func New(config Config) *Client {
credentials := credentials.NewStaticCredentials(config.AccessKey, config.SecretKey, "")
sdkConfig := &aws.Config{
Credentials: credentials,
Region: aws.String(config.RegionName),
}
endpointOverrides := config.EndpointOverrides
if endpointOverrides == nil {
endpointOverrides = &Endpoints{}
}
route53Client := route53.New(sdkConfig.Merge(&aws.Config{MaxRetries: aws.Int(7), Endpoint: aws.String(endpointOverrides.Route53)}))
ec2Client := ec2.New(sdkConfig.Merge(&aws.Config{MaxRetries: aws.Int(7), Endpoint: aws.String(endpointOverrides.EC2)}))
s3Client := s3.New(sdkConfig.Merge(&aws.Config{MaxRetries: aws.Int(7), Endpoint: aws.String(endpointOverrides.S3), S3ForcePathStyle: aws.Bool(true)}))
cloudformationClient := cloudformation.New(sdkConfig.Merge(&aws.Config{MaxRetries: aws.Int(7), Endpoint: aws.String(endpointOverrides.Cloudformation)}))
return &Client{
EC2: ec2Client,
S3: s3Client,
Route53: route53Client,
Cloudformation: cloudformationClient,
// HostedZoneID: config.HostedZoneID,
// HostedZoneName: config.HostedZoneName,
Bucket: config.Bucket,
}
}
func copyConfig(config *Config) *aws.Config {
if config == nil {
config = &Config{}
}
c := &aws.Config{
Credentials: credentials.AnonymousCredentials,
Endpoint: config.Endpoint,
HTTPClient: config.HTTPClient,
Logger: config.Logger,
LogLevel: config.LogLevel,
MaxRetries: config.MaxRetries,
}
if c.HTTPClient == nil {
c.HTTPClient = http.DefaultClient
}
if c.Logger == nil {
c.Logger = aws.NewDefaultLogger()
}
if c.LogLevel == nil {
c.LogLevel = aws.LogLevel(aws.LogOff)
}
if c.MaxRetries == nil {
c.MaxRetries = aws.Int(DefaultRetries)
}
return c
}
func (c *Config) Connect() interface{} {
c.readConf()
var client AWSClient
awsConfig := new(aws.Config)
if len(c.Profile) > 0 {
awsConfig = &aws.Config{
Credentials: credentials.NewSharedCredentials(c.Awsconf, fmt.Sprintf("profile %s", c.Profile)),
Region: aws.String(c.Region),
MaxRetries: aws.Int(3),
}
} else {
// use instance role
awsConfig = &aws.Config{
Region: aws.String(c.Region),
}
}
sess := session.New(awsConfig)
client.ec2conn = ec2.New(sess)
return &client
}
func TestAfterRetryRefreshCreds(t *testing.T) {
os.Clearenv()
credProvider := &mockCredsProvider{}
svc := awstesting.NewClient(&aws.Config{
Credentials: credentials.NewCredentials(credProvider),
MaxRetries: aws.Int(1),
})
svc.Handlers.Clear()
svc.Handlers.ValidateResponse.PushBack(func(r *request.Request) {
r.Error = awserr.New("UnknownError", "", nil)
r.HTTPResponse = &http.Response{StatusCode: 400}
})
svc.Handlers.UnmarshalError.PushBack(func(r *request.Request) {
r.Error = awserr.New("ExpiredTokenException", "", nil)
})
svc.Handlers.AfterRetry.PushBackNamed(corehandlers.AfterRetryHandler)
assert.True(t, svc.Config.Credentials.IsExpired(), "Expect to start out expired")
assert.False(t, credProvider.retrieveCalled)
req := svc.NewRequest(&request.Operation{Name: "Operation"}, nil, nil)
req.Send()
assert.True(t, svc.Config.Credentials.IsExpired())
assert.False(t, credProvider.retrieveCalled)
_, err := svc.Config.Credentials.Get()
assert.NoError(t, err)
assert.True(t, credProvider.retrieveCalled)
}
// Configure prepares configuration data for tunnelproxy manager
func Configure(c *Config) (*awssession.Session, error) {
if c.Name == "" {
return nil, errors.New("Name should be set.")
