From 222928c4e7cc17d406f6c24f2e69b6747e29d43e Mon Sep 17 00:00:00 2001 From: AWS SDK for Go v2 automation user Date: Wed, 18 Sep 2024 18:26:58 +0000 Subject: [PATCH] Regenerated Clients --- .../154d90879ee341358f2383219dd6f038.json | 8 + .../41575353444b40ffbf474f4155544f00.json | 8 + .../451e37af617741c895b2ff5607e5f8f6.json | 8 + .../67f008b7953743f7bea5b92191ad8d30.json | 8 + .../83877ff1d56c4747846a0dffc68e68c4.json | 8 + .../9f065e4055f64f9d90cf6ff5817083e3.json | 8 + .../a0c3a91f38844c49a4536493cc18076c.json | 8 + .../fa2d55ff1fdf42b09b4cc45a049641ab.json | 8 + .../attributevalue/go_module_metadata.go | 2 +- .../costexplorer/api_op_GetDimensionValues.go | 4 +- service/costexplorer/deserializers.go | 126 + service/costexplorer/types/types.go | 71 +- .../directoryservice/api_op_AddIpRoutes.go | 51 +- .../directoryservice/api_op_CreateTrust.go | 4 +- .../api_op_DescribeDirectoryDataAccess.go | 143 + .../api_op_DisableClientAuthentication.go | 4 +- .../api_op_DisableDirectoryDataAccess.go | 138 + .../api_op_EnableDirectoryDataAccess.go | 138 + .../api_op_ResetUserPassword.go | 3 +- service/directoryservice/deserializers.go | 471 ++ service/directoryservice/generated.json | 3 + service/directoryservice/serializers.go | 201 + ...api_op_DescribeDirectoryDataAccess.go.snap | 36 + .../api_op_DisableDirectoryDataAccess.go.snap | 36 + .../api_op_EnableDirectoryDataAccess.go.snap | 36 + service/directoryservice/snapshot_test.go | 72 + service/directoryservice/types/enums.go | 29 + service/directoryservice/types/errors.go | 4 +- service/directoryservice/types/types.go | 9 +- service/directoryservice/validators.go | 117 + service/directoryservicedata/LICENSE.txt | 202 + service/directoryservicedata/api_client.go | 624 +++ .../directoryservicedata/api_client_test.go | 127 + .../api_op_AddGroupMember.go | 207 + .../api_op_CreateGroup.go | 219 + .../directoryservicedata/api_op_CreateUser.go | 223 + .../api_op_DeleteGroup.go | 194 + .../directoryservicedata/api_op_DeleteUser.go | 194 + .../api_op_DescribeGroup.go | 190 + .../api_op_DescribeUser.go | 202 + .../api_op_DisableUser.go | 198 + .../api_op_ListGroupMembers.go | 283 ++ .../directoryservicedata/api_op_ListGroups.go | 268 ++ .../api_op_ListGroupsForMember.go | 288 ++ .../directoryservicedata/api_op_ListUsers.go | 268 ++ .../api_op_RemoveGroupMember.go | 205 + .../api_op_SearchGroups.go | 289 ++ .../api_op_SearchUsers.go | 289 ++ .../api_op_UpdateGroup.go | 214 + .../directoryservicedata/api_op_UpdateUser.go | 218 + service/directoryservicedata/auth.go | 284 ++ service/directoryservicedata/deserializers.go | 4022 +++++++++++++++++ service/directoryservicedata/doc.go | 60 + service/directoryservicedata/endpoints.go | 527 +++ .../endpoints_config_test.go | 139 + .../directoryservicedata/endpoints_test.go | 820 ++++ service/directoryservicedata/generated.json | 50 + service/directoryservicedata/go.mod | 16 + service/directoryservicedata/go.sum | 2 + .../go_module_metadata.go | 6 + .../internal/endpoints/endpoints.go | 296 ++ .../internal/endpoints/endpoints_test.go | 11 + service/directoryservicedata/options.go | 228 + service/directoryservicedata/protocol_test.go | 3 + service/directoryservicedata/serializers.go | 1775 ++++++++ .../snapshot/api_op_AddGroupMember.go.snap | 37 + .../snapshot/api_op_CreateGroup.go.snap | 37 + .../snapshot/api_op_CreateUser.go.snap | 37 + .../snapshot/api_op_DeleteGroup.go.snap | 37 + .../snapshot/api_op_DeleteUser.go.snap | 37 + .../snapshot/api_op_DescribeGroup.go.snap | 36 + .../snapshot/api_op_DescribeUser.go.snap | 36 + .../snapshot/api_op_DisableUser.go.snap | 37 + .../snapshot/api_op_ListGroupMembers.go.snap | 36 + .../snapshot/api_op_ListGroups.go.snap | 36 + .../api_op_ListGroupsForMember.go.snap | 36 + .../snapshot/api_op_ListUsers.go.snap | 36 + .../snapshot/api_op_RemoveGroupMember.go.snap | 37 + .../snapshot/api_op_SearchGroups.go.snap | 36 + .../snapshot/api_op_SearchUsers.go.snap | 36 + .../snapshot/api_op_UpdateGroup.go.snap | 37 + .../snapshot/api_op_UpdateUser.go.snap | 37 + service/directoryservicedata/snapshot_test.go | 470 ++ service/directoryservicedata/types/enums.go | 178 + service/directoryservicedata/types/errors.go | 219 + service/directoryservicedata/types/types.go | 239 + .../types/types_exported_test.go | 38 + service/directoryservicedata/validators.go | 730 +++ service/guardduty/deserializers.go | 11 +- service/guardduty/types/types.go | 3 + service/mailmanager/api_op_UpdateRuleSet.go | 2 +- service/mailmanager/deserializers.go | 14 +- service/mailmanager/doc.go | 8 +- service/mailmanager/serializers.go | 4 + service/mailmanager/types/types.go | 10 + .../mailmanager/types/types_exported_test.go | 4 + .../api_op_RestoreDBInstanceFromDBSnapshot.go | 8 + service/s3/api_op_CompleteMultipartUpload.go | 50 +- service/s3/api_op_CopyObject.go | 125 +- service/s3/api_op_CreateMultipartUpload.go | 151 +- service/s3/api_op_CreateSession.go | 190 +- service/s3/api_op_DeleteBucketEncryption.go | 54 +- service/s3/api_op_GetBucketEncryption.go | 51 +- service/s3/api_op_GetObject.go | 29 +- service/s3/api_op_GetObjectAttributes.go | 32 +- service/s3/api_op_HeadObject.go | 35 +- service/s3/api_op_PutBucketEncryption.go | 128 +- service/s3/api_op_PutObject.go | 156 +- service/s3/api_op_UploadPart.go | 23 +- service/s3/api_op_UploadPartCopy.go | 40 +- service/s3/deserializers.go | 36 + service/s3/serializers.go | 20 + service/s3/types/types.go | 110 +- 113 files changed, 18330 insertions(+), 362 deletions(-) create mode 100644 .changelog/154d90879ee341358f2383219dd6f038.json create mode 100644 .changelog/41575353444b40ffbf474f4155544f00.json create mode 100644 .changelog/451e37af617741c895b2ff5607e5f8f6.json create mode 100644 .changelog/67f008b7953743f7bea5b92191ad8d30.json create mode 100644 .changelog/83877ff1d56c4747846a0dffc68e68c4.json create mode 100644 .changelog/9f065e4055f64f9d90cf6ff5817083e3.json create mode 100644 .changelog/a0c3a91f38844c49a4536493cc18076c.json create mode 100644 .changelog/fa2d55ff1fdf42b09b4cc45a049641ab.json create mode 100644 service/directoryservice/api_op_DescribeDirectoryDataAccess.go create mode 100644 service/directoryservice/api_op_DisableDirectoryDataAccess.go create mode 100644 service/directoryservice/api_op_EnableDirectoryDataAccess.go create mode 100644 service/directoryservice/snapshot/api_op_DescribeDirectoryDataAccess.go.snap create mode 100644 service/directoryservice/snapshot/api_op_DisableDirectoryDataAccess.go.snap create mode 100644 service/directoryservice/snapshot/api_op_EnableDirectoryDataAccess.go.snap create mode 100644 service/directoryservicedata/LICENSE.txt create mode 100644 service/directoryservicedata/api_client.go create mode 100644 service/directoryservicedata/api_client_test.go create mode 100644 service/directoryservicedata/api_op_AddGroupMember.go create mode 100644 service/directoryservicedata/api_op_CreateGroup.go create mode 100644 service/directoryservicedata/api_op_CreateUser.go create mode 100644 service/directoryservicedata/api_op_DeleteGroup.go create mode 100644 service/directoryservicedata/api_op_DeleteUser.go create mode 100644 service/directoryservicedata/api_op_DescribeGroup.go create mode 100644 service/directoryservicedata/api_op_DescribeUser.go create mode 100644 service/directoryservicedata/api_op_DisableUser.go create mode 100644 service/directoryservicedata/api_op_ListGroupMembers.go create mode 100644 service/directoryservicedata/api_op_ListGroups.go create mode 100644 service/directoryservicedata/api_op_ListGroupsForMember.go create mode 100644 service/directoryservicedata/api_op_ListUsers.go create mode 100644 service/directoryservicedata/api_op_RemoveGroupMember.go create mode 100644 service/directoryservicedata/api_op_SearchGroups.go create mode 100644 service/directoryservicedata/api_op_SearchUsers.go create mode 100644 service/directoryservicedata/api_op_UpdateGroup.go create mode 100644 service/directoryservicedata/api_op_UpdateUser.go create mode 100644 service/directoryservicedata/auth.go create mode 100644 service/directoryservicedata/deserializers.go create mode 100644 service/directoryservicedata/doc.go create mode 100644 service/directoryservicedata/endpoints.go create mode 100644 service/directoryservicedata/endpoints_config_test.go create mode 100644 service/directoryservicedata/endpoints_test.go create mode 100644 service/directoryservicedata/generated.json create mode 100644 service/directoryservicedata/go.mod create mode 100644 service/directoryservicedata/go.sum create mode 100644 service/directoryservicedata/go_module_metadata.go create mode 100644 service/directoryservicedata/internal/endpoints/endpoints.go create mode 100644 service/directoryservicedata/internal/endpoints/endpoints_test.go create mode 100644 service/directoryservicedata/options.go create mode 100644 service/directoryservicedata/protocol_test.go create mode 100644 service/directoryservicedata/serializers.go create mode 100644 service/directoryservicedata/snapshot/api_op_AddGroupMember.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_CreateGroup.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_CreateUser.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_DeleteGroup.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_DeleteUser.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_DescribeGroup.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_DescribeUser.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_DisableUser.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_ListGroupMembers.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_ListGroups.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_ListGroupsForMember.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_ListUsers.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_RemoveGroupMember.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_SearchGroups.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_SearchUsers.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_UpdateGroup.go.snap create mode 100644 service/directoryservicedata/snapshot/api_op_UpdateUser.go.snap create mode 100644 service/directoryservicedata/snapshot_test.go create mode 100644 service/directoryservicedata/types/enums.go create mode 100644 service/directoryservicedata/types/errors.go create mode 100644 service/directoryservicedata/types/types.go create mode 100644 service/directoryservicedata/types/types_exported_test.go create mode 100644 service/directoryservicedata/validators.go diff --git a/.changelog/154d90879ee341358f2383219dd6f038.json b/.changelog/154d90879ee341358f2383219dd6f038.json new file mode 100644 index 00000000000..0d09eaee63f --- /dev/null +++ b/.changelog/154d90879ee341358f2383219dd6f038.json @@ -0,0 +1,8 @@ +{ + "id": "154d9087-9ee3-4135-8f23-83219dd6f038", + "type": "feature", + "description": "This release extends the GetReservationPurchaseRecommendation API to support recommendations for Amazon DynamoDB reservations.", + "modules": [ + "service/costexplorer" + ] +} \ No newline at end of file diff --git a/.changelog/41575353444b40ffbf474f4155544f00.json b/.changelog/41575353444b40ffbf474f4155544f00.json new file mode 100644 index 00000000000..8b0a8b616a7 --- /dev/null +++ b/.changelog/41575353444b40ffbf474f4155544f00.json @@ -0,0 +1,8 @@ +{ + "id": "41575353-444b-40ff-bf47-4f4155544f00", + "type": "release", + "description": "New AWS service client module", + "modules": [ + "service/directoryservicedata" + ] +} \ No newline at end of file diff --git a/.changelog/451e37af617741c895b2ff5607e5f8f6.json b/.changelog/451e37af617741c895b2ff5607e5f8f6.json new file mode 100644 index 00000000000..9f95d20f56f --- /dev/null +++ b/.changelog/451e37af617741c895b2ff5607e5f8f6.json @@ -0,0 +1,8 @@ +{ + "id": "451e37af-6177-41c8-95b2-ff5607e5f8f6", + "type": "feature", + "description": "Add `launchType` and `sourceIPs` fields to GuardDuty findings.", + "modules": [ + "service/guardduty" + ] +} \ No newline at end of file diff --git a/.changelog/67f008b7953743f7bea5b92191ad8d30.json b/.changelog/67f008b7953743f7bea5b92191ad8d30.json new file mode 100644 index 00000000000..ad7ce67815e --- /dev/null +++ b/.changelog/67f008b7953743f7bea5b92191ad8d30.json @@ -0,0 +1,8 @@ +{ + "id": "67f008b7-9537-43f7-bea5-b92191ad8d30", + "type": "feature", + "description": "Introduce a new RuleSet condition evaluation, where customers can set up a StringExpression with a MimeHeader condition. This condition will perform the necessary validation based on the X-header provided by customers.", + "modules": [ + "service/mailmanager" + ] +} \ No newline at end of file diff --git a/.changelog/83877ff1d56c4747846a0dffc68e68c4.json b/.changelog/83877ff1d56c4747846a0dffc68e68c4.json new file mode 100644 index 00000000000..cf9d62d9c0b --- /dev/null +++ b/.changelog/83877ff1d56c4747846a0dffc68e68c4.json @@ -0,0 +1,8 @@ +{ + "id": "83877ff1-d56c-4747-846a-0dffc68e68c4", + "type": "feature", + "description": "Added new AWS Directory Service Data API, enabling you to manage data stored in AWS Directory Service directories. This includes APIs for creating, reading, updating, and deleting directory users, groups, and group memberships.", + "modules": [ + "service/directoryservicedata" + ] +} \ No newline at end of file diff --git a/.changelog/9f065e4055f64f9d90cf6ff5817083e3.json b/.changelog/9f065e4055f64f9d90cf6ff5817083e3.json new file mode 100644 index 00000000000..06b629d8041 --- /dev/null +++ b/.changelog/9f065e4055f64f9d90cf6ff5817083e3.json @@ -0,0 +1,8 @@ +{ + "id": "9f065e40-55f6-4f9d-90cf-6ff5817083e3", + "type": "feature", + "description": "Added SSE-KMS support for directory buckets.", + "modules": [ + "service/s3" + ] +} \ No newline at end of file diff --git a/.changelog/a0c3a91f38844c49a4536493cc18076c.json b/.changelog/a0c3a91f38844c49a4536493cc18076c.json new file mode 100644 index 00000000000..d9b08dd75c5 --- /dev/null +++ b/.changelog/a0c3a91f38844c49a4536493cc18076c.json @@ -0,0 +1,8 @@ +{ + "id": "a0c3a91f-3884-4c49-a453-6493cc18076c", + "type": "documentation", + "description": "Updates Amazon RDS documentation with information upgrading snapshots with unsupported engine versions for RDS for MySQL and RDS for PostgreSQL.", + "modules": [ + "service/rds" + ] +} \ No newline at end of file diff --git a/.changelog/fa2d55ff1fdf42b09b4cc45a049641ab.json b/.changelog/fa2d55ff1fdf42b09b4cc45a049641ab.json new file mode 100644 index 00000000000..71b95efed65 --- /dev/null +++ b/.changelog/fa2d55ff1fdf42b09b4cc45a049641ab.json @@ -0,0 +1,8 @@ +{ + "id": "fa2d55ff-1fdf-42b0-9b4c-c45a049641ab", + "type": "feature", + "description": "Added new APIs for enabling, disabling, and describing access to the AWS Directory Service Data API", + "modules": [ + "service/directoryservice" + ] +} \ No newline at end of file diff --git a/feature/dynamodbstreams/attributevalue/go_module_metadata.go b/feature/dynamodbstreams/attributevalue/go_module_metadata.go index ab85bfbbd26..76dae59b430 100644 --- a/feature/dynamodbstreams/attributevalue/go_module_metadata.go +++ b/feature/dynamodbstreams/attributevalue/go_module_metadata.go @@ -3,4 +3,4 @@ package attributevalue // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.14.15" +const goModuleVersion = "1.15.4" diff --git a/service/costexplorer/api_op_GetDimensionValues.go b/service/costexplorer/api_op_GetDimensionValues.go index 310918e8182..b33d158f089 100644 --- a/service/costexplorer/api_op_GetDimensionValues.go +++ b/service/costexplorer/api_op_GetDimensionValues.go @@ -62,10 +62,10 @@ type GetDimensionValuesInput struct { // Possible values are the following: // // - Amazon Web Services(Amazon Web Services): The entity that sells Amazon Web - // Services. + // Servicesservices. // // - AISPL (Amazon Internet Services Pvt. Ltd.): The local Indian entity that's an - // acting reseller for Amazon Web Services in India. + // acting reseller for Amazon Web Servicesservices in India. // // - Amazon Web Services Marketplace: The entity that supports the sale of // solutions that are built on Amazon Web Services by third-party software diff --git a/service/costexplorer/deserializers.go b/service/costexplorer/deserializers.go index c30c7a91a3e..c1a2aed0941 100644 --- a/service/costexplorer/deserializers.go +++ b/service/costexplorer/deserializers.go @@ -7501,6 +7501,55 @@ func awsAwsjson11_deserializeDocumentDiskResourceUtilization(v **types.DiskResou return nil } +func awsAwsjson11_deserializeDocumentDynamoDBCapacityDetails(v **types.DynamoDBCapacityDetails, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.DynamoDBCapacityDetails + if *v == nil { + sv = &types.DynamoDBCapacityDetails{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "CapacityUnits": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GenericString to be of type string, got %T instead", value) + } + sv.CapacityUnits = ptr.String(jtv) + } + + case "Region": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GenericString to be of type string, got %T instead", value) + } + sv.Region = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsAwsjson11_deserializeDocumentEBSResourceUtilization(v **types.EBSResourceUtilization, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -10349,6 +10398,15 @@ func awsAwsjson11_deserializeDocumentReservationPurchaseRecommendationDetail(v * sv.AverageNormalizedUnitsUsedPerHour = ptr.String(jtv) } + case "AverageNumberOfCapacityUnitsUsedPerHour": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GenericString to be of type string, got %T instead", value) + } + sv.AverageNumberOfCapacityUnitsUsedPerHour = ptr.String(jtv) + } + case "AverageNumberOfInstancesUsedPerHour": if value != nil { jtv, ok := value.(string) @@ -10435,6 +10493,15 @@ func awsAwsjson11_deserializeDocumentReservationPurchaseRecommendationDetail(v * sv.MaximumNormalizedUnitsUsedPerHour = ptr.String(jtv) } + case "MaximumNumberOfCapacityUnitsUsedPerHour": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GenericString to be of type string, got %T instead", value) + } + sv.MaximumNumberOfCapacityUnitsUsedPerHour = ptr.String(jtv) + } + case "MaximumNumberOfInstancesUsedPerHour": if value != nil { jtv, ok := value.(string) @@ -10453,6 +10520,15 @@ func awsAwsjson11_deserializeDocumentReservationPurchaseRecommendationDetail(v * sv.MinimumNormalizedUnitsUsedPerHour = ptr.String(jtv) } + case "MinimumNumberOfCapacityUnitsUsedPerHour": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GenericString to be of type string, got %T instead", value) + } + sv.MinimumNumberOfCapacityUnitsUsedPerHour = ptr.String(jtv) + } + case "MinimumNumberOfInstancesUsedPerHour": if value != nil { jtv, ok := value.(string) @@ -10471,6 +10547,15 @@ func awsAwsjson11_deserializeDocumentReservationPurchaseRecommendationDetail(v * sv.RecommendedNormalizedUnitsToPurchase = ptr.String(jtv) } + case "RecommendedNumberOfCapacityUnitsToPurchase": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GenericString to be of type string, got %T instead", value) + } + sv.RecommendedNumberOfCapacityUnitsToPurchase = ptr.String(jtv) + } + case "RecommendedNumberOfInstancesToPurchase": if value != nil { jtv, ok := value.(string) @@ -10489,6 +10574,11 @@ func awsAwsjson11_deserializeDocumentReservationPurchaseRecommendationDetail(v * sv.RecurringStandardMonthlyCost = ptr.String(jtv) } + case "ReservedCapacityDetails": + if err := awsAwsjson11_deserializeDocumentReservedCapacityDetails(&sv.ReservedCapacityDetails, value); err != nil { + return err + } + case "UpfrontCost": if value != nil { jtv, ok := value.(string) @@ -10784,6 +10874,42 @@ func awsAwsjson11_deserializeDocumentReservationUtilizationGroups(v *[]types.Res return nil } +func awsAwsjson11_deserializeDocumentReservedCapacityDetails(v **types.ReservedCapacityDetails, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.ReservedCapacityDetails + if *v == nil { + sv = &types.ReservedCapacityDetails{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DynamoDBCapacityDetails": + if err := awsAwsjson11_deserializeDocumentDynamoDBCapacityDetails(&sv.DynamoDBCapacityDetails, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsAwsjson11_deserializeDocumentResourceDetails(v **types.ResourceDetails, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) diff --git a/service/costexplorer/types/types.go b/service/costexplorer/types/types.go index cf0ff1fefc9..2199eb0e77b 100644 --- a/service/costexplorer/types/types.go +++ b/service/costexplorer/types/types.go @@ -37,8 +37,8 @@ type Anomaly struct { // The first day the anomaly is detected. AnomalyStartDate *string - // The dimension for the anomaly (for example, an Amazon Web Service in a service - // monitor). + // The dimension for the anomaly (for example, an Amazon Web Servicesservice in a + // service monitor). DimensionValue *string // The feedback value. @@ -822,6 +822,18 @@ type DiskResourceUtilization struct { noSmithyDocumentSerde } +// The DynamoDB reservations that Amazon Web Services recommends that you purchase. +type DynamoDBCapacityDetails struct { + + // The capacity unit of the recommended reservation. + CapacityUnits *string + + // The Amazon Web Services Region of the recommended reservation. + Region *string + + noSmithyDocumentSerde +} + // The EBS field that contains a list of EBS metrics that are associated with the // current instance. type EBSResourceUtilization struct { @@ -1595,21 +1607,26 @@ type ReservationPurchaseRecommendationDetail struct { // reservation purchases. AverageNormalizedUnitsUsedPerHour *string + // The average number of provisioned capacity units that you used in an hour + // during the historical period. Amazon Web Services uses this to calculate your + // recommended reservation purchases. + AverageNumberOfCapacityUnitsUsedPerHour *string + // The average number of instances that you used in an hour during the historical // period. Amazon Web Services uses this to calculate your recommended reservation // purchases. AverageNumberOfInstancesUsedPerHour *string - // The average utilization of your instances. Amazon Web Services uses this to - // calculate your recommended reservation purchases. + // The average utilization of your recommendations. Amazon Web Services uses this + // to calculate your recommended reservation purchases. AverageUtilization *string // The currency code that Amazon Web Services used to calculate the costs for this - // instance. + // recommendation. CurrencyCode *string - // How long Amazon Web Services estimates that it takes for this instance to start - // saving you money, in months. + // How long Amazon Web Services estimates that it takes for this recommendation to + // start saving you money, in months. EstimatedBreakEvenInMonths *string // How much Amazon Web Services estimates that you spend on On-Demand Instances in @@ -1637,6 +1654,11 @@ type ReservationPurchaseRecommendationDetail struct { // reservation purchases. MaximumNormalizedUnitsUsedPerHour *string + // The maximum number of provisioned capacity units that you used in an hour + // during the historical period. Amazon Web Services uses this to calculate your + // recommended reservation purchases. + MaximumNumberOfCapacityUnitsUsedPerHour *string + // The maximum number of instances that you used in an hour during the historical // period. Amazon Web Services uses this to calculate your recommended reservation // purchases. @@ -1647,6 +1669,11 @@ type ReservationPurchaseRecommendationDetail struct { // reservation purchases. MinimumNormalizedUnitsUsedPerHour *string + // The minimum number of provisioned capacity units that you used in an hour + // during the historical period. Amazon Web Services uses this to calculate your + // recommended reservation purchases. + MinimumNumberOfCapacityUnitsUsedPerHour *string + // The minimum number of instances that you used in an hour during the historical // period. Amazon Web Services uses this to calculate your recommended reservation // purchases. @@ -1656,13 +1683,21 @@ type ReservationPurchaseRecommendationDetail struct { // purchase. RecommendedNormalizedUnitsToPurchase *string + // The number of reserved capacity units that Amazon Web Services recommends that + // you purchase. + RecommendedNumberOfCapacityUnitsToPurchase *string + // The number of instances that Amazon Web Services recommends that you purchase. RecommendedNumberOfInstancesToPurchase *string - // How much purchasing this instance costs you on a monthly basis. + // How much purchasing this recommendation costs you on a monthly basis. RecurringStandardMonthlyCost *string - // How much purchasing this instance costs you upfront. + // Details about the reservations that Amazon Web Services recommends that you + // purchase. + ReservedCapacityDetails *ReservedCapacityDetails + + // How much purchasing this recommendation costs you upfront. UpfrontCost *string noSmithyDocumentSerde @@ -1721,6 +1756,16 @@ type ReservationUtilizationGroup struct { noSmithyDocumentSerde } +// Details about the reservations that Amazon Web Services recommends that you +// purchase. +type ReservedCapacityDetails struct { + + // The DynamoDB reservations that Amazon Web Services recommends that you purchase. + DynamoDBCapacityDetails *DynamoDBCapacityDetails + + noSmithyDocumentSerde +} + // Details for the resource. type ResourceDetails struct { @@ -1868,9 +1913,9 @@ type RightsizingRecommendationSummary struct { noSmithyDocumentSerde } -// The combination of Amazon Web Service, linked account, linked account name, -// Region, and usage type where a cost anomaly is observed. The linked account name -// will only be available when the account name can be identified. +// The combination of Amazon Web Servicesservice, linked account, linked account +// name, Region, and usage type where a cost anomaly is observed. The linked +// account name will only be available when the account name can be identified. type RootCause struct { // The member account value that's associated with the cost anomaly. @@ -1882,7 +1927,7 @@ type RootCause struct { // The Amazon Web Services Region that's associated with the cost anomaly. Region *string - // The Amazon Web Service name that's associated with the cost anomaly. + // The Amazon Web Servicesservice name that's associated with the cost anomaly. Service *string // The UsageType value that's associated with the cost anomaly. diff --git a/service/directoryservice/api_op_AddIpRoutes.go b/service/directoryservice/api_op_AddIpRoutes.go index b750c5c485c..d7efe20b507 100644 --- a/service/directoryservice/api_op_AddIpRoutes.go +++ b/service/directoryservice/api_op_AddIpRoutes.go @@ -56,39 +56,56 @@ type AddIpRoutesInput struct { // // Inbound: // - // - Type: Custom UDP Rule, Protocol: UDP, Range: 88, Source: 0.0.0.0/0 + // - Type: Custom UDP Rule, Protocol: UDP, Range: 88, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom UDP Rule, Protocol: UDP, Range: 123, Source: 0.0.0.0/0 + // - Type: Custom UDP Rule, Protocol: UDP, Range: 123, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom UDP Rule, Protocol: UDP, Range: 138, Source: 0.0.0.0/0 + // - Type: Custom UDP Rule, Protocol: UDP, Range: 138, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom UDP Rule, Protocol: UDP, Range: 389, Source: 0.0.0.0/0 + // - Type: Custom UDP Rule, Protocol: UDP, Range: 389, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom UDP Rule, Protocol: UDP, Range: 464, Source: 0.0.0.0/0 + // - Type: Custom UDP Rule, Protocol: UDP, Range: 464, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom UDP Rule, Protocol: UDP, Range: 445, Source: 0.0.0.0/0 + // - Type: Custom UDP Rule, Protocol: UDP, Range: 445, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom TCP Rule, Protocol: TCP, Range: 88, Source: 0.0.0.0/0 + // - Type: Custom TCP Rule, Protocol: TCP, Range: 88, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom TCP Rule, Protocol: TCP, Range: 135, Source: 0.0.0.0/0 + // - Type: Custom TCP Rule, Protocol: TCP, Range: 135, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom TCP Rule, Protocol: TCP, Range: 445, Source: 0.0.0.0/0 + // - Type: Custom TCP Rule, Protocol: TCP, Range: 445, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom TCP Rule, Protocol: TCP, Range: 464, Source: 0.0.0.0/0 + // - Type: Custom TCP Rule, Protocol: TCP, Range: 464, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom TCP Rule, Protocol: TCP, Range: 636, Source: 0.0.0.0/0 + // - Type: Custom TCP Rule, Protocol: TCP, Range: 636, Source: Managed Microsoft + // AD VPC IPv4 CIDR // - // - Type: Custom TCP Rule, Protocol: TCP, Range: 1024-65535, Source: 0.0.0.0/0 + // - Type: Custom TCP Rule, Protocol: TCP, Range: 1024-65535, Source: Managed + // Microsoft AD VPC IPv4 CIDR // - // - Type: Custom TCP Rule, Protocol: TCP, Range: 3268-33269, Source: 0.0.0.0/0 + // - Type: Custom TCP Rule, Protocol: TCP, Range: 3268-33269, Source: Managed + // Microsoft AD VPC IPv4 CIDR // - // - Type: DNS (UDP), Protocol: UDP, Range: 53, Source: 0.0.0.0/0 + // - Type: DNS (UDP), Protocol: UDP, Range: 53, Source: Managed Microsoft AD VPC + // IPv4 CIDR // - // - Type: DNS (TCP), Protocol: TCP, Range: 53, Source: 0.0.0.0/0 + // - Type: DNS (TCP), Protocol: TCP, Range: 53, Source: Managed Microsoft AD VPC + // IPv4 CIDR // - // - Type: LDAP, Protocol: TCP, Range: 389, Source: 0.0.0.0/0 + // - Type: LDAP, Protocol: TCP, Range: 389, Source: Managed Microsoft AD VPC + // IPv4 CIDR // - // - Type: All ICMP, Protocol: All, Range: N/A, Source: 0.0.0.0/0 + // - Type: All ICMP, Protocol: All, Range: N/A, Source: Managed Microsoft AD VPC + // IPv4 CIDR // // Outbound: // diff --git a/service/directoryservice/api_op_CreateTrust.go b/service/directoryservice/api_op_CreateTrust.go index 68704cbd53c..e06dd2b5b86 100644 --- a/service/directoryservice/api_op_CreateTrust.go +++ b/service/directoryservice/api_op_CreateTrust.go @@ -62,8 +62,8 @@ type CreateTrustInput struct { // This member is required. TrustDirection types.TrustDirection - // The trust password. The must be the same password that was used when creating - // the trust relationship on the external domain. + // The trust password. The trust password must be the same password that was used + // when creating the trust relationship on the external domain. // // This member is required. TrustPassword *string diff --git a/service/directoryservice/api_op_DescribeDirectoryDataAccess.go b/service/directoryservice/api_op_DescribeDirectoryDataAccess.go new file mode 100644 index 00000000000..9a78212fad1 --- /dev/null +++ b/service/directoryservice/api_op_DescribeDirectoryDataAccess.go @@ -0,0 +1,143 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservice + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservice/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Obtains status of directory data access enablement through the Directory +// Service Data API for the specified directory. +func (c *Client) DescribeDirectoryDataAccess(ctx context.Context, params *DescribeDirectoryDataAccessInput, optFns ...func(*Options)) (*DescribeDirectoryDataAccessOutput, error) { + if params == nil { + params = &DescribeDirectoryDataAccessInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "DescribeDirectoryDataAccess", params, optFns, c.addOperationDescribeDirectoryDataAccessMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*DescribeDirectoryDataAccessOutput) + out.ResultMetadata = metadata + return out, nil +} + +type DescribeDirectoryDataAccessInput struct { + + // The directory identifier. + // + // This member is required. + DirectoryId *string + + noSmithyDocumentSerde +} + +type DescribeDirectoryDataAccessOutput struct { + + // The current status of data access through the Directory Service Data API. + DataAccessStatus types.DataAccessStatus + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationDescribeDirectoryDataAccessMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsAwsjson11_serializeOpDescribeDirectoryDataAccess{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpDescribeDirectoryDataAccess{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "DescribeDirectoryDataAccess"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpDescribeDirectoryDataAccessValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDescribeDirectoryDataAccess(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opDescribeDirectoryDataAccess(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "DescribeDirectoryDataAccess", + } +} diff --git a/service/directoryservice/api_op_DisableClientAuthentication.go b/service/directoryservice/api_op_DisableClientAuthentication.go index 65a21783e8b..72c42af5c71 100644 --- a/service/directoryservice/api_op_DisableClientAuthentication.go +++ b/service/directoryservice/api_op_DisableClientAuthentication.go @@ -34,8 +34,8 @@ type DisableClientAuthenticationInput struct { // This member is required. DirectoryId *string - // The type of client authentication to disable. Currently, only the parameter, - // SmartCard is supported. + // The type of client authentication to disable. Currently the only parameter + // "SmartCard" is supported. // // This member is required. Type types.ClientAuthenticationType diff --git a/service/directoryservice/api_op_DisableDirectoryDataAccess.go b/service/directoryservice/api_op_DisableDirectoryDataAccess.go new file mode 100644 index 00000000000..135e2d34472 --- /dev/null +++ b/service/directoryservice/api_op_DisableDirectoryDataAccess.go @@ -0,0 +1,138 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservice + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Deactivates access to directory data via the Directory Service Data API for the +// specified directory. +func (c *Client) DisableDirectoryDataAccess(ctx context.Context, params *DisableDirectoryDataAccessInput, optFns ...func(*Options)) (*DisableDirectoryDataAccessOutput, error) { + if params == nil { + params = &DisableDirectoryDataAccessInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "DisableDirectoryDataAccess", params, optFns, c.addOperationDisableDirectoryDataAccessMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*DisableDirectoryDataAccessOutput) + out.ResultMetadata = metadata + return out, nil +} + +type DisableDirectoryDataAccessInput struct { + + // The directory identifier. + // + // This member is required. + DirectoryId *string + + noSmithyDocumentSerde +} + +type DisableDirectoryDataAccessOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationDisableDirectoryDataAccessMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsAwsjson11_serializeOpDisableDirectoryDataAccess{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpDisableDirectoryDataAccess{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "DisableDirectoryDataAccess"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpDisableDirectoryDataAccessValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDisableDirectoryDataAccess(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opDisableDirectoryDataAccess(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "DisableDirectoryDataAccess", + } +} diff --git a/service/directoryservice/api_op_EnableDirectoryDataAccess.go b/service/directoryservice/api_op_EnableDirectoryDataAccess.go new file mode 100644 index 00000000000..f998da6372e --- /dev/null +++ b/service/directoryservice/api_op_EnableDirectoryDataAccess.go @@ -0,0 +1,138 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservice + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Enables access to directory data via the Directory Service Data API for the +// specified directory. +func (c *Client) EnableDirectoryDataAccess(ctx context.Context, params *EnableDirectoryDataAccessInput, optFns ...func(*Options)) (*EnableDirectoryDataAccessOutput, error) { + if params == nil { + params = &EnableDirectoryDataAccessInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "EnableDirectoryDataAccess", params, optFns, c.addOperationEnableDirectoryDataAccessMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*EnableDirectoryDataAccessOutput) + out.ResultMetadata = metadata + return out, nil +} + +type EnableDirectoryDataAccessInput struct { + + // The directory identifier. + // + // This member is required. + DirectoryId *string + + noSmithyDocumentSerde +} + +type EnableDirectoryDataAccessOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationEnableDirectoryDataAccessMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsAwsjson11_serializeOpEnableDirectoryDataAccess{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpEnableDirectoryDataAccess{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "EnableDirectoryDataAccess"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpEnableDirectoryDataAccessValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opEnableDirectoryDataAccess(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opEnableDirectoryDataAccess(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "EnableDirectoryDataAccess", + } +} diff --git a/service/directoryservice/api_op_ResetUserPassword.go b/service/directoryservice/api_op_ResetUserPassword.go index d9d79523a8e..a1cb4b8b7a2 100644 --- a/service/directoryservice/api_op_ResetUserPassword.go +++ b/service/directoryservice/api_op_ResetUserPassword.go @@ -11,7 +11,8 @@ import ( ) // Resets the password for any user in your Managed Microsoft AD or Simple AD -// directory. +// directory. Disabled users will become enabled and can be authenticated following +// the API call. // // You can reset the password for any user in your directory with the following // exceptions: diff --git a/service/directoryservice/deserializers.go b/service/directoryservice/deserializers.go index 6a760b594f8..7f3bc75b6e8 100644 --- a/service/directoryservice/deserializers.go +++ b/service/directoryservice/deserializers.go @@ -3039,6 +3039,125 @@ func awsAwsjson11_deserializeOpErrorDescribeDirectories(response *smithyhttp.Res } } +type awsAwsjson11_deserializeOpDescribeDirectoryDataAccess struct { +} + +func (*awsAwsjson11_deserializeOpDescribeDirectoryDataAccess) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpDescribeDirectoryDataAccess) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorDescribeDirectoryDataAccess(response, &metadata) + } + output := &DescribeDirectoryDataAccessOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentDescribeDirectoryDataAccessOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorDescribeDirectoryDataAccess(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + bodyInfo, err := getProtocolErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) + } + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message + } + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsAwsjson11_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ClientException", errorCode): + return awsAwsjson11_deserializeErrorClientException(response, errorBody) + + case strings.EqualFold("DirectoryDoesNotExistException", errorCode): + return awsAwsjson11_deserializeErrorDirectoryDoesNotExistException(response, errorBody) + + case strings.EqualFold("ServiceException", errorCode): + return awsAwsjson11_deserializeErrorServiceException(response, errorBody) + + case strings.EqualFold("UnsupportedOperationException", errorCode): + return awsAwsjson11_deserializeErrorUnsupportedOperationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + type awsAwsjson11_deserializeOpDescribeDomainControllers struct { } @@ -4253,6 +4372,131 @@ func awsAwsjson11_deserializeOpErrorDisableClientAuthentication(response *smithy } } +type awsAwsjson11_deserializeOpDisableDirectoryDataAccess struct { +} + +func (*awsAwsjson11_deserializeOpDisableDirectoryDataAccess) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpDisableDirectoryDataAccess) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorDisableDirectoryDataAccess(response, &metadata) + } + output := &DisableDirectoryDataAccessOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentDisableDirectoryDataAccessOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorDisableDirectoryDataAccess(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + bodyInfo, err := getProtocolErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) + } + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message + } + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsAwsjson11_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ClientException", errorCode): + return awsAwsjson11_deserializeErrorClientException(response, errorBody) + + case strings.EqualFold("DirectoryDoesNotExistException", errorCode): + return awsAwsjson11_deserializeErrorDirectoryDoesNotExistException(response, errorBody) + + case strings.EqualFold("DirectoryInDesiredStateException", errorCode): + return awsAwsjson11_deserializeErrorDirectoryInDesiredStateException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsAwsjson11_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("ServiceException", errorCode): + return awsAwsjson11_deserializeErrorServiceException(response, errorBody) + + case strings.EqualFold("UnsupportedOperationException", errorCode): + return awsAwsjson11_deserializeErrorUnsupportedOperationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + type awsAwsjson11_deserializeOpDisableLDAPS struct { } @@ -4735,6 +4979,131 @@ func awsAwsjson11_deserializeOpErrorEnableClientAuthentication(response *smithyh } } +type awsAwsjson11_deserializeOpEnableDirectoryDataAccess struct { +} + +func (*awsAwsjson11_deserializeOpEnableDirectoryDataAccess) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson11_deserializeOpEnableDirectoryDataAccess) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson11_deserializeOpErrorEnableDirectoryDataAccess(response, &metadata) + } + output := &EnableDirectoryDataAccessOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson11_deserializeOpDocumentEnableDirectoryDataAccessOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson11_deserializeOpErrorEnableDirectoryDataAccess(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + bodyInfo, err := getProtocolErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { + errorCode = restjson.SanitizeErrorCode(typ) + } + if len(bodyInfo.Message) != 0 { + errorMessage = bodyInfo.Message + } + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsAwsjson11_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ClientException", errorCode): + return awsAwsjson11_deserializeErrorClientException(response, errorBody) + + case strings.EqualFold("DirectoryDoesNotExistException", errorCode): + return awsAwsjson11_deserializeErrorDirectoryDoesNotExistException(response, errorBody) + + case strings.EqualFold("DirectoryInDesiredStateException", errorCode): + return awsAwsjson11_deserializeErrorDirectoryInDesiredStateException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsAwsjson11_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("ServiceException", errorCode): + return awsAwsjson11_deserializeErrorServiceException(response, errorBody) + + case strings.EqualFold("UnsupportedOperationException", errorCode): + return awsAwsjson11_deserializeErrorUnsupportedOperationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + type awsAwsjson11_deserializeOpEnableLDAPS struct { } @@ -15749,6 +16118,46 @@ func awsAwsjson11_deserializeOpDocumentDescribeDirectoriesOutput(v **DescribeDir return nil } +func awsAwsjson11_deserializeOpDocumentDescribeDirectoryDataAccessOutput(v **DescribeDirectoryDataAccessOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *DescribeDirectoryDataAccessOutput + if *v == nil { + sv = &DescribeDirectoryDataAccessOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DataAccessStatus": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DataAccessStatus to be of type string, got %T instead", value) + } + sv.DataAccessStatus = types.DataAccessStatus(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsAwsjson11_deserializeOpDocumentDescribeDomainControllersOutput(v **DescribeDomainControllersOutput, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -16185,6 +16594,37 @@ func awsAwsjson11_deserializeOpDocumentDisableClientAuthenticationOutput(v **Dis return nil } +func awsAwsjson11_deserializeOpDocumentDisableDirectoryDataAccessOutput(v **DisableDirectoryDataAccessOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *DisableDirectoryDataAccessOutput + if *v == nil { + sv = &DisableDirectoryDataAccessOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsAwsjson11_deserializeOpDocumentDisableLDAPSOutput(v **DisableLDAPSOutput, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -16309,6 +16749,37 @@ func awsAwsjson11_deserializeOpDocumentEnableClientAuthenticationOutput(v **Enab return nil } +func awsAwsjson11_deserializeOpDocumentEnableDirectoryDataAccessOutput(v **EnableDirectoryDataAccessOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *EnableDirectoryDataAccessOutput + if *v == nil { + sv = &EnableDirectoryDataAccessOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsAwsjson11_deserializeOpDocumentEnableLDAPSOutput(v **EnableLDAPSOutput, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) diff --git a/service/directoryservice/generated.json b/service/directoryservice/generated.json index 343e2ff6d87..d7866798ff2 100644 --- a/service/directoryservice/generated.json +++ b/service/directoryservice/generated.json @@ -33,6 +33,7 @@ "api_op_DescribeClientAuthenticationSettings.go", "api_op_DescribeConditionalForwarders.go", "api_op_DescribeDirectories.go", + "api_op_DescribeDirectoryDataAccess.go", "api_op_DescribeDomainControllers.go", "api_op_DescribeEventTopics.go", "api_op_DescribeLDAPSSettings.go", @@ -43,10 +44,12 @@ "api_op_DescribeTrusts.go", "api_op_DescribeUpdateDirectory.go", "api_op_DisableClientAuthentication.go", + "api_op_DisableDirectoryDataAccess.go", "api_op_DisableLDAPS.go", "api_op_DisableRadius.go", "api_op_DisableSso.go", "api_op_EnableClientAuthentication.go", + "api_op_EnableDirectoryDataAccess.go", "api_op_EnableLDAPS.go", "api_op_EnableRadius.go", "api_op_EnableSso.go", diff --git a/service/directoryservice/serializers.go b/service/directoryservice/serializers.go index 72533e26f4d..0b765063cc6 100644 --- a/service/directoryservice/serializers.go +++ b/service/directoryservice/serializers.go @@ -1390,6 +1390,61 @@ func (m *awsAwsjson11_serializeOpDescribeDirectories) HandleSerialize(ctx contex return next.HandleSerialize(ctx, in) } +type awsAwsjson11_serializeOpDescribeDirectoryDataAccess struct { +} + +func (*awsAwsjson11_serializeOpDescribeDirectoryDataAccess) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpDescribeDirectoryDataAccess) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*DescribeDirectoryDataAccessInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("DirectoryService_20150416.DescribeDirectoryDataAccess") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentDescribeDirectoryDataAccessInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + type awsAwsjson11_serializeOpDescribeDomainControllers struct { } @@ -1940,6 +1995,61 @@ func (m *awsAwsjson11_serializeOpDisableClientAuthentication) HandleSerialize(ct return next.HandleSerialize(ctx, in) } +type awsAwsjson11_serializeOpDisableDirectoryDataAccess struct { +} + +func (*awsAwsjson11_serializeOpDisableDirectoryDataAccess) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpDisableDirectoryDataAccess) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*DisableDirectoryDataAccessInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("DirectoryService_20150416.DisableDirectoryDataAccess") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentDisableDirectoryDataAccessInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + type awsAwsjson11_serializeOpDisableLDAPS struct { } @@ -2160,6 +2270,61 @@ func (m *awsAwsjson11_serializeOpEnableClientAuthentication) HandleSerialize(ctx return next.HandleSerialize(ctx, in) } +type awsAwsjson11_serializeOpEnableDirectoryDataAccess struct { +} + +func (*awsAwsjson11_serializeOpEnableDirectoryDataAccess) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson11_serializeOpEnableDirectoryDataAccess) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*EnableDirectoryDataAccessInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") + httpBindingEncoder.SetHeader("X-Amz-Target").String("DirectoryService_20150416.EnableDirectoryDataAccess") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson11_serializeOpDocumentEnableDirectoryDataAccessInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + type awsAwsjson11_serializeOpEnableLDAPS struct { } @@ -4675,6 +4840,18 @@ func awsAwsjson11_serializeOpDocumentDescribeDirectoriesInput(v *DescribeDirecto return nil } +func awsAwsjson11_serializeOpDocumentDescribeDirectoryDataAccessInput(v *DescribeDirectoryDataAccessInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.DirectoryId != nil { + ok := object.Key("DirectoryId") + ok.String(*v.DirectoryId) + } + + return nil +} + func awsAwsjson11_serializeOpDocumentDescribeDomainControllersInput(v *DescribeDomainControllersInput, value smithyjson.Value) error { object := value.Object() defer object.Close() @@ -4925,6 +5102,18 @@ func awsAwsjson11_serializeOpDocumentDisableClientAuthenticationInput(v *Disable return nil } +func awsAwsjson11_serializeOpDocumentDisableDirectoryDataAccessInput(v *DisableDirectoryDataAccessInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.DirectoryId != nil { + ok := object.Key("DirectoryId") + ok.String(*v.DirectoryId) + } + + return nil +} + func awsAwsjson11_serializeOpDocumentDisableLDAPSInput(v *DisableLDAPSInput, value smithyjson.Value) error { object := value.Object() defer object.Close() @@ -4993,6 +5182,18 @@ func awsAwsjson11_serializeOpDocumentEnableClientAuthenticationInput(v *EnableCl return nil } +func awsAwsjson11_serializeOpDocumentEnableDirectoryDataAccessInput(v *EnableDirectoryDataAccessInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.DirectoryId != nil { + ok := object.Key("DirectoryId") + ok.String(*v.DirectoryId) + } + + return nil +} + func awsAwsjson11_serializeOpDocumentEnableLDAPSInput(v *EnableLDAPSInput, value smithyjson.Value) error { object := value.Object() defer object.Close() diff --git a/service/directoryservice/snapshot/api_op_DescribeDirectoryDataAccess.go.snap b/service/directoryservice/snapshot/api_op_DescribeDirectoryDataAccess.go.snap new file mode 100644 index 00000000000..fd35afd5df1 --- /dev/null +++ b/service/directoryservice/snapshot/api_op_DescribeDirectoryDataAccess.go.snap @@ -0,0 +1,36 @@ +DescribeDirectoryDataAccess + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservice/snapshot/api_op_DisableDirectoryDataAccess.go.snap b/service/directoryservice/snapshot/api_op_DisableDirectoryDataAccess.go.snap new file mode 100644 index 00000000000..df9e9d649ca --- /dev/null +++ b/service/directoryservice/snapshot/api_op_DisableDirectoryDataAccess.go.snap @@ -0,0 +1,36 @@ +DisableDirectoryDataAccess + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservice/snapshot/api_op_EnableDirectoryDataAccess.go.snap b/service/directoryservice/snapshot/api_op_EnableDirectoryDataAccess.go.snap new file mode 100644 index 00000000000..8371ae423a3 --- /dev/null +++ b/service/directoryservice/snapshot/api_op_EnableDirectoryDataAccess.go.snap @@ -0,0 +1,36 @@ +EnableDirectoryDataAccess + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservice/snapshot_test.go b/service/directoryservice/snapshot_test.go index 6148d4ab45a..a0f1950e70a 100644 --- a/service/directoryservice/snapshot_test.go +++ b/service/directoryservice/snapshot_test.go @@ -362,6 +362,18 @@ func TestCheckSnapshot_DescribeDirectories(t *testing.T) { } } +func TestCheckSnapshot_DescribeDirectoryDataAccess(t *testing.T) { + svc := New(Options{}) + _, err := svc.DescribeDirectoryDataAccess(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "DescribeDirectoryDataAccess") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + func TestCheckSnapshot_DescribeDomainControllers(t *testing.T) { svc := New(Options{}) _, err := svc.DescribeDomainControllers(context.Background(), nil, func(o *Options) { @@ -482,6 +494,18 @@ func TestCheckSnapshot_DisableClientAuthentication(t *testing.T) { } } +func TestCheckSnapshot_DisableDirectoryDataAccess(t *testing.T) { + svc := New(Options{}) + _, err := svc.DisableDirectoryDataAccess(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "DisableDirectoryDataAccess") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + func TestCheckSnapshot_DisableLDAPS(t *testing.T) { svc := New(Options{}) _, err := svc.DisableLDAPS(context.Background(), nil, func(o *Options) { @@ -530,6 +554,18 @@ func TestCheckSnapshot_EnableClientAuthentication(t *testing.T) { } } +func TestCheckSnapshot_EnableDirectoryDataAccess(t *testing.T) { + svc := New(Options{}) + _, err := svc.EnableDirectoryDataAccess(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "EnableDirectoryDataAccess") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + func TestCheckSnapshot_EnableLDAPS(t *testing.T) { svc := New(Options{}) _, err := svc.EnableLDAPS(context.Background(), nil, func(o *Options) { @@ -1165,6 +1201,18 @@ func TestUpdateSnapshot_DescribeDirectories(t *testing.T) { } } +func TestUpdateSnapshot_DescribeDirectoryDataAccess(t *testing.T) { + svc := New(Options{}) + _, err := svc.DescribeDirectoryDataAccess(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "DescribeDirectoryDataAccess") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + func TestUpdateSnapshot_DescribeDomainControllers(t *testing.T) { svc := New(Options{}) _, err := svc.DescribeDomainControllers(context.Background(), nil, func(o *Options) { @@ -1285,6 +1333,18 @@ func TestUpdateSnapshot_DisableClientAuthentication(t *testing.T) { } } +func TestUpdateSnapshot_DisableDirectoryDataAccess(t *testing.T) { + svc := New(Options{}) + _, err := svc.DisableDirectoryDataAccess(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "DisableDirectoryDataAccess") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + func TestUpdateSnapshot_DisableLDAPS(t *testing.T) { svc := New(Options{}) _, err := svc.DisableLDAPS(context.Background(), nil, func(o *Options) { @@ -1333,6 +1393,18 @@ func TestUpdateSnapshot_EnableClientAuthentication(t *testing.T) { } } +func TestUpdateSnapshot_EnableDirectoryDataAccess(t *testing.T) { + svc := New(Options{}) + _, err := svc.EnableDirectoryDataAccess(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "EnableDirectoryDataAccess") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + func TestUpdateSnapshot_EnableLDAPS(t *testing.T) { svc := New(Options{}) _, err := svc.EnableLDAPS(context.Background(), nil, func(o *Options) { diff --git a/service/directoryservice/types/enums.go b/service/directoryservice/types/enums.go index 9d268b24768..7963e88790c 100644 --- a/service/directoryservice/types/enums.go +++ b/service/directoryservice/types/enums.go @@ -86,6 +86,31 @@ func (ClientAuthenticationType) Values() []ClientAuthenticationType { } } +type DataAccessStatus string + +// Enum values for DataAccessStatus +const ( + DataAccessStatusDisabled DataAccessStatus = "Disabled" + DataAccessStatusDisabling DataAccessStatus = "Disabling" + DataAccessStatusEnabled DataAccessStatus = "Enabled" + DataAccessStatusEnabling DataAccessStatus = "Enabling" + DataAccessStatusFailed DataAccessStatus = "Failed" +) + +// Values returns all known values for DataAccessStatus. Note that this can be +// expanded in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. +func (DataAccessStatus) Values() []DataAccessStatus { + return []DataAccessStatus{ + "Disabled", + "Disabling", + "Enabled", + "Enabling", + "Failed", + } +} + type DirectoryConfigurationStatus string // Enum values for DirectoryConfigurationStatus @@ -165,6 +190,7 @@ const ( DirectoryStageDeleting DirectoryStage = "Deleting" DirectoryStageDeleted DirectoryStage = "Deleted" DirectoryStageFailed DirectoryStage = "Failed" + DirectoryStageUpdating DirectoryStage = "Updating" ) // Values returns all known values for DirectoryStage. Note that this can be @@ -184,6 +210,7 @@ func (DirectoryStage) Values() []DirectoryStage { "Deleting", "Deleted", "Failed", + "Updating", } } @@ -221,6 +248,7 @@ const ( DomainControllerStatusDeleting DomainControllerStatus = "Deleting" DomainControllerStatusDeleted DomainControllerStatus = "Deleted" DomainControllerStatusFailed DomainControllerStatus = "Failed" + DomainControllerStatusUpdating DomainControllerStatus = "Updating" ) // Values returns all known values for DomainControllerStatus. Note that this can @@ -236,6 +264,7 @@ func (DomainControllerStatus) Values() []DomainControllerStatus { "Deleting", "Deleted", "Failed", + "Updating", } } diff --git a/service/directoryservice/types/errors.go b/service/directoryservice/types/errors.go index ebb262eee48..af7fa13f0a9 100644 --- a/service/directoryservice/types/errors.go +++ b/service/directoryservice/types/errors.go @@ -7,7 +7,7 @@ import ( smithy "github.com/aws/smithy-go" ) -// Client authentication is not available in this region at this time. +// You do not have sufficient access to perform this action. type AccessDeniedException struct { Message *string @@ -378,7 +378,7 @@ func (e *DirectoryNotSharedException) ErrorCode() string { } func (e *DirectoryNotSharedException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } -// The specified directory is unavailable or could not be found. +// The specified directory is unavailable. type DirectoryUnavailableException struct { Message *string diff --git a/service/directoryservice/types/types.go b/service/directoryservice/types/types.go index d2a1ff58d42..6c0a28c1f45 100644 --- a/service/directoryservice/types/types.go +++ b/service/directoryservice/types/types.go @@ -292,7 +292,7 @@ type DirectoryDescription struct { // Additional information about the directory stage. StageReason *string - // The directory size. + // The directory type. Type DirectoryType // A DirectoryVpcSettingsDescription object that contains additional information about a directory. This member @@ -552,7 +552,7 @@ type RadiusSettings struct { RadiusPort *int32 // The maximum number of times that communication with the RADIUS server is - // attempted. + // retried after the initial attempt. RadiusRetries int32 // An array of strings that contains the fully qualified domain name (FQDN) or IP @@ -819,7 +819,7 @@ type Tag struct { // Required name of the tag. The string value can be Unicode characters and cannot // be prefixed with "aws:". The string can contain only the set of Unicode letters, - // digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: + // digits, white-space, '_', '.', '/', '=', '+', '-', ':', '@'(Java regex: // "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$"). // // This member is required. @@ -827,7 +827,8 @@ type Tag struct { // The optional value of the tag. The string value can be Unicode characters. The // string can contain only the set of Unicode letters, digits, white-space, '_', - // '.', '/', '=', '+', '-' (Java regex: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$"). + // '.', '/', '=', '+', '-', ':', '@' (Java regex: + // "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$"). // // This member is required. Value *string diff --git a/service/directoryservice/validators.go b/service/directoryservice/validators.go index 3859e99fa2e..d63c45b66d8 100644 --- a/service/directoryservice/validators.go +++ b/service/directoryservice/validators.go @@ -490,6 +490,26 @@ func (m *validateOpDescribeConditionalForwarders) HandleInitialize(ctx context.C return next.HandleInitialize(ctx, in) } +type validateOpDescribeDirectoryDataAccess struct { +} + +func (*validateOpDescribeDirectoryDataAccess) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpDescribeDirectoryDataAccess) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*DescribeDirectoryDataAccessInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpDescribeDirectoryDataAccessInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + type validateOpDescribeDomainControllers struct { } @@ -630,6 +650,26 @@ func (m *validateOpDisableClientAuthentication) HandleInitialize(ctx context.Con return next.HandleInitialize(ctx, in) } +type validateOpDisableDirectoryDataAccess struct { +} + +func (*validateOpDisableDirectoryDataAccess) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpDisableDirectoryDataAccess) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*DisableDirectoryDataAccessInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpDisableDirectoryDataAccessInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + type validateOpDisableLDAPS struct { } @@ -710,6 +750,26 @@ func (m *validateOpEnableClientAuthentication) HandleInitialize(ctx context.Cont return next.HandleInitialize(ctx, in) } +type validateOpEnableDirectoryDataAccess struct { +} + +func (*validateOpEnableDirectoryDataAccess) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpEnableDirectoryDataAccess) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*EnableDirectoryDataAccessInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpEnableDirectoryDataAccessInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + type validateOpEnableLDAPS struct { } @@ -1326,6 +1386,10 @@ func addOpDescribeConditionalForwardersValidationMiddleware(stack *middleware.St return stack.Initialize.Add(&validateOpDescribeConditionalForwarders{}, middleware.After) } +func addOpDescribeDirectoryDataAccessValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpDescribeDirectoryDataAccess{}, middleware.After) +} + func addOpDescribeDomainControllersValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpDescribeDomainControllers{}, middleware.After) } @@ -1354,6 +1418,10 @@ func addOpDisableClientAuthenticationValidationMiddleware(stack *middleware.Stac return stack.Initialize.Add(&validateOpDisableClientAuthentication{}, middleware.After) } +func addOpDisableDirectoryDataAccessValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpDisableDirectoryDataAccess{}, middleware.After) +} + func addOpDisableLDAPSValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpDisableLDAPS{}, middleware.After) } @@ -1370,6 +1438,10 @@ func addOpEnableClientAuthenticationValidationMiddleware(stack *middleware.Stack return stack.Initialize.Add(&validateOpEnableClientAuthentication{}, middleware.After) } +func addOpEnableDirectoryDataAccessValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpEnableDirectoryDataAccess{}, middleware.After) +} + func addOpEnableLDAPSValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpEnableLDAPS{}, middleware.After) } @@ -2093,6 +2165,21 @@ func validateOpDescribeConditionalForwardersInput(v *DescribeConditionalForwarde } } +func validateOpDescribeDirectoryDataAccessInput(v *DescribeDirectoryDataAccessInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "DescribeDirectoryDataAccessInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + func validateOpDescribeDomainControllersInput(v *DescribeDomainControllersInput) error { if v == nil { return nil @@ -2204,6 +2291,21 @@ func validateOpDisableClientAuthenticationInput(v *DisableClientAuthenticationIn } } +func validateOpDisableDirectoryDataAccessInput(v *DisableDirectoryDataAccessInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "DisableDirectoryDataAccessInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + func validateOpDisableLDAPSInput(v *DisableLDAPSInput) error { if v == nil { return nil @@ -2270,6 +2372,21 @@ func validateOpEnableClientAuthenticationInput(v *EnableClientAuthenticationInpu } } +func validateOpEnableDirectoryDataAccessInput(v *EnableDirectoryDataAccessInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "EnableDirectoryDataAccessInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + func validateOpEnableLDAPSInput(v *EnableLDAPSInput) error { if v == nil { return nil diff --git a/service/directoryservicedata/LICENSE.txt b/service/directoryservicedata/LICENSE.txt new file mode 100644 index 00000000000..d6456956733 --- /dev/null +++ b/service/directoryservicedata/LICENSE.txt @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/service/directoryservicedata/api_client.go b/service/directoryservicedata/api_client.go new file mode 100644 index 00000000000..8987047a21f --- /dev/null +++ b/service/directoryservicedata/api_client.go @@ -0,0 +1,624 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + cryptorand "crypto/rand" + "fmt" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/defaults" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/retry" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" + internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" + internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" + internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" + smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" + smithydocument "github.com/aws/smithy-go/document" + "github.com/aws/smithy-go/logging" + "github.com/aws/smithy-go/middleware" + smithyrand "github.com/aws/smithy-go/rand" + smithyhttp "github.com/aws/smithy-go/transport/http" + "net" + "net/http" + "sync/atomic" + "time" +) + +const ServiceID = "Directory Service Data" +const ServiceAPIVersion = "2023-05-31" + +// Client provides the API client to make operations call for AWS Directory +// Service Data. +type Client struct { + options Options + + // Difference between the time reported by the server and the client + timeOffset *atomic.Int64 +} + +// New returns an initialized Client based on the functional options. Provide +// additional functional options to further configure the behavior of the client, +// such as changing the client's endpoint or adding custom middleware behavior. +func New(options Options, optFns ...func(*Options)) *Client { + options = options.Copy() + + resolveDefaultLogger(&options) + + setResolvedDefaultsMode(&options) + + resolveRetryer(&options) + + resolveHTTPClient(&options) + + resolveHTTPSignerV4(&options) + + resolveIdempotencyTokenProvider(&options) + + resolveEndpointResolverV2(&options) + + resolveAuthSchemeResolver(&options) + + for _, fn := range optFns { + fn(&options) + } + + finalizeRetryMaxAttempts(&options) + + ignoreAnonymousAuth(&options) + + wrapWithAnonymousAuth(&options) + + resolveAuthSchemes(&options) + + client := &Client{ + options: options, + } + + initializeTimeOffsetResolver(client) + + return client +} + +// Options returns a copy of the client configuration. +// +// Callers SHOULD NOT perform mutations on any inner structures within client +// config. Config overrides should instead be made on a per-operation basis through +// functional options. +func (c *Client) Options() Options { + return c.options.Copy() +} + +func (c *Client) invokeOperation(ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error) (result interface{}, metadata middleware.Metadata, err error) { + ctx = middleware.ClearStackValues(ctx) + stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) + options := c.options.Copy() + + for _, fn := range optFns { + fn(&options) + } + + finalizeOperationRetryMaxAttempts(&options, *c) + + finalizeClientEndpointResolverOptions(&options) + + for _, fn := range stackFns { + if err := fn(stack, options); err != nil { + return nil, metadata, err + } + } + + for _, fn := range options.APIOptions { + if err := fn(stack); err != nil { + return nil, metadata, err + } + } + + handler := middleware.DecorateHandler(smithyhttp.NewClientHandler(options.HTTPClient), stack) + result, metadata, err = handler.Handle(ctx, params) + if err != nil { + err = &smithy.OperationError{ + ServiceID: ServiceID, + OperationName: opID, + Err: err, + } + } + return result, metadata, err +} + +type operationInputKey struct{} + +func setOperationInput(ctx context.Context, input interface{}) context.Context { + return middleware.WithStackValue(ctx, operationInputKey{}, input) +} + +func getOperationInput(ctx context.Context) interface{} { + return middleware.GetStackValue(ctx, operationInputKey{}) +} + +type setOperationInputMiddleware struct { +} + +func (*setOperationInputMiddleware) ID() string { + return "setOperationInput" +} + +func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + ctx = setOperationInput(ctx, in.Parameters) + return next.HandleSerialize(ctx, in) +} + +func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error { + if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil { + return fmt.Errorf("add ResolveAuthScheme: %w", err) + } + if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil { + return fmt.Errorf("add GetIdentity: %v", err) + } + if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil { + return fmt.Errorf("add ResolveEndpointV2: %v", err) + } + if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", middleware.After); err != nil { + return fmt.Errorf("add Signing: %w", err) + } + return nil +} +func resolveAuthSchemeResolver(options *Options) { + if options.AuthSchemeResolver == nil { + options.AuthSchemeResolver = &defaultAuthSchemeResolver{} + } +} + +func resolveAuthSchemes(options *Options) { + if options.AuthSchemes == nil { + options.AuthSchemes = []smithyhttp.AuthScheme{ + internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{ + Signer: options.HTTPSignerV4, + Logger: options.Logger, + LogSigning: options.ClientLogMode.IsSigning(), + }), + } + } +} + +type noSmithyDocumentSerde = smithydocument.NoSerde + +type legacyEndpointContextSetter struct { + LegacyResolver EndpointResolver +} + +func (*legacyEndpointContextSetter) ID() string { + return "legacyEndpointContextSetter" +} + +func (m *legacyEndpointContextSetter) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.LegacyResolver != nil { + ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, true) + } + + return next.HandleInitialize(ctx, in) + +} +func addlegacyEndpointContextSetter(stack *middleware.Stack, o Options) error { + return stack.Initialize.Add(&legacyEndpointContextSetter{ + LegacyResolver: o.EndpointResolver, + }, middleware.Before) +} + +func resolveDefaultLogger(o *Options) { + if o.Logger != nil { + return + } + o.Logger = logging.Nop{} +} + +func addSetLoggerMiddleware(stack *middleware.Stack, o Options) error { + return middleware.AddSetLoggerMiddleware(stack, o.Logger) +} + +func setResolvedDefaultsMode(o *Options) { + if len(o.resolvedDefaultsMode) > 0 { + return + } + + var mode aws.DefaultsMode + mode.SetFromString(string(o.DefaultsMode)) + + if mode == aws.DefaultsModeAuto { + mode = defaults.ResolveDefaultsModeAuto(o.Region, o.RuntimeEnvironment) + } + + o.resolvedDefaultsMode = mode +} + +// NewFromConfig returns a new client from the provided config. +func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { + opts := Options{ + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + } + resolveAWSRetryerProvider(cfg, &opts) + resolveAWSRetryMaxAttempts(cfg, &opts) + resolveAWSRetryMode(cfg, &opts) + resolveAWSEndpointResolver(cfg, &opts) + resolveUseDualStackEndpoint(cfg, &opts) + resolveUseFIPSEndpoint(cfg, &opts) + resolveBaseEndpoint(cfg, &opts) + return New(opts, optFns...) +} + +func resolveHTTPClient(o *Options) { + var buildable *awshttp.BuildableClient + + if o.HTTPClient != nil { + var ok bool + buildable, ok = o.HTTPClient.(*awshttp.BuildableClient) + if !ok { + return + } + } else { + buildable = awshttp.NewBuildableClient() + } + + modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) + if err == nil { + buildable = buildable.WithDialerOptions(func(dialer *net.Dialer) { + if dialerTimeout, ok := modeConfig.GetConnectTimeout(); ok { + dialer.Timeout = dialerTimeout + } + }) + + buildable = buildable.WithTransportOptions(func(transport *http.Transport) { + if tlsHandshakeTimeout, ok := modeConfig.GetTLSNegotiationTimeout(); ok { + transport.TLSHandshakeTimeout = tlsHandshakeTimeout + } + }) + } + + o.HTTPClient = buildable +} + +func resolveRetryer(o *Options) { + if o.Retryer != nil { + return + } + + if len(o.RetryMode) == 0 { + modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) + if err == nil { + o.RetryMode = modeConfig.RetryMode + } + } + if len(o.RetryMode) == 0 { + o.RetryMode = aws.RetryModeStandard + } + + var standardOptions []func(*retry.StandardOptions) + if v := o.RetryMaxAttempts; v != 0 { + standardOptions = append(standardOptions, func(so *retry.StandardOptions) { + so.MaxAttempts = v + }) + } + + switch o.RetryMode { + case aws.RetryModeAdaptive: + var adaptiveOptions []func(*retry.AdaptiveModeOptions) + if len(standardOptions) != 0 { + adaptiveOptions = append(adaptiveOptions, func(ao *retry.AdaptiveModeOptions) { + ao.StandardOptions = append(ao.StandardOptions, standardOptions...) + }) + } + o.Retryer = retry.NewAdaptiveMode(adaptiveOptions...) + + default: + o.Retryer = retry.NewStandard(standardOptions...) + } +} + +func resolveAWSRetryerProvider(cfg aws.Config, o *Options) { + if cfg.Retryer == nil { + return + } + o.Retryer = cfg.Retryer() +} + +func resolveAWSRetryMode(cfg aws.Config, o *Options) { + if len(cfg.RetryMode) == 0 { + return + } + o.RetryMode = cfg.RetryMode +} +func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) { + if cfg.RetryMaxAttempts == 0 { + return + } + o.RetryMaxAttempts = cfg.RetryMaxAttempts +} + +func finalizeRetryMaxAttempts(o *Options) { + if o.RetryMaxAttempts == 0 { + return + } + + o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) +} + +func finalizeOperationRetryMaxAttempts(o *Options, client Client) { + if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts { + return + } + + o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) +} + +func resolveAWSEndpointResolver(cfg aws.Config, o *Options) { + if cfg.EndpointResolver == nil && cfg.EndpointResolverWithOptions == nil { + return + } + o.EndpointResolver = withEndpointResolver(cfg.EndpointResolver, cfg.EndpointResolverWithOptions) +} + +func addClientUserAgent(stack *middleware.Stack, options Options) error { + ua, err := getOrAddRequestUserAgent(stack) + if err != nil { + return err + } + + ua.AddSDKAgentKeyValue(awsmiddleware.APIMetadata, "directoryservicedata", goModuleVersion) + if len(options.AppID) > 0 { + ua.AddSDKAgentKey(awsmiddleware.ApplicationIdentifier, options.AppID) + } + + return nil +} + +func getOrAddRequestUserAgent(stack *middleware.Stack) (*awsmiddleware.RequestUserAgent, error) { + id := (*awsmiddleware.RequestUserAgent)(nil).ID() + mw, ok := stack.Build.Get(id) + if !ok { + mw = awsmiddleware.NewRequestUserAgent() + if err := stack.Build.Add(mw, middleware.After); err != nil { + return nil, err + } + } + + ua, ok := mw.(*awsmiddleware.RequestUserAgent) + if !ok { + return nil, fmt.Errorf("%T for %s middleware did not match expected type", mw, id) + } + + return ua, nil +} + +type HTTPSignerV4 interface { + SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error +} + +func resolveHTTPSignerV4(o *Options) { + if o.HTTPSignerV4 != nil { + return + } + o.HTTPSignerV4 = newDefaultV4Signer(*o) +} + +func newDefaultV4Signer(o Options) *v4.Signer { + return v4.NewSigner(func(so *v4.SignerOptions) { + so.Logger = o.Logger + so.LogSigning = o.ClientLogMode.IsSigning() + }) +} + +func addClientRequestID(stack *middleware.Stack) error { + return stack.Build.Add(&awsmiddleware.ClientRequestID{}, middleware.After) +} + +func addComputeContentLength(stack *middleware.Stack) error { + return stack.Build.Add(&smithyhttp.ComputeContentLength{}, middleware.After) +} + +func addRawResponseToMetadata(stack *middleware.Stack) error { + return stack.Deserialize.Add(&awsmiddleware.AddRawResponse{}, middleware.Before) +} + +func addRecordResponseTiming(stack *middleware.Stack) error { + return stack.Deserialize.Add(&awsmiddleware.RecordResponseTiming{}, middleware.After) +} +func addStreamingEventsPayload(stack *middleware.Stack) error { + return stack.Finalize.Add(&v4.StreamingEventsPayload{}, middleware.Before) +} + +func addUnsignedPayload(stack *middleware.Stack) error { + return stack.Finalize.Insert(&v4.UnsignedPayload{}, "ResolveEndpointV2", middleware.After) +} + +func addComputePayloadSHA256(stack *middleware.Stack) error { + return stack.Finalize.Insert(&v4.ComputePayloadSHA256{}, "ResolveEndpointV2", middleware.After) +} + +func addContentSHA256Header(stack *middleware.Stack) error { + return stack.Finalize.Insert(&v4.ContentSHA256Header{}, (*v4.ComputePayloadSHA256)(nil).ID(), middleware.After) +} + +func addIsWaiterUserAgent(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + ua, err := getOrAddRequestUserAgent(stack) + if err != nil { + return err + } + + ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureWaiter) + return nil + }) +} + +func addIsPaginatorUserAgent(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + ua, err := getOrAddRequestUserAgent(stack) + if err != nil { + return err + } + + ua.AddUserAgentFeature(awsmiddleware.UserAgentFeaturePaginator) + return nil + }) +} + +func resolveIdempotencyTokenProvider(o *Options) { + if o.IdempotencyTokenProvider != nil { + return + } + o.IdempotencyTokenProvider = smithyrand.NewUUIDIdempotencyToken(cryptorand.Reader) +} + +func addRetry(stack *middleware.Stack, o Options) error { + attempt := retry.NewAttemptMiddleware(o.Retryer, smithyhttp.RequestCloner, func(m *retry.Attempt) { + m.LogAttempts = o.ClientLogMode.IsRetries() + }) + if err := stack.Finalize.Insert(attempt, "Signing", middleware.Before); err != nil { + return err + } + if err := stack.Finalize.Insert(&retry.MetricsHeader{}, attempt.ID(), middleware.After); err != nil { + return err + } + return nil +} + +// resolves dual-stack endpoint configuration +func resolveUseDualStackEndpoint(cfg aws.Config, o *Options) error { + if len(cfg.ConfigSources) == 0 { + return nil + } + value, found, err := internalConfig.ResolveUseDualStackEndpoint(context.Background(), cfg.ConfigSources) + if err != nil { + return err + } + if found { + o.EndpointOptions.UseDualStackEndpoint = value + } + return nil +} + +// resolves FIPS endpoint configuration +func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { + if len(cfg.ConfigSources) == 0 { + return nil + } + value, found, err := internalConfig.ResolveUseFIPSEndpoint(context.Background(), cfg.ConfigSources) + if err != nil { + return err + } + if found { + o.EndpointOptions.UseFIPSEndpoint = value + } + return nil +} + +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { + mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} + if err := stack.Build.Add(&mw, middleware.After); err != nil { + return err + } + return stack.Deserialize.Insert(&mw, "RecordResponseTiming", middleware.Before) +} +func initializeTimeOffsetResolver(c *Client) { + c.timeOffset = new(atomic.Int64) +} + +func addUserAgentRetryMode(stack *middleware.Stack, options Options) error { + ua, err := getOrAddRequestUserAgent(stack) + if err != nil { + return err + } + + switch options.Retryer.(type) { + case *retry.Standard: + ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureRetryModeStandard) + case *retry.AdaptiveMode: + ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureRetryModeAdaptive) + } + return nil +} + +// IdempotencyTokenProvider interface for providing idempotency token +type IdempotencyTokenProvider interface { + GetIdempotencyToken() (string, error) +} + +func addRecursionDetection(stack *middleware.Stack) error { + return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) +} + +func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { + return stack.Deserialize.Insert(&awsmiddleware.RequestIDRetriever{}, "OperationDeserializer", middleware.Before) + +} + +func addResponseErrorMiddleware(stack *middleware.Stack) error { + return stack.Deserialize.Insert(&awshttp.ResponseErrorWrapper{}, "RequestIDRetriever", middleware.Before) + +} + +func addRequestResponseLogging(stack *middleware.Stack, o Options) error { + return stack.Deserialize.Add(&smithyhttp.RequestResponseLogger{ + LogRequest: o.ClientLogMode.IsRequest(), + LogRequestWithBody: o.ClientLogMode.IsRequestWithBody(), + LogResponse: o.ClientLogMode.IsResponse(), + LogResponseWithBody: o.ClientLogMode.IsResponseWithBody(), + }, middleware.After) +} + +type disableHTTPSMiddleware struct { + DisableHTTPS bool +} + +func (*disableHTTPSMiddleware) ID() string { + return "disableHTTPS" +} + +func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) + } + + if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { + req.URL.Scheme = "http" + } + + return next.HandleFinalize(ctx, in) +} + +func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { + return stack.Finalize.Insert(&disableHTTPSMiddleware{ + DisableHTTPS: o.EndpointOptions.DisableHTTPS, + }, "ResolveEndpointV2", middleware.After) +} diff --git a/service/directoryservicedata/api_client_test.go b/service/directoryservicedata/api_client_test.go new file mode 100644 index 00000000000..0db6fdb430c --- /dev/null +++ b/service/directoryservicedata/api_client_test.go @@ -0,0 +1,127 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" + "io/ioutil" + "net/http" + "strings" + "testing" +) + +func TestClient_resolveRetryOptions(t *testing.T) { + nopClient := smithyhttp.ClientDoFunc(func(_ *http.Request) (*http.Response, error) { + return &http.Response{ + StatusCode: 200, + Header: http.Header{}, + Body: ioutil.NopCloser(strings.NewReader("")), + }, nil + }) + + cases := map[string]struct { + defaultsMode aws.DefaultsMode + retryer aws.Retryer + retryMaxAttempts int + opRetryMaxAttempts *int + retryMode aws.RetryMode + expectClientRetryMode aws.RetryMode + expectClientMaxAttempts int + expectOpMaxAttempts int + }{ + "defaults": { + defaultsMode: aws.DefaultsModeStandard, + expectClientRetryMode: aws.RetryModeStandard, + expectClientMaxAttempts: 3, + expectOpMaxAttempts: 3, + }, + "custom default retry": { + retryMode: aws.RetryModeAdaptive, + retryMaxAttempts: 10, + expectClientRetryMode: aws.RetryModeAdaptive, + expectClientMaxAttempts: 10, + expectOpMaxAttempts: 10, + }, + "custom op max attempts": { + retryMode: aws.RetryModeAdaptive, + retryMaxAttempts: 10, + opRetryMaxAttempts: aws.Int(2), + expectClientRetryMode: aws.RetryModeAdaptive, + expectClientMaxAttempts: 10, + expectOpMaxAttempts: 2, + }, + "custom op no change max attempts": { + retryMode: aws.RetryModeAdaptive, + retryMaxAttempts: 10, + opRetryMaxAttempts: aws.Int(10), + expectClientRetryMode: aws.RetryModeAdaptive, + expectClientMaxAttempts: 10, + expectOpMaxAttempts: 10, + }, + "custom op 0 max attempts": { + retryMode: aws.RetryModeAdaptive, + retryMaxAttempts: 10, + opRetryMaxAttempts: aws.Int(0), + expectClientRetryMode: aws.RetryModeAdaptive, + expectClientMaxAttempts: 10, + expectOpMaxAttempts: 10, + }, + } + + for name, c := range cases { + t.Run(name, func(t *testing.T) { + client := NewFromConfig(aws.Config{ + DefaultsMode: c.defaultsMode, + Retryer: func() func() aws.Retryer { + if c.retryer == nil { + return nil + } + + return func() aws.Retryer { return c.retryer } + }(), + HTTPClient: nopClient, + RetryMaxAttempts: c.retryMaxAttempts, + RetryMode: c.retryMode, + }, func(o *Options) { + if o.Retryer == nil { + t.Errorf("retryer must not be nil in functional options") + } + }) + + if e, a := c.expectClientRetryMode, client.options.RetryMode; e != a { + t.Errorf("expect %v retry mode, got %v", e, a) + } + if e, a := c.expectClientMaxAttempts, client.options.Retryer.MaxAttempts(); e != a { + t.Errorf("expect %v max attempts, got %v", e, a) + } + + _, _, err := client.invokeOperation(context.Background(), "mockOperation", struct{}{}, + []func(*Options){ + func(o *Options) { + if c.opRetryMaxAttempts == nil { + return + } + o.RetryMaxAttempts = *c.opRetryMaxAttempts + }, + }, + func(s *middleware.Stack, o Options) error { + s.Initialize.Clear() + s.Serialize.Clear() + s.Build.Clear() + s.Finalize.Clear() + s.Deserialize.Clear() + + if e, a := c.expectOpMaxAttempts, o.Retryer.MaxAttempts(); e != a { + t.Errorf("expect %v op max attempts, got %v", e, a) + } + return nil + }) + if err != nil { + t.Fatalf("expect no operation error, got %v", err) + } + }) + } +} diff --git a/service/directoryservicedata/api_op_AddGroupMember.go b/service/directoryservicedata/api_op_AddGroupMember.go new file mode 100644 index 00000000000..01caadd53fe --- /dev/null +++ b/service/directoryservicedata/api_op_AddGroupMember.go @@ -0,0 +1,207 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Adds an existing user, group, or computer as a group member. +func (c *Client) AddGroupMember(ctx context.Context, params *AddGroupMemberInput, optFns ...func(*Options)) (*AddGroupMemberOutput, error) { + if params == nil { + params = &AddGroupMemberInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "AddGroupMember", params, optFns, c.addOperationAddGroupMemberMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*AddGroupMemberOutput) + out.ResultMetadata = metadata + return out, nil +} + +type AddGroupMemberInput struct { + + // The identifier (ID) of the directory that's associated with the group. + // + // This member is required. + DirectoryId *string + + // The name of the group. + // + // This member is required. + GroupName *string + + // The SAMAccountName of the user, group, or computer to add as a group member. + // + // This member is required. + MemberName *string + + // A unique and case-sensitive identifier that you provide to make sure the + // idempotency of the request, so multiple identical calls have the same effect as + // one single call. + // + // A client token is valid for 8 hours after the first request that uses it + // completes. After 8 hours, any request with the same client token is treated as a + // new request. If the request succeeds, any future uses of that token will be + // idempotent for another 8 hours. + // + // If you submit a request with the same client token but change one of the other + // parameters within the 8-hour idempotency window, Directory Service Data returns + // an ConflictException . + // + // This parameter is optional when using the CLI or SDK. + ClientToken *string + + // The domain name that's associated with the group member. This parameter is + // required only when adding a member outside of your Managed Microsoft AD domain + // to a group inside of your Managed Microsoft AD domain. This parameter defaults + // to the Managed Microsoft AD domain. + // + // This parameter is case insensitive. + MemberRealm *string + + noSmithyDocumentSerde +} + +type AddGroupMemberOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationAddGroupMemberMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpAddGroupMember{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpAddGroupMember{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "AddGroupMember"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addIdempotencyToken_opAddGroupMemberMiddleware(stack, options); err != nil { + return err + } + if err = addOpAddGroupMemberValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAddGroupMember(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +type idempotencyToken_initializeOpAddGroupMember struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpAddGroupMember) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpAddGroupMember) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*AddGroupMemberInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *AddGroupMemberInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opAddGroupMemberMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpAddGroupMember{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + +func newServiceMetadataMiddleware_opAddGroupMember(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "AddGroupMember", + } +} diff --git a/service/directoryservicedata/api_op_CreateGroup.go b/service/directoryservicedata/api_op_CreateGroup.go new file mode 100644 index 00000000000..ba1cdd5a8a7 --- /dev/null +++ b/service/directoryservicedata/api_op_CreateGroup.go @@ -0,0 +1,219 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Creates a new group. +func (c *Client) CreateGroup(ctx context.Context, params *CreateGroupInput, optFns ...func(*Options)) (*CreateGroupOutput, error) { + if params == nil { + params = &CreateGroupInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "CreateGroup", params, optFns, c.addOperationCreateGroupMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*CreateGroupOutput) + out.ResultMetadata = metadata + return out, nil +} + +type CreateGroupInput struct { + + // The identifier (ID) of the directory that's associated with the group. + // + // This member is required. + DirectoryId *string + + // The name of the group. + // + // This member is required. + SAMAccountName *string + + // A unique and case-sensitive identifier that you provide to make sure the + // idempotency of the request, so multiple identical calls have the same effect as + // one single call. + // + // A client token is valid for 8 hours after the first request that uses it + // completes. After 8 hours, any request with the same client token is treated as a + // new request. If the request succeeds, any future uses of that token will be + // idempotent for another 8 hours. + // + // If you submit a request with the same client token but change one of the other + // parameters within the 8-hour idempotency window, Directory Service Data returns + // an ConflictException . + // + // This parameter is optional when using the CLI or SDK. + ClientToken *string + + // The scope of the AD group. For details, see [Active Directory security group scope]. + // + // [Active Directory security group scope]: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups#group-scope + GroupScope types.GroupScope + + // The AD group type. For details, see [Active Directory security group type]. + // + // [Active Directory security group type]: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups#how-active-directory-security-groups-work + GroupType types.GroupType + + // An expression that defines one or more attributes with the data type and value + // of each attribute. + OtherAttributes map[string]types.AttributeValue + + noSmithyDocumentSerde +} + +type CreateGroupOutput struct { + + // The identifier (ID) of the directory that's associated with the group. + DirectoryId *string + + // The name of the group. + SAMAccountName *string + + // The unique security identifier (SID) of the group. + SID *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationCreateGroupMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateGroup{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpCreateGroup{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "CreateGroup"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addIdempotencyToken_opCreateGroupMiddleware(stack, options); err != nil { + return err + } + if err = addOpCreateGroupValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateGroup(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +type idempotencyToken_initializeOpCreateGroup struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpCreateGroup) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpCreateGroup) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*CreateGroupInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *CreateGroupInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opCreateGroupMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpCreateGroup{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + +func newServiceMetadataMiddleware_opCreateGroup(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "CreateGroup", + } +} diff --git a/service/directoryservicedata/api_op_CreateUser.go b/service/directoryservicedata/api_op_CreateUser.go new file mode 100644 index 00000000000..2d2f97aa511 --- /dev/null +++ b/service/directoryservicedata/api_op_CreateUser.go @@ -0,0 +1,223 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Creates a new user. +func (c *Client) CreateUser(ctx context.Context, params *CreateUserInput, optFns ...func(*Options)) (*CreateUserOutput, error) { + if params == nil { + params = &CreateUserInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "CreateUser", params, optFns, c.addOperationCreateUserMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*CreateUserOutput) + out.ResultMetadata = metadata + return out, nil +} + +type CreateUserInput struct { + + // The identifier (ID) of the directory that’s associated with the user. + // + // This member is required. + DirectoryId *string + + // The name of the user. + // + // This member is required. + SAMAccountName *string + + // A unique and case-sensitive identifier that you provide to make sure the + // idempotency of the request, so multiple identical calls have the same effect as + // one single call. + // + // A client token is valid for 8 hours after the first request that uses it + // completes. After 8 hours, any request with the same client token is treated as a + // new request. If the request succeeds, any future uses of that token will be + // idempotent for another 8 hours. + // + // If you submit a request with the same client token but change one of the other + // parameters within the 8-hour idempotency window, Directory Service Data returns + // an ConflictException . + // + // This parameter is optional when using the CLI or SDK. + ClientToken *string + + // The email address of the user. + EmailAddress *string + + // The first name of the user. + GivenName *string + + // An expression that defines one or more attribute names with the data type and + // value of each attribute. A key is an attribute name, and the value is a list of + // maps. For a list of supported attributes, see [Directory Service Data Attributes]. + // + // Attribute names are case insensitive. + // + // [Directory Service Data Attributes]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_data_attributes.html + OtherAttributes map[string]types.AttributeValue + + // The last name of the user. + Surname *string + + noSmithyDocumentSerde +} + +type CreateUserOutput struct { + + // The identifier (ID) of the directory where the address block is added. + DirectoryId *string + + // The name of the user. + SAMAccountName *string + + // The unique security identifier (SID) of the user. + SID *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationCreateUserMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateUser{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpCreateUser{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "CreateUser"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addIdempotencyToken_opCreateUserMiddleware(stack, options); err != nil { + return err + } + if err = addOpCreateUserValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateUser(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +type idempotencyToken_initializeOpCreateUser struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpCreateUser) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpCreateUser) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*CreateUserInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *CreateUserInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opCreateUserMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpCreateUser{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + +func newServiceMetadataMiddleware_opCreateUser(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "CreateUser", + } +} diff --git a/service/directoryservicedata/api_op_DeleteGroup.go b/service/directoryservicedata/api_op_DeleteGroup.go new file mode 100644 index 00000000000..b0410ba81a5 --- /dev/null +++ b/service/directoryservicedata/api_op_DeleteGroup.go @@ -0,0 +1,194 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Deletes a group. +func (c *Client) DeleteGroup(ctx context.Context, params *DeleteGroupInput, optFns ...func(*Options)) (*DeleteGroupOutput, error) { + if params == nil { + params = &DeleteGroupInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "DeleteGroup", params, optFns, c.addOperationDeleteGroupMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*DeleteGroupOutput) + out.ResultMetadata = metadata + return out, nil +} + +type DeleteGroupInput struct { + + // The identifier (ID) of the directory that's associated with the group. + // + // This member is required. + DirectoryId *string + + // The name of the group. + // + // This member is required. + SAMAccountName *string + + // A unique and case-sensitive identifier that you provide to make sure the + // idempotency of the request, so multiple identical calls have the same effect as + // one single call. + // + // A client token is valid for 8 hours after the first request that uses it + // completes. After 8 hours, any request with the same client token is treated as a + // new request. If the request succeeds, any future uses of that token will be + // idempotent for another 8 hours. + // + // If you submit a request with the same client token but change one of the other + // parameters within the 8-hour idempotency window, Directory Service Data returns + // an ConflictException . + // + // This parameter is optional when using the CLI or SDK. + ClientToken *string + + noSmithyDocumentSerde +} + +type DeleteGroupOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationDeleteGroupMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpDeleteGroup{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpDeleteGroup{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteGroup"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addIdempotencyToken_opDeleteGroupMiddleware(stack, options); err != nil { + return err + } + if err = addOpDeleteGroupValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteGroup(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +type idempotencyToken_initializeOpDeleteGroup struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpDeleteGroup) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpDeleteGroup) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*DeleteGroupInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *DeleteGroupInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opDeleteGroupMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpDeleteGroup{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + +func newServiceMetadataMiddleware_opDeleteGroup(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "DeleteGroup", + } +} diff --git a/service/directoryservicedata/api_op_DeleteUser.go b/service/directoryservicedata/api_op_DeleteUser.go new file mode 100644 index 00000000000..6f3b7ee7886 --- /dev/null +++ b/service/directoryservicedata/api_op_DeleteUser.go @@ -0,0 +1,194 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Deletes a user. +func (c *Client) DeleteUser(ctx context.Context, params *DeleteUserInput, optFns ...func(*Options)) (*DeleteUserOutput, error) { + if params == nil { + params = &DeleteUserInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "DeleteUser", params, optFns, c.addOperationDeleteUserMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*DeleteUserOutput) + out.ResultMetadata = metadata + return out, nil +} + +type DeleteUserInput struct { + + // The identifier (ID) of the directory that's associated with the user. + // + // This member is required. + DirectoryId *string + + // The name of the user. + // + // This member is required. + SAMAccountName *string + + // A unique and case-sensitive identifier that you provide to make sure the + // idempotency of the request, so multiple identical calls have the same effect as + // one single call. + // + // A client token is valid for 8 hours after the first request that uses it + // completes. After 8 hours, any request with the same client token is treated as a + // new request. If the request succeeds, any future uses of that token will be + // idempotent for another 8 hours. + // + // If you submit a request with the same client token but change one of the other + // parameters within the 8-hour idempotency window, Directory Service Data returns + // an ConflictException . + // + // This parameter is optional when using the CLI or SDK. + ClientToken *string + + noSmithyDocumentSerde +} + +type DeleteUserOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationDeleteUserMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpDeleteUser{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpDeleteUser{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteUser"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addIdempotencyToken_opDeleteUserMiddleware(stack, options); err != nil { + return err + } + if err = addOpDeleteUserValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteUser(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +type idempotencyToken_initializeOpDeleteUser struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpDeleteUser) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpDeleteUser) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*DeleteUserInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *DeleteUserInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opDeleteUserMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpDeleteUser{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + +func newServiceMetadataMiddleware_opDeleteUser(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "DeleteUser", + } +} diff --git a/service/directoryservicedata/api_op_DescribeGroup.go b/service/directoryservicedata/api_op_DescribeGroup.go new file mode 100644 index 00000000000..1e2f1b5b200 --- /dev/null +++ b/service/directoryservicedata/api_op_DescribeGroup.go @@ -0,0 +1,190 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns information about a specific group. +func (c *Client) DescribeGroup(ctx context.Context, params *DescribeGroupInput, optFns ...func(*Options)) (*DescribeGroupOutput, error) { + if params == nil { + params = &DescribeGroupInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "DescribeGroup", params, optFns, c.addOperationDescribeGroupMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*DescribeGroupOutput) + out.ResultMetadata = metadata + return out, nil +} + +type DescribeGroupInput struct { + + // The Identifier (ID) of the directory associated with the group. + // + // This member is required. + DirectoryId *string + + // The name of the group. + // + // This member is required. + SAMAccountName *string + + // One or more attributes to be returned for the group. For a list of supported + // attributes, see [Directory Service Data Attributes]. + // + // [Directory Service Data Attributes]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_data-attributes.html + OtherAttributes []string + + // The domain name that's associated with the group. + // + // This parameter is optional, so you can return groups outside of your Managed + // Microsoft AD domain. When no value is defined, only your Managed Microsoft AD + // groups are returned. + // + // This value is case insensitive. + Realm *string + + noSmithyDocumentSerde +} + +type DescribeGroupOutput struct { + + // The identifier (ID) of the directory that's associated with the group. + DirectoryId *string + + // The [distinguished name] of the object. + // + // [distinguished name]: https://learn.microsoft.com/en-us/windows/win32/ad/object-names-and-identities#distinguished-name + DistinguishedName *string + + // The scope of the AD group. For details, see [Active Directory security groups]. + // + // [Active Directory security groups]: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups#group-scope + GroupScope types.GroupScope + + // The AD group type. For details, see [Active Directory security group type]. + // + // [Active Directory security group type]: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups#how-active-directory-security-groups-work + GroupType types.GroupType + + // The attribute values that are returned for the attribute names that are + // included in the request. + OtherAttributes map[string]types.AttributeValue + + // The domain name that's associated with the group. + Realm *string + + // The name of the group. + SAMAccountName *string + + // The unique security identifier (SID) of the group. + SID *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationDescribeGroupMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpDescribeGroup{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpDescribeGroup{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "DescribeGroup"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpDescribeGroupValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDescribeGroup(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opDescribeGroup(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "DescribeGroup", + } +} diff --git a/service/directoryservicedata/api_op_DescribeUser.go b/service/directoryservicedata/api_op_DescribeUser.go new file mode 100644 index 00000000000..c664827152c --- /dev/null +++ b/service/directoryservicedata/api_op_DescribeUser.go @@ -0,0 +1,202 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns information about a specific user. +func (c *Client) DescribeUser(ctx context.Context, params *DescribeUserInput, optFns ...func(*Options)) (*DescribeUserOutput, error) { + if params == nil { + params = &DescribeUserInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "DescribeUser", params, optFns, c.addOperationDescribeUserMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*DescribeUserOutput) + out.ResultMetadata = metadata + return out, nil +} + +type DescribeUserInput struct { + + // The identifier (ID) of the directory that's associated with the user. + // + // This member is required. + DirectoryId *string + + // The name of the user. + // + // This member is required. + SAMAccountName *string + + // One or more attribute names to be returned for the user. A key is an attribute + // name, and the value is a list of maps. For a list of supported attributes, see [Directory Service Data Attributes] + // . + // + // [Directory Service Data Attributes]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_data_attributes.html + OtherAttributes []string + + // The domain name that's associated with the user. + // + // This parameter is optional, so you can return users outside your Managed + // Microsoft AD domain. When no value is defined, only your Managed Microsoft AD + // users are returned. + // + // This value is case insensitive. + Realm *string + + noSmithyDocumentSerde +} + +type DescribeUserOutput struct { + + // The identifier (ID) of the directory that's associated with the user. + DirectoryId *string + + // The [distinguished name] of the object. + // + // [distinguished name]: https://learn.microsoft.com/en-us/windows/win32/ad/object-names-and-identities#distinguished-name + DistinguishedName *string + + // The email address of the user. + EmailAddress *string + + // Indicates whether the user account is active. + Enabled *bool + + // The first name of the user. + GivenName *string + + // The attribute values that are returned for the attribute names that are + // included in the request. + // + // Attribute names are case insensitive. + OtherAttributes map[string]types.AttributeValue + + // The domain name that's associated with the user. + Realm *string + + // The name of the user. + SAMAccountName *string + + // The unique security identifier (SID) of the user. + SID *string + + // The last name of the user. + Surname *string + + // The UPN that is an Internet-style login name for a user and is based on the + // Internet standard [RFC 822]. The UPN is shorter than the distinguished name and easier + // to remember. + // + // [RFC 822]: https://www.ietf.org/rfc/rfc0822.txt + UserPrincipalName *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationDescribeUserMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpDescribeUser{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpDescribeUser{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "DescribeUser"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpDescribeUserValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDescribeUser(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opDescribeUser(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "DescribeUser", + } +} diff --git a/service/directoryservicedata/api_op_DisableUser.go b/service/directoryservicedata/api_op_DisableUser.go new file mode 100644 index 00000000000..7977b34f5bb --- /dev/null +++ b/service/directoryservicedata/api_op_DisableUser.go @@ -0,0 +1,198 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Deactivates an active user account. For information about how to enable an +// +// inactive user account, see [ResetUserPassword]in the Directory Service API Reference. +// +// [ResetUserPassword]: https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html +func (c *Client) DisableUser(ctx context.Context, params *DisableUserInput, optFns ...func(*Options)) (*DisableUserOutput, error) { + if params == nil { + params = &DisableUserInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "DisableUser", params, optFns, c.addOperationDisableUserMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*DisableUserOutput) + out.ResultMetadata = metadata + return out, nil +} + +type DisableUserInput struct { + + // The identifier (ID) of the directory that's associated with the user. + // + // This member is required. + DirectoryId *string + + // The name of the user. + // + // This member is required. + SAMAccountName *string + + // A unique and case-sensitive identifier that you provide to make sure the + // idempotency of the request, so multiple identical calls have the same effect as + // one single call. + // + // A client token is valid for 8 hours after the first request that uses it + // completes. After 8 hours, any request with the same client token is treated as a + // new request. If the request succeeds, any future uses of that token will be + // idempotent for another 8 hours. + // + // If you submit a request with the same client token but change one of the other + // parameters within the 8-hour idempotency window, Directory Service Data returns + // an ConflictException . + // + // This parameter is optional when using the CLI or SDK. + ClientToken *string + + noSmithyDocumentSerde +} + +type DisableUserOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationDisableUserMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpDisableUser{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpDisableUser{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "DisableUser"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addIdempotencyToken_opDisableUserMiddleware(stack, options); err != nil { + return err + } + if err = addOpDisableUserValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDisableUser(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +type idempotencyToken_initializeOpDisableUser struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpDisableUser) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpDisableUser) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*DisableUserInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *DisableUserInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opDisableUserMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpDisableUser{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + +func newServiceMetadataMiddleware_opDisableUser(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "DisableUser", + } +} diff --git a/service/directoryservicedata/api_op_ListGroupMembers.go b/service/directoryservicedata/api_op_ListGroupMembers.go new file mode 100644 index 00000000000..f0ca371be64 --- /dev/null +++ b/service/directoryservicedata/api_op_ListGroupMembers.go @@ -0,0 +1,283 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns member information for the specified group. +// +// This operation supports pagination with the use of the NextToken request and +// response parameters. If more results are available, the +// ListGroupMembers.NextToken member contains a token that you pass in the next +// call to ListGroupMembers . This retrieves the next set of items. +// +// You can also specify a maximum number of return results with the MaxResults +// parameter. +func (c *Client) ListGroupMembers(ctx context.Context, params *ListGroupMembersInput, optFns ...func(*Options)) (*ListGroupMembersOutput, error) { + if params == nil { + params = &ListGroupMembersInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "ListGroupMembers", params, optFns, c.addOperationListGroupMembersMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*ListGroupMembersOutput) + out.ResultMetadata = metadata + return out, nil +} + +type ListGroupMembersInput struct { + + // The identifier (ID) of the directory that's associated with the group. + // + // This member is required. + DirectoryId *string + + // The name of the group. + // + // This member is required. + SAMAccountName *string + + // The maximum number of results to be returned per request. + MaxResults *int32 + + // The domain name that's associated with the group member. This parameter + // defaults to the Managed Microsoft AD domain. + // + // This parameter is optional and case insensitive. + MemberRealm *string + + // An encoded paging token for paginated calls that can be passed back to retrieve + // the next page. + NextToken *string + + // The domain name that's associated with the group. + // + // This parameter is optional, so you can return members from a group outside of + // your Managed Microsoft AD domain. When no value is defined, only members of your + // Managed Microsoft AD groups are returned. + // + // This value is case insensitive. + Realm *string + + noSmithyDocumentSerde +} + +type ListGroupMembersOutput struct { + + // Identifier (ID) of the directory associated with the group. + DirectoryId *string + + // The domain name that's associated with the member. + MemberRealm *string + + // The member information that the request returns. + Members []types.Member + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain name that's associated with the group. + Realm *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationListGroupMembersMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpListGroupMembers{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpListGroupMembers{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListGroupMembers"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpListGroupMembersValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListGroupMembers(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +// ListGroupMembersPaginatorOptions is the paginator options for ListGroupMembers +type ListGroupMembersPaginatorOptions struct { + // The maximum number of results to be returned per request. + Limit int32 + + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// ListGroupMembersPaginator is a paginator for ListGroupMembers +type ListGroupMembersPaginator struct { + options ListGroupMembersPaginatorOptions + client ListGroupMembersAPIClient + params *ListGroupMembersInput + nextToken *string + firstPage bool +} + +// NewListGroupMembersPaginator returns a new ListGroupMembersPaginator +func NewListGroupMembersPaginator(client ListGroupMembersAPIClient, params *ListGroupMembersInput, optFns ...func(*ListGroupMembersPaginatorOptions)) *ListGroupMembersPaginator { + if params == nil { + params = &ListGroupMembersInput{} + } + + options := ListGroupMembersPaginatorOptions{} + if params.MaxResults != nil { + options.Limit = *params.MaxResults + } + + for _, fn := range optFns { + fn(&options) + } + + return &ListGroupMembersPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.NextToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *ListGroupMembersPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next ListGroupMembers page. +func (p *ListGroupMembersPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListGroupMembersOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.NextToken = p.nextToken + + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.MaxResults = limit + + optFns = append([]func(*Options){ + addIsPaginatorUserAgent, + }, optFns...) + result, err := p.client.ListGroupMembers(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.NextToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +// ListGroupMembersAPIClient is a client that implements the ListGroupMembers +// operation. +type ListGroupMembersAPIClient interface { + ListGroupMembers(context.Context, *ListGroupMembersInput, ...func(*Options)) (*ListGroupMembersOutput, error) +} + +var _ ListGroupMembersAPIClient = (*Client)(nil) + +func newServiceMetadataMiddleware_opListGroupMembers(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "ListGroupMembers", + } +} diff --git a/service/directoryservicedata/api_op_ListGroups.go b/service/directoryservicedata/api_op_ListGroups.go new file mode 100644 index 00000000000..58123c95176 --- /dev/null +++ b/service/directoryservicedata/api_op_ListGroups.go @@ -0,0 +1,268 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns group information for the specified directory. +// +// This operation supports pagination with the use of the NextToken request and +// response parameters. If more results are available, the ListGroups.NextToken +// member contains a token that you pass in the next call to ListGroups . This +// retrieves the next set of items. +// +// You can also specify a maximum number of return results with the MaxResults +// parameter. +func (c *Client) ListGroups(ctx context.Context, params *ListGroupsInput, optFns ...func(*Options)) (*ListGroupsOutput, error) { + if params == nil { + params = &ListGroupsInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "ListGroups", params, optFns, c.addOperationListGroupsMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*ListGroupsOutput) + out.ResultMetadata = metadata + return out, nil +} + +type ListGroupsInput struct { + + // The identifier (ID) of the directory that's associated with the group. + // + // This member is required. + DirectoryId *string + + // The maximum number of results to be returned per request. + MaxResults *int32 + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain name associated with the directory. + // + // This parameter is optional, so you can return groups outside of your Managed + // Microsoft AD domain. When no value is defined, only your Managed Microsoft AD + // groups are returned. + // + // This value is case insensitive. + Realm *string + + noSmithyDocumentSerde +} + +type ListGroupsOutput struct { + + // The identifier (ID) of the directory that's associated with the group. + DirectoryId *string + + // The group information that the request returns. + Groups []types.GroupSummary + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain name associated with the group. + Realm *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationListGroupsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpListGroups{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpListGroups{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListGroups"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpListGroupsValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListGroups(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +// ListGroupsPaginatorOptions is the paginator options for ListGroups +type ListGroupsPaginatorOptions struct { + // The maximum number of results to be returned per request. + Limit int32 + + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// ListGroupsPaginator is a paginator for ListGroups +type ListGroupsPaginator struct { + options ListGroupsPaginatorOptions + client ListGroupsAPIClient + params *ListGroupsInput + nextToken *string + firstPage bool +} + +// NewListGroupsPaginator returns a new ListGroupsPaginator +func NewListGroupsPaginator(client ListGroupsAPIClient, params *ListGroupsInput, optFns ...func(*ListGroupsPaginatorOptions)) *ListGroupsPaginator { + if params == nil { + params = &ListGroupsInput{} + } + + options := ListGroupsPaginatorOptions{} + if params.MaxResults != nil { + options.Limit = *params.MaxResults + } + + for _, fn := range optFns { + fn(&options) + } + + return &ListGroupsPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.NextToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *ListGroupsPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next ListGroups page. +func (p *ListGroupsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListGroupsOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.NextToken = p.nextToken + + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.MaxResults = limit + + optFns = append([]func(*Options){ + addIsPaginatorUserAgent, + }, optFns...) + result, err := p.client.ListGroups(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.NextToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +// ListGroupsAPIClient is a client that implements the ListGroups operation. +type ListGroupsAPIClient interface { + ListGroups(context.Context, *ListGroupsInput, ...func(*Options)) (*ListGroupsOutput, error) +} + +var _ ListGroupsAPIClient = (*Client)(nil) + +func newServiceMetadataMiddleware_opListGroups(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "ListGroups", + } +} diff --git a/service/directoryservicedata/api_op_ListGroupsForMember.go b/service/directoryservicedata/api_op_ListGroupsForMember.go new file mode 100644 index 00000000000..c04ba04b373 --- /dev/null +++ b/service/directoryservicedata/api_op_ListGroupsForMember.go @@ -0,0 +1,288 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns group information for the specified member. +// +// This operation supports pagination with the use of the NextToken request and +// response parameters. If more results are available, the +// ListGroupsForMember.NextToken member contains a token that you pass in the next +// call to ListGroupsForMember . This retrieves the next set of items. +// +// You can also specify a maximum number of return results with the MaxResults +// parameter. +func (c *Client) ListGroupsForMember(ctx context.Context, params *ListGroupsForMemberInput, optFns ...func(*Options)) (*ListGroupsForMemberOutput, error) { + if params == nil { + params = &ListGroupsForMemberInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "ListGroupsForMember", params, optFns, c.addOperationListGroupsForMemberMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*ListGroupsForMemberOutput) + out.ResultMetadata = metadata + return out, nil +} + +type ListGroupsForMemberInput struct { + + // The identifier (ID) of the directory that's associated with the member. + // + // This member is required. + DirectoryId *string + + // The SAMAccountName of the user, group, or computer that's a member of the + // group. + // + // This member is required. + SAMAccountName *string + + // The maximum number of results to be returned per request. + MaxResults *int32 + + // The domain name that's associated with the group member. + // + // This parameter is optional, so you can limit your results to the group members + // in a specific domain. + // + // This parameter is case insensitive and defaults to Realm + MemberRealm *string + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain name that's associated with the group. + // + // This parameter is optional, so you can return groups outside of your Managed + // Microsoft AD domain. When no value is defined, only your Managed Microsoft AD + // groups are returned. + // + // This value is case insensitive and defaults to your Managed Microsoft AD + // domain. + Realm *string + + noSmithyDocumentSerde +} + +type ListGroupsForMemberOutput struct { + + // The identifier (ID) of the directory that's associated with the member. + DirectoryId *string + + // The group information that the request returns. + Groups []types.GroupSummary + + // The domain that's associated with the member. + MemberRealm *string + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain that's associated with the group. + Realm *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationListGroupsForMemberMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpListGroupsForMember{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpListGroupsForMember{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListGroupsForMember"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpListGroupsForMemberValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListGroupsForMember(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +// ListGroupsForMemberPaginatorOptions is the paginator options for +// ListGroupsForMember +type ListGroupsForMemberPaginatorOptions struct { + // The maximum number of results to be returned per request. + Limit int32 + + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// ListGroupsForMemberPaginator is a paginator for ListGroupsForMember +type ListGroupsForMemberPaginator struct { + options ListGroupsForMemberPaginatorOptions + client ListGroupsForMemberAPIClient + params *ListGroupsForMemberInput + nextToken *string + firstPage bool +} + +// NewListGroupsForMemberPaginator returns a new ListGroupsForMemberPaginator +func NewListGroupsForMemberPaginator(client ListGroupsForMemberAPIClient, params *ListGroupsForMemberInput, optFns ...func(*ListGroupsForMemberPaginatorOptions)) *ListGroupsForMemberPaginator { + if params == nil { + params = &ListGroupsForMemberInput{} + } + + options := ListGroupsForMemberPaginatorOptions{} + if params.MaxResults != nil { + options.Limit = *params.MaxResults + } + + for _, fn := range optFns { + fn(&options) + } + + return &ListGroupsForMemberPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.NextToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *ListGroupsForMemberPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next ListGroupsForMember page. +func (p *ListGroupsForMemberPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListGroupsForMemberOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.NextToken = p.nextToken + + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.MaxResults = limit + + optFns = append([]func(*Options){ + addIsPaginatorUserAgent, + }, optFns...) + result, err := p.client.ListGroupsForMember(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.NextToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +// ListGroupsForMemberAPIClient is a client that implements the +// ListGroupsForMember operation. +type ListGroupsForMemberAPIClient interface { + ListGroupsForMember(context.Context, *ListGroupsForMemberInput, ...func(*Options)) (*ListGroupsForMemberOutput, error) +} + +var _ ListGroupsForMemberAPIClient = (*Client)(nil) + +func newServiceMetadataMiddleware_opListGroupsForMember(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "ListGroupsForMember", + } +} diff --git a/service/directoryservicedata/api_op_ListUsers.go b/service/directoryservicedata/api_op_ListUsers.go new file mode 100644 index 00000000000..68613b31453 --- /dev/null +++ b/service/directoryservicedata/api_op_ListUsers.go @@ -0,0 +1,268 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns user information for the specified directory. +// +// This operation supports pagination with the use of the NextToken request and +// response parameters. If more results are available, the ListUsers.NextToken +// member contains a token that you pass in the next call to ListUsers . This +// retrieves the next set of items. +// +// You can also specify a maximum number of return results with the MaxResults +// parameter. +func (c *Client) ListUsers(ctx context.Context, params *ListUsersInput, optFns ...func(*Options)) (*ListUsersOutput, error) { + if params == nil { + params = &ListUsersInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "ListUsers", params, optFns, c.addOperationListUsersMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*ListUsersOutput) + out.ResultMetadata = metadata + return out, nil +} + +type ListUsersInput struct { + + // The identifier (ID) of the directory that's associated with the user. + // + // This member is required. + DirectoryId *string + + // The maximum number of results to be returned per request. + MaxResults *int32 + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain name that's associated with the user. + // + // This parameter is optional, so you can return users outside of your Managed + // Microsoft AD domain. When no value is defined, only your Managed Microsoft AD + // users are returned. + // + // This value is case insensitive. + Realm *string + + noSmithyDocumentSerde +} + +type ListUsersOutput struct { + + // The identifier (ID) of the directory that's associated with the user. + DirectoryId *string + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain that's associated with the user. + Realm *string + + // The user information that the request returns. + Users []types.UserSummary + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationListUsersMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpListUsers{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpListUsers{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListUsers"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpListUsersValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListUsers(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +// ListUsersPaginatorOptions is the paginator options for ListUsers +type ListUsersPaginatorOptions struct { + // The maximum number of results to be returned per request. + Limit int32 + + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// ListUsersPaginator is a paginator for ListUsers +type ListUsersPaginator struct { + options ListUsersPaginatorOptions + client ListUsersAPIClient + params *ListUsersInput + nextToken *string + firstPage bool +} + +// NewListUsersPaginator returns a new ListUsersPaginator +func NewListUsersPaginator(client ListUsersAPIClient, params *ListUsersInput, optFns ...func(*ListUsersPaginatorOptions)) *ListUsersPaginator { + if params == nil { + params = &ListUsersInput{} + } + + options := ListUsersPaginatorOptions{} + if params.MaxResults != nil { + options.Limit = *params.MaxResults + } + + for _, fn := range optFns { + fn(&options) + } + + return &ListUsersPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.NextToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *ListUsersPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next ListUsers page. +func (p *ListUsersPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListUsersOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.NextToken = p.nextToken + + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.MaxResults = limit + + optFns = append([]func(*Options){ + addIsPaginatorUserAgent, + }, optFns...) + result, err := p.client.ListUsers(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.NextToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +// ListUsersAPIClient is a client that implements the ListUsers operation. +type ListUsersAPIClient interface { + ListUsers(context.Context, *ListUsersInput, ...func(*Options)) (*ListUsersOutput, error) +} + +var _ ListUsersAPIClient = (*Client)(nil) + +func newServiceMetadataMiddleware_opListUsers(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "ListUsers", + } +} diff --git a/service/directoryservicedata/api_op_RemoveGroupMember.go b/service/directoryservicedata/api_op_RemoveGroupMember.go new file mode 100644 index 00000000000..5779135aa08 --- /dev/null +++ b/service/directoryservicedata/api_op_RemoveGroupMember.go @@ -0,0 +1,205 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Removes a member from a group. +func (c *Client) RemoveGroupMember(ctx context.Context, params *RemoveGroupMemberInput, optFns ...func(*Options)) (*RemoveGroupMemberOutput, error) { + if params == nil { + params = &RemoveGroupMemberInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "RemoveGroupMember", params, optFns, c.addOperationRemoveGroupMemberMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*RemoveGroupMemberOutput) + out.ResultMetadata = metadata + return out, nil +} + +type RemoveGroupMemberInput struct { + + // The identifier (ID) of the directory that's associated with the member. + // + // This member is required. + DirectoryId *string + + // The name of the group. + // + // This member is required. + GroupName *string + + // The SAMAccountName of the user, group, or computer to remove from the group. + // + // This member is required. + MemberName *string + + // A unique and case-sensitive identifier that you provide to make sure the + // idempotency of the request, so multiple identical calls have the same effect as + // one single call. + // + // A client token is valid for 8 hours after the first request that uses it + // completes. After 8 hours, any request with the same client token is treated as a + // new request. If the request succeeds, any future uses of that token will be + // idempotent for another 8 hours. + // + // If you submit a request with the same client token but change one of the other + // parameters within the 8-hour idempotency window, Directory Service Data returns + // an ConflictException . + // + // This parameter is optional when using the CLI or SDK. + ClientToken *string + + // The domain name that's associated with the group member. This parameter + // defaults to the Managed Microsoft AD domain. + // + // This parameter is optional and case insensitive. + MemberRealm *string + + noSmithyDocumentSerde +} + +type RemoveGroupMemberOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationRemoveGroupMemberMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpRemoveGroupMember{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpRemoveGroupMember{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "RemoveGroupMember"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addIdempotencyToken_opRemoveGroupMemberMiddleware(stack, options); err != nil { + return err + } + if err = addOpRemoveGroupMemberValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opRemoveGroupMember(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +type idempotencyToken_initializeOpRemoveGroupMember struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpRemoveGroupMember) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpRemoveGroupMember) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*RemoveGroupMemberInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *RemoveGroupMemberInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opRemoveGroupMemberMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpRemoveGroupMember{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + +func newServiceMetadataMiddleware_opRemoveGroupMember(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "RemoveGroupMember", + } +} diff --git a/service/directoryservicedata/api_op_SearchGroups.go b/service/directoryservicedata/api_op_SearchGroups.go new file mode 100644 index 00000000000..ff1dd274f69 --- /dev/null +++ b/service/directoryservicedata/api_op_SearchGroups.go @@ -0,0 +1,289 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Searches the specified directory for a group. You can find groups that match +// +// the SearchString parameter with the value of their attributes included in the +// SearchString parameter. +// +// This operation supports pagination with the use of the NextToken request and +// response parameters. If more results are available, the SearchGroups.NextToken +// member contains a token that you pass in the next call to SearchGroups . This +// retrieves the next set of items. +// +// You can also specify a maximum number of return results with the MaxResults +// parameter. +func (c *Client) SearchGroups(ctx context.Context, params *SearchGroupsInput, optFns ...func(*Options)) (*SearchGroupsOutput, error) { + if params == nil { + params = &SearchGroupsInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "SearchGroups", params, optFns, c.addOperationSearchGroupsMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*SearchGroupsOutput) + out.ResultMetadata = metadata + return out, nil +} + +type SearchGroupsInput struct { + + // The identifier (ID) of the directory that's associated with the group. + // + // This member is required. + DirectoryId *string + + // One or more data attributes that are used to search for a group. For a list of + // supported attributes, see [Directory Service Data Attributes]. + // + // [Directory Service Data Attributes]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_data_attributes.html + // + // This member is required. + SearchAttributes []string + + // The attribute value that you want to search for. + // + // Wildcard (*) searches aren't supported. For a list of supported attributes, see [Directory Service Data Attributes] + // . + // + // [Directory Service Data Attributes]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_data_attributes.html + // + // This member is required. + SearchString *string + + // The maximum number of results to be returned per request. + MaxResults *int32 + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain name that's associated with the group. + // + // This parameter is optional, so you can return groups outside of your Managed + // Microsoft AD domain. When no value is defined, only your Managed Microsoft AD + // groups are returned. + // + // This value is case insensitive. + Realm *string + + noSmithyDocumentSerde +} + +type SearchGroupsOutput struct { + + // The identifier (ID) of the directory that's associated with the group. + DirectoryId *string + + // The group information that the request returns. + Groups []types.Group + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain that's associated with the group. + Realm *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationSearchGroupsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpSearchGroups{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpSearchGroups{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "SearchGroups"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpSearchGroupsValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opSearchGroups(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +// SearchGroupsPaginatorOptions is the paginator options for SearchGroups +type SearchGroupsPaginatorOptions struct { + // The maximum number of results to be returned per request. + Limit int32 + + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// SearchGroupsPaginator is a paginator for SearchGroups +type SearchGroupsPaginator struct { + options SearchGroupsPaginatorOptions + client SearchGroupsAPIClient + params *SearchGroupsInput + nextToken *string + firstPage bool +} + +// NewSearchGroupsPaginator returns a new SearchGroupsPaginator +func NewSearchGroupsPaginator(client SearchGroupsAPIClient, params *SearchGroupsInput, optFns ...func(*SearchGroupsPaginatorOptions)) *SearchGroupsPaginator { + if params == nil { + params = &SearchGroupsInput{} + } + + options := SearchGroupsPaginatorOptions{} + if params.MaxResults != nil { + options.Limit = *params.MaxResults + } + + for _, fn := range optFns { + fn(&options) + } + + return &SearchGroupsPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.NextToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *SearchGroupsPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next SearchGroups page. +func (p *SearchGroupsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*SearchGroupsOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.NextToken = p.nextToken + + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.MaxResults = limit + + optFns = append([]func(*Options){ + addIsPaginatorUserAgent, + }, optFns...) + result, err := p.client.SearchGroups(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.NextToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +// SearchGroupsAPIClient is a client that implements the SearchGroups operation. +type SearchGroupsAPIClient interface { + SearchGroups(context.Context, *SearchGroupsInput, ...func(*Options)) (*SearchGroupsOutput, error) +} + +var _ SearchGroupsAPIClient = (*Client)(nil) + +func newServiceMetadataMiddleware_opSearchGroups(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "SearchGroups", + } +} diff --git a/service/directoryservicedata/api_op_SearchUsers.go b/service/directoryservicedata/api_op_SearchUsers.go new file mode 100644 index 00000000000..e87ee721c58 --- /dev/null +++ b/service/directoryservicedata/api_op_SearchUsers.go @@ -0,0 +1,289 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Searches the specified directory for a user. You can find users that match the +// +// SearchString parameter with the value of their attributes included in the +// SearchString parameter. +// +// This operation supports pagination with the use of the NextToken request and +// response parameters. If more results are available, the SearchUsers.NextToken +// member contains a token that you pass in the next call to SearchUsers . This +// retrieves the next set of items. +// +// You can also specify a maximum number of return results with the MaxResults +// parameter. +func (c *Client) SearchUsers(ctx context.Context, params *SearchUsersInput, optFns ...func(*Options)) (*SearchUsersOutput, error) { + if params == nil { + params = &SearchUsersInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "SearchUsers", params, optFns, c.addOperationSearchUsersMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*SearchUsersOutput) + out.ResultMetadata = metadata + return out, nil +} + +type SearchUsersInput struct { + + // The identifier (ID) of the directory that's associated with the user. + // + // This member is required. + DirectoryId *string + + // One or more data attributes that are used to search for a user. For a list of + // supported attributes, see [Directory Service Data Attributes]. + // + // [Directory Service Data Attributes]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_data_attributes.html + // + // This member is required. + SearchAttributes []string + + // The attribute value that you want to search for. + // + // Wildcard (*) searches aren't supported. For a list of supported attributes, see [Directory Service Data Attributes] + // . + // + // [Directory Service Data Attributes]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_data_attributes.html + // + // This member is required. + SearchString *string + + // The maximum number of results to be returned per request. + MaxResults *int32 + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain name that's associated with the user. + // + // This parameter is optional, so you can return users outside of your Managed + // Microsoft AD domain. When no value is defined, only your Managed Microsoft AD + // users are returned. + // + // This value is case insensitive. + Realm *string + + noSmithyDocumentSerde +} + +type SearchUsersOutput struct { + + // The identifier (ID) of the directory where the address block is added. + DirectoryId *string + + // An encoded paging token for paginated calls that can be passed back to + // retrieve the next page. + NextToken *string + + // The domain that's associated with the user. + Realm *string + + // The user information that the request returns. + Users []types.User + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationSearchUsersMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpSearchUsers{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpSearchUsers{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "SearchUsers"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addOpSearchUsersValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opSearchUsers(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +// SearchUsersPaginatorOptions is the paginator options for SearchUsers +type SearchUsersPaginatorOptions struct { + // The maximum number of results to be returned per request. + Limit int32 + + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// SearchUsersPaginator is a paginator for SearchUsers +type SearchUsersPaginator struct { + options SearchUsersPaginatorOptions + client SearchUsersAPIClient + params *SearchUsersInput + nextToken *string + firstPage bool +} + +// NewSearchUsersPaginator returns a new SearchUsersPaginator +func NewSearchUsersPaginator(client SearchUsersAPIClient, params *SearchUsersInput, optFns ...func(*SearchUsersPaginatorOptions)) *SearchUsersPaginator { + if params == nil { + params = &SearchUsersInput{} + } + + options := SearchUsersPaginatorOptions{} + if params.MaxResults != nil { + options.Limit = *params.MaxResults + } + + for _, fn := range optFns { + fn(&options) + } + + return &SearchUsersPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.NextToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *SearchUsersPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next SearchUsers page. +func (p *SearchUsersPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*SearchUsersOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.NextToken = p.nextToken + + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.MaxResults = limit + + optFns = append([]func(*Options){ + addIsPaginatorUserAgent, + }, optFns...) + result, err := p.client.SearchUsers(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.NextToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +// SearchUsersAPIClient is a client that implements the SearchUsers operation. +type SearchUsersAPIClient interface { + SearchUsers(context.Context, *SearchUsersInput, ...func(*Options)) (*SearchUsersOutput, error) +} + +var _ SearchUsersAPIClient = (*Client)(nil) + +func newServiceMetadataMiddleware_opSearchUsers(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "SearchUsers", + } +} diff --git a/service/directoryservicedata/api_op_UpdateGroup.go b/service/directoryservicedata/api_op_UpdateGroup.go new file mode 100644 index 00000000000..2697aa9140a --- /dev/null +++ b/service/directoryservicedata/api_op_UpdateGroup.go @@ -0,0 +1,214 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Updates group information. +func (c *Client) UpdateGroup(ctx context.Context, params *UpdateGroupInput, optFns ...func(*Options)) (*UpdateGroupOutput, error) { + if params == nil { + params = &UpdateGroupInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "UpdateGroup", params, optFns, c.addOperationUpdateGroupMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*UpdateGroupOutput) + out.ResultMetadata = metadata + return out, nil +} + +type UpdateGroupInput struct { + + // The identifier (ID) of the directory that's associated with the group. + // + // This member is required. + DirectoryId *string + + // The name of the group. + // + // This member is required. + SAMAccountName *string + + // A unique and case-sensitive identifier that you provide to make sure the + // idempotency of the request, so multiple identical calls have the same effect as + // one single call. + // + // A client token is valid for 8 hours after the first request that uses it + // completes. After 8 hours, any request with the same client token is treated as a + // new request. If the request succeeds, any future uses of that token will be + // idempotent for another 8 hours. + // + // If you submit a request with the same client token but change one of the other + // parameters within the 8-hour idempotency window, Directory Service Data returns + // an ConflictException . + // + // This parameter is optional when using the CLI or SDK. + ClientToken *string + + // The scope of the AD group. For details, see [Active Directory security groups]. + // + // [Active Directory security groups]: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups#group-scope + GroupScope types.GroupScope + + // The AD group type. For details, see [Active Directory security group type]. + // + // [Active Directory security group type]: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups#how-active-directory-security-groups-work + GroupType types.GroupType + + // An expression that defines one or more attributes with the data type and the + // value of each attribute. + OtherAttributes map[string]types.AttributeValue + + // The type of update to be performed. If no value exists for the attribute, use + // ADD . Otherwise, use REPLACE to change an attribute value or REMOVE to clear + // the attribute value. + UpdateType types.UpdateType + + noSmithyDocumentSerde +} + +type UpdateGroupOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationUpdateGroupMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpUpdateGroup{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpUpdateGroup{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "UpdateGroup"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addIdempotencyToken_opUpdateGroupMiddleware(stack, options); err != nil { + return err + } + if err = addOpUpdateGroupValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateGroup(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +type idempotencyToken_initializeOpUpdateGroup struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpUpdateGroup) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpUpdateGroup) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*UpdateGroupInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *UpdateGroupInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opUpdateGroupMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpUpdateGroup{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + +func newServiceMetadataMiddleware_opUpdateGroup(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "UpdateGroup", + } +} diff --git a/service/directoryservicedata/api_op_UpdateUser.go b/service/directoryservicedata/api_op_UpdateUser.go new file mode 100644 index 00000000000..68817ca6877 --- /dev/null +++ b/service/directoryservicedata/api_op_UpdateUser.go @@ -0,0 +1,218 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Updates user information. +func (c *Client) UpdateUser(ctx context.Context, params *UpdateUserInput, optFns ...func(*Options)) (*UpdateUserOutput, error) { + if params == nil { + params = &UpdateUserInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "UpdateUser", params, optFns, c.addOperationUpdateUserMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*UpdateUserOutput) + out.ResultMetadata = metadata + return out, nil +} + +type UpdateUserInput struct { + + // The identifier (ID) of the directory that's associated with the user. + // + // This member is required. + DirectoryId *string + + // The name of the user. + // + // This member is required. + SAMAccountName *string + + // A unique and case-sensitive identifier that you provide to make sure the + // idempotency of the request, so multiple identical calls have the same effect as + // one single call. + // + // A client token is valid for 8 hours after the first request that uses it + // completes. After 8 hours, any request with the same client token is treated as a + // new request. If the request succeeds, any future uses of that token will be + // idempotent for another 8 hours. + // + // If you submit a request with the same client token but change one of the other + // parameters within the 8-hour idempotency window, Directory Service Data returns + // an ConflictException . + // + // This parameter is optional when using the CLI or SDK. + ClientToken *string + + // The email address of the user. + EmailAddress *string + + // The first name of the user. + GivenName *string + + // An expression that defines one or more attribute names with the data type and + // value of each attribute. A key is an attribute name, and the value is a list of + // maps. For a list of supported attributes, see [Directory Service Data Attributes]. + // + // Attribute names are case insensitive. + // + // [Directory Service Data Attributes]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_data-attributes.html + OtherAttributes map[string]types.AttributeValue + + // The last name of the user. + Surname *string + + // The type of update to be performed. If no value exists for the attribute, use + // ADD . Otherwise, use REPLACE to change an attribute value or REMOVE to clear + // the attribute value. + UpdateType types.UpdateType + + noSmithyDocumentSerde +} + +type UpdateUserOutput struct { + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationUpdateUserMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpUpdateUser{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpUpdateUser{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "UpdateUser"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = addClientRequestID(stack); err != nil { + return err + } + if err = addComputeContentLength(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = addComputePayloadSHA256(stack); err != nil { + return err + } + if err = addRetry(stack, options); err != nil { + return err + } + if err = addRawResponseToMetadata(stack); err != nil { + return err + } + if err = addRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addTimeOffsetBuild(stack, c); err != nil { + return err + } + if err = addUserAgentRetryMode(stack, options); err != nil { + return err + } + if err = addIdempotencyToken_opUpdateUserMiddleware(stack, options); err != nil { + return err + } + if err = addOpUpdateUserValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateUser(options.Region), middleware.Before); err != nil { + return err + } + if err = addRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +type idempotencyToken_initializeOpUpdateUser struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpUpdateUser) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpUpdateUser) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*UpdateUserInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *UpdateUserInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opUpdateUserMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpUpdateUser{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + +func newServiceMetadataMiddleware_opUpdateUser(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "UpdateUser", + } +} diff --git a/service/directoryservicedata/auth.go b/service/directoryservicedata/auth.go new file mode 100644 index 00000000000..602ee19296d --- /dev/null +++ b/service/directoryservicedata/auth.go @@ -0,0 +1,284 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { + params.Region = options.Region +} + +type setLegacyContextSigningOptionsMiddleware struct { +} + +func (*setLegacyContextSigningOptionsMiddleware) ID() string { + return "setLegacyContextSigningOptions" +} + +func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + schemeID := rscheme.Scheme.SchemeID() + + if sn := awsmiddleware.GetSigningName(ctx); sn != "" { + if schemeID == "aws.auth#sigv4" { + smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn) + } else if schemeID == "aws.auth#sigv4a" { + smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn) + } + } + + if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" { + if schemeID == "aws.auth#sigv4" { + smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr) + } else if schemeID == "aws.auth#sigv4a" { + smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr}) + } + } + + return next.HandleFinalize(ctx, in) +} + +func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error { + return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before) +} + +type withAnonymous struct { + resolver AuthSchemeResolver +} + +var _ AuthSchemeResolver = (*withAnonymous)(nil) + +func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { + opts, err := v.resolver.ResolveAuthSchemes(ctx, params) + if err != nil { + return nil, err + } + + opts = append(opts, &smithyauth.Option{ + SchemeID: smithyauth.SchemeIDAnonymous, + }) + return opts, nil +} + +func wrapWithAnonymousAuth(options *Options) { + if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { + return + } + + options.AuthSchemeResolver = &withAnonymous{ + resolver: options.AuthSchemeResolver, + } +} + +// AuthResolverParameters contains the set of inputs necessary for auth scheme +// resolution. +type AuthResolverParameters struct { + // The name of the operation being invoked. + Operation string + + // The region in which the operation is being invoked. + Region string +} + +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { + params := &AuthResolverParameters{ + Operation: operation, + } + + bindAuthParamsRegion(ctx, params, input, options) + + return params +} + +// AuthSchemeResolver returns a set of possible authentication options for an +// operation. +type AuthSchemeResolver interface { + ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error) +} + +type defaultAuthSchemeResolver struct{} + +var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil) + +func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { + if overrides, ok := operationAuthOptions[params.Operation]; ok { + return overrides(params), nil + } + return serviceAuthOptions(params), nil +} + +var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{} + +func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + { + SchemeID: smithyauth.SchemeIDSigV4, + SignerProperties: func() smithy.Properties { + var props smithy.Properties + smithyhttp.SetSigV4SigningName(&props, "ds-data") + smithyhttp.SetSigV4SigningRegion(&props, params.Region) + return props + }(), + }, + } +} + +type resolveAuthSchemeMiddleware struct { + operation string + options Options +} + +func (*resolveAuthSchemeMiddleware) ID() string { + return "ResolveAuthScheme" +} + +func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) + options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) + if err != nil { + return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) + } + + scheme, ok := m.selectScheme(options) + if !ok { + return out, metadata, fmt.Errorf("could not select an auth scheme") + } + + ctx = setResolvedAuthScheme(ctx, scheme) + return next.HandleFinalize(ctx, in) +} + +func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { + for _, option := range options { + if option.SchemeID == smithyauth.SchemeIDAnonymous { + return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true + } + + for _, scheme := range m.options.AuthSchemes { + if scheme.SchemeID() != option.SchemeID { + continue + } + + if scheme.IdentityResolver(m.options) != nil { + return newResolvedAuthScheme(scheme, option), true + } + } + } + + return nil, false +} + +type resolvedAuthSchemeKey struct{} + +type resolvedAuthScheme struct { + Scheme smithyhttp.AuthScheme + IdentityProperties smithy.Properties + SignerProperties smithy.Properties +} + +func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme { + return &resolvedAuthScheme{ + Scheme: scheme, + IdentityProperties: option.IdentityProperties, + SignerProperties: option.SignerProperties, + } +} + +func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context { + return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme) +} + +func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme { + v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme) + return v +} + +type getIdentityMiddleware struct { + options Options +} + +func (*getIdentityMiddleware) ID() string { + return "GetIdentity" +} + +func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + resolver := rscheme.Scheme.IdentityResolver(m.options) + if resolver == nil { + return out, metadata, fmt.Errorf("no identity resolver") + } + + identity, err := resolver.GetIdentity(ctx, rscheme.IdentityProperties) + if err != nil { + return out, metadata, fmt.Errorf("get identity: %w", err) + } + + ctx = setIdentity(ctx, identity) + return next.HandleFinalize(ctx, in) +} + +type identityKey struct{} + +func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context { + return middleware.WithStackValue(ctx, identityKey{}, identity) +} + +func getIdentity(ctx context.Context) smithyauth.Identity { + v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity) + return v +} + +type signRequestMiddleware struct { +} + +func (*signRequestMiddleware) ID() string { + return "Signing" +} + +func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request) + } + + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + identity := getIdentity(ctx) + if identity == nil { + return out, metadata, fmt.Errorf("no identity") + } + + signer := rscheme.Scheme.Signer() + if signer == nil { + return out, metadata, fmt.Errorf("no signer") + } + + if err := signer.SignRequest(ctx, req, identity, rscheme.SignerProperties); err != nil { + return out, metadata, fmt.Errorf("sign request: %w", err) + } + + return next.HandleFinalize(ctx, in) +} diff --git a/service/directoryservicedata/deserializers.go b/service/directoryservicedata/deserializers.go new file mode 100644 index 00000000000..87609fefc6c --- /dev/null +++ b/service/directoryservicedata/deserializers.go @@ -0,0 +1,4022 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "bytes" + "context" + "encoding/json" + "fmt" + "github.com/aws/aws-sdk-go-v2/aws/protocol/restjson" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + smithy "github.com/aws/smithy-go" + smithyio "github.com/aws/smithy-go/io" + "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" + smithytime "github.com/aws/smithy-go/time" + smithyhttp "github.com/aws/smithy-go/transport/http" + "io" + "strconv" + "strings" + "time" +) + +func deserializeS3Expires(v string) (*time.Time, error) { + t, err := smithytime.ParseHTTPDate(v) + if err != nil { + return nil, nil + } + return &t, nil +} + +type awsRestjson1_deserializeOpAddGroupMember struct { +} + +func (*awsRestjson1_deserializeOpAddGroupMember) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpAddGroupMember) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorAddGroupMember(response, &metadata) + } + output := &AddGroupMemberOutput{} + out.Result = output + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorAddGroupMember(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ConflictException", errorCode): + return awsRestjson1_deserializeErrorConflictException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsRestjson1_deserializeOpCreateGroup struct { +} + +func (*awsRestjson1_deserializeOpCreateGroup) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpCreateGroup) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorCreateGroup(response, &metadata) + } + output := &CreateGroupOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentCreateGroupOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorCreateGroup(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ConflictException", errorCode): + return awsRestjson1_deserializeErrorConflictException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentCreateGroupOutput(v **CreateGroupOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *CreateGroupOutput + if *v == nil { + sv = &CreateGroupOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DirectoryId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryId to be of type string, got %T instead", value) + } + sv.DirectoryId = ptr.String(jtv) + } + + case "SAMAccountName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GroupName to be of type string, got %T instead", value) + } + sv.SAMAccountName = ptr.String(jtv) + } + + case "SID": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected SID to be of type string, got %T instead", value) + } + sv.SID = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +type awsRestjson1_deserializeOpCreateUser struct { +} + +func (*awsRestjson1_deserializeOpCreateUser) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpCreateUser) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorCreateUser(response, &metadata) + } + output := &CreateUserOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentCreateUserOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorCreateUser(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ConflictException", errorCode): + return awsRestjson1_deserializeErrorConflictException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentCreateUserOutput(v **CreateUserOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *CreateUserOutput + if *v == nil { + sv = &CreateUserOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DirectoryId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryId to be of type string, got %T instead", value) + } + sv.DirectoryId = ptr.String(jtv) + } + + case "SAMAccountName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected UserName to be of type string, got %T instead", value) + } + sv.SAMAccountName = ptr.String(jtv) + } + + case "SID": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected SID to be of type string, got %T instead", value) + } + sv.SID = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +type awsRestjson1_deserializeOpDeleteGroup struct { +} + +func (*awsRestjson1_deserializeOpDeleteGroup) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpDeleteGroup) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorDeleteGroup(response, &metadata) + } + output := &DeleteGroupOutput{} + out.Result = output + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorDeleteGroup(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ConflictException", errorCode): + return awsRestjson1_deserializeErrorConflictException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsRestjson1_deserializeOpDeleteUser struct { +} + +func (*awsRestjson1_deserializeOpDeleteUser) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpDeleteUser) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorDeleteUser(response, &metadata) + } + output := &DeleteUserOutput{} + out.Result = output + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorDeleteUser(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ConflictException", errorCode): + return awsRestjson1_deserializeErrorConflictException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsRestjson1_deserializeOpDescribeGroup struct { +} + +func (*awsRestjson1_deserializeOpDescribeGroup) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpDescribeGroup) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorDescribeGroup(response, &metadata) + } + output := &DescribeGroupOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentDescribeGroupOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorDescribeGroup(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentDescribeGroupOutput(v **DescribeGroupOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *DescribeGroupOutput + if *v == nil { + sv = &DescribeGroupOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DirectoryId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryId to be of type string, got %T instead", value) + } + sv.DirectoryId = ptr.String(jtv) + } + + case "DistinguishedName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DistinguishedName to be of type string, got %T instead", value) + } + sv.DistinguishedName = ptr.String(jtv) + } + + case "GroupScope": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GroupScope to be of type string, got %T instead", value) + } + sv.GroupScope = types.GroupScope(jtv) + } + + case "GroupType": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GroupType to be of type string, got %T instead", value) + } + sv.GroupType = types.GroupType(jtv) + } + + case "OtherAttributes": + if err := awsRestjson1_deserializeDocumentAttributes(&sv.OtherAttributes, value); err != nil { + return err + } + + case "Realm": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Realm to be of type string, got %T instead", value) + } + sv.Realm = ptr.String(jtv) + } + + case "SAMAccountName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GroupName to be of type string, got %T instead", value) + } + sv.SAMAccountName = ptr.String(jtv) + } + + case "SID": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected SID to be of type string, got %T instead", value) + } + sv.SID = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +type awsRestjson1_deserializeOpDescribeUser struct { +} + +func (*awsRestjson1_deserializeOpDescribeUser) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpDescribeUser) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorDescribeUser(response, &metadata) + } + output := &DescribeUserOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentDescribeUserOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorDescribeUser(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentDescribeUserOutput(v **DescribeUserOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *DescribeUserOutput + if *v == nil { + sv = &DescribeUserOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DirectoryId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryId to be of type string, got %T instead", value) + } + sv.DirectoryId = ptr.String(jtv) + } + + case "DistinguishedName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DistinguishedName to be of type string, got %T instead", value) + } + sv.DistinguishedName = ptr.String(jtv) + } + + case "EmailAddress": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected EmailAddress to be of type string, got %T instead", value) + } + sv.EmailAddress = ptr.String(jtv) + } + + case "Enabled": + if value != nil { + jtv, ok := value.