aws-sdk-core 3.109.0 → 3.111.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9be12fd3781d8257feb49c005af422cc726da47592e55368ebc3ce4d8032e21b
4
- data.tar.gz: 28b66904da66dc5ab09acfb20fd37dd250cc6e83c54d6735b6b3e8b15ea22f72
3
+ metadata.gz: 282c3ce5ec4daab7cb7895b862eeb462c5fc75ddd4376a4d1dc54e8f824ea632
4
+ data.tar.gz: b5db0f7c8cb0b0cb15fd95e1382b508cd0f593d592a927450b1de66a295c7fec
5
5
  SHA512:
6
- metadata.gz: fb1a6fb1b39908e6627b4fae6331fd3574d34e10c413ddc55927460af5a7d8ac11abe1b7ecb7313c6faa141ddaf81c9173b76d33588cefc9e8c563573dc96682
7
- data.tar.gz: ca41b1a8705dd842e72d147e4c8ba0c1aa167942f5db16ca456922604cc6a6582a498329e0178fc1b8880189587d4aa204f460c0fc7edc7c8930be2d97c650d2
6
+ metadata.gz: c1a17c1d2a6f77752f8a6c6bf79adc66d17b4f2af60e5d90a6e77526d5141a071e9505e2650dbe649455227e0715354fe0d0c71ab55bd1151ad182f17e4db072
7
+ data.tar.gz: b4aa536d89780e128d8ea57cac65844f9f996fec1f7d29f4dd914a449c1ab33fa1b2d8c3f3381e081ee2550dd0adfc2e967a6770c23b158b08e6f29ab9b2c458
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.109.0
1
+ 3.111.0
@@ -21,6 +21,7 @@ require_relative 'aws-sdk-core/process_credentials'
21
21
  require_relative 'aws-sdk-core/sso_credentials'
22
22
 
23
23
  # client modules
24
+
24
25
  require_relative 'aws-sdk-core/client_stubs'
25
26
  require_relative 'aws-sdk-core/async_client_stubs'
26
27
  require_relative 'aws-sdk-core/eager_loader'
@@ -81,10 +82,11 @@ require_relative 'aws-sdk-core/endpoint_cache'
81
82
  require_relative 'aws-sdk-core/client_side_monitoring/request_metrics'
82
83
  require_relative 'aws-sdk-core/client_side_monitoring/publisher'
83
84
 
84
- # arn
85
+ # utilities
85
86
 
86
87
  require_relative 'aws-sdk-core/arn'
87
88
  require_relative 'aws-sdk-core/arn_parser'
89
+ require_relative 'aws-sdk-core/ec2_metadata'
88
90
 
