diff --git a/go.mod b/go.mod index 9107be59..5400f854 100644 --- a/go.mod +++ b/go.mod @@ -4,20 +4,20 @@ go 1.18 require ( github.com/aws/aws-sdk-go v1.44.328 - github.com/aws/aws-sdk-go-v2 v1.19.0 - github.com/aws/aws-sdk-go-v2/config v1.18.28 - github.com/aws/aws-sdk-go-v2/credentials v1.13.27 - github.com/aws/aws-sdk-go-v2/service/amp v1.16.14 - github.com/aws/aws-sdk-go-v2/service/apigateway v1.16.14 - github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.13.15 - github.com/aws/aws-sdk-go-v2/service/autoscaling v1.28.10 - github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.26.3 - github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.27.0 - github.com/aws/aws-sdk-go-v2/service/ec2 v1.106.0 - github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.14.15 - github.com/aws/aws-sdk-go-v2/service/shield v1.18.13 - github.com/aws/aws-sdk-go-v2/service/storagegateway v1.18.16 - github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 + github.com/aws/aws-sdk-go-v2 v1.21.0 + github.com/aws/aws-sdk-go-v2/config v1.18.37 + github.com/aws/aws-sdk-go-v2/credentials v1.13.35 + github.com/aws/aws-sdk-go-v2/service/amp v1.17.5 + github.com/aws/aws-sdk-go-v2/service/apigateway v1.18.0 + github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.14.5 + github.com/aws/aws-sdk-go-v2/service/autoscaling v1.30.6 + github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.27.7 + github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.30.4 + github.com/aws/aws-sdk-go-v2/service/ec2 v1.115.0 + github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.15.5 + github.com/aws/aws-sdk-go-v2/service/shield v1.19.5 + github.com/aws/aws-sdk-go-v2/service/storagegateway v1.19.6 + github.com/aws/aws-sdk-go-v2/service/sts v1.21.5 github.com/aws/smithy-go v1.14.2 github.com/go-kit/log v0.2.1 github.com/grafana/regexp v0.0.0-20221123153739-15dc172cd2db @@ -31,13 +31,13 @@ require ( ) require ( - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.11 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.41 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.35 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.3.42 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.35 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.13.5 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.5 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect diff --git a/go.sum b/go.sum index 1a63e7df..79d6c7af 100644 --- a/go.sum +++ b/go.sum @@ -1,48 +1,47 @@ github.com/aws/aws-sdk-go v1.44.328 h1:WBwlf8ym9SDQ/GTIBO9eXyvwappKJyOetWJKl4mT7ZU= github.com/aws/aws-sdk-go v1.44.328/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= -github.com/aws/aws-sdk-go-v2 v1.19.0 h1:klAT+y3pGFBU/qVf1uzwttpBbiuozJYWzNLHioyDJ+k= -github.com/aws/aws-sdk-go-v2 v1.19.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= -github.com/aws/aws-sdk-go-v2/config v1.18.28 h1:TINEaKyh1Td64tqFvn09iYpKiWjmHYrG1fa91q2gnqw= -github.com/aws/aws-sdk-go-v2/config v1.18.28/go.mod h1:nIL+4/8JdAuNHEjn/gPEXqtnS02Q3NXB/9Z7o5xE4+A= -github.com/aws/aws-sdk-go-v2/credentials v1.13.27 h1:dz0yr/yR1jweAnsCx+BmjerUILVPQ6FS5AwF/OyG1kA= -github.com/aws/aws-sdk-go-v2/credentials v1.13.27/go.mod h1:syOqAek45ZXZp29HlnRS/BNgMIW6uiRmeuQsz4Qh2UE= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5 h1:kP3Me6Fy3vdi+9uHd7YLr6ewPxRL+PU6y15urfTaamU= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5/go.mod h1:Gj7tm95r+QsDoN2Fhuz/3npQvcZbkEf5mL70n3Xfluc= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35 h1:hMUCiE3Zi5AHrRNGf5j985u0WyqI6r2NULhUfo0N/No= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35/go.mod