(bool) + if !ok { + return fmt.Errorf("expected Boolean to be of type *bool, got %T instead", value) + } + sv.Enabled = ptr.Bool(jtv) + } + + case "GivenName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GivenName to be of type string, got %T instead", value) + } + sv.GivenName = ptr.String(jtv) + } + + case "OtherAttributes": + if err := awsRestjson1_deserializeDocumentAttributes(&sv.OtherAttributes, value); err != nil { + return err + } + + case "Realm": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Realm to be of type string, got %T instead", value) + } + sv.Realm = ptr.String(jtv) + } + + case "SAMAccountName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected UserName to be of type string, got %T instead", value) + } + sv.SAMAccountName = ptr.String(jtv) + } + + case "SID": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected SID to be of type string, got %T instead", value) + } + sv.SID = ptr.String(jtv) + } + + case "Surname": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Surname to be of type string, got %T instead", value) + } + sv.Surname = ptr.String(jtv) + } + + case "UserPrincipalName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected UserPrincipalName to be of type string, got %T instead", value) + } + sv.UserPrincipalName = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +type awsRestjson1_deserializeOpDisableUser struct { +} + +func (*awsRestjson1_deserializeOpDisableUser) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpDisableUser) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorDisableUser(response, &metadata) + } + output := &DisableUserOutput{} + out.Result = output + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorDisableUser(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ConflictException", errorCode): + return awsRestjson1_deserializeErrorConflictException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsRestjson1_deserializeOpListGroupMembers struct { +} + +func (*awsRestjson1_deserializeOpListGroupMembers) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpListGroupMembers) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorListGroupMembers(response, &metadata) + } + output := &ListGroupMembersOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentListGroupMembersOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorListGroupMembers(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentListGroupMembersOutput(v **ListGroupMembersOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *ListGroupMembersOutput + if *v == nil { + sv = &ListGroupMembersOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DirectoryId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryId to be of type string, got %T instead", value) + } + sv.DirectoryId = ptr.String(jtv) + } + + case "MemberRealm": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Realm to be of type string, got %T instead", value) + } + sv.MemberRealm = ptr.String(jtv) + } + + case "Members": + if err := awsRestjson1_deserializeDocumentMemberList(&sv.Members, value); err != nil { + return err + } + + case "NextToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected NextToken to be of type string, got %T instead", value) + } + sv.NextToken = ptr.String(jtv) + } + + case "Realm": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Realm to be of type string, got %T instead", value) + } + sv.Realm = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +type awsRestjson1_deserializeOpListGroups struct { +} + +func (*awsRestjson1_deserializeOpListGroups) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpListGroups) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorListGroups(response, &metadata) + } + output := &ListGroupsOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentListGroupsOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorListGroups(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentListGroupsOutput(v **ListGroupsOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *ListGroupsOutput + if *v == nil { + sv = &ListGroupsOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DirectoryId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryId to be of type string, got %T instead", value) + } + sv.DirectoryId = ptr.String(jtv) + } + + case "Groups": + if err := awsRestjson1_deserializeDocumentGroupSummaryList(&sv.Groups, value); err != nil { + return err + } + + case "NextToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected NextToken to be of type string, got %T instead", value) + } + sv.NextToken = ptr.String(jtv) + } + + case "Realm": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Realm to be of type string, got %T instead", value) + } + sv.Realm = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +type awsRestjson1_deserializeOpListGroupsForMember struct { +} + +func (*awsRestjson1_deserializeOpListGroupsForMember) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpListGroupsForMember) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorListGroupsForMember(response, &metadata) + } + output := &ListGroupsForMemberOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentListGroupsForMemberOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorListGroupsForMember(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentListGroupsForMemberOutput(v **ListGroupsForMemberOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *ListGroupsForMemberOutput + if *v == nil { + sv = &ListGroupsForMemberOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DirectoryId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryId to be of type string, got %T instead", value) + } + sv.DirectoryId = ptr.String(jtv) + } + + case "Groups": + if err := awsRestjson1_deserializeDocumentGroupSummaryList(&sv.Groups, value); err != nil { + return err + } + + case "MemberRealm": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Realm to be of type string, got %T instead", value) + } + sv.MemberRealm = ptr.String(jtv) + } + + case "NextToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected NextToken to be of type string, got %T instead", value) + } + sv.NextToken = ptr.String(jtv) + } + + case "Realm": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Realm to be of type string, got %T instead", value) + } + sv.Realm = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +type awsRestjson1_deserializeOpListUsers struct { +} + +func (*awsRestjson1_deserializeOpListUsers) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpListUsers) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorListUsers(response, &metadata) + } + output := &ListUsersOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentListUsersOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorListUsers(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentListUsersOutput(v **ListUsersOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *ListUsersOutput + if *v == nil { + sv = &ListUsersOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DirectoryId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryId to be of type string, got %T instead", value) + } + sv.DirectoryId = ptr.String(jtv) + } + + case "NextToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected NextToken to be of type string, got %T instead", value) + } + sv.NextToken = ptr.String(jtv) + } + + case "Realm": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Realm to be of type string, got %T instead", value) + } + sv.Realm = ptr.String(jtv) + } + + case "Users": + if err := awsRestjson1_deserializeDocumentUserSummaryList(&sv.Users, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +type awsRestjson1_deserializeOpRemoveGroupMember struct { +} + +func (*awsRestjson1_deserializeOpRemoveGroupMember) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpRemoveGroupMember) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorRemoveGroupMember(response, &metadata) + } + output := &RemoveGroupMemberOutput{} + out.Result = output + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorRemoveGroupMember(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ConflictException", errorCode): + return awsRestjson1_deserializeErrorConflictException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsRestjson1_deserializeOpSearchGroups struct { +} + +func (*awsRestjson1_deserializeOpSearchGroups) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpSearchGroups) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorSearchGroups(response, &metadata) + } + output := &SearchGroupsOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentSearchGroupsOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorSearchGroups(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentSearchGroupsOutput(v **SearchGroupsOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *SearchGroupsOutput + if *v == nil { + sv = &SearchGroupsOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DirectoryId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryId to be of type string, got %T instead", value) + } + sv.DirectoryId = ptr.String(jtv) + } + + case "Groups": + if err := awsRestjson1_deserializeDocumentGroupList(&sv.Groups, value); err != nil { + return err + } + + case "NextToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected NextToken to be of type string, got %T instead", value) + } + sv.NextToken = ptr.String(jtv) + } + + case "Realm": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Realm to be of type string, got %T instead", value) + } + sv.Realm = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +type awsRestjson1_deserializeOpSearchUsers struct { +} + +func (*awsRestjson1_deserializeOpSearchUsers) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpSearchUsers) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorSearchUsers(response, &metadata) + } + output := &SearchUsersOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentSearchUsersOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorSearchUsers(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentSearchUsersOutput(v **SearchUsersOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *SearchUsersOutput + if *v == nil { + sv = &SearchUsersOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DirectoryId": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryId to be of type string, got %T instead", value) + } + sv.DirectoryId = ptr.String(jtv) + } + + case "NextToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected NextToken to be of type string, got %T instead", value) + } + sv.NextToken = ptr.String(jtv) + } + + case "Realm": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Realm to be of type string, got %T instead", value) + } + sv.Realm = ptr.String(jtv) + } + + case "Users": + if err := awsRestjson1_deserializeDocumentUserList(&sv.Users, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +type awsRestjson1_deserializeOpUpdateGroup struct { +} + +func (*awsRestjson1_deserializeOpUpdateGroup) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpUpdateGroup) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorUpdateGroup(response, &metadata) + } + output := &UpdateGroupOutput{} + out.Result = output + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorUpdateGroup(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ConflictException", errorCode): + return awsRestjson1_deserializeErrorConflictException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +type awsRestjson1_deserializeOpUpdateUser struct { +} + +func (*awsRestjson1_deserializeOpUpdateUser) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpUpdateUser) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorUpdateUser(response, &metadata) + } + output := &UpdateUserOutput{} + out.Result = output + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorUpdateUser(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("ConflictException", errorCode): + return awsRestjson1_deserializeErrorConflictException(response, errorBody) + + case strings.EqualFold("DirectoryUnavailableException", errorCode): + return awsRestjson1_deserializeErrorDirectoryUnavailableException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) + + case strings.EqualFold("ThrottlingException", errorCode): + return awsRestjson1_deserializeErrorThrottlingException(response, errorBody) + + case strings.EqualFold("ValidationException", errorCode): + return awsRestjson1_deserializeErrorValidationException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpHttpBindingsThrottlingException(v *types.ThrottlingException, response *smithyhttp.Response) error { + if v == nil { + return fmt.Errorf("unsupported deserialization for nil %T", v) + } + + if headerValues := response.Header.Values("Retry-After"); len(headerValues) != 0 { + headerValues[0] = strings.TrimSpace(headerValues[0]) + vv, err := strconv.ParseInt(headerValues[0], 0, 32) + if err != nil { + return err + } + v.RetryAfterSeconds = ptr.Int32(int32(vv)) + } + + return nil +} +func awsRestjson1_deserializeErrorAccessDeniedException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + output := &types.AccessDeniedException{} + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + err := awsRestjson1_deserializeDocumentAccessDeniedException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + + return output +} + +func awsRestjson1_deserializeErrorConflictException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + output := &types.ConflictException{} + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + err := awsRestjson1_deserializeDocumentConflictException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + + return output +} + +func awsRestjson1_deserializeErrorDirectoryUnavailableException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + output := &types.DirectoryUnavailableException{} + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + err := awsRestjson1_deserializeDocumentDirectoryUnavailableException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + + return output +} + +func awsRestjson1_deserializeErrorInternalServerException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + output := &types.InternalServerException{} + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + err := awsRestjson1_deserializeDocumentInternalServerException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + + return output +} + +func awsRestjson1_deserializeErrorResourceNotFoundException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + output := &types.ResourceNotFoundException{} + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + err := awsRestjson1_deserializeDocumentResourceNotFoundException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + + return output +} + +func awsRestjson1_deserializeErrorThrottlingException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + output := &types.ThrottlingException{} + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + err := awsRestjson1_deserializeDocumentThrottlingException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + + if err := awsRestjson1_deserializeOpHttpBindingsThrottlingException(output, response); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to decode response error with invalid HTTP bindings, %w", err)} + } + + return output +} + +func awsRestjson1_deserializeErrorValidationException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + output := &types.ValidationException{} + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + err := awsRestjson1_deserializeDocumentValidationException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + + return output +} + +func awsRestjson1_deserializeDocumentAccessDeniedException(v **types.AccessDeniedException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.AccessDeniedException + if *v == nil { + sv = &types.AccessDeniedException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + case "Reason": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected AccessDeniedReason to be of type string, got %T instead", value) + } + sv.Reason = types.AccessDeniedReason(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentAttributes(v *map[string]types.AttributeValue, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var mv map[string]types.AttributeValue + if *v == nil { + mv = map[string]types.AttributeValue{} + } else { + mv = *v + } + + for key, value := range shape { + var parsedVal types.AttributeValue + mapVar := parsedVal + if err := awsRestjson1_deserializeDocumentAttributeValue(&mapVar, value); err != nil { + return err + } + parsedVal = mapVar + mv[key] = parsedVal + + } + *v = mv + return nil +} + +func awsRestjson1_deserializeDocumentAttributeValue(v *types.AttributeValue, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var uv types.AttributeValue +loop: + for key, value := range shape { + if value == nil { + continue + } + switch key { + case "BOOL": + var mv bool + if value != nil { + jtv, ok := value.(bool) + if !ok { + return fmt.Errorf("expected BooleanAttributeValue to be of type *bool, got %T instead", value) + } + mv = jtv + } + uv = &types.AttributeValueMemberBOOL{Value: mv} + break loop + + case "N": + var mv int64 + if value != nil { + jtv, ok := value.(json.Number) + if !ok { + return fmt.Errorf("expected NumberAttributeValue to be json.Number, got %T instead", value) + } + i64, err := jtv.Int64() + if err != nil { + return err + } + mv = i64 + } + uv = &types.AttributeValueMemberN{Value: mv} + break loop + + case "S": + var mv string + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected StringAttributeValue to be of type string, got %T instead", value) + } + mv = jtv + } + uv = &types.AttributeValueMemberS{Value: mv} + break loop + + case "SS": + var mv []string + if err := awsRestjson1_deserializeDocumentStringSetAttributeValue(&mv, value); err != nil { + return err + } + uv = &types.AttributeValueMemberSS{Value: mv} + break loop + + default: + uv = &types.UnknownUnionMember{Tag: key} + break loop + + } + } + *v = uv + return nil +} + +func awsRestjson1_deserializeDocumentConflictException(v **types.ConflictException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.ConflictException + if *v == nil { + sv = &types.ConflictException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentDirectoryUnavailableException(v **types.DirectoryUnavailableException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.DirectoryUnavailableException + if *v == nil { + sv = &types.DirectoryUnavailableException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + case "Reason": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DirectoryUnavailableReason to be of type string, got %T instead", value) + } + sv.Reason = types.DirectoryUnavailableReason(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentGroup(v **types.Group, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.Group + if *v == nil { + sv = &types.Group{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DistinguishedName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DistinguishedName to be of type string, got %T instead", value) + } + sv.DistinguishedName = ptr.String(jtv) + } + + case "GroupScope": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GroupScope to be of type string, got %T instead", value) + } + sv.GroupScope = types.GroupScope(jtv) + } + + case "GroupType": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GroupType to be of type string, got %T instead", value) + } + sv.GroupType = types.GroupType(jtv) + } + + case "OtherAttributes": + if err := awsRestjson1_deserializeDocumentAttributes(&sv.OtherAttributes, value); err != nil { + return err + } + + case "SAMAccountName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GroupName to be of type string, got %T instead", value) + } + sv.SAMAccountName = ptr.String(jtv) + } + + case "SID": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected SID to be of type string, got %T instead", value) + } + sv.SID = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentGroupList(v *[]types.Group, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []types.Group + if *v == nil { + cv = []types.Group{} + } else { + cv = *v + } + + for _, value := range shape { + var col types.Group + destAddr := &col + if err := awsRestjson1_deserializeDocumentGroup(&destAddr, value); err != nil { + return err + } + col = *destAddr + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsRestjson1_deserializeDocumentGroupSummary(v **types.GroupSummary, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.GroupSummary + if *v == nil { + sv = &types.GroupSummary{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "GroupScope": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GroupScope to be of type string, got %T instead", value) + } + sv.GroupScope = types.GroupScope(jtv) + } + + case "GroupType": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GroupType to be of type string, got %T instead", value) + } + sv.GroupType = types.GroupType(jtv) + } + + case "SAMAccountName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GroupName to be of type string, got %T instead", value) + } + sv.SAMAccountName = ptr.String(jtv) + } + + case "SID": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected SID to be of type string, got %T instead", value) + } + sv.SID = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentGroupSummaryList(v *[]types.GroupSummary, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []types.GroupSummary + if *v == nil { + cv = []types.GroupSummary{} + } else { + cv = *v + } + + for _, value := range shape { + var col types.GroupSummary + destAddr := &col + if err := awsRestjson1_deserializeDocumentGroupSummary(&destAddr, value); err != nil { + return err + } + col = *destAddr + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsRestjson1_deserializeDocumentInternalServerException(v **types.InternalServerException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.InternalServerException + if *v == nil { + sv = &types.InternalServerException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentMember(v **types.Member, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.Member + if *v == nil { + sv = &types.Member{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "MemberType": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected MemberType to be of type string, got %T instead", value) + } + sv.MemberType = types.MemberType(jtv) + } + + case "SAMAccountName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected MemberName to be of type string, got %T instead", value) + } + sv.SAMAccountName = ptr.String(jtv) + } + + case "SID": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected SID to be of type string, got %T instead", value) + } + sv.SID = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentMemberList(v *[]types.Member, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []types.Member + if *v == nil { + cv = []types.Member{} + } else { + cv = *v + } + + for _, value := range shape { + var col types.Member + destAddr := &col + if err := awsRestjson1_deserializeDocumentMember(&destAddr, value); err != nil { + return err + } + col = *destAddr + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsRestjson1_deserializeDocumentResourceNotFoundException(v **types.ResourceNotFoundException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.ResourceNotFoundException + if *v == nil { + sv = &types.ResourceNotFoundException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentStringSetAttributeValue(v *[]string, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []string + if *v == nil { + cv = []string{} + } else { + cv = *v + } + + for _, value := range shape { + var col string + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected StringAttributeValue to be of type string, got %T instead", value) + } + col = jtv + } + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsRestjson1_deserializeDocumentThrottlingException(v **types.ThrottlingException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.ThrottlingException + if *v == nil { + sv = &types.ThrottlingException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + case "RetryAfterSeconds": + if value != nil { + jtv, ok := value.(json.Number) + if !ok { + return fmt.Errorf("expected Integer to be json.Number, got %T instead", value) + } + i64, err := jtv.Int64() + if err != nil { + return err + } + sv.RetryAfterSeconds = ptr.Int32(int32(i64)) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentUser(v **types.User, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.User + if *v == nil { + sv = &types.User{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DistinguishedName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DistinguishedName to be of type string, got %T instead", value) + } + sv.DistinguishedName = ptr.String(jtv) + } + + case "EmailAddress": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected EmailAddress to be of type string, got %T instead", value) + } + sv.EmailAddress = ptr.String(jtv) + } + + case "Enabled": + if value != nil { + jtv, ok := value.(bool) + if !ok { + return fmt.Errorf("expected Boolean to be of type *bool, got %T instead", value) + } + sv.Enabled = ptr.Bool(jtv) + } + + case "GivenName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GivenName to be of type string, got %T instead", value) + } + sv.GivenName = ptr.String(jtv) + } + + case "OtherAttributes": + if err := awsRestjson1_deserializeDocumentAttributes(&sv.OtherAttributes, value); err != nil { + return err + } + + case "SAMAccountName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected UserName to be of type string, got %T instead", value) + } + sv.SAMAccountName = ptr.String(jtv) + } + + case "SID": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected SID to be of type string, got %T instead", value) + } + sv.SID = ptr.String(jtv) + } + + case "Surname": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Surname to be of type string, got %T instead", value) + } + sv.Surname = ptr.String(jtv) + } + + case "UserPrincipalName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected UserPrincipalName to be of type string, got %T instead", value) + } + sv.UserPrincipalName = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentUserList(v *[]types.User, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []types.User + if *v == nil { + cv = []types.User{} + } else { + cv = *v + } + + for _, value := range shape { + var col types.User + destAddr := &col + if err := awsRestjson1_deserializeDocumentUser(&destAddr, value); err != nil { + return err + } + col = *destAddr + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsRestjson1_deserializeDocumentUserSummary(v **types.UserSummary, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.UserSummary + if *v == nil { + sv = &types.UserSummary{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Enabled": + if value != nil { + jtv, ok := value.(bool) + if !ok { + return fmt.Errorf("expected Boolean to be of type *bool, got %T instead", value) + } + sv.Enabled = ptr.Bool(jtv) + } + + case "GivenName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected GivenName to be of type string, got %T instead", value) + } + sv.GivenName = ptr.String(jtv) + } + + case "SAMAccountName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected UserName to be of type string, got %T instead", value) + } + sv.SAMAccountName = ptr.String(jtv) + } + + case "SID": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected SID to be of type string, got %T instead", value) + } + sv.SID = ptr.String(jtv) + } + + case "Surname": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Surname to be of type string, got %T instead", value) + } + sv.Surname = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + +func awsRestjson1_deserializeDocumentUserSummaryList(v *[]types.UserSummary, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []types.UserSummary + if *v == nil { + cv = []types.UserSummary{} + } else { + cv = *v + } + + for _, value := range shape { + var col types.UserSummary + destAddr := &col + if err := awsRestjson1_deserializeDocumentUserSummary(&destAddr, value); err != nil { + return err + } + col = *destAddr + cv = append(cv, col) + + } + *v = cv + return nil +} + +func awsRestjson1_deserializeDocumentValidationException(v **types.ValidationException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.ValidationException + if *v == nil { + sv = &types.ValidationException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ExceptionMessage to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + case "Reason": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ValidationExceptionReason to be of type string, got %T instead", value) + } + sv.Reason = types.ValidationExceptionReason(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} diff --git a/service/directoryservicedata/doc.go b/service/directoryservicedata/doc.go new file mode 100644 index 00000000000..c3527bec12f --- /dev/null +++ b/service/directoryservicedata/doc.go @@ -0,0 +1,60 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +// Package directoryservicedata provides the API client, operations, and parameter +// types for AWS Directory Service Data. +// +// Amazon Web Services Directory Service Data is an extension of Directory +// +// Service. This API reference provides detailed information about Directory +// Service Data operations and object types. +// +// With Directory Service Data, you can create, read, update, and delete users, +// groups, and memberships from your Managed Microsoft AD without additional costs +// and without deploying dedicated management instances. You can also perform +// built-in object management tasks across directories without direct network +// connectivity, which simplifies provisioning and access management to achieve +// fully automated deployments. Directory Service Data supports user and group +// write operations, such as CreateUser and CreateGroup , within the organizational +// unit (OU) of your Managed Microsoft AD. Directory Service Data supports read +// operations, such as ListUsers and ListGroups , on all users, groups, and group +// memberships within your Managed Microsoft AD and across trusted realms. +// Directory Service Data supports adding and removing group members in your OU and +// the Amazon Web Services Delegated Groups OU, so you can grant and deny access to +// specific roles and permissions. For more information, see [Manage users and groups]in the Directory +// Service Administration Guide. +// +// Directory management operations and configuration changes made against the +// Directory Service API will also reflect in Directory Service Data API with +// eventual consistency. You can expect a short delay between management changes, +// such as adding a new directory trust and calling the Directory Service Data API +// for the newly created trusted realm. +// +// Directory Service Data connects to your Managed Microsoft AD domain controllers +// and performs operations on underlying directory objects. When you create your +// Managed Microsoft AD, you choose subnets for domain controllers that Directory +// Service creates on your behalf. If a domain controller is unavailable, Directory +// Service Data uses an available domain controller. As a result, you might notice +// eventual consistency while objects replicate from one domain controller to +// another domain controller. For more information, see [What gets created]in the Directory Service +// Administration Guide. Directory limits vary by Managed Microsoft AD edition: +// +// - Standard edition – Supports 8 transactions per second (TPS) for read +// operations and 4 TPS for write operations per directory. There's a concurrency +// limit of 10 concurrent requests. +// +// - Enterprise edition – Supports 16 transactions per second (TPS) for read +// operations and 8 TPS for write operations per directory. There's a concurrency +// limit of 10 concurrent requests. +// +// - Amazon Web Services Account - Supports a total of 100 TPS for Directory +// Service Data operations across all directories. +// +// Directory Service Data only supports the Managed Microsoft AD directory type +// and is only available in the primary Amazon Web Services Region. For more +// information, see [Managed Microsoft AD]and [Primary vs additional Regions] in the Directory Service Administration Guide. +// +// [Managed Microsoft AD]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html +// [Primary vs additional Regions]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/multi-region-global-primary-additional.html +// [Manage users and groups]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_manage_users_groups.html +// [What gets created]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_getting_started_what_gets_created.html +package directoryservicedata diff --git a/service/directoryservicedata/endpoints.go b/service/directoryservicedata/endpoints.go new file mode 100644 index 00000000000..a4c3a0b8da3 --- /dev/null +++ b/service/directoryservicedata/endpoints.go @@ -0,0 +1,527 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "errors" + "fmt" + "github.com/aws/aws-sdk-go-v2/aws" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" + "github.com/aws/aws-sdk-go-v2/internal/endpoints" + "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn" + internalendpoints "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/internal/endpoints" + smithyauth "github.com/aws/smithy-go/auth" + smithyendpoints "github.com/aws/smithy-go/endpoints" + "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" + smithyhttp "github.com/aws/smithy-go/transport/http" + "net/http" + "net/url" + "os" + "strings" +) + +// EndpointResolverOptions is the service endpoint resolver options +type EndpointResolverOptions = internalendpoints.Options + +// EndpointResolver interface for resolving service endpoints. +type EndpointResolver interface { + ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error) +} + +var _ EndpointResolver = &internalendpoints.Resolver{} + +// NewDefaultEndpointResolver constructs a new service endpoint resolver +func NewDefaultEndpointResolver() *internalendpoints.Resolver { + return internalendpoints.New() +} + +// EndpointResolverFunc is a helper utility that wraps a function so it satisfies +// the EndpointResolver interface. This is useful when you want to add additional +// endpoint resolving logic, or stub out specific endpoints with custom values. +type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error) + +func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { + return fn(region, options) +} + +// EndpointResolverFromURL returns an EndpointResolver configured using the +// provided endpoint url. By default, the resolved endpoint resolver uses the +// client region as signing region, and the endpoint source is set to +// EndpointSourceCustom.You can provide functional options to configure endpoint +// values for the resolved endpoint. +func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver { + e := aws.Endpoint{URL: url, Source: aws.EndpointSourceCustom} + for _, fn := range optFns { + fn(&e) + } + + return EndpointResolverFunc( + func(region string, options EndpointResolverOptions) (aws.Endpoint, error) { + if len(e.SigningRegion) == 0 { + e.SigningRegion = region + } + return e, nil + }, + ) +} + +type ResolveEndpoint struct { + Resolver EndpointResolver + Options EndpointResolverOptions +} + +func (*ResolveEndpoint) ID() string { + return "ResolveEndpoint" +} + +func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + if !awsmiddleware.GetRequiresLegacyEndpoints(ctx) { + return next.HandleSerialize(ctx, in) + } + + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) + } + + if m.Resolver == nil { + return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") + } + + eo := m.Options + eo.Logger = middleware.GetLogger(ctx) + + var endpoint aws.Endpoint + endpoint, err = m.Resolver.ResolveEndpoint(awsmiddleware.GetRegion(ctx), eo) + if err != nil { + nf := (&aws.EndpointNotFoundError{}) + if errors.As(err, &nf) { + ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, false) + return next.HandleSerialize(ctx, in) + } + return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) + } + + req.URL, err = url.Parse(endpoint.URL) + if err != nil { + return out, metadata, fmt.Errorf("failed to parse endpoint URL: %w", err) + } + + if len(awsmiddleware.GetSigningName(ctx)) == 0 { + signingName := endpoint.SigningName + if len(signingName) == 0 { + signingName = "ds" + } + ctx = awsmiddleware.SetSigningName(ctx, signingName) + } + ctx = awsmiddleware.SetEndpointSource(ctx, endpoint.Source) + ctx = smithyhttp.SetHostnameImmutable(ctx, endpoint.HostnameImmutable) + ctx = awsmiddleware.SetSigningRegion(ctx, endpoint.SigningRegion) + ctx = awsmiddleware.SetPartitionID(ctx, endpoint.PartitionID) + return next.HandleSerialize(ctx, in) +} +func addResolveEndpointMiddleware(stack *middleware.Stack, o Options) error { + return stack.Serialize.Insert(&ResolveEndpoint{ + Resolver: o.EndpointResolver, + Options: o.EndpointOptions, + }, "OperationSerializer", middleware.Before) +} + +func removeResolveEndpointMiddleware(stack *middleware.Stack) error { + _, err := stack.Serialize.Remove((&ResolveEndpoint{}).ID()) + return err +} + +type wrappedEndpointResolver struct { + awsResolver aws.EndpointResolverWithOptions +} + +func (w *wrappedEndpointResolver) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { + return w.awsResolver.ResolveEndpoint(ServiceID, region, options) +} + +type awsEndpointResolverAdaptor func(service, region string) (aws.Endpoint, error) + +func (a awsEndpointResolverAdaptor) ResolveEndpoint(service, region string, options ...interface{}) (aws.Endpoint, error) { + return a(service, region) +} + +var _ aws.EndpointResolverWithOptions = awsEndpointResolverAdaptor(nil) + +// withEndpointResolver returns an aws.EndpointResolverWithOptions that first delegates endpoint resolution to the awsResolver. +// If awsResolver returns aws.EndpointNotFoundError error, the v1 resolver middleware will swallow the error, +// and set an appropriate context flag such that fallback will occur when EndpointResolverV2 is invoked +// via its middleware. +// +// If another error (besides aws.EndpointNotFoundError) is returned, then that error will be propagated. +func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions) EndpointResolver { + var resolver aws.EndpointResolverWithOptions + + if awsResolverWithOptions != nil { + resolver = awsResolverWithOptions + } else if awsResolver != nil { + resolver = awsEndpointResolverAdaptor(awsResolver.ResolveEndpoint) + } + + return &wrappedEndpointResolver{ + awsResolver: resolver, + } +} + +func finalizeClientEndpointResolverOptions(options *Options) { + options.EndpointOptions.LogDeprecated = options.ClientLogMode.IsDeprecatedUsage() + + if len(options.EndpointOptions.ResolvedRegion) == 0 { + const fipsInfix = "-fips-" + const fipsPrefix = "fips-" + const fipsSuffix = "-fips" + + if strings.Contains(options.Region, fipsInfix) || + strings.Contains(options.Region, fipsPrefix) || + strings.Contains(options.Region, fipsSuffix) { + options.EndpointOptions.ResolvedRegion = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll( + options.Region, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "") + options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled + } + } + +} + +func resolveEndpointResolverV2(options *Options) { + if options.EndpointResolverV2 == nil { + options.EndpointResolverV2 = NewDefaultEndpointResolverV2() + } +} + +func resolveBaseEndpoint(cfg aws.Config, o *Options) { + if cfg.BaseEndpoint != nil { + o.BaseEndpoint = cfg.BaseEndpoint + } + + _, g := os.LookupEnv("AWS_ENDPOINT_URL") + _, s := os.LookupEnv("AWS_ENDPOINT_URL_DIRECTORY_SERVICE_DATA") + + if g && !s { + return + } + + value, found, err := internalConfig.ResolveServiceBaseEndpoint(context.Background(), "Directory Service Data", cfg.ConfigSources) + if found && err == nil { + o.BaseEndpoint = &value + } +} + +func bindRegion(region string) *string { + if region == "" { + return nil + } + return aws.String(endpoints.MapFIPSRegion(region)) +} + +// EndpointParameters provides the parameters that influence how endpoints are +// resolved. +type EndpointParameters struct { + // The AWS region used to dispatch the request. + // + // Parameter is + // required. + // + // AWS::Region + Region *string + + // When true, use the dual-stack endpoint. If the configured endpoint does not + // support dual-stack, dispatching the request MAY return an error. + // + // Defaults to + // false if no value is provided. + // + // AWS::UseDualStack + UseDualStack *bool + + // When true, send this request to the FIPS-compliant regional endpoint. If the + // configured endpoint does not have a FIPS compliant endpoint, dispatching the + // request will return an error. + // + // Defaults to false if no value is + // provided. + // + // AWS::UseFIPS + UseFIPS *bool + + // Override the endpoint used to send this request + // + // Parameter is + // required. + // + // SDK::Endpoint + Endpoint *string +} + +// ValidateRequired validates required parameters are set. +func (p EndpointParameters) ValidateRequired() error { + if p.UseDualStack == nil { + return fmt.Errorf("parameter UseDualStack is required") + } + + if p.UseFIPS == nil { + return fmt.Errorf("parameter UseFIPS is required") + } + + return nil +} + +// WithDefaults returns a shallow copy of EndpointParameterswith default values +// applied to members where applicable. +func (p EndpointParameters) WithDefaults() EndpointParameters { + if p.UseDualStack == nil { + p.UseDualStack = ptr.Bool(false) + } + + if p.UseFIPS == nil { + p.UseFIPS = ptr.Bool(false) + } + return p +} + +type stringSlice []string + +func (s stringSlice) Get(i int) *string { + if i < 0 || i >= len(s) { + return nil + } + + v := s[i] + return &v +} + +// EndpointResolverV2 provides the interface for resolving service endpoints. +type EndpointResolverV2 interface { + // ResolveEndpoint attempts to resolve the endpoint with the provided options, + // returning the endpoint if found. Otherwise an error is returned. + ResolveEndpoint(ctx context.Context, params EndpointParameters) ( + smithyendpoints.Endpoint, error, + ) +} + +// resolver provides the implementation for resolving endpoints. +type resolver struct{} + +func NewDefaultEndpointResolverV2() EndpointResolverV2 { + return &resolver{} +} + +// ResolveEndpoint attempts to resolve the endpoint with the provided options, +// returning the endpoint if found. Otherwise an error is returned. +func (r *resolver) ResolveEndpoint( + ctx context.Context, params EndpointParameters, +) ( + endpoint smithyendpoints.Endpoint, err error, +) { + params = params.WithDefaults() + if err = params.ValidateRequired(); err != nil { + return endpoint, fmt.Errorf("endpoint parameters are not valid, %w", err) + } + _UseDualStack := *params.UseDualStack + _UseFIPS := *params.UseFIPS + + if exprVal := params.Endpoint; exprVal != nil { + _Endpoint := *exprVal + _ = _Endpoint + if _UseFIPS == true { + return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: FIPS and custom endpoint are not supported") + } + if _UseDualStack == true { + return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Dualstack and custom endpoint are not supported") + } + uriString := _Endpoint + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + }, nil + } + if exprVal := params.Region; exprVal != nil { + _Region := *exprVal + _ = _Region + if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil { + _PartitionResult := *exprVal + _ = _PartitionResult + if _UseFIPS == true { + if _UseDualStack == true { + if true == _PartitionResult.SupportsFIPS { + if true == _PartitionResult.SupportsDualStack { + uriString := func() string { + var out strings.Builder + out.WriteString("https://ds-data-fips.") + out.WriteString(_Region) + out.WriteString(".") + out.WriteString(_PartitionResult.DualStackDnsSuffix) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + }, nil + } + } + return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS and DualStack are enabled, but this partition does not support one or both") + } + } + if _UseFIPS == true { + if _PartitionResult.SupportsFIPS == true { + uriString := func() string { + var out strings.Builder + out.WriteString("https://ds-data-fips.") + out.WriteString(_Region) + out.WriteString(".") + out.WriteString(_PartitionResult.DnsSuffix) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + }, nil + } + return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS is enabled but this partition does not support FIPS") + } + if _UseDualStack == true { + if true == _PartitionResult.SupportsDualStack { + uriString := func() string { + var out strings.Builder + out.WriteString("https://ds-data.") + out.WriteString(_Region) + out.WriteString(".") + out.WriteString(_PartitionResult.DualStackDnsSuffix) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + }, nil + } + return endpoint, fmt.Errorf("endpoint rule error, %s", "DualStack is enabled but this partition does not support DualStack") + } + uriString := func() string { + var out strings.Builder + out.WriteString("https://ds-data.") + out.WriteString(_Region) + out.WriteString(".") + out.WriteString(_PartitionResult.DnsSuffix) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + }, nil + } + return endpoint, fmt.Errorf("Endpoint resolution failed. Invalid operation or environment input.") + } + return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region") +} + +type endpointParamsBinder interface { + bindEndpointParams(*EndpointParameters) +} + +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { + params := &EndpointParameters{} + + params.Region = bindRegion(options.Region) + params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled) + params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) + params.Endpoint = options.BaseEndpoint + + if b, ok := input.