}
// decide on region name
region, err := getRegion(c)
if err != nil {
return nil, err
}
c.Region = region
session := awssession.New(&aws.Config{
Credentials: credentials.NewStaticCredentials(
c.AccessKeyID,
c.SecretAccessKey,
"",
),
Region: aws.String(c.Region),
MaxRetries: aws.Int(5),
})
// decide on autoscaling name
name, err := getAutoScalingName(c, session)
if err != nil {
return nil, err
}
c.AutoScalingName = name
return session, nil
}
func NewAwsConfig(
accessKey string,
secretKey string,
regionName string,
endpoint string,
disableSSL bool,
) *aws.Config {
var creds *credentials.Credentials
if accessKey == "" && secretKey == "" {
creds = credentials.AnonymousCredentials
} else {
creds = credentials.NewStaticCredentials(accessKey, secretKey, "")
}
if len(regionName) == 0 {
regionName = "us-east-1"
}
awsConfig := &aws.Config{
Region: aws.String(regionName),
Credentials: creds,
S3ForcePathStyle: aws.Bool(true),
MaxRetries: aws.Int(maxRetries),
DisableSSL: aws.Bool(disableSSL),
}
if len(endpoint) != 0 {
endpoint := fmt.Sprintf("%s", endpoint)
awsConfig.Endpoint = &endpoint
}
return awsConfig
}
func dlLoggingSvcWithErrReader(cases []testErrReader) (*s3.S3, *[]string) {
var m sync.Mutex
names := []string{}
var index int = 0
svc := s3.New(unit.Session, &aws.Config{
MaxRetries: aws.Int(len(cases) - 1),
})
svc.Handlers.Send.Clear()
svc.Handlers.Send.PushBack(func(r *request.Request) {
m.Lock()
defer m.Unlock()
names = append(names, r.Operation.Name)
c := cases[index]
r.HTTPResponse = &http.Response{
StatusCode: http.StatusOK,
Body: ioutil.NopCloser(&c),
Header: http.Header{},
}
r.HTTPResponse.Header.Set("Content-Range",
fmt.Sprintf("bytes %d-%d/%d", 0, c.Len-1, c.Len))
r.HTTPResponse.Header.Set("Content-Length", fmt.Sprintf("%d", c.Len))
index++
})
return svc, &names
}
func TestKMSGenerateCipherData(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintln(w, `{"CiphertextBlob":"AQEDAHhqBCCY1MSimw8gOGcUma79cn4ANvTtQyv9iuBdbcEF1QAAAH4wfAYJKoZIhvcNAQcGoG8wbQIBADBoBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDJ6IcN5E4wVbk38MNAIBEIA7oF1E3lS7FY9DkoxPc/UmJsEwHzL82zMqoLwXIvi8LQHr8If4Lv6zKqY8u0+JRgSVoqCvZDx3p8Cn6nM=","KeyId":"arn:aws:kms:us-west-2:042062605278:key/c80a5cdb-8d09-4f9f-89ee-df01b2e3870a","Plaintext":"6tmyz9JLBE2yIuU7iXpArqpDVle172WSmxjcO6GNT7E="}`)
}))
sess := unit.Session.Copy(&aws.Config{
MaxRetries: aws.Int(0),
Endpoint: aws.String(ts.URL[7:]),
DisableSSL: aws.Bool(true),
S3ForcePathStyle: aws.Bool(true),
Region: aws.String("us-west-2"),
})
svc := kms.New(sess)
handler := NewKMSKeyGenerator(svc, "testid")
keySize := 32
ivSize := 16
cd, err := handler.GenerateCipherData(keySize, ivSize)
assert.NoError(t, err)
assert.Equal(t, keySize, len(cd.Key))
assert.Equal(t, ivSize, len(cd.IV))
assert.NotEmpty(t, cd.Key)
assert.NotEmpty(t, cd.IV)
}
func TestPutObject(t *testing.T) {
size := 1024 * 1024
data := make([]byte, size)
expected := bytes.Repeat([]byte{1}, size)
generator := mockGenerator{}
cb := mockCipherBuilder{generator}
sess := unit.Session.Copy(&aws.Config{
MaxRetries: aws.Int(0),
S3ForcePathStyle: aws.Bool(true),
Region: aws.String("us-west-2"),
})
c := s3crypto.NewEncryptionClient(sess, cb)
assert.NotNil(t, c)
input := &s3.PutObjectInput{
Key: aws.String("test"),
Bucket: aws.String("test"),
