From 20622934f3bd137c038abf65d0b4e67f2c01df56 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 18 Aug 2024 19:51:05 +0000 Subject: [PATCH] Bump github.com/aws/aws-sdk-go-v2/service/ssm from 1.52.3 to 1.52.5 Bumps [github.com/aws/aws-sdk-go-v2/service/ssm](https://github.com/aws/aws-sdk-go-v2) from 1.52.3 to 1.52.5. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ssm/v1.52.3...service/ssm/v1.52.5) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/ssm dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 +- .../aws-sdk-go-v2/service/ssm/CHANGELOG.md | 9 +++ .../service/ssm/api_op_CreatePatchBaseline.go | 25 ++++--- .../ssm/api_op_DescribeInstanceInformation.go | 6 +- .../ssm/api_op_DescribePatchProperties.go | 2 + .../ssm/api_op_GetCommandInvocation.go | 6 +- .../ssm/api_op_GetMaintenanceWindowTask.go | 16 ++++- .../ssm/api_op_UpdateMaintenanceWindowTask.go | 16 ++++- .../service/ssm/api_op_UpdatePatchBaseline.go | 25 ++++--- .../service/ssm/go_module_metadata.go | 2 +- .../aws-sdk-go-v2/service/ssm/types/types.go | 71 +++++++++++++------ vendor/modules.txt | 4 +- 13 files changed, 134 insertions(+), 54 deletions(-) diff --git a/go.mod b/go.mod index 725adc00..d08f4757 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/aws/aws-sdk-go-v2/config v1.27.27 github.com/aws/aws-sdk-go-v2/service/ec2 v1.175.1 github.com/aws/aws-sdk-go-v2/service/route53 v1.42.3 - github.com/aws/aws-sdk-go-v2/service/ssm v1.52.3 + github.com/aws/aws-sdk-go-v2/service/ssm v1.52.5 github.com/mattn/go-isatty v0.0.20 github.com/onsi/ginkgo/v2 v2.20.0 github.com/onsi/gomega v1.34.1 diff --git a/go.sum b/go.sum index a89ad66c..29ebf184 100644 --- a/go.sum +++ b/go.sum @@ -55,8 +55,8 @@ github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.18 h1:tJ5RnkHC github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.18/go.mod h1:++NHzT+nAF7ZPrHPsA+ENvsXkOO8wEu+C6RXltAG4/c= github.com/aws/aws-sdk-go-v2/service/route53 v1.42.3 h1:MmLCRqP4U4Cw9gJ4bNrCG0mWqEtBlmAVleyelcHARMU= github.com/aws/aws-sdk-go-v2/service/route53 v1.42.3/go.mod h1:AMPjK2YnRh0YgOID3PqhJA1BRNfXDfGOnSsKHtAe8yA= -github.com/aws/aws-sdk-go-v2/service/ssm v1.52.3 h1:iu53lwRKbZOGCVUH09g3J0xU8A+bAGVo09VR9K4d0Yg= -github.com/aws/aws-sdk-go-v2/service/ssm v1.52.3/go.mod h1:v7NIzEFIHBiicOMaMTuEmbnzGnqW0d+6ulNALul6fYE= +github.com/aws/aws-sdk-go-v2/service/ssm v1.52.5 h1:eY1n+pyBbgqRBRnpVUg0QguAGMWVLQp2n+SfjjOJuQI= +github.com/aws/aws-sdk-go-v2/service/ssm v1.52.5/go.mod h1:Bw2YSeqq/I4VyVs9JSfdT9ArqyAbQkJEwj13AVm0heg= github.com/aws/aws-sdk-go-v2/service/sso v1.22.4 h1:BXx0ZIxvrJdSgSvKTZ+yRBeSqqgPM89VPlulEcl37tM= github.com/aws/aws-sdk-go-v2/service/sso v1.22.4/go.mod h1:ooyCOXjvJEsUw7x+ZDHeISPMhtwI3ZCB7ggFMcFfWLU= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.4 h1:yiwVzJW2ZxZTurVbYWA7QOrAaCYQR72t0wrSBfoesUE= diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/CHANGELOG.md index a4805ff7..60956ba2 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/CHANGELOG.md @@ -1,3 +1,12 @@ +# v1.52.5 (2024-08-15) + +* **Dependency Update**: Bump minimum Go version to 1.21. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.52.4 (2024-08-09) + +* **Documentation**: Systems Manager doc-only updates for August 2024. + # v1.52.3 (2024-07-10.2) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_CreatePatchBaseline.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_CreatePatchBaseline.go index c9bfea3a..88cd48a4 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_CreatePatchBaseline.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_CreatePatchBaseline.go @@ -82,16 +82,23 @@ type CreatePatchBaselineInput struct { // The action for Patch Manager to take on patches included in the RejectedPackages // list. // - // - ALLOW_AS_DEPENDENCY : A package in the Rejected patches list is installed - // only if it is a dependency of another package. It is considered compliant with - // the patch baseline, and its status is reported as InstalledOther . This is the - // default action if no option is specified. + // ALLOW_AS_DEPENDENCY Linux and macOS: A package in the rejected patches list is + // installed only if it is a dependency of another package. It is considered + // compliant with the patch baseline, and its status is reported as INSTALLED_OTHER + // . This is the default action if no option is specified. // - // - BLOCK: Packages in the Rejected patches list, and packages that include - // them as dependencies, aren't installed by Patch Manager under any circumstances. - // If a package was installed before it was added to the Rejected patches list, or - // is installed outside of Patch Manager afterward, it's considered noncompliant - // with the patch baseline and its status is reported as InstalledRejected. + // Windows Server: Windows Server doesn't support the concept of package + // dependencies. If a package in the rejected patches list and already installed on + // the node, its status is reported as INSTALLED_OTHER . Any package not already + // installed on the node is skipped. This is the default action if no option is + // specified. + // + // BLOCK All OSs: Packages in the rejected patches list, and packages that + // include them as dependencies, aren't installed by Patch Manager under any + // circumstances. If a package was installed before it was added to the rejected + // patches list, or is installed outside of Patch Manager afterward, it's + // considered noncompliant with the patch baseline and its status is reported as + // INSTALLED_REJECTED . RejectedPatchesAction types.PatchAction // Information about the patches to use to update the managed nodes, including diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_DescribeInstanceInformation.