aws-sdk-core 3.100.0 → 3.191.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +1815 -0
- data/LICENSE.txt +202 -0
- data/VERSION +1 -1
- data/lib/aws-defaults/default_configuration.rb +153 -0
- data/lib/aws-defaults/defaults_mode_config_resolver.rb +107 -0
- data/lib/aws-defaults.rb +3 -0
- data/lib/aws-sdk-core/arn.rb +28 -0
- data/lib/aws-sdk-core/arn_parser.rb +2 -0
- data/lib/aws-sdk-core/assume_role_credentials.rb +23 -7
- data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +16 -10
- data/lib/aws-sdk-core/async_client_stubs.rb +2 -0
- data/lib/aws-sdk-core/binary/decode_handler.rb +2 -0
- data/lib/aws-sdk-core/binary/encode_handler.rb +14 -1
- data/lib/aws-sdk-core/binary/event_builder.rb +2 -0
- data/lib/aws-sdk-core/binary/event_parser.rb +2 -0
- data/lib/aws-sdk-core/binary/event_stream_decoder.rb +2 -0
- data/lib/aws-sdk-core/binary/event_stream_encoder.rb +2 -0
- data/lib/aws-sdk-core/binary.rb +2 -0
- data/lib/aws-sdk-core/client_side_monitoring/publisher.rb +2 -0
- data/lib/aws-sdk-core/client_side_monitoring/request_metrics.rb +2 -0
- data/lib/aws-sdk-core/client_stubs.rb +22 -13
- data/lib/aws-sdk-core/credential_provider.rb +5 -0
- data/lib/aws-sdk-core/credential_provider_chain.rb +31 -6
- data/lib/aws-sdk-core/credentials.rb +2 -0
- data/lib/aws-sdk-core/deprecations.rb +2 -0
- data/lib/aws-sdk-core/eager_loader.rb +2 -0
- data/lib/aws-sdk-core/ec2_metadata.rb +238 -0
- data/lib/aws-sdk-core/ecs_credentials.rb +188 -53
- data/lib/aws-sdk-core/endpoint_cache.rb +2 -0
- data/lib/aws-sdk-core/endpoints/condition.rb +41 -0
- data/lib/aws-sdk-core/endpoints/endpoint.rb +17 -0
- data/lib/aws-sdk-core/endpoints/endpoint_rule.rb +75 -0
- data/lib/aws-sdk-core/endpoints/error_rule.rb +42 -0
- data/lib/aws-sdk-core/endpoints/function.rb +80 -0
- data/lib/aws-sdk-core/endpoints/matchers.rb +131 -0
- data/lib/aws-sdk-core/endpoints/reference.rb +31 -0
- data/lib/aws-sdk-core/endpoints/rule.rb +25 -0
- data/lib/aws-sdk-core/endpoints/rule_set.rb +52 -0
- data/lib/aws-sdk-core/endpoints/rules_provider.rb +37 -0
- data/lib/aws-sdk-core/endpoints/templater.rb +58 -0
- data/lib/aws-sdk-core/endpoints/tree_rule.rb +45 -0
- data/lib/aws-sdk-core/endpoints/url.rb +60 -0
- data/lib/aws-sdk-core/endpoints.rb +78 -0
- data/lib/aws-sdk-core/errors.rb +27 -5
- data/lib/aws-sdk-core/event_emitter.rb +2 -0
- data/lib/aws-sdk-core/ini_parser.rb +9 -0
- data/lib/aws-sdk-core/instance_profile_credentials.rb +167 -38
- data/lib/aws-sdk-core/json/builder.rb +2 -0
- data/lib/aws-sdk-core/json/error_handler.rb +22 -1
- data/lib/aws-sdk-core/json/handler.rb +10 -1
- data/lib/aws-sdk-core/json/json_engine.rb +12 -8
- data/lib/aws-sdk-core/json/oj_engine.rb +35 -6
- data/lib/aws-sdk-core/json/parser.rb +36 -1
- data/lib/aws-sdk-core/json.rb +10 -26
- data/lib/aws-sdk-core/log/formatter.rb +15 -3
- data/lib/aws-sdk-core/log/handler.rb +2 -0
- data/lib/aws-sdk-core/log/param_filter.rb +37 -12
- data/lib/aws-sdk-core/log/param_formatter.rb +2 -0
- data/lib/aws-sdk-core/pageable_response.rb +91 -32
- data/lib/aws-sdk-core/pager.rb +5 -0
- data/lib/aws-sdk-core/param_converter.rb +2 -0
- data/lib/aws-sdk-core/param_validator.rb +56 -6
- data/lib/aws-sdk-core/plugins/api_key.rb +5 -1
- data/lib/aws-sdk-core/plugins/apig_authorizer_token.rb +2 -0
- data/lib/aws-sdk-core/plugins/apig_credentials_configuration.rb +2 -0
- data/lib/aws-sdk-core/plugins/apig_user_agent.rb +2 -0
- data/lib/aws-sdk-core/plugins/bearer_authorization.rb +67 -0
- data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +342 -0
- data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb +3 -0
- data/lib/aws-sdk-core/plugins/client_metrics_send_plugin.rb +2 -0
- data/lib/aws-sdk-core/plugins/credentials_configuration.rb +52 -7
- data/lib/aws-sdk-core/plugins/defaults_mode.rb +40 -0
- data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +8 -2
- data/lib/aws-sdk-core/plugins/endpoint_pattern.rb +8 -6
- data/lib/aws-sdk-core/plugins/event_stream_configuration.rb +2 -0
- data/lib/aws-sdk-core/plugins/global_configuration.rb +2 -0
- data/lib/aws-sdk-core/plugins/helpful_socket_errors.rb +2 -0
- data/lib/aws-sdk-core/plugins/http_checksum.rb +11 -1
- data/lib/aws-sdk-core/plugins/idempotency_token.rb +2 -0
- data/lib/aws-sdk-core/plugins/invocation_id.rb +2 -0
- data/lib/aws-sdk-core/plugins/jsonvalue_converter.rb +36 -6
- data/lib/aws-sdk-core/plugins/logging.rb +4 -0