h1:ipR5PvpSPqIqL5Mi82BxLnfMkHVbmco8kUwO2xrCi0M= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29 h1:yOpYx+FTBdpk/g+sBU6Cb1H0U/TLEcYYp66mYqsPpcc= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29/go.mod h1:M/eUABlDbw2uVrdAn+UsI6M727qp2fxkp8K0ejcBDUY= -github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 h1:8r5m1BoAWkn0TDC34lUculryf7nUF25EgIMdjvGCkgo= -github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36/go.mod h1:Rmw2M1hMVTwiUhjwMoIBFWFJMhvJbct06sSidxInkhY= -github.com/aws/aws-sdk-go-v2/service/amp v1.16.14 h1:cak6jLkSwmPqcJ7pcVlkABsYfjCxxiyjBM2xBgjPwmY= -github.com/aws/aws-sdk-go-v2/service/amp v1.16.14/go.mod h1:Tq9wKXE+SPKKkwJSRHE/u+aOdUdvU//AuPfi/w6iNdc= -github.com/aws/aws-sdk-go-v2/service/apigateway v1.16.14 h1:mXf/MQX2zcKpWTfI4YgHrD4UYBh6AzyBCRfVdsxExaU= -github.com/aws/aws-sdk-go-v2/service/apigateway v1.16.14/go.mod h1:KJyzRVA5DkFaU4hVgKDoHiSrCobfmYP8UpRXlybTuTU= -github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.13.15 h1:lgTqmtilhObvVhxeBhX/KRC5RaB4A0dQqDDdLmfAP+0= -github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.13.15/go.mod h1:lg/1D90DDo2//C84mvygysHF4JRo+Vf/W5YbkHoeUk8= -github.com/aws/aws-sdk-go-v2/service/autoscaling v1.28.10 h1:moHEk4wbdc8VNvff4UOLuXVHtjh7YtsGdiyB0MrPPKg= -github.com/aws/aws-sdk-go-v2/service/autoscaling v1.28.10/go.mod h1:P3qp1VYVoxHgDhpDDCTre1ee9IKpmgqnUoOb+8RA9qI= -github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.26.3 h1:sAqtjjMc1DdA0JnYKKuqJVt/eHLTuN7bDf2T4UQ9sDs= -github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.26.3/go.mod h1:r6kXYdL8M2/BnZatWvQ8yC/3UQvPrXTQnJtZ0xEbKRM= -github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.27.0 h1:8ei9YIP3tmLbIX4rh1Hq9MM8/rpb1QBtHreVN/TP7wQ= -github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.27.0/go.mod h1:UXh7fjHrDoVd/tRPQyGCSfb04setwR75qxAx7+x1vcU= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.106.0 h1:chzRNw2kwcrosHm0k72Wyf4sbUNcG8+HeCJbSBtsOTk= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.106.0/go.mod h1:/0btVmMZJ0sn9JQ2N96XszlQNeRCJhhXOS/sPZgDeew= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29 h1:IiDolu/eLmuB18DRZibj77n1hHQT7z12jnGO7Ze3pLc= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29/go.mod h1:fDbkK4o7fpPXWn8YAPmTieAMuB9mk/VgvW64uaUqxd4= -github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.14.15 h1:5I9Yi2Ls1q8/VTpRmlLOGilFCtJNsEms+64BhYybm7Y= -github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.14.15/go.mod h1:86l8OObGPcaNgQ2pVaRRdaHTepispGs2UYLp8niWkSM= -github.com/aws/aws-sdk-go-v2/service/shield v1.18.13 h1:/QqZKWvxShuecy5hZm6P4pJQ2Uzn6TSJtsd9xeaqLG0= -github.com/aws/aws-sdk-go-v2/service/shield v1.18.13/go.mod h1:YcHL79qHynGYok2NKGb3+mrb6EWROWD4gBU3v+tKtUM= -github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 h1:sWDv7cMITPcZ21QdreULwxOOAmE05JjEsT6fCDtDA9k= -github.com/aws/aws-sdk-go-v2/service/sso v1.12.13/go.mod h1:DfX0sWuT46KpcqbMhJ9QWtxAIP1VozkDWf8VAkByjYY= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 h1:BFubHS/xN5bjl818QaroN6mQdjneYQ+AOx44KNXlyH4= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13/go.mod h1:BzqsVVFduubEmzrVtUFQQIQdFqvUItF8XUq2EnS8Wog= -github.com/aws/aws-sdk-go-v2/service/storagegateway v1.18.16 h1:Gk+75k6j55fqE+uA/99jAlcZBY4OLT244JuKp+HLXxo= -github.com/aws/aws-sdk-go-v2/service/storagegateway v1.18.16/go.mod h1:l/XhpyuxnJ3s8yKi9h0XDwVqM18iDEFeUVDYGCEcE/g= -github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 h1:e5mnydVdCVWxP+5rPAGi2PYxC7u2OZgH1ypC114H04U= -github.com/aws/aws-sdk-go-v2/service/sts v1.19.3/go.mod