(endpointParamsBinder); ok { + b.bindEndpointParams(params) + } + + return params +} + +type resolveEndpointV2Middleware struct { + options Options +} + +func (*resolveEndpointV2Middleware) ID() string { + return "ResolveEndpointV2" +} + +func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { + return next.HandleFinalize(ctx, in) + } + + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) + } + + if m.options.EndpointResolverV2 == nil { + return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") + } + + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) + endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) + if err != nil { + return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) + } + + if endpt.URI.RawPath == "" && req.URL.RawPath != "" { + endpt.URI.RawPath = endpt.URI.Path + } + req.URL.Scheme = endpt.URI.Scheme + req.URL.Host = endpt.URI.Host + req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path) + req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath) + for k := range endpt.Headers { + req.Header.Set(k, endpt.Headers.Get(k)) + } + + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + opts, _ := smithyauth.GetAuthOptions(&endpt.Properties) + for _, o := range opts { + rscheme.SignerProperties.SetAll(&o.SignerProperties) + } + + return next.HandleFinalize(ctx, in) +} diff --git a/service/directoryservicedata/endpoints_config_test.go b/service/directoryservicedata/endpoints_config_test.go new file mode 100644 index 00000000000..e1d02595282 --- /dev/null +++ b/service/directoryservicedata/endpoints_config_test.go @@ -0,0 +1,139 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "github.com/aws/aws-sdk-go-v2/aws" + "os" + "reflect" + "testing" +) + +type mockConfigSource struct { + global string + service string + ignore bool +} + +// GetIgnoreConfiguredEndpoints is used in knowing when to disable configured +// endpoints feature. +func (m mockConfigSource) GetIgnoreConfiguredEndpoints(context.Context) (bool, bool, error) { + return m.ignore, m.ignore, nil +} + +// GetServiceBaseEndpoint is used to retrieve a normalized SDK ID for use +// with configured endpoints. +func (m mockConfigSource) GetServiceBaseEndpoint(ctx context.Context, sdkID string) (string, bool, error) { + if m.service != "" { + return m.service, true, nil + } + return "", false, nil +} + +func TestResolveBaseEndpoint(t *testing.T) { + cases := map[string]struct { + envGlobal string + envService string + envIgnore bool + configGlobal string + configService string + configIgnore bool + clientEndpoint *string + expectURL *string + }{ + "env ignore": { + envGlobal: "https://env-global.dev", + envService: "https://env-directory-service-data.dev", + envIgnore: true, + configGlobal: "http://config-global.dev", + configService: "http://config-directory-service-data.dev", + expectURL: nil, + }, + "env global": { + envGlobal: "https://env-global.dev", + configGlobal: "http://config-global.dev", + configService: "http://config-directory-service-data.dev", + expectURL: aws.String("https://env-global.dev"), + }, + "env service": { + envGlobal: "https://env-global.dev", + envService: "https://env-directory-service-data.dev", + configGlobal: "http://config-global.dev", + configService: "http://config-directory-service-data.dev", + expectURL: aws.String("https://env-directory-service-data.dev"), + }, + "config ignore": { + envGlobal: "https://env-global.dev", + envService: "https://env-directory-service-data.dev", + configGlobal: "http://config-global.dev", + configService: "http://config-directory-service-data.dev", + configIgnore: true, + expectURL: nil, + }, + "config global": { + configGlobal: "http://config-global.dev", + expectURL: aws.String("http://config-global.dev"), + }, + "config service": { + configGlobal: "http://config-global.dev", + configService: "http://config-directory-service-data.dev", + expectURL: aws.String("http://config-directory-service-data.dev"), + }, + "client": { + envGlobal: "https://env-global.dev", + envService: "https://env-directory-service-data.dev", + configGlobal: "http://config-global.dev", + configService: "http://config-directory-service-data.dev", + clientEndpoint: aws.String("https://client-directory-service-data.dev"), + expectURL: aws.String("https://client-directory-service-data.dev"), + }, + } + + for name, c := range cases { + t.Run(name, func(t *testing.T) { + os.Clearenv() + + awsConfig := aws.Config{} + ignore := c.envIgnore || c.configIgnore + + if c.configGlobal != "" && !ignore { + awsConfig.BaseEndpoint = aws.String(c.configGlobal) + } + + if c.envGlobal != "" { + t.Setenv("AWS_ENDPOINT_URL", c.envGlobal) + if !ignore { + awsConfig.BaseEndpoint = aws.String(c.envGlobal) + } + } + + if c.envService != "" { + t.Setenv("AWS_ENDPOINT_URL_DIRECTORY_SERVICE_DATA", c.envService) + } + + awsConfig.ConfigSources = []interface{}{ + mockConfigSource{ + global: c.envGlobal, + service: c.envService, + ignore: c.envIgnore, + }, + mockConfigSource{ + global: c.configGlobal, + service: c.configService, + ignore: c.configIgnore, + }, + } + + client := NewFromConfig(awsConfig, func(o *Options) { + if c.clientEndpoint != nil { + o.BaseEndpoint = c.clientEndpoint + } + }) + + if e, a := c.expectURL, client.options.BaseEndpoint; !reflect.DeepEqual(e, a) { + t.Errorf("expect endpoint %v , got %v", e, a) + } + }) + } +} diff --git a/service/directoryservicedata/endpoints_test.go b/service/directoryservicedata/endpoints_test.go new file mode 100644 index 00000000000..276e92ae84a --- /dev/null +++ b/service/directoryservicedata/endpoints_test.go @@ -0,0 +1,820 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + smithy "github.com/aws/smithy-go" + smithyendpoints "github.com/aws/smithy-go/endpoints" + "github.com/aws/smithy-go/ptr" + "net/http" + "net/url" + "reflect" + "strings" + "testing" +) + +// For region us-east-1 with FIPS enabled and DualStack enabled +func TestEndpointCase0(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-east-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(true), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data-fips.us-east-1.api.aws") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-east-1 with FIPS enabled and DualStack disabled +func TestEndpointCase1(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-east-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(false), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data-fips.us-east-1.amazonaws.com") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-east-1 with FIPS disabled and DualStack enabled +func TestEndpointCase2(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-east-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(true), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data.us-east-1.api.aws") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-east-1 with FIPS disabled and DualStack disabled +func TestEndpointCase3(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-east-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(false), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data.us-east-1.amazonaws.com") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region cn-north-1 with FIPS enabled and DualStack enabled +func TestEndpointCase4(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("cn-north-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(true), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data-fips.cn-north-1.api.amazonwebservices.com.cn") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region cn-north-1 with FIPS enabled and DualStack disabled +func TestEndpointCase5(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("cn-north-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(false), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data-fips.cn-north-1.amazonaws.com.cn") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region cn-north-1 with FIPS disabled and DualStack enabled +func TestEndpointCase6(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("cn-north-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(true), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data.cn-north-1.api.amazonwebservices.com.cn") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region cn-north-1 with FIPS disabled and DualStack disabled +func TestEndpointCase7(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("cn-north-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(false), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data.cn-north-1.amazonaws.com.cn") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-gov-east-1 with FIPS enabled and DualStack enabled +func TestEndpointCase8(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-gov-east-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(true), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data-fips.us-gov-east-1.api.aws") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-gov-east-1 with FIPS enabled and DualStack disabled +func TestEndpointCase9(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-gov-east-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(false), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data-fips.us-gov-east-1.amazonaws.com") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-gov-east-1 with FIPS disabled and DualStack enabled +func TestEndpointCase10(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-gov-east-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(true), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data.us-gov-east-1.api.aws") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-gov-east-1 with FIPS disabled and DualStack disabled +func TestEndpointCase11(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-gov-east-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(false), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data.us-gov-east-1.amazonaws.com") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-iso-east-1 with FIPS enabled and DualStack enabled +func TestEndpointCase12(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-iso-east-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(true), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err == nil { + t.Fatalf("expect error, got none") + } + if e, a := "FIPS and DualStack are enabled, but this partition does not support one or both", err.Error(); !strings.Contains(a, e) { + t.Errorf("expect %v error in %v", e, a) + } +} + +// For region us-iso-east-1 with FIPS enabled and DualStack disabled +func TestEndpointCase13(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-iso-east-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(false), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data-fips.us-iso-east-1.c2s.ic.gov") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-iso-east-1 with FIPS disabled and DualStack enabled +func TestEndpointCase14(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-iso-east-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(true), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err == nil { + t.Fatalf("expect error, got none") + } + if e, a := "DualStack is enabled but this partition does not support DualStack", err.Error(); !strings.Contains(a, e) { + t.Errorf("expect %v error in %v", e, a) + } +} + +// For region us-iso-east-1 with FIPS disabled and DualStack disabled +func TestEndpointCase15(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-iso-east-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(false), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data.us-iso-east-1.c2s.ic.gov") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-isob-east-1 with FIPS enabled and DualStack enabled +func TestEndpointCase16(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-isob-east-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(true), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err == nil { + t.Fatalf("expect error, got none") + } + if e, a := "FIPS and DualStack are enabled, but this partition does not support one or both", err.Error(); !strings.Contains(a, e) { + t.Errorf("expect %v error in %v", e, a) + } +} + +// For region us-isob-east-1 with FIPS enabled and DualStack disabled +func TestEndpointCase17(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-isob-east-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(false), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data-fips.us-isob-east-1.sc2s.sgov.gov") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For region us-isob-east-1 with FIPS disabled and DualStack enabled +func TestEndpointCase18(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-isob-east-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(true), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err == nil { + t.Fatalf("expect error, got none") + } + if e, a := "DualStack is enabled but this partition does not support DualStack", err.Error(); !strings.Contains(a, e) { + t.Errorf("expect %v error in %v", e, a) + } +} + +// For region us-isob-east-1 with FIPS disabled and DualStack disabled +func TestEndpointCase19(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-isob-east-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(false), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://ds-data.us-isob-east-1.sc2s.sgov.gov") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For custom endpoint with region set and fips disabled and dualstack disabled +func TestEndpointCase20(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-east-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(false), + Endpoint: ptr.String("https://example.com"), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://example.com") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For custom endpoint with region not set and fips disabled and dualstack disabled +func TestEndpointCase21(t *testing.T) { + var params = EndpointParameters{ + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(false), + Endpoint: ptr.String("https://example.com"), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err != nil { + t.Fatalf("expect no error, got %v", err) + } + + uri, _ := url.Parse("https://example.com") + + expectEndpoint := smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: smithy.Properties{}, + } + + if e, a := expectEndpoint.URI, result.URI; e != a { + t.Errorf("expect %v URI, got %v", e, a) + } + + if !reflect.DeepEqual(expectEndpoint.Headers, result.Headers) { + t.Errorf("expect headers to match\n%v != %v", expectEndpoint.Headers, result.Headers) + } + + if !reflect.DeepEqual(expectEndpoint.Properties, result.Properties) { + t.Errorf("expect properties to match\n%v != %v", expectEndpoint.Properties, result.Properties) + } +} + +// For custom endpoint with fips enabled and dualstack disabled +func TestEndpointCase22(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-east-1"), + UseFIPS: ptr.Bool(true), + UseDualStack: ptr.Bool(false), + Endpoint: ptr.String("https://example.com"), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err == nil { + t.Fatalf("expect error, got none") + } + if e, a := "Invalid Configuration: FIPS and custom endpoint are not supported", err.Error(); !strings.Contains(a, e) { + t.Errorf("expect %v error in %v", e, a) + } +} + +// For custom endpoint with fips disabled and dualstack enabled +func TestEndpointCase23(t *testing.T) { + var params = EndpointParameters{ + Region: ptr.String("us-east-1"), + UseFIPS: ptr.Bool(false), + UseDualStack: ptr.Bool(true), + Endpoint: ptr.String("https://example.com"), + } + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err == nil { + t.Fatalf("expect error, got none") + } + if e, a := "Invalid Configuration: Dualstack and custom endpoint are not supported", err.Error(); !strings.Contains(a, e) { + t.Errorf("expect %v error in %v", e, a) + } +} + +// Missing region +func TestEndpointCase24(t *testing.T) { + var params = EndpointParameters{} + + resolver := NewDefaultEndpointResolverV2() + result, err := resolver.ResolveEndpoint(context.Background(), params) + _, _ = result, err + + if err == nil { + t.Fatalf("expect error, got none") + } + if e, a := "Invalid Configuration: Missing Region", err.Error(); !strings.Contains(a, e) { + t.Errorf("expect %v error in %v", e, a) + } +} diff --git a/service/directoryservicedata/generated.json b/service/directoryservicedata/generated.json new file mode 100644 index 00000000000..ab7b2ded48c --- /dev/null +++ b/service/directoryservicedata/generated.json @@ -0,0 +1,50 @@ +{ + "dependencies": { + "github.com/aws/aws-sdk-go-v2": "v1.4.0", + "github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000", + "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000", + "github.com/aws/smithy-go": "v1.4.0" + }, + "files": [ + "api_client.go", + "api_client_test.go", + "api_op_AddGroupMember.go", + "api_op_CreateGroup.go", + "api_op_CreateUser.go", + "api_op_DeleteGroup.go", + "api_op_DeleteUser.go", + "api_op_DescribeGroup.go", + "api_op_DescribeUser.go", + "api_op_DisableUser.go", + "api_op_ListGroupMembers.go", + "api_op_ListGroups.go", + "api_op_ListGroupsForMember.go", + "api_op_ListUsers.go", + "api_op_RemoveGroupMember.go", + "api_op_SearchGroups.go", + "api_op_SearchUsers.go", + "api_op_UpdateGroup.go", + "api_op_UpdateUser.go", + "auth.go", + "deserializers.go", + "doc.go", + "endpoints.go", + "endpoints_config_test.go", + "endpoints_test.go", + "generated.json", + "internal/endpoints/endpoints.go", + "internal/endpoints/endpoints_test.go", + "options.go", + "protocol_test.go", + "serializers.go", + "snapshot_test.go", + "types/enums.go", + "types/errors.go", + "types/types.go", + "types/types_exported_test.go", + "validators.go" + ], + "go": "1.15", + "module": "github.com/aws/aws-sdk-go-v2/service/directoryservicedata", + "unstable": false +} diff --git a/service/directoryservicedata/go.mod b/service/directoryservicedata/go.mod new file mode 100644 index 00000000000..9185378b191 --- /dev/null +++ b/service/directoryservicedata/go.mod @@ -0,0 +1,16 @@ +module github.com/aws/aws-sdk-go-v2/service/directoryservicedata + +go 1.21 + +require ( + github.com/aws/aws-sdk-go-v2 v1.30.5 + github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17 + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17 + github.com/aws/smithy-go v1.20.4 +) + +replace github.com/aws/aws-sdk-go-v2 => ../../ + +replace github.com/aws/aws-sdk-go-v2/internal/configsources => ../../internal/configsources/ + +replace github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 => ../../internal/endpoints/v2/ diff --git a/service/directoryservicedata/go.sum b/service/directoryservicedata/go.sum new file mode 100644 index 00000000000..472f5906e46 --- /dev/null +++ b/service/directoryservicedata/go.sum @@ -0,0 +1,2 @@ +github.com/aws/smithy-go v1.20.4 h1:2HK1zBdPgRbjFOHlfeQZfpC4r72MOb9bZkiFwggKO+4= +github.com/aws/smithy-go v1.20.4/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= diff --git a/service/directoryservicedata/go_module_metadata.go b/service/directoryservicedata/go_module_metadata.go new file mode 100644 index 00000000000..412391e4dc6 --- /dev/null +++ b/service/directoryservicedata/go_module_metadata.go @@ -0,0 +1,6 @@ +// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. + +package directoryservicedata + +// goModuleVersion is the tagged release for this module +const goModuleVersion = "tip" diff --git a/service/directoryservicedata/internal/endpoints/endpoints.go b/service/directoryservicedata/internal/endpoints/endpoints.go new file mode 100644 index 00000000000..968f193b24e --- /dev/null +++ b/service/directoryservicedata/internal/endpoints/endpoints.go @@ -0,0 +1,296 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package endpoints + +import ( + "github.com/aws/aws-sdk-go-v2/aws" + endpoints "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2" + "github.com/aws/smithy-go/logging" + "regexp" +) + +// Options is the endpoint resolver configuration options +type Options struct { + // Logger is a logging implementation that log events should be sent to. + Logger logging.Logger + + // LogDeprecated indicates that deprecated endpoints should be logged to the + // provided logger. + LogDeprecated bool + + // ResolvedRegion is used to override the region to be resolved, rather then the + // using the value passed to the ResolveEndpoint method. This value is used by the + // SDK to translate regions like fips-us-east-1 or us-east-1-fips to an alternative + // name. You must not set this value directly in your application. + ResolvedRegion string + + // DisableHTTPS informs the resolver to return an endpoint that does not use the + // HTTPS scheme. + DisableHTTPS bool + + // UseDualStackEndpoint specifies the resolver must resolve a dual-stack endpoint. + UseDualStackEndpoint aws.DualStackEndpointState + + // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint. + UseFIPSEndpoint aws.FIPSEndpointState +} + +func (o Options) GetResolvedRegion() string { + return o.ResolvedRegion +} + +func (o Options) GetDisableHTTPS() bool { + return o.DisableHTTPS +} + +func (o Options) GetUseDualStackEndpoint() aws.DualStackEndpointState { + return o.UseDualStackEndpoint +} + +func (o Options) GetUseFIPSEndpoint() aws.FIPSEndpointState { + return o.UseFIPSEndpoint +} + +func transformToSharedOptions(options Options) endpoints.Options { + return endpoints.Options{ + Logger: options.Logger, + LogDeprecated: options.LogDeprecated, + ResolvedRegion: options.ResolvedRegion, + DisableHTTPS: options.DisableHTTPS, + UseDualStackEndpoint: options.UseDualStackEndpoint, + UseFIPSEndpoint: options.UseFIPSEndpoint, + } +} + +// Resolver Directory Service Data endpoint resolver +type Resolver struct { + partitions endpoints.Partitions +} + +// ResolveEndpoint resolves the service endpoint for the given region and options +func (r *Resolver) ResolveEndpoint(region string, options Options) (endpoint aws.Endpoint, err error) { + if len(region) == 0 { + return endpoint, &aws.MissingRegionError{} + } + + opt := transformToSharedOptions(options) + return r.partitions.ResolveEndpoint(region, opt) +} + +// New returns a new Resolver +func New() *Resolver { + return &Resolver{ + partitions: defaultPartitions, + } +} + +var partitionRegexp = struct { + Aws *regexp.Regexp + AwsCn *regexp.Regexp + AwsIso *regexp.Regexp + AwsIsoB *regexp.Regexp + AwsIsoE *regexp.Regexp + AwsIsoF *regexp.Regexp + AwsUsGov *regexp.Regexp +}{ + + Aws: regexp.MustCompile("^(us|eu|ap|sa|ca|me|af|il|mx)\\-\\w+\\-\\d+$"), + AwsCn: regexp.MustCompile("^cn\\-\\w+\\-\\d+$"), + AwsIso: regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"), + AwsIsoB: regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"), + AwsIsoE: regexp.MustCompile("^eu\\-isoe\\-\\w+\\-\\d+$"), + AwsIsoF: regexp.MustCompile("^us\\-isof\\-\\w+\\-\\d+$"), + AwsUsGov: regexp.MustCompile("^us\\-gov\\-\\w+\\-\\d+$"), +} + +var defaultPartitions = endpoints.Partitions{ + { + ID: "aws", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.DualStackVariant, + }: { + Hostname: "ds-data.{region}.api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "ds-data-fips.{region}.amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, + }: { + Hostname: "ds-data-fips.{region}.api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "ds-data.{region}.amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.Aws, + IsRegionalized: true, + }, + { + ID: "aws-cn", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.DualStackVariant, + }: { + Hostname: "ds-data.{region}.api.amazonwebservices.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "ds-data-fips.{region}.amazonaws.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, + }: { + Hostname: "ds-data-fips.{region}.api.amazonwebservices.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "ds-data.{region}.amazonaws.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.AwsCn, + IsRegionalized: true, + }, + { + ID: "aws-iso", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "ds-data-fips.{region}.c2s.ic.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "ds-data.{region}.c2s.ic.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.AwsIso, + IsRegionalized: true, + }, + { + ID: "aws-iso-b", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "ds-data-fips.{region}.sc2s.sgov.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "ds-data.{region}.sc2s.sgov.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.AwsIsoB, + IsRegionalized: true, + }, + { + ID: "aws-iso-e", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "ds-data-fips.{region}.cloud.adc-e.uk", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "ds-data.{region}.cloud.adc-e.uk", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.AwsIsoE, + IsRegionalized: true, + }, + { + ID: "aws-iso-f", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "ds-data-fips.{region}.csp.hci.ic.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "ds-data.{region}.csp.hci.ic.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.AwsIsoF, + IsRegionalized: true, + }, + { + ID: "aws-us-gov", + Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ + { + Variant: endpoints.DualStackVariant, + }: { + Hostname: "ds-data.{region}.api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant, + }: { + Hostname: "ds-data-fips.{region}.amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, + }: { + Hostname: "ds-data-fips.{region}.api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + { + Variant: 0, + }: { + Hostname: "ds-data.{region}.amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + RegionRegex: partitionRegexp.AwsUsGov, + IsRegionalized: true, + }, +} diff --git a/service/directoryservicedata/internal/endpoints/endpoints_test.go b/service/directoryservicedata/internal/endpoints/endpoints_test.go new file mode 100644 index 00000000000..08e5da2d833 --- /dev/null +++ b/service/directoryservicedata/internal/endpoints/endpoints_test.go @@ -0,0 +1,11 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package endpoints + +import ( + "testing" +) + +func TestRegexCompile(t *testing.T) { + _ = defaultPartitions +} diff --git a/service/directoryservicedata/options.go b/service/directoryservicedata/options.go new file mode 100644 index 00000000000..bb4b4993439 --- /dev/null +++ b/service/directoryservicedata/options.go @@ -0,0 +1,228 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "github.com/aws/aws-sdk-go-v2/aws" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" + smithyauth "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/logging" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" + "net/http" +) + +type HTTPClient interface { + Do(*http.Request) (*http.Response, error) +} + +type Options struct { + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // The optional application specific identifier appended to the User-Agent header. + AppID string + + // This endpoint will be given as input to an EndpointResolverV2. It is used for + // providing a custom base endpoint that is subject to modifications by the + // processing EndpointResolverV2. + BaseEndpoint *string + + // Configures the events that will be sent to the configured logger. + ClientLogMode aws.ClientLogMode + + // The credentials object to use when signing requests. + Credentials aws.CredentialsProvider + + // The configuration DefaultsMode that the SDK should use when constructing the + // clients initial default settings. + DefaultsMode aws.DefaultsMode + + // The endpoint options to be used when attempting to resolve an endpoint. + EndpointOptions EndpointResolverOptions + + // The service endpoint resolver. + // + // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a + // value for this field will likely prevent you from using any endpoint-related + // service features released after the introduction of EndpointResolverV2 and + // BaseEndpoint. + // + // To migrate an EndpointResolver implementation that uses a custom endpoint, set + // the client option BaseEndpoint instead. + EndpointResolver EndpointResolver + + // Resolves the endpoint used for a particular service operation. This should be + // used over the deprecated EndpointResolver. + EndpointResolverV2 EndpointResolverV2 + + // Signature Version 4 (SigV4) Signer + HTTPSignerV4 HTTPSignerV4 + + // Provides idempotency tokens values that will be automatically populated into + // idempotent API operations. + IdempotencyTokenProvider IdempotencyTokenProvider + + // The logger writer interface to write logging messages to. + Logger logging.Logger + + // The region to send requests to. (Required) + Region string + + // RetryMaxAttempts specifies the maximum number attempts an API client will call + // an operation that fails with a retryable error. A value of 0 is ignored, and + // will not be used to configure the API client created default retryer, or modify + // per operation call's retry max attempts. + // + // If specified in an operation call's functional options with a value that is + // different than the constructed client's Options, the Client's Retryer will be + // wrapped to use the operation's specific RetryMaxAttempts value. + RetryMaxAttempts int + + // RetryMode specifies the retry mode the API client will be created with, if + // Retryer option is not also specified. + // + // When creating a new API Clients this member will only be used if the Retryer + // Options member is nil. This value will be ignored if Retryer is not nil. + // + // Currently does not support per operation call overrides, may in the future. + RetryMode aws.RetryMode + + // Retryer guides how HTTP requests should be retried in case of recoverable + // failures. When nil the API client will use a default retryer. The kind of + // default retry created by the API client can be changed with the RetryMode + // option. + Retryer aws.Retryer + + // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set + // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You + // should not populate this structure programmatically, or rely on the values here + // within your applications. + RuntimeEnvironment aws.RuntimeEnvironment + + // The initial DefaultsMode used when the client options were constructed. If the + // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved + // value was at that point in time. + // + // Currently does not support per operation call overrides, may in the future. + resolvedDefaultsMode aws.DefaultsMode + + // The HTTP client to invoke API calls with. Defaults to client's default HTTP + // implementation if nil. + HTTPClient HTTPClient + + // The auth scheme resolver which determines how to authenticate for each + // operation. + AuthSchemeResolver AuthSchemeResolver + + // The list of auth schemes supported by the client. + AuthSchemes []smithyhttp.AuthScheme +} + +// Copy creates a clone where the APIOptions list is deep copied. +func (o Options) Copy() Options { + to := o + to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) + copy(to.APIOptions, o.APIOptions) + + return to +} + +func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver { + if schemeID == "aws.auth#sigv4" { + return getSigV4IdentityResolver(o) + } + if schemeID == "smithy.api#noAuth" { + return &smithyauth.AnonymousIdentityResolver{} + } + return nil +} + +// WithAPIOptions returns a functional option for setting the Client's APIOptions +// option. +func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { + return func(o *Options) { + o.APIOptions = append(o.APIOptions, optFns...) + } +} + +// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for +// this field will likely prevent you from using any endpoint-related service +// features released after the introduction of EndpointResolverV2 and BaseEndpoint. +// +// To migrate an EndpointResolver implementation that uses a custom endpoint, set +// the client option BaseEndpoint instead. +func WithEndpointResolver(v EndpointResolver) func(*Options) { + return func(o *Options) { + o.EndpointResolver = v + } +} + +// WithEndpointResolverV2 returns a functional option for setting the Client's +// EndpointResolverV2 option. +func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { + return func(o *Options) { + o.EndpointResolverV2 = v + } +} + +func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver { + if o.Credentials != nil { + return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials} + } + return nil +} + +// WithSigV4SigningName applies an override to the authentication workflow to +// use the given signing name for SigV4-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing name from both auth scheme resolution and endpoint +// resolution. +func WithSigV4SigningName(name string) func(*Options) { + fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, + ) { + return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Initialize.Add( + middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn), + middleware.Before, + ) + }) + } +} + +// WithSigV4SigningRegion applies an override to the authentication workflow to +// use the given signing region for SigV4-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing region from both auth scheme resolution and endpoint +// resolution. +func WithSigV4SigningRegion(region string) func(*Options) { + fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, + ) { + return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Initialize.Add( + middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn), + middleware.Before, + ) + }) + } +} + +func ignoreAnonymousAuth(options *Options) { + if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) { + options.Credentials = nil + } +} diff --git a/service/directoryservicedata/protocol_test.go b/service/directoryservicedata/protocol_test.go new file mode 100644 index 00000000000..ab249c4e8a5 --- /dev/null +++ b/service/directoryservicedata/protocol_test.go @@ -0,0 +1,3 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata diff --git a/service/directoryservicedata/serializers.go b/service/directoryservicedata/serializers.go new file mode 100644 index 00000000000..e1f119e6cb7 --- /dev/null +++ b/service/directoryservicedata/serializers.go @@ -0,0 +1,1775 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "bytes" + "context" + "fmt" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" + smithy "github.com/aws/smithy-go" + "github.com/aws/smithy-go/encoding/httpbinding" + smithyjson "github.com/aws/smithy-go/encoding/json" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +type awsRestjson1_serializeOpAddGroupMember struct { +} + +func (*awsRestjson1_serializeOpAddGroupMember) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpAddGroupMember) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*AddGroupMemberInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/GroupMemberships/AddGroupMember") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsAddGroupMemberInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentAddGroupMemberInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsAddGroupMemberInput(v *AddGroupMemberInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentAddGroupMemberInput(v *AddGroupMemberInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ClientToken != nil { + ok := object.Key("ClientToken") + ok.String(*v.ClientToken) + } + + if v.GroupName != nil { + ok := object.Key("GroupName") + ok.String(*v.GroupName) + } + + if v.MemberName != nil { + ok := object.Key("MemberName") + ok.String(*v.MemberName) + } + + if v.MemberRealm != nil { + ok := object.Key("MemberRealm") + ok.String(*v.MemberRealm) + } + + return nil +} + +type awsRestjson1_serializeOpCreateGroup struct { +} + +func (*awsRestjson1_serializeOpCreateGroup) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpCreateGroup) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*CreateGroupInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Groups/CreateGroup") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsCreateGroupInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentCreateGroupInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsCreateGroupInput(v *CreateGroupInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentCreateGroupInput(v *CreateGroupInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ClientToken != nil { + ok := object.Key("ClientToken") + ok.String(*v.ClientToken) + } + + if len(v.GroupScope) > 0 { + ok := object.Key("GroupScope") + ok.String(string(v.GroupScope)) + } + + if len(v.GroupType) > 0 { + ok := object.Key("GroupType") + ok.String(string(v.GroupType)) + } + + if v.OtherAttributes != nil { + ok := object.Key("OtherAttributes") + if err := awsRestjson1_serializeDocumentAttributes(v.OtherAttributes, ok); err != nil { + return err + } + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + return nil +} + +type awsRestjson1_serializeOpCreateUser struct { +} + +func (*awsRestjson1_serializeOpCreateUser) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpCreateUser) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*CreateUserInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Users/CreateUser") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsCreateUserInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentCreateUserInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsCreateUserInput(v *CreateUserInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentCreateUserInput(v *CreateUserInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ClientToken != nil { + ok := object.Key("ClientToken") + ok.String(*v.ClientToken) + } + + if v.EmailAddress != nil { + ok := object.Key("EmailAddress") + ok.String(*v.EmailAddress) + } + + if v.GivenName != nil { + ok := object.Key("GivenName") + ok.String(*v.GivenName) + } + + if v.OtherAttributes != nil { + ok := object.Key("OtherAttributes") + if err := awsRestjson1_serializeDocumentAttributes(v.OtherAttributes, ok); err != nil { + return err + } + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + if v.Surname != nil { + ok := object.Key("Surname") + ok.String(*v.Surname) + } + + return nil +} + +type awsRestjson1_serializeOpDeleteGroup struct { +} + +func (*awsRestjson1_serializeOpDeleteGroup) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpDeleteGroup) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*DeleteGroupInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Groups/DeleteGroup") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsDeleteGroupInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentDeleteGroupInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsDeleteGroupInput(v *DeleteGroupInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentDeleteGroupInput(v *DeleteGroupInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ClientToken != nil { + ok := object.Key("ClientToken") + ok.String(*v.ClientToken) + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + return nil +} + +type awsRestjson1_serializeOpDeleteUser struct { +} + +func (*awsRestjson1_serializeOpDeleteUser) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpDeleteUser) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*DeleteUserInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Users/DeleteUser") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsDeleteUserInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentDeleteUserInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsDeleteUserInput(v *DeleteUserInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentDeleteUserInput(v *DeleteUserInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ClientToken != nil { + ok := object.Key("ClientToken") + ok.String(*v.ClientToken) + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + return nil +} + +type awsRestjson1_serializeOpDescribeGroup struct { +} + +func (*awsRestjson1_serializeOpDescribeGroup) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpDescribeGroup) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*DescribeGroupInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Groups/DescribeGroup") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsDescribeGroupInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentDescribeGroupInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsDescribeGroupInput(v *DescribeGroupInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentDescribeGroupInput(v *DescribeGroupInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.OtherAttributes != nil { + ok := object.Key("OtherAttributes") + if err := awsRestjson1_serializeDocumentLdapDisplayNameList(v.OtherAttributes, ok); err != nil { + return err + } + } + + if v.Realm != nil { + ok := object.Key("Realm") + ok.String(*v.Realm) + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + return nil +} + +type awsRestjson1_serializeOpDescribeUser struct { +} + +func (*awsRestjson1_serializeOpDescribeUser) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpDescribeUser) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*DescribeUserInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Users/DescribeUser") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsDescribeUserInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentDescribeUserInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsDescribeUserInput(v *DescribeUserInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentDescribeUserInput(v *DescribeUserInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.OtherAttributes != nil { + ok := object.Key("OtherAttributes") + if err := awsRestjson1_serializeDocumentLdapDisplayNameList(v.OtherAttributes, ok); err != nil { + return err + } + } + + if v.Realm != nil { + ok := object.Key("Realm") + ok.String(*v.Realm) + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + return nil +} + +type awsRestjson1_serializeOpDisableUser struct { +} + +func (*awsRestjson1_serializeOpDisableUser) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpDisableUser) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*DisableUserInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Users/DisableUser") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsDisableUserInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentDisableUserInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsDisableUserInput(v *DisableUserInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentDisableUserInput(v *DisableUserInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ClientToken != nil { + ok := object.Key("ClientToken") + ok.String(*v.ClientToken) + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + return nil +} + +type awsRestjson1_serializeOpListGroupMembers struct { +} + +func (*awsRestjson1_serializeOpListGroupMembers) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpListGroupMembers) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*ListGroupMembersInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/GroupMemberships/ListGroupMembers") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsListGroupMembersInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentListGroupMembersInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsListGroupMembersInput(v *ListGroupMembersInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentListGroupMembersInput(v *ListGroupMembersInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.MaxResults != nil { + ok := object.Key("MaxResults") + ok.Integer(*v.MaxResults) + } + + if v.MemberRealm != nil { + ok := object.Key("MemberRealm") + ok.String(*v.MemberRealm) + } + + if v.NextToken != nil { + ok := object.Key("NextToken") + ok.String(*v.NextToken) + } + + if v.Realm != nil { + ok := object.Key("Realm") + ok.String(*v.Realm) + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + return nil +} + +type awsRestjson1_serializeOpListGroups struct { +} + +func (*awsRestjson1_serializeOpListGroups) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpListGroups) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*ListGroupsInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Groups/ListGroups") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsListGroupsInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentListGroupsInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsListGroupsInput(v *ListGroupsInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentListGroupsInput(v *ListGroupsInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.MaxResults != nil { + ok := object.Key("MaxResults") + ok.Integer(*v.MaxResults) + } + + if v.NextToken != nil { + ok := object.Key("NextToken") + ok.String(*v.NextToken) + } + + if v.Realm != nil { + ok := object.Key("Realm") + ok.String(*v.Realm) + } + + return nil +} + +type awsRestjson1_serializeOpListGroupsForMember struct { +} + +func (*awsRestjson1_serializeOpListGroupsForMember) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpListGroupsForMember) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*ListGroupsForMemberInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/GroupMemberships/ListGroupsForMember") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsListGroupsForMemberInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentListGroupsForMemberInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsListGroupsForMemberInput(v *ListGroupsForMemberInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentListGroupsForMemberInput(v *ListGroupsForMemberInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.MaxResults != nil { + ok := object.Key("MaxResults") + ok.Integer(*v.MaxResults) + } + + if v.MemberRealm != nil { + ok := object.Key("MemberRealm") + ok.String(*v.MemberRealm) + } + + if v.NextToken != nil { + ok := object.Key("NextToken") + ok.String(*v.NextToken) + } + + if v.Realm != nil { + ok := object.Key("Realm") + ok.String(*v.Realm) + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + return nil +} + +type awsRestjson1_serializeOpListUsers struct { +} + +func (*awsRestjson1_serializeOpListUsers) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpListUsers) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*ListUsersInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Users/ListUsers") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsListUsersInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentListUsersInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsListUsersInput(v *ListUsersInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentListUsersInput(v *ListUsersInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.MaxResults != nil { + ok := object.Key("MaxResults") + ok.Integer(*v.MaxResults) + } + + if v.NextToken != nil { + ok := object.Key("NextToken") + ok.String(*v.NextToken) + } + + if v.Realm != nil { + ok := object.Key("Realm") + ok.String(*v.Realm) + } + + return nil +} + +type awsRestjson1_serializeOpRemoveGroupMember struct { +} + +func (*awsRestjson1_serializeOpRemoveGroupMember) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpRemoveGroupMember) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*RemoveGroupMemberInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/GroupMemberships/RemoveGroupMember") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsRemoveGroupMemberInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentRemoveGroupMemberInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsRemoveGroupMemberInput(v *RemoveGroupMemberInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentRemoveGroupMemberInput(v *RemoveGroupMemberInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ClientToken != nil { + ok := object.Key("ClientToken") + ok.String(*v.ClientToken) + } + + if v.GroupName != nil { + ok := object.Key("GroupName") + ok.String(*v.GroupName) + } + + if v.MemberName != nil { + ok := object.Key("MemberName") + ok.String(*v.MemberName) + } + + if v.MemberRealm != nil { + ok := object.Key("MemberRealm") + ok.String(*v.MemberRealm) + } + + return nil +} + +type awsRestjson1_serializeOpSearchGroups struct { +} + +func (*awsRestjson1_serializeOpSearchGroups) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpSearchGroups) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*SearchGroupsInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Groups/SearchGroups") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsSearchGroupsInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentSearchGroupsInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsSearchGroupsInput(v *SearchGroupsInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentSearchGroupsInput(v *SearchGroupsInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.MaxResults != nil { + ok := object.Key("MaxResults") + ok.Integer(*v.MaxResults) + } + + if v.NextToken != nil { + ok := object.Key("NextToken") + ok.String(*v.NextToken) + } + + if v.Realm != nil { + ok := object.Key("Realm") + ok.String(*v.Realm) + } + + if v.SearchAttributes != nil { + ok := object.Key("SearchAttributes") + if err := awsRestjson1_serializeDocumentLdapDisplayNameList(v.SearchAttributes, ok); err != nil { + return err + } + } + + if v.SearchString != nil { + ok := object.Key("SearchString") + ok.String(*v.SearchString) + } + + return nil +} + +type awsRestjson1_serializeOpSearchUsers struct { +} + +func (*awsRestjson1_serializeOpSearchUsers) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpSearchUsers) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*SearchUsersInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Users/SearchUsers") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsSearchUsersInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentSearchUsersInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsSearchUsersInput(v *SearchUsersInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentSearchUsersInput(v *SearchUsersInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.MaxResults != nil { + ok := object.Key("MaxResults") + ok.Integer(*v.MaxResults) + } + + if v.NextToken != nil { + ok := object.Key("NextToken") + ok.String(*v.NextToken) + } + + if v.Realm != nil { + ok := object.Key("Realm") + ok.String(*v.Realm) + } + + if v.SearchAttributes != nil { + ok := object.Key("SearchAttributes") + if err := awsRestjson1_serializeDocumentLdapDisplayNameList(v.SearchAttributes, ok); err != nil { + return err + } + } + + if v.SearchString != nil { + ok := object.Key("SearchString") + ok.String(*v.SearchString) + } + + return nil +} + +type awsRestjson1_serializeOpUpdateGroup struct { +} + +func (*awsRestjson1_serializeOpUpdateGroup) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpUpdateGroup) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*UpdateGroupInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Groups/UpdateGroup") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsUpdateGroupInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentUpdateGroupInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsUpdateGroupInput(v *UpdateGroupInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentUpdateGroupInput(v *UpdateGroupInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ClientToken != nil { + ok := object.Key("ClientToken") + ok.String(*v.ClientToken) + } + + if len(v.GroupScope) > 0 { + ok := object.Key("GroupScope") + ok.String(string(v.GroupScope)) + } + + if len(v.GroupType) > 0 { + ok := object.Key("GroupType") + ok.String(string(v.GroupType)) + } + + if v.OtherAttributes != nil { + ok := object.Key("OtherAttributes") + if err := awsRestjson1_serializeDocumentAttributes(v.OtherAttributes, ok); err != nil { + return err + } + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + if len(v.UpdateType) > 0 { + ok := object.Key("UpdateType") + ok.String(string(v.UpdateType)) + } + + return nil +} + +type awsRestjson1_serializeOpUpdateUser struct { +} + +func (*awsRestjson1_serializeOpUpdateUser) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpUpdateUser) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*UpdateUserInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/Users/UpdateUser") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestjson1_serializeOpHttpBindingsUpdateUserInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentUpdateUserInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsUpdateUserInput(v *UpdateUserInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.DirectoryId != nil { + encoder.SetQuery("DirectoryId").String(*v.DirectoryId) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentUpdateUserInput(v *UpdateUserInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.ClientToken != nil { + ok := object.Key("ClientToken") + ok.String(*v.ClientToken) + } + + if v.EmailAddress != nil { + ok := object.Key("EmailAddress") + ok.String(*v.EmailAddress) + } + + if v.GivenName != nil { + ok := object.Key("GivenName") + ok.String(*v.GivenName) + } + + if v.OtherAttributes != nil { + ok := object.Key("OtherAttributes") + if err := awsRestjson1_serializeDocumentAttributes(v.OtherAttributes, ok); err != nil { + return err + } + } + + if v.SAMAccountName != nil { + ok := object.Key("SAMAccountName") + ok.String(*v.SAMAccountName) + } + + if v.Surname != nil { + ok := object.Key("Surname") + ok.String(*v.Surname) + } + + if len(v.UpdateType) > 0 { + ok := object.Key("UpdateType") + ok.String(string(v.UpdateType)) + } + + return nil +} + +func awsRestjson1_serializeDocumentAttributes(v map[string]types.AttributeValue, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + for key := range v { + om := object.Key(key) + if vv := v[key]; vv == nil { + continue + } + if err := awsRestjson1_serializeDocumentAttributeValue(v[key], om); err != nil { + return err + } + } + return nil +} + +func awsRestjson1_serializeDocumentAttributeValue(v types.AttributeValue, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + switch uv := v.