89
91
  # aws-sdk-sts is included to support Aws::AssumeRoleCredentials
90
92
  require 'aws-sdk-sts'
@@ -0,0 +1,218 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'time'
4
+ require 'net/http'
5
+
6
+ module Aws
7
+ # A client that can query version 2 of the EC2 Instance Metadata
8
+ class EC2Metadata
9
+ # Path for PUT request for token
10
+ # @api private
11
+ METADATA_TOKEN_PATH = '/latest/api/token'.freeze
12
+
13
+ # Raised when the PUT request is not valid. This would be thrown if
14
+ # `token_ttl` is not an Integer.
15
+ # @api private
16
+ class TokenRetrievalError < RuntimeError; end
17
+
18
+ # Token has expired, and the request can be retried with a new token.
19
+ # @api private
20
+ class TokenExpiredError < RuntimeError; end
21
+
22
+ # The requested metadata path does not exist.
23
+ # @api private
24
+ class MetadataNotFoundError < RuntimeError; end
25
+
26
+ # The request is not allowed or IMDS is turned off.
27
+ # @api private
28
+ class RequestForbiddenError < RuntimeError; end
29
+
30
+ # Creates a client that can query version 2 of the EC2 Instance Metadata
31
+ # service (IMDS).
32
+ #
33
+ # @note Customers using containers may need to increase their hop limit
34
+ # to access IMDSv2.
35
+ # @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html#instance-metadata-transition-to-version-2
36
+ #
37
+ # @param [Hash] options
38
+ # @option options [Integer] :token_ttl (21600) The session token's TTL,
39
+ # defaulting to 6 hours.
40
+ # @option options [Integer] :retries (3) The number of retries for failed
41
+ # requests.
42
+ # @option options [String] :endpoint (169.254.169.254) The IMDS endpoint.
43
+ # @option options [Integer] :port (80) The IMDS endpoint port.
44
+ # @option options [Integer] :http_open_timeout (1) The number of seconds to
45
+ # wait for the connection to open.
46
+ # @option options [Integer] :http_read_timeout (1) The number of seconds for
47
+ # one chunk of data to be read.
48
+ # @option options [IO] :http_debug_output An output stream for debugging. Do
49
+ # not use this in production.
50
+ # @option options [Integer,Proc] :backoff A backoff used for retryable
51
+ # requests. When given an Integer, it sleeps that amount. When given a
52
+ # Proc, it is called with the current number of failed retries.
53
+ def initialize(options = {})
54
+ @token_ttl = options[:token_ttl] || 21_600
55
+ @retries = options[:retries] || 3
56
+ @backoff = backoff(options[:backoff])
57
+
58
+ @endpoint = options[:endpoint] || '169.254.169.254'
59
+ @port = options[:port] || 80
60
+
61
+ @http_open_timeout = options[:http_open_timeout] || 1
62
+ @http_read_timeout = options[:http_read_timeout] || 1
63
+ @http_debug_output = options[:http_debug_output]
64
+
65
+ @token = nil
66
+ @mutex = Mutex.new
67
+ end
68
+
69
+ # Fetches a given metadata category using a String path, and returns the
70
+ # result as a String. A path starts with the API version (usually
71
+ # "/latest/"). See the instance data categories for possible paths.
72
+ #
73
+ # @example Fetching the instance ID
74
+ #
75
+ # ec2_metadata = Aws::EC2Metadata.new
76
+ # ec2_metadata.get('/latest/meta-data/instance-id')
77
+ # => "i-023a25f10a73a0f79"
78
+ #
79
+ # @Note This implementation always returns a String and will not parse any
80
+ # responses. Parsable responses may include JSON objects or directory
81
+ # listings, which are strings separated by line feeds (ASCII 10).
82
+ #
83
+ # @example Fetching and parsing JSON meta-data
84
+ #
85
+ # require 'json'
86
+ # data = ec2_metadata.get('/latest/dynamic/instance-identity/document')
87
+ # JSON.parse(data)
88
+ # => {"accountId"=>"012345678912", ... }
89
+ #
90
+ # @example Fetching and parsing directory listings
91
+ #
92
+ # listing = ec2_metadata.get('/latest/meta-data')
93
+ # listing.split(10.chr)
94
+ # => ["ami-id", "ami-launch-index", ...]
95
+ #
96
