remove Session() awsclient.ConfigProvider

Author: LiangquanLi930

pkg/cloud/interfaces.go

@@ -21,7 +21,6 @@ import (
 	"time"
 
 	awsv2 "github.com/aws/aws-sdk-go-v2/aws"
-	awsclient "github.com/aws/aws-sdk-go/aws/client"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
@@ -34,8 +33,7 @@ import (
 
 // Session represents an AWS session.
 type Session interface {
-	Session() awsclient.ConfigProvider
-	SessionV2() awsv2.Config
+	Session() awsv2.Config
 	ServiceLimiter(service string) *throttle.ServiceLimiter
 }
 

pkg/cloud/scope/clients.go

@@ -26,21 +26,17 @@ import (
 	"github.com/aws/aws-sdk-go-v2/service/iam"
 	rgapi "github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi"
 	"github.com/aws/aws-sdk-go-v2/service/s3"
+	"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
 	"github.com/aws/aws-sdk-go-v2/service/sqs"
 	"github.com/aws/aws-sdk-go-v2/service/ssm"
-	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go-v2/service/sts"
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/aws/request"
-	"github.com/aws/aws-sdk-go/service/secretsmanager"
-	"github.com/aws/aws-sdk-go/service/secretsmanager/secretsmanageriface"
-	"github.com/aws/aws-sdk-go/service/sts"
-	"github.com/aws/aws-sdk-go/service/sts/stsiface"
 	"k8s.io/apimachinery/pkg/runtime"
 
 	"sigs.k8s.io/cluster-api-provider-aws/v2/pkg/cloud"
 	"sigs.k8s.io/cluster-api-provider-aws/v2/pkg/cloud/endpointsv2"
 	awslogs "sigs.k8s.io/cluster-api-provider-aws/v2/pkg/cloud/logs"
-	awsmetrics "sigs.k8s.io/cluster-api-provider-aws/v2/pkg/cloud/metrics"
 	awsmetricsv2 "sigs.k8s.io/cluster-api-provider-aws/v2/pkg/cloud/metricsv2"
 	"sigs.k8s.io/cluster-api-provider-aws/v2/pkg/cloud/throttle"
 	"sigs.k8s.io/cluster-api-provider-aws/v2/pkg/logger"
@@ -50,7 +46,7 @@ import (
 
 // NewASGClient creates a new ASG API client for a given session.
 func NewASGClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *autoscaling.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 
 	autoscalingOpts := []func(*autoscaling.Options){
 		func(o *autoscaling.Options) {
@@ -68,7 +64,7 @@ func NewASGClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logg
 
 // NewEC2Client creates a new EC2 API client for a given session.
 func NewEC2Client(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *ec2.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 	multiSvcEndpointResolver := endpointsv2.NewMultiServiceEndpointResolver()
 	ec2EndpointResolver := &endpointsv2.EC2EndpointResolver{
 		MultiServiceEndpointResolver: multiSvcEndpointResolver,
@@ -92,7 +88,7 @@ func NewEC2Client(scopeUser cloud.ScopeUsage, session cloud.Session, logger logg
 
 // NewELBClient creates a new ELB API client for a given session.
 func NewELBClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *elb.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 	multiSvcEndpointResolver := endpointsv2.NewMultiServiceEndpointResolver()
 	endpointResolver := &endpointsv2.ELBEndpointResolver{
 		MultiServiceEndpointResolver: multiSvcEndpointResolver,
@@ -116,7 +112,7 @@ func NewELBClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logg
 
 // NewELBv2Client creates a new ELB v2 API client for a given session.
 func NewELBv2Client(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *elbv2.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 	multiSvcEndpointResolver := endpointsv2.NewMultiServiceEndpointResolver()
 	endpointResolver := &endpointsv2.ELBV2EndpointResolver{
 		MultiServiceEndpointResolver: multiSvcEndpointResolver,
@@ -140,7 +136,7 @@ func NewELBv2Client(scopeUser cloud.ScopeUsage, session cloud.Session, logger lo
 