(type) { + case *types.AttributeValueMemberBOOL: + av := object.Key("BOOL") + av.Boolean(uv.Value) + + case *types.AttributeValueMemberN: + av := object.Key("N") + av.Long(uv.Value) + + case *types.AttributeValueMemberS: + av := object.Key("S") + av.String(uv.Value) + + case *types.AttributeValueMemberSS: + av := object.Key("SS") + if err := awsRestjson1_serializeDocumentStringSetAttributeValue(uv.Value, av); err != nil { + return err + } + + default: + return fmt.Errorf("attempted to serialize unknown member type %T for union %T", uv, v) + + } + return nil +} + +func awsRestjson1_serializeDocumentLdapDisplayNameList(v []string, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(v[i]) + } + return nil +} + +func awsRestjson1_serializeDocumentStringSetAttributeValue(v []string, value smithyjson.Value) error { + array := value.Array() + defer array.Close() + + for i := range v { + av := array.Value() + av.String(v[i]) + } + return nil +} diff --git a/service/directoryservicedata/snapshot/api_op_AddGroupMember.go.snap b/service/directoryservicedata/snapshot/api_op_AddGroupMember.go.snap new file mode 100644 index 00000000000..9a4c8ecd639 --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_AddGroupMember.go.snap @@ -0,0 +1,37 @@ +AddGroupMember + Initialize stack step + RegisterServiceMetadata + OperationIdempotencyTokenAutoFill + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_CreateGroup.go.snap b/service/directoryservicedata/snapshot/api_op_CreateGroup.go.snap new file mode 100644 index 00000000000..4142e0293c1 --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_CreateGroup.go.snap @@ -0,0 +1,37 @@ +CreateGroup + Initialize stack step + RegisterServiceMetadata + OperationIdempotencyTokenAutoFill + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_CreateUser.go.snap b/service/directoryservicedata/snapshot/api_op_CreateUser.go.snap new file mode 100644 index 00000000000..4454761321f --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_CreateUser.go.snap @@ -0,0 +1,37 @@ +CreateUser + Initialize stack step + RegisterServiceMetadata + OperationIdempotencyTokenAutoFill + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_DeleteGroup.go.snap b/service/directoryservicedata/snapshot/api_op_DeleteGroup.go.snap new file mode 100644 index 00000000000..b70683c7b27 --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_DeleteGroup.go.snap @@ -0,0 +1,37 @@ +DeleteGroup + Initialize stack step + RegisterServiceMetadata + OperationIdempotencyTokenAutoFill + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_DeleteUser.go.snap b/service/directoryservicedata/snapshot/api_op_DeleteUser.go.snap new file mode 100644 index 00000000000..9997cadaa79 --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_DeleteUser.go.snap @@ -0,0 +1,37 @@ +DeleteUser + Initialize stack step + RegisterServiceMetadata + OperationIdempotencyTokenAutoFill + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_DescribeGroup.go.snap b/service/directoryservicedata/snapshot/api_op_DescribeGroup.go.snap new file mode 100644 index 00000000000..4260a52179b --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_DescribeGroup.go.snap @@ -0,0 +1,36 @@ +DescribeGroup + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_DescribeUser.go.snap b/service/directoryservicedata/snapshot/api_op_DescribeUser.go.snap new file mode 100644 index 00000000000..ca32cdc481b --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_DescribeUser.go.snap @@ -0,0 +1,36 @@ +DescribeUser + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_DisableUser.go.snap b/service/directoryservicedata/snapshot/api_op_DisableUser.go.snap new file mode 100644 index 00000000000..24e70e03a05 --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_DisableUser.go.snap @@ -0,0 +1,37 @@ +DisableUser + Initialize stack step + RegisterServiceMetadata + OperationIdempotencyTokenAutoFill + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_ListGroupMembers.go.snap b/service/directoryservicedata/snapshot/api_op_ListGroupMembers.go.snap new file mode 100644 index 00000000000..5fe16a05944 --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_ListGroupMembers.go.snap @@ -0,0 +1,36 @@ +ListGroupMembers + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_ListGroups.go.snap b/service/directoryservicedata/snapshot/api_op_ListGroups.go.snap new file mode 100644 index 00000000000..5d369e56eeb --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_ListGroups.go.snap @@ -0,0 +1,36 @@ +ListGroups + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_ListGroupsForMember.go.snap b/service/directoryservicedata/snapshot/api_op_ListGroupsForMember.go.snap new file mode 100644 index 00000000000..ce065581e2d --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_ListGroupsForMember.go.snap @@ -0,0 +1,36 @@ +ListGroupsForMember + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_ListUsers.go.snap b/service/directoryservicedata/snapshot/api_op_ListUsers.go.snap new file mode 100644 index 00000000000..59a365ed1fc --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_ListUsers.go.snap @@ -0,0 +1,36 @@ +ListUsers + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_RemoveGroupMember.go.snap b/service/directoryservicedata/snapshot/api_op_RemoveGroupMember.go.snap new file mode 100644 index 00000000000..4f6d3e3ebb6 --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_RemoveGroupMember.go.snap @@ -0,0 +1,37 @@ +RemoveGroupMember + Initialize stack step + RegisterServiceMetadata + OperationIdempotencyTokenAutoFill + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_SearchGroups.go.snap b/service/directoryservicedata/snapshot/api_op_SearchGroups.go.snap new file mode 100644 index 00000000000..60152be8c1b --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_SearchGroups.go.snap @@ -0,0 +1,36 @@ +SearchGroups + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_SearchUsers.go.snap b/service/directoryservicedata/snapshot/api_op_SearchUsers.go.snap new file mode 100644 index 00000000000..ed6c4515df5 --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_SearchUsers.go.snap @@ -0,0 +1,36 @@ +SearchUsers + Initialize stack step + RegisterServiceMetadata + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_UpdateGroup.go.snap b/service/directoryservicedata/snapshot/api_op_UpdateGroup.go.snap new file mode 100644 index 00000000000..fffd53273cb --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_UpdateGroup.go.snap @@ -0,0 +1,37 @@ +UpdateGroup + Initialize stack step + RegisterServiceMetadata + OperationIdempotencyTokenAutoFill + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot/api_op_UpdateUser.go.snap b/service/directoryservicedata/snapshot/api_op_UpdateUser.go.snap new file mode 100644 index 00000000000..8fe86fbd5eb --- /dev/null +++ b/service/directoryservicedata/snapshot/api_op_UpdateUser.go.snap @@ -0,0 +1,37 @@ +UpdateUser + Initialize stack step + RegisterServiceMetadata + OperationIdempotencyTokenAutoFill + legacyEndpointContextSetter + SetLogger + OperationInputValidation + Serialize stack step + setOperationInput + ResolveEndpoint + OperationSerializer + Build stack step + ClientRequestID + ComputeContentLength + UserAgent + AddTimeOffsetMiddleware + RecursionDetection + Finalize stack step + ResolveAuthScheme + GetIdentity + ResolveEndpointV2 + disableHTTPS + ComputePayloadHash + Retry + RetryMetricsHeader + setLegacyContextSigningOptions + Signing + Deserialize stack step + AddRawResponseToMetadata + ErrorCloseResponseBody + CloseResponseBody + ResponseErrorWrapper + RequestIDRetriever + OperationDeserializer + AddTimeOffsetMiddleware + RecordResponseTiming + RequestResponseLogger diff --git a/service/directoryservicedata/snapshot_test.go b/service/directoryservicedata/snapshot_test.go new file mode 100644 index 00000000000..8263686c6c9 --- /dev/null +++ b/service/directoryservicedata/snapshot_test.go @@ -0,0 +1,470 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +//go:build snapshot + +package directoryservicedata + +import ( + "context" + "errors" + "fmt" + "github.com/aws/smithy-go/middleware" + "io" + "io/fs" + "os" + "testing" +) + +const ssprefix = "snapshot" + +type snapshotOK struct{} + +func (snapshotOK) Error() string { return "error: success" } + +func createp(path string) (*os.File, error) { + if err := os.Mkdir(ssprefix, 0700); err != nil && !errors.Is(err, fs.ErrExist) { + return nil, err + } + return os.Create(path) +} + +func sspath(op string) string { + return fmt.Sprintf("%s/api_op_%s.go.snap", ssprefix, op) +} + +func updateSnapshot(stack *middleware.Stack, operation string) error { + f, err := createp(sspath(operation)) + if err != nil { + return err + } + defer f.Close() + if _, err := f.Write([]byte(stack.String())); err != nil { + return err + } + return snapshotOK{} +} + +func testSnapshot(stack *middleware.Stack, operation string) error { + f, err := os.Open(sspath(operation)) + if errors.Is(err, fs.ErrNotExist) { + return snapshotOK{} + } + if err != nil { + return err + } + defer f.Close() + expected, err := io.ReadAll(f) + if err != nil { + return err + } + if actual := stack.String(); actual != string(expected) { + return fmt.Errorf("%s != %s", expected, actual) + } + return snapshotOK{} +} +func TestCheckSnapshot_AddGroupMember(t *testing.T) { + svc := New(Options{}) + _, err := svc.AddGroupMember(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "AddGroupMember") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_CreateGroup(t *testing.T) { + svc := New(Options{}) + _, err := svc.CreateGroup(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "CreateGroup") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_CreateUser(t *testing.T) { + svc := New(Options{}) + _, err := svc.CreateUser(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "CreateUser") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_DeleteGroup(t *testing.T) { + svc := New(Options{}) + _, err := svc.DeleteGroup(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "DeleteGroup") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_DeleteUser(t *testing.T) { + svc := New(Options{}) + _, err := svc.DeleteUser(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "DeleteUser") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_DescribeGroup(t *testing.T) { + svc := New(Options{}) + _, err := svc.DescribeGroup(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "DescribeGroup") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_DescribeUser(t *testing.T) { + svc := New(Options{}) + _, err := svc.DescribeUser(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "DescribeUser") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_DisableUser(t *testing.T) { + svc := New(Options{}) + _, err := svc.DisableUser(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "DisableUser") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_ListGroupMembers(t *testing.T) { + svc := New(Options{}) + _, err := svc.ListGroupMembers(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "ListGroupMembers") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_ListGroups(t *testing.T) { + svc := New(Options{}) + _, err := svc.ListGroups(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "ListGroups") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_ListGroupsForMember(t *testing.T) { + svc := New(Options{}) + _, err := svc.ListGroupsForMember(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "ListGroupsForMember") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_ListUsers(t *testing.T) { + svc := New(Options{}) + _, err := svc.ListUsers(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "ListUsers") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_RemoveGroupMember(t *testing.T) { + svc := New(Options{}) + _, err := svc.RemoveGroupMember(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "RemoveGroupMember") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_SearchGroups(t *testing.T) { + svc := New(Options{}) + _, err := svc.SearchGroups(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "SearchGroups") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_SearchUsers(t *testing.T) { + svc := New(Options{}) + _, err := svc.SearchUsers(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "SearchUsers") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_UpdateGroup(t *testing.T) { + svc := New(Options{}) + _, err := svc.UpdateGroup(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "UpdateGroup") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestCheckSnapshot_UpdateUser(t *testing.T) { + svc := New(Options{}) + _, err := svc.UpdateUser(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return testSnapshot(stack, "UpdateUser") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} +func TestUpdateSnapshot_AddGroupMember(t *testing.T) { + svc := New(Options{}) + _, err := svc.AddGroupMember(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "AddGroupMember") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_CreateGroup(t *testing.T) { + svc := New(Options{}) + _, err := svc.CreateGroup(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "CreateGroup") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_CreateUser(t *testing.T) { + svc := New(Options{}) + _, err := svc.CreateUser(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "CreateUser") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_DeleteGroup(t *testing.T) { + svc := New(Options{}) + _, err := svc.DeleteGroup(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "DeleteGroup") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_DeleteUser(t *testing.T) { + svc := New(Options{}) + _, err := svc.DeleteUser(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "DeleteUser") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_DescribeGroup(t *testing.T) { + svc := New(Options{}) + _, err := svc.DescribeGroup(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "DescribeGroup") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_DescribeUser(t *testing.T) { + svc := New(Options{}) + _, err := svc.DescribeUser(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "DescribeUser") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_DisableUser(t *testing.T) { + svc := New(Options{}) + _, err := svc.DisableUser(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "DisableUser") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_ListGroupMembers(t *testing.T) { + svc := New(Options{}) + _, err := svc.ListGroupMembers(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "ListGroupMembers") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_ListGroups(t *testing.T) { + svc := New(Options{}) + _, err := svc.ListGroups(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "ListGroups") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_ListGroupsForMember(t *testing.T) { + svc := New(Options{}) + _, err := svc.ListGroupsForMember(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "ListGroupsForMember") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_ListUsers(t *testing.T) { + svc := New(Options{}) + _, err := svc.ListUsers(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "ListUsers") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_RemoveGroupMember(t *testing.T) { + svc := New(Options{}) + _, err := svc.RemoveGroupMember(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "RemoveGroupMember") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_SearchGroups(t *testing.T) { + svc := New(Options{}) + _, err := svc.SearchGroups(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "SearchGroups") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_SearchUsers(t *testing.T) { + svc := New(Options{}) + _, err := svc.SearchUsers(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "SearchUsers") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_UpdateGroup(t *testing.T) { + svc := New(Options{}) + _, err := svc.UpdateGroup(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "UpdateGroup") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} + +func TestUpdateSnapshot_UpdateUser(t *testing.T) { + svc := New(Options{}) + _, err := svc.UpdateUser(context.Background(), nil, func(o *Options) { + o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { + return updateSnapshot(stack, "UpdateUser") + }) + }) + if _, ok := err.(snapshotOK); !ok && err != nil { + t.Fatal(err) + } +} diff --git a/service/directoryservicedata/types/enums.go b/service/directoryservicedata/types/enums.go new file mode 100644 index 00000000000..8d87c5be79c --- /dev/null +++ b/service/directoryservicedata/types/enums.go @@ -0,0 +1,178 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package types + +type AccessDeniedReason string + +// Enum values for AccessDeniedReason +const ( + AccessDeniedReasonIamAuth AccessDeniedReason = "IAM_AUTH" + AccessDeniedReasonDirectoryAuth AccessDeniedReason = "DIRECTORY_AUTH" + AccessDeniedReasonDataDisabled AccessDeniedReason = "DATA_DISABLED" +) + +// Values returns all known values for AccessDeniedReason. Note that this can be +// expanded in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. +func (AccessDeniedReason) Values() []AccessDeniedReason { + return []AccessDeniedReason{ + "IAM_AUTH", + "DIRECTORY_AUTH", + "DATA_DISABLED", + } +} + +type DirectoryUnavailableReason string + +// Enum values for DirectoryUnavailableReason +const ( + DirectoryUnavailableReasonInvalidDirectoryState DirectoryUnavailableReason = "INVALID_DIRECTORY_STATE" + DirectoryUnavailableReasonDirectoryTimeout DirectoryUnavailableReason = "DIRECTORY_TIMEOUT" + DirectoryUnavailableReasonDirectoryResourcesExceeded DirectoryUnavailableReason = "DIRECTORY_RESOURCES_EXCEEDED" + DirectoryUnavailableReasonNoDiskSpace DirectoryUnavailableReason = "NO_DISK_SPACE" + DirectoryUnavailableReasonTrustAuthFailure DirectoryUnavailableReason = "TRUST_AUTH_FAILURE" +) + +// Values returns all known values for DirectoryUnavailableReason. Note that this +// can be expanded in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. +func (DirectoryUnavailableReason) Values() []DirectoryUnavailableReason { + return []DirectoryUnavailableReason{ + "INVALID_DIRECTORY_STATE", + "DIRECTORY_TIMEOUT", + "DIRECTORY_RESOURCES_EXCEEDED", + "NO_DISK_SPACE", + "TRUST_AUTH_FAILURE", + } +} + +type GroupScope string + +// Enum values for GroupScope +const ( + GroupScopeDomainLocal GroupScope = "DomainLocal" + GroupScopeGlobal GroupScope = "Global" + GroupScopeUniversal GroupScope = "Universal" + GroupScopeBuiltinLocal GroupScope = "BuiltinLocal" +) + +// Values returns all known values for GroupScope. Note that this can be expanded +// in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. +func (GroupScope) Values() []GroupScope { + return []GroupScope{ + "DomainLocal", + "Global", + "Universal", + "BuiltinLocal", + } +} + +type GroupType string + +// Enum values for GroupType +const ( + GroupTypeDistribution GroupType = "Distribution" + GroupTypeSecurity GroupType = "Security" +) + +// Values returns all known values for GroupType. Note that this can be expanded +// in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. +func (GroupType) Values() []GroupType { + return []GroupType{ + "Distribution", + "Security", + } +} + +type MemberType string + +// Enum values for MemberType +const ( + MemberTypeUser MemberType = "USER" + MemberTypeGroup MemberType = "GROUP" + MemberTypeComputer MemberType = "COMPUTER" +) + +// Values returns all known values for MemberType. Note that this can be expanded +// in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. +func (MemberType) Values() []MemberType { + return []MemberType{ + "USER", + "GROUP", + "COMPUTER", + } +} + +type UpdateType string + +// Enum values for UpdateType +const ( + UpdateTypeAdd UpdateType = "ADD" + UpdateTypeReplace UpdateType = "REPLACE" + UpdateTypeRemove UpdateType = "REMOVE" +) + +// Values returns all known values for UpdateType. Note that this can be expanded +// in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. +func (UpdateType) Values() []UpdateType { + return []UpdateType{ + "ADD", + "REPLACE", + "REMOVE", + } +} + +type ValidationExceptionReason string + +// Enum values for ValidationExceptionReason +const ( + ValidationExceptionReasonInvalidRealm ValidationExceptionReason = "INVALID_REALM" + ValidationExceptionReasonInvalidDirectoryType ValidationExceptionReason = "INVALID_DIRECTORY_TYPE" + ValidationExceptionReasonInvalidSecondaryRegion ValidationExceptionReason = "INVALID_SECONDARY_REGION" + ValidationExceptionReasonInvalidNextToken ValidationExceptionReason = "INVALID_NEXT_TOKEN" + ValidationExceptionReasonInvalidAttributeValue ValidationExceptionReason = "INVALID_ATTRIBUTE_VALUE" + ValidationExceptionReasonInvalidAttributeName ValidationExceptionReason = "INVALID_ATTRIBUTE_NAME" + ValidationExceptionReasonInvalidAttributeForUser ValidationExceptionReason = "INVALID_ATTRIBUTE_FOR_USER" + ValidationExceptionReasonInvalidAttributeForGroup ValidationExceptionReason = "INVALID_ATTRIBUTE_FOR_GROUP" + ValidationExceptionReasonInvalidAttributeForSearch ValidationExceptionReason = "INVALID_ATTRIBUTE_FOR_SEARCH" + ValidationExceptionReasonInvalidAttributeForModify ValidationExceptionReason = "INVALID_ATTRIBUTE_FOR_MODIFY" + ValidationExceptionReasonDuplicateAttribute ValidationExceptionReason = "DUPLICATE_ATTRIBUTE" + ValidationExceptionReasonMissingAttribute ValidationExceptionReason = "MISSING_ATTRIBUTE" + ValidationExceptionReasonAttributeExists ValidationExceptionReason = "ATTRIBUTE_EXISTS" + ValidationExceptionReasonLdapSizeLimitExceeded ValidationExceptionReason = "LDAP_SIZE_LIMIT_EXCEEDED" + ValidationExceptionReasonLdapUnsupportedOperation ValidationExceptionReason = "LDAP_UNSUPPORTED_OPERATION" +) + +// Values returns all known values for ValidationExceptionReason. Note that this +// can be expanded in the future, and so it is only as up to date as the client. +// +// The ordering of this slice is not guaranteed to be stable across updates. +func (ValidationExceptionReason) Values() []ValidationExceptionReason { + return []ValidationExceptionReason{ + "INVALID_REALM", + "INVALID_DIRECTORY_TYPE", + "INVALID_SECONDARY_REGION", + "INVALID_NEXT_TOKEN", + "INVALID_ATTRIBUTE_VALUE", + "INVALID_ATTRIBUTE_NAME", + "INVALID_ATTRIBUTE_FOR_USER", + "INVALID_ATTRIBUTE_FOR_GROUP", + "INVALID_ATTRIBUTE_FOR_SEARCH", + "INVALID_ATTRIBUTE_FOR_MODIFY", + "DUPLICATE_ATTRIBUTE", + "MISSING_ATTRIBUTE", + "ATTRIBUTE_EXISTS", + "LDAP_SIZE_LIMIT_EXCEEDED", + "LDAP_UNSUPPORTED_OPERATION", + } +} diff --git a/service/directoryservicedata/types/errors.go b/service/directoryservicedata/types/errors.go new file mode 100644 index 00000000000..5a72224aa1d --- /dev/null +++ b/service/directoryservicedata/types/errors.go @@ -0,0 +1,219 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package types + +import ( + "fmt" + smithy "github.com/aws/smithy-go" +) + +// You don't have permission to perform the request or access the directory. It +// +// can also occur when the DirectoryId doesn't exist or the user, member, or group +// might be outside of your organizational unit (OU). +// +// Make sure that you have the authentication and authorization to perform the +// action. Review the directory information in the request, and make sure that the +// object isn't outside of your OU. +type AccessDeniedException struct { + Message *string + + ErrorCodeOverride *string + + Reason AccessDeniedReason + + noSmithyDocumentSerde +} + +func (e *AccessDeniedException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *AccessDeniedException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *AccessDeniedException) ErrorCode() string { + if e == nil || e.ErrorCodeOverride == nil { + return "AccessDeniedException" + } + return *e.ErrorCodeOverride +} +func (e *AccessDeniedException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + +// This error will occur when you try to create a resource that conflicts with an +// +// existing object. It can also occur when adding a member to a group that the +// member is already in. +// +// This error can be caused by a request sent within the 8-hour idempotency window +// with the same client token but different input parameters. Client tokens should +// not be re-used across different requests. After 8 hours, any request with the +// same client token is treated as a new request. +type ConflictException struct { + Message *string + + ErrorCodeOverride *string + + noSmithyDocumentSerde +} + +func (e *ConflictException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *ConflictException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *ConflictException) ErrorCode() string { + if e == nil || e.ErrorCodeOverride == nil { + return "ConflictException" + } + return *e.ErrorCodeOverride +} +func (e *ConflictException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + +// The request could not be completed due to a problem in the configuration or +// +// current state of the specified directory. +type DirectoryUnavailableException struct { + Message *string + + ErrorCodeOverride *string + + Reason DirectoryUnavailableReason + + noSmithyDocumentSerde +} + +func (e *DirectoryUnavailableException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *DirectoryUnavailableException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *DirectoryUnavailableException) ErrorCode() string { + if e == nil || e.ErrorCodeOverride == nil { + return "DirectoryUnavailableException" + } + return *e.ErrorCodeOverride +} +func (e *DirectoryUnavailableException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + +// The operation didn't succeed because an internal error occurred. Try again +// +// later. +type InternalServerException struct { + Message *string + + ErrorCodeOverride *string + + noSmithyDocumentSerde +} + +func (e *InternalServerException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *InternalServerException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *InternalServerException) ErrorCode() string { + if e == nil || e.ErrorCodeOverride == nil { + return "InternalServerException" + } + return *e.ErrorCodeOverride +} +func (e *InternalServerException) ErrorFault() smithy.ErrorFault { return smithy.FaultServer } + +// The resource couldn't be found. +type ResourceNotFoundException struct { + Message *string + + ErrorCodeOverride *string + + noSmithyDocumentSerde +} + +func (e *ResourceNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *ResourceNotFoundException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *ResourceNotFoundException) ErrorCode() string { + if e == nil || e.ErrorCodeOverride == nil { + return "ResourceNotFoundException" + } + return *e.ErrorCodeOverride +} +func (e *ResourceNotFoundException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + +// The limit on the number of requests per second has been exceeded. +type ThrottlingException struct { + Message *string + + ErrorCodeOverride *string + + RetryAfterSeconds *int32 + + noSmithyDocumentSerde +} + +func (e *ThrottlingException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *ThrottlingException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *ThrottlingException) ErrorCode() string { + if e == nil || e.ErrorCodeOverride == nil { + return "ThrottlingException" + } + return *e.ErrorCodeOverride +} +func (e *ThrottlingException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + +// The request isn't valid. Review the details in the error message to update the +// +// invalid parameters or values in your request. +type ValidationException struct { + Message *string + + ErrorCodeOverride *string + + Reason ValidationExceptionReason + + noSmithyDocumentSerde +} + +func (e *ValidationException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *ValidationException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *ValidationException) ErrorCode() string { + if e == nil || e.ErrorCodeOverride == nil { + return "ValidationException" + } + return *e.ErrorCodeOverride +} +func (e *ValidationException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } diff --git a/service/directoryservicedata/types/types.go b/service/directoryservicedata/types/types.go new file mode 100644 index 00000000000..7b64327135e --- /dev/null +++ b/service/directoryservicedata/types/types.go @@ -0,0 +1,239 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package types + +import ( + smithydocument "github.com/aws/smithy-go/document" +) + +// The data type for an attribute. Each attribute value is described as a +// +// name-value pair. The name is the AD schema name, and the value is the data +// itself. For a list of supported attributes, see [Directory Service Data Attributes]. +// +// The following types satisfy this interface: +// +// AttributeValueMemberBOOL +// AttributeValueMemberN +// AttributeValueMemberS +// AttributeValueMemberSS +// +// [Directory Service Data Attributes]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_data_attributes.html +type AttributeValue interface { + isAttributeValue() +} + +// Indicates that the attribute type value is a boolean. For example: +// +// "BOOL": true +type AttributeValueMemberBOOL struct { + Value bool + + noSmithyDocumentSerde +} + +func (*AttributeValueMemberBOOL) isAttributeValue() {} + +// Indicates that the attribute type value is a number. For example: +// +// "N": "16" +type AttributeValueMemberN struct { + Value int64 + + noSmithyDocumentSerde +} + +func (*AttributeValueMemberN) isAttributeValue() {} + +// Indicates that the attribute type value is a string. For example: +// +// "S": "S Group" +type AttributeValueMemberS struct { + Value string + + noSmithyDocumentSerde +} + +func (*AttributeValueMemberS) isAttributeValue() {} + +// Indicates that the attribute type value is a string set. For example: +// +// "SS": ["sample_service_class/host.sample.com:1234/sample_service_name_1", +// "sample_service_class/host.sample.com:1234/sample_service_name_2"] +type AttributeValueMemberSS struct { + Value []string + + noSmithyDocumentSerde +} + +func (*AttributeValueMemberSS) isAttributeValue() {} + +// A group object that contains identifying information and attributes for a +// +// specified group. +type Group struct { + + // The name of the group. + // + // This member is required. + SAMAccountName *string + + // The [distinguished name] of the object. + // + // [distinguished name]: https://learn.microsoft.com/en-us/windows/win32/ad/object-names-and-identities#distinguished-name + DistinguishedName *string + + // The scope of the AD group. For details, see [Active Directory security groups] + // + // [Active Directory security groups]: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups#group-scope + GroupScope GroupScope + + // The AD group type. For details, see [Active Directory security group type]. + // + // [Active Directory security group type]: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups#how-active-directory-security-groups-work + GroupType GroupType + + // An expression of one or more attributes, data types, and the values of a + // group. + OtherAttributes map[string]AttributeValue + + // The unique security identifier (SID) of the group. + SID *string + + noSmithyDocumentSerde +} + +// A structure containing a subset of fields of a group object from a directory. +type GroupSummary struct { + + // The scope of the AD group. For details, see [Active Directory security groups]. + // + // [Active Directory security groups]: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups#group-scope + // + // This member is required. + GroupScope GroupScope + + // The AD group type. For details, see [Active Directory security group type]. + // + // [Active Directory security group type]: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups#how-active-directory-security-groups-work + // + // This member is required. + GroupType GroupType + + // The name of the group. + // + // This member is required. + SAMAccountName *string + + // The unique security identifier (SID) of the group. + // + // This member is required. + SID *string + + noSmithyDocumentSerde +} + +// A member object that contains identifying information for a specified member. +type Member struct { + + // The AD type of the member object. + // + // This member is required. + MemberType MemberType + + // The name of the group member. + // + // This member is required. + SAMAccountName *string + + // The unique security identifier (SID) of the group member. + // + // This member is required. + SID *string + + noSmithyDocumentSerde +} + +// A user object that contains identifying information and attributes for a +// +// specified user. +type User struct { + + // The name of the user. + // + // This member is required. + SAMAccountName *string + + // The [distinguished name] of the object. + // + // [distinguished name]: https://learn.microsoft.com/en-us/windows/win32/ad/object-names-and-identities#distinguished-name + DistinguishedName *string + + // The email address of the user. + EmailAddress *string + + // Indicates whether the user account is active. + Enabled *bool + + // The first name of the user. + GivenName *string + + // An expression that includes one or more attributes, data types, and values of + // a user. + OtherAttributes map[string]AttributeValue + + // The unique security identifier (SID) of the user. + SID *string + + // The last name of the user. + Surname *string + + // The UPN that is an internet-style login name for a user and based on the + // internet standard [RFC 822]. The UPN is shorter than the distinguished name and easier + // to remember. + // + // [RFC 822]: https://www.ietf.org/rfc/rfc0822.txt + UserPrincipalName *string + + noSmithyDocumentSerde +} + +// A structure containing a subset of the fields of a user object from a directory. +type UserSummary struct { + + // Indicates whether the user account is active. + // + // This member is required. + Enabled *bool + + // The name of the user. + // + // This member is required. + SAMAccountName *string + + // The unique security identifier (SID) of the user. + // + // This member is required. + SID *string + + // The first name of the user. + GivenName *string + + // The last name of the user. + Surname *string + + noSmithyDocumentSerde +} + +type noSmithyDocumentSerde = smithydocument.NoSerde + +// UnknownUnionMember is returned when a union member is returned over the wire, +// but has an unknown tag. +type UnknownUnionMember struct { + Tag string + Value []byte + + noSmithyDocumentSerde +} + +func (*UnknownUnionMember) isAttributeValue() {} diff --git a/service/directoryservicedata/types/types_exported_test.go b/service/directoryservicedata/types/types_exported_test.go new file mode 100644 index 00000000000..f57f4b5791b --- /dev/null +++ b/service/directoryservicedata/types/types_exported_test.go @@ -0,0 +1,38 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package types_test + +import ( + "fmt" + "github.com/aws/aws-sdk-go-v2/service/directoryservicedata/types" +) + +func ExampleAttributeValue_outputUsage() { + var union types.AttributeValue + // type switches can be used to check the union value + switch v := union.(type) { + case *types.AttributeValueMemberBOOL: + _ = v.Value // Value is bool + + case *types.AttributeValueMemberN: + _ = v.Value // Value is int64 + + case *types.AttributeValueMemberS: + _ = v.Value // Value is string + + case *types.AttributeValueMemberSS: + _ = v.Value // Value is []string + + case *types.UnknownUnionMember: + fmt.Println("unknown tag:", v.Tag) + + default: + fmt.Println("union is nil or unknown type") + + } +} + +var _ []string +var _ *string +var _ *bool +var _ *int64 diff --git a/service/directoryservicedata/validators.go b/service/directoryservicedata/validators.go new file mode 100644 index 00000000000..f8c2822d84a --- /dev/null +++ b/service/directoryservicedata/validators.go @@ -0,0 +1,730 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package directoryservicedata + +import ( + "context" + "fmt" + smithy "github.com/aws/smithy-go" + "github.com/aws/smithy-go/middleware" +) + +type validateOpAddGroupMember struct { +} + +func (*validateOpAddGroupMember) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpAddGroupMember) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*AddGroupMemberInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpAddGroupMemberInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpCreateGroup struct { +} + +func (*validateOpCreateGroup) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpCreateGroup) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*CreateGroupInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpCreateGroupInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpCreateUser struct { +} + +func (*validateOpCreateUser) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpCreateUser) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*CreateUserInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpCreateUserInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpDeleteGroup struct { +} + +func (*validateOpDeleteGroup) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpDeleteGroup) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*DeleteGroupInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpDeleteGroupInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpDeleteUser struct { +} + +func (*validateOpDeleteUser) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpDeleteUser) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*DeleteUserInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpDeleteUserInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpDescribeGroup struct { +} + +func (*validateOpDescribeGroup) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpDescribeGroup) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*DescribeGroupInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpDescribeGroupInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpDescribeUser struct { +} + +func (*validateOpDescribeUser) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpDescribeUser) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*DescribeUserInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpDescribeUserInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpDisableUser struct { +} + +func (*validateOpDisableUser) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpDisableUser) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*DisableUserInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpDisableUserInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpListGroupMembers struct { +} + +func (*validateOpListGroupMembers) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpListGroupMembers) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*ListGroupMembersInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpListGroupMembersInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpListGroupsForMember struct { +} + +func (*validateOpListGroupsForMember) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpListGroupsForMember) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*ListGroupsForMemberInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpListGroupsForMemberInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpListGroups struct { +} + +func (*validateOpListGroups) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpListGroups) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*ListGroupsInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpListGroupsInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpListUsers struct { +} + +func (*validateOpListUsers) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpListUsers) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*ListUsersInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpListUsersInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpRemoveGroupMember struct { +} + +func (*validateOpRemoveGroupMember) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpRemoveGroupMember) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*RemoveGroupMemberInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpRemoveGroupMemberInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpSearchGroups struct { +} + +func (*validateOpSearchGroups) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpSearchGroups) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*SearchGroupsInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpSearchGroupsInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpSearchUsers struct { +} + +func (*validateOpSearchUsers) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpSearchUsers) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*SearchUsersInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpSearchUsersInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpUpdateGroup struct { +} + +func (*validateOpUpdateGroup) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpUpdateGroup) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*UpdateGroupInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpUpdateGroupInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +type validateOpUpdateUser struct { +} + +func (*validateOpUpdateUser) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpUpdateUser) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*UpdateUserInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpUpdateUserInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + +func addOpAddGroupMemberValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpAddGroupMember{}, middleware.After) +} + +func addOpCreateGroupValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpCreateGroup{}, middleware.After) +} + +func addOpCreateUserValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpCreateUser{}, middleware.After) +} + +func addOpDeleteGroupValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpDeleteGroup{}, middleware.After) +} + +func addOpDeleteUserValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpDeleteUser{}, middleware.After) +} + +func addOpDescribeGroupValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpDescribeGroup{}, middleware.After) +} + +func addOpDescribeUserValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpDescribeUser{}, middleware.After) +} + +func addOpDisableUserValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpDisableUser{}, middleware.After) +} + +func addOpListGroupMembersValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpListGroupMembers{}, middleware.After) +} + +func addOpListGroupsForMemberValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpListGroupsForMember{}, middleware.After) +} + +func addOpListGroupsValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpListGroups{}, middleware.After) +} + +func addOpListUsersValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpListUsers{}, middleware.After) +} + +func addOpRemoveGroupMemberValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpRemoveGroupMember{}, middleware.After) +} + +func addOpSearchGroupsValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpSearchGroups{}, middleware.After) +} + +func addOpSearchUsersValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpSearchUsers{}, middleware.After) +} + +func addOpUpdateGroupValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpUpdateGroup{}, middleware.After) +} + +func addOpUpdateUserValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpUpdateUser{}, middleware.After) +} + +func validateOpAddGroupMemberInput(v *AddGroupMemberInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "AddGroupMemberInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.GroupName == nil { + invalidParams.Add(smithy.NewErrParamRequired("GroupName")) + } + if v.MemberName == nil { + invalidParams.Add(smithy.NewErrParamRequired("MemberName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpCreateGroupInput(v *CreateGroupInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "CreateGroupInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpCreateUserInput(v *CreateUserInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "CreateUserInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpDeleteGroupInput(v *DeleteGroupInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "DeleteGroupInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpDeleteUserInput(v *DeleteUserInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "DeleteUserInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpDescribeGroupInput(v *DescribeGroupInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "DescribeGroupInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpDescribeUserInput(v *DescribeUserInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "DescribeUserInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpDisableUserInput(v *DisableUserInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "DisableUserInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpListGroupMembersInput(v *ListGroupMembersInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "ListGroupMembersInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpListGroupsForMemberInput(v *ListGroupsForMemberInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "ListGroupsForMemberInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpListGroupsInput(v *ListGroupsInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "ListGroupsInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpListUsersInput(v *ListUsersInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "ListUsersInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpRemoveGroupMemberInput(v *RemoveGroupMemberInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "RemoveGroupMemberInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.GroupName == nil { + invalidParams.Add(smithy.NewErrParamRequired("GroupName")) + } + if v.MemberName == nil { + invalidParams.Add(smithy.NewErrParamRequired("MemberName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpSearchGroupsInput(v *SearchGroupsInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "SearchGroupsInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SearchString == nil { + invalidParams.Add(smithy.NewErrParamRequired("SearchString")) + } + if v.SearchAttributes == nil { + invalidParams.Add(smithy.NewErrParamRequired("SearchAttributes")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpSearchUsersInput(v *SearchUsersInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "SearchUsersInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SearchString == nil { + invalidParams.Add(smithy.NewErrParamRequired("SearchString")) + } + if v.SearchAttributes == nil { + invalidParams.Add(smithy.NewErrParamRequired("SearchAttributes")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpUpdateGroupInput(v *UpdateGroupInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "UpdateGroupInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + +func validateOpUpdateUserInput(v *UpdateUserInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "UpdateUserInput"} + if v.DirectoryId == nil { + invalidParams.Add(smithy.NewErrParamRequired("DirectoryId")) + } + if v.SAMAccountName == nil { + invalidParams.Add(smithy.NewErrParamRequired("SAMAccountName")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} diff --git a/service/guardduty/deserializers.go b/service/guardduty/deserializers.go index c8526af29b1..5b0fe9dad1a 100644 --- a/service/guardduty/deserializers.go +++ b/service/guardduty/deserializers.go @@ -14004,6 +14004,15 @@ func awsRestjson1_deserializeDocumentEcsTaskDetails(v **types.EcsTaskDetails, va sv.Group = ptr.String(jtv) } + case "launchType": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected String to be of type string, got %T instead", value) + } + sv.LaunchType = ptr.String(jtv) + } + case "startedAt": if value != nil { switch jtv := value.(type) { @@ -16037,7 +16046,7 @@ func awsRestjson1_deserializeDocumentKubernetesApiCallAction(v **types.Kubernete sv.ResourceName = ptr.String(jtv) } - case "sourceIps": + case "sourceIPs": if err := awsRestjson1_deserializeDocumentSourceIps(&sv.SourceIps, value); err != nil { return err } diff --git a/service/guardduty/types/types.go b/service/guardduty/types/types.go index d02f9f2f3e0..2498dd16597 100644 --- a/service/guardduty/types/types.go +++ b/service/guardduty/types/types.go @@ -1056,6 +1056,9 @@ type EcsTaskDetails struct { // The name of the task group that's associated with the task. Group *string + // A capacity on which the task is running. For example, Fargate and EC2 . + LaunchType *string + // The Unix timestamp for the time when the task started. StartedAt *time.Time diff --git a/service/mailmanager/api_op_UpdateRuleSet.go b/service/mailmanager/api_op_UpdateRuleSet.go index 0de1f40e664..92782c9dadb 100644 --- a/service/mailmanager/api_op_UpdateRuleSet.go +++ b/service/mailmanager/api_op_UpdateRuleSet.go @@ -11,7 +11,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// >Update attributes of an already provisioned rule set. +// Update attributes of an already provisioned rule set. func (c *Client) UpdateRuleSet(ctx context.Context, params *UpdateRuleSetInput, optFns ...func(*Options)) (*UpdateRuleSetOutput, error) { if params == nil { params = &UpdateRuleSetInput{} diff --git a/service/mailmanager/deserializers.go b/service/mailmanager/deserializers.go index 4fa3b2522c5..fc04767d3cd 100644 --- a/service/mailmanager/deserializers.go +++ b/service/mailmanager/deserializers.go @@ -9206,6 +9206,18 @@ loop: uv = &types.RuleStringToEvaluateMemberAttribute{Value: mv} break loop + case "MimeHeaderAttribute": + var mv string + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected MimeHeaderAttribute to be of type string, got %T instead", value) + } + mv = jtv + } + uv = &types.RuleStringToEvaluateMemberMimeHeaderAttribute{Value: mv} + break loop + default: uv = &types.UnknownUnionMember{Tag: key} break loop @@ -9780,7 +9792,7 @@ func awsAwsjson10_deserializeDocumentStringValueList(v *[]string, value interfac if value != nil { jtv, ok := value.