+ # @Note Unlike other services, IMDS does not have a service API model. This
97
+ # means that we cannot confidently generate code with methods and
98
+ # response structures. This implementation ensures that new IMDS features
99
+ # are always supported by being deployed to the instance and does not
100
+ # require code changes.
101
+ #
102
+ # @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-categories.html
103
+ # @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html
104
+ # @param [String] path The full path to the metadata.
105
+ def get(path)
106
+ retry_errors(max_retries: @retries) do
107
+ @mutex.synchronize do
108
+ fetch_token unless @token && !@token.expired?
109
+ end
110
+
111
+ open_connection do |conn|
112
+ http_get(conn, path, @token.value)
113
+ end
114
+ end
115
+ end
116
+
117
+ private
118
+
119
+ def fetch_token
120
+ open_connection do |conn|
121
+ token_value, token_ttl = http_put(conn, @token_ttl)
122
+ @token = Token.new(value: token_value, ttl: token_ttl)
123
+ end
124
+ end
125
+
126
+ def http_get(connection, path, token)
127
+ headers = {
128
+ 'User-Agent' => "aws-sdk-ruby3/#{CORE_GEM_VERSION}",
129
+ 'x-aws-ec2-metadata-token' => token
130
+ }
131
+ request = Net::HTTP::Get.new(path, headers)
132
+ response = connection.request(request)
133
+
134
+ case response.code.to_i
135
+ when 200
136
+ response.body
137
+ when 401
138
+ raise TokenExpiredError
139
+ when 404
140
+ raise MetadataNotFoundError
141
+ end
142
+ end
143
+
144
+ def http_put(connection, ttl)
145
+ headers = {
146
+ 'User-Agent' => "aws-sdk-ruby3/#{CORE_GEM_VERSION}",
147
+ 'x-aws-ec2-metadata-token-ttl-seconds' => ttl.to_s
148
+ }
149
+ request = Net::HTTP::Put.new(METADATA_TOKEN_PATH, headers)
150
+ response = connection.request(request)
151
+
152
+ case response.code.to_i
153
+ when 200
154
+ [
155
+ response.body,
156
+ response.header['x-aws-ec2-metadata-token-ttl-seconds'].to_i
157
+ ]
158
+ when 400
159
+ raise TokenRetrievalError
160
+ when 403
161
+ raise RequestForbiddenError
162
+ end
163
+ end
164
+
165
+ def open_connection
166
+ http = Net::HTTP.new(@endpoint, @port, nil)
167
+ http.open_timeout = @http_open_timeout
168
+ http.read_timeout = @http_read_timeout
169
+ http.set_debug_output(@http_debug_output) if @http_debug_output
170
+ http.start
171
+ yield(http).tap { http.finish }
172
+ end
173
+
174
+ def retry_errors(options = {}, &_block)
175
+ max_retries = options[:max_retries]
176
+ retries = 0
177
+ begin
178
+ yield
179
+ # These errors should not be retried.
180
+ rescue TokenRetrievalError, MetadataNotFoundError, RequestForbiddenError
181
+ raise
182
+ # StandardError is not ideal but it covers Net::HTTP errors.
183
+ # https://gist.github.com/tenderlove/245188
184
+ rescue StandardError, TokenExpiredError
185
+ raise unless retries < max_retries
186
+
187
+ @backoff.call(retries)
188
+ retries += 1
189
+ retry
190
+ end
191
+ end
192
+
193
+ def backoff(backoff)
194
+ case backoff
195
+ when Proc then backoff
196
+ when Numeric then ->(_) { Kernel.sleep(backoff) }
197
+ else ->(num_failures) { Kernel.sleep(1.2**num_failures) }
198
+ end
199
+ end
200
+
201
+ # @api private
202
+ class Token
203
+ def initialize(options = {})
204
+ @ttl = options[:ttl]
205
+ @value = options[:value]
206
+ @created_time = Time.now
207
+ end
208
+
209
+ # [String] Returns the token value.
210
+ attr_reader :value
211
+
212
+ # [Boolean] Returns true if the token expired.
213
+ def expired?
214
+ Time.now - @created_time > @ttl
215
+ end
216
+ end
217
+ end
218
+ end
@@ -16,10 +16,10 @@ module Aws
16
16
  # @param [Aws::Structure] data
17
17
  def initialize(context, message, data = Aws::EmptyStructure.new)
18
18
  @code = self.class.code
19
- @message = message if message && !message.empty?
20
19
  @context = context
21
20
  @data = data
22
- super(message)
21
+ @message = message && !message.empty? ? message : self.class
22
+ super(@message)
23
23
  end
24
24
 
