switch to aws-sdk-go-v2 as v1 is going away #736
Comments
|
For folks that are only using this package to generate client-side tokens (i.e. github.com/kubernetes-sigs/aws-iam-authenticator/pkg/token), I have published a small Golang package that uses the AWS v2 SDK instead: https://github.com/bored-engineer/aws-eks-auth |
|
In working on the V2 upgrade, one key difference is that the new SDK does not expose the internal list of known endpoints for a particular partition.
The current behavior is that the server builds up a list of known regions from SDK v1 for a given partition (specified via a server flag), and ensures that the domain of incoming pre-signed requests is one of those known endpoints. The reason we don't want to allow cross-partition STS tokens, is that AWS treats partitions ( Similar to how we support multiple backend mappers for ARN to username discovery, I'll start out with region discovery in the following formats:
We'll default to SDKv1 based behavior to preserve backward compatibility, and likely drop support around the time SDKv1 reaches end of life on July 31, 2025. At that point, we'll change the default to Given this change can be independent of the SDK upgrade, I'll make a separate PR that will be mergable prior to an SDK upgrade. |
Context: https://aws.amazon.com/blogs/developer/announcing-end-of-support-for-aws-sdk-for-go-v1-on-july-31-2025/
Migration guide: https://aws.github.io/aws-sdk-go-v2/docs/migrating/
Basically maintenance mode on July 31, 2024 and reach end-of-support on July 31, 2025. The SDK will not
receive API updates for new or existing services, or be updated to support new regions.
The text was updated successfully, but these errors were encountered: