aws-sdk-core 3.104.4 → 3.111.2

data/lib/aws-sdk-sts.rb

@@ -8,6 +8,11 @@
 # WARNING ABOUT GENERATED CODE
 
 
+unless Module.const_defined?(:Aws)
+  require 'aws-sdk-core'
+  require 'aws-sigv4'
+end
+
 require_relative 'aws-sdk-sts/types'
 require_relative 'aws-sdk-sts/client_api'
 require_relative 'aws-sdk-sts/client'
@@ -42,9 +47,9 @@ require_relative 'aws-sdk-sts/customizations'
 #
 # See {Errors} for more information.
 #
-# @service
+# @!group service
 module Aws::STS
 
-  GEM_VERSION = '3.104.4'
+  GEM_VERSION = '3.111.2'
 
 end

data/lib/aws-sdk-sts/client.rb

@@ -87,13 +87,28 @@ module Aws::STS
     #     * `Aws::Credentials` - Used for configuring static, non-refreshing
     #       credentials.
     #
+    #     * `Aws::SharedCredentials` - Used for loading static credentials from a
+    #       shared file, such as `~/.aws/config`.
+    #
+    #     * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
+    #
+    #     * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
+    #       assume a role after providing credentials via the web.
+    #
+    #     * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
+    #       access token generated from `aws login`.
+    #
+    #     * `Aws::ProcessCredentials` - Used for loading credentials from a
+    #       process that outputs to stdout.
+    #
     #     * `Aws::InstanceProfileCredentials` - Used for loading credentials
     #       from an EC2 IMDS on an EC2 instance.
     #
-    #     * `Aws::SharedCredentials` - Used for loading credentials from a
-    #       shared file, such as `~/.aws/config`.
+    #     * `Aws::ECSCredentials` - Used for loading credentials from
+    #       instances running in ECS.
     #
-    #     * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
+    #     * `Aws::CognitoIdentityCredentials` - Used for loading credentials
+    #       from the Cognito Identity service.
     #
     #     When `:credentials` are not configured directly, the following
     #     locations will be searched for credentials:
@@ -103,10 +118,10 @@ module Aws::STS
     #     * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
     #     * `~/.aws/credentials`
     #     * `~/.aws/config`
-    #     * EC2 IMDS instance profile - When used by default, the timeouts are
-    #       very aggressive. Construct and pass an instance of
-    #       `Aws::InstanceProfileCredentails` to enable retries and extended
-    #       timeouts.
+    #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
+    #       are very aggressive. Construct and pass an instance of
+    #       `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
+    #       enable retries and extended timeouts.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -1263,7 +1278,7 @@ module Aws::STS
     # [15]: http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
     # [16]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html
     # [17]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity
-    # [18]: https://web-identity-federation-playground.s3.amazonaws.com/index.html
+    # [18]: https://aws.amazon.com/blogs/aws/the-aws-web-identity-federation-playground/
     # [19]: http://aws.amazon.com/articles/web-identity-federation-with-mobile-applications
     #
     # @option params [required, String] :role_arn
@@ -2189,7 +2204,7 @@ module Aws::STS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.104.4'
+      context[:gem_version] = '3.111.2'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-sts/client_api.rb

@@ -255,6 +255,7 @@ module Aws::STS
         o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
         o.errors << Shapes::ShapeRef.new(shape: PackedPolicyTooLargeException)
         o.errors << Shapes::ShapeRef.new(shape: RegionDisabledException)
+        o.errors << Shapes::ShapeRef.new(shape: ExpiredTokenException)
       end)
 
       api.add_operation(:assume_role_with_saml, Seahorse::Model::Operation.new.tap do |o|

data/lib/aws-sdk-sts/types.rb

@@ -479,7 +479,7 @@ module Aws::STS
       :policy_arns,
       :policy,
       :duration_seconds)
-      SENSITIVE = [:saml_assertion]
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -730,7 +730,7 @@ module Aws::STS
       :policy_arns,
       :policy,
       :duration_seconds)
-      SENSITIVE = [:web_identity_token]
+      SENSITIVE = []
       include Aws::Structure
     end
 

data/lib/seahorse/client/h2/connection.rb

@@ -75,7 +75,7 @@ module Seahorse
         def connect(endpoint)
           @mutex.synchronize {
             if @status == :ready
-              tcp, addr = _tcp_socket(endpoint) 
+              tcp, addr = _tcp_socket(endpoint)
               debug_output("opening connection to #{endpoint.host}:#{endpoint.port} ...")
               _nonblocking_connect(tcp, addr)
               debug_output('opened')
@@ -245,4 +245,3 @@ module Seahorse
     end
   end
 end
-

data/lib/seahorse/client/net_http/handler.rb

@@ -25,7 +25,8 @@ module Seahorse
           SocketError, EOFError, IOError, Timeout::Error,
           Errno::ECONNABORTED, Errno::ECONNRESET, Errno::EPIPE,
           Errno::EINVAL, Errno::ETIMEDOUT, OpenSSL::SSL::SSLError,
-          Errno::EHOSTUNREACH, Errno::ECONNREFUSED
+          Errno::EHOSTUNREACH, Errno::ECONNREFUSED,
+          Net::HTTPFatalError # for proxy connection failures
         ]
 
