs and CLI can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
+ // If x-amz-server-side-encryption is present and has the value of aws:kms,
+ // this header specifies the ID of the AWS Key Management Service (AWS KMS)
+ // symmetrical customer managed customer master key (CMK) that was used for
+ // the object.
+ //
+ // If the value of x-amz-server-side-encryption is aws:kms, this header specifies
+ // the ID of the symmetric customer managed AWS KMS CMK that will be used for
+ // the object. If you specify x-amz-server-side-encryption:aws:kms, but do not
+ // providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the AWS
+ // managed CMK in AWS to protect the data.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // The server-side encryption algorithm used when storing this object in Amazon
+ // S3 (for example, AES256, aws:kms).
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
- // The type of storage to use for the object. Defaults to 'STANDARD'.
+ // If you don't specify, S3 Standard is the default storage class. Amazon S3
+ // supports other storage classes.
StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"`
// The tag-set for the object. The tag-set must be encoded as URL Query parameters.
@@ -20450,7 +25847,22 @@ type PutObjectInput struct {
// If the bucket is configured as a website, redirects requests for this object
// to another object in the same bucket or to an external URL. Amazon S3 stores
- // the value of this header in the object metadata.
+ // the value of this header in the object metadata. For information about object
+ // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html).
+ //
+ // In the following example, the request header sets the redirect to an object
+ // (anotherPage.html) in the same bucket:
+ //
+ // x-amz-website-redirect-location: /anotherPage.html
+ //
+ // In the following example, the request header sets the object redirect to
+ // another website:
+ //
+ // x-amz-website-redirect-location: http://www.example.com/
+ //
+ // For more information about website hosting in Amazon S3, see Hosting Websites
+ // on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html)
+ // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).
WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"`
}
@@ -20680,10 +26092,32 @@ func (s *PutObjectInput) SetWebsiteRedirectLocation(v string) *PutObjectInput {
return s
}
+func (s *PutObjectInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutObjectInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutObjectLegalHoldInput struct {
_ struct{} `locationName:"PutObjectLegalHoldRequest" type:"structure" payload:"LegalHold"`
- // The bucket containing the object that you want to place a Legal Hold on.
+ // The bucket name containing the object that you want to place a Legal Hold
+ // on.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
//
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -20697,10 +26131,11 @@ type PutObjectLegalHoldInput struct {
// specified object.
LegalHold *ObjectLockLegalHold `locationName:"LegalHold" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// The version ID of the object that you want to place a Legal Hold on.
@@ -20776,6 +26211,20 @@ func (s *PutObjectLegalHoldInput) SetVersionId(v string) *PutObjectLegalHoldInpu
return s
}
+func (s *PutObjectLegalHoldInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutObjectLegalHoldInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutObjectLegalHoldOutput struct {
_ struct{} `type:"structure"`
@@ -20803,21 +26252,22 @@ func (s *PutObjectLegalHoldOutput) SetRequestCharged(v string) *PutObjectLegalHo
type PutObjectLockConfigurationInput struct {
_ struct{} `locationName:"PutObjectLockConfigurationRequest" type:"structure" payload:"ObjectLockConfiguration"`
- // The bucket whose object lock configuration you want to create or replace.
+ // The bucket whose Object Lock configuration you want to create or replace.
//
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
- // The object lock configuration that you want to apply to the specified bucket.
+ // The Object Lock configuration that you want to apply to the specified bucket.
ObjectLockConfiguration *ObjectLockConfiguration `locationName:"ObjectLockConfiguration" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
- // A token to allow Amazon S3 object lock to be enabled for an existing bucket.
+ // A token to allow Object Lock to be enabled for an existing bucket.
Token *string `location:"header" locationName:"x-amz-bucket-object-lock-token" type:"string"`
}
@@ -20878,6 +26328,20 @@ func (s *PutObjectLockConfigurationInput) SetToken(v string) *PutObjectLockConfi
return s
}
+func (s *PutObjectLockConfigurationInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutObjectLockConfigurationInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutObjectLockConfigurationOutput struct {
_ struct{} `type:"structure"`
@@ -20908,8 +26372,11 @@ type PutObjectOutput struct {
// Entity tag for the uploaded object.
ETag *string `location:"header" locationName:"ETag" type:"string"`
- // If the object expiration is configured, this will contain the expiration
- // date (expiry-date) and rule ID (rule-id). The value of rule-id is URL encoded.
+ // If the expiration is configured for the object (see PutBucketLifecycleConfiguration
+ // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)),
+ // the response includes this header. It includes the expiry-date and rule-id
+ // key-value pairs that provide information about object expiration. The value
+ // of the rule-id is URL encoded.
Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"`
// If present, indicates that the requester was successfully charged for the
@@ -20922,7 +26389,7 @@ type PutObjectOutput struct {
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// If server-side encryption with a customer-provided encryption key was requested,
- // the response will include this header to provide round trip message integrity
+ // the response will include this header to provide round-trip message integrity
// verification of the customer-provided encryption key.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
@@ -20931,12 +26398,16 @@ type PutObjectOutput struct {
// the encryption context key-value pairs.
SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"`
- // If present, specifies the ID of the AWS Key Management Service (KMS) master
- // encryption key that was used for the object.
+ // If x-amz-server-side-encryption is present and has the value of aws:kms,
+ // this header specifies the ID of the AWS Key Management Service (AWS KMS)
+ // symmetric customer managed customer master key (CMK) that was used for the
+ // object.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // If you specified server-side encryption either with an AWS KMS customer master
+ // key (CMK) or Amazon S3-managed encryption key in your PUT request, the response
+ // includes this header. It confirms the encryption algorithm that Amazon S3
+ // used to encrypt the object.
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
// Version of the object.
@@ -21010,13 +26481,20 @@ func (s *PutObjectOutput) SetVersionId(v string) *PutObjectOutput {
type PutObjectRetentionInput struct {
_ struct{} `locationName:"PutObjectRetentionRequest" type:"structure" payload:"Retention"`
- // The bucket that contains the object you want to apply this Object Retention
+ // The bucket name that contains the object you want to apply this Object Retention
// configuration to.
//
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
- // Indicates whether this operation should bypass Governance-mode restrictions.j
+ // Indicates whether this operation should bypass Governance-mode restrictions.
BypassGovernanceRetention *bool `location:"header" locationName:"x-amz-bypass-governance-retention" type:"boolean"`
// The key name for the object that you want to apply this Object Retention
@@ -21025,10 +26503,11 @@ type PutObjectRetentionInput struct {
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// The container element for the Object Retention configuration.
@@ -21114,6 +26593,20 @@ func (s *PutObjectRetentionInput) SetVersionId(v string) *PutObjectRetentionInpu
return s
}
+func (s *PutObjectRetentionInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutObjectRetentionInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutObjectRetentionOutput struct {
_ struct{} `type:"structure"`
@@ -21141,15 +26634,29 @@ func (s *PutObjectRetentionOutput) SetRequestCharged(v string) *PutObjectRetenti
type PutObjectTaggingInput struct {
_ struct{} `locationName:"PutObjectTaggingRequest" type:"structure" payload:"Tagging"`
+ // The bucket name containing the object.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // Name of the object key.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
+ // Container for the TagSet and Tag elements
+ //
// Tagging is a required field
Tagging *Tagging `locationName:"Tagging" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
+ // The versionId of the object that the tag-set will be added to.
VersionId *string `location:"querystring" locationName:"versionId" type:"string"`
}
@@ -21224,9 +26731,24 @@ func (s *PutObjectTaggingInput) SetVersionId(v string) *PutObjectTaggingInput {
return s
}
+func (s *PutObjectTaggingInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutObjectTaggingInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutObjectTaggingOutput struct {
_ struct{} `type:"structure"`
+ // The versionId of the object the tag-set was added to.
VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"`
}
@@ -21313,6 +26835,20 @@ func (s *PutPublicAccessBlockInput) SetPublicAccessBlockConfiguration(v *PublicA
return s
}
+func (s *PutPublicAccessBlockInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *PutPublicAccessBlockInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type PutPublicAccessBlockOutput struct {
_ struct{} `type:"structure"`
}
@@ -21332,6 +26868,8 @@ func (s PutPublicAccessBlockOutput) GoString() string {
type QueueConfiguration struct {
_ struct{} `type:"structure"`
+ // A collection of bucket events for which to send notifications
+ //
// Events is a required field
Events []*string `locationName:"Event" type:"list" flattened:"true" required:"true"`
@@ -21401,6 +26939,10 @@ func (s *QueueConfiguration) SetQueueArn(v string) *QueueConfiguration {
return s
}
+// This data type is deprecated. Use QueueConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_QueueConfiguration.html)
+// for the same purposes. This data type specifies the configuration for publishing
+// messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon
+// S3 detects specified events.
type QueueConfigurationDeprecated struct {
_ struct{} `type:"structure"`
@@ -21409,12 +26951,15 @@ type QueueConfigurationDeprecated struct {
// Deprecated: Event has been deprecated
Event *string `deprecated:"true" type:"string" enum:"Event"`
+ // A collection of bucket events for which to send notifications
Events []*string `locationName:"Event" type:"list" flattened:"true"`
// An optional unique identifier for configurations in a notification configuration.
// If you don't provide one, Amazon S3 will assign an ID.
Id *string `type:"string"`
+ // The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3
+ // publishes a message when it detects events of the specified type.
Queue *string `type:"string"`
}
@@ -21452,6 +26997,7 @@ func (s *QueueConfigurationDeprecated) SetQueue(v string) *QueueConfigurationDep
return s
}
+// The container for the records event.
type RecordsEvent struct {
_ struct{} `locationName:"RecordsEvent" type:"structure" payload:"Payload"`
@@ -21491,6 +27037,15 @@ func (s *RecordsEvent) UnmarshalEvent(
return nil
}
+// MarshalEvent marshals the type into an stream event value. This method
+// should only used internally within the SDK's EventStream handling.
+func (s *RecordsEvent) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstream.Message, err error) {
+ msg.Headers.Set(eventstreamapi.MessageTypeHeader, eventstream.StringValue(eventstreamapi.EventMessageType))
+ msg.Headers.Set(":content-type", eventstream.StringValue("application/octet-stream"))
+ msg.Payload = s.Payload
+ return msg, err
+}
+
// Specifies how requests are redirected. In the event of an error, you can
// specify a different error code to return.
type Redirect struct {
@@ -21618,7 +27173,7 @@ type ReplicationConfiguration struct {
// The Amazon Resource Name (ARN) of the AWS Identity and Access Management
// (IAM) role that Amazon S3 assumes when replicating objects. For more information,
- // see How to Set Up Cross-Region Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-how-setup.html)
+ // see How to Set Up Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html)
// in the Amazon Simple Storage Service Developer Guide.
//
// Role is a required field
@@ -21683,14 +27238,30 @@ func (s *ReplicationConfiguration) SetRules(v []*ReplicationRule) *ReplicationCo
type ReplicationRule struct {
_ struct{} `type:"structure"`
- // Specifies whether Amazon S3 should replicate delete makers.
+ // Specifies whether Amazon S3 replicates the delete markers. If you specify
+ // a Filter, you must specify this element. However, in the latest version of
+ // replication configuration (when Filter is specified), Amazon S3 doesn't replicate
+ // delete markers. Therefore, the DeleteMarkerReplication element can contain
+ // only Disabled. For an example configuration, see Basic Rule
+ // Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config).
+ //
+ // If you don't specify the Filter element, Amazon S3 assumes that the replication
+ // configuration is the earlier version, V1. In the earlier version, Amazon
+ // S3 handled replication of delete markers differently. For more information,
+ // see Backward Compatibility (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations).
DeleteMarkerReplication *DeleteMarkerReplication `type:"structure"`
- // A container for information about the replication destination.
+ // A container for information about the replication destination and its configurations
+ // including enabling the S3 Replication Time Control (S3 RTC).
//
// Destination is a required field
Destination *Destination `type:"structure" required:"true"`
+ // Optional configuration to replicate existing source bucket objects. For more
+ // information, see Replicating Existing Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication)
+ // in the Amazon S3 Developer Guide.
+ ExistingObjectReplication *ExistingObjectReplication `type:"structure"`
+
// A filter that identifies the subset of objects to which the replication rule
// applies. A Filter must specify exactly one Prefix, Tag, or an And child element.
Filter *ReplicationRuleFilter `type:"structure"`
@@ -21698,9 +27269,9 @@ type ReplicationRule struct {
// A unique identifier for the rule. The maximum value is 255 characters.
ID *string `type:"string"`
- // An object keyname prefix that identifies the object or objects to which the
- // rule applies. The maximum prefix length is 1,024 characters. To include all
- // objects in a bucket, specify an empty string.
+ // An object key name prefix that identifies the object or objects to which
+ // the rule applies. The maximum prefix length is 1,024 characters. To include
+ // all objects in a bucket, specify an empty string.
//
// Deprecated: Prefix has been deprecated
Prefix *string `deprecated:"true" type:"string"`
@@ -21710,21 +27281,21 @@ type ReplicationRule struct {
// when filtering. If two or more rules identify the same object based on a
// specified filter, the rule with higher priority takes precedence. For example:
//
- // * Same object quality prefix based filter criteria If prefixes you specified
+ // * Same object quality prefix-based filter criteria if prefixes you specified
// in multiple rules overlap
//
- // * Same object qualify tag based filter criteria specified in multiple
+ // * Same object qualify tag-based filter criteria specified in multiple
// rules
//
- // For more information, see Cross-Region Replication (CRR) (https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html)
- // in the Amazon S3 Developer Guide.
+ // For more information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html)
+ // in the Amazon Simple Storage Service Developer Guide.
Priority *int64 `type:"integer"`
// A container that describes additional filters for identifying the source
// objects that you want to replicate. You can choose to enable or disable the
// replication of these objects. Currently, Amazon S3 supports only the filter
// that you can specify for objects created with server-side encryption using
- // an AWS KMS-Managed Key (SSE-KMS).
+ // a customer master key (CMK) stored in AWS Key Management Service (SSE-KMS).
SourceSelectionCriteria *SourceSelectionCriteria `type:"structure"`
// Specifies whether the rule is enabled.
@@ -21757,6 +27328,11 @@ func (s *ReplicationRule) Validate() error {
invalidParams.AddNested("Destination", err.(request.ErrInvalidParams))
}
}
+ if s.ExistingObjectReplication != nil {
+ if err := s.ExistingObjectReplication.Validate(); err != nil {
+ invalidParams.AddNested("ExistingObjectReplication", err.(request.ErrInvalidParams))
+ }
+ }
if s.Filter != nil {
if err := s.Filter.Validate(); err != nil {
invalidParams.AddNested("Filter", err.(request.ErrInvalidParams))
@@ -21786,6 +27362,12 @@ func (s *ReplicationRule) SetDestination(v *Destination) *ReplicationRule {
return s
}
+// SetExistingObjectReplication sets the ExistingObjectReplication field's value.
+func (s *ReplicationRule) SetExistingObjectReplication(v *ExistingObjectReplication) *ReplicationRule {
+ s.ExistingObjectReplication = v
+ return s
+}
+
// SetFilter sets the Filter field's value.
func (s *ReplicationRule) SetFilter(v *ReplicationRuleFilter) *ReplicationRule {
s.Filter = v
@@ -21822,11 +27404,25 @@ func (s *ReplicationRule) SetStatus(v string) *ReplicationRule {
return s
}
+// A container for specifying rule filters. The filters determine the subset
+// of objects to which the rule applies. This element is required only if you
+// specify more than one filter.
+//
+// For example:
+//
+// * If you specify both a Prefix and a Tag filter, wrap these filters in
+// an And tag.
+//
+// * If you specify a filter based on multiple tags, wrap the Tag elements
+// in an And tag
type ReplicationRuleAndOperator struct {
_ struct{} `type:"structure"`
+ // An object key name prefix that identifies the subset of objects to which
+ // the rule applies.
Prefix *string `type:"string"`
+ // An array of tags containing key and value pairs.
Tags []*Tag `locationName:"Tag" locationNameList:"Tag" type:"list" flattened:"true"`
}
@@ -21888,8 +27484,8 @@ type ReplicationRuleFilter struct {
// in an And tag.
And *ReplicationRuleAndOperator `type:"structure"`
- // An object keyname prefix that identifies the subset of objects to which the
- // rule applies.
+ // An object key name prefix that identifies the subset of objects to which
+ // the rule applies.
Prefix *string `type:"string"`
// A container for specifying a tag key and value.
@@ -21946,6 +27542,91 @@ func (s *ReplicationRuleFilter) SetTag(v *Tag) *ReplicationRuleFilter {
return s
}
+// A container specifying S3 Replication Time Control (S3 RTC) related information,
+// including whether S3 RTC is enabled and the time when all objects and operations
+// on objects must be replicated. Must be specified together with a Metrics
+// block.
+type ReplicationTime struct {
+ _ struct{} `type:"structure"`
+
+ // Specifies whether the replication time is enabled.
+ //
+ // Status is a required field
+ Status *string `type:"string" required:"true" enum:"ReplicationTimeStatus"`
+
+ // A container specifying the time by which replication should be complete for
+ // all objects and operations on objects.
+ //
+ // Time is a required field
+ Time *ReplicationTimeValue `type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s ReplicationTime) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ReplicationTime) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ReplicationTime) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ReplicationTime"}
+ if s.Status == nil {
+ invalidParams.Add(request.NewErrParamRequired("Status"))
+ }
+ if s.Time == nil {
+ invalidParams.Add(request.NewErrParamRequired("Time"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetStatus sets the Status field's value.
+func (s *ReplicationTime) SetStatus(v string) *ReplicationTime {
+ s.Status = &v
+ return s
+}
+
+// SetTime sets the Time field's value.
+func (s *ReplicationTime) SetTime(v *ReplicationTimeValue) *ReplicationTime {
+ s.Time = v
+ return s
+}
+
+// A container specifying the time value for S3 Replication Time Control (S3
+// RTC) and replication metrics EventThreshold.
+type ReplicationTimeValue struct {
+ _ struct{} `type:"structure"`
+
+ // Contains an integer specifying time in minutes.
+ //
+ // Valid values: 15 minutes.
+ Minutes *int64 `type:"integer"`
+}
+
+// String returns the string representation
+func (s ReplicationTimeValue) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ReplicationTimeValue) GoString() string {
+ return s.String()
+}
+
+// SetMinutes sets the Minutes field's value.
+func (s *ReplicationTimeValue) SetMinutes(v int64) *ReplicationTimeValue {
+ s.Minutes = &v
+ return s
+}
+
+// Container for Payer.
type RequestPaymentConfiguration struct {
_ struct{} `type:"structure"`
@@ -21984,6 +27665,7 @@ func (s *RequestPaymentConfiguration) SetPayer(v string) *RequestPaymentConfigur
return s
}
+// Container for specifying if periodic QueryProgress messages should be sent.
type RequestProgress struct {
_ struct{} `type:"structure"`
@@ -22011,21 +27693,34 @@ func (s *RequestProgress) SetEnabled(v bool) *RequestProgress {
type RestoreObjectInput struct {
_ struct{} `locationName:"RestoreObjectRequest" type:"structure" payload:"RestoreRequest"`
+ // The bucket name or containing the object to restore.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
+ // Object key for which the operation was initiated.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
// Container for restore job parameters.
RestoreRequest *RestoreRequest `locationName:"RestoreRequest" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"`
+ // VersionId used to reference a specific version of the object.
VersionId *string `location:"querystring" locationName:"versionId" type:"string"`
}
@@ -22103,6 +27798,20 @@ func (s *RestoreObjectInput) SetVersionId(v string) *RestoreObjectInput {
return s
}
+func (s *RestoreObjectInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *RestoreObjectInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type RestoreObjectOutput struct {
_ struct{} `type:"structure"`
@@ -22148,7 +27857,7 @@ type RestoreRequest struct {
// The optional description for the job.
Description *string `type:"string"`
- // Glacier related parameters pertaining to this job. Do not use with restores
+ // S3 Glacier related parameters pertaining to this job. Do not use with restores
// that specify OutputLocation.
GlacierJobParameters *GlacierJobParameters `type:"structure"`
@@ -22158,7 +27867,7 @@ type RestoreRequest struct {
// Describes the parameters for Select job types.
SelectParameters *SelectParameters `type:"structure"`
- // Glacier retrieval tier at which the restore will be processed.
+ // S3 Glacier retrieval tier at which the restore will be processed.
Tier *string `type:"string" enum:"Tier"`
// Type of restore request.
@@ -22242,7 +27951,10 @@ func (s *RestoreRequest) SetType(v string) *RestoreRequest {
return s
}
-// Specifies the redirect behavior and when a redirect is applied.
+// Specifies the redirect behavior and when a redirect is applied. For more
+// information about routing rules, see Configuring advanced conditional redirects
+// (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects)
+// in the Amazon Simple Storage Service Developer Guide.
type RoutingRule struct {
_ struct{} `type:"structure"`
@@ -22296,8 +28008,9 @@ func (s *RoutingRule) SetRedirect(v *Redirect) *RoutingRule {
}
// Specifies lifecycle rules for an Amazon S3 bucket. For more information,
-// see PUT Bucket lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html)
-// in the Amazon Simple Storage Service API Reference.
+// see Put Bucket Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html)
+// in the Amazon Simple Storage Service API Reference. For examples, see Put
+// Bucket Lifecycle Configuration Examples (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html#API_PutBucketLifecycleConfiguration_Examples)
type Rule struct {
_ struct{} `type:"structure"`
@@ -22308,6 +28021,7 @@ type Rule struct {
// in the Amazon Simple Storage Service Developer Guide.
AbortIncompleteMultipartUpload *AbortIncompleteMultipartUpload `type:"structure"`
+ // Specifies the expiration for the lifecycle of the object.
Expiration *LifecycleExpiration `type:"structure"`
// Unique identifier for the rule. The value can't be longer than 255 characters.
@@ -22341,7 +28055,10 @@ type Rule struct {
// Status is a required field
Status *string `type:"string" required:"true" enum:"ExpirationStatus"`
- // Specifies when an object transitions to a specified storage class.