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_DescribeInstanceInformation.go index abaa087d..1449c1a1 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_DescribeInstanceInformation.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_DescribeInstanceInformation.go @@ -21,9 +21,9 @@ import ( // all your managed nodes. If you specify a node ID that isn't valid or a node that // you don't own, you receive an error. // -// The IamRole field returned for this API operation is the Identity and Access -// Management (IAM) role assigned to on-premises managed nodes. This operation does -// not return the IAM role for EC2 instances. +// The IamRole field returned for this API operation is the role assigned to an +// Amazon EC2 instance configured with a Systems Manager Quick Setup host +// management configuration or the role assigned to an on-premises managed node. func (c *Client) DescribeInstanceInformation(ctx context.Context, params *DescribeInstanceInformationInput, optFns ...func(*Options)) (*DescribeInstanceInformationOutput, error) { if params == nil { params = &DescribeInstanceInformationInput{} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_DescribePatchProperties.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_DescribePatchProperties.go index ee437784..0c549b2b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_DescribePatchProperties.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_DescribePatchProperties.go @@ -23,6 +23,8 @@ import ( // // AMAZON_LINUX_2 Valid properties: PRODUCT | CLASSIFICATION | SEVERITY // +// AMAZON_LINUX_2023 Valid properties: PRODUCT | CLASSIFICATION | SEVERITY +// // CENTOS Valid properties: PRODUCT | CLASSIFICATION | SEVERITY // // DEBIAN Valid properties: PRODUCT | PRIORITY diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_GetCommandInvocation.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_GetCommandInvocation.go index b24decbc..21db09f6 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_GetCommandInvocation.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_GetCommandInvocation.go @@ -17,7 +17,11 @@ import ( ) // Returns detailed information about command execution for an invocation or -// plugin. +// plugin. The Run Command API follows an eventual consistency model, due to the +// distributed nature of the system supporting the API. This means that the result +// of an API command you run that affects your resources might not be immediately +// visible to all subsequent commands you run. You should keep this in mind when +// you carry out an API command that immediately follows a previous API command. // // GetCommandInvocation only gives the execution status of a plugin in a document. // To get the command execution status on a specific managed node, use ListCommandInvocations. To get diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_GetMaintenanceWindowTask.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_GetMaintenanceWindowTask.go index f4393e17..3fa362d8 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_GetMaintenanceWindowTask.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_GetMaintenanceWindowTask.go @@ -99,9 +99,19 @@ type GetMaintenanceWindowTaskOutput struct { // priority. Tasks that have the same priority are scheduled in parallel. Priority int32 - // The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) - // service role to use to publish Amazon Simple Notification Service (Amazon SNS) - // notifications for maintenance window Run Command tasks. + // The Amazon Resource Name (ARN) of the IAM service role for Amazon Web Services + // Systems Manager to assume when running a maintenance window task. If you do not + // specify a service role ARN, Systems Manager uses a service-linked role in your + // account. If no appropriate service-linked role for Systems Manager exists in + // your account, it is created when you run RegisterTaskWithMaintenanceWindow . + // + // However, for an improved security posture, we strongly recommend creating a + // custom policy and custom service role for running your maintenance window tasks. + // The policy can be crafted to provide only the permissions needed for your + // particular maintenance window tasks. For more information, see [Setting up maintenance windows]in the in the + // Amazon Web Services Systems Manager User Guide. + // + // [Setting up maintenance windows]: https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html ServiceRoleArn *string // The targets where the task should run. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_UpdateMaintenanceWindowTask.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_UpdateMaintenanceWindowTask.go index cc4bf467..ba53633d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_UpdateMaintenanceWindowTask.