 // NewEventBridgeClient creates a new EventBridge API client for a given session.
 func NewEventBridgeClient(scopeUser cloud.ScopeUsage, session cloud.Session, target runtime.Object) *eventbridge.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 	multiSvcEndpointResolver := endpointsv2.NewMultiServiceEndpointResolver()
 	endpointResolver := &endpointsv2.EventBridgeEndpointResolver{
 		MultiServiceEndpointResolver: multiSvcEndpointResolver,
@@ -161,7 +157,7 @@ func NewEventBridgeClient(scopeUser cloud.ScopeUsage, session cloud.Session, tar
 
 // NewSQSClient creates a new SQS API client for a given session.
 func NewSQSClient(scopeUser cloud.ScopeUsage, session cloud.Session, target runtime.Object) *sqs.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 	multiSvcEndpointResolver := endpointsv2.NewMultiServiceEndpointResolver()
 	endpointResolver := &endpointsv2.SQSEndpointResolver{
 		MultiServiceEndpointResolver: multiSvcEndpointResolver,
@@ -182,7 +178,7 @@ func NewSQSClient(scopeUser cloud.ScopeUsage, session cloud.Session, target runt
 
 // NewGlobalSQSClient for creating a new SQS API client that isn't tied to a cluster.
 func NewGlobalSQSClient(scopeUser cloud.ScopeUsage, session cloud.Session) *sqs.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 	multiSvcEndpointResolver := endpointsv2.NewMultiServiceEndpointResolver()
 	endpointResolver := &endpointsv2.SQSEndpointResolver{
 		MultiServiceEndpointResolver: multiSvcEndpointResolver,
@@ -203,7 +199,7 @@ func NewGlobalSQSClient(scopeUser cloud.ScopeUsage, session cloud.Session) *sqs.
 
 // NewResourgeTaggingClient creates a new Resource Tagging API client for a given session.
 func NewResourgeTaggingClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *rgapi.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 	multiSvcEndpointResolver := endpointsv2.NewMultiServiceEndpointResolver()
 	endpointResolver := &endpointsv2.RGAPIEndpointResolver{
 		MultiServiceEndpointResolver: multiSvcEndpointResolver,
@@ -215,27 +211,38 @@ func NewResourgeTaggingClient(scopeUser cloud.ScopeUsage, session cloud.Session,
 			o.ClientLogMode = awslogs.GetAWSLogLevelV2(logger.GetLogger())
 			o.EndpointResolverV2 = endpointResolver
 		},
-		rgapi.WithAPIOptions(awsmetricsv2.WithMiddlewares(scopeUser.ControllerName(), target), awsmetricsv2.WithCAPAUserAgentMiddleware()),
+		rgapi.WithAPIOptions(
+			awsmetricsv2.WithMiddlewares(scopeUser.ControllerName(), target),
+			awsmetricsv2.WithCAPAUserAgentMiddleware(),
+			throttle.WithServiceLimiterMiddleware(session.ServiceLimiter(rgapi.ServiceID)),
+		),
 	}
 