+ // Specifies when an object transitions to a specified storage class. For more
+ // information about Amazon S3 lifecycle configuration rules, see Transitioning
+ // Objects Using Amazon S3 Lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html)
+ // in the Amazon Simple Storage Service Developer Guide.
Transition *Transition `type:"structure"`
}
@@ -22419,12 +28136,12 @@ func (s *Rule) SetTransition(v *Transition) *Rule {
return s
}
-// Specifies the use of SSE-KMS to encrypt delivered Inventory reports.
+// Specifies the use of SSE-KMS to encrypt delivered inventory reports.
type SSEKMS struct {
_ struct{} `locationName:"SSE-KMS" type:"structure"`
- // Specifies the ID of the AWS Key Management Service (KMS) master encryption
- // key to use for encrypting Inventory reports.
+ // Specifies the ID of the AWS Key Management Service (AWS KMS) symmetric customer
+ // managed customer master key (CMK) to use for encrypting inventory reports.
//
// KeyId is a required field
KeyId *string `type:"string" required:"true" sensitive:"true"`
@@ -22459,7 +28176,7 @@ func (s *SSEKMS) SetKeyId(v string) *SSEKMS {
return s
}
-// Specifies the use of SSE-S3 to encrypt delivered Inventory reports.
+// Specifies the use of SSE-S3 to encrypt delivered inventory reports.
type SSES3 struct {
_ struct{} `locationName:"SSE-S3" type:"structure"`
}
@@ -22474,16 +28191,24 @@ func (s SSES3) GoString() string {
return s.String()
}
+// Specifies the byte range of the object to get the records from. A record
+// is processed when its first byte is contained by the range. This parameter
+// is optional, but when specified, it must not be empty. See RFC 2616, Section
+// 14.35.1 about how to specify the start and end of the range.
type ScanRange struct {
_ struct{} `type:"structure"`
// Specifies the end of the byte range. This parameter is optional. Valid values:
// non-negative integers. The default value is one less than the size of the
- // object being queried.
+ // object being queried. If only the End parameter is supplied, it is interpreted
+ // to mean scan the last N bytes of the file. For example, 50
+ // means scan the last 50 bytes.
End *int64 `type:"long"`
// Specifies the start of the byte range. This parameter is optional. Valid
- // values: non-negative integers. The default value is 0.
+ // values: non-negative integers. The default value is 0. If only start is supplied,
+ // it means scan from that point to the end of the file.For example; 50
+ // means scan from byte 50 until the end of the file.
Start *int64 `type:"long"`
}
@@ -22509,75 +28234,8 @@ func (s *ScanRange) SetStart(v int64) *ScanRange {
return s
}
-// SelectObjectContentEventStream provides handling of EventStreams for
-// the SelectObjectContent API.
-//
-// Use this type to receive SelectObjectContentEventStream events. The events
-// can be read from the Events channel member.
-//
-// The events that can be received are:
-//
-// * ContinuationEvent
-// * EndEvent
-// * ProgressEvent
-// * RecordsEvent
-// * StatsEvent
-type SelectObjectContentEventStream struct {
- // Reader is the EventStream reader for the SelectObjectContentEventStream
- // events. This value is automatically set by the SDK when the API call is made
- // Use this member when unit testing your code with the SDK to mock out the
- // EventStream Reader.
- //
- // Must not be nil.
- Reader SelectObjectContentEventStreamReader
-
- // StreamCloser is the io.Closer for the EventStream connection. For HTTP
- // EventStream this is the response Body. The stream will be closed when
- // the Close method of the EventStream is called.
- StreamCloser io.Closer
-}
-
-// Close closes the EventStream. This will also cause the Events channel to be
-// closed. You can use the closing of the Events channel to terminate your
-// application's read from the API's EventStream.
-//
-// Will close the underlying EventStream reader. For EventStream over HTTP
-// connection this will also close the HTTP connection.
-//
-// Close must be called when done using the EventStream API. Not calling Close
-// may result in resource leaks.
-func (es *SelectObjectContentEventStream) Close() (err error) {
- es.Reader.Close()
- es.StreamCloser.Close()
-
- return es.Err()
-}
-
-// Err returns any error that occurred while reading EventStream Events from
-// the service API's response. Returns nil if there were no errors.
-func (es *SelectObjectContentEventStream) Err() error {
- if err := es.Reader.Err(); err != nil {
- return err
- }
- return nil
-}
-
-// Events returns a channel to read EventStream Events from the
-// SelectObjectContent API.
-//
-// These events are:
-//
-// * ContinuationEvent
-// * EndEvent
-// * ProgressEvent
-// * RecordsEvent
-// * StatsEvent
-func (es *SelectObjectContentEventStream) Events() <-chan SelectObjectContentEventStreamEvent {
- return es.Reader.Events()
-}
-
// SelectObjectContentEventStreamEvent groups together all EventStream
-// events read from the SelectObjectContent API.
+// events writes for SelectObjectContentEventStream.
//
// These events are:
//
@@ -22588,11 +28246,12 @@ func (es *SelectObjectContentEventStream) Events() <-chan SelectObjectContentEve
// * StatsEvent
type SelectObjectContentEventStreamEvent interface {
eventSelectObjectContentEventStream()
+ eventstreamapi.Marshaler
+ eventstreamapi.Unmarshaler
}
-// SelectObjectContentEventStreamReader provides the interface for reading EventStream
-// Events from the SelectObjectContent API. The
-// default implementation for this interface will be SelectObjectContentEventStream.
+// SelectObjectContentEventStreamReader provides the interface for reading to the stream. The
+// default implementation for this interface will be SelectObjectContentEventStreamData.
//
// The reader's Close method must allow multiple concurrent calls.
//
@@ -22603,12 +28262,12 @@ type SelectObjectContentEventStreamEvent interface {
// * ProgressEvent
// * RecordsEvent
// * StatsEvent
+// * SelectObjectContentEventStreamUnknownEvent
type SelectObjectContentEventStreamReader interface {
// Returns a channel of events as they are read from the event stream.
Events() <-chan SelectObjectContentEventStreamEvent
- // Close will close the underlying event stream reader. For event stream over
- // HTTP this will also close the HTTP connection.
+ // Close will stop the reader reading events from the stream.
Close() error
// Returns any error that has occurred while reading from the event stream.
@@ -22618,57 +28277,44 @@ type SelectObjectContentEventStreamReader interface {
type readSelectObjectContentEventStream struct {
eventReader *eventstreamapi.EventReader
stream chan SelectObjectContentEventStreamEvent
- errVal atomic.Value
+ err *eventstreamapi.OnceError
done chan struct{}
closeOnce sync.Once
}
-func newReadSelectObjectContentEventStream(
- reader io.ReadCloser,
- unmarshalers request.HandlerList,
- logger aws.Logger,
- logLevel aws.LogLevelType,
-) *readSelectObjectContentEventStream {
+func newReadSelectObjectContentEventStream(eventReader *eventstreamapi.EventReader) *readSelectObjectContentEventStream {
r := &readSelectObjectContentEventStream{
- stream: make(chan SelectObjectContentEventStreamEvent),
- done: make(chan struct{}),
+ eventReader: eventReader,
+ stream: make(chan SelectObjectContentEventStreamEvent),
+ done: make(chan struct{}),
+ err: eventstreamapi.NewOnceError(),
}
-
- r.eventReader = eventstreamapi.NewEventReader(
- reader,
- protocol.HandlerPayloadUnmarshal{
- Unmarshalers: unmarshalers,
- },
- r.unmarshalerForEventType,
- )
- r.eventReader.UseLogger(logger, logLevel)
+ go r.readEventStream()
return r
}
-// Close will close the underlying event stream reader. For EventStream over
-// HTTP this will also close the HTTP connection.
+// Close will close the underlying event stream reader.
func (r *readSelectObjectContentEventStream) Close() error {
r.closeOnce.Do(r.safeClose)
-
return r.Err()
}
+func (r *readSelectObjectContentEventStream) ErrorSet() <-chan struct{} {
+ return r.err.ErrorSet()
+}
+
+func (r *readSelectObjectContentEventStream) Closed() <-chan struct{} {
+ return r.done
+}
+
func (r *readSelectObjectContentEventStream) safeClose() {
close(r.done)
- err := r.eventReader.Close()
- if err != nil {
- r.errVal.Store(err)
- }
}
func (r *readSelectObjectContentEventStream) Err() error {
- if v := r.errVal.Load(); v != nil {
- return v.(error)
- }
-
- return nil
+ return r.err.Err()
}
func (r *readSelectObjectContentEventStream) Events() <-chan SelectObjectContentEventStreamEvent {
@@ -22676,6 +28322,7 @@ func (r *readSelectObjectContentEventStream) Events() <-chan SelectObjectContent
}
func (r *readSelectObjectContentEventStream) readEventStream() {
+ defer r.Close()
defer close(r.stream)
for {
@@ -22690,7 +28337,10 @@ func (r *readSelectObjectContentEventStream) readEventStream() {
return
default:
}
- r.errVal.Store(err)
+ if _, ok := err.(*eventstreamapi.UnknownMessageTypeError); ok {
+ continue
+ }
+ r.err.SetError(err)
return
}
@@ -22702,33 +28352,56 @@ func (r *readSelectObjectContentEventStream) readEventStream() {
}
}
-func (r *readSelectObjectContentEventStream) unmarshalerForEventType(
- eventType string,
-) (eventstreamapi.Unmarshaler, error) {
+type unmarshalerForSelectObjectContentEventStreamEvent struct {
+ metadata protocol.ResponseMetadata
+}
+
+func (u unmarshalerForSelectObjectContentEventStreamEvent) UnmarshalerForEventName(eventType string) (eventstreamapi.Unmarshaler, error) {
switch eventType {
case "Cont":
return &ContinuationEvent{}, nil
-
case "End":
return &EndEvent{}, nil
-
case "Progress":
return &ProgressEvent{}, nil
-
case "Records":
return &RecordsEvent{}, nil
-
case "Stats":
return &StatsEvent{}, nil
default:
- return nil, awserr.New(
- request.ErrCodeSerialization,
- fmt.Sprintf("unknown event type name, %s, for SelectObjectContentEventStream", eventType),
- nil,
- )
+ return &SelectObjectContentEventStreamUnknownEvent{Type: eventType}, nil
}
}
+// SelectObjectContentEventStreamUnknownEvent provides a failsafe event for the
+// SelectObjectContentEventStream group of events when an unknown event is received.
+type SelectObjectContentEventStreamUnknownEvent struct {
+ Type string
+ Message eventstream.Message
+}
+
+// The SelectObjectContentEventStreamUnknownEvent is and event in the SelectObjectContentEventStream
+// group of events.
+func (s *SelectObjectContentEventStreamUnknownEvent) eventSelectObjectContentEventStream() {}
+
+// MarshalEvent marshals the type into an stream event value. This method
+// should only used internally within the SDK's EventStream handling.
+func (e *SelectObjectContentEventStreamUnknownEvent) MarshalEvent(pm protocol.PayloadMarshaler) (
+ msg eventstream.Message, err error,
+) {
+ return e.Message.Clone(), nil
+}
+
+// UnmarshalEvent unmarshals the EventStream Message into the SelectObjectContentEventStreamData value.
+// This method is only used internally within the SDK's EventStream handling.
+func (e *SelectObjectContentEventStreamUnknownEvent) UnmarshalEvent(
+ payloadUnmarshaler protocol.PayloadUnmarshaler,
+ msg eventstream.Message,
+) error {
+ e.Message = msg.Clone()
+ return nil
+}
+
// Request to filter the contents of an Amazon S3 object based on a simple Structured
// Query Language (SQL) statement. In the request, along with the SQL expression,
// you must specify a data serialization format (JSON or CSV) of the object.
@@ -22749,7 +28422,7 @@ type SelectObjectContentInput struct {
// Expression is a required field
Expression *string `type:"string" required:"true"`
- // The type of the provided expression (for example., SQL).
+ // The type of the provided expression (for example, SQL).
//
// ExpressionType is a required field
ExpressionType *string `type:"string" required:"true" enum:"ExpressionType"`
@@ -22788,6 +28461,18 @@ type SelectObjectContentInput struct {
// is processed when its first byte is contained by the range. This parameter
// is optional, but when specified, it must not be empty. See RFC 2616, Section
// 14.35.1 about how to specify the start and end of the range.
+ //
+ // ScanRangemay be used in the following ways:
+ //
+ // * 50100 - process only
+ // the records starting between the bytes 50 and 100 (inclusive, counting
+ // from zero)
+ //
+ // * 50 - process only the records
+ // starting after the byte 50
+ //
+ // * 50 - process only the records within
+ // the last 50 bytes of the file.
ScanRange *ScanRange `type:"structure"`
}
@@ -22915,11 +28600,24 @@ func (s *SelectObjectContentInput) SetScanRange(v *ScanRange) *SelectObjectConte
return s
}
+func (s *SelectObjectContentInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *SelectObjectContentInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type SelectObjectContentOutput struct {
_ struct{} `type:"structure" payload:"Payload"`
- // Use EventStream to use the API's stream.
- EventStream *SelectObjectContentEventStream `type:"structure"`
+ EventStream *SelectObjectContentEventStream
}
// String returns the string representation
@@ -22932,29 +28630,17 @@ func (s SelectObjectContentOutput) GoString() string {
return s.String()
}
-// SetEventStream sets the EventStream field's value.
func (s *SelectObjectContentOutput) SetEventStream(v *SelectObjectContentEventStream) *SelectObjectContentOutput {
s.EventStream = v
return s
}
+func (s *SelectObjectContentOutput) GetEventStream() *SelectObjectContentEventStream {
+ return s.EventStream
+}
-func (s *SelectObjectContentOutput) runEventStreamLoop(r *request.Request) {
- if r.Error != nil {
- return
- }
- reader := newReadSelectObjectContentEventStream(
- r.HTTPResponse.Body,
- r.Handlers.UnmarshalStream,
- r.Config.Logger,
- r.Config.LogLevel.Value(),
- )
- go reader.readEventStream()
-
- eventStream := &SelectObjectContentEventStream{
- StreamCloser: r.HTTPResponse.Body,
- Reader: reader,
- }
- s.EventStream = eventStream
+// GetStream returns the type to interact with the event stream.
+func (s *SelectObjectContentOutput) GetStream() *SelectObjectContentEventStream {
+ return s.EventStream
}
// Describes the parameters for Select job types.
@@ -22966,7 +28652,7 @@ type SelectParameters struct {
// Expression is a required field
Expression *string `type:"string" required:"true"`
- // The type of the provided expression (e.g., SQL).
+ // The type of the provided expression (for example, SQL).
//
// ExpressionType is a required field
ExpressionType *string `type:"string" required:"true" enum:"ExpressionType"`
@@ -23046,8 +28732,24 @@ func (s *SelectParameters) SetOutputSerialization(v *OutputSerialization) *Selec
type ServerSideEncryptionByDefault struct {
_ struct{} `type:"structure"`
- // KMS master key ID to use for the default encryption. This parameter is allowed
- // if and only if SSEAlgorithm is set to aws:kms.
+ // AWS Key Management Service (KMS) customer master key ID to use for the default
+ // encryption. This parameter is allowed if and only if SSEAlgorithm is set
+ // to aws:kms.
+ //
+ // You can specify the key ID or the Amazon Resource Name (ARN) of the CMK.
+ // However, if you are using encryption with cross-account operations, you must
+ // use a fully qualified CMK ARN. For more information, see Using encryption
+ // for cross-account operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).
+ //
+ // For example:
+ //
+ // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ //
+ // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ //
+ // Amazon S3 only supports symmetric CMKs and not asymmetric CMKs. For more
+ // information, see Using Symmetric and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html)
+ // in the AWS Key Management Service Developer Guide.
KMSMasterKeyID *string `type:"string" sensitive:"true"`
// Server-side encryption algorithm to use for the default encryption.
@@ -23186,7 +28888,7 @@ func (s *ServerSideEncryptionRule) SetApplyServerSideEncryptionByDefault(v *Serv
// objects that you want to replicate. You can choose to enable or disable the
// replication of these objects. Currently, Amazon S3 supports only the filter
// that you can specify for objects created with server-side encryption using
-// an AWS KMS-Managed Key (SSE-KMS).
+// a customer master key (CMK) stored in AWS Key Management Service (SSE-KMS).
type SourceSelectionCriteria struct {
_ struct{} `type:"structure"`
@@ -23233,7 +28935,7 @@ type SseKmsEncryptedObjects struct {
_ struct{} `type:"structure"`
// Specifies whether Amazon S3 replicates objects created with server-side encryption
- // using an AWS KMS-managed key.
+ // using a customer master key (CMK) stored in AWS Key Management Service.
//
// Status is a required field
Status *string `type:"string" required:"true" enum:"SseKmsEncryptedObjectsStatus"`
@@ -23268,6 +28970,7 @@ func (s *SseKmsEncryptedObjects) SetStatus(v string) *SseKmsEncryptedObjects {
return s
}
+// Container for the stats details.
type Stats struct {
_ struct{} `type:"structure"`
@@ -23309,6 +29012,7 @@ func (s *Stats) SetBytesScanned(v int64) *Stats {
return s
}
+// Container for the Stats Event.
type StatsEvent struct {
_ struct{} `locationName:"StatsEvent" type:"structure" payload:"Details"`
@@ -23349,6 +29053,18 @@ func (s *StatsEvent) UnmarshalEvent(
return nil
}
+// MarshalEvent marshals the type into an stream event value. This method
+// should only used internally within the SDK's EventStream handling.
+func (s *StatsEvent) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstream.Message, err error) {
+ msg.Headers.Set(eventstreamapi.MessageTypeHeader, eventstream.StringValue(eventstreamapi.EventMessageType))
+ var buf bytes.Buffer
+ if err = pm.MarshalPayload(&buf, s); err != nil {
+ return eventstream.Message{}, err
+ }
+ msg.Payload = buf.Bytes()
+ return msg, err
+}
+
// Specifies data related to access patterns to be collected and made available
// to analyze the tradeoffs between different storage classes for an Amazon
// S3 bucket.
@@ -23391,6 +29107,8 @@ func (s *StorageClassAnalysis) SetDataExport(v *StorageClassAnalysisDataExport)
return s
}
+// Container for data related to the storage class analysis for an Amazon S3
+// bucket for export.
type StorageClassAnalysisDataExport struct {
_ struct{} `type:"structure"`
@@ -23448,10 +29166,11 @@ func (s *StorageClassAnalysisDataExport) SetOutputSchemaVersion(v string) *Stora
return s
}
+// A container of a key value name pair.
type Tag struct {
_ struct{} `type:"structure"`
- // Name of the tag.
+ // Name of the object key.
//
// Key is a required field
Key *string `min:"1" type:"string" required:"true"`
@@ -23503,9 +29222,12 @@ func (s *Tag) SetValue(v string) *Tag {
return s
}
+// Container for TagSet elements.
type Tagging struct {
_ struct{} `type:"structure"`
+ // A collection for a set of tags
+ //
// TagSet is a required field
TagSet []*Tag `locationNameList:"Tag" type:"list" required:"true"`
}
@@ -23549,9 +29271,11 @@ func (s *Tagging) SetTagSet(v []*Tag) *Tagging {
return s
}
+// Container for granting information.
type TargetGrant struct {
_ struct{} `type:"structure"`
+ // Container for the person being granted permissions.
Grantee *Grantee `type:"structure" xmlPrefix:"xsi" xmlURI:"http://www.w3.org/2001/XMLSchema-instance"`
// Logging permissions assigned to the Grantee for the bucket.
@@ -23674,6 +29398,11 @@ func (s *TopicConfiguration) SetTopicArn(v string) *TopicConfiguration {
return s
}
+// A container for specifying the configuration for publication of messages
+// to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3
+// detects specified events. This data type is deprecated. Use TopicConfiguration
+// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_TopicConfiguration.html)
+// instead.
type TopicConfigurationDeprecated struct {
_ struct{} `type:"structure"`
@@ -23682,6 +29411,7 @@ type TopicConfigurationDeprecated struct {
// Deprecated: Event has been deprecated
Event *string `deprecated:"true" type:"string" enum:"Event"`
+ // A collection of events related to objects
Events []*string `locationName:"Event" type:"list" flattened:"true"`
// An optional unique identifier for configurations in a notification configuration.
@@ -23727,7 +29457,10 @@ func (s *TopicConfigurationDeprecated) SetTopic(v string) *TopicConfigurationDep
return s
}
-// Specifies when an object transitions to a specified storage class.
+// Specifies when an object transitions to a specified storage class. For more
+// information about Amazon S3 lifecycle configuration rules, see Transitioning
+// Objects Using Amazon S3 Lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html)
+// in the Amazon Simple Storage Service Developer Guide.
type Transition struct {
_ struct{} `type:"structure"`
@@ -23774,6 +29507,8 @@ func (s *Transition) SetStorageClass(v string) *Transition {
type UploadPartCopyInput struct {
_ struct{} `locationName:"UploadPartCopyRequest" type:"structure"`
+ // The bucket name.
+ //
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
@@ -23799,11 +29534,12 @@ type UploadPartCopyInput struct {
// The range of bytes to copy from the source object. The range value must use
// the form bytes=first-last, where the first and last are the zero-based byte
// offsets to copy. For example, bytes=0-9 indicates that you want to copy the
- // first ten bytes of the source. You can copy a range only if the source object
+ // first 10 bytes of the source. You can copy a range only if the source object
// is greater than 5 MB.
CopySourceRange *string `location:"header" locationName:"x-amz-copy-source-range" type:"string"`
- // Specifies the algorithm to use when decrypting the source object (e.g., AES256).
+ // Specifies the algorithm to use when decrypting the source object (for example,
+ // AES256).
CopySourceSSECustomerAlgorithm *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-algorithm" type:"string"`
// Specifies the customer-provided encryption key for Amazon S3 to use to decrypt
@@ -23812,10 +29548,12 @@ type UploadPartCopyInput struct {
CopySourceSSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-key" type:"string" sensitive:"true"`
// Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321.
- // Amazon S3 uses this header for a message integrity check to ensure the encryption
- // key was transmitted without error.
+ // Amazon S3 uses this header for a message integrity check to ensure that the
+ // encryption key was transmitted without error.
CopySourceSSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-key-MD5" type:"string"`
+ // Object key for which the multipart upload was initiated.
+ //
// Key is a required field
Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"`
@@ -23825,26 +29563,28 @@ type UploadPartCopyInput struct {
// PartNumber is a required field
PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer" required:"true"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
- // Specifies the algorithm to use to when encrypting the object (e.g., AES256).
+ // Specifies the algorithm to use to when encrypting the object (for example,
+ // AES256).
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// Specifies the customer-provided encryption key for Amazon S3 to use in encrypting
// data. This value is used to store the object and then it is discarded; Amazon
- // does not store the encryption key. The key must be appropriate for use with
- // the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
+ // S3 does not store the encryption key. The key must be appropriate for use
+ // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
// header. This must be the same encryption key specified in the initiate multipart
// upload request.
SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"`
// Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321.
- // Amazon S3 uses this header for a message integrity check to ensure the encryption
- // key was transmitted without error.
+ // Amazon S3 uses this header for a message integrity check to ensure that the
+ // encryption key was transmitted without error.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
// Upload ID identifying the multipart upload whose part is being copied.
@@ -24017,9 +29757,24 @@ func (s *UploadPartCopyInput) SetUploadId(v string) *UploadPartCopyInput {
return s
}
+func (s *UploadPartCopyInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *UploadPartCopyInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type UploadPartCopyOutput struct {
_ struct{} `type:"structure" payload:"CopyPartResult"`
+ // Container for all response elements.
CopyPartResult *CopyPartResult `type:"structure"`
// The version of the source object that was copied, if you have enabled versioning
@@ -24036,16 +29791,17 @@ type UploadPartCopyOutput struct {
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// If server-side encryption with a customer-provided encryption key was requested,
- // the response will include this header to provide round trip message integrity
+ // the response will include this header to provide round-trip message integrity
// verification of the customer-provided encryption key.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
- // If present, specifies the ID of the AWS Key Management Service (KMS) master
- // encryption key that was used for the object.
+ // If present, specifies the ID of the AWS Key Management Service (AWS KMS)
+ // symmetric customer managed customer master key (CMK) that was used for the
+ // object.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // The server-side encryption algorithm used when storing this object in Amazon
+ // S3 (for example, AES256, aws:kms).
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
}
@@ -24117,7 +29873,7 @@ type UploadPartInput struct {
ContentLength *int64 `location:"header" locationName:"Content-Length" type:"long"`
// The base64-encoded 128-bit MD5 digest of the part data. This parameter is
- // auto-populated when using the command from the CLI. This parameted is required
+ // auto-populated when using the command from the CLI. This parameter is required
// if object lock parameters are specified.
ContentMD5 *string `location:"header" locationName:"Content-MD5" type:"string"`
@@ -24132,26 +29888,28 @@ type UploadPartInput struct {
// PartNumber is a required field
PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer" required:"true"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
- // Specifies the algorithm to use to when encrypting the object (e.g., AES256).
+ // Specifies the algorithm to use to when encrypting the object (for example,
+ // AES256).
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// Specifies the customer-provided encryption key for Amazon S3 to use in encrypting
// data. This value is used to store the object and then it is discarded; Amazon
- // does not store the encryption key. The key must be appropriate for use with
- // the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
+ // S3 does not store the encryption key. The key must be appropriate for use
+ // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
// header. This must be the same encryption key specified in the initiate multipart
// upload request.
SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"`
// Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321.
- // Amazon S3 uses this header for a message integrity check to ensure the encryption
- // key was transmitted without error.
+ // Amazon S3 uses this header for a message integrity check to ensure that the
+ // encryption key was transmitted without error.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
// Upload ID identifying the multipart upload whose part is being uploaded.
@@ -24278,6 +30036,20 @@ func (s *UploadPartInput) SetUploadId(v string) *UploadPartInput {
return s
}
+func (s *UploadPartInput) getEndpointARN() (arn.Resource, error) {
+ if s.Bucket == nil {
+ return nil, fmt.Errorf("member Bucket is nil")
+ }
+ return parseEndpointARN(*s.Bucket)
+}
+
+func (s *UploadPartInput) hasEndpointARN() bool {
+ if s.Bucket == nil {
+ return false
+ }
+ return arn.IsARN(*s.Bucket)
+}
+
type UploadPartOutput struct {
_ struct{} `type:"structure"`
@@ -24294,16 +30066,16 @@ type UploadPartOutput struct {
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// If server-side encryption with a customer-provided encryption key was requested,
- // the response will include this header to provide round trip message integrity
+ // the response will include this header to provide round-trip message integrity
// verification of the customer-provided encryption key.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
- // If present, specifies the ID of the AWS Key Management Service (KMS) master
- // encryption key that was used for the object.
+ // If present, specifies the ID of the AWS Key Management Service (AWS KMS)
+ // symmetric customer managed customer master key (CMK) was used for the object.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // The server-side encryption algorithm used when storing this object in Amazon
+ // S3 (for example, AES256, aws:kms).
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
}
@@ -24618,11 +30390,37 @@ const (
// EventS3ObjectRemovedDeleteMarkerCreated is a Event enum value
EventS3ObjectRemovedDeleteMarkerCreated = "s3:ObjectRemoved:DeleteMarkerCreated"
+ // EventS3ObjectRestore is a Event enum value
+ EventS3ObjectRestore = "s3:ObjectRestore:*"
+
// EventS3ObjectRestorePost is a Event enum value
EventS3ObjectRestorePost = "s3:ObjectRestore:Post"
// EventS3ObjectRestoreCompleted is a Event enum value
EventS3ObjectRestoreCompleted = "s3:ObjectRestore:Completed"
+
+ // EventS3Replication is a Event enum value
+ EventS3Replication = "s3:Replication:*"
+
+ // EventS3ReplicationOperationFailedReplication is a Event enum value
+ EventS3ReplicationOperationFailedReplication = "s3:Replication:OperationFailedReplication"
+
+ // EventS3ReplicationOperationNotTracked is a Event enum value
+ EventS3ReplicationOperationNotTracked = "s3:Replication:OperationNotTracked"
+
+ // EventS3ReplicationOperationMissedThreshold is a Event enum value
+ EventS3ReplicationOperationMissedThreshold = "s3:Replication:OperationMissedThreshold"
+
+ // EventS3ReplicationOperationReplicatedAfterThreshold is a Event enum value
+ EventS3ReplicationOperationReplicatedAfterThreshold = "s3:Replication:OperationReplicatedAfterThreshold"
+)
+
+const (
+ // ExistingObjectReplicationStatusEnabled is a ExistingObjectReplicationStatus enum value
+ ExistingObjectReplicationStatusEnabled = "Enabled"
+
+ // ExistingObjectReplicationStatusDisabled is a ExistingObjectReplicationStatus enum value
+ ExistingObjectReplicationStatusDisabled = "Disabled"
)
const (
@@ -24751,6 +30549,14 @@ const (
MetadataDirectiveReplace = "REPLACE"
)
+const (
+ // MetricsStatusEnabled is a MetricsStatus enum value
+ MetricsStatusEnabled = "Enabled"
+
+ // MetricsStatusDisabled is a MetricsStatus enum value
+ MetricsStatusDisabled = "Disabled"
+)
+
const (
// ObjectCannedACLPrivate is a ObjectCannedACL enum value
ObjectCannedACLPrivate = "private"
@@ -24899,6 +30705,14 @@ const (
ReplicationStatusReplica = "REPLICA"
)
+const (
+ // ReplicationTimeStatusEnabled is a ReplicationTimeStatus enum value
+ ReplicationTimeStatusEnabled = "Enabled"
+
+ // ReplicationTimeStatusDisabled is a ReplicationTimeStatus enum value
+ ReplicationTimeStatusDisabled = "Disabled"
+)
+
// If present, indicates that the requester was successfully charged for the
// request.
const (
@@ -24906,10 +30720,11 @@ const (
RequestChargedRequester = "requester"
)
-// Confirms that the requester knows that she or he will be charged for the
-// request. Bucket owners need not specify this parameter in their requests.
-// Documentation on downloading objects from requester pays buckets can be found
-// at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+// Confirms that the requester knows that they will be charged for the request.
+// Bucket owners need not specify this parameter in their requests. For information
+// about downloading objects from requester pays buckets, see Downloading Objects
+// in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+// in the Amazon S3 Developer Guide.
const (
// RequestPayerRequester is a RequestPayer enum value
RequestPayerRequester = "requester"
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/body_hash.go b/vendor/github.com/aws/aws-sdk-go/service/s3/body_hash.go
index 5c8ce5c..407f06b 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/body_hash.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/body_hash.go
@@ -13,7 +13,6 @@ import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/request"
- "github.com/aws/aws-sdk-go/internal/sdkio"
)
const (
@@ -25,30 +24,6 @@ const (
appendMD5TxEncoding = "append-md5"
)
-// contentMD5 computes and sets the HTTP Content-MD5 header for requests that
-// require it.
-func contentMD5(r *request.Request) {
- h := md5.New()
-
- if !aws.IsReaderSeekable(r.Body) {
- if r.Config.Logger != nil {
- r.Config.Logger.Log(fmt.Sprintf(
- "Unable to compute Content-MD5 for unseekable body, S3.%s",
- r.Operation.Name))
- }
- return
- }
-
- if _, err := copySeekableBody(h, r.Body); err != nil {
- r.Error = awserr.New("ContentMD5", "failed to compute body MD5", err)
- return
- }
-
- // encode the md5 checksum in base64 and set the request header.
- v := base64.StdEncoding.EncodeToString(h.Sum(nil))
- r.HTTPRequest.Header.Set(contentMD5Header, v)
-}
-
// computeBodyHashes will add Content MD5 and Content Sha256 hashes to the
// request. If the body is not seekable or S3DisableContentMD5Validation set
// this handler will be ignored.
@@ -90,7 +65,7 @@ func computeBodyHashes(r *request.Request) {
dst = io.MultiWriter(hashers...)
}
- if _, err := copySeekableBody(dst, r.Body); err != nil {
+ if _, err := aws.CopySeekableBody(dst, r.Body); err != nil {
r.Error = awserr.New("BodyHashError", "failed to compute body hashes", err)
return
}
@@ -119,28 +94,6 @@ const (
sha256HexEncLen = sha256.Size * 2 // hex.EncodedLen
)
-func copySeekableBody(dst io.Writer, src io.ReadSeeker) (int64, error) {
- curPos, err := src.Seek(0, sdkio.SeekCurrent)
- if err != nil {
- return 0, err
- }
-
- // hash the body. seek back to the first position after reading to reset
- // the body for transmission. copy errors may be assumed to be from the
- // body.
- n, err := io.Copy(dst, src)
- if err != nil {
- return n, err
- }
-
- _, err = src.Seek(curPos, sdkio.SeekStart)
- if err != nil {
- return n, err
- }
-
- return n, nil
-}
-
// Adds the x-amz-te: append_md5 header to the request. This requests the service
// responds with a trailing MD5 checksum.
//
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/customizations.go b/vendor/github.com/aws/aws-sdk-go/service/s3/customizations.go
index 23d386b..a7698d5 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/customizations.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/customizations.go
@@ -4,6 +4,7 @@ import (
"github.com/aws/aws-sdk-go/aws/client"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/internal/s3err"
+ "github.com/aws/aws-sdk-go/service/s3/internal/arn"
)
func init() {
@@ -13,7 +14,7 @@ func init() {
func defaultInitClientFn(c *client.Client) {
// Support building custom endpoints based on config
- c.Handlers.Build.PushFront(updateEndpointForS3Config)
+ c.Handlers.Build.PushFront(endpointHandler)
// Require SSL when using SSE keys
c.Handlers.Validate.PushBack(validateSSERequiresSSL)
@@ -27,17 +28,11 @@ func defaultInitClientFn(c *client.Client) {
}
func defaultInitRequestFn(r *request.Request) {
- // Add reuest handlers for specific platforms.
+ // Add request handlers for specific platforms.
// e.g. 100-continue support for PUT requests using Go 1.6
platformRequestHandlers(r)
switch r.Operation.Name {
- case opPutBucketCors, opPutBucketLifecycle, opPutBucketPolicy,
- opPutBucketTagging, opDeleteObjects, opPutBucketLifecycleConfiguration,
- opPutObjectLegalHold, opPutObjectRetention, opPutObjectLockConfiguration,
- opPutBucketReplication:
- // These S3 operations require Content-MD5 to be set
- r.Handlers.Build.PushBack(contentMD5)
case opGetBucketLocation:
// GetBucketLocation has custom parsing logic
r.Handlers.Unmarshal.PushFront(buildGetBucketLocation)
@@ -73,3 +68,8 @@ type sseCustomerKeyGetter interface {
type copySourceSSECustomerKeyGetter interface {
getCopySourceSSECustomerKey() string
}
+
+type endpointARNGetter interface {
+ getEndpointARN() (arn.Resource, error)
+ hasEndpointARN() bool
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/doc_custom.go b/vendor/github.com/aws/aws-sdk-go/service/s3/doc_custom.go
index 4b65f71..7f7aca2 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/doc_custom.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/doc_custom.go
@@ -104,19 +104,6 @@
// content from S3. The Encryption and Decryption clients can be used concurrently
// once the client is created.
//
-// sess := session.Must(session.NewSession())
-//
-// // Create the decryption client.
-// svc := s3crypto.NewDecryptionClient(sess)
-//
-// // The object will be downloaded from S3 and decrypted locally. By metadata
-// // about the object's encryption will instruct the decryption client how
-// // decrypt the content of the object. By default KMS is used for keys.
-// result, err := svc.GetObject(&s3.GetObjectInput {
-// Bucket: aws.String(myBucket),
-// Key: aws.String(myKey),
-// })
-//
// See the s3crypto package documentation for more information.
// https://docs.aws.amazon.com/sdk-for-go/api/service/s3/s3crypto/
//
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go b/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go
new file mode 100644
index 0000000..c4048fb
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go
@@ -0,0 +1,233 @@
+package s3
+
+import (
+ "net/url"
+ "strings"
+
+ "github.com/aws/aws-sdk-go/aws"
+ awsarn "github.com/aws/aws-sdk-go/aws/arn"
+ "github.com/aws/aws-sdk-go/aws/awserr"
+ "github.com/aws/aws-sdk-go/aws/endpoints"
+ "github.com/aws/aws-sdk-go/aws/request"
+ "github.com/aws/aws-sdk-go/private/protocol"
+ "github.com/aws/aws-sdk-go/service/s3/internal/arn"
+)
+
+// Used by shapes with members decorated as endpoint ARN.
+func parseEndpointARN(v string) (arn.Resource, error) {
+ return arn.ParseResource(v, accessPointResourceParser)
+}
+
+func accessPointResourceParser(a awsarn.ARN) (arn.Resource, error) {
+ resParts := arn.SplitResource(a.Resource)
+ switch resParts[0] {
+ case "accesspoint":
+ return arn.ParseAccessPointResource(a, resParts[1:])
+ default:
+ return nil, arn.InvalidARNError{ARN: a, Reason: "unknown resource type"}
+ }
+}
+
+func endpointHandler(req *request.Request) {
+ endpoint, ok := req.Params.(endpointARNGetter)
+ if !ok || !endpoint.hasEndpointARN() {
+ updateBucketEndpointFromParams(req)
+ return
+ }
+
+ resource, err := endpoint.getEndpointARN()
+ if err != nil {
+ req.Error = newInvalidARNError(nil, err)
+ return
+ }
+
+ resReq := resourceRequest{
+ Resource: resource,
+ Request: req,
+ }
+
+ if resReq.IsCrossPartition() {
+ req.Error = newClientPartitionMismatchError(resource,
+ req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
+ return
+ }
+
+ if !resReq.AllowCrossRegion() && resReq.IsCrossRegion() {
+ req.Error = newClientRegionMismatchError(resource,
+ req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
+ return
+ }
+
+ if resReq.HasCustomEndpoint() {
+ req.Error = newInvalidARNWithCustomEndpointError(resource, nil)
+ return
+ }
+
+ switch tv := resource.(type) {
+ case arn.AccessPointARN:
+ err = updateRequestAccessPointEndpoint(req, tv)
+ if err != nil {
+ req.Error = err
+ }
+ default:
+ req.Error = newInvalidARNError(resource, nil)
+ }
+}
+
+type resourceRequest struct {
+ Resource arn.Resource
+ Request *request.Request
+}
+
+func (r resourceRequest) ARN() awsarn.ARN {
+ return r.Resource.GetARN()
+}
+
+func (r resourceRequest) AllowCrossRegion() bool {
+ return aws.BoolValue(r.Request.Config.S3UseARNRegion)
+}
+
+func (r resourceRequest) UseFIPS() bool {
+ return isFIPS(aws.StringValue(r.Request.Config.Region))
+}
+
+func (r resourceRequest) IsCrossPartition() bool {
+ return r.Request.ClientInfo.PartitionID != r.Resource.GetARN().Partition
+}
+
+func (r resourceRequest) IsCrossRegion() bool {
+ return isCrossRegion(r.Request, r.Resource.GetARN().Region)
+}
+
+func (r resourceRequest) HasCustomEndpoint() bool {
+ return len(aws.StringValue(r.Request.Config.Endpoint)) > 0
+}
+
+func isFIPS(clientRegion string) bool {
+ return strings.HasPrefix(clientRegion, "fips-") || strings.HasSuffix(clientRegion, "-fips")
+}
+func isCrossRegion(req *request.Request, otherRegion string) bool {
+ return req.ClientInfo.SigningRegion != otherRegion
+}
+
+func updateBucketEndpointFromParams(r *request.Request) {
+ bucket, ok := bucketNameFromReqParams(r.Params)
+ if !ok {
+ // Ignore operation requests if the bucket name was not provided
+ // if this is an input validation error the validation handler
+ // will report it.
+ return
+ }
+ updateEndpointForS3Config(r, bucket)
+}
+
+func updateRequestAccessPointEndpoint(req *request.Request, accessPoint arn.AccessPointARN) error {
+ // Accelerate not supported
+ if aws.BoolValue(req.Config.S3UseAccelerate) {
+ return newClientConfiguredForAccelerateError(accessPoint,
+ req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
+ }
+
+ // Ignore the disable host prefix for access points since custom endpoints
+ // are not supported.
+ req.Config.DisableEndpointHostPrefix = aws.Bool(false)
+
+ if err := accessPointEndpointBuilder(accessPoint).Build(req); err != nil {
+ return err
+ }
+
+ removeBucketFromPath(req.HTTPRequest.URL)
+
+ return nil
+}
+
+func removeBucketFromPath(u *url.URL) {
+ u.Path = strings.Replace(u.Path, "/{Bucket}", "", -1)
+ if u.Path == "" {
+ u.Path = "/"
+ }
+}
+
+type accessPointEndpointBuilder arn.AccessPointARN
+
+const (
+ accessPointPrefixLabel = "accesspoint"
+ accountIDPrefixLabel = "accountID"
+ accesPointPrefixTemplate = "{" + accessPointPrefixLabel + "}-{" + accountIDPrefixLabel + "}."
+)
+
+func (a accessPointEndpointBuilder) Build(req *request.Request) error {
+ resolveRegion := arn.AccessPointARN(a).Region
+ cfgRegion := aws.StringValue(req.Config.Region)
+
+ if isFIPS(cfgRegion) {
+ if aws.BoolValue(req.Config.S3UseARNRegion) && isCrossRegion(req, resolveRegion) {
+ // FIPS with cross region is not supported, the SDK must fail
+ // because there is no well defined method for SDK to construct a
+ // correct FIPS endpoint.
