Merge pull request #1975 from aws/staging/b4c6a405-f096-4f46-a8da-144064d36819

Pull request: release <- staging/b4c6a405-f096-4f46-a8da-144064d36819

Author: aws-sdk-java-automation

.changes/2.17.160.json

@@ -0,0 +1,54 @@
+{
+    "version": "2.17.160",
+    "date": "2022-03-30",
+    "entries": [
+        {
+            "type": "bugfix",
+            "category": "AWS SDK for Java v2",
+            "contributor": "",
+            "description": "Fix issue where the `contentLength` specified on the `RequestBody` is not honored. Fixes [#2908](https://github.com/aws/aws-sdk-java-v2/issues/2908)."
+        },
+        {
+            "type": "feature",
+            "category": "AWS SDK for Java v2",
+            "contributor": "",
+            "description": "Remove unnecessary dependencies on JDK modules not in java.base. This didn't remove all of the dependencies on such modules, just the unnecessary ones."
+        },
+        {
+            "type": "feature",
+            "category": "Amazon Elastic Compute Cloud",
+            "contributor": "",
+            "description": "This release simplifies the auto-recovery configuration process enabling customers to set the recovery behavior to disabled or default"
+        },
+        {
+            "type": "feature",
+            "category": "Firewall Management Service",
+            "contributor": "",
+            "description": "AWS Firewall Manager now supports the configuration of third-party policies that can use either the centralized or distributed deployment models."
+        },
+        {
+            "type": "feature",
+            "category": "AWS IoT",
+            "contributor": "",
+            "description": "Doc only update for IoT that fixes customer-reported issues."
+        },
+        {
+            "type": "feature",
+            "category": "AWS SDK for Java v2",
+            "contributor": "",
+            "description": "Extend union type improvements to additional services: dynamodb, dynamodbstreams, iot, sagemaker, clouddirectory, iotanalytics, kendra, marketplaceentitlement, quicksight, s3, xray."
+        },
+        {
+            "type": "feature",
+            "category": "Amazon FSx",
+            "contributor": "",
+            "description": "This release adds support for modifying throughput capacity for FSx for ONTAP file systems."
+        },
+        {
+            "type": "feature",
+            "category": "AWS IoT Data Plane",
+            "contributor": "",
+            "description": "Update the default AWS IoT Core Data Plane endpoint from VeriSign signed to ATS signed. If you have firewalls with strict egress rules, configure the rules to grant you access to data-ats.iot.[region].amazonaws.com or data-ats.iot.[region].amazonaws.com.cn."
+        }
+    ]
+}

CHANGELOG.md

@@ -1,3 +1,32 @@
+# __2.17.160__ __2022-03-30__
+## __AWS IoT__
+  - ### Features
+    - Doc only update for IoT that fixes customer-reported issues.
+
+## __AWS IoT Data Plane__
+  - ### Features
+    - Update the default AWS IoT Core Data Plane endpoint from VeriSign signed to ATS signed. If you have firewalls with strict egress rules, configure the rules to grant you access to data-ats.iot.[region].amazonaws.com or data-ats.iot.[region].amazonaws.com.cn.
+
+## __AWS SDK for Java v2__
+  - ### Features
+    - Extend union type improvements to additional services: dynamodb, dynamodbstreams, iot, sagemaker, clouddirectory, iotanalytics, kendra, marketplaceentitlement, quicksight, s3, xray.
+    - Remove unnecessary dependencies on JDK modules not in java.base. This didn't remove all of the dependencies on such modules, just the unnecessary ones.
+
+  - ### Bugfixes
+    - Fix issue where the `contentLength` specified on the `RequestBody` is not honored. Fixes [#2908](https://github.com/aws/aws-sdk-java-v2/issues/2908).
+
+## __Amazon Elastic Compute Cloud__
+  - ### Features
+    - This release simplifies the auto-recovery configuration process enabling customers to set the recovery behavior to disabled or default
+
+## __Amazon FSx__
+  - ### Features
+    - This release adds support for modifying throughput capacity for FSx for ONTAP file systems.
+
+## __Firewall Management Service__
+  - ### Features
+    - AWS Firewall Manager now supports the configuration of third-party policies that can use either the centralized or distributed deployment models.
+
 # __2.17.159__ __2022-03-29__
 ## __AWS Organizations__
   - ### Features

README.md

@@ -52,7 +52,7 @@ To automatically manage module versions (currently all modules have the same ver
     <dependency>
       <groupId>software.amazon.awssdk</groupId>
       <artifactId>bom</artifactId>
-      <version>2.17.159</version>
+      <version>2.17.160</version>
       <type>pom</type>
       <scope>import</scope>
     </dependency>
@@ -86,12 +86,12 @@ Alternatively you can add dependencies for the specific services you use only:
 <dependency>
   <groupId>software.amazon.awssdk</groupId>
   <artifactId>ec2</artifactId>
-  <version>2.17.159</version>
+  <version>2.17.160</version>
 </dependency>
 <dependency>
   <groupId>software.amazon.awssdk</groupId>
   <artifactId>s3</artifactId>
-  <version>2.17.159</version>
+  <version>2.17.160</version>
 </dependency>
 ```
 
@@ -103,7 +103,7 @@ You can import the whole SDK into your project (includes *ALL* services). Please
 <dependency>
   <groupId>software.amazon.awssdk</groupId>
   <artifactId>aws-sdk-java</artifactId>
-  <version>2.17.159</version>
+  <version>2.17.160</version>
 </dependency>
 ```
 

archetypes/archetype-app-quickstart/pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <artifactId>archetypes</artifactId>
         <groupId>software.amazon.awssdk</groupId>
-        <version>2.17.159</version>
+        <version>2.17.160</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

archetypes/archetype-lambda/pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <artifactId>archetypes</artifactId>
         <groupId>software.amazon.awssdk</groupId>
-        <version>2.17.159</version>
+        <version>2.17.160</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     <artifactId>archetype-lambda</artifactId>

archetypes/archetype-tools/pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <artifactId>archetypes</artifactId>
         <groupId>software.amazon.awssdk</groupId>
-        <version>2.17.159</version>
+        <version>2.17.160</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

archetypes/pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <artifactId>aws-sdk-java-pom</artifactId>
         <groupId>software.amazon.awssdk</groupId>
-        <version>2.17.159</version>
+        <version>2.17.160</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     <artifactId>archetypes</artifactId>

aws-sdk-java/pom.xml

@@ -17,7 +17,7 @@
     <parent>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>aws-sdk-java-pom</artifactId>
-        <version>2.17.159</version>
+        <version>2.17.160</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <artifactId>aws-sdk-java</artifactId>

bom-internal/pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <artifactId>aws-sdk-java-pom</artifactId>
         <groupId>software.amazon.awssdk</groupId>
-        <version>2.17.159</version>
+        <version>2.17.160</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

bom/pom.xml

@@ -17,7 +17,7 @@
     <parent>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>aws-sdk-java-pom</artifactId>
-        <version>2.17.159</version>
+        <version>2.17.160</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <artifactId>bom</artifactId>

build-tools/src/main/java/software/amazon/awssdk/buildtools/checkstyle/NonJavaBaseModuleCheck.java

