mirror of
https://github.com/status-im/consul.git
synced 2025-01-22 03:29:43 +00:00
cd1b613352
* Update AWS SDK to use PCA features. * Add AWS PCA provider * Add plumbing for config, config validation tests, add test for inheriting existing CA resources created by user * Unparallel the tests so we don't exhaust PCA limits * Merge updates * More aggressive polling; rate limit pass through on sign; Timeout on Sign and CA create * Add AWS PCA docs * Fix Vault doc typo too * Doc typo * Apply suggestions from code review Co-Authored-By: R.B. Boyer <rb@hashicorp.com> Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com> * Doc fixes; tests for erroring if State is modified via API * More review cleanup * Uncomment tests! * Minor suggested clean ups
88 lines
2.5 KiB
Go
88 lines
2.5 KiB
Go
package ec2
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/aws/aws-sdk-go/aws"
|
|
"github.com/aws/aws-sdk-go/aws/awsutil"
|
|
"github.com/aws/aws-sdk-go/aws/client"
|
|
"github.com/aws/aws-sdk-go/aws/endpoints"
|
|
"github.com/aws/aws-sdk-go/aws/request"
|
|
)
|
|
|
|
const (
|
|
// customRetryerMinRetryDelay sets min retry delay
|
|
customRetryerMinRetryDelay = 1 * time.Second
|
|
|
|
// customRetryerMaxRetryDelay sets max retry delay
|
|
customRetryerMaxRetryDelay = 8 * time.Second
|
|
)
|
|
|
|
func init() {
|
|
initRequest = func(r *request.Request) {
|
|
if r.Operation.Name == opCopySnapshot { // fill the PresignedURL parameter
|
|
r.Handlers.Build.PushFront(fillPresignedURL)
|
|
}
|
|
|
|
// only set the retryer on request if config doesn't have a retryer
|
|
if r.Config.Retryer == nil && (r.Operation.Name == opModifyNetworkInterfaceAttribute || r.Operation.Name == opAssignPrivateIpAddresses) {
|
|
r.Retryer = client.DefaultRetryer{
|
|
NumMaxRetries: client.DefaultRetryerMaxNumRetries,
|
|
MinRetryDelay: customRetryerMinRetryDelay,
|
|
MinThrottleDelay: customRetryerMinRetryDelay,
|
|
MaxRetryDelay: customRetryerMaxRetryDelay,
|
|
MaxThrottleDelay: customRetryerMaxRetryDelay,
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func fillPresignedURL(r *request.Request) {
|
|
if !r.ParamsFilled() {
|
|
return
|
|
}
|
|
|
|
origParams := r.Params.(*CopySnapshotInput)
|
|
|
|
// Stop if PresignedURL/DestinationRegion is set
|
|
if origParams.PresignedUrl != nil || origParams.DestinationRegion != nil {
|
|
return
|
|
}
|
|
|
|
origParams.DestinationRegion = r.Config.Region
|
|
newParams := awsutil.CopyOf(r.Params).(*CopySnapshotInput)
|
|
|
|
// Create a new request based on the existing request. We will use this to
|
|
// presign the CopySnapshot request against the source region.
|
|
cfg := r.Config.Copy(aws.NewConfig().
|
|
WithEndpoint("").
|
|
WithRegion(aws.StringValue(origParams.SourceRegion)))
|
|
|
|
clientInfo := r.ClientInfo
|
|
resolved, err := r.Config.EndpointResolver.EndpointFor(
|
|
clientInfo.ServiceName, aws.StringValue(cfg.Region),
|
|
func(opt *endpoints.Options) {
|
|
opt.DisableSSL = aws.BoolValue(cfg.DisableSSL)
|
|
opt.UseDualStack = aws.BoolValue(cfg.UseDualStack)
|
|
},
|
|
)
|
|
if err != nil {
|
|
r.Error = err
|
|
return
|
|
}
|
|
|
|
clientInfo.Endpoint = resolved.URL
|
|
clientInfo.SigningRegion = resolved.SigningRegion
|
|
|
|
// Presign a CopySnapshot request with modified params
|
|
req := request.New(*cfg, clientInfo, r.Handlers, r.Retryer, r.Operation, newParams, r.Data)
|
|
url, err := req.Presign(5 * time.Minute) // 5 minutes should be enough.
|
|
if err != nil { // bubble error back up to original request
|
|
r.Error = err
|
|
return
|
|
}
|
|
|
|
// We have our URL, set it on params
|
|
origParams.PresignedUrl = &url
|
|
}
|