aws-google 0.1.7 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +9 -4
  3. data/aws-google.gemspec +2 -2
  4. data/lib/aws/google/cached_credentials.rb +2 -2
  5. data/lib/aws/google/version.rb +1 -1
  6. metadata +10 -10
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1ec086b6871d43a2064a99974bb55fd3f1cd6bc0dc5a749a560f3a41f3d1a9e6
4
- data.tar.gz: 0ff2652d74bf6eb73076d146a9c4ab6c65a6a16dba54b7ce2d4d0d00b3c95c6d
3
+ metadata.gz: f79c246b1eb0ee41aca8f28875b6b9d904840ece7d6ca8eabb1e74de2fff3896
4
+ data.tar.gz: 7c3dff0815d0cd4fe69b8d9a9e333e766506e2a7d6a8a91188f49ee4476c0430
5
5
  SHA512:
6
- metadata.gz: 3e168070dc1cf75b2d74cddd96b1add3db9a9c37e613f3ed4bddb5d14ce969152f41c0fe75b1954e958129b6b6eee92c6fc9797c6bb2924c4a6a9e4fa87b94bc
7
- data.tar.gz: 8ba6d8a8c01926516c53d9bf7477a080b8d853a6f7b76e670378012e5660729d63e59424d7c0b98bd28ab0f3a83d3c20a1e80b546189d74ff5a4ef9bc87547d2
6
+ metadata.gz: 0a63a1d1b18abe0101c68cf26564f3e32b095cd19f99c13eb8089cfc112e9bb5ab2e2530bc14b080b9cecf14d46f8e28e360a0cfb223aab44e24689771472470
7
+ data.tar.gz: e81a579a2df2d1e18baeff05879f44a9f91127f60fc1cc9062afcdb1c6a446b9f5bee7823570133a3c63daf5858eb5976a92670595b4bd24d36e4f4d808b3750
data/README.md CHANGED
@@ -20,8 +20,11 @@ Or install it yourself as:
20
20
 
21
21
  ## Usage
22
22
 
23
- - Visit the [Google API Console](https://console.developers.google.com/) to create/obtain OAuth 2.0 Client ID credentials (client ID and client secret) for an application in your Google account.
24
- - Create an AWS IAM Role with the desired IAM policies attached, and a ['trust policy'](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#term_trust-policy) ([`AssumeRolePolicyDocument`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html)) allowing the [`sts:AssumeRoleWithWebIdentity`](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html) action with [Web Identity Federation condition keys](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-wif) authorizing
23
+ ### Create a Google Client ID
24
+ Visit the [Google API Console](https://console.developers.google.com/) to create/obtain [OAuth 2.0 Client ID credentials](https://support.google.com/cloud/answer/6158849) (client ID and client secret) for an application in your Google account.
25
+
26
+ ### Create an AWS IAM Role
27
+ Create an AWS IAM Role with the desired IAM policies attached, and a ['trust policy'](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#term_trust-policy) ([`AssumeRolePolicyDocument`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html)) allowing the [`sts:AssumeRoleWithWebIdentity`](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html) action with [Web Identity Federation condition keys](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-wif) authorizing
25
28
  your Google Client ID (`accounts.google.com:aud`) and a specific set of Google Account IDs (`accounts.google.com:sub`):
26
29
 
27
30
  ```json
@@ -48,7 +51,8 @@ your Google Client ID (`accounts.google.com:aud`) and a specific set of Google A
48
51
  }
49
52
  ```
50
53
 
51
- - In your Ruby code, construct an `Aws::Google` object by passing the AWS `role_arn`, Google `client_id` and `client_secret`, either as constructor arguments or via the `Aws::Google.config` global defaults:
54
+ ### Method 1: `Aws::Google`
55
+ In your Ruby code, construct an `Aws::Google` object by passing the AWS `role_arn`, Google `client_id` and `client_secret`, either as constructor arguments or via the `Aws::Google.config` global defaults:
52
56
  ```ruby
53
57
  require 'aws/google'
54
58
 
@@ -67,6 +71,7 @@ Aws::Google.config = options
67
71
  puts Aws::STS::Client.new.get_caller_identity
68
72
  ```
69
73
 
74
+ ### Method 2: AWS Shared Config
70
75
  - Or, add the properties to your AWS config profile ([`~/.aws/config`](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html#cli-configure-files-where)) to use Google as the AWS credential provider without any changes to your application code:
71
76
 
72
77
  ```ini
@@ -78,7 +83,7 @@ google =
78
83
  credential_process = aws-google
79
84
  ```
80
85
 
81
- The extra `credential_process` config line tells AWS to [Source Credentials with an External Process](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html), in this case the `aws-google` script, which allows you to seamlessly use the same Google login configuration from non-Ruby SDKs (like the CLI).
86
+ The extra `credential_process` config line tells AWS to [Source Credentials with an External Process](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html), in this case the `aws-google` executable script installed by this gem, which allows you to seamlessly use the same Google login configuration from non-Ruby SDKs (like the CLI).
82
87
 
83
88
  ## Development
84
89
 
data/aws-google.gemspec CHANGED
@@ -21,8 +21,8 @@ Gem::Specification.new do |spec|
21
21
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
22
22
  spec.require_paths = ['lib']
23
23
 
24
- spec.add_dependency 'aws-sdk-core', '~> 3'
25
- spec.add_dependency 'google-api-client', '~> 0.23'
24
+ spec.add_dependency 'aws-sdk-core', '~> 3.130'
25
+ spec.add_dependency 'google-apis-core'
26
26
  spec.add_dependency 'launchy', '~> 2'
27
27
 
28
28
  spec.add_development_dependency 'activesupport', '~> 5'
data/lib/aws/google/cached_credentials.rb CHANGED
@@ -23,9 +23,9 @@ module Aws
23
23
  end
24
24
 
25
25
  def refresh_if_near_expiration
26
- if near_expiration?
26
+ if near_expiration?(SYNC_EXPIRATION_LENGTH)
27
27
  @mutex.synchronize do
28
- if near_expiration?
28
+ if near_expiration?(SYNC_EXPIRATION_LENGTH)
29
29
  refresh
30
30
  write_credentials
31
31
  end
data/lib/aws/google/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Aws
2
2
  class Google
3
- VERSION = '0.1.7'.freeze
3
+ VERSION = '0.2.0'.freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-google
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.7
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Will Jordan
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-10-13 00:00:00.000000000 Z
11
+ date: 2023-01-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '3'
19
+ version: '3.130'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '3'
26
+ version: '3.130'
27
27
  - !ruby/object:Gem::Dependency
28
- name: google-api-client
28
+ name: google-apis-core
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - "~>"
31
+ - - ">="
32
32
  - !ruby/object:Gem::Version
33
- version: '0.23'
33
+ version: '0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - "~>"
38
+ - - ">="
39
39
  - !ruby/object:Gem::Version
40
- version: '0.23'
40
+ version: '0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: launchy
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -178,7 +178,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
178
178
  - !ruby/object:Gem::Version
179
179
  version: '0'
180
180
  requirements: []
181
- rubygems_version: 3.1.2
181
+ rubygems_version: 3.1.6
182
182
  signing_key:
183
183
  specification_version: 4
184
184
  summary: Use Google OAuth as an AWS credential provider