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_UpdateMaintenanceWindowTask.go @@ -244,9 +244,19 @@ type UpdateMaintenanceWindowTaskOutput struct { // The updated priority value. Priority int32 - // The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) - // service role to use to publish Amazon Simple Notification Service (Amazon SNS) - // notifications for maintenance window Run Command tasks. + // The Amazon Resource Name (ARN) of the IAM service role for Amazon Web Services + // Systems Manager to assume when running a maintenance window task. If you do not + // specify a service role ARN, Systems Manager uses a service-linked role in your + // account. If no appropriate service-linked role for Systems Manager exists in + // your account, it is created when you run RegisterTaskWithMaintenanceWindow . + // + // However, for an improved security posture, we strongly recommend creating a + // custom policy and custom service role for running your maintenance window tasks. + // The policy can be crafted to provide only the permissions needed for your + // particular maintenance window tasks. For more information, see [Setting up maintenance windows]in the in the + // Amazon Web Services Systems Manager User Guide. + // + // [Setting up maintenance windows]: https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html ServiceRoleArn *string // The updated target values. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_UpdatePatchBaseline.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_UpdatePatchBaseline.go index c20af0d7..f97a9b45 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_UpdatePatchBaseline.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/api_op_UpdatePatchBaseline.go @@ -78,16 +78,23 @@ type UpdatePatchBaselineInput struct { // The action for Patch Manager to take on patches included in the RejectedPackages // list. // - // - ALLOW_AS_DEPENDENCY : A package in the Rejected patches list is installed - // only if it is a dependency of another package. It is considered compliant with - // the patch baseline, and its status is reported as InstalledOther . This is the - // default action if no option is specified. + // ALLOW_AS_DEPENDENCY Linux and macOS: A package in the rejected patches list is + // installed only if it is a dependency of another package. It is considered + // compliant with the patch baseline, and its status is reported as INSTALLED_OTHER + // . This is the default action if no option is specified. // - // - BLOCK: Packages in the Rejected patches list, and packages that include - // them as dependencies, aren't installed by Patch Manager under any circumstances. - // If a package was installed before it was added to the Rejected patches list, or - // is installed outside of Patch Manager afterward, it's considered noncompliant - // with the patch baseline and its status is reported as InstalledRejected. + // Windows Server: Windows Server doesn't support the concept of package + // dependencies. If a package in the rejected patches list and already installed on + // the node, its status is reported as INSTALLED_OTHER . Any package not already + // installed on the node is skipped. This is the default action if no option is + // specified. + // + // BLOCK All OSs: Packages in the rejected patches list, and packages that + // include them as dependencies, aren't installed by Patch Manager under any + // circumstances. If a package was installed before it was added to the rejected + // patches list, or is installed outside of Patch Manager afterward, it's + // considered noncompliant with the patch baseline and its status is reported as + // INSTALLED_REJECTED . RejectedPatchesAction types.PatchAction // If True, then all fields that are required by the CreatePatchBaseline operation are also required diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/go_module_metadata.go index 053a48c7..5000b64f 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/go_module_metadata.go @@ -3,4 +3,4 @@ package ssm // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.52.3" +const goModuleVersion = "1.52.5" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/types/types.go index 4bc962a9..7da3ad4c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/types/types.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssm/types/types.go @@ -2397,12 +2397,15 @@ type InstanceInformation struct { // The IP address of the managed node. IPAddress *string - // The Identity and Access Management (IAM) role assigned to the on-premises - // Systems Manager managed node. This call doesn't return the IAM role for Amazon - // Elastic Compute Cloud (Amazon EC2) instances. To retrieve the IAM role for an - // EC2 instance, use the Amazon EC2 DescribeInstances operation. For information, - // see [DescribeInstances]in the Amazon EC2 API Reference or [describe-instances] in the Amazon Web Services CLI Command - // Reference. + // The role assigned to an Amazon EC2 instance configured with a Systems Manager + // Quick Setup host management configuration or the role assigned to an on-premises + // managed node. + // + // This call doesn't return the IAM role for unmanaged Amazon EC2 instances + // (instances not configured for Systems Manager). To retrieve the role for an + // unmanaged instance, use the Amazon EC2 DescribeInstances operation. For + // information, see [DescribeInstances]in the Amazon EC2 API Reference or [describe-instances] in the Amazon Web Services + // CLI Command Reference. // // [DescribeInstances]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html // [describe-instances]: https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html @@ -2725,7 +2728,7 @@ type InstanceProperty struct { // The version of SSM Agent running on your managed node. AgentVersion *string - // The CPU architecture of the node. For example, x86_64. + // The CPU architecture