Body: bytes.NewReader(data),
}
req, _ := c.PutObjectRequest(input)
req.Handlers.Send.Clear()
req.Handlers.Send.PushBack(func(r *request.Request) {
r.Error = errors.New("stop")
r.HTTPResponse = &http.Response{
StatusCode: 200,
}
})
err := req.Send()
assert.Equal(t, "stop", err.Error())
b, err := ioutil.ReadAll(req.HTTPRequest.Body)
assert.NoError(t, err)
assert.Equal(t, expected, b)
}
func (s *GoofysTest) SetUpSuite(t *C) {
//addr := "play.minio.io:9000"
const LOCAL_TEST = true
if LOCAL_TEST {
addr := "127.0.0.1:8080"
err := s.waitFor(t, addr)
t.Assert(err, IsNil)
s.awsConfig = &aws.Config{
//Credentials: credentials.AnonymousCredentials,
Credentials: credentials.NewStaticCredentials("foo", "bar", ""),
Region: aws.String("us-west-2"),
Endpoint: aws.String(addr),
DisableSSL: aws.Bool(true),
S3ForcePathStyle: aws.Bool(true),
MaxRetries: aws.Int(0),
//Logger: t,
//LogLevel: aws.LogLevel(aws.LogDebug),
//LogLevel: aws.LogLevel(aws.LogDebug | aws.LogDebugWithHTTPBody),
}
} else {
s.awsConfig = &aws.Config{
Region: aws.String("us-west-2"),
DisableSSL: aws.Bool(true),
}
}
s.s3 = s3.New(s.awsConfig)
_, err := s.s3.ListBuckets(nil)
t.Assert(err, IsNil)
}
func TestMain(m *testing.M) {
db = dynamodb.New(&aws.Config{
MaxRetries: aws.Int(2),
})
db.Handlers.Send.Clear() // mock sending
os.Exit(m.Run())
}
func main() {
c, err := configure()
if err != nil {
log.Fatal("Reading config failed: ", err.Error())
}
conf := &asgd.Config{
Name: fmt.Sprintf("%s-%s", "tunnelproxymanager", c.EBEnvName),
AccessKeyID: c.AccessKeyID,
SecretAccessKey: c.SecretAccessKey,
Region: c.Region,
AutoScalingName: c.AutoScalingName,
Debug: c.Debug,
}
session, err := asgd.Configure(conf)
if err != nil {
log.Fatal("Reading config failed: ", err.Error())
}
log := logging.NewCustom(Name, conf.Debug)
// remove formatting from call stack and output correct line
log.SetCallDepth(1)
route53Session := awssession.New(&aws.Config{
Credentials: credentials.NewStaticCredentials(
c.Route53AccessKeyID,
c.Route53SecretAccessKey,
"",
),
Region: aws.String(conf.Region),
MaxRetries: aws.Int(5),
})
// create record manager
recordManager := tunnelproxymanager.NewRecordManager(route53Session, log, conf.Region, c.HostedZone)
if err := recordManager.Init(); err != nil {
log.Fatal(err.Error())
}
// create lifecycle
l := asgd.NewLifeCycle(session, log, conf.AutoScalingName)
// configure lifecycle with system name
if err := l.Configure(conf.Name); err != nil {
log.Fatal(err.Error())
}
done := registerSignalHandler(l, log)
// listen to lifecycle events
if err := l.Listen(recordManager.ProcessFunc); err != nil {
log.Fatal(err.Error())
}
<-done
}
func getService(debug bool) *route53.Route53 {
config := aws.Config{}
// ensures throttled requests are retried
config.MaxRetries = aws.Int(100)
if debug {
config.LogLevel = aws.LogLevel(aws.LogDebug)
}
return route53.New(&config)
}
func NewRouteTableManager(region string, debug bool) RouteTableManager {
r := RouteTableManagerEC2{}
sess := session.New(&aws.Config{
Region: aws.String(region),
MaxRetries: aws.Int(3),
})
r.conn = ec2.New(sess)
return r
}
// newSubmitStateChangeClient returns a client intended to be used for
// Submit*StateChange APIs which has the behavior of retrying the call on
// retriable errors for an extended period of time (roughly 24 hours).