         # does not exist in Ruby 1.9.3

data/lib/seahorse/client/plugins/h2.rb

@@ -28,11 +28,14 @@ Defaults to `true`, raises errors if exist when #wait or #join! is called upon a
         DOCS
 
         # SSL Context
-        option(:ssl_ca_bundle, default: nil, doc_type: String, docstring: <<-DOCS)
+        option(:ssl_ca_bundle, default: nil, doc_type: String, docstring: <<-DOCS) do |cfg|
 Full path to the SSL certificate authority bundle file that should be used when
 verifying peer certificates. If you do not pass `:ssl_ca_directory` or `:ssl_ca_bundle`
 the system default will be used if available.
         DOCS
+          ENV['AWS_CA_BUNDLE'] ||
+            Aws.shared_config.ca_bundle(profile: cfg.profile) if cfg.respond_to?(:profile)
+        end
 
         option(:ssl_ca_directory, default: nil, doc_type: String, docstring: <<-DOCS)
 Full path of the directory that contains the unbundled SSL certificate authority

data/lib/seahorse/client/plugins/net_http.rb

@@ -21,7 +21,10 @@ module Seahorse
 
         option(:ssl_verify_peer, default: true, doc_type: 'Boolean', docstring: '')
 
-        option(:ssl_ca_bundle, default: nil, doc_type: String, docstring: '')
+        option(:ssl_ca_bundle, doc_type: String, docstring: '') do |cfg|
+          ENV['AWS_CA_BUNDLE'] ||
+            Aws.shared_config.ca_bundle(profile: cfg.profile) if cfg.respond_to?(:profile)
+        end
 
         option(:ssl_ca_directory, default: nil, doc_type: String, docstring: '')
 

data/lib/seahorse/client/plugins/response_target.rb

@@ -27,7 +27,6 @@ module Seahorse
           private
 
           def add_event_listeners(context, target)
-            handler = self
             context.http_response.on_headers(200..299) do
               # In a fresh response body will be a StringIO
               # However, when a request is retried we may have

data/lib/seahorse/util.rb

@@ -6,7 +6,6 @@ module Seahorse
   # @api private
   module Util
     class << self
-
       def uri_escape(string)
         CGI.escape(string.to_s.encode('UTF-8')).gsub('+', '%20').gsub('%7E', '~')
       end
@@ -15,6 +14,12 @@ module Seahorse
         path.gsub(/[^\/]+/) { |part| uri_escape(part) }
       end
 
+      # Checks for a valid host label
+      # @see https://tools.ietf.org/html/rfc3986#section-3.2.2
+      # @see https://tools.ietf.org/html/rfc1123#page-13
+      def host_label?(str)
+        str =~ /^(?!-)[a-zA-Z0-9-]{1,63}(?<!-)$/
+      end
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-core
 version: !ruby/object:Gem::Version
-  version: 3.104.4
+  version: 3.111.2
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-19 00:00:00.000000000 Z
+date: 2021-01-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jmespath
@@ -108,6 +108,7 @@ files:
 - lib/aws-sdk-core/credentials.rb
 - lib/aws-sdk-core/deprecations.rb
 - lib/aws-sdk-core/eager_loader.rb
+- lib/aws-sdk-core/ec2_metadata.rb
 - lib/aws-sdk-core/ecs_credentials.rb
 - lib/aws-sdk-core/endpoint_cache.rb
 - lib/aws-sdk-core/errors.rb
@@ -188,6 +189,7 @@ files:
 - lib/aws-sdk-core/rest/response/status_code.rb
 - lib/aws-sdk-core/shared_config.rb
 - lib/aws-sdk-core/shared_credentials.rb
+- lib/aws-sdk-core/sso_credentials.rb
 - lib/aws-sdk-core/structure.rb
 - lib/aws-sdk-core/stubbing/data_applicator.rb
 - lib/aws-sdk-core/stubbing/empty_stub.rb
@@ -221,6 +223,14 @@ files:
 - lib/aws-sdk-core/xml/parser/frame.rb
 - lib/aws-sdk-core/xml/parser/parsing_error.rb
 - lib/aws-sdk-core/xml/parser/stack.rb
+- lib/aws-sdk-sso.rb
+- lib/aws-sdk-sso/client.rb
+- lib/aws-sdk-sso/client_api.rb
+- lib/aws-sdk-sso/customizations.rb
+- lib/aws-sdk-sso/errors.rb
+- lib/aws-sdk-sso/plugins/content_type.rb
+- lib/aws-sdk-sso/resource.rb
+- lib/aws-sdk-sso/types.rb
 - lib/aws-sdk-sts.rb
 - lib/aws-sdk-sts/client.rb
 - lib/aws-sdk-sts/client_api.rb