 	return rgapi.NewFromConfig(cfg, opts...)
 }
 
 // NewSecretsManagerClient creates a new Secrets API client for a given session..
-func NewSecretsManagerClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) secretsmanageriface.SecretsManagerAPI {
-	secretsClient := secretsmanager.New(session.Session(), aws.NewConfig().WithLogLevel(awslogs.GetAWSLogLevel(logger.GetLogger())).WithLogger(awslogs.NewWrapLogr(logger.GetLogger())))
-	secretsClient.Handlers.Build.PushFrontNamed(getUserAgentHandler())
-	secretsClient.Handlers.Sign.PushFront(session.ServiceLimiter(secretsClient.ServiceID).LimitRequest)
-	secretsClient.Handlers.CompleteAttempt.PushFront(awsmetrics.CaptureRequestMetrics(scopeUser.ControllerName()))
-	secretsClient.Handlers.CompleteAttempt.PushFront(session.ServiceLimiter(secretsClient.ServiceID).ReviewResponse)
-	secretsClient.Handlers.Complete.PushBack(recordAWSPermissionsIssue(target))
-
-	return secretsClient
+func NewSecretsManagerClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *secretsmanager.Client {
+	cfg := session.Session()
+
+	secretsOpts := []func(*secretsmanager.Options){
+		func(o *secretsmanager.Options) {
+			o.Logger = logger.GetAWSLogger()
+			o.ClientLogMode = awslogs.GetAWSLogLevelV2(logger.GetLogger())
+		},
+		secretsmanager.WithAPIOptions(
+			awsmetricsv2.WithMiddlewares(scopeUser.ControllerName(), target),
+			awsmetricsv2.WithCAPAUserAgentMiddleware(),
+			throttle.WithServiceLimiterMiddleware(session.ServiceLimiter(secretsmanager.ServiceID)),
+		),
+	}
+
+	return secretsmanager.NewFromConfig(cfg, secretsOpts...)
 }
 
 // NewEKSClient creates a new EKS API client for a given session.
 func NewEKSClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *eks.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 	multiSvcEndpointResolver := endpointsv2.NewMultiServiceEndpointResolver()
 	eksEndpointResolver := &endpointsv2.EKSEndpointResolver{
 		MultiServiceEndpointResolver: multiSvcEndpointResolver,
@@ -253,7 +260,7 @@ func NewEKSClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logg
 
 // NewIAMClient creates a new IAM API client for a given session.
 func NewIAMClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *iam.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 
 	iamOpts := []func(*iam.Options){
 		func(o *iam.Options) {
@@ -270,18 +277,26 @@ func NewIAMClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logg
 }
 
 // NewSTSClient creates a new STS API client for a given session.
-func NewSTSClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) stsiface.STSAPI {
-	stsClient := sts.New(session.Session(), aws.NewConfig().WithLogLevel(awslogs.GetAWSLogLevel(logger.GetLogger())).WithLogger(awslogs.NewWrapLogr(logger.GetLogger())))
-	stsClient.Handlers.Build.PushFrontNamed(getUserAgentHandler())
-	stsClient.Handlers.CompleteAttempt.PushFront(awsmetrics.CaptureRequestMetrics(scopeUser.ControllerName()))
-	stsClient.Handlers.Complete.PushBack(recordAWSPermissionsIssue(target))
+func NewSTSClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *sts.Client {
+	cfg := session.Session()
+
+	stsOpts := []func(*sts.Options){
+		func(o *sts.Options) {
+			o.Logger = logger.GetAWSLogger()
+			o.ClientLogMode = awslogs.GetAWSLogLevelV2(logger.GetLogger())
+		},
+		sts.WithAPIOptions(
+			awsmetricsv2.WithMiddlewares(scopeUser.ControllerName(), target),
+			awsmetricsv2.WithCAPAUserAgentMiddleware(),
+		),
+	}
 
-	return stsClient
+	return sts.NewFromConfig(cfg, stsOpts...)
 }
 
 // NewSSMClient creates a new Secrets API client for a given session.
 func NewSSMClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *ssm.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 	multiSvcEndpointResolver := endpointsv2.NewMultiServiceEndpointResolver()
 	ssmEndpointResolver := &endpointsv2.SSMEndpointResolver{
 		MultiServiceEndpointResolver: multiSvcEndpointResolver,
@@ -303,7 +318,7 @@ func NewSSMClient(scopeUser cloud.ScopeUsage, session cloud.Session, logger logg
 