func newSubmitStateChangeClient(awsConfig *aws.Config) *ecs.ECS {
sscConfig := awsConfig.Copy()
sscConfig.MaxRetries = aws.Int(submitStateChangeMaxDelayRetries)
client := ecs.New(sscConfig)
client.Handlers.AfterRetry.Clear()
client.Handlers.AfterRetry.PushBackNamed(
extendedRetryMaxDelayHandlerFactory(submitStateChangeExtraRetries))
client.DefaultMaxRetries = submitStateChangeMaxDelayRetries
return client
}
func onAWS() bool {
// the default client behavior retried the operation multiple times with a 5s timeout per attempt.
// if you were not on aws, you would block for 20s when invoking this operation.
// we reduce retries to 0 and set the timeout to 2s to reduce the time this blocks when not on aws.
client := ec2metadata.New(session.New(&aws.Config{MaxRetries: aws.Int(0)}))
if client.Config.HTTPClient != nil {
client.Config.HTTPClient.Timeout = time.Duration(2 * time.Second)
}
return client.Available()
}
func TestGetObject(t *testing.T) {
key, _ := hex.DecodeString("31bdadd96698c204aa9ce1448ea94ae1fb4a9a0b3c9d773b51bb1822666b8f22")
keyB64 := base64.URLEncoding.EncodeToString(key)
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintln(w, fmt.Sprintf("%s%s%s", `{"KeyId":"test-key-id","Plaintext":"`, keyB64, `"}`))
}))
defer ts.Close()
sess := unit.Session.Copy(&aws.Config{
MaxRetries: aws.Int(0),
Endpoint: aws.String(ts.URL[7:]),
DisableSSL: aws.Bool(true),
S3ForcePathStyle: aws.Bool(true),
Region: aws.String("us-west-2"),
})
c := s3crypto.NewDecryptionClient(sess)
assert.NotNil(t, c)
input := &s3.GetObjectInput{
Key: aws.String("test"),
Bucket: aws.String("test"),
}
req, out := c.GetObjectRequest(input)
req.Handlers.Send.Clear()
req.Handlers.Send.PushBack(func(r *request.Request) {
iv, err := hex.DecodeString("0d18e06c7c725ac9e362e1ce")
assert.NoError(t, err)
b, err := hex.DecodeString("fa4362189661d163fcd6a56d8bf0405ad636ac1bbedd5cc3ee727dc2ab4a9489")
assert.NoError(t, err)
r.HTTPResponse = &http.Response{
StatusCode: 200,
Header: http.Header{
http.CanonicalHeaderKey("x-amz-meta-x-amz-key-v2"): []string{"SpFRES0JyU8BLZSKo51SrwILK4lhtZsWiMNjgO4WmoK+joMwZPG7Hw=="},
http.CanonicalHeaderKey("x-amz-meta-x-amz-iv"): []string{base64.URLEncoding.EncodeToString(iv)},
http.CanonicalHeaderKey("x-amz-meta-x-amz-matdesc"): []string{`{"kms_cmk_id":"arn:aws:kms:us-east-1:172259396726:key/a22a4b30-79f4-4b3d-bab4-a26d327a231b"}`},
http.CanonicalHeaderKey("x-amz-meta-x-amz-wrap-alg"): []string{s3crypto.KMSWrap},
http.CanonicalHeaderKey("x-amz-meta-x-amz-cek-alg"): []string{s3crypto.AESGCMNoPadding},
http.CanonicalHeaderKey("x-amz-meta-x-amz-tag-len"): []string{"128"},
},
Body: ioutil.NopCloser(bytes.NewBuffer(b)),
}
out.Metadata = make(map[string]*string)
out.Metadata["x-amz-wrap-alg"] = aws.String(s3crypto.KMSWrap)
})
err := req.Send()