h1:yVGZA1CPkmUhBdA039jXNJJG7/6t+G+EBWmFq23xqnY= -github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= +github.com/aws/aws-sdk-go-v2 v1.21.0 h1:gMT0IW+03wtYJhRqTVYn0wLzwdnK9sRMcxmtfGzRdJc= +github.com/aws/aws-sdk-go-v2 v1.21.0/go.mod h1:/RfNgGmRxI+iFOB1OeJUyxiU+9s88k3pfHvDagGEp0M= +github.com/aws/aws-sdk-go-v2/config v1.18.37 h1:RNAfbPqw1CstCooHaTPhScz7z1PyocQj0UL+l95CgzI= +github.com/aws/aws-sdk-go-v2/config v1.18.37/go.mod h1:8AnEFxW9/XGKCbjYDCJy7iltVNyEI9Iu9qC21UzhhgQ= +github.com/aws/aws-sdk-go-v2/credentials v1.13.35 h1:QpsNitYJu0GgvMBLUIYu9H4yryA5kMksjeIVQfgXrt8= +github.com/aws/aws-sdk-go-v2/credentials v1.13.35/go.mod h1:o7rCaLtvK0hUggAGclf76mNGGkaG5a9KWlp+d9IpcV8= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.11 h1:uDZJF1hu0EVT/4bogChk8DyjSF6fof6uL/0Y26Ma7Fg= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.11/go.mod h1:TEPP4tENqBGO99KwVpV9MlOX4NSrSLP8u3KRy2CDwA8= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.41 h1:22dGT7PneFMx4+b3pz7lMTRyN8ZKH7M2cW4GP9yUS2g= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.41/go.mod h1:CrObHAuPneJBlfEJ5T3szXOUkLEThaGfvnhTf33buas= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.35 h1:SijA0mgjV8E+8G45ltVHs0fvKpTj8xmZJ3VwhGKtUSI= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.35/go.mod h1:SJC1nEVVva1g3pHAIdCp7QsRIkMmLAgoDquQ9Rr8kYw= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.42 h1:GPUcE/Yq7Ur8YSUk6lVkoIMWnJNO0HT18GUzCWCgCI0= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.42/go.mod h1:rzfdUlfA+jdgLDmPKjd3Chq9V7LVLYo1Nz++Wb91aRo= +github.com/aws/aws-sdk-go-v2/service/amp v1.17.5 h1:Wg2vTVYrMrfkNqrCGaggQq1UBdzgrAsorAfavLNpU/E= +github.com/aws/aws-sdk-go-v2/service/amp v1.17.5/go.mod h1:JXkUFaC1ISQYHO535+mgMPF0b1OaSdrsM5FhFfBbbQY= +github.com/aws/aws-sdk-go-v2/service/apigateway v1.18.0 h1:rByriM7T0xvKy7eDiNUhFyVgnGupZ7DIifReKDzfk5E= +github.com/aws/aws-sdk-go-v2/service/apigateway v1.18.0/go.mod h1:OJmEdRP/gDTqY71Cc/eJ/anpvvGHNgf62FyNuah3X48= +github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.14.5 h1:pLmOgMUiwXOi3oKx2J3feVb9JGVgwJ78RYnOV9UR0BM= +github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.14.5/go.mod h1:4eIs6K6ag6ymoUMOFfjm9dmP9KbuKgC7K5eIqlIBsbY= +github.com/aws/aws-sdk-go-v2/service/autoscaling v1.30.6 h1:OuxP8FzE3++AjQ8wabMcwJxtS25inpTIblMPNzV3nB8= +github.com/aws/aws-sdk-go-v2/service/autoscaling v1.30.6/go.mod h1:iHCpld+TvQd0odwp6BiwtL9H9LbU41kPW1i9oBy3iOo= +github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.27.7 h1:qULF+ElcvjjSEO1+z5x+TmKE9d4yTej7PfpJQPVvexY= +github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.27.7/go.mod h1:1HKxVrj5wsKy/wb2v07vzTSd+YPV1sDsWxferwPK7PA= +github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.30.4 h1:Ir8BEejwSOOrD9juzFSMdXkXPyIdj1DfkFR+FJb0kc8= +github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.30.4/go.mod h1:NSAyKko0rDkrZOjcdCPPvMEe+FyIw/aDDQ8X+xAIW44= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.115.0 h1:/OcX8Q9qehNdPQInuYifmcsTir62q6ulmZByy/VkoeE= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.115.0/go.mod h1:0FhI2Rzcv5BNM3dNnbcCx2qa2naFZoAidJi11cQgzL0= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.35 h1:CdzPW9kKitgIiLV1+MHobfR5Xg25iYnyzWZhyQuSlDI= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.35/go.mod h1:QGF2Rs33W5MaN9gYdEQOBBFPLwTZkEhRwI33f7KIG0o= +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.15.5 h1:dMsTYzhTpsDMY79IzCh/jq1tHRwgfa15ujhKUjZk0fg= +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.15.5/go.mod h1:Lh/6ABs1m80bEB36fAW9gEPW5kSsAr7Mdn8dGyWRLp0= +github.com/aws/aws-sdk-go-v2/service/shield