- data/lib/aws-sdk-core/plugins/param_converter.rb +2 -0
- data/lib/aws-sdk-core/plugins/param_validator.rb +2 -0
- data/lib/aws-sdk-core/plugins/protocols/api_gateway.rb +19 -0
- data/lib/aws-sdk-core/plugins/protocols/ec2.rb +2 -0
- data/lib/aws-sdk-core/plugins/protocols/json_rpc.rb +2 -0
- data/lib/aws-sdk-core/plugins/protocols/query.rb +2 -0
- data/lib/aws-sdk-core/plugins/protocols/rest_json.rb +18 -1
- data/lib/aws-sdk-core/plugins/protocols/rest_xml.rb +2 -0
- data/lib/aws-sdk-core/plugins/recursion_detection.rb +38 -0
- data/lib/aws-sdk-core/plugins/regional_endpoint.rb +146 -17
- data/lib/aws-sdk-core/plugins/request_compression.rb +217 -0
- data/lib/aws-sdk-core/plugins/response_paging.rb +3 -1
- data/lib/aws-sdk-core/plugins/retries/client_rate_limiter.rb +2 -0
- data/lib/aws-sdk-core/plugins/retries/clock_skew.rb +2 -0
- data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +9 -4
- data/lib/aws-sdk-core/plugins/retries/retry_quota.rb +2 -0
- data/lib/aws-sdk-core/plugins/retry_errors.rb +29 -8
- data/lib/aws-sdk-core/plugins/sign.rb +206 -0
- data/lib/aws-sdk-core/plugins/signature_v2.rb +3 -0
- data/lib/aws-sdk-core/plugins/signature_v4.rb +30 -31
- data/lib/aws-sdk-core/plugins/stub_responses.rb +10 -1
- data/lib/aws-sdk-core/plugins/transfer_encoding.rb +2 -0
- data/lib/aws-sdk-core/plugins/user_agent.rb +119 -14
- data/lib/aws-sdk-core/process_credentials.rb +14 -15
- data/lib/aws-sdk-core/query/ec2_param_builder.rb +2 -0
- data/lib/aws-sdk-core/query/handler.rb +2 -0
- data/lib/aws-sdk-core/query/param.rb +2 -0
- data/lib/aws-sdk-core/query/param_builder.rb +2 -0
- data/lib/aws-sdk-core/query/param_list.rb +2 -0
- data/lib/aws-sdk-core/query.rb +2 -0
- data/lib/aws-sdk-core/refreshing_credentials.rb +50 -17
- data/lib/aws-sdk-core/refreshing_token.rb +71 -0
- data/lib/aws-sdk-core/resources/collection.rb +2 -0
- data/lib/aws-sdk-core/rest/handler.rb +3 -1
- data/lib/aws-sdk-core/rest/request/body.rb +21 -1
- data/lib/aws-sdk-core/rest/request/builder.rb +2 -0
- data/lib/aws-sdk-core/rest/request/endpoint.rb +2 -0
- data/lib/aws-sdk-core/rest/request/headers.rb +16 -6
- data/lib/aws-sdk-core/rest/request/querystring_builder.rb +45 -29
- data/lib/aws-sdk-core/rest/response/body.rb +2 -0
- data/lib/aws-sdk-core/rest/response/headers.rb +6 -3
- data/lib/aws-sdk-core/rest/response/parser.rb +2 -0
- data/lib/aws-sdk-core/rest/response/status_code.rb +2 -0
- data/lib/aws-sdk-core/rest.rb +2 -0
- data/lib/aws-sdk-core/shared_config.rb +163 -8
- data/lib/aws-sdk-core/shared_credentials.rb +9 -1
- data/lib/aws-sdk-core/sso_credentials.rb +172 -0
- data/lib/aws-sdk-core/sso_token_provider.rb +135 -0
- data/lib/aws-sdk-core/static_token_provider.rb +14 -0
- data/lib/aws-sdk-core/structure.rb +19 -6
- data/lib/aws-sdk-core/stubbing/data_applicator.rb +2 -0
- data/lib/aws-sdk-core/stubbing/empty_stub.rb +2 -0
- data/lib/aws-sdk-core/stubbing/protocols/api_gateway.rb +2 -0
- data/lib/aws-sdk-core/stubbing/protocols/ec2.rb +2 -0
- data/lib/aws-sdk-core/stubbing/protocols/json.rb +3 -1
- data/lib/aws-sdk-core/stubbing/protocols/query.rb +2 -0
- data/lib/aws-sdk-core/stubbing/protocols/rest.rb +3 -1
- data/lib/aws-sdk-core/stubbing/protocols/rest_json.rb +3 -1
- data/lib/aws-sdk-core/stubbing/protocols/rest_xml.rb +2 -2
- data/lib/aws-sdk-core/stubbing/stub_data.rb +13 -0
- data/lib/aws-sdk-core/stubbing/xml_error.rb +2 -0
- data/lib/aws-sdk-core/token.rb +31 -0
- data/lib/aws-sdk-core/token_provider.rb +15 -0
- data/lib/aws-sdk-core/token_provider_chain.rb +51 -0
- data/lib/aws-sdk-core/type_builder.rb +2 -0
- data/lib/aws-sdk-core/util.rb +2 -0
- data/lib/aws-sdk-core/waiters/errors.rb +2 -0
- data/lib/aws-sdk-core/waiters/poller.rb +6 -2
- data/lib/aws-sdk-core/waiters/waiter.rb +2 -0
- data/lib/aws-sdk-core/waiters.rb +2 -0
- data/lib/aws-sdk-core/xml/builder.rb +4 -2
- data/lib/aws-sdk-core/xml/default_list.rb +2 -0
- data/lib/aws-sdk-core/xml/default_map.rb +2 -0
- data/lib/aws-sdk-core/xml/doc_builder.rb +8 -1
- data/lib/aws-sdk-core/xml/error_handler.rb +9 -0
- data/lib/aws-sdk-core/xml/parser/engines/libxml.rb +2 -0
- data/lib/aws-sdk-core/xml/parser/engines/nokogiri.rb +2 -0
- data/lib/aws-sdk-core/xml/parser/engines/oga.rb +4 -0
- data/lib/aws-sdk-core/xml/parser/engines/ox.rb +3 -1
- data/lib/aws-sdk-core/xml/parser/engines/rexml.rb +2 -0