assert.NoError(t, err)
b, err := ioutil.ReadAll(out.Body)
assert.NoError(t, err)
expected, err := hex.DecodeString("2db5168e932556f8089a0622981d017d")
assert.NoError(t, err)
assert.Equal(t, len(expected), len(b))
assert.Equal(t, expected, b)
}
func makeRoute53Provider(ts *httptest.Server) *DNSProvider {
config := &aws.Config{
Credentials: credentials.NewStaticCredentials("abc", "123", " "),
Endpoint: aws.String(ts.URL),
Region: aws.String("mock-region"),
MaxRetries: aws.Int(1),
}
client := route53.New(session.New(config))
return &DNSProvider{client: client}
}
func NewRouteTableManager(region string, debug bool) RouteTableManager {
r := RouteTableManagerEC2{}
providers := getProviders()
cred := getCred(providers)
awsConfig := &aws.Config{
Credentials: cred,
Region: aws.String(region),
MaxRetries: aws.Int(3),
}
r.conn = ec2.New(awsConfig)
return r
}
func getService(debug bool, profile string) *route53.Route53 {
config := aws.Config{}
if profile != "" {
config.Credentials = credentials.NewSharedCredentials("", profile)
}
// ensures throttled requests are retried
config.MaxRetries = aws.Int(100)
if debug {
config.LogLevel = aws.LogLevel(aws.LogDebug)
}
return route53.New(session.New(), &config)
}
func NewClient(cluster string, accessKeyID string, secretAccessKey string) *Client {
awsConfig := &aws.Config{
Region: aws.String("us-west-1"),
MaxRetries: aws.Int(10),
Credentials: credentials.NewStaticCredentials(accessKeyID, secretAccessKey, ""),
}
svc := ecs.New(session.New(), awsConfig)
return &Client{
client: svc,
cluster: cluster,
}
}
func TestMarshalOmitEmpty(t *testing.T) {
expect := &dynamodb.AttributeValue{
M: map[string]*dynamodb.AttributeValue{
"IntPtrSetZero": {N: aws.String("0")},
},
}
m := testOmitEmptyScalar{IntPtrSetZero: aws.Int(0)}
actual, err := Marshal(m)
assert.NoError(t, err)
assert.Equal(t, expect, actual)
}
func getConfig(c *cli.Context) *aws.Config {
debug := c.Bool("debug")
profile := c.String("profile")
config := aws.Config{}
if profile != "" {
config.Credentials = credentials.NewSharedCredentials("", profile)
}
// ensures throttled requests are retried
config.MaxRetries = aws.Int(100)
if debug {
config.LogLevel = aws.LogLevel(aws.LogDebug)
}
return &config
}
func TestDefaultConfigValues(t *testing.T) {
sess := unit.Session.Copy(&aws.Config{
MaxRetries: aws.Int(0),
S3ForcePathStyle: aws.Bool(true),
Region: aws.String("us-west-2"),
})
svc := kms.New(sess)
handler := s3crypto.NewKMSKeyGenerator(svc, "testid")
c := s3crypto.NewEncryptionClient(sess, s3crypto.AESGCMContentCipherBuilder(handler))
assert.NotNil(t, c)
assert.NotNil(t, c.ContentCipherBuilder)
assert.NotNil(t, c.SaveStrategy)
}
func main() {
flag.Usage = func() {
const usage = `Usage: %s SOURCE DEST
Mirrors a S3 folder to another one, potentially in a different bucket.