+ return newClientConfiguredForCrossRegionFIPSError(arn.AccessPointARN(a),
+ req.ClientInfo.PartitionID, cfgRegion, nil)
+ }
+ resolveRegion = cfgRegion
+ }
+
+ endpoint, err := resolveRegionalEndpoint(req, resolveRegion)
+ if err != nil {
+ return newFailedToResolveEndpointError(arn.AccessPointARN(a),
+ req.ClientInfo.PartitionID, cfgRegion, err)
+ }
+
+ if err = updateRequestEndpoint(req, endpoint.URL); err != nil {
+ return err
+ }
+
+ const serviceEndpointLabel = "s3-accesspoint"
+
+ // dualstack provided by endpoint resolver
+ cfgHost := req.HTTPRequest.URL.Host
+ if strings.HasPrefix(cfgHost, "s3") {
+ req.HTTPRequest.URL.Host = serviceEndpointLabel + cfgHost[2:]
+ }
+
+ protocol.HostPrefixBuilder{
+ Prefix: accesPointPrefixTemplate,
+ LabelsFn: a.hostPrefixLabelValues,
+ }.Build(req)
+
+ req.ClientInfo.SigningName = endpoint.SigningName
+ req.ClientInfo.SigningRegion = endpoint.SigningRegion
+
+ err = protocol.ValidateEndpointHost(req.Operation.Name, req.HTTPRequest.URL.Host)
+ if err != nil {
+ return newInvalidARNError(arn.AccessPointARN(a), err)
+ }
+
+ return nil
+}
+
+func (a accessPointEndpointBuilder) hostPrefixLabelValues() map[string]string {
+ return map[string]string{
+ accessPointPrefixLabel: arn.AccessPointARN(a).AccessPointName,
+ accountIDPrefixLabel: arn.AccessPointARN(a).AccountID,
+ }
+}
+
+func resolveRegionalEndpoint(r *request.Request, region string) (endpoints.ResolvedEndpoint, error) {
+ return r.Config.EndpointResolver.EndpointFor(EndpointsID, region, func(opts *endpoints.Options) {
+ opts.DisableSSL = aws.BoolValue(r.Config.DisableSSL)
+ opts.UseDualStack = aws.BoolValue(r.Config.UseDualStack)
+ opts.S3UsEast1RegionalEndpoint = endpoints.RegionalS3UsEast1Endpoint
+ })
+}
+
+func updateRequestEndpoint(r *request.Request, endpoint string) (err error) {
+ endpoint = endpoints.AddScheme(endpoint, aws.BoolValue(r.Config.DisableSSL))
+
+ r.HTTPRequest.URL, err = url.Parse(endpoint + r.Operation.HTTPPath)
+ if err != nil {
+ return awserr.New(request.ErrCodeSerialization,
+ "failed to parse endpoint URL", err)
+ }
+
+ return nil
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_errors.go b/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_errors.go
new file mode 100644
index 0000000..9df03e7
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_errors.go
@@ -0,0 +1,151 @@
+package s3
+
+import (
+ "fmt"
+
+ "github.com/aws/aws-sdk-go/aws/awserr"
+ "github.com/aws/aws-sdk-go/service/s3/internal/arn"
+)
+
+const (
+ invalidARNErrorErrCode = "InvalidARNError"
+ configurationErrorErrCode = "ConfigurationError"
+)
+
+type invalidARNError struct {
+ message string
+ resource arn.Resource
+ origErr error
+}
+
+func (e invalidARNError) Error() string {
+ var extra string
+ if e.resource != nil {
+ extra = "ARN: " + e.resource.String()
+ }
+ return awserr.SprintError(e.Code(), e.Message(), extra, e.origErr)
+}
+
+func (e invalidARNError) Code() string {
+ return invalidARNErrorErrCode
+}
+
+func (e invalidARNError) Message() string {
+ return e.message
+}
+
+func (e invalidARNError) OrigErr() error {
+ return e.origErr
+}
+
+func newInvalidARNError(resource arn.Resource, err error) invalidARNError {
+ return invalidARNError{
+ message: "invalid ARN",
+ origErr: err,
+ resource: resource,
+ }
+}
+
+func newInvalidARNWithCustomEndpointError(resource arn.Resource, err error) invalidARNError {
+ return invalidARNError{
+ message: "resource ARN not supported with custom client endpoints",
+ origErr: err,
+ resource: resource,
+ }
+}
+
+// ARN not supported for the target partition
+func newInvalidARNWithUnsupportedPartitionError(resource arn.Resource, err error) invalidARNError {
+ return invalidARNError{
+ message: "resource ARN not supported for the target ARN partition",
+ origErr: err,
+ resource: resource,
+ }
+}
+
+type configurationError struct {
+ message string
+ resource arn.Resource
+ clientPartitionID string
+ clientRegion string
+ origErr error
+}
+
+func (e configurationError) Error() string {
+ extra := fmt.Sprintf("ARN: %s, client partition: %s, client region: %s",
+ e.resource, e.clientPartitionID, e.clientRegion)
+
+ return awserr.SprintError(e.Code(), e.Message(), extra, e.origErr)
+}
+
+func (e configurationError) Code() string {
+ return configurationErrorErrCode
+}
+
+func (e configurationError) Message() string {
+ return e.message
+}
+
+func (e configurationError) OrigErr() error {
+ return e.origErr
+}
+
+func newClientPartitionMismatchError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
+ return configurationError{
+ message: "client partition does not match provided ARN partition",
+ origErr: err,
+ resource: resource,
+ clientPartitionID: clientPartitionID,
+ clientRegion: clientRegion,
+ }
+}
+
+func newClientRegionMismatchError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
+ return configurationError{
+ message: "client region does not match provided ARN region",
+ origErr: err,
+ resource: resource,
+ clientPartitionID: clientPartitionID,
+ clientRegion: clientRegion,
+ }
+}
+
+func newFailedToResolveEndpointError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
+ return configurationError{
+ message: "endpoint resolver failed to find an endpoint for the provided ARN region",
+ origErr: err,
+ resource: resource,
+ clientPartitionID: clientPartitionID,
+ clientRegion: clientRegion,
+ }
+}
+
+func newClientConfiguredForFIPSError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
+ return configurationError{
+ message: "client configured for fips but cross-region resource ARN provided",
+ origErr: err,
+ resource: resource,
+ clientPartitionID: clientPartitionID,
+ clientRegion: clientRegion,
+ }
+}
+
+func newClientConfiguredForAccelerateError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
+ return configurationError{
+ message: "client configured for S3 Accelerate but is supported with resource ARN",
+ origErr: err,
+ resource: resource,
+ clientPartitionID: clientPartitionID,
+ clientRegion: clientRegion,
+ }
+}
+
+func newClientConfiguredForCrossRegionFIPSError(resource arn.Resource, clientPartitionID, clientRegion string, err error) configurationError {
+ return configurationError{
+ message: "client configured for FIPS with cross-region enabled but is supported with cross-region resource ARN",
+ origErr: err,
+ resource: resource,
+ clientPartitionID: clientPartitionID,
+ clientRegion: clientRegion,
+ }
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go b/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go
index 931cb17..49aeff1 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go
@@ -13,6 +13,12 @@ const (
// ErrCodeBucketAlreadyOwnedByYou for service response error code
// "BucketAlreadyOwnedByYou".
+ //
+ // The bucket you tried to create already exists, and you own it. Amazon S3
+ // returns this error in all AWS Regions except in the North Virginia Region.
+ // For legacy compatibility, if you re-create an existing bucket that you already
+ // own in the North Virginia Region, Amazon S3 returns 200 OK and resets the
+ // bucket access control lists (ACLs).
ErrCodeBucketAlreadyOwnedByYou = "BucketAlreadyOwnedByYou"
// ErrCodeNoSuchBucket for service response error code
@@ -36,13 +42,13 @@ const (
// ErrCodeObjectAlreadyInActiveTierError for service response error code
// "ObjectAlreadyInActiveTierError".
//
- // This operation is not allowed against this storage tier
+ // This operation is not allowed against this storage tier.
ErrCodeObjectAlreadyInActiveTierError = "ObjectAlreadyInActiveTierError"
// ErrCodeObjectNotInActiveTierError for service response error code
// "ObjectNotInActiveTierError".
//
// The source object of the COPY operation is not in the active tier and is
- // only stored in Amazon Glacier.
+ // only stored in Amazon S3 Glacier.
ErrCodeObjectNotInActiveTierError = "ObjectNotInActiveTierError"
)
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/host_style_bucket.go b/vendor/github.com/aws/aws-sdk-go/service/s3/host_style_bucket.go
index a7fbc2d..81cdec1 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/host_style_bucket.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/host_style_bucket.go
@@ -30,10 +30,10 @@ var accelerateOpBlacklist = operationBlacklist{
opListBuckets, opCreateBucket, opDeleteBucket,
}
-// Request handler to automatically add the bucket name to the endpoint domain
+// Automatically add the bucket name to the endpoint domain
// if possible. This style of bucket is valid for all bucket names which are
// DNS compatible and do not contain "."
-func updateEndpointForS3Config(r *request.Request) {
+func updateEndpointForS3Config(r *request.Request, bucketName string) {
forceHostStyle := aws.BoolValue(r.Config.S3ForcePathStyle)
accelerate := aws.BoolValue(r.Config.S3UseAccelerate)
@@ -43,45 +43,29 @@ func updateEndpointForS3Config(r *request.Request) {
r.Config.Logger.Log("ERROR: aws.Config.S3UseAccelerate is not compatible with aws.Config.S3ForcePathStyle, ignoring S3ForcePathStyle.")
}
}
- updateEndpointForAccelerate(r)
+ updateEndpointForAccelerate(r, bucketName)
} else if !forceHostStyle && r.Operation.Name != opGetBucketLocation {
- updateEndpointForHostStyle(r)
+ updateEndpointForHostStyle(r, bucketName)
}
}
-func updateEndpointForHostStyle(r *request.Request) {
- bucket, ok := bucketNameFromReqParams(r.Params)
- if !ok {
- // Ignore operation requests if the bucketname was not provided
- // if this is an input validation error the validation handler
- // will report it.
- return
- }
-
- if !hostCompatibleBucketName(r.HTTPRequest.URL, bucket) {
+func updateEndpointForHostStyle(r *request.Request, bucketName string) {
+ if !hostCompatibleBucketName(r.HTTPRequest.URL, bucketName) {
// bucket name must be valid to put into the host
return
}
- moveBucketToHost(r.HTTPRequest.URL, bucket)
+ moveBucketToHost(r.HTTPRequest.URL, bucketName)
}
var (
accelElem = []byte("s3-accelerate.dualstack.")
)
-func updateEndpointForAccelerate(r *request.Request) {
- bucket, ok := bucketNameFromReqParams(r.Params)
- if !ok {
- // Ignore operation requests if the bucketname was not provided
- // if this is an input validation error the validation handler
- // will report it.
- return
- }
-
- if !hostCompatibleBucketName(r.HTTPRequest.URL, bucket) {
+func updateEndpointForAccelerate(r *request.Request, bucketName string) {
+ if !hostCompatibleBucketName(r.HTTPRequest.URL, bucketName) {
r.Error = awserr.New("InvalidParameterException",
- fmt.Sprintf("bucket name %s is not compatible with S3 Accelerate", bucket),
+ fmt.Sprintf("bucket name %s is not compatible with S3 Accelerate", bucketName),
nil)
return
}
@@ -106,7 +90,7 @@ func updateEndpointForAccelerate(r *request.Request) {
r.HTTPRequest.URL.Host = strings.Join(parts, ".")
- moveBucketToHost(r.HTTPRequest.URL, bucket)
+ moveBucketToHost(r.HTTPRequest.URL, bucketName)
}
// Attempts to retrieve the bucket name from the request input parameters.
@@ -148,8 +132,5 @@ func dnsCompatibleBucketName(bucket string) bool {
// moveBucketToHost moves the bucket name from the URI path to URL host.
func moveBucketToHost(u *url.URL, bucket string) {
u.Host = bucket + "." + u.Host
- u.Path = strings.Replace(u.Path, "/{Bucket}", "", -1)
- if u.Path == "" {
- u.Path = "/"
- }
+ removeBucketFromPath(u)
}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/internal/arn/accesspoint_arn.go b/vendor/github.com/aws/aws-sdk-go/service/s3/internal/arn/accesspoint_arn.go
new file mode 100644
index 0000000..2f93f96
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/internal/arn/accesspoint_arn.go
@@ -0,0 +1,45 @@
+package arn
+
+import (
+ "strings"
+
+ "github.com/aws/aws-sdk-go/aws/arn"
+)
+
+// AccessPointARN provides representation
+type AccessPointARN struct {
+ arn.ARN
+ AccessPointName string
+}
+
+// GetARN returns the base ARN for the Access Point resource
+func (a AccessPointARN) GetARN() arn.ARN {
+ return a.ARN
+}
+
+// ParseAccessPointResource attempts to parse the ARN's resource as an
+// AccessPoint resource.
+func ParseAccessPointResource(a arn.ARN, resParts []string) (AccessPointARN, error) {
+ if len(a.Region) == 0 {
+ return AccessPointARN{}, InvalidARNError{a, "region not set"}
+ }
+ if len(a.AccountID) == 0 {
+ return AccessPointARN{}, InvalidARNError{a, "account-id not set"}
+ }
+ if len(resParts) == 0 {
+ return AccessPointARN{}, InvalidARNError{a, "resource-id not set"}
+ }
+ if len(resParts) > 1 {
+ return AccessPointARN{}, InvalidARNError{a, "sub resource not supported"}
+ }
+
+ resID := resParts[0]
+ if len(strings.TrimSpace(resID)) == 0 {
+ return AccessPointARN{}, InvalidARNError{a, "resource-id not set"}
+ }
+
+ return AccessPointARN{
+ ARN: a,
+ AccessPointName: resID,
+ }, nil
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/internal/arn/arn.go b/vendor/github.com/aws/aws-sdk-go/service/s3/internal/arn/arn.go
new file mode 100644
index 0000000..a942d88
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/internal/arn/arn.go
@@ -0,0 +1,71 @@
+package arn
+
+import (
+ "strings"
+
+ "github.com/aws/aws-sdk-go/aws/arn"
+)
+
+// Resource provides the interfaces abstracting ARNs of specific resource
+// types.
+type Resource interface {
+ GetARN() arn.ARN
+ String() string
+}
+
+// ResourceParser provides the function for parsing an ARN's resource
+// component into a typed resource.
+type ResourceParser func(arn.ARN) (Resource, error)
+
+// ParseResource parses an AWS ARN into a typed resource for the S3 API.
+func ParseResource(s string, resParser ResourceParser) (resARN Resource, err error) {
+ a, err := arn.Parse(s)
+ if err != nil {
+ return nil, err
+ }
+
+ if len(a.Partition) == 0 {
+ return nil, InvalidARNError{a, "partition not set"}
+ }
+ if a.Service != "s3" {
+ return nil, InvalidARNError{a, "service is not S3"}
+ }
+ if len(a.Resource) == 0 {
+ return nil, InvalidARNError{a, "resource not set"}
+ }
+
+ return resParser(a)
+}
+
+// SplitResource splits the resource components by the ARN resource delimiters.
+func SplitResource(v string) []string {
+ var parts []string
+ var offset int
+
+ for offset <= len(v) {
+ idx := strings.IndexAny(v[offset:], "/:")
+ if idx < 0 {
+ parts = append(parts, v[offset:])
+ break
+ }
+ parts = append(parts, v[offset:idx+offset])
+ offset += idx + 1
+ }
+
+ return parts
+}
+
+// IsARN returns whether the given string is an ARN
+func IsARN(s string) bool {
+ return arn.IsARN(s)
+}
+
+// InvalidARNError provides the error for an invalid ARN error.
+type InvalidARNError struct {
+ ARN arn.ARN
+ Reason string
+}
+
+func (e InvalidARNError) Error() string {
+ return "invalid Amazon S3 ARN, " + e.Reason + ", " + e.ARN.String()
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/bucket_region.go b/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/bucket_region.go
index f61665a..9cc1e59 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/bucket_region.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/bucket_region.go
@@ -3,6 +3,7 @@ package s3manager
import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/client"
+ "github.com/aws/aws-sdk-go/aws/corehandlers"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/service/s3"
@@ -35,6 +36,30 @@ import (
// }
// fmt.Printf("Bucket %s is in %s region\n", bucket, region)
//
+// By default the request will be made to the Amazon S3 endpoint using the Path
+// style addressing.
+//
+// s3.us-west-2.amazonaws.com/bucketname
+//
+// This is not compatible with Amazon S3's FIPS endpoints. To override this
+// behavior to use Virtual Host style addressing, provide a functional option
+// that will set the Request's Config.S3ForcePathStyle to aws.Bool(false).
+//
+// region, err := s3manager.GetBucketRegion(ctx, sess, "bucketname", "us-west-2", func(r *request.Request) {
+// r.S3ForcePathStyle = aws.Bool(false)
+// })
+//
+// To configure the GetBucketRegion to make a request via the Amazon
+// S3 FIPS endpoints directly when a FIPS region name is not available, (e.g.
+// fips-us-gov-west-1) set the Config.Endpoint on the Session, or client the
+// utility is called with. The hint region will be ignored if an endpoint URL
+// is configured on the session or client.
+//
+// sess, err := session.NewSession(&aws.Config{
+// Endpoint: aws.String("https://s3-fips.us-west-2.amazonaws.com"),
+// })
+//
+// region, err := s3manager.GetBucketRegion(context.Background(), sess, "bucketname", "")
func GetBucketRegion(ctx aws.Context, c client.ConfigProvider, bucket, regionHint string, opts ...request.Option) (string, error) {
var cfg aws.Config
if len(regionHint) != 0 {
@@ -50,12 +75,38 @@ const bucketRegionHeader = "X-Amz-Bucket-Region"
// that it takes a S3 service client instead of a Session. The regionHint is
// derived from the region the S3 service client was created in.
//
+// By default the request will be made to the Amazon S3 endpoint using the Path
+// style addressing.
+//
+// s3.us-west-2.amazonaws.com/bucketname
+//
+// This is not compatible with Amazon S3's FIPS endpoints. To override this
+// behavior to use Virtual Host style addressing, provide a functional option
+// that will set the Request's Config.S3ForcePathStyle to aws.Bool(false).
+//
+// region, err := s3manager.GetBucketRegionWithClient(ctx, client, "bucketname", func(r *request.Request) {
+// r.S3ForcePathStyle = aws.Bool(false)
+// })
+//
+// To configure the GetBucketRegion to make a request via the Amazon
+// S3 FIPS endpoints directly when a FIPS region name is not available, (e.g.
+// fips-us-gov-west-1) set the Config.Endpoint on the Session, or client the
+// utility is called with. The hint region will be ignored if an endpoint URL
+// is configured on the session or client.
+//
+// region, err := s3manager.GetBucketRegionWithClient(context.Background(),
+// s3.New(sess, &aws.Config{
+// Endpoint: aws.String("https://s3-fips.us-west-2.amazonaws.com"),
+// }),
+// "bucketname")
+//
// See GetBucketRegion for more information.
func GetBucketRegionWithClient(ctx aws.Context, svc s3iface.S3API, bucket string, opts ...request.Option) (string, error) {
req, _ := svc.HeadBucketRequest(&s3.HeadBucketInput{
Bucket: aws.String(bucket),
})
req.Config.S3ForcePathStyle = aws.Bool(true)
+
req.Config.Credentials = credentials.AnonymousCredentials
req.SetContext(ctx)
@@ -75,6 +126,16 @@ func GetBucketRegionWithClient(ctx aws.Context, svc s3iface.S3API, bucket string
r.HTTPResponse.Status = "OK"
r.Error = nil
})
+ // Replace the endpoint validation handler to not require a region if an
+ // endpoint URL was specified. Since these requests are not authenticated,
+ // requiring a region is not needed when an endpoint URL is provided.
+ req.Handlers.Validate.Swap(
+ corehandlers.ValidateEndpointHandler.Name,
+ request.NamedHandler{
+ Name: "validateEndpointWithoutRegion",
+ Fn: validateEndpointWithoutRegion,
+ },
+ )
req.ApplyOptions(opts...)
@@ -86,3 +147,13 @@ func GetBucketRegionWithClient(ctx aws.Context, svc s3iface.S3API, bucket string
return bucketRegion, nil
}
+
+func validateEndpointWithoutRegion(r *request.Request) {
+ // Check if the caller provided an explicit URL instead of one derived by
+ // the SDK's endpoint resolver. For GetBucketRegion, with an explicit
+ // endpoint URL, a region is not needed. If no endpoint URL is provided,
+ // fallback the SDK's standard endpoint validation handler.
+ if len(aws.StringValue(r.Config.Endpoint)) == 0 {
+ corehandlers.ValidateEndpointHandler.Fn(r)
+ }
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/pool.go b/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/pool.go
new file mode 100644
index 0000000..0511328
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/pool.go
@@ -0,0 +1,244 @@
+package s3manager
+
+import (
+ "fmt"
+ "sync"
+
+ "github.com/aws/aws-sdk-go/aws"
+)
+
+type byteSlicePool interface {
+ Get(aws.Context) (*[]byte, error)
+ Put(*[]byte)
+ ModifyCapacity(int)
+ SliceSize() int64
+ Close()
+}
+
+type maxSlicePool struct {
+ // allocator is defined as a function pointer to allow
+ // for test cases to instrument custom tracers when allocations
+ // occur.
+ allocator sliceAllocator
+
+ slices chan *[]byte
+ allocations chan struct{}
+ capacityChange chan struct{}
+
+ max int
+ sliceSize int64
+
+ mtx sync.RWMutex
+}
+
+func newMaxSlicePool(sliceSize int64) *maxSlicePool {
+ p := &maxSlicePool{sliceSize: sliceSize}
+ p.allocator = p.newSlice
+
+ return p
+}
+
+var errZeroCapacity = fmt.Errorf("get called on zero capacity pool")
+
+func (p *maxSlicePool) Get(ctx aws.Context) (*[]byte, error) {
+ // check if context is canceled before attempting to get a slice
+ // this ensures priority is given to the cancel case first
+ select {
+ case <-ctx.Done():
+ return nil, ctx.Err()
+ default:
+ }
+
+ p.mtx.RLock()
+
+ for {
+ select {
+ case bs, ok := <-p.slices:
+ p.mtx.RUnlock()
+ if !ok {
+ // attempt to get on a zero capacity pool
+ return nil, errZeroCapacity
+ }
+ return bs, nil
+ case _, ok := <-p.allocations:
+ p.mtx.RUnlock()
+ if !ok {
+ // attempt to get on a zero capacity pool
+ return nil, errZeroCapacity
+ }
+ return p.allocator(), nil
+ case <-ctx.Done():
+ p.mtx.RUnlock()
+ return nil, ctx.Err()
+ default:
+ // In the event that there are no slices or allocations available
+ // This prevents some deadlock situations that can occur around sync.RWMutex
+ // When a lock request occurs on ModifyCapacity, no new readers are allowed to acquire a read lock.
+ // By releasing the read lock here and waiting for a notification, we prevent a deadlock situation where
+ // Get could hold the read lock indefinitely waiting for capacity, ModifyCapacity is waiting for a write lock,
+ // and a Put is blocked trying to get a read-lock which is blocked by ModifyCapacity.
+
+ // Short-circuit if the pool capacity is zero.
+ if p.max == 0 {
+ p.mtx.RUnlock()
+ return nil, errZeroCapacity
+ }
+
+ // Since we will be releasing the read-lock we need to take the reference to the channel.
+ // Since channels are references we will still get notified if slices are added, or if
+ // the channel is closed due to a capacity modification. This specifically avoids a data race condition
+ // where ModifyCapacity both closes a channel and initializes a new one while we don't have a read-lock.
+ c := p.capacityChange
+
+ p.mtx.RUnlock()
+
+ select {
+ case _ = <-c:
+ p.mtx.RLock()
+ case <-ctx.Done():
+ return nil, ctx.Err()
+ }
+ }
+ }
+}
+
+func (p *maxSlicePool) Put(bs *[]byte) {
+ p.mtx.RLock()
+ defer p.mtx.RUnlock()
+
+ if p.max == 0 {
+ return
+ }
+
+ select {
+ case p.slices <- bs:
+ p.notifyCapacity()
+ default:
+ // If the new channel when attempting to add the slice then we drop the slice.
+ // The logic here is to prevent a deadlock situation if channel is already at max capacity.
+ // Allows us to reap allocations that are returned and are no longer needed.