of the node. For example, x86_64 . Architecture *string // Status information about the aggregated associations. @@ -3438,9 +3441,19 @@ type MaintenanceWindowRunCommandParameters struct { // The parameters for the RUN_COMMAND task execution. Parameters map[string][]string - // The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) - // service role to use to publish Amazon Simple Notification Service (Amazon SNS) - // notifications for maintenance window Run Command tasks. + // The Amazon Resource Name (ARN) of the IAM service role for Amazon Web Services + // Systems Manager to assume when running a maintenance window task. If you do not + // specify a service role ARN, Systems Manager uses a service-linked role in your + // account. If no appropriate service-linked role for Systems Manager exists in + // your account, it is created when you run RegisterTaskWithMaintenanceWindow . + // + // However, for an improved security posture, we strongly recommend creating a + // custom policy and custom service role for running your maintenance window tasks. + // The policy can be crafted to provide only the permissions needed for your + // particular maintenance window tasks. For more information, see [Setting up maintenance windows]in the in the + // Amazon Web Services Systems Manager User Guide. + // + // [Setting up maintenance windows]: https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html ServiceRoleArn *string // If this time is reached and the command hasn't already started running, it @@ -3571,9 +3584,19 @@ type MaintenanceWindowTask struct { // parallel. Priority int32 - // The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) - // service role to use to publish Amazon Simple Notification Service (Amazon SNS) - // notifications for maintenance window Run Command tasks. + // The Amazon Resource Name (ARN) of the IAM service role for Amazon Web Services + // Systems Manager to assume when running a maintenance window task. If you do not + // specify a service role ARN, Systems Manager uses a service-linked role in your + // account. If no appropriate service-linked role for Systems Manager exists in + // your account, it is created when you run RegisterTaskWithMaintenanceWindow . + // + // However, for an improved security posture, we strongly recommend creating a + // custom policy and custom service role for running your maintenance window tasks. + // The policy can be crafted to provide only the permissions needed for your + // particular maintenance window tasks. For more information, see [Setting up maintenance windows]in the in the + // Amazon Web Services Systems Manager User Guide. + // + // [Setting up maintenance windows]: https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html ServiceRoleArn *string // The targets (either managed nodes or tags). Managed nodes are specified using @@ -4539,9 +4562,9 @@ type PatchBaselineIdentity struct { // The name of the patch baseline. BaselineName *string - // Whether this is the default baseline. Amazon Web Services Systems Manager - // supports creating multiple default patch baselines. For example, you can create - // a default patch baseline for each operating system. + // Indicates whether this is the default baseline. Amazon Web Services Systems + // Manager supports creating multiple default patch baselines. For example, you can + // create a default patch baseline for each operating system. DefaultBaseline bool // Defines the operating system the patch baseline applies to. The default value @@ -4694,15 +4717,23 @@ type PatchRule struct { // The number of days after the release date of each patch matched by the rule // that the patch is marked as approved in the patch baseline. For example, a value - // of 7 means that patches are approved seven days after they are released. Not - // supported on Debian Server or Ubuntu Server. + // of 7 means that patches are approved seven days after they are released. + // + // This parameter is marked as not required, but your request must include a value + // for either ApproveAfterDays or ApproveUntilDate . + // + // Not supported for Debian Server or Ubuntu Server. ApproveAfterDays *int32 // The cutoff date for auto approval of released patches. Any patches released on - // or before this date are installed automatically. Not supported on Debian Server - // or Ubuntu Server. + // or before this date are installed automatically. // // Enter dates in the format YYYY-MM-DD . For example, 2021-12-31 . + // + // This parameter is marked as not required, but your request must include a value + // for either ApproveUntilDate or ApproveAfterDays . + // + // Not supported for Debian Server or Ubuntu Server. ApproveUntilDate *string // A compliance severity level for all approved patches in a patch baseline. diff --git a/vendor/modules.txt b/vendor/modules.txt index ba14653f..b735f252 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -114,8 +114,8 @@ github.com/aws/aws-sdk-go-v2/service/route53 github.com/aws/aws-sdk-go-v2/service/route53/internal/customizations github.com/aws/aws-sdk-go-v2/service/route53/internal/endpoints github.com/aws/aws-sdk-go-v2/service/route53/types -# github.com/aws/aws-sdk-go-v2/service/ssm v1.52.3 -## explicit; go 1.20 +# github.com/aws/aws-sdk-go-v2/service/ssm v1.52.5 +## explicit; go 1.21 github.com/aws/aws-sdk-go-v2/service/ssm github.com/aws/aws-sdk-go-v2/service/ssm/internal/endpoints github.com/aws/aws-sdk-go-v2/service/ssm/types