SOURCE and DEST should be S3 URLs in the form s3://bucket-name/prefix .
Objects metadata is preserved during the copy.
Additional command line options:
`
fmt.Fprintf(os.Stderr, usage, os.Args[0])
flag.PrintDefaults()
}
flag.Parse()
if flag.NArg() != 2 {
flag.Usage()
os.Exit(1)
}
// We only use the default client to fetch bucket location.
defaults.DefaultConfig.Region = aws.String("us-east-1")
defaults.DefaultConfig.S3ForcePathStyle = aws.Bool(true)
defaults.DefaultConfig.MaxRetries = aws.Int(10)
http.DefaultClient.Timeout = *opTimeout
sourceUrl := flag.Arg(0)
destUrl := flag.Arg(1)
sourceBucket, err := NewBucket(sourceUrl, *sourceRegion)
if err != nil {
log.Fatalf("Error while configuring source bucket: %s", err)
}
destBucket, err := NewBucket(destUrl, *destRegion)
if err != nil {
log.Fatalf("Error while configuring destination bucket: %s", err)
}
if err := runCopy(sourceBucket, destBucket); err != nil {
log.Fatalf(err.Error())
}
}
func TestExtendedRetryMaxDelayHandler(t *testing.T) {
maxDelayRetries := uint(2)
maxExtraRetries := uint(10)
retryCounts := []uint{}
// inject fake awsAfterRetryHandler to just collect retry counts
awsAfterRetryHandler = func(r *request.Request) {
retryCounts = append(retryCounts, r.RetryCount)
r.Error = nil
}
extendedRetryMaxDelayHandler := extendedRetryMaxDelayHandlerFactory(maxExtraRetries)
request := &request.Request{
Retryer: service.DefaultRetryer{&service.Service{
DefaultMaxRetries: maxDelayRetries,
ServiceInfo: serviceinfo.ServiceInfo{
Config: &aws.Config{
MaxRetries: aws.Int(-1),
},
},
}},
}
var count uint
for count = 0; request.Error == nil; count++ {
request.Error = errors.New("")
extendedRetryMaxDelayHandler.Fn(request)
}
if count != (maxDelayRetries + maxExtraRetries + 1) {
t.Errorf("Should have been called %d times but was %d", maxDelayRetries+maxExtraRetries+1, count)
}
for i := uint(0); i < maxDelayRetries; i++ {
if retryCounts[i] != i {
t.Errorf("Expected retry count for attempt %d to be %d, but was %d", i, i, retryCounts[i])
}
}
for i := maxDelayRetries; i < count-1; i++ {
if retryCounts[i] != maxDelayRetries-1 {
t.Errorf("Expected retry count for attempt %d to be %d, but was %d", i, maxDelayRetries-1, retryCounts[i])
}
}
if request.RetryCount != maxDelayRetries+maxExtraRetries {
t.Errorf("Expected retry count for attempt %d to be %d, but was %d", count-1, maxDelayRetries+maxExtraRetries, request.RetryCount)
}
}
func TestValidateCRC32DoesNotMatchNoComputeChecksum(t *testing.T) {
svc := dynamodb.New(&aws.Config{
MaxRetries: aws.Int(2),
DisableComputeChecksums: aws.Bool(true),
})
svc.Handlers.Send.Clear() // mock sending
req := mockCRCResponse(svc, 200, `{"TableNames":["A"]}`, "1234")
assert.NoError(t, req.Error)
assert.Equal(t, 0, int(req.RetryCount))
// CRC check disabled. Does not affect output parsing
out := req.Data.(*dynamodb.ListTablesOutput)
assert.Equal(t, "A", *out.TableNames[0])
}