- data/lib/aws-sdk-core/xml/parser/frame.rb +25 -0
- data/lib/aws-sdk-core/xml/parser/parsing_error.rb +2 -0
- data/lib/aws-sdk-core/xml/parser/stack.rb +2 -0
- data/lib/aws-sdk-core/xml/parser.rb +7 -0
- data/lib/aws-sdk-core/xml.rb +2 -0
- data/lib/aws-sdk-core.rb +29 -3
- data/lib/aws-sdk-sso/client.rb +630 -0
- data/lib/aws-sdk-sso/client_api.rb +190 -0
- data/lib/aws-sdk-sso/customizations.rb +1 -0
- data/lib/aws-sdk-sso/endpoint_parameters.rb +66 -0
- data/lib/aws-sdk-sso/endpoint_provider.rb +57 -0
- data/lib/aws-sdk-sso/endpoints.rb +72 -0
- data/lib/aws-sdk-sso/errors.rb +102 -0
- data/lib/aws-sdk-sso/plugins/endpoints.rb +78 -0
- data/lib/aws-sdk-sso/resource.rb +26 -0
- data/lib/aws-sdk-sso/types.rb +317 -0
- data/lib/aws-sdk-sso.rb +59 -0
- data/lib/aws-sdk-ssooidc/client.rb +935 -0
- data/lib/aws-sdk-ssooidc/client_api.rb +271 -0
- data/lib/aws-sdk-ssooidc/customizations.rb +1 -0
- data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +66 -0
- data/lib/aws-sdk-ssooidc/endpoint_provider.rb +57 -0
- data/lib/aws-sdk-ssooidc/endpoints.rb +72 -0
- data/lib/aws-sdk-ssooidc/errors.rb +321 -0
- data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +78 -0
- data/lib/aws-sdk-ssooidc/resource.rb +26 -0
- data/lib/aws-sdk-ssooidc/types.rb +755 -0
- data/lib/aws-sdk-ssooidc.rb +59 -0
- data/lib/aws-sdk-sts/client.rb +655 -490
- data/lib/aws-sdk-sts/client_api.rb +21 -2
- data/lib/aws-sdk-sts/customizations.rb +2 -0
- data/lib/aws-sdk-sts/endpoint_parameters.rb +78 -0
- data/lib/aws-sdk-sts/endpoint_provider.rb +112 -0
- data/lib/aws-sdk-sts/endpoints.rb +136 -0
- data/lib/aws-sdk-sts/errors.rb +3 -1
- data/lib/aws-sdk-sts/plugins/endpoints.rb +86 -0
- data/lib/aws-sdk-sts/plugins/sts_regional_endpoints.rb +7 -1
- data/lib/aws-sdk-sts/presigner.rb +16 -10
- data/lib/aws-sdk-sts/resource.rb +3 -1
- data/lib/aws-sdk-sts/types.rb +416 -316
- data/lib/aws-sdk-sts.rb +14 -3
- data/lib/seahorse/client/async_base.rb +2 -1
- data/lib/seahorse/client/async_response.rb +2 -0
- data/lib/seahorse/client/base.rb +3 -0
- data/lib/seahorse/client/block_io.rb +5 -2
- data/lib/seahorse/client/configuration.rb +7 -5
- data/lib/seahorse/client/events.rb +2 -0
- data/lib/seahorse/client/h2/connection.rb +29 -24
- data/lib/seahorse/client/h2/handler.rb +6 -5
- data/lib/seahorse/client/handler.rb +2 -0
- data/lib/seahorse/client/handler_builder.rb +2 -0
- data/lib/seahorse/client/handler_list.rb +2 -0
- data/lib/seahorse/client/handler_list_entry.rb +2 -0
- data/lib/seahorse/client/http/async_response.rb +2 -0
- data/lib/seahorse/client/http/headers.rb +2 -0
- data/lib/seahorse/client/http/request.rb +2 -0
- data/lib/seahorse/client/http/response.rb +3 -1
- data/lib/seahorse/client/logging/formatter.rb +2 -0
- data/lib/seahorse/client/logging/handler.rb +2 -0
- data/lib/seahorse/client/managed_file.rb +2 -0
- data/lib/seahorse/client/net_http/connection_pool.rb +12 -4
- data/lib/seahorse/client/net_http/handler.rb +19 -8
- data/lib/seahorse/client/net_http/patches.rb +14 -86
- data/lib/seahorse/client/networking_error.rb +2 -0
- data/lib/seahorse/client/plugin.rb +3 -0
- data/lib/seahorse/client/plugin_list.rb +2 -0
- data/lib/seahorse/client/plugins/content_length.rb +13 -5
- data/lib/seahorse/client/plugins/endpoint.rb +2 -0
- data/lib/seahorse/client/plugins/h2.rb +9 -4
- data/lib/seahorse/client/plugins/logging.rb +2 -0
- data/lib/seahorse/client/plugins/net_http.rb +39 -3
- data/lib/seahorse/client/plugins/operation_methods.rb +2 -0
- data/lib/seahorse/client/plugins/raise_response_errors.rb +2 -0
- data/lib/seahorse/client/plugins/request_callback.rb +141 -0
- data/lib/seahorse/client/plugins/response_target.rb +8 -8
- data/lib/seahorse/client/request.rb +2 -0
- data/lib/seahorse/client/request_context.rb +2 -0
- data/lib/seahorse/client/response.rb +8 -0
- data/lib/seahorse/model/api.rb +2 -0
- data/lib/seahorse/model/authorizer.rb +2 -0
- data/lib/seahorse/model/operation.rb +8 -0
- data/lib/seahorse/model/shapes.rb +27 -0
- data/lib/seahorse/util.rb +12 -1
- data/lib/seahorse/version.rb +2 -0
- data/lib/seahorse.rb +3 -0
- data/sig/aws-sdk-core/client_stubs.rbs +10 -0
- data/sig/aws-sdk-core/errors.rbs +22 -0
- data/sig/aws-sdk-core/resources/collection.rbs +21 -0
- data/sig/aws-sdk-core/structure.rbs +4 -0
- data/sig/aws-sdk-core/waiters/errors.rbs +20 -0
- data/sig/aws-sdk-core.rbs +7 -0
- data/sig/seahorse/client/base.rbs +25 -0