@@ -0,0 +1,195 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+package software.amazon.awssdk.buildtools.checkstyle;
+
+import com.puppycrawl.tools.checkstyle.api.AbstractCheck;
+import com.puppycrawl.tools.checkstyle.api.DetailAST;
+import com.puppycrawl.tools.checkstyle.api.FullIdent;
+import com.puppycrawl.tools.checkstyle.api.TokenTypes;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import java.util.regex.Pattern;
+
+/**
+ * Verify that we're not using classes in rt.jar that aren't exported via the java.base module.
+ *
+ * If anything fails this check, it increases our module dependencies. If you absolutely must use one of these
+ * (e.g. java.beans) because it's fundamental to your functionality, you can suppress this checkstyle rule via
+ * {@link #setLegalPackages(String...)}, but know that it is not free - you're essentially adding a dependency
+ * for customers that use the module path.
+ */
+public class NonJavaBaseModuleCheck extends AbstractCheck {
+    private static final List<String> ILLEGAL_PACKAGES = Arrays.asList(
+        "java",
+        "javax",
+        "sun",
+        "apple",
+        "com.apple",
+        "com.oracle");
+
+    private static final Set<String> LEGAL_PACKAGES = new HashSet<>(Arrays.asList(
+        "java.io",
+        "java.lang",
+        "java.lang.annotation",
+        "java.lang.invoke",
+        "java.lang.module",
+        "java.lang.ref",
+        "java.lang.reflect",
+        "java.math",
+        "java.net",
+        "java.net.spi",
+        "java.nio",
+        "java.nio.channels",
+        "java.nio.channels.spi",
+        "java.nio.charset",
+        "java.nio.charset.spi",
+        "java.nio.file",
+        "java.nio.file.attribute",
+        "java.nio.file.spi",
+        "java.security",
+        "java.security.acl",
+        "java.security.cert",
+        "java.security.interfaces",
+        "java.security.spec",
+        "java.text",
+        "java.text.spi",
+        "java.time",
+        "java.time.chrono",
+        "java.time.format",
+        "java.time.temporal",
+        "java.time.zone",
+        "java.util",
+        "java.util.concurrent",
+        "java.util.concurrent.atomic",
+        "java.util.concurrent.locks",
+        "java.util.function",
+        "java.util.jar",
+        "java.util.regex",
+        "java.util.spi",
+        "java.util.stream",
+        "java.util.jar",
+        "java.util.zip",
+        "javax.crypto",
+        "javax.crypto.interfaces",
+        "javax.crypto.spec",
+        "javax.net",
+        "javax.net.ssl",
+        "javax.security.auth",
+        "javax.security.auth.callback",
+        "javax.security.auth.login",
+        "javax.security.auth.spi",
+        "javax.security.auth.x500",
+        "javax.security.cert"));
+
+    private static final Pattern CLASSNAME_START_PATTERN = Pattern.compile("[A-Z]");
+
+    private String currentSdkPackage;
+
+    private HashMap<String, Set<String>> additionalLegalPackagesBySdkPackage = new HashMap<>();
+
+    /**
+     * Additional legal packages are formatted as "sdk.package.name:jdk.package.name,sdk.package.name2:jdk.package.name2".
+     * Multiple SDK packages can be repeated.
+     */
+    public void setLegalPackages(String... legalPackages) {
+        for (String additionalLegalPackage : legalPackages) {
+            String[] splitPackage = additionalLegalPackage.split(":", 2);
+            if (splitPackage.length != 2) {
+                throw new IllegalArgumentException("Invalid legal package definition '" + additionalLegalPackage + "'. Expected"
+                                                   + " format is sdk.package.name:jdk.package.name");
+            }
+
+            this.additionalLegalPackagesBySdkPackage.computeIfAbsent(splitPackage[0], k -> new HashSet<>())
+                                                    .add(splitPackage[1]);
+        }
+    }
+
+    @Override
+    public int[] getDefaultTokens() {
+        return getRequiredTokens();
+    }
+
+    @Override
+    public int[] getAcceptableTokens() {
+        return getRequiredTokens();
+    }
+
+    @Override
+    public int[] getRequiredTokens() {
+        return new int[] { TokenTypes.IMPORT, TokenTypes.STATIC_IMPORT, TokenTypes.PACKAGE_DEF };
+    }
+
+    @Override
+    public void visitToken(DetailAST ast) {
+        if (ast.getType() == TokenTypes.PACKAGE_DEF) {
+            handlePackageDefToken(ast);
+            return;
+        }
+
+        handleImportToken(ast);
+    }
+
+    private void handlePackageDefToken(DetailAST ast) {
+        this.currentSdkPackage = FullIdent.createFullIdent(ast.getLastChild().getPreviousSibling()).getText();
+    }
+
+    private void handleImportToken(DetailAST ast) {
+        FullIdent importIdentifier;
+        if (ast.getType() == TokenTypes.IMPORT) {
+            importIdentifier = FullIdent.createFullIdentBelow(ast);
+        } else {
+            importIdentifier = FullIdent.createFullIdent(ast.getFirstChild().getNextSibling());
+        }
+
+        String importText = importIdentifier.getText();
+        if (isIllegalImport(importText) && !isLegalImport(importText)) {
+            log(ast, "Import '" + importText + "' uses a JDK class that is not in java.base. This essentially adds an "
+                     + "additional module dependency. Don't suppress this rule unless it's absolutely required, and only "
+                     + "suppress the specific package you need via checkstyle.xml instead of suppressing the entire rule.");
+        }
+    }
+
+    private boolean isIllegalImport(String importText) {
+        for (String illegalPackage : ILLEGAL_PACKAGES) {
+            if (importText.startsWith(illegalPackage + ".")) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    private boolean isLegalImport(String importText) {
+        String importPackageWithTrailingDot = CLASSNAME_START_PATTERN.split(importText, 2)[0];
+        String importPackage = importText.substring(0, importPackageWithTrailingDot.length() - 1);
+
+        if (LEGAL_PACKAGES.contains(importPackage)) {
+            return true;
+        }
+
+        if (additionalLegalPackagesBySdkPackage.entrySet()
+                                               .stream()
+                                               .anyMatch(e -> currentSdkPackage.startsWith(e.getKey()) &&
+                                                              e.getValue().contains(importPackage))) {
+            return true;
+        }
+
+        return false;
+    }
+}

build-tools/src/main/resources/software/amazon/awssdk/checkstyle-suppressions.xml

@@ -50,4 +50,7 @@
     <!-- Ignore usage of sslContext.newHandler for NettyUtils.!-->
     <suppress checks="Regexp"
               files=".*NettyUtils\.java$"/>
+
+    <!-- Allow non-java.base usage in tests -->
+    <suppress checks="software.amazon.awssdk.buildtools.checkstyle.NonJavaBaseModuleCheck" files=".*testutils.*"/>
 </suppressions>