// New will create aws session with credentials
func New() (amazon *Amazon) {
// new credentials from settings
creds := credentials.NewStaticCredentials(config.Settings.Amazon.ID, config.Settings.Amazon.Key, "")
// create our session
sess := session.New(&aws.Config{
Region: aws.String(config.Settings.Amazon.Region),
Credentials: creds,
MaxRetries: aws.Int(10),
})
return &Amazon{
session: sess,
}
}
func TestCEKFactory(t *testing.T) {
key, _ := hex.DecodeString("31bdadd96698c204aa9ce1448ea94ae1fb4a9a0b3c9d773b51bb1822666b8f22")
keyB64 := base64.URLEncoding.EncodeToString(key)
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintln(w, fmt.Sprintf("%s%s%s", `{"KeyId":"test-key-id","Plaintext":"`, keyB64, `"}`))
}))
defer ts.Close()
sess := unit.Session.Copy(&aws.Config{
MaxRetries: aws.Int(0),
Endpoint: aws.String(ts.URL[7:]),
DisableSSL: aws.Bool(true),
S3ForcePathStyle: aws.Bool(true),
Region: aws.String("us-west-2"),
})
c := DecryptionClient{
WrapRegistry: map[string]WrapEntry{
KMSWrap: (kmsKeyHandler{
kms: kms.New(sess),
}).decryptHandler,
},
CEKRegistry: map[string]CEKEntry{
AESGCMNoPadding: newAESGCMContentCipher,
},
}
iv, err := hex.DecodeString("0d18e06c7c725ac9e362e1ce")
assert.NoError(t, err)
ivB64 := base64.URLEncoding.EncodeToString(iv)
cipherKey, err := hex.DecodeString("31bdadd96698c204aa9ce1448ea94ae1fb4a9a0b3c9d773b51bb1822666b8f22")
assert.NoError(t, err)
cipherKeyB64 := base64.URLEncoding.EncodeToString(cipherKey)
env := Envelope{
WrapAlg: KMSWrap,
CEKAlg: AESGCMNoPadding,
CipherKey: cipherKeyB64,
IV: ivB64,
MatDesc: `{"kms_cmk_id":""}`,
}
wrap, err := c.wrapFromEnvelope(env)
cek, err := c.cekFromEnvelope(env, wrap)
assert.NoError(t, err)
assert.NotNil(t, cek)
}
// Print and send to channel list of instances.
func (c *ElbList) fetchRegionElb(region, next_token string, channel chan Elb) {
defer elb_wg.Done()
// Connect to region
config := aws.Config{
Region: aws.String(region),
Credentials: c.Profile.Credentials,
MaxRetries: aws.Int(20),
}
con := elb.New(session.New(), &config)
// Prepare request
params := &elb.DescribeLoadBalancersInput{
LoadBalancerNames: []*string{},
// Maximum count instances on one result page
PageSize: aws.Int64(400),
}
if next_token != "" {
params.Marker = aws.String(next_token)
}
// Get list of elb
res, err := con.DescribeLoadBalancers(params)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
log.Printf(awsErrError, awsErr.Code(), awsErr.Message(), awsErr.OrigErr())
if reqErr, ok := err.(awserr.RequestFailure); ok {
log.Printf(awsErrRequestFailure, reqErr.Code(), reqErr.Message(), reqErr.StatusCode(), reqErr.RequestID())
}
} else {
log.Printf(err.Error())
}
}
// Send instances to channel
for _, r := range res.LoadBalancerDescriptions {
channel <- Elb{Elb: *r, Profile: *c.Profile}
}
// If there are more instances repeat request with a token
if res.NextMarker != nil {
elb_wg.Add(1)
go c.fetchRegionElb(region, *res.NextMarker, channel)
}
}