- data/sig/seahorse/client/handler_builder.rbs +16 -0
- data/sig/seahorse/client/response.rbs +61 -0
- metadata +93 -19
|
@@ -1,7 +1,9 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
|
2
4
|
#
|
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
|
4
|
-
# https://github.com/aws/aws-sdk-ruby/blob/
|
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
|
5
7
|
#
|
|
6
8
|
# WARNING ABOUT GENERATED CODE
|
|
7
9
|
|
|
@@ -41,6 +43,8 @@ module Aws::STS
|
|
|
41
43
|
NameQualifier = Shapes::StringShape.new(name: 'NameQualifier')
|
|
42
44
|
PackedPolicyTooLargeException = Shapes::StructureShape.new(name: 'PackedPolicyTooLargeException')
|
|
43
45
|
PolicyDescriptorType = Shapes::StructureShape.new(name: 'PolicyDescriptorType')
|
|
46
|
+
ProvidedContext = Shapes::StructureShape.new(name: 'ProvidedContext')
|
|
47
|
+
ProvidedContextsListType = Shapes::ListShape.new(name: 'ProvidedContextsListType')
|
|
44
48
|
RegionDisabledException = Shapes::StructureShape.new(name: 'RegionDisabledException')
|
|
45
49
|
SAMLAssertionType = Shapes::StringShape.new(name: 'SAMLAssertionType')
|
|
46
50
|
Subject = Shapes::StringShape.new(name: 'Subject')
|
|
@@ -52,6 +56,7 @@ module Aws::STS
|
|
|
52
56
|
arnType = Shapes::StringShape.new(name: 'arnType')
|
|
53
57
|
assumedRoleIdType = Shapes::StringShape.new(name: 'assumedRoleIdType')
|
|
54
58
|
clientTokenType = Shapes::StringShape.new(name: 'clientTokenType')
|
|
59
|
+
contextAssertionType = Shapes::StringShape.new(name: 'contextAssertionType')
|
|
55
60
|
dateType = Shapes::TimestampShape.new(name: 'dateType')
|
|
56
61
|
decodedMessageType = Shapes::StringShape.new(name: 'decodedMessageType')
|
|
57
62
|
durationSecondsType = Shapes::IntegerShape.new(name: 'durationSecondsType')
|
|
@@ -72,12 +77,14 @@ module Aws::STS
|
|
|
72
77
|
roleSessionNameType = Shapes::StringShape.new(name: 'roleSessionNameType')
|
|
73
78
|
serialNumberType = Shapes::StringShape.new(name: 'serialNumberType')
|
|
74
79
|
sessionPolicyDocumentType = Shapes::StringShape.new(name: 'sessionPolicyDocumentType')
|
|
80
|
+
sourceIdentityType = Shapes::StringShape.new(name: 'sourceIdentityType')
|
|
75
81
|
tagKeyListType = Shapes::ListShape.new(name: 'tagKeyListType')
|
|
76
82
|
tagKeyType = Shapes::StringShape.new(name: 'tagKeyType')
|
|
77
83
|
tagListType = Shapes::ListShape.new(name: 'tagListType')
|
|
78
84
|
tagValueType = Shapes::StringShape.new(name: 'tagValueType')
|
|
79
85
|
tokenCodeType = Shapes::StringShape.new(name: 'tokenCodeType')
|
|
80
86
|
tokenType = Shapes::StringShape.new(name: 'tokenType')
|
|
87
|
+
unrestrictedSessionPolicyDocumentType = Shapes::StringShape.new(name: 'unrestrictedSessionPolicyDocumentType')
|
|
81
88
|
urlType = Shapes::StringShape.new(name: 'urlType')
|
|
82
89
|
userIdType = Shapes::StringShape.new(name: 'userIdType')
|
|
83
90
|
userNameType = Shapes::StringShape.new(name: 'userNameType')
|
|
@@ -86,18 +93,21 @@ module Aws::STS
|
|
|
86
93
|
AssumeRoleRequest.add_member(:role_arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "RoleArn"))
|
|
87
94
|
AssumeRoleRequest.add_member(:role_session_name, Shapes::ShapeRef.new(shape: roleSessionNameType, required: true, location_name: "RoleSessionName"))
|
|
88
95
|
AssumeRoleRequest.add_member(:policy_arns, Shapes::ShapeRef.new(shape: policyDescriptorListType, location_name: "PolicyArns"))
|
|
89
|
-
AssumeRoleRequest.add_member(:policy, Shapes::ShapeRef.new(shape:
|
|
96
|
+
AssumeRoleRequest.add_member(:policy, Shapes::ShapeRef.new(shape: unrestrictedSessionPolicyDocumentType, location_name: "Policy"))
|
|
90
97
|
AssumeRoleRequest.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: roleDurationSecondsType, location_name: "DurationSeconds"))
|
|
91
98
|
AssumeRoleRequest.add_member(:tags, Shapes::ShapeRef.new(shape: tagListType, location_name: "Tags"))
|
|
92
99
|
AssumeRoleRequest.add_member(:transitive_tag_keys, Shapes::ShapeRef.new(shape: tagKeyListType, location_name: "TransitiveTagKeys"))
|
|
93
100
|
AssumeRoleRequest.add_member(:external_id, Shapes::ShapeRef.new(shape: externalIdType, location_name: "ExternalId"))
|
|
94
101
|
AssumeRoleRequest.add_member(:serial_number, Shapes::ShapeRef.new(shape: serialNumberType, location_name: "SerialNumber"))
|
|
95
102
|
AssumeRoleRequest.add_member(:token_code, Shapes::ShapeRef.new(shape: tokenCodeType, location_name: "TokenCode"))
|
|
