-
Notifications
You must be signed in to change notification settings - Fork 9.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update github.com/aws/aws-sdk-go to v1.30.9 #24710
Conversation
Codecov Report
|
Reference: #24710 Reference: #24741 Changes: ``` NOTES: * backend/s3: Region validation now automatically supports the new `af-south-1` (Africa (Cape Town)) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the [AWS Documentation](https://docs.aws.amazon.com/general/latest/gr/rande-manage.html#rande-manage-enable). When the region is not enabled, the Terraform S3 Backend will return errors during credential validation (e.g. `error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid`). ENHANCEMENTS: * backend/s3: Support automatic region validation for `af-south-1` * backend/s3: Support Client Side Metrics (CSM) options from shared configuration file * backend/s3: Support IAM Roles for Service Accounts (IRSA) via `AWS_ROLE_ARN` and `AWS_WEB_IDENTITY_TOKEN_FILE` environment variables ``` Updated via: ```console $ go get github.com/aws/aws-sdk-go@v1.30.12 $ go mod tidy $ go mod vendor ``` Output from acceptance testing: ```console $ TF_ACC=1 go test -v ./backend/remote-state/s3 | grep '^--- ' --- PASS: TestBackend_impl (0.00s) --- PASS: TestBackendConfig (1.68s) --- PASS: TestBackendConfig_invalidKey (0.00s) --- PASS: TestBackendConfig_invalidSSECustomerKeyLength (0.00s) --- PASS: TestBackendConfig_invalidSSECustomerKeyEncoding (0.00s) --- PASS: TestBackendConfig_conflictingEncryptionSchema (0.00s) --- PASS: TestBackend (15.07s) --- PASS: TestBackendLocked (26.40s) --- PASS: TestBackendSSECustomerKey (16.99s) --- PASS: TestBackendExtraPaths (12.05s) --- PASS: TestBackendPrefixInWorkspace (5.55s) --- PASS: TestKeyEnv (45.07s) --- PASS: TestRemoteClient_impl (0.00s) --- PASS: TestRemoteClient (5.39s) --- PASS: TestRemoteClientLocks (14.30s) --- PASS: TestForceUnlock (20.08s) --- PASS: TestRemoteClient_clientMD5 (16.43s) --- PASS: TestRemoteClient_stateChecksum (24.58s) ```
Hi @nicolasenno 👋 Thank you for submitting this. Your commit here will be pulled in via #24745, which bumps to v1.30.12 so we can automatically validate the |
* update github.com/aws/aws-sdk-go to v1.30.9 * deps: github.com/aws/aws-sdk-go@v1.30.12 Reference: #24710 Reference: #24741 Changes: ``` NOTES: * backend/s3: Region validation now automatically supports the new `af-south-1` (Africa (Cape Town)) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the [AWS Documentation](https://docs.aws.amazon.com/general/latest/gr/rande-manage.html#rande-manage-enable). When the region is not enabled, the Terraform S3 Backend will return errors during credential validation (e.g. `error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid`). ENHANCEMENTS: * backend/s3: Support automatic region validation for `af-south-1` ``` Updated via: ```console $ go get github.com/aws/aws-sdk-go@v1.30.12 $ go mod tidy $ go mod vendor ``` Output from acceptance testing: ```console $ TF_ACC=1 go test -v ./backend/remote-state/s3 | grep '^--- ' --- PASS: TestBackend_impl (0.00s) --- PASS: TestBackendConfig (1.68s) --- PASS: TestBackendConfig_invalidKey (0.00s) --- PASS: TestBackendConfig_invalidSSECustomerKeyLength (0.00s) --- PASS: TestBackendConfig_invalidSSECustomerKeyEncoding (0.00s) --- PASS: TestBackendConfig_conflictingEncryptionSchema (0.00s) --- PASS: TestBackend (15.07s) --- PASS: TestBackendLocked (26.40s) --- PASS: TestBackendSSECustomerKey (16.99s) --- PASS: TestBackendExtraPaths (12.05s) --- PASS: TestBackendPrefixInWorkspace (5.55s) --- PASS: TestKeyEnv (45.07s) --- PASS: TestRemoteClient_impl (0.00s) --- PASS: TestRemoteClient (5.39s) --- PASS: TestRemoteClientLocks (14.30s) --- PASS: TestForceUnlock (20.08s) --- PASS: TestRemoteClient_clientMD5 (16.43s) --- PASS: TestRemoteClient_stateChecksum (24.58s) ``` Co-authored-by: Nicola Senno <nicola.senno@workday.com>
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
This PR aims to solve issue #22992
The
aws-sdk-go
has been updated to support assuming role via AWS_ROLE_ARN and AWS_WEB_IDENTITY_TOKEN_FILE in Terraform.