25
25
  # @return [String]
@@ -2,14 +2,14 @@
2
2
 
3
3
  module Aws
4
4
  module Json
5
- class OjEngine
5
+ class JSONEngine
6
6
 
7
7
  def self.load(json)
8
- Oj.load(json)
8
+ JSON.load(json)
9
9
  end
10
10
 
11
11
  def self.dump(value)
12
- Oj.dump(value)
12
+ JSON.dump(value)
13
13
  end
14
14
 
15
15
  end
@@ -2,14 +2,14 @@
2
2
 
3
3
  module Aws
4
4
  module Json
5
- class JSONEngine
5
+ class OjEngine
6
6
 
7
7
  def self.load(json)
8
- JSON.load(json)
8
+ Oj.load(json)
9
9
  end
10
10
 
11
11
  def self.dump(value)
12
- JSON.dump(value)
12
+ Oj.dump(value)
13
13
  end
14
14
 
15
15
  end
@@ -49,8 +49,8 @@ module Aws
49
49
  module PageableResponse
50
50
 
51
51
  def self.extended(base)
52
- base.send(:extend, Enumerable)
53
- base.send(:extend, UnsafeEnumerableMethods)
52
+ base.extend Enumerable
53
+ base.extend UnsafeEnumerableMethods
54
54
  base.instance_variable_set("@last_page", nil)
55
55
  base.instance_variable_set("@more_results", nil)
56
56
  end
@@ -4,11 +4,11 @@ module Aws
4
4
  # An auto-refreshing credential provider that works by assuming a
5
5
  # role via {Aws::SSO::Client#get_role_credentials} using a cached access
6
6
  # token. This class does NOT implement the SSO login token flow - tokens
7
- # must generated and refreshed separately by running `aws login` with the
8
- # correct profile.
7
+ # must generated and refreshed separately by running `aws login` from the
8
+ # AWS CLI with the correct profile.
9
9
  #
10
10
  # For more background on AWS SSO see the official
11
- # [what is SSO](https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html]
11
+ # {what is SSO}[https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html]
12
12
  # page.
13
13
  #
14
14
  # ## Refreshing Credentials from SSO
@@ -20,13 +20,29 @@ module Aws
20
20
  # and another token will be needed. The SDK does not manage refreshing of
21
21
  # the token value, but this can be done by running `aws login` with the
22
22
  # correct profile.
23
+ #
24
+ #
25
+ # # You must first run aws sso login --profile your-sso-profile
26
+ # sso_credentials = Aws::SSOCredentials.new(
27
+ # sso_account_id: '123456789',
28
+ # sso_role_name: "role_name",
29
+ # sso_region: "us-east-1",
30
+ # sso_start_url: 'https://your-start-url.awsapps.com/start'
31
+ # )
32
+ #
33
+ # ec2 = Aws::EC2::Client.new(credentials: sso_credentials)
34
+ #
35
+ # If you omit `:client` option, a new {SSO::Client} object will be
36
+ # constructed.
23
37
  class SSOCredentials
24
38
 
25
39
  include CredentialProvider
26
40
  include RefreshingCredentials
27
41
 
42
+ # @api private
28
43
  SSO_REQUIRED_OPTS = [:sso_account_id, :sso_region, :sso_role_name, :sso_start_url].freeze
29
44
 
45
+ # @api private
30
46
  SSO_LOGIN_GUIDANCE = 'The SSO session associated with this profile has '\
31
47
  'expired or is otherwise invalid. To refresh this SSO session run '\
32
48
  'aws sso login with the corresponding profile.'.freeze
@@ -45,7 +61,7 @@ module Aws
45
61
  # provided by the SSO service via the console and is the URL used to
46
62
  # login to the SSO directory. This is also sometimes referred to as
47
63
  # the "User Portal URL"
48
-
64
+ #
49
65
  # @option options [SSO::Client] :client Optional `SSO::Client`. If not
50
66
  # provided, a client will be constructed.
51
67
  def initialize(options = {})
@@ -65,11 +81,11 @@ module Aws
65
81
 
66
82
  options[:region] = @sso_region
67
83
  options[:credentials] = nil
68
- @client = options[:client] || SSO::Client.new(options)
84
+ @client = options[:client] || Aws::SSO::Client.new(options)
69
85
  super
70
86
  end
71
87
 
72
- # @return [STS::Client]
88
+ # @return [SSO::Client]
73
89
  attr_reader :client
74
90
 
75
91
  private
@@ -5,7 +5,7 @@ module Aws
5
5
  module Protocols
6
6
  class RestJson < Rest
7
7
 
8
- def body_for(_, _, rules, data)
8
+ def body_for(_a, _b, rules, data)
9
9
  if eventstream?(rules)
10
10
  encode_eventstream_response(rules, data, Aws::Json::Builder)
11
11
  else
@@ -5,8 +5,6 @@ module Aws
5
5
  module Protocols
6
6
  class RestXml < Rest
7
7
 
8
- include Seahorse::Model::Shapes
9
-
10
8
  def body_for(api, operation, rules, data)
11
9
  if eventstream?(rules)
12
10
  encode_eventstream_response(rules, data, Xml::Builder)
@@ -48,7 +48,7 @@ module Aws
48
48
  end
49
49
 
50
50
  def list(name, ref, values)
51
- if ref.shape.flattened
51
+ if ref[:flattened] || ref.shape.flattened
52
52
  values.each do |value|
53
53
  member(ref.shape.member.location_name || name, ref.shape.member, value)
54
54
  end
@@ -70,6 +70,11 @@ module Aws
70
70
  [:ox, :oga, :libxml, :nokogiri, :rexml].each do |name|
71
71
  @engine ||= try_load_engine(name)
72
72
  end
73
+ unless @engine
74
+ raise 'Unable to find a compatible xml library. ' \
75
+ 'Ensure that you have installed or added to your Gemfile one of ' \
76
+ 'ox, oga, libxml, nokogiri or rexml'
77
+ end
73
78
  end
74
79
 