+ }
+}
+
+func (p *maxSlicePool) ModifyCapacity(delta int) {
+ if delta == 0 {
+ return
+ }
+
+ p.mtx.Lock()
+ defer p.mtx.Unlock()
+
+ p.max += delta
+
+ if p.max == 0 {
+ p.empty()
+ return
+ }
+
+ if p.capacityChange != nil {
+ close(p.capacityChange)
+ }
+ p.capacityChange = make(chan struct{}, p.max)
+
+ origAllocations := p.allocations
+ p.allocations = make(chan struct{}, p.max)
+
+ newAllocs := len(origAllocations) + delta
+ for i := 0; i < newAllocs; i++ {
+ p.allocations <- struct{}{}
+ }
+
+ if origAllocations != nil {
+ close(origAllocations)
+ }
+
+ origSlices := p.slices
+ p.slices = make(chan *[]byte, p.max)
+ if origSlices == nil {
+ return
+ }
+
+ close(origSlices)
+ for bs := range origSlices {
+ select {
+ case p.slices <- bs:
+ default:
+ // If the new channel blocks while adding slices from the old channel
+ // then we drop the slice. The logic here is to prevent a deadlock situation
+ // if the new channel has a smaller capacity then the old.
+ }
+ }
+}
+
+func (p *maxSlicePool) notifyCapacity() {
+ select {
+ case p.capacityChange <- struct{}{}:
+ default:
+ // This *shouldn't* happen as the channel is both buffered to the max pool capacity size and is resized
+ // on capacity modifications. This is just a safety to ensure that a blocking situation can't occur.
+ }
+}
+
+func (p *maxSlicePool) SliceSize() int64 {
+ return p.sliceSize
+}
+
+func (p *maxSlicePool) Close() {
+ p.mtx.Lock()
+ defer p.mtx.Unlock()
+ p.empty()
+}
+
+func (p *maxSlicePool) empty() {
+ p.max = 0
+
+ if p.capacityChange != nil {
+ close(p.capacityChange)
+ p.capacityChange = nil
+ }
+
+ if p.allocations != nil {
+ close(p.allocations)
+ for range p.allocations {
+ // drain channel
+ }
+ p.allocations = nil
+ }
+
+ if p.slices != nil {
+ close(p.slices)
+ for range p.slices {
+ // drain channel
+ }
+ p.slices = nil
+ }
+}
+
+func (p *maxSlicePool) newSlice() *[]byte {
+ bs := make([]byte, p.sliceSize)
+ return &bs
+}
+
+type returnCapacityPoolCloser struct {
+ byteSlicePool
+ returnCapacity int
+}
+
+func (n *returnCapacityPoolCloser) ModifyCapacity(delta int) {
+ if delta > 0 {
+ n.returnCapacity = -1 * delta
+ }
+ n.byteSlicePool.ModifyCapacity(delta)
+}
+
+func (n *returnCapacityPoolCloser) Close() {
+ if n.returnCapacity < 0 {
+ n.byteSlicePool.ModifyCapacity(n.returnCapacity)
+ }
+}
+
+type sliceAllocator func() *[]byte
+
+var newByteSlicePool = func(sliceSize int64) byteSlicePool {
+ return newMaxSlicePool(sliceSize)
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go b/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go
index 8debfcd..8770d40 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go
@@ -167,7 +167,7 @@ type Uploader struct {
BufferProvider ReadSeekerWriteToProvider
// partPool allows for the re-usage of streaming payload part buffers between upload calls
- partPool *partPool
+ partPool byteSlicePool
}
// NewUploader creates a new Uploader instance to upload objects to S3. Pass In
@@ -204,7 +204,7 @@ func newUploader(client s3iface.S3API, options ...func(*Uploader)) *Uploader {
option(u)
}
- u.partPool = newPartPool(u.PartSize)
+ u.partPool = newByteSlicePool(u.PartSize)
return u
}
@@ -366,6 +366,7 @@ func (u *uploader) upload() (*UploadOutput, error) {
if err := u.init(); err != nil {
return nil, awserr.New("ReadRequestBody", "unable to initialize upload", err)
}
+ defer u.cfg.partPool.Close()
if u.cfg.PartSize < MinUploadPartSize {
msg := fmt.Sprintf("part size must be at least %d bytes", MinUploadPartSize)
@@ -397,14 +398,23 @@ func (u *uploader) init() error {
u.cfg.MaxUploadParts = MaxUploadParts
}
+ // Try to get the total size for some optimizations
+ if err := u.initSize(); err != nil {
+ return err
+ }
+
// If PartSize was changed or partPool was never setup then we need to allocated a new pool
// so that we return []byte slices of the correct size
- if u.cfg.partPool == nil || u.cfg.partPool.partSize != u.cfg.PartSize {
- u.cfg.partPool = newPartPool(u.cfg.PartSize)
+ poolCap := u.cfg.Concurrency + 1
+ if u.cfg.partPool == nil || u.cfg.partPool.SliceSize() != u.cfg.PartSize {
+ u.cfg.partPool = newByteSlicePool(u.cfg.PartSize)
+ u.cfg.partPool.ModifyCapacity(poolCap)
+ } else {
+ u.cfg.partPool = &returnCapacityPoolCloser{byteSlicePool: u.cfg.partPool}
+ u.cfg.partPool.ModifyCapacity(poolCap)
}
- // Try to get the total size for some optimizations
- return u.initSize()
+ return nil
}
// initSize tries to detect the total stream size, setting u.totalSize. If
@@ -437,10 +447,6 @@ func (u *uploader) initSize() error {
// does not need to be wrapped in a mutex because nextReader is only called
// from the main thread.
func (u *uploader) nextReader() (io.ReadSeeker, int, func(), error) {
- type readerAtSeeker interface {
- io.ReaderAt
- io.ReadSeeker
- }
switch r := u.in.Body.(type) {
case readerAtSeeker:
var err error
@@ -472,15 +478,19 @@ func (u *uploader) nextReader() (io.ReadSeeker, int, func(), error) {
return reader, int(n), cleanup, err
default:
- part := u.cfg.partPool.Get().([]byte)
- n, err := readFillBuf(r, part)
+ part, err := u.cfg.partPool.Get(u.ctx)
+ if err != nil {
+ return nil, 0, func() {}, err
+ }
+
+ n, err := readFillBuf(r, *part)
u.readerPos += int64(n)
cleanup := func() {
u.cfg.partPool.Put(part)
}
- return bytes.NewReader(part[0:n]), n, cleanup, err
+ return bytes.NewReader((*part)[0:n]), n, cleanup, err
}
}
@@ -554,6 +564,7 @@ func (u *multiuploader) upload(firstBuf io.ReadSeeker, cleanup func()) (*UploadO
// Create the multipart
resp, err := u.cfg.S3.CreateMultipartUploadWithContext(u.ctx, params, u.cfg.RequestOptions...)
if err != nil {
+ cleanup()
return nil, err
}
u.uploadID = *resp.UploadId
@@ -614,6 +625,7 @@ func (u *multiuploader) upload(firstBuf io.ReadSeeker, cleanup func()) (*UploadO
Key: u.in.Key,
})
getReq.Config.Credentials = credentials.AnonymousCredentials
+ getReq.SetContext(u.ctx)
uploadLocation, _, _ := getReq.PresignRequest(1)
return &UploadOutput{
@@ -668,6 +680,8 @@ func (u *multiuploader) readChunk(ch chan chunk) {
u.seterr(err)
}
}
+
+ data.cleanup()
}
}
@@ -685,7 +699,6 @@ func (u *multiuploader) send(c chunk) error {
}
resp, err := u.cfg.S3.UploadPartWithContext(u.ctx, params, u.cfg.RequestOptions...)
- c.cleanup()
if err != nil {
return err
}
@@ -758,17 +771,7 @@ func (u *multiuploader) complete() *s3.CompleteMultipartUploadOutput {
return resp
}
-type partPool struct {
- partSize int64
- sync.Pool
-}
-
-func newPartPool(partSize int64) *partPool {
- p := &partPool{partSize: partSize}
-
- p.New = func() interface{} {
- return make([]byte, p.partSize)
- }
-
- return p
+type readerAtSeeker interface {
+ io.ReaderAt
+ io.ReadSeeker
}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go b/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go
index 459c7a3..e1e609d 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go
@@ -14,40 +14,57 @@ import (
type UploadInput struct {
_ struct{} `locationName:"PutObjectRequest" type:"structure" payload:"Body"`
- // The canned ACL to apply to the object.
+ // The canned ACL to apply to the object. For more information, see Canned ACL
+ // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL).
ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"`
// The readable body payload to send to S3.
Body io.Reader
- // Name of the bucket to which the PUT operation was initiated.
+ // Bucket name to which the PUT operation was initiated.
+ //
+ // When using this API with an access point, you must direct requests to the
+ // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com.
+ // When using this operation using an access point through the AWS SDKs, you
+ // provide the access point ARN in place of the bucket name. For more information
+ // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html)
+ // in the Amazon Simple Storage Service Developer Guide.
//
// Bucket is a required field
Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"`
- // Specifies caching behavior along the request/reply chain.
+ // Can be used to specify caching behavior along the request/reply chain. For
+ // more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9
+ // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9).
CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"`
- // Specifies presentational information for the object.
+ // Specifies presentational information for the object. For more information,
+ // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1).
ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"`
// Specifies what content encodings have been applied to the object and thus
// what decoding mechanisms must be applied to obtain the media-type referenced
- // by the Content-Type header field.
+ // by the Content-Type header field. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11
+ // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11).
ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"`
// The language the content is in.
ContentLanguage *string `location:"header" locationName:"Content-Language" type:"string"`
- // The base64-encoded 128-bit MD5 digest of the part data. This parameter is
- // auto-populated when using the command from the CLI. This parameted is required
- // if object lock parameters are specified.
+ // The base64-encoded 128-bit MD5 digest of the message (without the headers)
+ // according to RFC 1864. This header can be used as a message integrity check
+ // to verify that the data is the same data that was originally sent. Although
+ // it is optional, we recommend using the Content-MD5 mechanism as an end-to-end
+ // integrity check. For more information about REST request authentication,
+ // see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html).
ContentMD5 *string `location:"header" locationName:"Content-MD5" type:"string"`
- // A standard MIME type describing the format of the object data.
+ // A standard MIME type describing the format of the contents. For more information,
+ // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17).
ContentType *string `location:"header" locationName:"Content-Type" type:"string"`
- // The date and time at which the object is no longer cacheable.
+ // The date and time at which the object is no longer cacheable. For more information,
+ // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21).
Expires *time.Time `location:"header" locationName:"Expires" type:"timestamp"`
// Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.
@@ -70,34 +87,37 @@ type UploadInput struct {
// A map of metadata to store with the object in S3.
Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"`
- // The Legal Hold status that you want to apply to the specified object.
+ // Specifies whether a legal hold will be applied to this object. For more information
+ // about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html).
ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"`
- // The object lock mode that you want to apply to this object.
+ // The Object Lock mode that you want to apply to this object.
ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"`
- // The date and time when you want this object's object lock to expire.
+ // The date and time when you want this object's Object Lock to expire.
ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"`
- // Confirms that the requester knows that she or he will be charged for the
- // request. Bucket owners need not specify this parameter in their requests.
- // Documentation on downloading objects from requester pays buckets can be found
- // at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+ // Confirms that the requester knows that they will be charged for the request.
+ // Bucket owners need not specify this parameter in their requests. For information
+ // about downloading objects from requester pays buckets, see Downloading Objects
+ // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html)
+ // in the Amazon S3 Developer Guide.
RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"`
- // Specifies the algorithm to use to when encrypting the object (e.g., AES256).
+ // Specifies the algorithm to use to when encrypting the object (for example,
+ // AES256).
SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"`
// Specifies the customer-provided encryption key for Amazon S3 to use in encrypting
// data. This value is used to store the object and then it is discarded; Amazon
- // does not store the encryption key. The key must be appropriate for use with
- // the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
+ // S3 does not store the encryption key. The key must be appropriate for use
+ // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm
// header.
SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"`
// Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321.
- // Amazon S3 uses this header for a message integrity check to ensure the encryption
- // key was transmitted without error.
+ // Amazon S3 uses this header for a message integrity check to ensure that the
+ // encryption key was transmitted without error.
SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"`
// Specifies the AWS KMS Encryption Context to use for object encryption. The
@@ -105,17 +125,24 @@ type UploadInput struct {
// encryption context key-value pairs.
SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"`
- // Specifies the AWS KMS key ID to use for object encryption. All GET and PUT
- // requests for an object protected by AWS KMS will fail if not made via SSL
- // or using SigV4. Documentation on configuring any of the officially supported
- // AWS SDKs and CLI can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
+ // If x-amz-server-side-encryption is present and has the value of aws:kms,
+ // this header specifies the ID of the AWS Key Management Service (AWS KMS)
+ // symmetrical customer managed customer master key (CMK) that was used for
+ // the object.
+ //
+ // If the value of x-amz-server-side-encryption is aws:kms, this header specifies
+ // the ID of the symmetric customer managed AWS KMS CMK that will be used for
+ // the object. If you specify x-amz-server-side-encryption:aws:kms, but do not
+ // providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the AWS
+ // managed CMK in AWS to protect the data.
SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"`
- // The Server-side encryption algorithm used when storing this object in S3
- // (e.g., AES256, aws:kms).
+ // The server-side encryption algorithm used when storing this object in Amazon
+ // S3 (for example, AES256, aws:kms).
ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"`
- // The type of storage to use for the object. Defaults to 'STANDARD'.
+ // If you don't specify, S3 Standard is the default storage class. Amazon S3
+ // supports other storage classes.
StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"`
// The tag-set for the object. The tag-set must be encoded as URL Query parameters.
@@ -124,6 +151,21 @@ type UploadInput struct {
// If the bucket is configured as a website, redirects requests for this object
// to another object in the same bucket or to an external URL. Amazon S3 stores
- // the value of this header in the object metadata.
+ // the value of this header in the object metadata. For information about object
+ // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html).
+ //
+ // In the following example, the request header sets the redirect to an object
+ // (anotherPage.html) in the same bucket:
+ //
+ // x-amz-website-redirect-location: /anotherPage.html
+ //
+ // In the following example, the request header sets the object redirect to
+ // another website:
+ //
+ // x-amz-website-redirect-location: http://www.example.com/
+ //
+ // For more information about website hosting in Amazon S3, see Hosting Websites
+ // on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html)
+ // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html).
WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"`
}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/service.go b/vendor/github.com/aws/aws-sdk-go/service/s3/service.go
index 07e1297..b4c07b4 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/service.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/service.go
@@ -31,7 +31,7 @@ var initRequest func(*request.Request)
const (
ServiceName = "s3" // Name of service.
EndpointsID = ServiceName // ID to lookup a service endpoint with.
- ServiceID = "S3" // ServiceID is a unique identifer of a specific service.
+ ServiceID = "S3" // ServiceID is a unique identifier of a specific service.
)
// New creates a new instance of the S3 client with a session.
@@ -39,6 +39,8 @@ const (
// aws.Config parameter to add your extra config.
//
// Example:
+// mySession := session.Must(session.NewSession())
+//
// // Create a S3 client from just a session.
// svc := s3.New(mySession)
//
@@ -76,6 +78,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint,
svc.Handlers.UnmarshalMeta.PushBackNamed(restxml.UnmarshalMetaHandler)
svc.Handlers.UnmarshalError.PushBackNamed(restxml.UnmarshalErrorHandler)
+ svc.Handlers.BuildStream.PushBackNamed(restxml.BuildHandler)
svc.Handlers.UnmarshalStream.PushBackNamed(restxml.UnmarshalHandler)
// Run custom client initialization if present
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/statusok_error.go b/vendor/github.com/aws/aws-sdk-go/service/s3/statusok_error.go
index f6a69ae..247770e 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/statusok_error.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/statusok_error.go
@@ -2,6 +2,7 @@ package s3
import (
"bytes"
+ "io"
"io/ioutil"
"net/http"
@@ -24,17 +25,18 @@ func copyMultipartStatusOKUnmarhsalError(r *request.Request) {
r.HTTPResponse.Body = ioutil.NopCloser(body)
defer body.Seek(0, sdkio.SeekStart)
- if body.Len() == 0 {
- // If there is no body don't attempt to parse the body.
- return
- }
-
unmarshalError(r)
if err, ok := r.Error.(awserr.Error); ok && err != nil {
- if err.Code() == request.ErrCodeSerialization {
+ if err.Code() == request.ErrCodeSerialization &&
+ err.OrigErr() != io.EOF {
r.Error = nil
return
}
- r.HTTPResponse.StatusCode = http.StatusServiceUnavailable
+ // if empty payload
+ if err.OrigErr() == io.EOF {
+ r.HTTPResponse.StatusCode = http.StatusInternalServerError
+ } else {
+ r.HTTPResponse.StatusCode = http.StatusServiceUnavailable
+ }
}
}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/service/s3/unmarshal_error.go
index 5b63fac..6eecf66 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/s3/unmarshal_error.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/s3/unmarshal_error.go
@@ -1,6 +1,7 @@
package s3
import (
+ "bytes"
"encoding/xml"
"fmt"
"io"
@@ -45,17 +46,24 @@ func unmarshalError(r *request.Request) {
// Attempt to parse error from body if it is known
var errResp xmlErrorResponse
- err := xmlutil.UnmarshalXMLError(&errResp, r.HTTPResponse.Body)
- if err == io.EOF {
- // Only capture the error if an unmarshal error occurs that is not EOF,
- // because S3 might send an error without a error message which causes
- // the XML unmarshal to fail with EOF.
- err = nil
+ var err error
+ if r.HTTPResponse.StatusCode >= 200 && r.HTTPResponse.StatusCode < 300 {
+ err = s3unmarshalXMLError(&errResp, r.HTTPResponse.Body)
+ } else {
+ err = xmlutil.UnmarshalXMLError(&errResp, r.HTTPResponse.Body)
}
+
if err != nil {
+ var errorMsg string
+ if err == io.EOF {
+ errorMsg = "empty response payload"
+ } else {
+ errorMsg = "failed to unmarshal error message"
+ }
+
r.Error = awserr.NewRequestFailure(
awserr.New(request.ErrCodeSerialization,
- "failed to unmarshal error message", err),
+ errorMsg, err),
r.HTTPResponse.StatusCode,
r.RequestID,
)
@@ -86,3 +94,21 @@ type RequestFailure interface {
// Host ID is the S3 Host ID needed for debug, and contacting support
HostID() string
}
+
+// s3unmarshalXMLError is s3 specific xml error unmarshaler
+// for 200 OK errors and response payloads.
+// This function differs from the xmlUtil.UnmarshalXMLError
+// func. It does not ignore the EOF error and passes it up.
+// Related to bug fix for `s3 200 OK response with empty payload`
+func s3unmarshalXMLError(v interface{}, stream io.Reader) error {
+ var errBuf bytes.Buffer
+ body := io.TeeReader(stream, &errBuf)
+
+ err := xml.NewDecoder(body).Decode(v)
+ if err != nil && err != io.EOF {
+ return awserr.NewUnmarshalError(err,
+ "failed to unmarshal error message", errBuf.Bytes())
+ }
+
+ return err
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go
index 9c5ed45..550b5f6 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go
@@ -78,6 +78,8 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
// IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)
// in the IAM User Guide.
//
+// Session Duration
+//
// By default, the temporary security credentials created by AssumeRole last
// for one hour. However, you can use the optional DurationSeconds parameter
// to specify the duration of your session. You can provide a value from 900
@@ -91,6 +93,8 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
// URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html)
// in the IAM User Guide.
//
+// Permissions
+//
// The temporary security credentials created by AssumeRole can be used to make
// API calls to any AWS service with the following exception: You cannot call
// the AWS STS GetFederationToken or GetSessionToken API operations.
@@ -99,7 +103,7 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
// to this operation. You can pass a single JSON policy document to use as an
// inline session policy. You can also specify up to 10 managed policies to
// use as managed session policies. The plain text that you use for both inline
-// and managed session policies shouldn't exceed 2048 characters. Passing policies
+// and managed session policies can't exceed 2,048 characters. Passing policies
// to this operation returns new temporary credentials. The resulting session's
// permissions are the intersection of the role's identity-based policy and
// the session policies. You can use the role's temporary credentials in subsequent
@@ -131,6 +135,24 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
// see IAM Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html)
// in the IAM User Guide.
//
+// Tags
+//
+// (Optional) You can pass tag key-value pairs to your session. These tags are
+// called session tags. For more information about session tags, see Passing
+// Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+// in the IAM User Guide.
+//
+// An administrator must grant you the permissions necessary to pass session
+// tags. The administrator can also create granular permissions to allow you
+// to pass only specific session tags. For more information, see Tutorial: Using
+// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html)
+// in the IAM User Guide.
+//
+// You can set the session tags as transitive. Transitive tags persist during
+// role chaining. For more information, see Chaining Roles with Session Tags
+// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining)
+// in the IAM User Guide.
+//
// Using MFA with AssumeRole
//
// (Optional) You can include multi-factor authentication (MFA) information
@@ -165,9 +187,18 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o
// message describes the specific error.
//
// * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge"
-// The request was rejected because the policy document was too large. The error
-// message describes how big the policy document is, in packed form, as a percentage
-// of what the API allows.
+// The request was rejected because the total packed size of the session policies
+// and session tags combined was too large. An AWS conversion compresses the
+// session policy document, session policy ARNs, and session tags into a packed
+// binary format that has a separate limit. The error message indicates by percentage
+// how close the policies and tags are to the upper size limit. For more information,
+// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+// in the IAM User Guide.
+//
+// You could receive this error even though you meet other defined session policy
+// and session tag limits. For more information, see IAM and STS Entity Character
+// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
+// in the IAM User Guide.
//
// * ErrCodeRegionDisabledException "RegionDisabledException"
// STS is not activated in the requested region for the account that is being
@@ -256,6 +287,8 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re
// an access key ID, a secret access key, and a security token. Applications
// can use these temporary security credentials to sign calls to AWS services.
//
+// Session Duration
+//
// By default, the temporary security credentials created by AssumeRoleWithSAML
// last for one hour. However, you can use the optional DurationSeconds parameter
// to specify the duration of your session. Your role session lasts for the
@@ -271,6 +304,8 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re
// URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html)
// in the IAM User Guide.
//
+// Permissions
+//
// The temporary security credentials created by AssumeRoleWithSAML can be used
// to make API calls to any AWS service with the following exception: you cannot
// call the STS GetFederationToken or GetSessionToken API operations.
