Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement configuration assume role duration, policy ARNs, tags, and transitive tag keys #39

Merged
merged 3 commits into from
Jun 3, 2020
Merged

Implement configuration assume role duration, policy ARNs, tags, and transitive tag keys #39

merged 3 commits into from
Jun 3, 2020

Conversation

bflad
Copy link
Contributor

@bflad bflad commented Jun 2, 2020

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #11
Closes #21
Closes #34

AWS Go SDK version increase to current latest to ensure we have a version with these STS features.

Updated via:

go get github.com/aws/aws-sdk-go@v1.31.9
go mod tidy

@bflad bflad added the enhancement New feature or request label Jun 2, 2020
@bflad bflad added this to the v0.5.0 milestone Jun 2, 2020
@bflad bflad requested a review from a team June 2, 2020 23:03
bflad added 3 commits June 3, 2020 13:44
@bflad
deps: Update github.com/aws/aws-sdk-go@v1.31.9
aece8af 
To ensure we have all the latest and greatest STS features and prevent any confusion over the AWS Go SDK version minimum in this libary.

Updated via:

```
go get github.com/aws/aws-sdk-go@v1.31.9
go mod tidy
```
@bflad
Implement assume role duration, policy ARNs, tags, and transitive tag…
67ffd6f 
… keys support

Reference: #11
Reference: #21
Reference: #34
@bflad
mock: Support EC2 Instance Metadata Service v2 /api/token endpoint
c1af854 
Otherwise, the updated AWS Go SDK EC2 Metadata client would return errors against the mock server.

```
=== RUN   TestGetSession/EC2_metadata_access_key
2020/06/02 19:07:53 [INFO] Attempting to use session-derived credentials
2020/06/02 19:07:53 [INFO] Setting custom EC2 metadata endpoint: http://127.0.0.1:60498/latest
2020/06/02 19:07:53 [DEBUG] Mock EC2 metadata server received request: /latest/api/token
2020/06/02 19:07:53 [DEBUG] Mock EC2 metadata server received request: /latest/api/token
2020/06/02 19:07:53 [DEBUG] Mock EC2 metadata server received request: /latest/api/token
2020/06/02 19:07:53 [INFO] Attempting to use metadata-derived credentials
2020/06/02 19:07:53 [INFO] Setting AWS metadata API timeout to 100ms
2020/06/02 19:07:53 [INFO] Setting custom metadata endpoint: "http://127.0.0.1:60498/latest"
2020/06/02 19:07:53 [DEBUG] Mock EC2 metadata server received request: /latest/api/token
2020/06/02 19:07:53 [DEBUG] Mock EC2 metadata server received request: /latest/api/token
2020/06/02 19:07:53 [DEBUG] Mock EC2 metadata server received request: /latest/api/token
2020/06/02 19:07:53 [DEBUG] Mock EC2 metadata server received request: /latest/api/token
2020/06/02 19:07:53 [INFO] Ignoring AWS metadata API endpoint at http://127.0.0.1:60498/latest as it doesn't return any instance-id
    TestGetSession/EC2_metadata_access_key: session_test.go:1013: expected no error, got error: No valid credential sources found for AWS Provider.
        	Please see https://terraform.io/docs/providers/aws/index.html for more information on
        	providing credentials for the AWS Provider
```
@bflad bflad force-pushed the f-assume-role-additional-configurations branch from 2355871 to c1af854 Compare June 3, 2020 17:44
gdavison
gdavison approved these changes Jun 3, 2020
View reviewed changes
Copy link
Contributor

@gdavison gdavison left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀

@bflad bflad merged commit 5659c74 into master Jun 3, 2020
@bflad bflad deleted the f-assume-role-additional-configurations branch June 3, 2020 20:08
bflad added a commit that referenced this pull request Jun 3, 2020
@bflad
Update CHANGELOG for #39
0bf1934
@ewbankkit ewbankkit mentioned this pull request Jun 5, 2020
Closed
bflad added a commit that referenced this pull request Jun 15, 2020
@bflad
Add GetSession() testing for assume role policy, policy ARNs, tags, a…
579ce48 
…nd transitive tag keys

Reference: #39
@bflad bflad mentioned this pull request Jun 15, 2020
Merged
bflad added a commit that referenced this pull request Jul 7, 2020
@bflad
Create and export constants to simplify mock handling, additional ass…
cc3a73c 
…ume role testing (#45)

* Create and export constants to simplify mock handling

Allows downstream codebases to reuse the mocking framework.

* Add GetSession() testing for assume role policy, policy ARNs, tags, and transitive tag keys

Reference: #39

* Remove now extraneous stsResponse_GetCallerIdentity_valid_expectedPartition constant
PhillipGameDev added a commit to PhillipGameDev/AWS-SDK-GO-BACKEND that referenced this pull request Dec 10, 2024
@PhillipGameDev
Create and export constants to simplify mock handling, additional ass…
a271a97 
…ume role testing (#45)

* Create and export constants to simplify mock handling

Allows downstream codebases to reuse the mocking framework.

* Add GetSession() testing for assume role policy, policy ARNs, tags, and transitive tag keys

Reference: hashicorp/aws-sdk-go-base#39

* Remove now extraneous stsResponse_GetCallerIdentity_valid_expectedPartition constant
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gdavison gdavison gdavison approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
v0.5.0
2 participants
@bflad @gdavison