-
Notifications
You must be signed in to change notification settings - Fork 626
/
api_op_UpdateCrossAccountAttachment.go
181 lines (161 loc) · 6.52 KB
/
api_op_UpdateCrossAccountAttachment.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
// Code generated by smithy-go-codegen DO NOT EDIT.
package globalaccelerator
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
"github.com/aws/aws-sdk-go-v2/service/globalaccelerator/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Update a cross-account attachment to add or remove principals or resources.
// When you update an attachment to remove a principal (account ID or accelerator)
// or a resource, Global Accelerator revokes the permission for specific resources
// by doing the following:
// - If the principal is an account ID, Global Accelerator reviews every
// accelerator in the account and removes cross-account endpoints from all
// accelerators.
// - If the principal is an accelerator, Global Accelerator reviews just that
// accelerator and removes cross-account endpoints from it.
//
// If there are overlapping permissions provided by multiple cross-account
// attachments, Global Accelerator only removes endpoints if there are no current
// cross-account attachments that provide access permission. For example, if you
// delete a cross-account attachment that lists an accelerator as a principal, but
// another cross-account attachment includes the account ID that owns that
// accelerator, endpoints will not be removed from the accelerator.
func (c *Client) UpdateCrossAccountAttachment(ctx context.Context, params *UpdateCrossAccountAttachmentInput, optFns ...func(*Options)) (*UpdateCrossAccountAttachmentOutput, error) {
if params == nil {
params = &UpdateCrossAccountAttachmentInput{}
}
result, metadata, err := c.invokeOperation(ctx, "UpdateCrossAccountAttachment", params, optFns, c.addOperationUpdateCrossAccountAttachmentMiddlewares)
if err != nil {
return nil, err
}
out := result.(*UpdateCrossAccountAttachmentOutput)
out.ResultMetadata = metadata
return out, nil
}
type UpdateCrossAccountAttachmentInput struct {
// The Amazon Resource Name (ARN) of the cross-account attachment to update.
//
// This member is required.
AttachmentArn *string
// The principals to add to the cross-account attachment. A principal is an
// account or the Amazon Resource Name (ARN) of an accelerator that the attachment
// gives permission to add the resources from another account, listed in the
// attachment. To add more than one principal, separate the account numbers or
// accelerator ARNs, or both, with commas.
AddPrincipals []string
// The resources to add to the cross-account attachment. A resource listed in a
// cross-account attachment can be added to an accelerator by the principals that
// are listed in the attachment. To add more than one resource, separate the
// resource ARNs with commas.
AddResources []types.Resource
// The name of the cross-account attachment.
Name *string
// The principals to remove from the cross-account attachment. A principal is an
// account or the Amazon Resource Name (ARN) of an accelerator that is given
// permission to add the resources from another account, listed in the
// cross-account attachment. To remove more than one principal, separate the
// account numbers or accelerator ARNs, or both, with commas.
RemovePrincipals []string
// The resources to remove from the cross-account attachment. A resource listed in
// a cross-account attachment can be added to an accelerator fy principals that are
// listed in the cross-account attachment. To remove more than one resource,
// separate the resource ARNs with commas.
RemoveResources []types.Resource
noSmithyDocumentSerde
}
type UpdateCrossAccountAttachmentOutput struct {
// Information about the updated cross-account attachment.
CrossAccountAttachment *types.Attachment
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationUpdateCrossAccountAttachmentMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsjson11_serializeOpUpdateCrossAccountAttachment{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpUpdateCrossAccountAttachment{}, middleware.After)
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "UpdateCrossAccountAttachment"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil {
return err
}
if err = addRetryMiddlewares(stack, options); err != nil {
return err
}
if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
return err
}
if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack, options); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpUpdateCrossAccountAttachmentValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateCrossAccountAttachment(options.Region), middleware.Before); err != nil {
return err
}
if err = awsmiddleware.AddRecursionDetection(stack); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opUpdateCrossAccountAttachment(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
OperationName: "UpdateCrossAccountAttachment",
}
}