-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws/session: Add support for client TLS certs on HTTP client #3654
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
skmcgrail
suggested changes
Nov 24, 2020
skmcgrail
approved these changes
Nov 25, 2020
4223015
to
43b0e89
Compare
Adds support for the SDK to automatically modify the HTTP client to include TLS configuration of custom Client TLS certificate. This configuration can be provide via the environment variable or directly in code via the `session.Options` struct. These options are compatible with the AWS_CA_BUNDLE configuration. Environment variable configuration Both `AWS_SDK_GO_CLIENT_TLS_CERT`, and `AWS_SDK_GO_CLIENT_TLS_KEY` must be provided together, and must point to valid PEM encoded file containing the certificate, and key respectively. AWS_SDK_GO_CLIENT_TLS_CERT=$HOME/my_client_cert AWS_SDK_GO_CLIENT_TLS_KEY=$HOME/my_client_key In code configuration via session.Options Alternative configuration is to specify the `ClientTLSCert` and `ClientTLSKey` fields on the `session.Options` struction. These are `io.Reader`s that provide the PEM encoded content for the certificate and key files. sess, err := session.NewSessionWithOptions(session.Options{ ClientTLSCert: myCertFile, ClientTLSKey: myKeyFile, })
43b0e89
to
67a7b21
Compare
aws-sdk-go-automation
pushed a commit
that referenced
this pull request
Dec 9, 2020
=== ### Service Client Updates * `service/ec2`: Updates service API * This release adds support for G4ad instances powered by AMD Radeon Pro V520 GPUs and AMD 2nd Generation EPYC processors * `service/globalaccelerator`: Updates service API, documentation, and paginators * `service/redshift`: Updates service API and documentation * Add support for availability zone relocation feature. ### SDK Enhancements * `aws/session`: Add support for client TLS certs on HTTP client ([#3654](#3654)) * Adds support for the SDK to automatically modify the HTTP client to include TLS configuration of custom Client TLS certificate.
Merged
aws-sdk-go-automation
added a commit
that referenced
this pull request
Dec 9, 2020
Release v1.36.5 (2020-12-09) === ### Service Client Updates * `service/ec2`: Updates service API * This release adds support for G4ad instances powered by AMD Radeon Pro V520 GPUs and AMD 2nd Generation EPYC processors * `service/globalaccelerator`: Updates service API, documentation, and paginators * `service/redshift`: Updates service API and documentation * Add support for availability zone relocation feature. ### SDK Enhancements * `aws/session`: Add support for client TLS certs on HTTP client ([#3654](#3654)) * Adds support for the SDK to automatically modify the HTTP client to include TLS configuration of custom Client TLS certificate.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds support for the SDK to automatically modify the HTTP client to include TLS configuration of custom Client TLS certificate. This configuration can be provide via the environment variable or directly in code via the
session.Options
struct.These options are compatible with the AWS_CA_BUNDLE configuration.
Environment variable configuration
Both
AWS_SDK_GO_CLIENT_TLS_CERT
, andAWS_SDK_GO_CLIENT_TLS_KEY
must be provided together, and must point to valid PEM encoded file containing the certificate, and key respectively.In code configuration via session.Options
Alternative configuration is to specify the
ClientTLSCert
andClientTLSKey
fields on thesession.Options
struction. These areio.Reader
s that provide the PEM encoded content for the certificate and key files.