103
|
+
AssumeRoleRequest.add_member(:source_identity, Shapes::ShapeRef.new(shape: sourceIdentityType, location_name: "SourceIdentity"))
|
|
104
|
+
AssumeRoleRequest.add_member(:provided_contexts, Shapes::ShapeRef.new(shape: ProvidedContextsListType, location_name: "ProvidedContexts"))
|
|
96
105
|
AssumeRoleRequest.struct_class = Types::AssumeRoleRequest
|
|
97
106
|
|
|
98
107
|
AssumeRoleResponse.add_member(:credentials, Shapes::ShapeRef.new(shape: Credentials, location_name: "Credentials"))
|
|
99
108
|
AssumeRoleResponse.add_member(:assumed_role_user, Shapes::ShapeRef.new(shape: AssumedRoleUser, location_name: "AssumedRoleUser"))
|
|
100
109
|
AssumeRoleResponse.add_member(:packed_policy_size, Shapes::ShapeRef.new(shape: nonNegativeIntegerType, location_name: "PackedPolicySize"))
|
|
110
|
+
AssumeRoleResponse.add_member(:source_identity, Shapes::ShapeRef.new(shape: sourceIdentityType, location_name: "SourceIdentity"))
|
|
101
111
|
AssumeRoleResponse.struct_class = Types::AssumeRoleResponse
|
|
102
112
|
|
|
103
113
|
AssumeRoleWithSAMLRequest.add_member(:role_arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "RoleArn"))
|
|
@@ -116,6 +126,7 @@ module Aws::STS
|
|
|
116
126
|
AssumeRoleWithSAMLResponse.add_member(:issuer, Shapes::ShapeRef.new(shape: Issuer, location_name: "Issuer"))
|
|
117
127
|
AssumeRoleWithSAMLResponse.add_member(:audience, Shapes::ShapeRef.new(shape: Audience, location_name: "Audience"))
|
|
118
128
|
AssumeRoleWithSAMLResponse.add_member(:name_qualifier, Shapes::ShapeRef.new(shape: NameQualifier, location_name: "NameQualifier"))
|
|
129
|
+
AssumeRoleWithSAMLResponse.add_member(:source_identity, Shapes::ShapeRef.new(shape: sourceIdentityType, location_name: "SourceIdentity"))
|
|
119
130
|
AssumeRoleWithSAMLResponse.struct_class = Types::AssumeRoleWithSAMLResponse
|
|
120
131
|
|
|
121
132
|
AssumeRoleWithWebIdentityRequest.add_member(:role_arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "RoleArn"))
|
|
@@ -133,6 +144,7 @@ module Aws::STS
|
|
|
133
144
|
AssumeRoleWithWebIdentityResponse.add_member(:packed_policy_size, Shapes::ShapeRef.new(shape: nonNegativeIntegerType, location_name: "PackedPolicySize"))
|
|
134
145
|
AssumeRoleWithWebIdentityResponse.add_member(:provider, Shapes::ShapeRef.new(shape: Issuer, location_name: "Provider"))
|
|
135
146
|
AssumeRoleWithWebIdentityResponse.add_member(:audience, Shapes::ShapeRef.new(shape: Audience, location_name: "Audience"))
|
|
147
|
+
AssumeRoleWithWebIdentityResponse.add_member(:source_identity, Shapes::ShapeRef.new(shape: sourceIdentityType, location_name: "SourceIdentity"))
|
|
136
148
|
AssumeRoleWithWebIdentityResponse.struct_class = Types::AssumeRoleWithWebIdentityResponse
|
|
137
149
|
|
|
138
150
|
AssumedRoleUser.add_member(:assumed_role_id, Shapes::ShapeRef.new(shape: assumedRoleIdType, required: true, location_name: "AssumedRoleId"))
|
|
@@ -212,6 +224,12 @@ module Aws::STS
|
|
|
212
224
|
PolicyDescriptorType.add_member(:arn, Shapes::ShapeRef.new(shape: arnType, location_name: "arn"))
|
|
213
225
|
PolicyDescriptorType.struct_class = Types::PolicyDescriptorType
|
|
214
226
|
|
|
227
|
+
ProvidedContext.add_member(:provider_arn, Shapes::ShapeRef.new(shape: arnType, location_name: "ProviderArn"))
|
|
228
|
+
ProvidedContext.add_member(:context_assertion, Shapes::ShapeRef.new(shape: contextAssertionType, location_name: "ContextAssertion"))
|
|
229
|
+
ProvidedContext.struct_class = Types::ProvidedContext
|
|
230
|
+
|
|
231
|
+
ProvidedContextsListType.member = Shapes::ShapeRef.new(shape: ProvidedContext)
|
|
232
|
+
|
|
215
233
|
RegionDisabledException.add_member(:message, Shapes::ShapeRef.new(shape: regionDisabledMessage, location_name: "message"))
|
|
216
234
|
RegionDisabledException.struct_class = Types::RegionDisabledException
|
|
217
235
|
|
|
@@ -253,6 +271,7 @@ module Aws::STS
|
|
|
253
271
|
o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
|
|
254
272
|
o.errors << Shapes::ShapeRef.new(shape: PackedPolicyTooLargeException)
|
|
255
273
|
o.errors << Shapes::ShapeRef.new(shape: RegionDisabledException)
|
|
274
|
+
o.errors << Shapes::ShapeRef.new(shape: ExpiredTokenException)
|
|
256
275
|
end)
|
|
257
276
|
|
|
258
277
|
api.add_operation(:assume_role_with_saml, Seahorse::Model::Operation.new.tap do |o|
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# WARNING ABOUT GENERATED CODE