@@ -279,7 +314,7 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re
// to this operation. You can pass a single JSON policy document to use as an
// inline session policy. You can also specify up to 10 managed policies to
// use as managed session policies. The plain text that you use for both inline
-// and managed session policies shouldn't exceed 2048 characters. Passing policies
+// and managed session policies can't exceed 2,048 characters. Passing policies
// to this operation returns new temporary credentials. The resulting session's
// permissions are the intersection of the role's identity-based policy and
// the session policies. You can use the role's temporary credentials in subsequent
@@ -289,12 +324,6 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re
// information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// in the IAM User Guide.
//
-// Before your application can call AssumeRoleWithSAML, you must configure your
-// SAML identity provider (IdP) to issue the claims required by AWS. Additionally,
-// you must use AWS Identity and Access Management (IAM) to create a SAML provider
-// entity in your AWS account that represents your identity provider. You must
-// also create an IAM role that specifies this SAML provider in its trust policy.
-//
// Calling AssumeRoleWithSAML does not require the use of AWS security credentials.
// The identity of the caller is validated by using keys in the metadata document
// that is uploaded for the SAML provider entity for your identity provider.
@@ -302,8 +331,50 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re
// Calling AssumeRoleWithSAML can result in an entry in your AWS CloudTrail
// logs. The entry includes the value in the NameID element of the SAML assertion.
// We recommend that you use a NameIDType that is not associated with any personally
-// identifiable information (PII). For example, you could instead use the Persistent
-// Identifier (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent).
+// identifiable information (PII). For example, you could instead use the persistent
+// identifier (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent).
+//
+// Tags
+//
+// (Optional) You can configure your IdP to pass attributes into your SAML assertion
+// as session tags. Each session tag consists of a key name and an associated
+// value. For more information about session tags, see Passing Session Tags
+// in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+// in the IAM User Guide.
+//
+// You can pass up to 50 session tags. The plain text session tag keys can’t
+// exceed 128 characters and the values can’t exceed 256 characters. For these
+// and additional limits, see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
+// in the IAM User Guide.
+//
+// An AWS conversion compresses the passed session policies and session tags
+// into a packed binary format that has a separate limit. Your request can fail
+// for this limit even if your plain text meets the other requirements. The
+// PackedPolicySize response element indicates by percentage how close the policies
+// and tags for your request are to the upper size limit.
+//
+// You can pass a session tag with the same key as a tag that is attached to
+// the role. When you do, session tags override the role's tags with the same
+// key.
+//
+// An administrator must grant you the permissions necessary to pass session
+// tags. The administrator can also create granular permissions to allow you
+// to pass only specific session tags. For more information, see Tutorial: Using
+// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html)
+// in the IAM User Guide.
+//
+// You can set the session tags as transitive. Transitive tags persist during
+// role chaining. For more information, see Chaining Roles with Session Tags
+// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining)
+// in the IAM User Guide.
+//
+// SAML Configuration
+//
+// Before your application can call AssumeRoleWithSAML, you must configure your
+// SAML identity provider (IdP) to issue the claims required by AWS. Additionally,
+// you must use AWS Identity and Access Management (IAM) to create a SAML provider
+// entity in your AWS account that represents your identity provider. You must
+// also create an IAM role that specifies this SAML provider in its trust policy.
//
// For more information, see the following resources:
//
@@ -332,9 +403,18 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re
// message describes the specific error.
//
// * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge"
-// The request was rejected because the policy document was too large. The error
-// message describes how big the policy document is, in packed form, as a percentage
-// of what the API allows.
+// The request was rejected because the total packed size of the session policies
+// and session tags combined was too large. An AWS conversion compresses the
+// session policy document, session policy ARNs, and session tags into a packed
+// binary format that has a separate limit. The error message indicates by percentage
+// how close the policies and tags are to the upper size limit. For more information,
+// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+// in the IAM User Guide.
+//
+// You could receive this error even though you meet other defined session policy
+// and session tag limits. For more information, see IAM and STS Entity Character
+// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
+// in the IAM User Guide.
//
// * ErrCodeIDPRejectedClaimException "IDPRejectedClaim"
// The identity provider (IdP) reported that authentication failed. This might
@@ -456,6 +536,8 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
// key ID, a secret access key, and a security token. Applications can use these
// temporary security credentials to sign calls to AWS service API operations.
//
+// Session Duration
+//
// By default, the temporary security credentials created by AssumeRoleWithWebIdentity
// last for one hour. However, you can use the optional DurationSeconds parameter
// to specify the duration of your session. You can provide a value from 900
@@ -469,6 +551,8 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
// URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html)
// in the IAM User Guide.
//
+// Permissions
+//
// The temporary security credentials created by AssumeRoleWithWebIdentity can
// be used to make API calls to any AWS service with the following exception:
// you cannot call the STS GetFederationToken or GetSessionToken API operations.
@@ -477,7 +561,7 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
// to this operation. You can pass a single JSON policy document to use as an
// inline session policy. You can also specify up to 10 managed policies to
// use as managed session policies. The plain text that you use for both inline
-// and managed session policies shouldn't exceed 2048 characters. Passing policies
+// and managed session policies can't exceed 2,048 characters. Passing policies
// to this operation returns new temporary credentials. The resulting session's
// permissions are the intersection of the role's identity-based policy and
// the session policies. You can use the role's temporary credentials in subsequent
@@ -487,6 +571,42 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
// information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// in the IAM User Guide.
//
+// Tags
+//
+// (Optional) You can configure your IdP to pass attributes into your web identity
+// token as session tags. Each session tag consists of a key name and an associated
+// value. For more information about session tags, see Passing Session Tags
+// in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+// in the IAM User Guide.
+//
+// You can pass up to 50 session tags. The plain text session tag keys can’t
+// exceed 128 characters and the values can’t exceed 256 characters. For these
+// and additional limits, see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
+// in the IAM User Guide.
+//
+// An AWS conversion compresses the passed session policies and session tags
+// into a packed binary format that has a separate limit. Your request can fail
+// for this limit even if your plain text meets the other requirements. The
+// PackedPolicySize response element indicates by percentage how close the policies
+// and tags for your request are to the upper size limit.
+//
+// You can pass a session tag with the same key as a tag that is attached to
+// the role. When you do, the session tag overrides the role tag with the same
+// key.
+//
+// An administrator must grant you the permissions necessary to pass session
+// tags. The administrator can also create granular permissions to allow you
+// to pass only specific session tags. For more information, see Tutorial: Using
+// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html)
+// in the IAM User Guide.
+//
+// You can set the session tags as transitive. Transitive tags persist during
+// role chaining. For more information, see Chaining Roles with Session Tags
+// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining)
+// in the IAM User Guide.
+//
+// Identities
+//
// Before your application can call AssumeRoleWithWebIdentity, you must have
// an identity token from a supported identity provider and create a role that
// the application can assume. The role that your application assumes must trust
@@ -514,8 +634,8 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
// * AWS SDK for iOS Developer Guide (http://aws.amazon.com/sdkforios/) and
// AWS SDK for Android Developer Guide (http://aws.amazon.com/sdkforandroid/).
// These toolkits contain sample apps that show how to invoke the identity
-// providers, and then how to use the information from these providers to
-// get and use temporary security credentials.
+// providers. The toolkits then show how to use the information from these
+// providers to get and use temporary security credentials.
//
// * Web Identity Federation with Mobile Applications (http://aws.amazon.com/articles/web-identity-federation-with-mobile-applications).
// This article discusses web identity federation and shows an example of
@@ -535,9 +655,18 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
// message describes the specific error.
//
// * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge"
-// The request was rejected because the policy document was too large. The error
-// message describes how big the policy document is, in packed form, as a percentage
-// of what the API allows.
+// The request was rejected because the total packed size of the session policies
+// and session tags combined was too large. An AWS conversion compresses the
+// session policy document, session policy ARNs, and session tags into a packed
+// binary format that has a separate limit. The error message indicates by percentage
+// how close the policies and tags are to the upper size limit. For more information,
+// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+// in the IAM User Guide.
+//
+// You could receive this error even though you meet other defined session policy
+// and session tag limits. For more information, see IAM and STS Entity Character
+// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
+// in the IAM User Guide.
//
// * ErrCodeIDPRejectedClaimException "IDPRejectedClaim"
// The identity provider (IdP) reported that authentication failed. This might
@@ -547,11 +676,11 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI
// can also mean that the claim has expired or has been explicitly revoked.
//
// * ErrCodeIDPCommunicationErrorException "IDPCommunicationError"
-// The request could not be fulfilled because the non-AWS identity provider
-// (IDP) that was asked to verify the incoming identity token could not be reached.
-// This is often a transient error caused by network conditions. Retry the request
+// The request could not be fulfilled because the identity provider (IDP) that
+// was asked to verify the incoming identity token could not be reached. This
+// is often a transient error caused by network conditions. Retry the request
// a limited number of times so that you don't exceed the request rate. If the
-// error persists, the non-AWS identity provider might be down or not responding.
+// error persists, the identity provider might be down or not responding.
//
// * ErrCodeInvalidIdentityTokenException "InvalidIdentityToken"
// The web identity token that was passed could not be validated by AWS. Get
@@ -676,9 +805,9 @@ func (c *STS) DecodeAuthorizationMessageRequest(input *DecodeAuthorizationMessag
//
// Returned Error Codes:
// * ErrCodeInvalidAuthorizationMessageException "InvalidAuthorizationMessageException"
-// This error is returned if the message passed to DecodeAuthorizationMessage
-// was invalid. This can happen if the token contains invalid characters, such
-// as linebreaks.
+// The error returned if the message passed to DecodeAuthorizationMessage was
+// invalid. This can happen if the token contains invalid characters, such as
+// linebreaks.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/DecodeAuthorizationMessage
func (c *STS) DecodeAuthorizationMessage(input *DecodeAuthorizationMessageInput) (*DecodeAuthorizationMessageOutput, error) {
@@ -763,7 +892,8 @@ func (c *STS) GetAccessKeyInfoRequest(input *GetAccessKeyInfoInput) (req *reques
// pull a credentials report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html)
// to learn which IAM user owns the keys. To learn who requested the temporary
// credentials for an ASIA access key, view the STS events in your CloudTrail
-// logs (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html).
+// logs (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html)
+// in the IAM User Guide.
//
// This operation does not indicate the state of the access key. The key might
// be active, inactive, or deleted. Active keys might not have permissions to
@@ -850,7 +980,8 @@ func (c *STS) GetCallerIdentityRequest(input *GetCallerIdentityInput) (req *requ
// sts:GetCallerIdentity action, you can still perform this operation. Permissions
// are not required because the same information is returned when an IAM user
// or role is denied access. To view an example response, see I Am Not Authorized
-// to Perform: iam:DeleteVirtualMFADevice (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa).
+// to Perform: iam:DeleteVirtualMFADevice (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa)
+// in the IAM User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -942,7 +1073,8 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
// or an OpenID Connect-compatible identity provider. In this case, we recommend
// that you use Amazon Cognito (http://aws.amazon.com/cognito/) or AssumeRoleWithWebIdentity.
// For more information, see Federation Through a Web-based Identity Provider
-// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity).
+// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity)
+// in the IAM User Guide.
//
// You can also call GetFederationToken using the security credentials of an
// AWS account root user, but we do not recommend it. Instead, we recommend
@@ -952,41 +1084,67 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
// Practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html)
// in the IAM User Guide.
//
+// Session duration
+//
// The temporary credentials are valid for the specified duration, from 900
// seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default
-// is 43,200 seconds (12 hours). Temporary credentials that are obtained by
-// using AWS account root user credentials have a maximum duration of 3,600
-// seconds (1 hour).
+// session duration is 43,200 seconds (12 hours). Temporary credentials that
+// are obtained by using AWS account root user credentials have a maximum duration
+// of 3,600 seconds (1 hour).
//
-// The temporary security credentials created by GetFederationToken can be used
-// to make API calls to any AWS service with the following exceptions:
+// Permissions
//
-// * You cannot use these credentials to call any IAM API operations.
+// You can use the temporary credentials created by GetFederationToken in any
+// AWS service except the following:
//
-// * You cannot call any STS API operations except GetCallerIdentity.
+// * You cannot call any IAM operations using the AWS CLI or the AWS API.
//
-// Permissions
+// * You cannot call any STS operations except GetCallerIdentity.
//
// You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// to this operation. You can pass a single JSON policy document to use as an
// inline session policy. You can also specify up to 10 managed policies to
// use as managed session policies. The plain text that you use for both inline
-// and managed session policies shouldn't exceed 2048 characters.
+// and managed session policies can't exceed 2,048 characters.
//
// Though the session policy parameters are optional, if you do not pass a policy,
-// then the resulting federated user session has no permissions. The only exception
-// is when the credentials are used to access a resource that has a resource-based
-// policy that specifically references the federated user session in the Principal
-// element of the policy. When you pass session policies, the session permissions
-// are the intersection of the IAM user policies and the session policies that
-// you pass. This gives you a way to further restrict the permissions for a
-// federated user. You cannot use session policies to grant more permissions
-// than those that are defined in the permissions policy of the IAM user. For
-// more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
+// then the resulting federated user session has no permissions. When you pass
+// session policies, the session permissions are the intersection of the IAM
+// user policies and the session policies that you pass. This gives you a way
+// to further restrict the permissions for a federated user. You cannot use
+// session policies to grant more permissions than those that are defined in
+// the permissions policy of the IAM user. For more information, see Session
+// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// in the IAM User Guide. For information about using GetFederationToken to
// create temporary security credentials, see GetFederationToken—Federation
// Through a Custom Identity Broker (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken).
//
+// You can use the credentials to access a resource that has a resource-based
+// policy. If that policy specifically references the federated user session
+// in the Principal element of the policy, the session has the permissions allowed
+// by the policy. These permissions are granted in addition to the permissions
+// granted by the session policies.
+//
+// Tags
+//
+// (Optional) You can pass tag key-value pairs to your session. These are called
+// session tags. For more information about session tags, see Passing Session
+// Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+// in the IAM User Guide.
+//
+// An administrator must grant you the permissions necessary to pass session
+// tags. The administrator can also create granular permissions to allow you
+// to pass only specific session tags. For more information, see Tutorial: Using
+// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html)
+// in the IAM User Guide.
+//
+// Tag key–value pairs are not case sensitive, but case is preserved. This
+// means that you cannot have separate Department and department tag keys. Assume
+// that the user that you are federating has the Department=Marketing tag and
+// you pass the department=engineering session tag. Department and department
+// are not saved as separate tags, and the session tag passed in the request
+// takes precedence over the user tag.
+//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
@@ -1000,9 +1158,18 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re
// message describes the specific error.
//
// * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge"
-// The request was rejected because the policy document was too large. The error
-// message describes how big the policy document is, in packed form, as a percentage
-// of what the API allows.
+// The request was rejected because the total packed size of the session policies
+// and session tags combined was too large. An AWS conversion compresses the
+// session policy document, session policy ARNs, and session tags into a packed
+// binary format that has a separate limit. The error message indicates by percentage
+// how close the policies and tags are to the upper size limit. For more information,
+// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+// in the IAM User Guide.
+//
+// You could receive this error even though you meet other defined session policy
+// and session tag limits. For more information, see IAM and STS Entity Character
+// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
+// in the IAM User Guide.
//
// * ErrCodeRegionDisabledException "RegionDisabledException"
// STS is not activated in the requested region for the account that is being
@@ -1091,6 +1258,8 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request.
// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
// in the IAM User Guide.
//
+// Session Duration
+//
// The GetSessionToken operation must be called by using the long-term AWS security
// credentials of the AWS account root user or an IAM user. Credentials that
// are created by IAM users are valid for the duration that you specify. This
@@ -1099,6 +1268,8 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request.
// based on account credentials can range from 900 seconds (15 minutes) up to
// 3,600 seconds (1 hour), with a default of 1 hour.
//
+// Permissions
+//
// The temporary security credentials created by GetSessionToken can be used
// to make API calls to any AWS service with the following exceptions:
//
@@ -1213,16 +1384,16 @@ type AssumeRoleInput struct {
// in the IAM User Guide.
//
// The plain text that you use for both inline and managed session policies
- // shouldn't exceed 2048 characters. The JSON policy characters can be any ASCII
+ // can't exceed 2,048 characters. The JSON policy characters can be any ASCII
// character from the space character to the end of the valid character list
// (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A),
// and carriage return (\u000D) characters.
//
- // The characters in this parameter count towards the 2048 character session
- // policy guideline. However, an AWS conversion compresses the session policies
- // into a packed binary format that has a separate limit. This is the enforced
- // limit. The PackedPolicySize response element indicates by percentage how
- // close the policy is to the upper size limit.
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
Policy *string `min:"1" type:"string"`
// The Amazon Resource Names (ARNs) of the IAM managed policies that you want
@@ -1231,15 +1402,15 @@ type AssumeRoleInput struct {
//
// This parameter is optional. You can provide up to 10 managed policy ARNs.
// However, the plain text that you use for both inline and managed session
- // policies shouldn't exceed 2048 characters. For more information about ARNs,
+ // policies can't exceed 2,048 characters. For more information about ARNs,
// see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the AWS General Reference.
//
- // The characters in this parameter count towards the 2048 character session
- // policy guideline. However, an AWS conversion compresses the session policies
- // into a packed binary format that has a separate limit. This is the enforced
- // limit. The PackedPolicySize response element indicates by percentage how
- // close the policy is to the upper size limit.
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
//
// Passing policies to this operation returns new temporary credentials. The
// resulting session's permissions are the intersection of the role's identity-based
@@ -1284,6 +1455,41 @@ type AssumeRoleInput struct {
// also include underscores or any of the following characters: =,.@-
SerialNumber *string `min:"9" type:"string"`
+ // A list of session tags that you want to pass. Each session tag consists of
+ // a key name and an associated value. For more information about session tags,
+ // see Tagging AWS STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+ // in the IAM User Guide.
+ //
+ // This parameter is optional. You can pass up to 50 session tags. The plain
+ // text session tag keys can’t exceed 128 characters, and the values can’t
+ // exceed 256 characters. For these and additional limits, see IAM and STS Character
+ // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
+ // in the IAM User Guide.
+ //
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
+ //
+ // You can pass a session tag with the same key as a tag that is already attached
+ // to the role. When you do, session tags override a role tag with the same
+ // key.
+ //
+ // Tag key–value pairs are not case sensitive, but case is preserved. This
+ // means that you cannot have separate Department and department tag keys. Assume
+ // that the role has the Department=Marketing tag and you pass the department=engineering
+ // session tag. Department and department are not saved as separate tags, and
+ // the session tag passed in the request takes precedence over the role tag.
+ //
+ // Additionally, if you used temporary credentials to perform this operation,
+ // the new session inherits any transitive session tags from the calling session.
+ // If you pass a session tag with the same key as an inherited tag, the operation
+ // fails. To view the inherited tags for a session, see the AWS CloudTrail logs.
+ // For more information, see Viewing Session Tags in CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/session-tags.html#id_session-tags_ctlogs)
+ // in the IAM User Guide.
+ Tags []*Tag `type:"list"`
+
// The value provided by the MFA device, if the trust policy of the role being
// assumed requires MFA (that is, if the policy includes a condition that tests
// for MFA). If the role being assumed requires MFA and if the TokenCode value
@@ -1292,6 +1498,19 @@ type AssumeRoleInput struct {
// The format for this parameter, as described by its regex pattern, is a sequence
// of six numeric digits.
TokenCode *string `min:"6" type:"string"`
+
+ // A list of keys for session tags that you want to set as transitive. If you
+ // set a tag key as transitive, the corresponding key and value passes to subsequent
+ // sessions in a role chain. For more information, see Chaining Roles with Session
+ // Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining)
+ // in the IAM User Guide.
+ //
+ // This parameter is optional. When you set session tags as transitive, the
+ // session policy and session tags packed binary limit is not affected.
+ //
+ // If you choose not to specify a transitive tag key, then no tags are passed
+ // from this session to any subsequent sessions.
+ TransitiveTagKeys []*string `type:"list"`
}
// String returns the string representation
@@ -1344,6 +1563,16 @@ func (s *AssumeRoleInput) Validate() error {
}
}
}
+ if s.Tags != nil {
+ for i, v := range s.Tags {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
@@ -1393,12 +1622,24 @@ func (s *AssumeRoleInput) SetSerialNumber(v string) *AssumeRoleInput {
return s
}
+// SetTags sets the Tags field's value.
+func (s *AssumeRoleInput) SetTags(v []*Tag) *AssumeRoleInput {
+ s.Tags = v
+ return s
+}
+
// SetTokenCode sets the TokenCode field's value.
func (s *AssumeRoleInput) SetTokenCode(v string) *AssumeRoleInput {
s.TokenCode = &v
return s
}
+// SetTransitiveTagKeys sets the TransitiveTagKeys field's value.
+func (s *AssumeRoleInput) SetTransitiveTagKeys(v []*string) *AssumeRoleInput {
+ s.TransitiveTagKeys = v
+ return s
+}
+
// Contains the response to a successful AssumeRole request, including temporary
// AWS credentials that can be used to make AWS requests.
type AssumeRoleOutput struct {
@@ -1418,9 +1659,10 @@ type AssumeRoleOutput struct {
// We strongly recommend that you make no assumptions about the maximum size.
Credentials *Credentials `type:"structure"`
- // A percentage value that indicates the size of the policy in packed form.
- // The service rejects any policy with a packed size greater than 100 percent,
- // which means the policy exceeded the allowed space.
+ // A percentage value that indicates the packed size of the session policies
+ // and session tags combined passed in the request. The request fails if the
+ // packed size is greater than 100 percent, which means the policies and tags
+ // exceeded the allowed space.
PackedPolicySize *int64 `type:"integer"`
}
@@ -1491,16 +1733,16 @@ type AssumeRoleWithSAMLInput struct {
// in the IAM User Guide.
//
// The plain text that you use for both inline and managed session policies
- // shouldn't exceed 2048 characters. The JSON policy characters can be any ASCII
+ // can't exceed 2,048 characters. The JSON policy characters can be any ASCII
// character from the space character to the end of the valid character list
// (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A),
// and carriage return (\u000D) characters.
//
- // The characters in this parameter count towards the 2048 character session
- // policy guideline. However, an AWS conversion compresses the session policies
- // into a packed binary format that has a separate limit. This is the enforced
- // limit. The PackedPolicySize response element indicates by percentage how
- // close the policy is to the upper size limit.