75
80
  private
@@ -1,8 +1,16 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ use_system_rexml = ((RUBY_VERSION <=> "2.0.0") < 0)
4
+ if use_system_rexml
5
+ require "rbconfig"
6
+ $LOAD_PATH.unshift(RbConfig::CONFIG["rubylibdir"])
7
+ end
8
+
3
9
  require 'rexml/document'
4
10
  require 'rexml/streamlistener'
5
11
 
12
+ $LOAD_PATH.shift if use_system_rexml
13
+
6
14
  module Aws
7
15
  module Xml
8
16
  class Parser
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
50
50
  # @!group service
51
51
  module Aws::SSO
52
52
 
53
- GEM_VERSION = '3.109.0'
53
+ GEM_VERSION = '3.111.0'
54
54
 
55
55
  end
@@ -523,7 +523,7 @@ module Aws::SSO
523
523
  params: params,
524
524
  config: config)
525
525
  context[:gem_name] = 'aws-sdk-core'
526
- context[:gem_version] = '3.109.0'
526
+ context[:gem_version] = '3.111.0'
527
527
  Seahorse::Client::Request.new(handlers, context)
528
528
  end
529
529
 
@@ -8,6 +8,10 @@
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
10
10
 
11
+ unless Module.const_defined?(:Aws)
12
+ require 'aws-sdk-core'
13
+ require 'aws-sigv4'
14
+ end
11
15
 
12
16
  require_relative 'aws-sdk-sts/types'
13
17
  require_relative 'aws-sdk-sts/client_api'
@@ -46,6 +50,6 @@ require_relative 'aws-sdk-sts/customizations'
46
50
  # @!group service
47
51
  module Aws::STS
48
52
 
49
- GEM_VERSION = '3.109.0'
53
+ GEM_VERSION = '3.111.0'
50
54
 
51
55
  end
@@ -2204,7 +2204,7 @@ module Aws::STS
2204
2204
  params: params,
2205
2205
  config: config)
2206
2206
  context[:gem_name] = 'aws-sdk-core'
2207
- context[:gem_version] = '3.109.0'
2207
+ context[:gem_version] = '3.111.0'
2208
2208
  Seahorse::Client::Request.new(handlers, context)
2209
2209
  end
2210
2210
 
@@ -75,7 +75,7 @@ module Seahorse
75
75
  def connect(endpoint)
76
76
  @mutex.synchronize {
77
77
  if @status == :ready
78
- tcp, addr = _tcp_socket(endpoint)
78
+ tcp, addr = _tcp_socket(endpoint)
79
79
  debug_output("opening connection to #{endpoint.host}:#{endpoint.port} ...")
80
80
  _nonblocking_connect(tcp, addr)
81
81
  debug_output('opened')
@@ -245,4 +245,3 @@ module Seahorse
245
245
  end
246
246
  end
247
247
  end
248
-
@@ -25,7 +25,8 @@ module Seahorse
25
25
  SocketError, EOFError, IOError, Timeout::Error,
26
26
  Errno::ECONNABORTED, Errno::ECONNRESET, Errno::EPIPE,
27
27
  Errno::EINVAL, Errno::ETIMEDOUT, OpenSSL::SSL::SSLError,
28
- Errno::EHOSTUNREACH, Errno::ECONNREFUSED
28
+ Errno::EHOSTUNREACH, Errno::ECONNREFUSED,
29
+ Net::HTTPFatalError # for proxy connection failures
29
30
  ]
30
31
 
31
32
  # does not exist in Ruby 1.9.3
@@ -27,7 +27,6 @@ module Seahorse
27
27
  private
28
28
 
29
29
  def add_event_listeners(context, target)
30
- handler = self
31
30
  context.http_response.on_headers(200..299) do
32
31
  # In a fresh response body will be a StringIO
33
32
  # However, when a request is retried we may have
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.109.0
4
+ version: 3.111.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-30 00:00:00.000000000 Z
11
+ date: 2021-01-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jmespath
@@ -108,6 +108,7 @@ files:
108
108
  - lib/aws-sdk-core/credentials.rb
109
109
  - lib/aws-sdk-core/deprecations.rb
110
110
  - lib/aws-sdk-core/eager_loader.rb
111
+ - lib/aws-sdk-core/ec2_metadata.rb
111
112
  - lib/aws-sdk-core/ecs_credentials.rb
112
113
  - lib/aws-sdk-core/endpoint_cache.rb
113
114
  - lib/aws-sdk-core/errors.rb