v1.19.5 h1:zX/1OHVjTNB2D1xiQ0pByYNLbVgbl84fTj5W4tMKdAk= +github.com/aws/aws-sdk-go-v2/service/shield v1.19.5/go.mod h1:NKqcE1DkD5YSbTAR8MxhFGFDmSkGNo68/Q8hht3Mi5w= +github.com/aws/aws-sdk-go-v2/service/sso v1.13.5 h1:oCvTFSDi67AX0pOX3PuPdGFewvLRU2zzFSrTsgURNo0= +github.com/aws/aws-sdk-go-v2/service/sso v1.13.5/go.mod h1:fIAwKQKBFu90pBxx07BFOMJLpRUGu8VOzLJakeY+0K4= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.5 h1:dnInJb4S0oy8aQuri1mV6ipLlnZPfnsDNB9BGO9PDNY= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.5/go.mod h1:yygr8ACQRY2PrEcy3xsUI357stq2AxnFM6DIsR9lij4= +github.com/aws/aws-sdk-go-v2/service/storagegateway v1.19.6 h1:DfxHxomSOVAmiYb4I1IkcrKtjFrm4EHUEw/oHPuNgxI= +github.com/aws/aws-sdk-go-v2/service/storagegateway v1.19.6/go.mod h1:o3x7HLasCY8mN914V4611sbXPOE54V8t0pzCtz5bxQ0= +github.com/aws/aws-sdk-go-v2/service/sts v1.21.5 h1:CQBFElb0LS8RojMJlxRSo/HXipvTZW2S44Lt9Mk2aYQ= +github.com/aws/aws-sdk-go-v2/service/sts v1.21.5/go.mod h1:VC7JDqsqiwXukYEDjoHh9U0fOJtNWh04FPQz4ct4GGU= github.com/aws/smithy-go v1.14.2 h1:MJU9hqBGbvWZdApzpvoF2WAIJDbtjK2NDJSiJP7HblQ= github.com/aws/smithy-go v1.14.2/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= diff --git a/pkg/clients/v2/factory.go b/pkg/clients/v2/factory.go index 921940ef..1c71faa5 100644 --- a/pkg/clients/v2/factory.go +++ b/pkg/clients/v2/factory.go @@ -38,13 +38,14 @@ import ( type awsRegion = string type CachingFactory struct { - logger logging.Logger - stsRegion string - clients map[config.Role]map[awsRegion]*cachedClients - mu sync.Mutex - refreshed bool - cleared bool - fipsEnabled bool + logger logging.Logger + stsRegion string + clients map[config.Role]map[awsRegion]*cachedClients + mu sync.Mutex + refreshed bool + cleared bool + fipsEnabled bool + endpointURLOverride string } type cachedClients struct { @@ -79,13 +80,6 @@ func NewFactory(cfg config.ScrapeConf, fips bool, logger logging.Logger) (*Cachi options = append(options, aws_config.WithLogConfigurationWarnings(true)) endpointURLOverride := os.Getenv("AWS_ENDPOINT_URL") - if endpointURLOverride != "" { - options = append(options, aws_config.WithEndpointResolverWithOptions(aws.EndpointResolverWithOptionsFunc(func(service, region string, options ...interface{}) (aws.Endpoint, error) { - return aws.Endpoint{ - URL: endpointURLOverride, - }, nil - }))) - } options = append(options, aws_config.WithRetryMaxAttempts(5)) @@ -147,10 +141,11 @@ func NewFactory(cfg config.ScrapeConf, fips bool, logger logging.Logger) (*Cachi } return &CachingFactory{ - logger: logger, - clients: cache, - stsRegion: cfg.StsRegion, - fipsEnabled: fips, + logger: logger, + clients: cache, + stsRegion: cfg.StsRegion, + fipsEnabled: fips, + endpointURLOverride: endpointURLOverride, }, nil } @@ -272,6 +267,9 @@ func (c *CachingFactory) createCloudwatchClient(regionConfig *aws.Config) *cloud if c.logger.IsDebugEnabled() { options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody } + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } // Setting an explicit retryer will override the default settings on the config options.Retryer = retry.NewStandard(func(options *retry.StandardOptions) { @@ -289,11 +287,13 @@ func (c *CachingFactory) createTaggingClient(regionConfig *aws.Config) *resource return resourcegroupstaggingapi.NewFromConfig(*regionConfig, func(options *resourcegroupstaggingapi.Options) { if c.logger.IsDebugEnabled() { options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody - - // The FIPS setting is ignored because FIPS is not available for resource groups tagging apis - // If enabled the SDK will