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
Policy *string `min:"1" type:"string"`
// The Amazon Resource Names (ARNs) of the IAM managed policies that you want
@@ -1509,15 +1751,15 @@ type AssumeRoleWithSAMLInput struct {
//
// This parameter is optional. You can provide up to 10 managed policy ARNs.
// However, the plain text that you use for both inline and managed session
- // policies shouldn't exceed 2048 characters. For more information about ARNs,
+ // policies can't exceed 2,048 characters. For more information about ARNs,
// see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the AWS General Reference.
//
- // The characters in this parameter count towards the 2048 character session
- // policy guideline. However, an AWS conversion compresses the session policies
- // into a packed binary format that has a separate limit. This is the enforced
- // limit. The PackedPolicySize response element indicates by percentage how
- // close the policy is to the upper size limit.
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
//
// Passing policies to this operation returns new temporary credentials. The
// resulting session's permissions are the intersection of the role's identity-based
@@ -1546,7 +1788,7 @@ type AssumeRoleWithSAMLInput struct {
// in the IAM User Guide.
//
// SAMLAssertion is a required field
- SAMLAssertion *string `min:"4" type:"string" required:"true"`
+ SAMLAssertion *string `min:"4" type:"string" required:"true" sensitive:"true"`
}
// String returns the string representation
@@ -1673,9 +1915,10 @@ type AssumeRoleWithSAMLOutput struct {
// ) )
NameQualifier *string `type:"string"`
- // A percentage value that indicates the size of the policy in packed form.
- // The service rejects any policy with a packed size greater than 100 percent,
- // which means the policy exceeded the allowed space.
+ // A percentage value that indicates the packed size of the session policies
+ // and session tags combined passed in the request. The request fails if the
+ // packed size is greater than 100 percent, which means the policies and tags
+ // exceeded the allowed space.
PackedPolicySize *int64 `type:"integer"`
// The value of the NameID element in the Subject element of the SAML assertion.
@@ -1786,16 +2029,16 @@ type AssumeRoleWithWebIdentityInput struct {
// in the IAM User Guide.
//
// The plain text that you use for both inline and managed session policies
- // shouldn't exceed 2048 characters. The JSON policy characters can be any ASCII
+ // can't exceed 2,048 characters. The JSON policy characters can be any ASCII
// character from the space character to the end of the valid character list
// (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A),
// and carriage return (\u000D) characters.
//
- // The characters in this parameter count towards the 2048 character session
- // policy guideline. However, an AWS conversion compresses the session policies
- // into a packed binary format that has a separate limit. This is the enforced
- // limit. The PackedPolicySize response element indicates by percentage how
- // close the policy is to the upper size limit.
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
Policy *string `min:"1" type:"string"`
// The Amazon Resource Names (ARNs) of the IAM managed policies that you want
@@ -1804,15 +2047,15 @@ type AssumeRoleWithWebIdentityInput struct {
//
// This parameter is optional. You can provide up to 10 managed policy ARNs.
// However, the plain text that you use for both inline and managed session
- // policies shouldn't exceed 2048 characters. For more information about ARNs,
+ // policies can't exceed 2,048 characters. For more information about ARNs,
// see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the AWS General Reference.
//
- // The characters in this parameter count towards the 2048 character session
- // policy guideline. However, an AWS conversion compresses the session policies
- // into a packed binary format that has a separate limit. This is the enforced
- // limit. The PackedPolicySize response element indicates by percentage how
- // close the policy is to the upper size limit.
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
//
// Passing policies to this operation returns new temporary credentials. The
// resulting session's permissions are the intersection of the role's identity-based
@@ -1857,7 +2100,7 @@ type AssumeRoleWithWebIdentityInput struct {
// the application makes an AssumeRoleWithWebIdentity call.
//
// WebIdentityToken is a required field
- WebIdentityToken *string `min:"4" type:"string" required:"true"`
+ WebIdentityToken *string `min:"4" type:"string" required:"true" sensitive:"true"`
}
// String returns the string representation
@@ -1983,9 +2226,10 @@ type AssumeRoleWithWebIdentityOutput struct {
// We strongly recommend that you make no assumptions about the maximum size.
Credentials *Credentials `type:"structure"`
- // A percentage value that indicates the size of the policy in packed form.
- // The service rejects any policy with a packed size greater than 100 percent,
- // which means the policy exceeded the allowed space.
+ // A percentage value that indicates the packed size of the session policies
+ // and session tags combined passed in the request. The request fails if the
+ // packed size is greater than 100 percent, which means the policies and tags
+ // exceeded the allowed space.
PackedPolicySize *int64 `type:"integer"`
// The issuing authority of the web identity token presented. For OpenID Connect
@@ -2057,7 +2301,7 @@ type AssumedRoleUser struct {
// The ARN of the temporary security credentials that are returned from the
// AssumeRole action. For more information about ARNs and how to use them in
// policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
- // in Using IAM.
+ // in the IAM User Guide.
//
// Arn is a required field
Arn *string `min:"20" type:"string" required:"true"`
@@ -2225,7 +2469,7 @@ type FederatedUser struct {
// The ARN that specifies the federated user that is associated with the credentials.
// For more information about ARNs and how to use them in policies, see IAM
// Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
- // in Using IAM.
+ // in the IAM User Guide.
//
// Arn is a required field
Arn *string `min:"20" type:"string" required:"true"`
@@ -2265,7 +2509,7 @@ type GetAccessKeyInfoInput struct {
// The identifier of an access key.
//
// This parameter allows (through its regex pattern) a string of characters
- // that can consist of any upper- or lowercased letter or digit.
+ // that can consist of any upper- or lowercase letter or digit.
//
// AccessKeyId is a required field
AccessKeyId *string `min:"16" type:"string" required:"true"`
@@ -2418,10 +2662,7 @@ type GetFederationTokenInput struct {
// use as managed session policies.
//
// This parameter is optional. However, if you do not pass any session policies,
- // then the resulting federated user session has no permissions. The only exception
- // is when the credentials are used to access a resource that has a resource-based
- // policy that specifically references the federated user session in the Principal
- // element of the policy.
+ // then the resulting federated user session has no permissions.
//
// When you pass session policies, the session permissions are the intersection
// of the IAM user policies and the session policies that you pass. This gives
@@ -2431,17 +2672,23 @@ type GetFederationTokenInput struct {
// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// in the IAM User Guide.
//
+ // The resulting credentials can be used to access a resource that has a resource-based
+ // policy. If that policy specifically references the federated user session
+ // in the Principal element of the policy, the session has the permissions allowed
+ // by the policy. These permissions are granted in addition to the permissions
+ // that are granted by the session policies.
+ //
// The plain text that you use for both inline and managed session policies
- // shouldn't exceed 2048 characters. The JSON policy characters can be any ASCII
+ // can't exceed 2,048 characters. The JSON policy characters can be any ASCII
// character from the space character to the end of the valid character list
// (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A),
// and carriage return (\u000D) characters.
//
- // The characters in this parameter count towards the 2048 character session
- // policy guideline. However, an AWS conversion compresses the session policies
- // into a packed binary format that has a separate limit. This is the enforced
- // limit. The PackedPolicySize response element indicates by percentage how
- // close the policy is to the upper size limit.
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
Policy *string `min:"1" type:"string"`
// The Amazon Resource Names (ARNs) of the IAM managed policies that you want
@@ -2452,16 +2699,13 @@ type GetFederationTokenInput struct {
// to this operation. You can pass a single JSON policy document to use as an
// inline session policy. You can also specify up to 10 managed policies to
// use as managed session policies. The plain text that you use for both inline
- // and managed session policies shouldn't exceed 2048 characters. You can provide
+ // and managed session policies can't exceed 2,048 characters. You can provide
// up to 10 managed policy ARNs. For more information about ARNs, see Amazon
// Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
// in the AWS General Reference.
//
// This parameter is optional. However, if you do not pass any session policies,
- // then the resulting federated user session has no permissions. The only exception
- // is when the credentials are used to access a resource that has a resource-based
- // policy that specifically references the federated user session in the Principal
- // element of the policy.
+ // then the resulting federated user session has no permissions.
//
// When you pass session policies, the session permissions are the intersection
// of the IAM user policies and the session policies that you pass. This gives
@@ -2471,12 +2715,46 @@ type GetFederationTokenInput struct {
// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// in the IAM User Guide.
//
- // The characters in this parameter count towards the 2048 character session
- // policy guideline. However, an AWS conversion compresses the session policies
- // into a packed binary format that has a separate limit. This is the enforced
- // limit. The PackedPolicySize response element indicates by percentage how
- // close the policy is to the upper size limit.
+ // The resulting credentials can be used to access a resource that has a resource-based
+ // policy. If that policy specifically references the federated user session
+ // in the Principal element of the policy, the session has the permissions allowed
+ // by the policy. These permissions are granted in addition to the permissions
+ // that are granted by the session policies.
+ //
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
PolicyArns []*PolicyDescriptorType `type:"list"`
+
+ // A list of session tags. Each session tag consists of a key name and an associated
+ // value. For more information about session tags, see Passing Session Tags
+ // in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+ // in the IAM User Guide.
+ //
+ // This parameter is optional. You can pass up to 50 session tags. The plain
+ // text session tag keys can’t exceed 128 characters and the values can’t
+ // exceed 256 characters. For these and additional limits, see IAM and STS Character
+ // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
+ // in the IAM User Guide.
+ //
+ // An AWS conversion compresses the passed session policies and session tags
+ // into a packed binary format that has a separate limit. Your request can fail
+ // for this limit even if your plain text meets the other requirements. The
+ // PackedPolicySize response element indicates by percentage how close the policies
+ // and tags for your request are to the upper size limit.
+ //
+ // You can pass a session tag with the same key as a tag that is already attached
+ // to the user you are federating. When you do, session tags override a user
+ // tag with the same key.
+ //
+ // Tag key–value pairs are not case sensitive, but case is preserved. This
+ // means that you cannot have separate Department and department tag keys. Assume
+ // that the role has the Department=Marketing tag and you pass the department=engineering
+ // session tag. Department and department are not saved as separate tags, and
+ // the session tag passed in the request takes precedence over the role tag.
+ Tags []*Tag `type:"list"`
}
// String returns the string representation
@@ -2514,6 +2792,16 @@ func (s *GetFederationTokenInput) Validate() error {
}
}
}
+ if s.Tags != nil {
+ for i, v := range s.Tags {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
@@ -2545,6 +2833,12 @@ func (s *GetFederationTokenInput) SetPolicyArns(v []*PolicyDescriptorType) *GetF
return s
}
+// SetTags sets the Tags field's value.
+func (s *GetFederationTokenInput) SetTags(v []*Tag) *GetFederationTokenInput {
+ s.Tags = v
+ return s
+}
+
// Contains the response to a successful GetFederationToken request, including
// temporary AWS credentials that can be used to make AWS requests.
type GetFederationTokenOutput struct {
@@ -2563,9 +2857,10 @@ type GetFederationTokenOutput struct {
// an Amazon S3 bucket policy.
FederatedUser *FederatedUser `type:"structure"`
- // A percentage value indicating the size of the policy in packed form. The
- // service rejects policies for which the packed size is greater than 100 percent
- // of the allowed value.
+ // A percentage value that indicates the packed size of the session policies
+ // and session tags combined passed in the request. The request fails if the
+ // packed size is greater than 100 percent, which means the policies and tags
+ // exceeded the allowed space.
PackedPolicySize *int64 `type:"integer"`
}
@@ -2748,3 +3043,73 @@ func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType {
s.Arn = &v
return s
}
+
+// You can pass custom key-value pair attributes when you assume a role or federate
+// a user. These are called session tags. You can then use the session tags
+// to control access to resources. For more information, see Tagging AWS STS
+// Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+// in the IAM User Guide.
+type Tag struct {
+ _ struct{} `type:"structure"`
+
+ // The key for a session tag.
+ //
+ // You can pass up to 50 session tags. The plain text session tag keys can’t
+ // exceed 128 characters. For these and additional limits, see IAM and STS Character
+ // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
+ // in the IAM User Guide.
+ //
+ // Key is a required field
+ Key *string `min:"1" type:"string" required:"true"`
+
+ // The value for a session tag.
+ //
+ // You can pass up to 50 session tags. The plain text session tag values can’t
+ // exceed 256 characters. For these and additional limits, see IAM and STS Character
+ // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
+ // in the IAM User Guide.
+ //
+ // Value is a required field
+ Value *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s Tag) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Tag) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *Tag) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "Tag"}
+ if s.Key == nil {
+ invalidParams.Add(request.NewErrParamRequired("Key"))
+ }
+ if s.Key != nil && len(*s.Key) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Key", 1))
+ }
+ if s.Value == nil {
+ invalidParams.Add(request.NewErrParamRequired("Value"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetKey sets the Key field's value.
+func (s *Tag) SetKey(v string) *Tag {
+ s.Key = &v
+ return s
+}
+
+// SetValue sets the Value field's value.
+func (s *Tag) SetValue(v string) *Tag {
+ s.Value = &v
+ return s
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go b/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go
index a3e378e..a233f54 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go
@@ -14,11 +14,11 @@ const (
// ErrCodeIDPCommunicationErrorException for service response error code
// "IDPCommunicationError".
//
- // The request could not be fulfilled because the non-AWS identity provider
- // (IDP) that was asked to verify the incoming identity token could not be reached.
- // This is often a transient error caused by network conditions. Retry the request
+ // The request could not be fulfilled because the identity provider (IDP) that
+ // was asked to verify the incoming identity token could not be reached. This
+ // is often a transient error caused by network conditions. Retry the request
// a limited number of times so that you don't exceed the request rate. If the
- // error persists, the non-AWS identity provider might be down or not responding.
+ // error persists, the identity provider might be down or not responding.
ErrCodeIDPCommunicationErrorException = "IDPCommunicationError"
// ErrCodeIDPRejectedClaimException for service response error code
@@ -34,9 +34,9 @@ const (
// ErrCodeInvalidAuthorizationMessageException for service response error code
// "InvalidAuthorizationMessageException".
//
- // This error is returned if the message passed to DecodeAuthorizationMessage
- // was invalid. This can happen if the token contains invalid characters, such
- // as linebreaks.
+ // The error returned if the message passed to DecodeAuthorizationMessage was
+ // invalid. This can happen if the token contains invalid characters, such as
+ // linebreaks.
ErrCodeInvalidAuthorizationMessageException = "InvalidAuthorizationMessageException"
// ErrCodeInvalidIdentityTokenException for service response error code
@@ -56,9 +56,18 @@ const (
// ErrCodePackedPolicyTooLargeException for service response error code
// "PackedPolicyTooLarge".
//
- // The request was rejected because the policy document was too large. The error
- // message describes how big the policy document is, in packed form, as a percentage
- // of what the API allows.
+ // The request was rejected because the total packed size of the session policies
+ // and session tags combined was too large. An AWS conversion compresses the
+ // session policy document, session policy ARNs, and session tags into a packed
+ // binary format that has a separate limit. The error message indicates by percentage
+ // how close the policies and tags are to the upper size limit. For more information,
+ // see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
+ // in the IAM User Guide.
+ //
+ // You could receive this error even though you meet other defined session policy
+ // and session tag limits. For more information, see IAM and STS Entity Character
+ // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
+ // in the IAM User Guide.
ErrCodePackedPolicyTooLargeException = "PackedPolicyTooLarge"
// ErrCodeRegionDisabledException for service response error code
diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/service.go b/vendor/github.com/aws/aws-sdk-go/service/sts/service.go
index 2c3c3d2..d34a685 100644
--- a/vendor/github.com/aws/aws-sdk-go/service/sts/service.go
+++ b/vendor/github.com/aws/aws-sdk-go/service/sts/service.go
@@ -31,7 +31,7 @@ var initRequest func(*request.Request)
const (
ServiceName = "sts" // Name of service.
EndpointsID = ServiceName // ID to lookup a service endpoint with.
- ServiceID = "STS" // ServiceID is a unique identifer of a specific service.
+ ServiceID = "STS" // ServiceID is a unique identifier of a specific service.
)
// New creates a new instance of the STS client with a session.
@@ -39,6 +39,8 @@ const (
// aws.Config parameter to add your extra config.
//
// Example:
+// mySession := session.Must(session.NewSession())
+//
// // Create a STS client from just a session.
// svc := sts.New(mySession)
//
diff --git a/vendor/github.com/go-spatial/geom/encoding/error.go b/vendor/github.com/go-spatial/geom/encoding/error.go
new file mode 100644
index 0000000..0526680
--- /dev/null
+++ b/vendor/github.com/go-spatial/geom/encoding/error.go
@@ -0,0 +1,25 @@
+package encoding
+
+import (
+ "fmt"
+
+ "github.com/go-spatial/geom"
+)
+
+// ErrUnknownGeometry is a wrapper around a geom.Geometry that is invalid
+type ErrUnknownGeometry struct {
+ Geom geom.Geometry
+}
+
+// ErrInvalidGeoJSON is a wrapper around a []byte that is invalid GeoJson
+type ErrInvalidGeoJSON struct {
+ GJSON []byte
+}
+
+func (e ErrUnknownGeometry) Error() string {
+ return fmt.Sprintf("unknown geometry: %T", e.Geom)
+}
+
+func (e ErrInvalidGeoJSON) Error() string {
+ return fmt.Sprintf("Invalid GeoJSON string: %T", string(e.GJSON))
+}
diff --git a/vendor/github.com/go-spatial/geom/encoding/geojson/geojson.go b/vendor/github.com/go-spatial/geom/encoding/geojson/geojson.go
new file mode 100644
index 0000000..afaeaf7
--- /dev/null
+++ b/vendor/github.com/go-spatial/geom/encoding/geojson/geojson.go
@@ -0,0 +1,238 @@
+package geojson
+
+import (
+ "encoding/json"
+
+ "github.com/go-spatial/geom"
+ "github.com/go-spatial/geom/encoding"
+)
+
+type GeoJSONType string
+
+const (
+ PointType GeoJSONType = "Point"
+ MultiPointType GeoJSONType = "MultiPoint"
+ LineStringType GeoJSONType = "LineString"
+ MultiLineStringType GeoJSONType = "MultiLineString"
+ PolygonType GeoJSONType = "Polygon"
+ MultiPolygonType GeoJSONType = "MultiPolygon"
+ GeometryCollectionType GeoJSONType = "GeometryCollection"
+ FeatureType GeoJSONType = "Feature"
+ FeatureCollectionType GeoJSONType = "FeatureCollection"
+)
+
+type Geometry struct {
+ geom.Geometry
+}
+
+func (geo Geometry) MarshalJSON() ([]byte, error) {
+ type coordinates struct {
+ Type GeoJSONType `json:"type"`
+ Coords interface{} `json:"coordinates,omitempty"`
+ }
+ type collection struct {
+ Type GeoJSONType `json:"type"`
+ Geometries []Geometry `json:"geometries,omitempty"`
+ }
+
+ switch g := geo.Geometry.(type) {
+ case geom.Pointer:
+ return json.Marshal(coordinates{
+ Type: PointType,
+ Coords: g.XY(),
+ })
+
+ case geom.MultiPointer:
+ return json.Marshal(coordinates{
+ Type: MultiPointType,
+ Coords: g.Points(),
+ })
+
+ case geom.LineStringer:
+ return json.Marshal(coordinates{
+ Type: LineStringType,
+ Coords: g.Vertices(),
+ })
+
+ case geom.MultiLineStringer:
+ return json.Marshal(coordinates{
+ Type: MultiLineStringType,
+ Coords: g.LineStrings(),
+ })
+
+ case geom.Polygoner:
+ ps := g.LinearRings()
+ closePolygon(ps)
+
+ return json.Marshal(coordinates{
+ Type: PolygonType,
+ // make sure our rings are closed
+ Coords: ps,
+ })
+
+ case geom.MultiPolygoner:
+ ps := g.Polygons()
+
+ // iterate through the polygons making sure they're closed
+ for i := range ps {
+ closePolygon(geom.Polygon(ps[i]))
+ }
+
+ return json.Marshal(coordinates{
+ Type: MultiPolygonType,
+ Coords: ps,
+ })
+
+ case geom.Collectioner:
+ gs := g.Geometries()
+
+ var geos = make([]Geometry, 0, len(gs))
+ for _, gg := range gs {
+ geos = append(geos, Geometry{gg})
+ }
+
+ return json.Marshal(collection{
+ Type: GeometryCollectionType,
+ Geometries: geos,
+ })
+
+ default:
+ return nil, geom.ErrUnknownGeometry{g}
+ }
+}
+
+// featureType allows the GeoJSON type for Feature to be automatically set during json Marshalling
+// which avoids the user from accidentally setting the incorrect GeoJSON type.
+type featureType struct{}
+
+func (_ featureType) MarshalJSON() ([]byte, error) {
+ return []byte(`"` + FeatureType + `"`), nil
+}
+func (fc *featureType) UnmarshalJSON(b []byte) error { return nil }
+
+type Feature struct {
+ Type featureType `json:"type"`
+ ID *uint64 `json:"id,omitempty"`
+ // can be null
+ Geometry Geometry `json:"geometry"`
+ // can be null
+ Properties map[string]interface{} `json:"properties"`
+}
+
+// featureCollectionType allows the GeoJSON type for Feature to be automatically set during json Marshalling
+// which avoids the user from accidentally setting the incorrect GeoJSON type.