(string) if !ok { - return fmt.Errorf("expected String to be of type string, got %T instead", value) + return fmt.Errorf("expected StringValue to be of type string, got %T instead", value) } col = jtv } diff --git a/service/mailmanager/doc.go b/service/mailmanager/doc.go index 3f28986e1dd..2116ecaf21f 100644 --- a/service/mailmanager/doc.go +++ b/service/mailmanager/doc.go @@ -3,10 +3,10 @@ // Package mailmanager provides the API client, operations, and parameter types // for MailManager. // -// # AWS SES Mail Manager API +// # Amazon SES Mail Manager API // -// [AWS SES Mail Manager API]contains operations and data types that comprise the Mail Manager feature of -// Amazon Simple Email Service. +// The Amazon SES Mail Manager API contains operations and data types that +// comprise the Mail Manager feature of [Amazon Simple Email Service (SES)]. // // Mail Manager is a set of Amazon SES email gateway features designed to help you // strengthen your organization's email infrastructure, simplify email workflow @@ -14,5 +14,5 @@ // the Amazon SES Developer Guide. // // [Mail Manager chapter]: https://docs.aws.amazon.com/ses/latest/dg/eb.html -// [AWS SES Mail Manager API]: http://aws.amazon.com/ses +// [Amazon Simple Email Service (SES)]: http://aws.amazon.com/ses package mailmanager diff --git a/service/mailmanager/serializers.go b/service/mailmanager/serializers.go index 1aa0d3cad5b..00262e2e39b 100644 --- a/service/mailmanager/serializers.go +++ b/service/mailmanager/serializers.go @@ -3625,6 +3625,10 @@ func awsAwsjson10_serializeDocumentRuleStringToEvaluate(v types.RuleStringToEval av := object.Key("Attribute") av.String(string(uv.Value)) + case *types.RuleStringToEvaluateMemberMimeHeaderAttribute: + av := object.Key("MimeHeaderAttribute") + av.String(uv.Value) + default: return fmt.Errorf("attempted to serialize unknown member type %T for union %T", uv, v) diff --git a/service/mailmanager/types/types.go b/service/mailmanager/types/types.go index 515aba5b8aa..9fcc1e85ac9 100644 --- a/service/mailmanager/types/types.go +++ b/service/mailmanager/types/types.go @@ -1199,6 +1199,7 @@ type RuleStringExpression struct { // The following types satisfy this interface: // // RuleStringToEvaluateMemberAttribute +// RuleStringToEvaluateMemberMimeHeaderAttribute type RuleStringToEvaluate interface { isRuleStringToEvaluate() } @@ -1212,6 +1213,15 @@ type RuleStringToEvaluateMemberAttribute struct { func (*RuleStringToEvaluateMemberAttribute) isRuleStringToEvaluate() {} +// The email MIME X-Header attribute to evaluate in a string condition expression. +type RuleStringToEvaluateMemberMimeHeaderAttribute struct { + Value string + + noSmithyDocumentSerde +} + +func (*RuleStringToEvaluateMemberMimeHeaderAttribute) isRuleStringToEvaluate() {} + // A verdict expression is evaluated against verdicts of the email. type RuleVerdictExpression struct { diff --git a/service/mailmanager/types/types_exported_test.go b/service/mailmanager/types/types_exported_test.go index 5ac347e716b..e32d0808020 100644 --- a/service/mailmanager/types/types_exported_test.go +++ b/service/mailmanager/types/types_exported_test.go @@ -392,6 +392,9 @@ func ExampleRuleStringToEvaluate_outputUsage() { case *types.RuleStringToEvaluateMemberAttribute: _ = v.Value // Value is types.RuleStringEmailAttribute + case *types.RuleStringToEvaluateMemberMimeHeaderAttribute: + _ = v.Value // Value is string + case *types.UnknownUnionMember: fmt.Println("unknown tag:", v.Tag) @@ -402,6 +405,7 @@ func ExampleRuleStringToEvaluate_outputUsage() { } var _ types.RuleStringEmailAttribute +var _ *string func ExampleRuleVerdictToEvaluate_outputUsage() { var union types.RuleVerdictToEvaluate diff --git a/service/rds/api_op_RestoreDBInstanceFromDBSnapshot.go b/service/rds/api_op_RestoreDBInstanceFromDBSnapshot.go index 820b33b3d72..35cc57d90d5 100644 --- a/service/rds/api_op_RestoreDBInstanceFromDBSnapshot.go +++ b/service/rds/api_op_RestoreDBInstanceFromDBSnapshot.go @@ -31,8 +31,16 @@ import ( // If you are restoring from a shared manual DB snapshot, the DBSnapshotIdentifier // must be the ARN of the shared DB snapshot. // +// To restore from a DB snapshot with an unsupported engine version, you must +// first upgrade the engine version of the snapshot. For more information about +// upgrading a RDS for MySQL DB snapshot engine version, see [Upgrading a MySQL DB snapshot engine version]. For more +// information about upgrading a RDS for PostgreSQL DB snapshot engine version, [Upgrading a PostgreSQL DB snapshot engine version]. +// // This command doesn't apply to Aurora MySQL and Aurora PostgreSQL. For Aurora, // use RestoreDBClusterFromSnapshot . +// +// [Upgrading a PostgreSQL DB snapshot engine version]: https://docs.aws.amazon.com/USER_UpgradeDBSnapshot.PostgreSQL.html +// [Upgrading a MySQL DB snapshot engine version]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/mysql-upgrade-snapshot.html func (c *Client) RestoreDBInstanceFromDBSnapshot(ctx context.Context, params *RestoreDBInstanceFromDBSnapshotInput, optFns ...func(*Options)) (*RestoreDBInstanceFromDBSnapshotOutput, error) { if params == nil { params = &RestoreDBInstanceFromDBSnapshotInput{} diff --git a/service/s3/api_op_CompleteMultipartUpload.go b/service/s3/api_op_CompleteMultipartUpload.go index e7039d2b11d..8951f77e00b 100644 --- a/service/s3/api_op_CompleteMultipartUpload.go +++ b/service/s3/api_op_CompleteMultipartUpload.go @@ -59,25 +59,30 @@ import ( // Guide. // // Permissions -// // - General purpose bucket permissions - For information about permissions // required to use the multipart upload API, see [Multipart Upload and Permissions]in the Amazon S3 User Guide. // -// - Directory bucket permissions - To grant access to this API operation on a -// directory bucket, we recommend that you use the [CreateSession]CreateSession API operation -// for session-based authorization. Specifically, you grant the -// s3express:CreateSession permission to the directory bucket in a bucket policy -// or an IAM identity-based policy. Then, you make the CreateSession API call on -// the bucket to obtain a session token. With the session token in your request -// header, you can make API requests to this operation. After the session token -// expires, you make another CreateSession API call to generate a new session -// token for use. Amazon Web Services CLI or SDKs create session and refresh the -// session token automatically to avoid service interruptions when a session -// expires. For more information about authorization, see [CreateSession]CreateSession . -// -// - If you provide an [additional checksum value]in your MultipartUpload requests and the object is -// encrypted with Key Management Service, you must have permission to use the -// kms:Decrypt action for the CompleteMultipartUpload request to succeed. +// If you provide an [additional checksum value]in your MultipartUpload requests and the object is encrypted +// +// with Key Management Service, you must have permission to use the kms:Decrypt +// action for the CompleteMultipartUpload request to succeed. +// +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the [CreateSession]CreateSession API operation +// for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see [CreateSession]CreateSession . +// +// If the object is encrypted with SSE-KMS, you must also have the +// +// kms:GenerateDataKey and kms:Decrypt permissions in IAM identity-based policies +// and KMS key policies for the KMS key. // // Special errors // @@ -133,10 +138,11 @@ import ( // [Regional and Zonal endpoints]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html // [additional checksum value]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html // [ListMultipartUploads]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html -// [CreateSession]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html // [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html // [Multipart Upload and Permissions]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html // [CreateMultipartUpload]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html +// +// [CreateSession]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html func (c *Client) CompleteMultipartUpload(ctx context.Context, params *CompleteMultipartUploadInput, optFns ...func(*Options)) (*CompleteMultipartUploadOutput, error) { if params == nil { params = &CompleteMultipartUploadInput{} @@ -317,8 +323,6 @@ type CompleteMultipartUploadOutput struct { // Indicates whether the multipart upload uses an S3 Bucket Key for server-side // encryption with Key Management Service (KMS) keys (SSE-KMS). - // - // This functionality is not supported for directory buckets. BucketKeyEnabled *bool // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be @@ -394,17 +398,11 @@ type CompleteMultipartUploadOutput struct { // This functionality is not supported for directory buckets. RequestCharged types.RequestCharged - // If present, indicates the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. - // - // This functionality is not supported for directory buckets. + // If present, indicates the ID of the KMS key that was used for object encryption. SSEKMSKeyId *string // The server-side encryption algorithm used when storing this object in Amazon S3 // (for example, AES256 , aws:kms ). - // - // For directory buckets, only server-side encryption with Amazon S3 managed keys - // (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // Version ID of the newly created object, in case the bucket has versioning diff --git a/service/s3/api_op_CopyObject.go b/service/s3/api_op_CopyObject.go index 5403315af16..ddb603d64b6 100644 --- a/service/s3/api_op_CopyObject.go +++ b/service/s3/api_op_CopyObject.go @@ -88,6 +88,11 @@ import ( // the object to the destination. The s3express:SessionMode condition key can't // be set to ReadOnly on the copy destination bucket. // +// If the object is encrypted with SSE-KMS, you must also have the +// +// kms:GenerateDataKey and kms:Decrypt permissions in IAM identity-based policies +// and KMS key policies for the KMS key. +// // For example policies, see [Example bucket policies for S3 Express One Zone]and [Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone]in the Amazon S3 User Guide. // // Response and special errors When the request is an HTTP 1.1 request, the @@ -309,10 +314,14 @@ type CopyObjectInput struct { // // For more information, see [Amazon S3 Bucket Keys] in the Amazon S3 User Guide. // - // This functionality is not supported when the destination bucket is a directory - // bucket. + // Directory buckets - S3 Bucket Keys aren't supported, when you copy SSE-KMS + // encrypted objects from general purpose buckets to directory buckets, from + // directory buckets to general purpose buckets, or between directory buckets, + // through [CopyObject]. In this case, Amazon S3 makes a call to KMS every time a copy request + // is made for a KMS-encrypted object. // // [Amazon S3 Bucket Keys]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html + // [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html BucketKeyEnabled *bool // Specifies the caching behavior along the request/reply chain. @@ -554,31 +563,46 @@ type CopyObjectInput struct { // bucket. SSECustomerKeyMD5 *string - // Specifies the Amazon Web Services KMS Encryption Context to use for object - // encryption. The value of this header is a base64-encoded UTF-8 string holding - // JSON with the encryption context key-value pairs. This value must be explicitly - // added to specify encryption context for CopyObject requests. + // Specifies the Amazon Web Services KMS Encryption Context as an additional + // encryption context to use for the destination object encryption. The value of + // this header is a base64-encoded UTF-8 string holding JSON with the encryption + // context key-value pairs. // - // This functionality is not supported when the destination bucket is a directory - // bucket. + // General purpose buckets - This value must be explicitly added to specify + // encryption context for CopyObject requests if you want an additional encryption + // context for your destination object. The additional encryption context of the + // source object won't be copied to the destination object. For more information, + // see [Encryption context]in the Amazon S3 User Guide. + // + // Directory buckets - You can optionally provide an explicit encryption context + // value. The value must match the default encryption context - the bucket Amazon + // Resource Name (ARN). An additional encryption context value is not supported. + // + // [Encryption context]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html#encryption-context SSEKMSEncryptionContext *string - // Specifies the KMS ID (Key ID, Key ARN, or Key Alias) to use for object + // Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object // encryption. All GET and PUT requests for an object protected by KMS will fail if // they're not made via SSL or using SigV4. For information about configuring any // of the officially supported Amazon Web Services SDKs and Amazon Web Services // CLI, see [Specifying the Signature Version in Request Authentication]in the Amazon S3 User Guide. // - // This functionality is not supported when the destination bucket is a directory - // bucket. + // Directory buckets - If you specify x-amz-server-side-encryption with aws:kms , + // you must specify the x-amz-server-side-encryption-aws-kms-key-id header with + // the ID (Key ID or Key ARN) of the KMS symmetric encryption customer managed key + // to use. Otherwise, you get an HTTP 400 Bad Request error. Only use the key ID + // or key ARN. The key alias format of the KMS key isn't supported. Your SSE-KMS + // configuration can only support 1 [customer managed key]per directory bucket for the lifetime of the + // bucket. [Amazon Web Services managed key]( aws/s3 ) isn't supported. // + // [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk // [Specifying the Signature Version in Request Authentication]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version + // [Amazon Web Services managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk SSEKMSKeyId *string - // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms , aws:kms:dsse ). Unrecognized or unsupported - // values won’t write a destination object and will receive a 400 Bad Request - // response. + // The server-side encryption algorithm used when storing this object in Amazon + // S3. Unrecognized or unsupported values won’t write a destination object and will + // receive a 400 Bad Request response. // // Amazon S3 automatically encrypts all new objects that are copied to an S3 // bucket. When copying an object, if you don't specify encryption information in @@ -586,27 +610,58 @@ type CopyObjectInput struct { // default encryption configuration of the destination bucket. By default, all // buckets have a base level of encryption configuration that uses server-side // encryption with Amazon S3 managed keys (SSE-S3). If the destination bucket has a - // default encryption configuration that uses server-side encryption with Key - // Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption with - // Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with - // customer-provided encryption keys (SSE-C), Amazon S3 uses the corresponding KMS - // key, or a customer-provided key to encrypt the target object copy. - // - // When you perform a CopyObject operation, if you want to use a different type of - // encryption setting for the target object, you can specify appropriate - // encryption-related headers to encrypt the target object with an Amazon S3 - // managed key, a KMS key, or a customer-provided key. If the encryption setting in - // your request is different from the default encryption configuration of the - // destination bucket, the encryption setting in your request takes precedence. + // different default encryption configuration, Amazon S3 uses the corresponding + // encryption key to encrypt the target object copy. // // With server-side encryption, Amazon S3 encrypts your data as it writes your // data to disks in its data centers and decrypts the data when you access it. For // more information about server-side encryption, see [Using Server-Side Encryption]in the Amazon S3 User Guide. // - // For directory buckets, only server-side encryption with Amazon S3 managed keys - // (SSE-S3) ( AES256 ) is supported. + // General purpose buckets + // + // - For general purpose buckets, there are the following supported options for + // server-side encryption: server-side encryption with Key Management Service (KMS) + // keys (SSE-KMS), dual-layer server-side encryption with Amazon Web Services KMS + // keys (DSSE-KMS), and server-side encryption with customer-provided encryption + // keys (SSE-C). Amazon S3 uses the corresponding KMS key, or a customer-provided + // key to encrypt the target object copy. + // + // - When you perform a CopyObject operation, if you want to use a different type + // of encryption setting for the target object, you can specify appropriate + // encryption-related headers to encrypt the target object with an Amazon S3 + // managed key, a KMS key, or a customer-provided key. If the encryption setting in + // your request is different from the default encryption configuration of the + // destination bucket, the encryption setting in your request takes precedence. + // + // Directory buckets + // + // - For directory buckets, there are only two supported options for server-side + // encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) ( + // AES256 ) and server-side encryption with KMS keys (SSE-KMS) ( aws:kms ). We + // recommend that the bucket's default encryption uses the desired encryption + // configuration and you don't override the bucket default encryption in your + // CreateSession requests or PUT object requests. Then, new objects are + // automatically encrypted with the desired encryption settings. For more + // information, see [Protecting data with server-side encryption]in the Amazon S3 User Guide. For more information about the + // encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with KMS for new object uploads]. + // + // - To encrypt new object copies to a directory bucket with SSE-KMS, we + // recommend you specify SSE-KMS as the directory bucket's default encryption + // configuration with a KMS key (specifically, a [customer managed key]). [Amazon Web Services managed key]( aws/s3 ) isn't supported. + // Your SSE-KMS configuration can only support 1 [customer managed key]per directory bucket for the + // lifetime of the bucket. After you specify a customer managed key for SSE-KMS, + // you can't override the customer managed key for the bucket's SSE-KMS + // configuration. Then, when you perform a CopyObject operation and want to + // specify server-side encryption settings for new object copies with SSE-KMS in + // the encryption-related request headers, you must ensure the encryption key is + // the same customer managed key that you specified for the directory bucket's + // default encryption configuration. // // [Using Server-Side Encryption]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html + // [Specifying server-side encryption with KMS for new object uploads]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html + // [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk + // [Protecting data with server-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html + // [Amazon Web Services managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk ServerSideEncryption types.ServerSideEncryption // If the x-amz-storage-class header is not used, the copied object will be stored @@ -752,8 +807,6 @@ type CopyObjectOutput struct { // Indicates whether the copied object uses an S3 Bucket Key for server-side // encryption with Key Management Service (KMS) keys (SSE-KMS). - // - // This functionality is not supported for directory buckets. BucketKeyEnabled *bool // Container for all response elements. @@ -793,21 +846,13 @@ type CopyObjectOutput struct { // If present, indicates the Amazon Web Services KMS Encryption Context to use for // object encryption. The value of this header is a base64-encoded UTF-8 string // holding JSON with the encryption context key-value pairs. - // - // This functionality is not supported for directory buckets. SSEKMSEncryptionContext *string - // If present, indicates the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. - // - // This functionality is not supported for directory buckets. + // If present, indicates the ID of the KMS key that was used for object encryption. SSEKMSKeyId *string // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256 , aws:kms , aws:kms:dsse ). - // - // For directory buckets, only server-side encryption with Amazon S3 managed keys - // (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // Version ID of the newly created copy. diff --git a/service/s3/api_op_CreateMultipartUpload.go b/service/s3/api_op_CreateMultipartUpload.go index 4af112049d6..b9f31dce1ce 100644 --- a/service/s3/api_op_CreateMultipartUpload.go +++ b/service/s3/api_op_CreateMultipartUpload.go @@ -147,8 +147,44 @@ import ( // // encryption keys (SSE-C), see [Protecting data using server-side encryption with customer-provided encryption keys (SSE-C)]in the Amazon S3 User Guide. // -// - Directory buckets -For directory buckets, only server-side encryption with -// Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. +// - Directory buckets - For directory buckets, there are only two supported +// options for server-side encryption: server-side encryption with Amazon S3 +// managed keys (SSE-S3) ( AES256 ) and server-side encryption with KMS keys +// (SSE-KMS) ( aws:kms ). We recommend that the bucket's default encryption uses +// the desired encryption configuration and you don't override the bucket default +// encryption in your CreateSession requests or PUT object requests. Then, new +// objects are automatically encrypted with the desired encryption settings. For +// more information, see [Protecting data with server-side encryption]in the Amazon S3 User Guide. For more information about +// the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with KMS for new object uploads]. +// +// In the Zonal endpoint API calls (except [CopyObject]and [UploadPartCopy]) using the REST API, the +// +// encryption request headers must match the encryption settings that are specified +// in the CreateSession request. You can't override the values of the encryption +// settings ( x-amz-server-side-encryption , +// x-amz-server-side-encryption-aws-kms-key-id , +// x-amz-server-side-encryption-context , and +// x-amz-server-side-encryption-bucket-key-enabled ) that are specified in the +// CreateSession request. You don't need to explicitly specify these encryption +// settings values in Zonal endpoint API calls, and Amazon S3 will use the +// encryption settings values from the CreateSession request to protect new +// objects in the directory bucket. +// +// When you use the CLI or the Amazon Web Services SDKs, for CreateSession , the +// +// session token refreshes automatically to avoid service interruptions when a +// session expires. The CLI or the Amazon Web Services SDKs use the bucket's +// default encryption configuration for the CreateSession request. It's not +// supported to override the encryption settings values in the CreateSession +// request. So in the Zonal endpoint API calls (except [CopyObject]and [UploadPartCopy]), the encryption +// request headers must match the default encryption configuration of the directory +// bucket. +// +// For directory buckets, when you perform a CreateMultipartUpload operation and an +// +// UploadPartCopy operation, the request headers you provide in the +// CreateMultipartUpload request must match the default encryption configuration +// of the destination bucket. // // HTTP Host header syntax Directory buckets - The HTTP Host header syntax is // Bucket_name.s3express-az_id.region.amazonaws.com . @@ -171,6 +207,7 @@ import ( // [Regional and Zonal endpoints]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html // [Specifying the Signature Version in Request Authentication]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version // [Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Configuration]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config +// [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html // [CreateSession]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html // [Multipart upload API and permissions]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions // [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html @@ -181,7 +218,9 @@ import ( // [Protecting data using server-side encryption with Amazon Web Services KMS]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html // [ListMultipartUploads]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html // +// [Specifying server-side encryption with KMS for new object uploads]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html // [Protecting data using server-side encryption with customer-provided encryption keys (SSE-C)]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html +// [Protecting data with server-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html func (c *Client) CreateMultipartUpload(ctx context.Context, params *CreateMultipartUploadInput, optFns ...func(*Options)) (*CreateMultipartUploadOutput, error) { if params == nil { params = &CreateMultipartUploadInput{} @@ -263,13 +302,22 @@ type CreateMultipartUploadInput struct { // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). - // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object - // encryption with SSE-KMS. // - // Specifying this header with an object action doesn’t affect bucket-level - // settings for S3 Bucket Key. - // - // This functionality is not supported for directory buckets. + // General purpose buckets - Setting this header to true causes Amazon S3 to use + // an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this + // header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key. + // + // Directory buckets - S3 Bucket Keys are always enabled for GET and PUT + // operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't + // supported, when you copy SSE-KMS encrypted objects from general purpose buckets + // to directory buckets, from directory buckets to general purpose buckets, or + // between directory buckets, through [CopyObject], [UploadPartCopy], [the Copy operation in Batch Operations], or [the import jobs]. In this case, Amazon S3 makes a + // call to KMS every time a copy request is made for a KMS-encrypted object. + // + // [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html + // [the import jobs]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job + // [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html + // [the Copy operation in Batch Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops BucketKeyEnabled *bool // Specifies caching behavior along the request/reply chain. @@ -581,23 +629,76 @@ type CreateMultipartUploadInput struct { SSECustomerKeyMD5 *string // Specifies the Amazon Web Services KMS Encryption Context to use for object - // encryption. The value of this header is a base64-encoded UTF-8 string holding - // JSON with the encryption context key-value pairs. + // encryption. The value of this header is a Base64-encoded string of a UTF-8 + // encoded JSON, which contains the encryption context as key-value pairs. // - // This functionality is not supported for directory buckets. + // Directory buckets - You can optionally provide an explicit encryption context + // value. The value must match the default encryption context - the bucket Amazon + // Resource Name (ARN). An additional encryption context value is not supported. SSEKMSEncryptionContext *string - // Specifies the ID (Key ID, Key ARN, or Key Alias) of the symmetric encryption - // customer managed key to use for object encryption. - // - // This functionality is not supported for directory buckets. + // Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object + // encryption. If the KMS key doesn't exist in the same account that's issuing the + // command, you must use the full Key ARN not the Key ID. + // + // General purpose buckets - If you specify x-amz-server-side-encryption with + // aws:kms or aws:kms:dsse , this header specifies the ID (Key ID, Key ARN, or Key + // Alias) of the KMS key to use. If you specify + // x-amz-server-side-encryption:aws:kms or + // x-amz-server-side-encryption:aws:kms:dsse , but do not provide + // x-amz-server-side-encryption-aws-kms-key-id , Amazon S3 uses the Amazon Web + // Services managed key ( aws/s3 ) to protect the data. + // + // Directory buckets - If you specify x-amz-server-side-encryption with aws:kms , + // you must specify the x-amz-server-side-encryption-aws-kms-key-id header with + // the ID (Key ID or Key ARN) of the KMS symmetric encryption customer managed key + // to use. Otherwise, you get an HTTP 400 Bad Request error. Only use the key ID + // or key ARN. The key alias format of the KMS key isn't supported. Your SSE-KMS + // configuration can only support 1 [customer managed key]per directory bucket for the lifetime of the + // bucket. [Amazon Web Services managed key]( aws/s3 ) isn't supported. + // + // [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk + // [Amazon Web Services managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk SSEKMSKeyId *string // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256 , aws:kms ). // - // For directory buckets, only server-side encryption with Amazon S3 managed keys - // (SSE-S3) ( AES256 ) is supported. + // - Directory buckets - For directory buckets, there are only two supported + // options for server-side encryption: server-side encryption with Amazon S3 + // managed keys (SSE-S3) ( AES256 ) and server-side encryption with KMS keys + // (SSE-KMS) ( aws:kms ). We recommend that the bucket's default encryption uses + // the desired encryption configuration and you don't override the bucket default + // encryption in your CreateSession requests or PUT object requests. Then, new + // objects are automatically encrypted with the desired encryption settings. For + // more information, see [Protecting data with server-side encryption]in the Amazon S3 User Guide. For more information about + // the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with KMS for new object uploads]. + // + // In the Zonal endpoint API calls (except [CopyObject]and [UploadPartCopy]) using the REST API, the + // encryption request headers must match the encryption settings that are specified + // in the CreateSession request. You can't override the values of the encryption + // settings ( x-amz-server-side-encryption , + // x-amz-server-side-encryption-aws-kms-key-id , + // x-amz-server-side-encryption-context , and + // x-amz-server-side-encryption-bucket-key-enabled ) that are specified in the + // CreateSession request. You don't need to explicitly specify these encryption + // settings values in Zonal endpoint API calls, and Amazon S3 will use the + // encryption settings values from the CreateSession request to protect new + // objects in the directory bucket. + // + // When you use the CLI or the Amazon Web Services SDKs, for CreateSession , the + // session token refreshes automatically to avoid service interruptions when a + // session expires. The CLI or the Amazon Web Services SDKs use the bucket's + // default encryption configuration for the CreateSession request. It's not + // supported to override the encryption settings values in the CreateSession + // request. So in the Zonal endpoint API calls (except [CopyObject]and [UploadPartCopy]), the encryption + // request headers must match the default encryption configuration of the directory + // bucket. + // + // [Specifying server-side encryption with KMS for new object uploads]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html + // [Protecting data with server-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html + // [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html + // [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html ServerSideEncryption types.ServerSideEncryption // By default, Amazon S3 uses the STANDARD Storage Class to store newly created @@ -666,8 +767,6 @@ type CreateMultipartUploadOutput struct { // Indicates whether the multipart upload uses an S3 Bucket Key for server-side // encryption with Key Management Service (KMS) keys (SSE-KMS). - // - // This functionality is not supported for directory buckets. BucketKeyEnabled *bool // The algorithm that was used to create a checksum of the object. @@ -697,23 +796,15 @@ type CreateMultipartUploadOutput struct { SSECustomerKeyMD5 *string // If present, indicates the Amazon Web Services KMS Encryption Context to use for - // object encryption. The value of this header is a base64-encoded UTF-8 string - // holding JSON with the encryption context key-value pairs. - // - // This functionality is not supported for directory buckets. + // object encryption. The value of this header is a Base64-encoded string of a + // UTF-8 encoded JSON, which contains the encryption context as key-value pairs. SSEKMSEncryptionContext *string - // If present, indicates the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. - // - // This functionality is not supported for directory buckets. + // If present, indicates the ID of the KMS key that was used for object encryption. SSEKMSKeyId *string // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256 , aws:kms ). - // - // For directory buckets, only server-side encryption with Amazon S3 managed keys - // (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // ID for the initiated multipart upload. diff --git a/service/s3/api_op_CreateSession.go b/service/s3/api_op_CreateSession.go index b8c1736b404..891e65e0193 100644 --- a/service/s3/api_op_CreateSession.go +++ b/service/s3/api_op_CreateSession.go @@ -15,9 +15,10 @@ import ( ) // Creates a session that establishes temporary security credentials to support -// fast authentication and authorization for the Zonal endpoint APIs on directory -// buckets. For more information about Zonal endpoint APIs that include the -// Availability Zone in the request endpoint, see [S3 Express One Zone APIs]in the Amazon S3 User Guide. +// fast authentication and authorization for the Zonal endpoint API operations on +// directory buckets. For more information about Zonal endpoint API operations that +// include the Availability Zone in the request endpoint, see [S3 Express One Zone APIs]in the Amazon S3 +// User Guide. // // To make Zonal endpoint API requests on a directory bucket, use the CreateSession // API operation. Specifically, you grant s3express:CreateSession permission to a @@ -25,12 +26,12 @@ import ( // credentials to make the CreateSession API request on the bucket, which returns // temporary security credentials that include the access key ID, secret access // key, session token, and expiration. These credentials have associated -// permissions to access the Zonal endpoint APIs. After the session is created, you -// don’t need to use other policies to grant permissions to each Zonal endpoint API -// individually. Instead, in your Zonal endpoint API requests, you sign your -// requests by applying the temporary security credentials of the session to the -// request headers and following the SigV4 protocol for authentication. You also -// apply the session token to the x-amz-s3session-token request header for +// permissions to access the Zonal endpoint API operations. After the session is +// created, you don’t need to use other policies to grant permissions to each Zonal +// endpoint API individually. Instead, in your Zonal endpoint API requests, you +// sign your requests by applying the temporary security credentials of the session +// to the request headers and following the SigV4 protocol for authentication. You +// also apply the session token to the x-amz-s3session-token request header for // authorization. Temporary security credentials are scoped to the bucket and // expire after 5 minutes. After the expiration time, any calls that you make with // those credentials will fail. You must use IAM credentials again to make a @@ -49,17 +50,17 @@ import ( // https://bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests // are not supported. For more information, see [Regional and Zonal endpoints]in the Amazon S3 User Guide. // -// - CopyObject API operation - Unlike other Zonal endpoint APIs, the CopyObject -// API operation doesn't use the temporary security credentials returned from the -// CreateSession API operation for authentication and authorization. For -// information about authentication and authorization of the CopyObject API -// operation on directory buckets, see [CopyObject]. +// - CopyObject API operation - Unlike other Zonal endpoint API operations, the +// CopyObject API operation doesn't use the temporary security credentials +// returned from the CreateSession API operation for authentication and +// authorization. For information about authentication and authorization of the +// CopyObject API operation on directory buckets, see [CopyObject]. // -// - HeadBucket API operation - Unlike other Zonal endpoint APIs, the HeadBucket -// API operation doesn't use the temporary security credentials returned from the -// CreateSession API operation for authentication and authorization. For -// information about authentication and authorization of the HeadBucket API -// operation on directory buckets, see [HeadBucket]. +// - HeadBucket API operation - Unlike other Zonal endpoint API operations, the +// HeadBucket API operation doesn't use the temporary security credentials +// returned from the CreateSession API operation for authentication and +// authorization. For information about authentication and authorization of the +// HeadBucket API operation on directory buckets, see [HeadBucket]. // // Permissions To obtain temporary security credentials, you must create a bucket // policy or an IAM identity-based policy that grants s3express:CreateSession @@ -69,20 +70,72 @@ import ( // x-amz-create-session-mode . For example policies, see [Example bucket policies for S3 Express One Zone] and [Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone] in the Amazon S3 // User Guide. // -// To grant cross-account access to Zonal endpoint APIs, the bucket policy should -// also grant both accounts the s3express:CreateSession permission. +// To grant cross-account access to Zonal endpoint API operations, the bucket +// policy should also grant both accounts the s3express:CreateSession permission. +// +// If you want to encrypt objects with SSE-KMS, you must also have the +// kms:GenerateDataKey and the kms:Decrypt permissions in IAM identity-based +// policies and KMS key policies for the target KMS key. +// +// Encryption For directory buckets, there are only two supported options for +// server-side encryption: server-side encryption with Amazon S3 managed keys +// (SSE-S3) ( AES256 ) and server-side encryption with KMS keys (SSE-KMS) ( aws:kms +// ). We recommend that the bucket's default encryption uses the desired encryption +// configuration and you don't override the bucket default encryption in your +// CreateSession requests or PUT object requests. Then, new objects are +// automatically encrypted with the desired encryption settings. For more +// information, see [Protecting data with server-side encryption]in the Amazon S3 User Guide. For more information about the +// encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with KMS for new object uploads]. +// +// For [Zonal endpoint (object-level) API operations] except [CopyObject] and [UploadPartCopy], you authenticate and authorize requests through [CreateSession] for low +// latency. To encrypt new objects in a directory bucket with SSE-KMS, you must +// specify SSE-KMS as the directory bucket's default encryption configuration with +// a KMS key (specifically, a [customer managed key]). Then, when a session is created for Zonal +// endpoint API operations, new objects are automatically encrypted and decrypted +// with SSE-KMS and S3 Bucket Keys during the session. +// +// Only 1 [customer managed key] is supported per directory bucket for the lifetime of the bucket. [Amazon Web Services managed key] ( +// aws/s3 ) isn't supported. After you specify SSE-KMS as your bucket's default +// encryption configuration with a customer managed key, you can't change the +// customer managed key for the bucket's SSE-KMS configuration. +// +// In the Zonal endpoint API calls (except [CopyObject] and [UploadPartCopy]) using the REST API, you can't +// override the values of the encryption settings ( x-amz-server-side-encryption , +// x-amz-server-side-encryption-aws-kms-key-id , +// x-amz-server-side-encryption-context , and +// x-amz-server-side-encryption-bucket-key-enabled ) from the CreateSession +// request. You don't need to explicitly specify these encryption settings values +// in Zonal endpoint API calls, and Amazon S3 will use the encryption settings +// values from the CreateSession request to protect new objects in the directory +// bucket. +// +// When you use the CLI or the Amazon Web Services SDKs, for CreateSession , the +// session token refreshes automatically to avoid service interruptions when a +// session expires. The CLI or the Amazon Web Services SDKs use the bucket's +// default encryption configuration for the CreateSession request. It's not +// supported to override the encryption settings values in the CreateSession +// request. Also, in the Zonal endpoint API calls (except [CopyObject]and [UploadPartCopy]), it's not +// supported to override the values of the encryption settings from the +// CreateSession request. // // HTTP Host header syntax Directory buckets - The HTTP Host header syntax is // Bucket_name.s3express-az_id.region.amazonaws.com . // -// [Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html +// [Specifying server-side encryption with KMS for new object uploads]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html // [Performance guidelines and design patterns]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-optimizing-performance-guidelines-design-patterns.html#s3-express-optimizing-performance-session-authentication -// [Example bucket policies for S3 Express One Zone]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html // [Regional and Zonal endpoints]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html // [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html -// [x-amz-create-session-mode]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html#API_CreateSession_RequestParameters +// [CreateSession]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html // [S3 Express One Zone APIs]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-APIs.html // [HeadBucket]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadBucket.html +// [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html +// [Amazon Web Services managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk +// [Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html +// [Example bucket policies for S3 Express One Zone]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html +// [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk +// [Protecting data with server-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html +// [x-amz-create-session-mode]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html#API_CreateSession_RequestParameters +// [Zonal endpoint (object-level) API operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-differences.html#s3-express-differences-api-operations func (c *Client) CreateSession(ctx context.Context, params *CreateSessionInput, optFns ...func(*Options)) (*CreateSessionOutput, error) { if params == nil { params = &CreateSessionInput{} @@ -105,12 +158,73 @@ type CreateSessionInput struct { // This member is required. Bucket *string + // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption + // with server-side encryption using KMS keys (SSE-KMS). + // + // S3 Bucket Keys are always enabled for GET and PUT operations in a directory + // bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy + // SSE-KMS encrypted objects from general purpose buckets to directory buckets, + // from directory buckets to general purpose buckets, or between directory buckets, + // through [CopyObject], [UploadPartCopy], [the Copy operation in Batch Operations], or [the import jobs]. In this case, Amazon S3 makes a call to KMS every time a + // copy request is made for a KMS-encrypted object. + // + // [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html + // [the import jobs]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job + // [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html + // [the Copy operation in Batch Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops + BucketKeyEnabled *bool + + // Specifies the Amazon Web Services KMS Encryption Context as an additional + // encryption context to use for object encryption. The value of this header is a + // Base64-encoded string of a UTF-8 encoded JSON, which contains the encryption + // context as key-value pairs. This value is stored as object metadata and + // automatically gets passed on to Amazon Web Services KMS for future GetObject + // operations on this object. + // + // General purpose buckets - This value must be explicitly added during CopyObject + // operations if you want an additional encryption context for your object. For + // more information, see [Encryption context]in the Amazon S3 User Guide. + // + // Directory buckets - You can optionally provide an explicit encryption context + // value. The value must match the default encryption context - the bucket Amazon + // Resource Name (ARN). An additional encryption context value is not supported. + // + // [Encryption context]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html#encryption-context + SSEKMSEncryptionContext *string + + // If you specify x-amz-server-side-encryption with aws:kms , you must specify the + // x-amz-server-side-encryption-aws-kms-key-id header with the ID (Key ID or Key + // ARN) of the KMS symmetric encryption customer managed key to use. Otherwise, you + // get an HTTP 400 Bad Request error. Only use the key ID or key ARN. The key + // alias format of the KMS key isn't supported. Also, if the KMS key doesn't exist + // in the same account that't issuing the command, you must use the full Key ARN + // not the Key ID. + // + // Your SSE-KMS configuration can only support 1 [customer managed key] per directory bucket for the + // lifetime of the bucket. [Amazon Web Services managed key]( aws/s3 ) isn't supported. + // + // [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk + // [Amazon Web Services managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk + SSEKMSKeyId *string + + // The server-side encryption algorithm to use when you store objects in the + // directory bucket. + // + // For directory buckets, there are only two supported options for server-side + // encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) ( AES256 + // ) and server-side encryption with KMS keys (SSE-KMS) ( aws:kms ). By default, + // Amazon S3 encrypts data with SSE-S3. For more information, see [Protecting data with server-side encryption]in the Amazon S3 + // User Guide. + // + // [Protecting data with server-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html + ServerSideEncryption types.ServerSideEncryption + // Specifies the mode of the session that will be created, either ReadWrite or // ReadOnly . By default, a ReadWrite session is created. A ReadWrite session is - // capable of executing all the Zonal endpoint APIs on a directory bucket. A - // ReadOnly session is constrained to execute the following Zonal endpoint APIs: - // GetObject , HeadObject , ListObjectsV2 , GetObjectAttributes , ListParts , and - // ListMultipartUploads . + // capable of executing all the Zonal endpoint API operations on a directory + // bucket. A ReadOnly session is constrained to execute the following Zonal + // endpoint API operations: GetObject , HeadObject , ListObjectsV2 , + // GetObjectAttributes , ListParts , and ListMultipartUploads . SessionMode types.SessionMode noSmithyDocumentSerde @@ -129,6 +243,26 @@ type CreateSessionOutput struct { // This member is required. Credentials *types.SessionCredentials + // Indicates whether to use an S3 Bucket Key for server-side encryption with KMS + // keys (SSE-KMS). + BucketKeyEnabled *bool + + // If present, indicates the Amazon Web Services KMS Encryption Context to use for + // object encryption. The value of this header is a Base64-encoded string of a + // UTF-8 encoded JSON, which contains the encryption context as key-value pairs. + // This value is stored as object metadata and automatically gets passed on to + // Amazon Web Services KMS for future GetObject operations on this object. + SSEKMSEncryptionContext *string + + // If you specify x-amz-server-side-encryption with aws:kms , this header indicates + // the ID of the KMS symmetric encryption customer managed key that was used for + // object encryption. + SSEKMSKeyId *string + + // The server-side encryption algorithm used when you store objects in the + // directory bucket. + ServerSideEncryption types.ServerSideEncryption + // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata diff --git a/service/s3/api_op_DeleteBucketEncryption.go b/service/s3/api_op_DeleteBucketEncryption.go index fa37719c0b3..91b1b63171d 100644 --- a/service/s3/api_op_DeleteBucketEncryption.go +++ b/service/s3/api_op_DeleteBucketEncryption.go @@ -13,17 +13,32 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This operation is not supported by directory buckets. -// // This implementation of the DELETE action resets the default encryption for the -// bucket as server-side encryption with Amazon S3 managed keys (SSE-S3). For -// information about the bucket default encryption feature, see [Amazon S3 Bucket Default Encryption]in the Amazon S3 -// User Guide. +// bucket as server-side encryption with Amazon S3 managed keys (SSE-S3). +// +// - General purpose buckets - For information about the bucket default +// encryption feature, see [Amazon S3 Bucket Default Encryption]in the Amazon S3 User Guide. +// +// - Directory buckets - For directory buckets, there are only two supported +// options for server-side encryption: SSE-S3 and SSE-KMS. For information about +// the default encryption configuration in directory buckets, see [Setting default server-side encryption behavior for directory buckets]. +// +// Permissions +// +// - General purpose bucket permissions - The s3:PutEncryptionConfiguration +// permission is required in a policy. The bucket owner has this permission by +// default. The bucket owner can grant this permission to others. For more +// information about permissions, see [Permissions Related to Bucket Operations]and [Managing Access Permissions to Your Amazon S3 Resources]. // -// To use this operation, you must have permissions to perform the -// s3:PutEncryptionConfiguration action. The bucket owner has this permission by -// default. The bucket owner can grant this permission to others. For more -// information about permissions, see [Permissions Related to Bucket Subresource Operations]and [Managing Access Permissions to your Amazon S3 Resources] in the Amazon S3 User Guide. +// - Directory bucket permissions - To grant access to this API operation, you +// must have the s3express:PutEncryptionConfiguration permission in an IAM +// identity-based policy instead of a bucket policy. Cross-account access to this +// API operation isn't supported. This operation can only be performed by the +// Amazon Web Services account that owns the resource. For more information about +// directory bucket policies and permissions, see [Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone]in the Amazon S3 User Guide. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// s3express-control.region.amazonaws.com . // // The following operations are related to DeleteBucketEncryption : // @@ -33,9 +48,11 @@ import ( // // [GetBucketEncryption]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html // [PutBucketEncryption]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html -// [Permissions Related to Bucket Subresource Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources -// [Managing Access Permissions to your Amazon S3 Resources]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html +// [Setting default server-side encryption behavior for directory buckets]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html // [Amazon S3 Bucket Default Encryption]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html +// [Managing Access Permissions to Your Amazon S3 Resources]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html +// [Permissions Related to Bucket Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources +// [Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html func (c *Client) DeleteBucketEncryption(ctx context.Context, params *DeleteBucketEncryptionInput, optFns ...func(*Options)) (*DeleteBucketEncryptionOutput, error) { if params == nil { params = &DeleteBucketEncryptionInput{} @@ -56,12 +73,27 @@ type DeleteBucketEncryptionInput struct { // The name of the bucket containing the server-side encryption configuration to // delete. // + // Directory buckets - When you use this operation with a directory bucket, you + // must use path-style requests in the format + // https://s3express-control.region_code.amazonaws.com/bucket-name . + // Virtual-hosted-style requests aren't supported. Directory bucket names must be + // unique in the chosen Availability Zone. Bucket names must also follow the format + // bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3 + // ). For information about bucket naming restrictions, see [Directory bucket naming rules]in the Amazon S3 User + // Guide + // + // [Directory bucket naming rules]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html + // // This member is required. Bucket *string // The account ID of the expected bucket owner. If the account ID that you provide // does not match the actual owner of the bucket, the request fails with the HTTP // status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. If + // you specify this header, the request fails with the HTTP status code 501 Not + // Implemented . ExpectedBucketOwner *string noSmithyDocumentSerde diff --git a/service/s3/api_op_GetBucketEncryption.go b/service/s3/api_op_GetBucketEncryption.go index 8e768fe0d0d..91f3df56480 100644 --- a/service/s3/api_op_GetBucketEncryption.go +++ b/service/s3/api_op_GetBucketEncryption.go @@ -14,17 +14,33 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This operation is not supported by directory buckets. -// // Returns the default encryption configuration for an Amazon S3 bucket. By // default, all buckets have a default encryption configuration that uses -// server-side encryption with Amazon S3 managed keys (SSE-S3). For information -// about the bucket default encryption feature, see [Amazon S3 Bucket Default Encryption]in the Amazon S3 User Guide. +// server-side encryption with Amazon S3 managed keys (SSE-S3). +// +// - General purpose buckets - For information about the bucket default +// encryption feature, see [Amazon S3 Bucket Default Encryption]in the Amazon S3 User Guide. +// +// - Directory buckets - For directory buckets, there are only two supported +// options for server-side encryption: SSE-S3 and SSE-KMS. For information about +// the default encryption configuration in directory buckets, see [Setting default server-side encryption behavior for directory buckets]. +// +// Permissions +// +// - General purpose bucket permissions - The s3:GetEncryptionConfiguration +// permission is required in a policy. The bucket owner has this permission by +// default. The bucket owner can grant this permission to others. For more +// information about permissions, see [Permissions Related to Bucket Operations]and [Managing Access Permissions to Your Amazon S3 Resources]. // -// To use this operation, you must have permission to perform the -// s3:GetEncryptionConfiguration action. The bucket owner has this permission by -// default. The bucket owner can grant this permission to others. For more -// information about permissions, see [Permissions Related to Bucket Subresource Operations]and [Managing Access Permissions to Your Amazon S3 Resources]. +// - Directory bucket permissions - To grant access to this API operation, you +// must have the s3express:GetEncryptionConfiguration permission in an IAM +// identity-based policy instead of a bucket policy. Cross-account access to this +// API operation isn't supported. This operation can only be performed by the +// Amazon Web Services account that owns the resource. For more information about +// directory bucket policies and permissions, see [Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone]in the Amazon S3 User Guide. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// s3express-control.region.amazonaws.com . // // The following operations are related to GetBucketEncryption : // @@ -34,9 +50,11 @@ import ( // // [DeleteBucketEncryption]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html // [PutBucketEncryption]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html -// [Permissions Related to Bucket Subresource Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources +// [Setting default server-side encryption behavior for directory buckets]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html // [Amazon S3 Bucket Default Encryption]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html // [Managing Access Permissions to Your Amazon S3 Resources]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html +// [Permissions Related to Bucket Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources +// [Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html func (c *Client) GetBucketEncryption(ctx context.Context, params *GetBucketEncryptionInput, optFns ...func(*Options)) (*GetBucketEncryptionOutput, error) { if params == nil { params = &GetBucketEncryptionInput{} @@ -57,12 +75,27 @@ type GetBucketEncryptionInput struct { // The name of the bucket from which the server-side encryption configuration is // retrieved. // + // Directory buckets - When you use this operation with a directory bucket, you + // must use path-style requests in the format + // https://s3express-control.region_code.amazonaws.com/bucket-name . + // Virtual-hosted-style requests aren't supported. Directory bucket names must be + // unique in the chosen Availability Zone. Bucket names must also follow the format + // bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3 + // ). For information about bucket naming restrictions, see [Directory bucket naming rules]in the Amazon S3 User + // Guide + // + // [Directory bucket naming rules]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html + // // This member is required. Bucket *string // The account ID of the expected bucket owner. If the account ID that you provide // does not match the actual owner of the bucket, the request fails with the HTTP // status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. If + // you specify this header, the request fails with the HTTP status code 501 Not + // Implemented . ExpectedBucketOwner *string noSmithyDocumentSerde diff --git a/service/s3/api_op_GetObject.go b/service/s3/api_op_GetObject.go index 618e9e4daa2..b817c467785 100644 --- a/service/s3/api_op_GetObject.go +++ b/service/s3/api_op_GetObject.go @@ -79,6 +79,11 @@ import ( // session token automatically to avoid service interruptions when a session // expires. For more information about authorization, see [CreateSession]CreateSession . // +// If the object is encrypted using SSE-KMS, you must also have the +// +// kms:GenerateDataKey and kms:Decrypt permissions in IAM identity-based policies +// and KMS key policies for the KMS key. +// // Storage classes If the object you are retrieving is stored in the S3 Glacier // Flexible Retrieval storage class, the S3 Glacier Deep Archive storage class, the // S3 Intelligent-Tiering Archive Access tier, or the S3 Intelligent-Tiering Deep @@ -99,6 +104,10 @@ import ( // include the header in your GetObject requests for the object that uses these // types of keys, you’ll get an HTTP 400 Bad Request error. // +// Directory buckets - For directory buckets, there are only two supported options +// for server-side encryption: SSE-S3 and SSE-KMS. SSE-C isn't supported. For more +// information, see [Protecting data with server-side encryption]in the Amazon S3 User Guide. +// // Overriding response header values through the request There are times when you // want to override certain response header values of a GetObject response. For // example, you might override the Content-Disposition response header value @@ -144,6 +153,7 @@ import ( // // [RestoreObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html // [Regional and Zonal endpoints]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html +// [Protecting data with server-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html // [ListBuckets]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html // [HTTP Host Header Bucket Specification]: https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingSpecifyBucket // [Restoring Archived Objects]: https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html @@ -217,9 +227,10 @@ type GetObjectInput struct { // To retrieve the checksum, this mode must be enabled. // - // In addition, if you enable checksum mode and the object is uploaded with a [checksum] and - // encrypted with an Key Management Service (KMS) key, you must have permission to - // use the kms:Decrypt action to retrieve the checksum. + // General purpose buckets - In addition, if you enable checksum mode and the + // object is uploaded with a [checksum]and encrypted with an Key Management Service (KMS) + // key, you must have permission to use the kms:Decrypt action to retrieve the + // checksum. // // [checksum]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html ChecksumMode types.ChecksumMode @@ -430,8 +441,6 @@ type GetObjectOutput struct { // Indicates whether the object uses an S3 Bucket Key for server-side encryption // with Key Management Service (KMS) keys (SSE-KMS). - // - // This functionality is not supported for directory buckets. BucketKeyEnabled *bool // Specifies caching behavior along the request/reply chain. @@ -597,17 +606,11 @@ type GetObjectOutput struct { // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, indicates the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. - // - // This functionality is not supported for directory buckets. + // If present, indicates the ID of the KMS key that was used for object encryption. SSEKMSKeyId *string // The server-side encryption algorithm used when you store this object in Amazon - // S3 (for example, AES256 , aws:kms , aws:kms:dsse ). - // - // For directory buckets, only server-side encryption with Amazon S3 managed keys - // (SSE-S3) ( AES256 ) is supported. + // S3. ServerSideEncryption types.ServerSideEncryption // Provides storage class information of the object. Amazon S3 returns this header diff --git a/service/s3/api_op_GetObjectAttributes.go b/service/s3/api_op_GetObjectAttributes.go index 98ebb0d7be5..b8e23d72c6c 100644 --- a/service/s3/api_op_GetObjectAttributes.go +++ b/service/s3/api_op_GetObjectAttributes.go @@ -32,13 +32,13 @@ import ( // // - General purpose bucket permissions - To use GetObjectAttributes , you must // have READ access to the object. The permissions that you need to use this -// operation with depend on whether the bucket is versioned. If the bucket is -// versioned, you need both the s3:GetObjectVersion and -// s3:GetObjectVersionAttributes permissions for this operation. If the bucket is -// not versioned, you need the s3:GetObject and s3:GetObjectAttributes -// permissions. For more information, see [Specifying Permissions in a Policy]in the Amazon S3 User Guide. If the -// object that you request does not exist, the error Amazon S3 returns depends on -// whether you also have the s3:ListBucket permission. +// operation depend on whether the bucket is versioned. If the bucket is versioned, +// you need both the s3:GetObjectVersion and s3:GetObjectVersionAttributes +// permissions for this operation. If the bucket is not versioned, you need the +// s3:GetObject and s3:GetObjectAttributes permissions. For more information, see [Specifying Permissions in a Policy] +// in the Amazon S3 User Guide. If the object that you request does not exist, the +// error Amazon S3 returns depends on whether you also have the s3:ListBucket +// permission. // // - If you have the s3:ListBucket permission on the bucket, Amazon S3 returns an // HTTP status code 404 Not Found ("no such key") error. @@ -58,6 +58,11 @@ import ( // session token automatically to avoid service interruptions when a session // expires. For more information about authorization, see [CreateSession]CreateSession . // +// If the object is encrypted with SSE-KMS, you must also have the +// +// kms:GenerateDataKey and kms:Decrypt permissions in IAM identity-based policies +// and KMS key policies for the KMS key. +// // Encryption Encryption request headers, like x-amz-server-side-encryption , // should not be sent for HEAD requests if your object uses server-side encryption // with Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side @@ -83,8 +88,15 @@ import ( // // For more information about SSE-C, see [Server-Side Encryption (Using Customer-Provided Encryption Keys)] in the Amazon S3 User Guide. // -// Directory bucket permissions - For directory buckets, only server-side -// encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. +// Directory bucket permissions - For directory buckets, there are only two +// supported options for server-side encryption: server-side encryption with Amazon +// S3 managed keys (SSE-S3) ( AES256 ) and server-side encryption with KMS keys +// (SSE-KMS) ( aws:kms ). We recommend that the bucket's default encryption uses +// the desired encryption configuration and you don't override the bucket default +// encryption in your CreateSession requests or PUT object requests. Then, new +// objects are automatically encrypted with the desired encryption settings. For +// more information, see [Protecting data with server-side encryption]in the Amazon S3 User Guide. For more information about +// the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with KMS for new object uploads]. // // Versioning Directory buckets - S3 Versioning isn't enabled and supported for // directory buckets. For this API operation, only the null value of the version @@ -134,6 +146,7 @@ import ( // // [ListParts] // +// [Specifying server-side encryption with KMS for new object uploads]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html // [GetObjectLegalHold]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLegalHold.html // [ListParts]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html // [Server-Side Encryption (Using Customer-Provided Encryption Keys)]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html @@ -144,6 +157,7 @@ import ( // [RFC 7232]: https://tools.ietf.org/html/rfc7232 // [HeadObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadObject.html // [GetObjectLockConfiguration]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLockConfiguration.html +// [Protecting data with server-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html // [GetObjectAcl]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html // [GetObjectRetention]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectRetention.html // [GetObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html diff --git a/service/s3/api_op_HeadObject.go b/service/s3/api_op_HeadObject.go index 7f3417b16b6..2700367d061 100644 --- a/service/s3/api_op_HeadObject.go +++ b/service/s3/api_op_HeadObject.go @@ -59,6 +59,13 @@ import ( // session token automatically to avoid service interruptions when a session // expires. For more information about authorization, see [CreateSession]CreateSession . // +// If you enable x-amz-checksum-mode in the request and the object is encrypted +// +// with Amazon Web Services Key Management Service (Amazon Web Services KMS), you +// must also have the kms:GenerateDataKey and kms:Decrypt permissions in IAM +// identity-based policies and KMS key policies for the KMS key to retrieve the +// checksum of the object. +// // Encryption Encryption request headers, like x-amz-server-side-encryption , // should not be sent for HEAD requests if your object uses server-side encryption // with Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side @@ -84,8 +91,9 @@ import ( // // For more information about SSE-C, see [Server-Side Encryption (Using Customer-Provided Encryption Keys)] in the Amazon S3 User Guide. // -// Directory bucket permissions - For directory buckets, only server-side -// encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. +// Directory bucket - For directory buckets, there are only two supported options +// for server-side encryption: SSE-S3 and SSE-KMS. SSE-C isn't supported. For more +// information, see [Protecting data with server-side encryption]in the Amazon S3 User Guide. // // Versioning // @@ -121,6 +129,7 @@ import ( // [Server-Side Encryption (Using Customer-Provided Encryption Keys)]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html // [Regional and Zonal endpoints]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html // [GetObjectAttributes]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html +// [Protecting data with server-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html // [Actions, resources, and condition keys for Amazon S3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html // [GetObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html // [Common Request Headers]: https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html @@ -187,9 +196,15 @@ type HeadObjectInput struct { // To retrieve the checksum, this parameter must be enabled. // - // In addition, if you enable checksum mode and the object is uploaded with a [checksum] and - // encrypted with an Key Management Service (KMS) key, you must have permission to - // use the kms:Decrypt action to retrieve the checksum. + // General purpose buckets - If you enable checksum mode and the object is + // uploaded with a [checksum]and encrypted with an Key Management Service (KMS) key, you + // must have permission to use the kms:Decrypt action to retrieve the checksum. + // + // Directory buckets - If you enable ChecksumMode and the object is encrypted with + // Amazon Web Services Key Management Service (Amazon Web Services KMS), you must + // also have the kms:GenerateDataKey and kms:Decrypt permissions in IAM + // identity-based policies and KMS key policies for the KMS key to retrieve the + // checksum of the object. // // [checksum]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html ChecksumMode types.ChecksumMode @@ -357,8 +372,6 @@ type HeadObjectOutput struct { // Indicates whether the object uses an S3 Bucket Key for server-side encryption // with Key Management Service (KMS) keys (SSE-KMS). - // - // This functionality is not supported for directory buckets. BucketKeyEnabled *bool // Specifies caching behavior along the request/reply chain. @@ -583,17 +596,11 @@ type HeadObjectOutput struct { // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, indicates the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. - // - // This functionality is not supported for directory buckets. + // If present, indicates the ID of the KMS key that was used for object encryption. SSEKMSKeyId *string // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256 , aws:kms , aws:kms:dsse ). - // - // For directory buckets, only server-side encryption with Amazon S3 managed keys - // (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // Provides storage class information of the object. Amazon S3 returns this header diff --git a/service/s3/api_op_PutBucketEncryption.go b/service/s3/api_op_PutBucketEncryption.go index bcf0d440961..ce07278047b 100644 --- a/service/s3/api_op_PutBucketEncryption.go +++ b/service/s3/api_op_PutBucketEncryption.go @@ -15,19 +15,58 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This operation is not supported by directory buckets. +// This operation configures default encryption and Amazon S3 Bucket Keys for an +// existing bucket. // -// This action uses the encryption subresource to configure default encryption and -// Amazon S3 Bucket Keys for an existing bucket. +// Directory buckets - For directory buckets, you must make requests for this API +// operation to the Regional endpoint. These endpoints support path-style requests +// in the format https://s3express-control.region_code.amazonaws.com/bucket-name . +// Virtual-hosted-style requests aren't supported. For more information, see [Regional and Zonal endpoints]in +// the Amazon S3 User Guide. // // By default, all buckets have a default encryption configuration that uses -// server-side encryption with Amazon S3 managed keys (SSE-S3). You can optionally -// configure default encryption for a bucket by using server-side encryption with -// Key Management Service (KMS) keys (SSE-KMS) or dual-layer server-side encryption -// with Amazon Web Services KMS keys (DSSE-KMS). If you specify default encryption -// by using SSE-KMS, you can also configure [Amazon S3 Bucket Keys]. If you use PutBucketEncryption to -// set your [default bucket encryption]to SSE-KMS, you should verify that your KMS key ID is correct. Amazon -// S3 does not validate the KMS key ID provided in PutBucketEncryption requests. +// server-side encryption with Amazon S3 managed keys (SSE-S3). +// +// - General purpose buckets +// +// - You can optionally configure default encryption for a bucket by using +// server-side encryption with Key Management Service (KMS) keys (SSE-KMS) or +// dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS). +// If you specify default encryption by using SSE-KMS, you can also configure [Amazon S3 Bucket Keys]. +// For information about the bucket default encryption feature, see [Amazon S3 Bucket Default Encryption]in the +// Amazon S3 User Guide. +// +// - If you use PutBucketEncryption to set your [default bucket encryption]to SSE-KMS, you should verify +// that your KMS key ID is correct. Amazon S3 doesn't validate the KMS key ID +// provided in PutBucketEncryption requests. +// +// - Directory buckets - You can optionally configure default encryption for a +// bucket by using server-side encryption with Key Management Service (KMS) keys +// (SSE-KMS). +// +// - We recommend that the bucket's default encryption uses the desired +// encryption configuration and you don't override the bucket default encryption in +// your CreateSession requests or PUT object requests. Then, new objects are +// automatically encrypted with the desired encryption settings. For more +// information about the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with KMS for new object uploads] +// . +// +// - Your SSE-KMS configuration can only support 1 [customer managed key]per directory bucket for the +// lifetime of the bucket. [Amazon Web Services managed key]( aws/s3 ) isn't supported. +// +// - S3 Bucket Keys are always enabled for GET and PUT operations in a directory +// bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy +// SSE-KMS encrypted objects from general purpose buckets to directory buckets, +// from directory buckets to general purpose buckets, or between directory buckets, +// through [CopyObject], [UploadPartCopy], [the Copy operation in Batch Operations], or [the import jobs]. In this case, Amazon S3 makes a call to KMS every time a +// copy request is made for a KMS-encrypted object. +// +// - When you specify an [KMS customer managed key]for encryption in your directory bucket, only use the +// key ID or key ARN. The key alias format of the KMS key isn't supported. +// +// - For directory buckets, if you use PutBucketEncryption to set your [default bucket encryption]to +// SSE-KMS, Amazon S3 validates the KMS key ID provided in PutBucketEncryption +// requests. // // If you're specifying a customer managed KMS key, we recommend using a fully // qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the @@ -38,10 +77,27 @@ import ( // Also, this action requires Amazon Web Services Signature Version 4. For more // information, see [Authenticating Requests (Amazon Web Services Signature Version 4)]. // -// To use this operation, you must have permission to perform the -// s3:PutEncryptionConfiguration action. The bucket owner has this permission by -// default. The bucket owner can grant this permission to others. For more -// information about permissions, see [Permissions Related to Bucket Subresource Operations]and [Managing Access Permissions to Your Amazon S3 Resources] in the Amazon S3 User Guide. +// Permissions +// +// - General purpose bucket permissions - The s3:PutEncryptionConfiguration +// permission is required in a policy. The bucket owner has this permission by +// default. The bucket owner can grant this permission to others. For more +// information about permissions, see [Permissions Related to Bucket Operations]and [Managing Access Permissions to Your Amazon S3 Resources]in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation, you +// must have the s3express:PutEncryptionConfiguration permission in an IAM +// identity-based policy instead of a bucket policy. Cross-account access to this +// API operation isn't supported. This operation can only be performed by the +// Amazon Web Services account that owns the resource. For more information about +// directory bucket policies and permissions, see [Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone]in the Amazon S3 User Guide. +// +// To set a directory bucket default encryption with SSE-KMS, you must also have +// +// the kms:GenerateDataKey and the kms:Decrypt permissions in IAM identity-based +// policies and KMS key policies for the target KMS key. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// s3express-control.region.amazonaws.com . // // The following operations are related to PutBucketEncryption : // @@ -49,13 +105,24 @@ import ( // // [DeleteBucketEncryption] // +// [Specifying server-side encryption with KMS for new object uploads]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html +// [Regional and Zonal endpoints]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html +// [KMS customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk +// [Amazon S3 Bucket Default Encryption]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html +// [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html +// [Managing Access Permissions to Your Amazon S3 Resources]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html +// [Permissions Related to Bucket Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources +// [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html +// [Amazon Web Services managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk +// [Authenticating Requests (Amazon Web Services Signature Version 4)]: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html +// [Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html // [Amazon S3 Bucket Keys]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html // [GetBucketEncryption]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html // [DeleteBucketEncryption]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html -// [Permissions Related to Bucket Subresource Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources +// [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk // [default bucket encryption]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html -// [Managing Access Permissions to Your Amazon S3 Resources]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html -// [Authenticating Requests (Amazon Web Services Signature Version 4)]: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html +// [the import jobs]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job +// [the Copy operation in Batch Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops func (c *Client) PutBucketEncryption(ctx context.Context, params *PutBucketEncryptionInput, optFns ...func(*Options)) (*PutBucketEncryptionOutput, error) { if params == nil { params = &PutBucketEncryptionInput{} @@ -74,14 +141,18 @@ func (c *Client) PutBucketEncryption(ctx context.Context, params *PutBucketEncry type PutBucketEncryptionInput struct { // Specifies default encryption for a bucket using server-side encryption with - // different key options. By default, all buckets have a default encryption - // configuration that uses server-side encryption with Amazon S3 managed keys - // (SSE-S3). You can optionally configure default encryption for a bucket by using - // server-side encryption with an Amazon Web Services KMS key (SSE-KMS) or a - // customer-provided key (SSE-C). For information about the bucket default - // encryption feature, see [Amazon S3 Bucket Default Encryption]in the Amazon S3 User Guide. + // different key options. + // + // Directory buckets - When you use this operation with a directory bucket, you + // must use path-style requests in the format + // https://s3express-control.region_code.amazonaws.com/bucket-name . + // Virtual-hosted-style requests aren't supported. Directory bucket names must be + // unique in the chosen Availability Zone. Bucket names must also follow the format + // bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3 + // ). For information about bucket naming restrictions, see [Directory bucket naming rules]in the Amazon S3 User + // Guide // - // [Amazon S3 Bucket Default Encryption]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html + // [Directory bucket naming rules]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html // // This member is required. Bucket *string @@ -101,6 +172,9 @@ type PutBucketEncryptionInput struct { // If you provide an individual checksum, Amazon S3 ignores any provided // ChecksumAlgorithm parameter. // + // For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the + // default checksum algorithm that's used for performance. + // // [Checking object integrity]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html ChecksumAlgorithm types.ChecksumAlgorithm @@ -109,11 +183,17 @@ type PutBucketEncryptionInput struct { // // For requests made using the Amazon Web Services Command Line Interface (CLI) or // Amazon Web Services SDKs, this field is calculated automatically. + // + // This functionality is not supported for directory buckets. ContentMD5 *string // The account ID of the expected bucket owner. If the account ID that you provide // does not match the actual owner of the bucket, the request fails with the HTTP // status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. If + // you specify this header, the request fails with the HTTP status code 501 Not + // Implemented . ExpectedBucketOwner *string noSmithyDocumentSerde diff --git a/service/s3/api_op_PutObject.go b/service/s3/api_op_PutObject.go index a5e18d58568..d150a6deedc 100644 --- a/service/s3/api_op_PutObject.go +++ b/service/s3/api_op_PutObject.go @@ -81,6 +81,11 @@ import ( // session token automatically to avoid service interruptions when a session // expires. For more information about authorization, see [CreateSession]CreateSession . // +// If the object is encrypted with SSE-KMS, you must also have the +// +// kms:GenerateDataKey and kms:Decrypt permissions in IAM identity-based policies +// and KMS key policies for the KMS key. +// // Data integrity with Content-MD5 // // - General purpose bucket - To ensure that data is not corrupted traversing @@ -202,13 +207,22 @@ type PutObjectInput struct { // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). - // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object - // encryption with SSE-KMS. - // - // Specifying this header with a PUT action doesn’t affect bucket-level settings - // for S3 Bucket Key. // - // This functionality is not supported for directory buckets. + // General purpose buckets - Setting this header to true causes Amazon S3 to use + // an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this + // header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key. + // + // Directory buckets - S3 Bucket Keys are always enabled for GET and PUT + // operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't + // supported, when you copy SSE-KMS encrypted objects from general purpose buckets + // to directory buckets, from directory buckets to general purpose buckets, or + // between directory buckets, through [CopyObject], [UploadPartCopy], [the Copy operation in Batch Operations], or [the import jobs]. In this case, Amazon S3 makes a + // call to KMS every time a copy request is made for a KMS-encrypted object. + // + // [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html + // [the import jobs]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job + // [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html + // [the Copy operation in Batch Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops BucketKeyEnabled *bool // Can be used to specify caching behavior along the request/reply chain. For more @@ -433,46 +447,97 @@ type PutObjectInput struct { // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // Specifies the Amazon Web Services KMS Encryption Context to use for object - // encryption. The value of this header is a base64-encoded UTF-8 string holding - // JSON with the encryption context key-value pairs. This value is stored as object - // metadata and automatically gets passed on to Amazon Web Services KMS for future - // GetObject or CopyObject operations on this object. This value must be - // explicitly added during CopyObject operations. + // Specifies the Amazon Web Services KMS Encryption Context as an additional + // encryption context to use for object encryption. The value of this header is a + // Base64-encoded string of a UTF-8 encoded JSON, which contains the encryption + // context as key-value pairs. This value is stored as object metadata and + // automatically gets passed on to Amazon Web Services KMS for future GetObject + // operations on this object. // - // This functionality is not supported for directory buckets. + // General purpose buckets - This value must be explicitly added during CopyObject + // operations if you want an additional encryption context for your object. For + // more information, see [Encryption context]in the Amazon S3 User Guide. + // + // Directory buckets - You can optionally provide an explicit encryption context + // value. The value must match the default encryption context - the bucket Amazon + // Resource Name (ARN). An additional encryption context value is not supported. + // + // [Encryption context]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html#encryption-context SSEKMSEncryptionContext *string - // If x-amz-server-side-encryption has a valid value of aws:kms or aws:kms:dsse , - // this header specifies the ID (Key ID, Key ARN, or Key Alias) of the Key - // Management Service (KMS) symmetric encryption customer managed key that was used - // for the object. If you specify x-amz-server-side-encryption:aws:kms or + // Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object + // encryption. If the KMS key doesn't exist in the same account that's issuing the + // command, you must use the full Key ARN not the Key ID. + // + // General purpose buckets - If you specify x-amz-server-side-encryption with + // aws:kms or aws:kms:dsse , this header specifies the ID (Key ID, Key ARN, or Key + // Alias) of the KMS key to use. If you specify + // x-amz-server-side-encryption:aws:kms or // x-amz-server-side-encryption:aws:kms:dsse , but do not provide // x-amz-server-side-encryption-aws-kms-key-id , Amazon S3 uses the Amazon Web - // Services managed key ( aws/s3 ) to protect the data. If the KMS key does not - // exist in the same account that's issuing the command, you must use the full ARN - // and not just the ID. - // - // This functionality is not supported for directory buckets. + // Services managed key ( aws/s3 ) to protect the data. + // + // Directory buckets - If you specify x-amz-server-side-encryption with aws:kms , + // you must specify the x-amz-server-side-encryption-aws-kms-key-id header with + // the ID (Key ID or Key ARN) of the KMS symmetric encryption customer managed key + // to use. Otherwise, you get an HTTP 400 Bad Request error. Only use the key ID + // or key ARN. The key alias format of the KMS key isn't supported. Your SSE-KMS + // configuration can only support 1 [customer managed key]per directory bucket for the lifetime of the + // bucket. [Amazon Web Services managed key]( aws/s3 ) isn't supported. + // + // [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk + // [Amazon Web Services managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk SSEKMSKeyId *string // The server-side encryption algorithm that was used when you store this object // in Amazon S3 (for example, AES256 , aws:kms , aws:kms:dsse ). // - // General purpose buckets - You have four mutually exclusive options to protect - // data using server-side encryption in Amazon S3, depending on how you choose to - // manage the encryption keys. Specifically, the encryption key options are Amazon - // S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), - // and customer-provided keys (SSE-C). Amazon S3 encrypts data with server-side - // encryption by using Amazon S3 managed keys (SSE-S3) by default. You can - // optionally tell Amazon S3 to encrypt data at rest by using server-side - // encryption with other key options. For more information, see [Using Server-Side Encryption]in the Amazon S3 - // User Guide. - // - // Directory buckets - For directory buckets, only the server-side encryption with - // Amazon S3 managed keys (SSE-S3) ( AES256 ) value is supported. + // - General purpose buckets - You have four mutually exclusive options to + // protect data using server-side encryption in Amazon S3, depending on how you + // choose to manage the encryption keys. Specifically, the encryption key options + // are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or + // DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data with + // server-side encryption by using Amazon S3 managed keys (SSE-S3) by default. You + // can optionally tell Amazon S3 to encrypt data at rest by using server-side + // encryption with other key options. For more information, see [Using Server-Side Encryption]in the Amazon S3 + // User Guide. + // + // - Directory buckets - For directory buckets, there are only two supported + // options for server-side encryption: server-side encryption with Amazon S3 + // managed keys (SSE-S3) ( AES256 ) and server-side encryption with KMS keys + // (SSE-KMS) ( aws:kms ). We recommend that the bucket's default encryption uses + // the desired encryption configuration and you don't override the bucket default + // encryption in your CreateSession requests or PUT object requests. Then, new + // objects are automatically encrypted with the desired encryption settings. For + // more information, see [Protecting data with server-side encryption]in the Amazon S3 User Guide. For more information about + // the encryption overriding behaviors in directory buckets, see [Specifying server-side encryption with KMS for new object uploads]. + // + // In the Zonal endpoint API calls (except [CopyObject]and [UploadPartCopy]) using the REST API, the + // encryption request headers must match the encryption settings that are specified + // in the CreateSession request. You can't override the values of the encryption + // settings ( x-amz-server-side-encryption , + // x-amz-server-side-encryption-aws-kms-key-id , + // x-amz-server-side-encryption-context , and + // x-amz-server-side-encryption-bucket-key-enabled ) that are specified in the + // CreateSession request. You don't need to explicitly specify these encryption + // settings values in Zonal endpoint API calls, and Amazon S3 will use the + // encryption settings values from the CreateSession request to protect new + // objects in the directory bucket. + // + // When you use the CLI or the Amazon Web Services SDKs, for CreateSession , the + // session token refreshes automatically to avoid service interruptions when a + // session expires. The CLI or the Amazon Web Services SDKs use the bucket's + // default encryption configuration for the CreateSession request. It's not + // supported to override the encryption settings values in the CreateSession + // request. So in the Zonal endpoint API calls (except [CopyObject]and [UploadPartCopy]), the encryption + // request headers must match the default encryption configuration of the directory + // bucket. // // [Using Server-Side Encryption]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html + // [Specifying server-side encryption with KMS for new object uploads]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html + // [Protecting data with server-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html + // [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html + // [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html ServerSideEncryption types.ServerSideEncryption // By default, Amazon S3 uses the STANDARD Storage Class to store newly created @@ -533,8 +598,6 @@ type PutObjectOutput struct { // Indicates whether the uploaded object uses an S3 Bucket Key for server-side // encryption with Key Management Service (KMS) keys (SSE-KMS). - // - // This functionality is not supported for directory buckets. BucketKeyEnabled *bool // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be @@ -623,26 +686,17 @@ type PutObjectOutput struct { SSECustomerKeyMD5 *string // If present, indicates the Amazon Web Services KMS Encryption Context to use for - // object encryption. The value of this header is a base64-encoded UTF-8 string - // holding JSON with the encryption context key-value pairs. This value is stored - // as object metadata and automatically gets passed on to Amazon Web Services KMS - // for future GetObject or CopyObject operations on this object. - // - // This functionality is not supported for directory buckets. + // object encryption. The value of this header is a Base64-encoded string of a + // UTF-8 encoded JSON, which contains the encryption context as key-value pairs. + // This value is stored as object metadata and automatically gets passed on to + // Amazon Web Services KMS for future GetObject operations on this object. SSEKMSEncryptionContext *string - // If x-amz-server-side-encryption has a valid value of aws:kms or aws:kms:dsse , - // this header indicates the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. - // - // This functionality is not supported for directory buckets. + // If present, indicates the ID of the KMS key that was used for object encryption. SSEKMSKeyId *string // The server-side encryption algorithm used when you store this object in Amazon - // S3 (for example, AES256 , aws:kms , aws:kms:dsse ). - // - // For directory buckets, only server-side encryption with Amazon S3 managed keys - // (SSE-S3) ( AES256 ) is supported. + // S3. ServerSideEncryption types.ServerSideEncryption // Version ID of the object. diff --git a/service/s3/api_op_UploadPart.go b/service/s3/api_op_UploadPart.go index a1e8078cc43..9e1d82affa5 100644 --- a/service/s3/api_op_UploadPart.go +++ b/service/s3/api_op_UploadPart.go @@ -77,6 +77,11 @@ import ( // session token automatically to avoid service interruptions when a session // expires. For more information about authorization, see [CreateSession]CreateSession . // +// If the object is encrypted with SSE-KMS, you must also have the +// +// kms:GenerateDataKey and kms:Decrypt permissions in IAM identity-based policies +// and KMS key policies for the KMS key. +// // Data integrity General purpose bucket - To ensure that data is not corrupted // traversing the network, specify the Content-MD5 header in the upload part // request. Amazon S3 checks the part data against the provided MD5 value. If they @@ -118,10 +123,12 @@ import ( // // - x-amz-server-side-encryption-customer-key-MD5 // -// - Directory bucket - For directory buckets, only server-side encryption with -// Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. +// For more information, see [Using Server-Side Encryption]in the Amazon S3 User Guide. // -// For more information, see [Using Server-Side Encryption] in the Amazon S3 User Guide. +// - Directory buckets - For directory buckets, there are only two supported +// options for server-side encryption: server-side encryption with Amazon S3 +// managed keys (SSE-S3) ( AES256 ) and server-side encryption with KMS keys +// (SSE-KMS) ( aws:kms ). // // Special errors // @@ -350,8 +357,6 @@ type UploadPartOutput struct { // Indicates whether the multipart upload uses an S3 Bucket Key for server-side // encryption with Key Management Service (KMS) keys (SSE-KMS). - // - // This functionality is not supported for directory buckets. BucketKeyEnabled *bool // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be @@ -421,17 +426,11 @@ type UploadPartOutput struct { // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, indicates the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. - // - // This functionality is not supported for directory buckets. + // If present, indicates the ID of the KMS key that was used for object encryption. SSEKMSKeyId *string // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256 , aws:kms ). - // - // For directory buckets, only server-side encryption with Amazon S3 managed keys - // (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // Metadata pertaining to the operation's result. diff --git a/service/s3/api_op_UploadPartCopy.go b/service/s3/api_op_UploadPartCopy.go index 77c77b2f932..c84c931870f 100644 --- a/service/s3/api_op_UploadPartCopy.go +++ b/service/s3/api_op_UploadPartCopy.go @@ -92,6 +92,11 @@ import ( // the object to the destination. The s3express:SessionMode condition key cannot // be set to ReadOnly on the copy destination. // +// If the object is encrypted with SSE-KMS, you must also have the +// +// kms:GenerateDataKey and kms:Decrypt permissions in IAM identity-based policies +// and KMS key policies for the KMS key. +// // For example policies, see [Example bucket policies for S3 Express One Zone]and [Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone]in the Amazon S3 User Guide. // // Encryption @@ -101,8 +106,27 @@ import ( // // encryption keys with the UploadPartCopy operation, see [CopyObject]and [UploadPart]. // -// - Directory buckets - For directory buckets, only server-side encryption with -// Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. +// - Directory buckets - For directory buckets, there are only two supported +// options for server-side encryption: server-side encryption with Amazon S3 +// managed keys (SSE-S3) ( AES256 ) and server-side encryption with KMS keys +// (SSE-KMS) ( aws:kms ). For more information, see [Protecting data with server-side encryption]in the Amazon S3 User Guide. +// +// For directory buckets, when you perform a CreateMultipartUpload operation and an +// +// UploadPartCopy operation, +// +// the request headers you provide in the CreateMultipartUpload request must match +// +// the default encryption configuration of the destination bucket. +// +// S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from +// +// general purpose buckets +// +// to directory buckets, from directory buckets to general purpose buckets, or +// +// between directory buckets, through [UploadPartCopy]. In this case, Amazon S3 makes a call to +// KMS every time a copy request is made for a KMS-encrypted object. // // Special errors // @@ -155,6 +179,8 @@ import ( // [ListMultipartUploads]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html // // [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html +// [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html +// [Protecting data with server-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html func (c *Client) UploadPartCopy(ctx context.Context, params *UploadPartCopyInput, optFns ...func(*Options)) (*UploadPartCopyOutput, error) { if params == nil { params = &UploadPartCopyInput{} @@ -421,8 +447,6 @@ type UploadPartCopyOutput struct { // Indicates whether the multipart upload uses an S3 Bucket Key for server-side // encryption with Key Management Service (KMS) keys (SSE-KMS). - // - // This functionality is not supported for directory buckets. BucketKeyEnabled *bool // Container for all response elements. @@ -455,17 +479,11 @@ type UploadPartCopyOutput struct { // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, indicates the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. - // - // This functionality is not supported for directory buckets. + // If present, indicates the ID of the KMS key that was used for object encryption. SSEKMSKeyId *string // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256 , aws:kms ). - // - // For directory buckets, only server-side encryption with Amazon S3 managed keys - // (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // Metadata pertaining to the operation's result. diff --git a/service/s3/deserializers.go b/service/s3/deserializers.go index 62972c320fe..fe5f45edd1b 100644 --- a/service/s3/deserializers.go +++ b/service/s3/deserializers.go @@ -978,6 +978,11 @@ func (m *awsRestxml_deserializeOpCreateSession) HandleDeserialize(ctx context.Co output := &CreateSessionOutput{} out.Result = output + err = awsRestxml_deserializeOpHttpBindingsCreateSessionOutput(output, response) + if err != nil { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("failed to decode response with invalid Http bindings, %w", err)} + } + var buff [1024]byte ringBuffer := smithyio.NewRingBuffer(buff[:]) body := io.TeeReader(response.Body, ringBuffer) @@ -1052,6 +1057,37 @@ func awsRestxml_deserializeOpErrorCreateSession(response *smithyhttp.Response, m } } +func awsRestxml_deserializeOpHttpBindingsCreateSessionOutput(v *CreateSessionOutput, response *smithyhttp.Response) error { + if v == nil { + return fmt.Errorf("unsupported deserialization for nil %T", v) + } + + if headerValues := response.Header.Values("x-amz-server-side-encryption-bucket-key-enabled"); len(headerValues) != 0 { + headerValues[0] = strings.TrimSpace(headerValues[0]) + vv, err := strconv.ParseBool(headerValues[0]) + if err != nil { + return err + } + v.BucketKeyEnabled = ptr.Bool(vv) + } + + if headerValues := response.Header.Values("x-amz-server-side-encryption"); len(headerValues) != 0 { + headerValues[0] = strings.TrimSpace(headerValues[0]) + v.ServerSideEncryption = types.ServerSideEncryption(headerValues[0]) + } + + if headerValues := response.Header.Values("x-amz-server-side-encryption-context"); len(headerValues) != 0 { + headerValues[0] = strings.TrimSpace(headerValues[0]) + v.SSEKMSEncryptionContext = ptr.String(headerValues[0]) + } + + if headerValues := response.Header.Values("x-amz-server-side-encryption-aws-kms-key-id"); len(headerValues) != 0 { + headerValues[0] = strings.TrimSpace(headerValues[0]) + v.SSEKMSKeyId = ptr.String(headerValues[0]) + } + + return nil +} func awsRestxml_deserializeOpDocumentCreateSessionOutput(v **CreateSessionOutput, decoder smithyxml.NodeDecoder) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) diff --git a/service/s3/serializers.go b/service/s3/serializers.go index 9dd09cd6e60..d27ffaca632 100644 --- a/service/s3/serializers.go +++ b/service/s3/serializers.go @@ -886,11 +886,31 @@ func awsRestxml_serializeOpHttpBindingsCreateSessionInput(v *CreateSessionInput, return fmt.Errorf("unsupported serialization of nil %T", v) } + if v.BucketKeyEnabled != nil { + locationName := "X-Amz-Server-Side-Encryption-Bucket-Key-Enabled" + encoder.SetHeader(locationName).Boolean(*v.BucketKeyEnabled) + } + + if len(v.ServerSideEncryption) > 0 { + locationName := "X-Amz-Server-Side-Encryption" + encoder.SetHeader(locationName).String(string(v.ServerSideEncryption)) + } + if len(v.SessionMode) > 0 { locationName := "X-Amz-Create-Session-Mode" encoder.SetHeader(locationName).String(string(v.SessionMode)) } + if v.SSEKMSEncryptionContext != nil && len(*v.SSEKMSEncryptionContext) > 0 { + locationName := "X-Amz-Server-Side-Encryption-Context" + encoder.SetHeader(locationName).String(*v.SSEKMSEncryptionContext) + } + + if v.SSEKMSKeyId != nil && len(*v.SSEKMSKeyId) > 0 { + locationName := "X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id" + encoder.SetHeader(locationName).String(*v.SSEKMSKeyId) + } + return nil } diff --git a/service/s3/types/types.go b/service/s3/types/types.go index aee73d7cf61..d28e93c1b7d 100644 --- a/service/s3/types/types.go +++ b/service/s3/types/types.go @@ -1705,10 +1705,12 @@ type EventBridgeConfiguration struct { noSmithyDocumentSerde } -// Optional configuration to replicate existing source bucket objects. For more -// information, see [Replicating Existing Objects]in the Amazon S3 User Guide. +// Optional configuration to replicate existing source bucket objects. // -// [Replicating Existing Objects]: https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication +// This parameter is no longer supported. To replicate existing objects, see [Replicating existing objects with S3 Batch Replication] in +// the Amazon S3 User Guide. +// +// [Replicating existing objects with S3 Batch Replication]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-batch-replication-batch.html type ExistingObjectReplication struct { // Specifies whether Amazon S3 replicates existing source bucket objects. @@ -3303,10 +3305,12 @@ type ReplicationRule struct { // [Backward Compatibility]: https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations DeleteMarkerReplication *DeleteMarkerReplication - // Optional configuration to replicate existing source bucket objects. For more - // information, see [Replicating Existing Objects]in the Amazon S3 User Guide. + // Optional configuration to replicate existing source bucket objects. + // + // This parameter is no longer supported. To replicate existing objects, see [Replicating existing objects with S3 Batch Replication] in + // the Amazon S3 User Guide. // - // [Replicating Existing Objects]: https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication + // [Replicating existing objects with S3 Batch Replication]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-batch-replication-batch.html ExistingObjectReplication *ExistingObjectReplication // A filter that identifies the subset of objects to which the replication rule @@ -3750,29 +3754,41 @@ type SelectParameters struct { // Describes the default server-side encryption to apply to new objects in the // bucket. If a PUT Object request doesn't specify any server-side encryption, this -// default encryption will be applied. If you don't specify a customer managed key -// at configuration, Amazon S3 automatically creates an Amazon Web Services KMS key -// in your Amazon Web Services account the first time that you add an object -// encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for -// SSE-KMS. For more information, see [PUT Bucket encryption]in the Amazon S3 API Reference. +// default encryption will be applied. For more information, see [PutBucketEncryption]. // -// If you're specifying a customer managed KMS key, we recommend using a fully -// qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the -// key within the requester’s account. This behavior can result in data that's -// encrypted with a KMS key that belongs to the requester, and not the bucket -// owner. +// - General purpose buckets - If you don't specify a customer managed key at +// configuration, Amazon S3 automatically creates an Amazon Web Services KMS key ( +// aws/s3 ) in your Amazon Web Services account the first time that you add an +// object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS +// key for SSE-KMS. +// +// - Directory buckets - Your SSE-KMS configuration can only support 1 [customer managed key]per +// directory bucket for the lifetime of the bucket. [Amazon Web Services managed key]( aws/s3 ) isn't supported. // -// [PUT Bucket encryption]: https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html +// - Directory buckets - For directory buckets, there are only two supported +// options for server-side encryption: SSE-S3 and SSE-KMS. +// +// [PutBucketEncryption]: https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html +// [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk +// [Amazon Web Services managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk type ServerSideEncryptionByDefault struct { // Server-side encryption algorithm to use for the default encryption. // + // For directory buckets, there are only two supported values for server-side + // encryption: AES256 and aws:kms . + // // This member is required. SSEAlgorithm ServerSideEncryption - // Amazon Web Services Key Management Service (KMS) customer Amazon Web Services - // KMS key ID to use for the default encryption. This parameter is allowed if and - // only if SSEAlgorithm is set to aws:kms or aws:kms:dsse . + // Amazon Web Services Key Management Service (KMS) customer managed key ID to use + // for the default encryption. + // + // - General purpose buckets - This parameter is allowed if and only if + // SSEAlgorithm is set to aws:kms or aws:kms:dsse . + // + // - Directory buckets - This parameter is allowed if and only if SSEAlgorithm is + // set to aws:kms . // // You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the // KMS key. @@ -3784,17 +3800,26 @@ type ServerSideEncryptionByDefault struct { // // - Key Alias: alias/alias-name // - // If you use a key ID, you can run into a LogDestination undeliverable error when - // creating a VPC flow log. - // // If you are using encryption with cross-account or Amazon Web Services service - // operations you must use a fully qualified KMS key ARN. For more information, see - // [Using encryption for cross-account operations]. + // operations, you must use a fully qualified KMS key ARN. For more information, + // see [Using encryption for cross-account operations]. + // + // - General purpose buckets - If you're specifying a customer managed KMS key, + // we recommend using a fully qualified KMS key ARN. If you use a KMS key alias + // instead, then KMS resolves the key within the requester’s account. This behavior + // can result in data that's encrypted with a KMS key that belongs to the + // requester, and not the bucket owner. Also, if you use a key ID, you can run into + // a LogDestination undeliverable error when creating a VPC flow log. + // + // - Directory buckets - When you specify an [KMS customer managed key]for encryption in your directory + // bucket, only use the key ID or key ARN. The key alias format of the KMS key + // isn't supported. // // Amazon S3 only supports symmetric encryption KMS keys. For more information, // see [Asymmetric keys in Amazon Web Services KMS]in the Amazon Web Services Key Management Service Developer Guide. // // [Using encryption for cross-account operations]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy + // [KMS customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk // [Asymmetric keys in Amazon Web Services KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html KMSMasterKeyID *string @@ -3815,11 +3840,17 @@ type ServerSideEncryptionConfiguration struct { // Specifies the default server-side encryption configuration. // -// If you're specifying a customer managed KMS key, we recommend using a fully -// qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the -// key within the requester’s account. This behavior can result in data that's -// encrypted with a KMS key that belongs to the requester, and not the bucket -// owner. +// - General purpose buckets - If you're specifying a customer managed KMS key, +// we recommend using a fully qualified KMS key ARN. If you use a KMS key alias +// instead, then KMS resolves the key within the requester’s account. This behavior +// can result in data that's encrypted with a KMS key that belongs to the +// requester, and not the bucket owner. +// +// - Directory buckets - When you specify an [KMS customer managed key]for encryption in your directory +// bucket, only use the key ID or key ARN. The key alias format of the KMS key +// isn't supported. +// +// [KMS customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk type ServerSideEncryptionRule struct { // Specifies the default server-side encryption to apply to new objects in the @@ -3830,11 +3861,23 @@ type ServerSideEncryptionRule struct { // Specifies whether Amazon S3 should use an S3 Bucket Key with server-side // encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects // are not affected. Setting the BucketKeyEnabled element to true causes Amazon S3 - // to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled. + // to use an S3 Bucket Key. + // + // - General purpose buckets - By default, S3 Bucket Key is not enabled. For + // more information, see [Amazon S3 Bucket Keys]in the Amazon S3 User Guide. // - // For more information, see [Amazon S3 Bucket Keys] in the Amazon S3 User Guide. + // - Directory buckets - S3 Bucket Keys are always enabled for GET and PUT + // operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't + // supported, when you copy SSE-KMS encrypted objects from general purpose buckets + // to directory buckets, from directory buckets to general purpose buckets, or + // between directory buckets, through [CopyObject], [UploadPartCopy], [the Copy operation in Batch Operations], or [the import jobs]. In this case, Amazon S3 makes a + // call to KMS every time a copy request is made for a KMS-encrypted object. // // [Amazon S3 Bucket Keys]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html + // [CopyObject]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html + // [the import jobs]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job + // [UploadPartCopy]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html + // [the Copy operation in Batch Operations]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops BucketKeyEnabled *bool noSmithyDocumentSerde @@ -3843,7 +3886,8 @@ type ServerSideEncryptionRule struct { // The established temporary security credentials of the session. // // Directory buckets - These session credentials are only supported for the -// authentication and authorization of Zonal endpoint APIs on directory buckets. +// authentication and authorization of Zonal endpoint API operations on directory +// buckets. type SessionCredentials struct { // A unique identifier that's associated with a secret access key. The access key