diff --git a/go.mod b/go.mod index a0d9b3827..0e9dd5390 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/aws/aws-sdk-go-v2 v1.38.0 github.com/aws/aws-sdk-go-v2/config v1.30.1 github.com/aws/aws-sdk-go-v2/service/ec2 v1.243.0 - github.com/aws/aws-sdk-go-v2/service/ssm v1.61.0 + github.com/aws/aws-sdk-go-v2/service/ssm v1.63.0 github.com/mattn/go-isatty v0.0.20 github.com/onsi/ginkgo/v2 v2.23.4 github.com/onsi/gomega v1.38.0 diff --git a/go.sum b/go.sum index 62f886dc8..5b160d1da 100644 --- a/go.sum +++ b/go.sum @@ -18,8 +18,8 @@ github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.0 h1:6+lZi2J github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.0/go.mod h1:eb3gfbVIxIoGgJsi9pGne19dhCBpK6opTYpQqAmdy44= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.3 h1:ieRzyHXypu5ByllM7Sp4hC5f/1Fy5wqxqY0yB85hC7s= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.3/go.mod h1:O5ROz8jHiOAKAwx179v+7sHMhfobFVi6nZt8DEyiYoM= -github.com/aws/aws-sdk-go-v2/service/ssm v1.61.0 h1:JRd8S8zteNH3TB2LgA8woCObScv/LImxfNyr+bE7jKw= -github.com/aws/aws-sdk-go-v2/service/ssm v1.61.0/go.mod h1:4xJVAEeQ2GRGZW7nSyOYXFHdxHf2mkz16+hm7Z+acgU= +github.com/aws/aws-sdk-go-v2/service/ssm v1.63.0 h1:1T8wFNEtOP4lgLC7v8Fzgbb4kFrMmnscG7kOqkbA26c= +github.com/aws/aws-sdk-go-v2/service/ssm v1.63.0/go.mod h1:CDVmu8K5JKdgdJakdZ9gC3K6OJ/+izv/kUncFeGRIj4= github.com/aws/aws-sdk-go-v2/service/sso v1.26.1 h1:uWaz3DoNK9MNhm7i6UGxqufwu3BEuJZm72WlpGwyVtY= github.com/aws/aws-sdk-go-v2/service/sso v1.26.1/go.mod h1:ILpVNjL0BO+Z3Mm0SbEeUoYS9e0eJWV1BxNppp0fcb8= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.31.1 h1:XdG6/o1/ZDmn3wJU5SRAejHaWgKS4zHv0jBamuKuS2k= diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/CHANGELOG.md index 4caa92520..12854132b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/CHANGELOG.md @@ -1,3 +1,17 @@ +# v1.63.0 (2025-08-11) + +* **Feature**: Add support for configuring per-service Options via callback on global config. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.62.0 (2025-08-04) + +* **Feature**: Support configurable auth scheme preferences in service clients via AWS_AUTH_SCHEME_PREFERENCE in the environment, auth_scheme_preference in the config file, and through in-code settings on LoadDefaultConfig and client constructor methods. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.61.1 (2025-07-30) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.61.0 (2025-07-28) * **Feature**: Add support for HTTP interceptors. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_client.go index 3ad1ee4bb..2002321db 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_client.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_client.go @@ -424,15 +424,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AuthSchemePreference: cfg.AuthSchemePreference, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -442,7 +443,14 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { resolveUseDualStackEndpoint(cfg, &opts) resolveUseFIPSEndpoint(cfg, &opts) resolveBaseEndpoint(cfg, &opts) - return New(opts, optFns...) + return New(opts, func(o *Options) { + for _, opt := range cfg.ServiceOptions { + opt(ServiceID, o) + } + for _, opt := range optFns { + opt(o) + } + }) } func resolveHTTPClient(o *Options) { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/auth.go index b081fc3c4..6147fb216 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/auth.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/auth.go @@ -12,6 +12,8 @@ import ( "github.com/aws/smithy-go/middleware" "github.com/aws/smithy-go/tracing" smithyhttp "github.com/aws/smithy-go/transport/http" + "slices" + "strings" ) func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { @@ -169,7 +171,8 @@ func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in mid } func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { - for _, option := range options { + sorted := sortAuthOptions(options, m.options.AuthSchemePreference) + for _, option := range sorted { if option.SchemeID == smithyauth.SchemeIDAnonymous { return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true } @@ -188,6 +191,29 @@ func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) return nil, false } +func sortAuthOptions(options []*smithyauth.Option, preferred []string) []*smithyauth.Option { + byPriority := make([]*smithyauth.Option, 0, len(options)) + for _, prefName := range preferred { + for _, option := range options { + optName := option.SchemeID + if parts := strings.Split(option.SchemeID, "#"); len(parts) == 2 { + optName = parts[1] + } + if prefName == optName { + byPriority = append(byPriority, option) + } + } + } + for _, option := range options { + if !slices.ContainsFunc(byPriority, func(o *smithyauth.Option) bool { + return o.SchemeID == option.SchemeID + }) { + byPriority = append(byPriority, option) + } + } + return byPriority +} + type resolvedAuthSchemeKey struct{} type resolvedAuthScheme struct { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/go_module_metadata.go index 15dd8ad98..5f8155399 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/go_module_metadata.go @@ -3,4 +3,4 @@ package ssm // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.61.0" +const goModuleVersion = "1.63.0" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/options.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/options.go index 5cd1d62ea..7e3ac7ab1 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/options.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/options.go @@ -132,6 +132,9 @@ type Options struct { // The list of auth schemes supported by the client. AuthSchemes []smithyhttp.AuthScheme + + // Priority list of preferred auth scheme names (e.g. sigv4a). + AuthSchemePreference []string } // Copy creates a clone where the APIOptions list is deep copied. diff --git a/vendor/modules.txt b/vendor/modules.txt index 2cd675371..0913ce226 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -61,7 +61,7 @@ github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding # github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.3 ## explicit; go 1.22 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url -# github.com/aws/aws-sdk-go-v2/service/ssm v1.61.0 +# github.com/aws/aws-sdk-go-v2/service/ssm v1.63.0 ## explicit; go 1.22 github.com/aws/aws-sdk-go-v2/service/ssm github.com/aws/aws-sdk-go-v2/service/ssm/internal/endpoints