 // NewS3Client creates a new S3 API client for a given session.
 func NewS3Client(scopeUser cloud.ScopeUsage, session cloud.Session, logger logger.Wrapper, target runtime.Object) *s3.Client {
-	cfg := session.SessionV2()
+	cfg := session.Session()
 	multiSvcEndpointResolver := endpointsv2.NewMultiServiceEndpointResolver()
 	s3EndpointResolver := &endpointsv2.S3EndpointResolver{
 		MultiServiceEndpointResolver: multiSvcEndpointResolver,
@@ -340,7 +355,7 @@ func getUserAgentHandler() request.NamedHandler {
 // AWSClients contains all the aws clients used by the scopes.
 type AWSClients struct {
 	ELB             *elb.Client
-	SecretsManager  secretsmanageriface.SecretsManagerAPI
+	SecretsManager  *secretsmanager.Client
 	ResourceTagging *rgapi.Client
 	ASG             *autoscaling.Client
 	EC2             *ec2.Client

pkg/cloud/scope/cluster.go

@@ -77,7 +77,7 @@ func NewClusterScope(params ClusterScopeParams) (*ClusterScope, error) {
 		maxWaitActiveUpdateDelete:    params.MaxWaitActiveUpdateDelete,
 	}
 
-	session, serviceLimiters, err := sessionForClusterWithRegion(params.Client, clusterScope, params.AWSCluster.Spec.Region, params.Endpoints, params.Logger)
+	_, serviceLimiters, err := sessionForClusterWithRegion(params.Client, clusterScope, params.AWSCluster.Spec.Region, params.Endpoints, params.Logger)
 	if err != nil {
 		return nil, errors.Errorf("failed to create aws session: %v", err)
 	}
@@ -93,8 +93,7 @@ func NewClusterScope(params ClusterScopeParams) (*ClusterScope, error) {
 	}
 
 	clusterScope.patchHelper = helper
-	clusterScope.session = session
-	clusterScope.sessionV2 = *sessionv2
+	clusterScope.session = *sessionv2
 	clusterScope.serviceLimiters = serviceLimiters
 	clusterScope.serviceLimitersV2 = serviceLimitersv2
 
@@ -110,8 +109,7 @@ type ClusterScope struct {
 	Cluster    *clusterv1.Cluster
 	AWSCluster *infrav1.AWSCluster
 
-	session           awsclient.ConfigProvider
-	sessionV2         awsv2.Config
+	session           awsv2.Config
 	serviceLimiters   throttle.ServiceLimiters
 	serviceLimitersV2 throttle.ServiceLimiters
 	controllerName    string
@@ -361,16 +359,11 @@ func (s *ClusterScope) ClusterObj() cloud.ClusterObject {
 	return s.Cluster
 }
 
-// Session returns the AWS SDK session. Used for creating clients.
-func (s *ClusterScope) Session() awsclient.ConfigProvider {
+// Session returns the AWS SDK V2 session. Used for creating clients.
+func (s *ClusterScope) Session() awsv2.Config {
 	return s.session
 }
 
-// SessionV2 returns the AWS SDK V2 session. Used for creating clients.
-func (s *ClusterScope) SessionV2() awsv2.Config {
-	return s.sessionV2
-}
-
 // ServiceLimiter returns the AWS SDK session. Used for creating clients.
 func (s *ClusterScope) ServiceLimiter(service string) *throttle.ServiceLimiter {
 	if sl, ok := s.serviceLimiters[service]; ok {

pkg/cloud/scope/fargate.go

@@ -70,7 +70,7 @@ func NewFargateProfileScope(params FargateProfileScopeParams) (*FargateProfileSc
 		controllerName: params.ControllerName,
 	}
 
-	session, serviceLimiters, err := sessionForClusterWithRegion(params.Client, managedScope, params.ControlPlane.Spec.Region, params.Endpoints, params.Logger)
+	_, serviceLimiters, err := sessionForClusterWithRegion(params.Client, managedScope, params.ControlPlane.Spec.Region, params.Endpoints, params.Logger)
 	if err != nil {
 		return nil, errors.Errorf("failed to create aws session: %v", err)
 	}
@@ -92,8 +92,7 @@ func NewFargateProfileScope(params FargateProfileScopeParams) (*FargateProfileSc
 		ControlPlane:      params.ControlPlane,
 		FargateProfile:    params.FargateProfile,
 		patchHelper:       helper,
-		session:           session,
-		sessionV2:         *sessionv2,
+		session:           *sessionv2,
 		serviceLimiters:   serviceLimiters,
 		serviceLimitersV2: serviceLimitersv2,
 		controllerName:    params.ControllerName,
@@ -111,8 +110,7 @@ type FargateProfileScope struct {
 	ControlPlane   *ekscontrolplanev1.AWSManagedControlPlane
 	FargateProfile *expinfrav1.AWSFargateProfile
 