|
|
4
|
+
#
|
|
5
|
+
# This file is generated. See the contributing guide for more information:
|
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
|
7
|
+
#
|
|
8
|
+
# WARNING ABOUT GENERATED CODE
|
|
9
|
+
|
|
10
|
+
module Aws::STS
|
|
11
|
+
# Endpoint parameters used to influence endpoints per request.
|
|
12
|
+
#
|
|
13
|
+
# @!attribute region
|
|
14
|
+
# The AWS region used to dispatch the request.
|
|
15
|
+
#
|
|
16
|
+
# @return [String]
|
|
17
|
+
#
|
|
18
|
+
# @!attribute use_dual_stack
|
|
19
|
+
# When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.
|
|
20
|
+
#
|
|
21
|
+
# @return [Boolean]
|
|
22
|
+
#
|
|
23
|
+
# @!attribute use_fips
|
|
24
|
+
# When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.
|
|
25
|
+
#
|
|
26
|
+
# @return [Boolean]
|
|
27
|
+
#
|
|
28
|
+
# @!attribute endpoint
|
|
29
|
+
# Override the endpoint used to send this request
|
|
30
|
+
#
|
|
31
|
+
# @return [String]
|
|
32
|
+
#
|
|
33
|
+
# @!attribute use_global_endpoint
|
|
34
|
+
# Whether the global endpoint should be used, rather then the regional endpoint for us-east-1.
|
|
35
|
+
#
|
|
36
|
+
# @return [Boolean]
|
|
37
|
+
#
|
|
38
|
+
EndpointParameters = Struct.new(
|
|
39
|
+
:region,
|
|
40
|
+
:use_dual_stack,
|
|
41
|
+
:use_fips,
|
|
42
|
+
:endpoint,
|
|
43
|
+
:use_global_endpoint,
|
|
44
|
+
) do
|
|
45
|
+
include Aws::Structure
|
|
46
|
+
|
|
47
|
+
# @api private
|
|
48
|
+
class << self
|
|
49
|
+
PARAM_MAP = {
|
|
50
|
+
'Region' => :region,
|
|
51
|
+
'UseDualStack' => :use_dual_stack,
|
|
52
|
+
'UseFIPS' => :use_fips,
|
|
53
|
+
'Endpoint' => :endpoint,
|
|
54
|
+
'UseGlobalEndpoint' => :use_global_endpoint,
|
|
55
|
+
}.freeze
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def initialize(options = {})
|
|
59
|
+
self[:region] = options[:region]
|
|
60
|
+
self[:use_dual_stack] = options[:use_dual_stack]
|
|
61
|
+
self[:use_dual_stack] = false if self[:use_dual_stack].nil?
|
|
62
|
+
if self[:use_dual_stack].nil?
|
|
63
|
+
raise ArgumentError, "Missing required EndpointParameter: :use_dual_stack"
|
|
64
|
+
end
|
|
65
|
+
self[:use_fips] = options[:use_fips]
|
|
66
|
+
self[:use_fips] = false if self[:use_fips].nil?
|
|
67
|
+
if self[:use_fips].nil?
|
|
68
|
+
raise ArgumentError, "Missing required EndpointParameter: :use_fips"
|
|
69
|
+
end
|
|
70
|
+
self[:endpoint] = options[:endpoint]
|
|
71
|
+
self[:use_global_endpoint] = options[:use_global_endpoint]
|
|
72
|
+
self[:use_global_endpoint] = false if self[:use_global_endpoint].nil?
|
|
73
|
+
if self[:use_global_endpoint].nil?
|
|
74
|
+
raise ArgumentError, "Missing required EndpointParameter: :use_global_endpoint"
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
end
|
|
78
|
+
end
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# WARNING ABOUT GENERATED CODE
|
|
4
|
+
#
|
|
5
|
+
# This file is generated. See the contributing guide for more information:
|
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
|
7
|
+
#
|
|
8
|
+
# WARNING ABOUT GENERATED CODE
|
|
9
|
+
|
|
10
|
+
module Aws::STS
|
|
11
|
+
class EndpointProvider
|
|
12
|
+
def resolve_endpoint(parameters)
|
|
13
|
+
region = parameters.region
|
|
14
|
+
use_dual_stack = parameters.use_dual_stack
|
|
15
|
+
use_fips = parameters.use_fips
|
|
16
|
+
endpoint = parameters.endpoint
|
|
17
|
+
use_global_endpoint = parameters.use_global_endpoint
|
|
18
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_global_endpoint, true) && Aws::Endpoints::Matchers.not(Aws::Endpoints::Matchers.set?(endpoint)) && Aws::Endpoints::Matchers.set?(region) && (partition_result = Aws::Endpoints::Matchers.aws_partition(region)) && Aws::Endpoints::Matchers.boolean_equals?(use_fips, false) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, false)
|
|
19
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "ap-northeast-1")
|
|
20
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
21
|
+
end
|
|
22
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "ap-south-1")
|
|
23
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
24
|
+
end
|
|
25
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "ap-southeast-1")
|
|
26
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
27
|
+
end
|
|
28
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "ap-southeast-2")
|
|
29
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
30
|
+
end
|
|
31
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "aws-global")
|
|
32
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
33
|
+
end
|
|
34
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "ca-central-1")
|
|
35
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
36
|
+
end
|
|
37
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "eu-central-1")
|
|
38
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
39
|
+
end
|
|
40
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "eu-north-1")
|
|
41
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
42
|
+
end
|
|
43
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-1")
|
|
44
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
45
|
+
end
|
|
46
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-2")
|
|
47
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
48
|
+
end
|
|
49
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-3")
|
|
50
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
51
|
+
end
|
|
52
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "sa-east-1")
|
|
53
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
54
|
+
end
|
|
55
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "us-east-1")
|
|
56
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
57
|
+
end
|
|
58
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "us-east-2")
|
|
59
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
60
|
+
end
|
|
61
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "us-west-1")
|
|
62
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
63
|
+
end
|
|
64
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "us-west-2")
|
|
65
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
66
|
+
end
|
|
67
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"#{region}"}]})
|
|
68
|
+
end
|
|
69
|
+
if Aws::Endpoints::Matchers.set?(endpoint)
|
|
70
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
71
|
+
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
|
72
|
+
end
|
|
73
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
74
|
+
