deps: github.com/aws/aws-sdk-go@v1.21.7 #22253
Merged
Commits on Jul 30, 2019
-
deps: github.com/aws/aws-sdk-go@v1.21.7
Notable changes (from Terraform AWS Provider CHANGELOG): ``` NOTES: * backend/s3: Region validation now automatically supports the new `me-south-1` Middle East (Bahrain) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the [previous new region announcement blog post](https://aws.amazon.com/blogs/aws/now-open-aws-asia-pacific-hong-kong-region/). When the region is not enabled, the Terraform S3 Backend will return errors during credential validation (e.g. `error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid`). * backend/s3: After this update, the AWS Go SDK will prefer credentials found via the `AWS_PROFILE` environment variable when both the `AWS_PROFILE` environment variable and the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables are statically defined. Previously the SDK would ignore the `AWS_PROFILE` environment variable, if static environment credentials were also specified. This is listed as a bug fix in the AWS Go SDK release notes. ENHANCEMENTS: * backend/s3: Add support for assuming role via web identity token via the `AWS_WEB_IDENTITY_TOKEN_FILE` and `AWS_ROLE_ARN` environment variables * backend/s3: Support automatic region validation for `me-south-1` BUG FIXES: * backend/s3: Load credentials via the `AWS_PROFILE` environment variable (if available) when `AWS_PROFILE` is defined along with `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` ``` Updated via: ``` go get github.com/aws/aws-sdk-go@v1.21.7 go mod tidy go mod vendor ``` Verification with this update: ```hcl terraform { backend "s3" { bucket = "me-south-1-testing" key = "test" region = "me-south-1" } } output "test" { value = timestamp() } ``` Outputs: ``` $ terraform apply Apply complete! Resources: 0 added, 0 changed, 0 destroyed. Outputs: test = 2019-07-30T12:49:19Z ``` If the new region is not properly enabled for the account, errors like the below will be received: ``` $ terraform init Initializing the backend... Error: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid. ``` To use this region before this update: ```hcl terraform { # ... potentially other configuration ... backend "s3" { # ... other configuration ... region = "me-south-1" skip_region_validation = true } } ```
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.