try to use non-existent FIPS URLs, https://github.com/aws/aws-sdk-go-v2/issues/2138#issuecomment-1570791988 - // AWS FIPS Reference: https://aws.amazon.com/compliance/fips/ } + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } + // The FIPS setting is ignored because FIPS is not available for resource groups tagging apis + // If enabled the SDK will try to use non-existent FIPS URLs, https://github.com/aws/aws-sdk-go-v2/issues/2138#issuecomment-1570791988 + // AWS FIPS Reference: https://aws.amazon.com/compliance/fips/ }) } @@ -301,13 +301,15 @@ func (c *CachingFactory) createAutoScalingClient(assumedConfig *aws.Config) *aut return autoscaling.NewFromConfig(*assumedConfig, func(options *autoscaling.Options) { if c.logger.IsDebugEnabled() { options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody - - // The FIPS setting is ignored because FIPS is not available for EC2 autoscaling apis - // If enabled the SDK will try to use non-existent FIPS URLs, https://github.com/aws/aws-sdk-go-v2/issues/2138#issuecomment-1570791988 - // AWS FIPS Reference: https://aws.amazon.com/compliance/fips/ - // EC2 autoscaling has FIPS compliant URLs for govcloud, but they do not use any FIPS prefixing. - // Tests ensure that this configuration will produce the correct URLs for the govcloud regions } + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } + // The FIPS setting is ignored because FIPS is not available for EC2 autoscaling apis + // If enabled the SDK will try to use non-existent FIPS URLs, https://github.com/aws/aws-sdk-go-v2/issues/2138#issuecomment-1570791988 + // AWS FIPS Reference: https://aws.amazon.com/compliance/fips/ + // EC2 autoscaling has FIPS compliant URLs for govcloud, but they do not use any FIPS prefixing, and should work + // with sdk v2s EndpointResolverV2 }) } @@ -316,6 +318,9 @@ func (c *CachingFactory) createEC2Client(assumedConfig *aws.Config) *ec2.Client if c.logger.IsDebugEnabled() { options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody } + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } if c.fipsEnabled { options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled } @@ -327,6 +332,9 @@ func (c *CachingFactory) createDMSClient(assumedConfig *aws.Config) *databasemig if c.logger.IsDebugEnabled() { options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody } + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } if c.fipsEnabled { options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled } @@ -338,6 +346,9 @@ func (c *CachingFactory) createAPIGatewayClient(assumedConfig *aws.Config) *apig if c.logger.IsDebugEnabled() { options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody } + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } if c.fipsEnabled { options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled } @@ -349,6 +360,9 @@ func (c *CachingFactory) createAPIGatewayV2Client(assumedConfig *aws.Config) *ap if c.logger.IsDebugEnabled() { options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody } + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } if c.fipsEnabled { options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled } @@ -360,6 +374,9 @@ func (c *CachingFactory) createStorageGatewayClient(assumedConfig *aws.Config) * if c.logger.IsDebugEnabled() { options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody } + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } if c.fipsEnabled { options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled } @@ -371,7 +388,9 @@ func (c *CachingFactory) createPrometheusClient(assumedConfig *aws.Config) *amp. if c.logger.IsDebugEnabled() { options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody } - + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } // The FIPS setting is ignored because FIPS is not available for amp apis // If enabled the SDK will try to use non-existent FIPS URLs, https://github.com/aws/aws-sdk-go-v2/issues/2138#issuecomment-1570791988 // AWS FIPS Reference: https://aws.amazon.com/compliance/fips/ @@ -383,6 +402,12 @@ func (c *CachingFactory) createStsClient(awsConfig *aws.Config) *sts.Client { if c.stsRegion != "" { options.Region = c.stsRegion } + if c.logger.IsDebugEnabled() { + options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody + } + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } if c.fipsEnabled { options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled } @@ -394,6 +419,9 @@ func (c *CachingFactory) createShieldClient(awsConfig *aws.Config) *shield.Clien if c.logger.IsDebugEnabled() { options.ClientLogMode = aws.LogRequestWithBody | aws.LogResponseWithBody } + if c.endpointURLOverride != "" { + options.BaseEndpoint = aws.String(c.endpointURLOverride) + } if c.fipsEnabled { options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled } diff --git a/pkg/clients/v2/factory_test.go b/pkg/clients/v2/factory_test.go index 09bf6c2a..88c1d4c1 100644 --- a/pkg/clients/v2/factory_test.go +++ b/pkg/clients/v2/factory_test.go @@ -2,7 +2,6 @@ package v2 import ( "context" - "os" "reflect" "testing" "unsafe" @@ -148,21 +147,6 @@ func TestNewClientCache_initializes_clients(t *testing.T) { } } -func TestNewClientCache_sets_endpoint_override(t *testing.T) { - err := os.Setenv("AWS_ENDPOINT_URL", "https://totallynotaws.com") - require.NoError(t, err) - - output, err := NewFactory(configWithDefaultRoleAndRegion1, false, logging.NewNopLogger()) - require.NoError(t, err) - - err = os.Unsetenv("AWS_ENDPOINT_URL") - require.NoError(t, err) - - clients := output.clients[defaultRole]["region1"] - assert.NotNil(t, clients) - assert.NotNil(t, clients.awsConfig.EndpointResolverWithOptions) -} - func TestClientCache_Clear(t *testing.T) { cache := &CachingFactory{ logger: logging.NewNopLogger(), @@ -396,7 +380,7 @@ func TestClientCache_createTaggingClient_DoesNotEnableFIPS(t *testing.T) { assert.Equal(t, options.EndpointOptions.UseFIPSEndpoint, aws.FIPSEndpointStateUnset) } -func TestClientCache_createAutoScalingClient(t *testing.T) { +func TestClientCache_createAutoScalingClient_DoesNotEnableFIPS(t *testing.T) { factory, err := NewFactory(configWithDefaultRoleAndRegion1, true, logging.NewNopLogger()) require.NoError(t, err) @@ -406,19 +390,7 @@ func TestClientCache_createAutoScalingClient(t *testing.T) { options := getOptions[autoscaling.Client, autoscaling.Options](client) require.NotNil(t, options) - t.Run("Does not enable FIPS", func(t *testing.T) { - assert.Equal(t, options.EndpointOptions.UseFIPSEndpoint, aws.FIPSEndpointStateUnset) - }) - - t.Run("Can resolve govcloud urls", func(t *testing.T) { - endpoint, err := options.EndpointResolver.ResolveEndpoint("us-gov-east-1", options.EndpointOptions) - assert.NoError(t, err) - assert.Equal(t, "https://autoscaling.us-gov-east-1.amazonaws.com", endpoint.URL) - - endpoint, err = options.EndpointResolver.ResolveEndpoint("us-gov-west-1", options.EndpointOptions) - assert.NoError(t, err) - assert.Equal(t, "https://autoscaling.us-gov-west-1.amazonaws.com", endpoint.URL) - }) + assert.Equal(t, options.EndpointOptions.UseFIPSEndpoint, aws.FIPSEndpointStateUnset) } func TestClientCache_createEC2Client_EnablesFIPS(t *testing.T) {