From 20627b7c330d8734da7023f784b37010c8dcae93 Mon Sep 17 00:00:00 2001 From: Jack Kelly Date: Thu, 8 Dec 2022 16:59:17 +1000 Subject: [PATCH] amazonka-redshift: deprecateGetAccountId, add getCloudTrailAccountId --- lib/amazonka/CHANGELOG.md | 2 + .../src/Amazonka/Redshift/Internal.hs | 52 +++++++++++++++++-- 2 files changed, 50 insertions(+), 4 deletions(-) diff --git a/lib/amazonka/CHANGELOG.md b/lib/amazonka/CHANGELOG.md index 2f552339118..38f735a1627 100644 --- a/lib/amazonka/CHANGELOG.md +++ b/lib/amazonka/CHANGELOG.md @@ -96,6 +96,8 @@ Released: **?**, Compare: [2.0.0-rc1](https://github.com/brendanhay/amazonka/com ### Changed +- `amazonka-redshift`: Deprecate `getAccountId` as Redshift uses service-principal credentials to deliver logs to S3. Also provide `getCloudTrailAccountId` +[\#858](https://github.com/brendanhay/amazonka/pull/858) - `amazonka-route53`: Return Hosted Zone ID for S3 websites in all regions [\#858](https://github.com/brendanhay/amazonka/pull/858) - `amazonka-s3`: Correctly return dotted S3 website hostnames in those regions diff --git a/lib/services/amazonka-redshift/src/Amazonka/Redshift/Internal.hs b/lib/services/amazonka-redshift/src/Amazonka/Redshift/Internal.hs index 6d5fdbefe31..125b3f06522 100644 --- a/lib/services/amazonka-redshift/src/Amazonka/Redshift/Internal.hs +++ b/lib/services/amazonka-redshift/src/Amazonka/Redshift/Internal.hs @@ -11,16 +11,21 @@ -- Portability : non-portable (GHC extensions) module Amazonka.Redshift.Internal ( getAccountId, + getCloudTrailAccountId, ) where import Amazonka.Core import Amazonka.Data --- | This account identifier is used when attaching a policy to your S3 bucket --- allowing Redshift to upload and write database audit logs. +-- | This account identifier used to be used when attaching a policy +-- to your S3 bucket, allowing Redshift to upload and write database +-- audit logs. -- --- /See:/ . +-- This function should no longer be used, because Redshift now uses +-- service-principal credentials to deliver logs to S3. +-- +-- /See:/ . getAccountId :: Region -> Maybe Text getAccountId = \case NorthVirginia -> Just "193672423079" @@ -44,4 +49,43 @@ getAccountId = \case Stockholm -> Just "729911121831" Bahrain -> Just "013126148197" SaoPaulo -> Just "075028567923" - _other -> Nothing + Region' _ -> Nothing +{-# DEPRECATED + getAccountId + "Redshift now delivers logs using service-principal credentials. \ + \See the haddocks for more information." + #-} + +-- | This account identifier is used when Redshift calls other AWS +-- services for you, and may appear in your CloudTrail logs. +-- +-- /See:/ +getCloudTrailAccountId :: Region -> Maybe Text +getCloudTrailAccountId = \case + NorthVirginia -> Just "368064434614" + Ohio -> Just "790247189693" + NorthCalifornia -> Just "703715109447" + Oregon -> Just "473191095985" + CapeTown -> Just "420376844563" + HongKong -> Just "651179539253" + Hyderabad -> Just "297058826802" + Jakarta -> Just "623197973179" + Mumbai -> Just "408097707231" + Osaka -> Just "398671365691" + Seoul -> Just "713597048934" + Singapore -> Just "960118270566" + Sydney -> Just "485979073181" + Tokyo -> Just "615915377779" + Montreal -> Just "764870610256" + Frankfurt -> Just "434091160558" + Ireland -> Just "246478207311" + London -> Just "885798887673" + Milan -> Just "041313461515" + Paris -> Just "694668203235" + Stockholm -> Just "553461782468" + Zurich -> Just "668912161003" + Spain -> Just "028811157404" + Bahrain -> Just "051362938876" + UAE -> Just "595013617770" + SaoPaulo -> Just "392442076723" + Region' _ -> Nothing