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
|
75
|
+
end
|
|
76
|
+
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
|
77
|
+
end
|
|
78
|
+
if Aws::Endpoints::Matchers.set?(region)
|
|
79
|
+
if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
|
|
80
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
81
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
82
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
83
|
+
end
|
|
84
|
+
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
|
85
|
+
end
|
|
86
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
87
|
+
if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
|
|
88
|
+
if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws-us-gov")
|
|
89
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.amazonaws.com", headers: {}, properties: {})
|
|
90
|
+
end
|
|
91
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
92
|
+
end
|
|
93
|
+
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
|
94
|
+
end
|
|
95
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
96
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
97
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
98
|
+
end
|
|
99
|
+
raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
|
|
100
|
+
end
|
|
101
|
+
if Aws::Endpoints::Matchers.string_equals?(region, "aws-global")
|
|
102
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
|
|
103
|
+
end
|
|
104
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
105
|
+
end
|
|
106
|
+
end
|
|
107
|
+
raise ArgumentError, "Invalid Configuration: Missing Region"
|
|
108
|
+
raise ArgumentError, 'No endpoint could be resolved'
|
|
109
|
+
|
|
110
|
+
end
|
|
111
|
+
end
|
|
112
|
+
end
|
|
@@ -0,0 +1,136 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# WARNING ABOUT GENERATED CODE
|
|
4
|
+
#
|
|
5
|
+
# This file is generated. See the contributing guide for more information:
|
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
|
7
|
+
#
|
|
8
|
+
# WARNING ABOUT GENERATED CODE
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
module Aws::STS
|
|
12
|
+
# @api private
|
|
13
|
+
module Endpoints
|
|
14
|
+
|
|
15
|
+
class AssumeRole
|
|
16
|
+
def self.build(context)
|
|
17
|
+
unless context.config.regional_endpoint
|
|
18
|
+
endpoint = context.config.endpoint.to_s
|
|
19
|
+
end
|
|
20
|
+
Aws::STS::EndpointParameters.new(
|
|
21
|
+
region: context.config.region,
|
|
22
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
23
|
+
use_fips: context.config.use_fips_endpoint,
|
|
24
|
+
endpoint: endpoint,
|
|
25
|
+
use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
|
|
26
|
+
)
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
class AssumeRoleWithSAML
|
|
31
|
+
def self.build(context)
|
|
32
|
+
unless context.config.regional_endpoint
|
|
33
|
+
endpoint = context.config.endpoint.to_s
|
|
34
|
+
end
|
|
35
|
+
Aws::STS::EndpointParameters.new(
|
|
36
|
+
region: context.config.region,
|
|
37
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
38
|
+
use_fips: context.config.use_fips_endpoint,
|
|
39
|
+
endpoint: endpoint,
|
|
40
|
+
use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
|
|
41
|
+
)
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
class AssumeRoleWithWebIdentity
|
|
46
|
+
def self.build(context)
|
|
47
|
+
unless context.config.regional_endpoint
|
|
48
|
+
endpoint = context.config.endpoint.to_s
|
|
49
|
+
end
|
|
50
|
+
Aws::STS::EndpointParameters.new(
|
|
51
|
+
region: context.config.region,
|
|
52
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
53
|
+
use_fips: context.config.use_fips_endpoint,
|
|
54
|
+
endpoint: endpoint,
|
|
55
|
+
use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
|
|
56
|
+
)
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
class DecodeAuthorizationMessage
|
|
61
|
+
def self.build(context)
|
|
62
|
+
unless context.config.regional_endpoint
|
|
63
|
+
endpoint = context.config.endpoint.to_s
|
|
64
|
+
end
|
|
65
|
+
Aws::STS::EndpointParameters.new(
|
|
66
|
+
region: context.config.region,
|
|
67
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
68
|
+
use_fips: context.config.use_fips_endpoint,
|
|
69
|
+
endpoint: endpoint,
|
|
70
|
+
use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
|
|
71
|
+
)
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
class GetAccessKeyInfo
|
|
76
|
+
def self.build(context)
|
|
77
|
+
unless context.config.regional_endpoint
|
|
78
|
+
endpoint = context.config.endpoint.to_s
|
|
79
|
+
end
|
|
80
|
+
Aws::STS::EndpointParameters.new(
|
|
81
|
+
region: context.config.region,
|
|
82
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
83
|
+
use_fips: context.config.use_fips_endpoint,
|
|
84
|
+
endpoint: endpoint,
|
|
85
|
+
use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
|
|
86
|
+
)
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
class GetCallerIdentity
|
|
91
|
+
def self.build(context)
|
|
92
|
+
unless context.config.regional_endpoint
|
|
93
|
+
endpoint = context.config.endpoint.to_s
|
|
94
|
+
end
|
|
95
|
+
Aws::STS::EndpointParameters.new(
|
|
96
|
+
region: context.config.region,
|
|
97
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
98
|
+
use_fips: context.config.use_fips_endpoint,
|
|
99
|
+
endpoint: endpoint,
|
|
100
|
+
use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
|
|
101
|
+
)
|
|
102
|
+
end
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
class GetFederationToken
|
|
106
|
+
def self.build(context)
|
|
107
|
+
unless context.config.regional_endpoint
|
|
108
|
+
endpoint = context.config.endpoint.to_s
|
|
109
|
+
end
|
|
110
|
+
Aws::STS::EndpointParameters.new(
|
|
111
|
+
region: context.config.region,
|
|
112
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
113
|
+
use_fips: context.config.use_fips_endpoint,
|
|
114
|
+
endpoint: endpoint,
|
|
115
|
+
use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
|
|
116
|
+
)
|
|
117
|
+
end
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
class GetSessionToken
|
|
121
|
+
def self.build(context)
|
|
122
|
+
unless context.config.regional_endpoint
|
|
123
|
+
endpoint = context.config.endpoint.to_s
|
|
124
|
+
end
|
|
125
|
+
Aws::STS::EndpointParameters.new(
|
|
126
|
+
region: context.config.region,
|
|
127
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
128
|
+
use_fips: context.config.use_fips_endpoint,
|
|
129
|
+
endpoint: endpoint,
|
|
130
|
+
use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
