-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
aws/endpoints: STS regional flag Implementation (#2779)
Implements STS regional flag, , with support for legacy and regional options. Defaults to "legacy". Legacy, will force all regions specified in aws/endpoints/sts_legacy_regions.go to resolve to the STS global endpoint, sts.amazonaws.com. This is the SDK's current behavior. Environment variable: AWS_STS_REGIONAL_ENDPOINTS=regional Shared Config flag sts_regional_endpoints=regional When the flag's value is "regional" the SDK will resolve the endpoint based on the endpoints.json model. This allows STS to update their service's modeled endpoints to be regionalized for all regions. When "regional" turned on use "aws-global" as the region to use the global endpoint.
- Loading branch information
1 parent
2a827c8
commit 84fbd57
Showing
16 changed files
with
943 additions
and
97 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,26 @@ | ||
### SDK Features | ||
|
||
### SDK Enhancements | ||
* `aws/endpoints`: Adds support for STS Regional Flags ([#2779](https://github.com/aws/aws-sdk-go/pull/2779)) | ||
* Implements STS regional flag, with support for `legacy` and `regional` options. Defaults to `legacy`. Legacy, will force all regions specified in aws/endpoints/sts_legacy_regions.go to resolve to the STS global endpoint, sts.amazonaws.com. This is the SDK's current behavior. | ||
* When the flag's value is `regional` the SDK will resolve the endpoint based on the endpoints.json model. This allows STS to update their service's modeled endpoints to be regionalized for all regions. When `regional` turned on use `aws-global` as the region to use the global endpoint. | ||
* `AWS_STS_REGIONAL_ENDPOINTS=regional` for environment, or `sts_regional_endpoints=regional` in shared config file. | ||
* The regions the SDK defaults to the STS global endpoint in `legacy` mode are: | ||
* ap-northeast-1 | ||
* ap-south-1 | ||
* ap-southeast-1 | ||
* ap-southeast-2 | ||
* aws-global | ||
* ca-central-1 | ||
* eu-central-1 | ||
* eu-north-1 | ||
* eu-west-1 | ||
* eu-west-2 | ||
* eu-west-3 | ||
* sa-east-1 | ||
* us-east-1 | ||
* us-east-2 | ||
* us-west-1 | ||
* us-west-2 | ||
|
||
### SDK Bugs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package endpoints | ||
|
||
var stsLegacyGlobalRegions = map[string]struct{}{ | ||
"ap-northeast-1": {}, | ||
"ap-south-1": {}, | ||
"ap-southeast-1": {}, | ||
"ap-southeast-2": {}, | ||
"aws-global": {}, | ||
"ca-central-1": {}, | ||
"eu-central-1": {}, | ||
"eu-north-1": {}, | ||
"eu-west-1": {}, | ||
"eu-west-2": {}, | ||
"eu-west-3": {}, | ||
"sa-east-1": {}, | ||
"us-east-1": {}, | ||
"us-east-2": {}, | ||
"us-west-1": {}, | ||
"us-west-2": {}, | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
package endpoints | ||
|
||
import "regexp" | ||
|
||
var testPartitions = partitions{ | ||
partition{ | ||
ID: "part-id", | ||
Name: "partitionName", | ||
DNSSuffix: "amazonaws.com", | ||
RegionRegex: regionRegex{ | ||
Regexp: func() *regexp.Regexp { | ||
reg, _ := regexp.Compile("^(us|eu|ap|sa|ca)\\-\\w+\\-\\d+$") | ||
return reg | ||
}(), | ||
}, | ||
Defaults: endpoint{ | ||
Hostname: "{service}.{region}.{dnsSuffix}", | ||
Protocols: []string{"https"}, | ||
SignatureVersions: []string{"v4"}, | ||
}, | ||
Regions: regions{ | ||
"us-east-1": region{ | ||
Description: "region description", | ||
}, | ||
"us-west-2": region{}, | ||
}, | ||
Services: services{ | ||
"s3": service{}, | ||
"service1": service{ | ||
Defaults: endpoint{ | ||
CredentialScope: credentialScope{ | ||
Service: "service1", | ||
}, | ||
}, | ||
Endpoints: endpoints{ | ||
"us-east-1": {}, | ||
"us-west-2": { | ||
HasDualStack: boxedTrue, | ||
DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", | ||
}, | ||
}, | ||
}, | ||
"service2": service{ | ||
Defaults: endpoint{ | ||
CredentialScope: credentialScope{ | ||
Service: "service2", | ||
}, | ||
}, | ||
}, | ||
"httpService": service{ | ||
Defaults: endpoint{ | ||
Protocols: []string{"http"}, | ||
}, | ||
}, | ||
"globalService": service{ | ||
IsRegionalized: boxedFalse, | ||
PartitionEndpoint: "aws-global", | ||
Endpoints: endpoints{ | ||
"aws-global": endpoint{ | ||
CredentialScope: credentialScope{ | ||
Region: "us-east-1", | ||
}, | ||
Hostname: "globalService.amazonaws.com", | ||
}, | ||
}, | ||
}, | ||
}, | ||
}, | ||
} |
Oops, something went wrong.