+type featureCollectionType struct{}
+
+func (_ featureCollectionType) MarshalJSON() ([]byte, error) {
+ return []byte(`"` + FeatureCollectionType + `"`), nil
+}
+func (fc *featureCollectionType) UnmarshalJSON(b []byte) error { return nil }
+
+type FeatureCollection struct {
+ Type featureCollectionType `json:"type"`
+ Features []Feature `json:"features"`
+}
+
+func closePolygon(p geom.Polygon) {
+ for i := range p {
+ if len(p[i]) == 0 {
+ continue
+ }
+
+ // check if the first point and the last point are the same
+ // if they're not, make a copy of the first point and add it as the last position
+ if p[i][0] != p[i][len(p[i])-1] {
+ p[i] = append(p[i], p[i][0])
+ }
+ }
+}
+
+func (geo *Geometry) UnmarshalJSON(b []byte) error {
+ var geojsonMap map[string]*json.RawMessage
+ if err := json.Unmarshal(b, &geojsonMap); err != nil {
+ return err
+ }
+
+ var geomType GeoJSONType
+ if err := json.Unmarshal(*geojsonMap["type"], &geomType); err != nil {
+ return err
+ }
+ switch geomType {
+ case PointType:
+ var pt geom.Point
+ if err := json.Unmarshal(*geojsonMap["coordinates"], &pt); err != nil {
+ return err
+ }
+ geo.Geometry = pt
+ return nil
+ case PolygonType:
+ var poly geom.Polygon
+ if err := json.Unmarshal(*geojsonMap["coordinates"], &poly); err != nil {
+ return err
+ }
+ geo.Geometry = poly
+ return nil
+ case LineStringType:
+ var ls geom.LineString
+ if err := json.Unmarshal(*geojsonMap["coordinates"], &ls); err != nil {
+ return err
+ }
+ geo.Geometry = ls
+ return nil
+ case MultiPointType:
+ var mp geom.MultiPoint
+ if err := json.Unmarshal(*geojsonMap["coordinates"], &mp); err != nil {
+ return err
+ }
+ geo.Geometry = mp
+ return nil
+ case MultiLineStringType:
+ var ml geom.MultiLineString
+ if err := json.Unmarshal(*geojsonMap["coordinates"], &ml); err != nil {
+ return err
+ }
+ geo.Geometry = ml
+ return nil
+ case MultiPolygonType:
+ var mp geom.MultiPolygon
+ if err := json.Unmarshal(*geojsonMap["coordinates"], &mp); err != nil {
+ return err
+ }
+ geo.Geometry = mp
+ return nil
+ case GeometryCollectionType:
+ gc := geom.Collection{}
+ var rawMessageForGeometries []*json.RawMessage
+ if err := json.Unmarshal(*geojsonMap["geometries"], &rawMessageForGeometries); err != nil {
+ return err
+ }
+ geoms := make([]geom.Geometry, len(rawMessageForGeometries))
+ for i, v := range rawMessageForGeometries {
+ var g Geometry
+ if err := json.Unmarshal(*v, &g); err != nil {
+ return err
+ }
+ geoms[i] = g.Geometry
+ }
+ gc.SetGeometries(geoms)
+ geo.Geometry = gc
+ return nil
+ case FeatureType:
+ f := Feature{}
+ if err := json.Unmarshal(b, &f); err != nil {
+ return err
+ }
+ geo.Geometry = f
+ return nil
+ case FeatureCollectionType:
+ fc := FeatureCollection{}
+ if err := json.Unmarshal(b, &fc); err != nil {
+ return err
+ }
+ geo.Geometry = fc
+ return nil
+ default:
+ return encoding.ErrInvalidGeoJSON{b}
+ }
+ return nil
+}
diff --git a/vendor/github.com/jmespath/go-jmespath/.travis.yml b/vendor/github.com/jmespath/go-jmespath/.travis.yml
index 1f98077..730c7fa 100644
--- a/vendor/github.com/jmespath/go-jmespath/.travis.yml
+++ b/vendor/github.com/jmespath/go-jmespath/.travis.yml
@@ -3,7 +3,15 @@ language: go
sudo: false
go:
- - 1.4
+ - 1.5.x
+ - 1.6.x
+ - 1.7.x
+ - 1.8.x
+ - 1.9.x
+ - 1.10.x
+ - 1.11.x
+ - 1.12.x
+ - 1.13.x
install: go get -v -t ./...
script: make test
diff --git a/vendor/github.com/jmespath/go-jmespath/README.md b/vendor/github.com/jmespath/go-jmespath/README.md
index 187ef67..110ad79 100644
--- a/vendor/github.com/jmespath/go-jmespath/README.md
+++ b/vendor/github.com/jmespath/go-jmespath/README.md
@@ -4,4 +4,84 @@
-See http://jmespath.org for more info.
+go-jmespath is a GO implementation of JMESPath,
+which is a query language for JSON. It will take a JSON
+document and transform it into another JSON document
+through a JMESPath expression.
+
+Using go-jmespath is really easy. There's a single function
+you use, `jmespath.search`:
+
+
+```go
+> import "github.com/jmespath/go-jmespath"
+>
+> var jsondata = []byte(`{"foo": {"bar": {"baz": [0, 1, 2, 3, 4]}}}`) // your data
+> var data interface{}
+> err := json.Unmarshal(jsondata, &data)
+> result, err := jmespath.Search("foo.bar.baz[2]", data)
+result = 2
+```
+
+In the example we gave the ``search`` function input data of
+`{"foo": {"bar": {"baz": [0, 1, 2, 3, 4]}}}` as well as the JMESPath
+expression `foo.bar.baz[2]`, and the `search` function evaluated
+the expression against the input data to produce the result ``2``.
+
+The JMESPath language can do a lot more than select an element
+from a list. Here are a few more examples:
+
+```go
+> var jsondata = []byte(`{"foo": {"bar": {"baz": [0, 1, 2, 3, 4]}}}`) // your data
+> var data interface{}
+> err := json.Unmarshal(jsondata, &data)
+> result, err := jmespath.search("foo.bar", data)
+result = { "baz": [ 0, 1, 2, 3, 4 ] }
+
+
+> var jsondata = []byte(`{"foo": [{"first": "a", "last": "b"},
+ {"first": "c", "last": "d"}]}`) // your data
+> var data interface{}
+> err := json.Unmarshal(jsondata, &data)
+> result, err := jmespath.search({"foo[*].first", data)
+result [ 'a', 'c' ]
+
+
+> var jsondata = []byte(`{"foo": [{"age": 20}, {"age": 25},
+ {"age": 30}, {"age": 35},
+ {"age": 40}]}`) // your data
+> var data interface{}
+> err := json.Unmarshal(jsondata, &data)
+> result, err := jmespath.search("foo[?age > `30`]")
+result = [ { age: 35 }, { age: 40 } ]
+```
+
+You can also pre-compile your query. This is usefull if
+you are going to run multiple searches with it:
+
+```go
+ > var jsondata = []byte(`{"foo": "bar"}`)
+ > var data interface{}
+ > err := json.Unmarshal(jsondata, &data)
+ > precompiled, err := Compile("foo")
+ > if err != nil{
+ > // ... handle the error
+ > }
+ > result, err := precompiled.Search(data)
+ result = "bar"
+```
+
+## More Resources
+
+The example above only show a small amount of what
+a JMESPath expression can do. If you want to take a
+tour of the language, the *best* place to go is the
+[JMESPath Tutorial](http://jmespath.org/tutorial.html).
+
+One of the best things about JMESPath is that it is
+implemented in many different programming languages including
+python, ruby, php, lua, etc. To see a complete list of libraries,
+check out the [JMESPath libraries page](http://jmespath.org/libraries.html).
+
+And finally, the full JMESPath specification can be found
+on the [JMESPath site](http://jmespath.org/specification.html).
diff --git a/vendor/github.com/jmespath/go-jmespath/api.go b/vendor/github.com/jmespath/go-jmespath/api.go
index 8e26ffe..010efe9 100644
--- a/vendor/github.com/jmespath/go-jmespath/api.go
+++ b/vendor/github.com/jmespath/go-jmespath/api.go
@@ -2,7 +2,7 @@ package jmespath
import "strconv"
-// JMESPath is the epresentation of a compiled JMES path query. A JMESPath is
+// JMESPath is the representation of a compiled JMES path query. A JMESPath is
// safe for concurrent use by multiple goroutines.
type JMESPath struct {
ast ASTNode
diff --git a/vendor/github.com/jmespath/go-jmespath/go.mod b/vendor/github.com/jmespath/go-jmespath/go.mod
new file mode 100644
index 0000000..aa1e3f1
--- /dev/null
+++ b/vendor/github.com/jmespath/go-jmespath/go.mod
@@ -0,0 +1,5 @@
+module github.com/jmespath/go-jmespath
+
+go 1.14
+
+require github.com/stretchr/testify v1.5.1
diff --git a/vendor/github.com/jmespath/go-jmespath/go.sum b/vendor/github.com/jmespath/go-jmespath/go.sum
new file mode 100644
index 0000000..331fa69
--- /dev/null
+++ b/vendor/github.com/jmespath/go-jmespath/go.sum
@@ -0,0 +1,11 @@
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
+github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
diff --git a/vendor/github.com/jmespath/go-jmespath/parser.go b/vendor/github.com/jmespath/go-jmespath/parser.go
index 1240a17..4abc303 100644
--- a/vendor/github.com/jmespath/go-jmespath/parser.go
+++ b/vendor/github.com/jmespath/go-jmespath/parser.go
@@ -137,7 +137,7 @@ func (p *Parser) Parse(expression string) (ASTNode, error) {
}
if p.current() != tEOF {
return ASTNode{}, p.syntaxError(fmt.Sprintf(
- "Unexpected token at the end of the expresssion: %s", p.current()))
+ "Unexpected token at the end of the expression: %s", p.current()))
}
return parsed, nil
}
diff --git a/vendor/github.com/pkg/errors/.travis.yml b/vendor/github.com/pkg/errors/.travis.yml
index d4b9266..9159de0 100644
--- a/vendor/github.com/pkg/errors/.travis.yml
+++ b/vendor/github.com/pkg/errors/.travis.yml
@@ -1,15 +1,10 @@
language: go
go_import_path: github.com/pkg/errors
go:
- - 1.4.x
- - 1.5.x
- - 1.6.x
- - 1.7.x
- - 1.8.x
- - 1.9.x
- - 1.10.x
- 1.11.x
+ - 1.12.x
+ - 1.13.x
- tip
script:
- - go test -v ./...
+ - make check
diff --git a/vendor/github.com/pkg/errors/Makefile b/vendor/github.com/pkg/errors/Makefile
new file mode 100644
index 0000000..ce9d7cd
--- /dev/null
+++ b/vendor/github.com/pkg/errors/Makefile
@@ -0,0 +1,44 @@
+PKGS := github.com/pkg/errors
+SRCDIRS := $(shell go list -f '{{.Dir}}' $(PKGS))
+GO := go
+
+check: test vet gofmt misspell unconvert staticcheck ineffassign unparam
+
+test:
+ $(GO) test $(PKGS)
+
+vet: | test
+ $(GO) vet $(PKGS)
+
+staticcheck:
+ $(GO) get honnef.co/go/tools/cmd/staticcheck
+ staticcheck -checks all $(PKGS)
+
+misspell:
+ $(GO) get github.com/client9/misspell/cmd/misspell
+ misspell \
+ -locale GB \
+ -error \
+ *.md *.go
+
+unconvert:
+ $(GO) get github.com/mdempsky/unconvert
+ unconvert -v $(PKGS)
+
+ineffassign:
+ $(GO) get github.com/gordonklaus/ineffassign
+ find $(SRCDIRS) -name '*.go' | xargs ineffassign
+
+pedantic: check errcheck
+
+unparam:
+ $(GO) get mvdan.cc/unparam
+ unparam ./...
+
+errcheck:
+ $(GO) get github.com/kisielk/errcheck
+ errcheck $(PKGS)
+
+gofmt:
+ @echo Checking code is gofmted
+ @test -z "$(shell gofmt -s -l -d -e $(SRCDIRS) | tee /dev/stderr)"
diff --git a/vendor/github.com/pkg/errors/README.md b/vendor/github.com/pkg/errors/README.md
index 6483ba2..54dfdcb 100644
--- a/vendor/github.com/pkg/errors/README.md
+++ b/vendor/github.com/pkg/errors/README.md
@@ -41,11 +41,18 @@ default:
[Read the package documentation for more information](https://godoc.org/github.com/pkg/errors).
+## Roadmap
+
+With the upcoming [Go2 error proposals](https://go.googlesource.com/proposal/+/master/design/go2draft.md) this package is moving into maintenance mode. The roadmap for a 1.0 release is as follows:
+
+- 0.9. Remove pre Go 1.9 and Go 1.10 support, address outstanding pull requests (if possible)
+- 1.0. Final release.
+
## Contributing
-We welcome pull requests, bug fixes and issue reports. With that said, the bar for adding new symbols to this package is intentionally set high.
+Because of the Go2 errors changes, this package is not accepting proposals for new functionality. With that said, we welcome pull requests, bug fixes and issue reports.
-Before proposing a change, please discuss your change by raising an issue.
+Before sending a PR, please discuss your change by raising an issue.
## License
diff --git a/vendor/github.com/pkg/errors/errors.go b/vendor/github.com/pkg/errors/errors.go
index 7421f32..161aea2 100644
--- a/vendor/github.com/pkg/errors/errors.go
+++ b/vendor/github.com/pkg/errors/errors.go
@@ -82,7 +82,7 @@
//
// if err, ok := err.(stackTracer); ok {
// for _, f := range err.StackTrace() {
-// fmt.Printf("%+s:%d", f)
+// fmt.Printf("%+s:%d\n", f, f)
// }
// }
//
@@ -159,6 +159,9 @@ type withStack struct {
func (w *withStack) Cause() error { return w.error }
+// Unwrap provides compatibility for Go 1.13 error chains.
+func (w *withStack) Unwrap() error { return w.error }
+
func (w *withStack) Format(s fmt.State, verb rune) {
switch verb {
case 'v':
@@ -241,6 +244,9 @@ type withMessage struct {
func (w *withMessage) Error() string { return w.msg + ": " + w.cause.Error() }
func (w *withMessage) Cause() error { return w.cause }
+// Unwrap provides compatibility for Go 1.13 error chains.
+func (w *withMessage) Unwrap() error { return w.cause }
+
func (w *withMessage) Format(s fmt.State, verb rune) {
switch verb {
case 'v':
diff --git a/vendor/github.com/pkg/errors/go113.go b/vendor/github.com/pkg/errors/go113.go
new file mode 100644
index 0000000..be0d10d
--- /dev/null
+++ b/vendor/github.com/pkg/errors/go113.go
@@ -0,0 +1,38 @@
+// +build go1.13
+
+package errors
+
+import (
+ stderrors "errors"
+)
+
+// Is reports whether any error in err's chain matches target.
+//
+// The chain consists of err itself followed by the sequence of errors obtained by
+// repeatedly calling Unwrap.
+//
+// An error is considered to match a target if it is equal to that target or if
+// it implements a method Is(error) bool such that Is(target) returns true.
+func Is(err, target error) bool { return stderrors.Is(err, target) }
+
+// As finds the first error in err's chain that matches target, and if so, sets
+// target to that error value and returns true.
+//
+// The chain consists of err itself followed by the sequence of errors obtained by
+// repeatedly calling Unwrap.
+//
+// An error matches target if the error's concrete value is assignable to the value
+// pointed to by target, or if the error has a method As(interface{}) bool such that
+// As(target) returns true. In the latter case, the As method is responsible for
+// setting target.
+//
+// As will panic if target is not a non-nil pointer to either a type that implements
+// error, or to any interface type. As returns false if err is nil.
+func As(err error, target interface{}) bool { return stderrors.As(err, target) }
+
+// Unwrap returns the result of calling the Unwrap method on err, if err's
+// type contains an Unwrap method returning error.
+// Otherwise, Unwrap returns nil.
+func Unwrap(err error) error {
+ return stderrors.Unwrap(err)
+}
diff --git a/vendor/github.com/pkg/errors/stack.go b/vendor/github.com/pkg/errors/stack.go
index 2874a04..779a834 100644
--- a/vendor/github.com/pkg/errors/stack.go
+++ b/vendor/github.com/pkg/errors/stack.go
@@ -5,10 +5,13 @@ import (
"io"
"path"
"runtime"
+ "strconv"
"strings"
)
// Frame represents a program counter inside a stack frame.
+// For historical reasons if Frame is interpreted as a uintptr
+// its value represents the program counter + 1.
type Frame uintptr
// pc returns the program counter for this frame;
@@ -37,6 +40,15 @@ func (f Frame) line() int {
return line
}
+// name returns the name of this function, if known.
+func (f Frame) name() string {
+ fn := runtime.FuncForPC(f.pc())
+ if fn == nil {
+ return "unknown"
+ }
+ return fn.Name()
+}
+
// Format formats the frame according to the fmt.Formatter interface.
//
// %s source file
@@ -54,22 +66,16 @@ func (f Frame) Format(s fmt.State, verb rune) {
case 's':
switch {
case s.Flag('+'):
- pc := f.pc()
- fn := runtime.FuncForPC(pc)
- if fn == nil {
- io.WriteString(s, "unknown")
- } else {
- file, _ := fn.FileLine(pc)
- fmt.Fprintf(s, "%s\n\t%s", fn.Name(), file)
- }
+ io.WriteString(s, f.name())
+ io.WriteString(s, "\n\t")
+ io.WriteString(s, f.file())
default:
io.WriteString(s, path.Base(f.file()))
}
case 'd':
- fmt.Fprintf(s, "%d", f.line())
+ io.WriteString(s, strconv.Itoa(f.line()))
case 'n':
- name := runtime.FuncForPC(f.pc()).Name()
- io.WriteString(s, funcname(name))
+ io.WriteString(s, funcname(f.name()))
case 'v':
f.Format(s, 's')
io.WriteString(s, ":")
@@ -77,6 +83,16 @@ func (f Frame) Format(s fmt.State, verb rune) {
}
}
+// MarshalText formats a stacktrace Frame as a text string. The output is the
+// same as that of fmt.Sprintf("%+v", f), but without newlines or tabs.
+func (f Frame) MarshalText() ([]byte, error) {
+ name := f.name()
+ if name == "unknown" {
+ return []byte(name), nil
+ }
+ return []byte(fmt.Sprintf("%s %s:%d", name, f.file(), f.line())), nil
+}
+
// StackTrace is stack of Frames from innermost (newest) to outermost (oldest).
type StackTrace []Frame
@@ -94,16 +110,30 @@ func (st StackTrace) Format(s fmt.State, verb rune) {
switch {
case s.Flag('+'):
for _, f := range st {
- fmt.Fprintf(s, "\n%+v", f)
+ io.WriteString(s, "\n")
+ f.Format(s, verb)
}
case s.Flag('#'):
fmt.Fprintf(s, "%#v", []Frame(st))
default:
- fmt.Fprintf(s, "%v", []Frame(st))
+ st.formatSlice(s, verb)
}
case 's':
- fmt.Fprintf(s, "%s", []Frame(st))
+ st.formatSlice(s, verb)
+ }
+}
+
+// formatSlice will format this StackTrace into the given buffer as a slice of
+// Frame, only valid when called with '%s' or '%v'.
+func (st StackTrace) formatSlice(s fmt.State, verb rune) {
+ io.WriteString(s, "[")
+ for i, f := range st {
+ if i > 0 {
+ io.WriteString(s, " ")
+ }
+ f.Format(s, verb)
}
+ io.WriteString(s, "]")
}
// stack represents a stack of program counters.
diff --git a/vendor/modules.txt b/vendor/modules.txt
index f6ed081..adbce66 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -7,8 +7,9 @@ github.com/alecthomas/template/parse
github.com/alecthomas/units
# github.com/arolek/p v0.0.0-20191103215535-df3c295ed582
github.com/arolek/p
-# github.com/aws/aws-sdk-go v1.25.36
+# github.com/aws/aws-sdk-go v1.34.0
github.com/aws/aws-sdk-go/aws
+github.com/aws/aws-sdk-go/aws/arn
github.com/aws/aws-sdk-go/aws/awserr
github.com/aws/aws-sdk-go/aws/awsutil
github.com/aws/aws-sdk-go/aws/client
@@ -26,6 +27,7 @@ github.com/aws/aws-sdk-go/aws/endpoints
github.com/aws/aws-sdk-go/aws/request
github.com/aws/aws-sdk-go/aws/session
github.com/aws/aws-sdk-go/aws/signer/v4
+github.com/aws/aws-sdk-go/internal/context
github.com/aws/aws-sdk-go/internal/ini
github.com/aws/aws-sdk-go/internal/s3err
github.com/aws/aws-sdk-go/internal/sdkio
@@ -33,6 +35,9 @@ github.com/aws/aws-sdk-go/internal/sdkmath
github.com/aws/aws-sdk-go/internal/sdkrand
github.com/aws/aws-sdk-go/internal/sdkuri
github.com/aws/aws-sdk-go/internal/shareddefaults
+github.com/aws/aws-sdk-go/internal/strings
+github.com/aws/aws-sdk-go/internal/sync/singleflight
+github.com/aws/aws-sdk-go/private/checksum
github.com/aws/aws-sdk-go/private/protocol
github.com/aws/aws-sdk-go/private/protocol/eventstream
github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi
@@ -46,6 +51,7 @@ github.com/aws/aws-sdk-go/private/protocol/restxml
github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil
github.com/aws/aws-sdk-go/service/batch
github.com/aws/aws-sdk-go/service/s3
+github.com/aws/aws-sdk-go/service/s3/internal/arn
github.com/aws/aws-sdk-go/service/s3/s3iface
github.com/aws/aws-sdk-go/service/s3/s3manager
github.com/aws/aws-sdk-go/service/sts
@@ -64,6 +70,8 @@ github.com/go-chi/chi
# github.com/go-spatial/geom v0.0.0-20200715161102-ca3b2fd9dd14
github.com/go-spatial/geom
github.com/go-spatial/geom/cmp
+github.com/go-spatial/geom/encoding
+github.com/go-spatial/geom/encoding/geojson
github.com/go-spatial/geom/encoding/wkb
github.com/go-spatial/geom/encoding/wkb/internal/consts
github.com/go-spatial/geom/encoding/wkb/internal/decode
@@ -128,11 +136,11 @@ github.com/jackc/pgx/v4/internal/sanitize
github.com/jackc/pgx/v4/pgxpool
# github.com/jackc/puddle v1.1.1
github.com/jackc/puddle
-# github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af
+# github.com/jmespath/go-jmespath v0.3.0
github.com/jmespath/go-jmespath
# github.com/konsorten/go-windows-terminal-sequences v1.0.2
github.com/konsorten/go-windows-terminal-sequences
-# github.com/pkg/errors v0.8.1
+# github.com/pkg/errors v0.9.1
github.com/pkg/errors
# github.com/prometheus/common v0.4.1
github.com/prometheus/common/log