|
|
131
|
+
)
|
|
132
|
+
end
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
end
|
|
136
|
+
end
|
data/lib/aws-sdk-sts/errors.rb
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
|
2
4
|
#
|
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
|
4
|
-
# https://github.com/aws/aws-sdk-ruby/blob/
|
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
|
5
7
|
#
|
|
6
8
|
# WARNING ABOUT GENERATED CODE
|
|
7
9
|
|
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# WARNING ABOUT GENERATED CODE
|
|
4
|
+
#
|
|
5
|
+
# This file is generated. See the contributing guide for more information:
|
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
|
7
|
+
#
|
|
8
|
+
# WARNING ABOUT GENERATED CODE
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
module Aws::STS
|
|
12
|
+
module Plugins
|
|
13
|
+
class Endpoints < Seahorse::Client::Plugin
|
|
14
|
+
option(
|
|
15
|
+
:endpoint_provider,
|
|
16
|
+
doc_type: 'Aws::STS::EndpointProvider',
|
|
17
|
+
rbs_type: 'untyped',
|
|
18
|
+
docstring: 'The endpoint provider used to resolve endpoints. Any '\
|
|
19
|
+
'object that responds to `#resolve_endpoint(parameters)` '\
|
|
20
|
+
'where `parameters` is a Struct similar to '\
|
|
21
|
+
'`Aws::STS::EndpointParameters`'
|
|
22
|
+
) do |cfg|
|
|
23
|
+
Aws::STS::EndpointProvider.new
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
# @api private
|
|
27
|
+
class Handler < Seahorse::Client::Handler
|
|
28
|
+
def call(context)
|
|
29
|
+
unless context[:discovered_endpoint]
|
|
30
|
+
params = parameters_for_operation(context)
|
|
31
|
+
endpoint = context.config.endpoint_provider.resolve_endpoint(params)
|
|
32
|
+
|
|
33
|
+
context.http_request.endpoint = endpoint.url
|
|
34
|
+
apply_endpoint_headers(context, endpoint.headers)
|
|
35
|
+
|
|
36
|
+
context[:endpoint_params] = params
|
|
37
|
+
context[:endpoint_properties] = endpoint.properties
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
context[:auth_scheme] =
|
|
41
|
+
Aws::Endpoints.resolve_auth_scheme(context, endpoint)
|
|
42
|
+
|
|
43
|
+
@handler.call(context)
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
private
|
|
47
|
+
|
|
48
|
+
def apply_endpoint_headers(context, headers)
|
|
49
|
+
headers.each do |key, values|
|
|
50
|
+
value = values
|
|
51
|
+
.compact
|
|
52
|
+
.map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
|
|
53
|
+
.join(',')
|
|
54
|
+
|
|
55
|
+
context.http_request.headers[key] = value
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def parameters_for_operation(context)
|
|
60
|
+
case context.operation_name
|
|
61
|
+
when :assume_role
|
|
62
|
+
Aws::STS::Endpoints::AssumeRole.build(context)
|
|
63
|
+
when :assume_role_with_saml
|
|
64
|
+
Aws::STS::Endpoints::AssumeRoleWithSAML.build(context)
|
|
65
|
+
when :assume_role_with_web_identity
|
|
66
|
+
Aws::STS::Endpoints::AssumeRoleWithWebIdentity.build(context)
|
|
67
|
+
when :decode_authorization_message
|
|
68
|
+
Aws::STS::Endpoints::DecodeAuthorizationMessage.build(context)
|
|
69
|
+
when :get_access_key_info
|
|
70
|
+
Aws::STS::Endpoints::GetAccessKeyInfo.build(context)
|
|
71
|
+
when :get_caller_identity
|
|
72
|
+
Aws::STS::Endpoints::GetCallerIdentity.build(context)
|
|
73
|
+
when :get_federation_token
|
|
74
|
+
Aws::STS::Endpoints::GetFederationToken.build(context)
|
|
75
|
+
when :get_session_token
|
|
76
|
+
Aws::STS::Endpoints::GetSessionToken.build(context)
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def add_handlers(handlers, _config)
|
|
82
|
+
handlers.add(Handler, step: :build, priority: 75)
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
end
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Aws
|
|
2
4
|
module STS
|
|
3
5
|
module Plugins
|
|
@@ -22,7 +24,11 @@ regions to resolve to the STS global endpoint.
|
|
|
22
24
|
env_mode = nil if env_mode == ''
|
|
23
25
|
cfg_mode = Aws.shared_config.sts_regional_endpoints(
|
|
24
26
|
profile: cfg.profile)
|
|
25
|
-
|
|
27
|
+
default_mode_value =
|
|
28
|
+
if cfg.respond_to?(:defaults_mode_config_resolver)
|
|
29
|
+
cfg.defaults_mode_config_resolver.resolve(:sts_regional_endpoints)
|
|
30
|
+
end
|
|
31
|
+
env_mode || cfg_mode || default_mode_value || 'regional'
|
|
26
32
|
end
|
|
27
33
|
|
|
28
34
|
end
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'aws-sigv4'
|
|
2
4
|
|
|
3
5
|
module Aws
|
|
@@ -33,10 +35,11 @@ module Aws
|
|
|
33
35
|
# )
|
|
34
36
|
#
|
|
35
37
|
# This can be easily converted to a token used by the EKS service:
|
|
36
|
-
# {https://ruby-
|
|
38
|
+
# {https://docs.ruby-lang.org/en/3.2/Base64.html#method-i-encode64}
|
|
37
39
|
# "k8s-aws-v1." + Base64.urlsafe_encode64(url).chomp("==")
|
|
38
40
|
def get_caller_identity_presigned_url(options = {})
|
|
39
|
-
req = @client.build_request(:
|
|
41
|
+
req = @client.build_request(:get_caller_identity, {})
|
|
42
|
+
context = req.context
|
|
40
43
|
|
|
41
44
|
param_list = Aws::Query::ParamList.new
|
|
42
45
|
param_list.set('Action', 'GetCallerIdentity')
|
|
@@ -44,20 +47,23 @@ module Aws
|
|
|
44
47
|
Aws::Query::EC2ParamBuilder.new(param_list)
|
|
45
48
|
.apply(req.context.operation.input, {})
|
|
46
49
|
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
50
|
+
endpoint_params = Aws::STS::EndpointParameters.new(
|
|
51
|
+
region: context.config.region,
|
|
52
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
53
|
+
use_fips: context.config.use_fips_endpoint,
|
|
54
|
+
use_global_endpoint: context.config.sts_regional_endpoints == 'legacy'
|
|
51
55
|
)
|
|
56
|
+
endpoint = context.config.endpoint_provider
|
|
57
|
+
.resolve_endpoint(endpoint_params)
|
|
58
|
+
auth_scheme = Aws::Endpoints.resolve_auth_scheme(context, endpoint)
|
|
52
59
|
|
|
53
|
-
|
|
54
|
-
|
|
60
|
+
signer = Aws::Plugins::Sign.signer_for(
|
|
61
|
+
auth_scheme, context.config
|
|
55
62
|
)
|
|
56
|
-
url += "/?#{param_list}"
|
|
57
63
|
|
|
58
64
|
signer.presign_url(
|
|
59
65
|
http_method: 'GET',
|
|
60
|
-
url: url,
|
|
66
|
+
url: "#{endpoint.url}/?#{param_list}",
|
|
61
67
|
body: '',
|
|
62
68
|
headers: options[:headers]
|
|
63
69
|
).to_s
|
data/lib/aws-sdk-sts/resource.rb
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
|
2
4
|
#
|
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
|
4
|
-
# https://github.com/aws/aws-sdk-ruby/blob/
|
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
|
5
7
|
#
|
|
6
8
|
# WARNING ABOUT GENERATED CODE
|
|
7
9
|
|