-	session           awsclient.ConfigProvider
-	sessionV2         awsv2.Config
+	session           awsv2.Config
 	serviceLimiters   throttle.ServiceLimiters
 	serviceLimitersV2 throttle.ServiceLimiters
 	controllerName    string
@@ -225,16 +223,11 @@ func (s *FargateProfileScope) ClusterObj() cloud.ClusterObject {
 	return s.Cluster
 }
 
-// Session returns the AWS SDK session. Used for creating clients.
-func (s *FargateProfileScope) Session() awsclient.ConfigProvider {
+// Session returns the AWS SDK V2 session. Used for creating clients.
+func (s *FargateProfileScope) Session() awsv2.Config {
 	return s.session
 }
 
-// SessionV2 returns the AWS SDK session. Used for creating clients.
-func (s *FargateProfileScope) SessionV2() awsv2.Config {
-	return s.sessionV2
-}
-
 // ControllerName returns the name of the controller that
 // created the FargateProfile.
 func (s *FargateProfileScope) ControllerName() string {

pkg/cloud/scope/global.go

@@ -19,7 +19,6 @@ package scope
 
 import (
 	awsv2 "github.com/aws/aws-sdk-go-v2/aws"
-	awsclient "github.com/aws/aws-sdk-go/aws/client"
 	"github.com/pkg/errors"
 
 	"sigs.k8s.io/cluster-api-provider-aws/v2/pkg/cloud/throttle"
@@ -33,7 +32,7 @@ func NewGlobalScope(params GlobalScopeParams) (*GlobalScope, error) {
 	if params.ControllerName == "" {
 		return nil, errors.New("controller name required to generate global scope")
 	}
-	ns, limiters, err := sessionForRegion(params.Region, params.Endpoints)
+	_, limiters, err := sessionForRegion(params.Region, params.Endpoints)
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to create aws session")
 	}
@@ -43,8 +42,7 @@ func NewGlobalScope(params GlobalScopeParams) (*GlobalScope, error) {
 		return nil, errors.Wrap(err, "failed to create aws V2 session")
 	}
 	return &GlobalScope{
-		session:         ns,
-		sessionV2:       *ns2,
+		session:         *ns2,
 		serviceLimiters: limiters,
 		controllerName:  params.ControllerName,
 	}, nil
@@ -59,22 +57,16 @@ type GlobalScopeParams struct {
 
 // GlobalScope defines the specs for the GlobalScope.
 type GlobalScope struct {
-	session         awsclient.ConfigProvider
-	sessionV2       awsv2.Config
+	session         awsv2.Config
 	serviceLimiters throttle.ServiceLimiters
 	controllerName  string
 }
 
-// Session returns the AWS SDK session. Used for creating clients.
-func (s *GlobalScope) Session() awsclient.ConfigProvider {
+// Session returns the AWS SDK V2 config. Used for creating clients.
+func (s *GlobalScope) Session() awsv2.Config {
 	return s.session
 }
 
-// SessionV2 returns the AWS SDK V2 config. Used for creating clients.
-func (s *GlobalScope) SessionV2() awsv2.Config {
-	return s.sessionV2
-}
-
 // ServiceLimiter returns the AWS SDK session. Used for creating clients.
 func (s *GlobalScope) ServiceLimiter(service string) *throttle.ServiceLimiter {
 	if sl, ok := s.serviceLimiters[service]; ok {