aws-sdk-core 3.109.3 → 3.112.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/aws-sdk-core.rb +5 -3
- data/lib/aws-sdk-core/ec2_metadata.rb +218 -0
- data/lib/aws-sdk-core/plugins/endpoint_pattern.rb +1 -2
- data/lib/aws-sdk-core/plugins/retry_errors.rb +4 -3
- data/lib/aws-sdk-core/xml/parser.rb +5 -0
- data/lib/aws-sdk-core/xml/parser/engines/rexml.rb +8 -0
- data/lib/aws-sdk-sso.rb +1 -1
- data/lib/aws-sdk-sso/client.rb +1 -1
- data/lib/aws-sdk-sso/plugins/content_type.rb +1 -1
- data/lib/aws-sdk-sts.rb +5 -1
- data/lib/aws-sdk-sts/client.rb +1 -1
- data/lib/seahorse/client/h2/connection.rb +1 -2
- data/lib/seahorse/client/net_http/handler.rb +2 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9846398704dff183b4e6d15386b1e2a2d0e1d30c148615bca73cda3f749b9bc5
|
4
|
+
data.tar.gz: 9b144fdc3b4d71f71df2a9fd238adb23d0c71afb195776232ba94e4580993014
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9505410b4d01e6c77063e9b17c22e9bb6a73e8cbbcdcdb148bc6828ecee5c7829c47a7993193f680711bab17c20245afe66400e4e6981558ad8e57ad13e49756
|
7
|
+
data.tar.gz: b9f246135996a501f06f7c4dd6bbf183e44342dd6987fc952d3de4432341a0354c487c67aaa8f5301c53a0db70e94c9f5058967d3c0ff5dd312cd276c0230a42
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
3.
|
1
|
+
3.112.0
|
data/lib/aws-sdk-core.rb
CHANGED
@@ -21,6 +21,7 @@ require_relative 'aws-sdk-core/process_credentials'
|
|
21
21
|
require_relative 'aws-sdk-core/sso_credentials'
|
22
22
|
|
23
23
|
# client modules
|
24
|
+
|
24
25
|
require_relative 'aws-sdk-core/client_stubs'
|
25
26
|
require_relative 'aws-sdk-core/async_client_stubs'
|
26
27
|
require_relative 'aws-sdk-core/eager_loader'
|
@@ -81,16 +82,17 @@ require_relative 'aws-sdk-core/endpoint_cache'
|
|
81
82
|
require_relative 'aws-sdk-core/client_side_monitoring/request_metrics'
|
82
83
|
require_relative 'aws-sdk-core/client_side_monitoring/publisher'
|
83
84
|
|
84
|
-
#
|
85
|
+
# utilities
|
85
86
|
|
86
87
|
require_relative 'aws-sdk-core/arn'
|
87
88
|
require_relative 'aws-sdk-core/arn_parser'
|
89
|
+
require_relative 'aws-sdk-core/ec2_metadata'
|
88
90
|
|
89
91
|
# aws-sdk-sts is included to support Aws::AssumeRoleCredentials
|
90
|
-
|
92
|
+
require_relative 'aws-sdk-sts'
|
91
93
|
|
92
94
|
# aws-sdk-sso is included to support Aws::SSOCredentials
|
93
|
-
|
95
|
+
require_relative 'aws-sdk-sso'
|
94
96
|
|
95
97
|
module Aws
|
96
98
|
|
@@ -0,0 +1,218 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'time'
|
4
|
+
require 'net/http'
|
5
|
+
|
6
|
+
module Aws
|
7
|
+
# A client that can query version 2 of the EC2 Instance Metadata
|
8
|
+
class EC2Metadata
|
9
|
+
# Path for PUT request for token
|
10
|
+
# @api private
|
11
|
+
METADATA_TOKEN_PATH = '/latest/api/token'.freeze
|
12
|
+
|
13
|
+
# Raised when the PUT request is not valid. This would be thrown if
|
14
|
+
# `token_ttl` is not an Integer.
|
15
|
+
# @api private
|
16
|
+
class TokenRetrievalError < RuntimeError; end
|
17
|
+
|
18
|
+
# Token has expired, and the request can be retried with a new token.
|
19
|
+
# @api private
|
20
|
+
class TokenExpiredError < RuntimeError; end
|
21
|
+
|
22
|
+
# The requested metadata path does not exist.
|
23
|
+
# @api private
|
24
|
+
class MetadataNotFoundError < RuntimeError; end
|
25
|
+
|
26
|
+
# The request is not allowed or IMDS is turned off.
|
27
|
+
# @api private
|
28
|
+
class RequestForbiddenError < RuntimeError; end
|
29
|
+
|
30
|
+
# Creates a client that can query version 2 of the EC2 Instance Metadata
|
31
|
+
# service (IMDS).
|
32
|
+
#
|
33
|
+
# @note Customers using containers may need to increase their hop limit
|
34
|
+
# to access IMDSv2.
|
35
|
+
# @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html#instance-metadata-transition-to-version-2
|
36
|
+
#
|
37
|
+
# @param [Hash] options
|
38
|
+
# @option options [Integer] :token_ttl (21600) The session token's TTL,
|
39
|
+
# defaulting to 6 hours.
|
40
|
+
# @option options [Integer] :retries (3) The number of retries for failed
|
41
|
+
# requests.
|
42
|
+
# @option options [String] :endpoint (169.254.169.254) The IMDS endpoint.
|
43
|
+
# @option options [Integer] :port (80) The IMDS endpoint port.
|
44
|
+
# @option options [Integer] :http_open_timeout (1) The number of seconds to
|
45
|
+
# wait for the connection to open.
|
46
|
+
# @option options [Integer] :http_read_timeout (1) The number of seconds for
|
47
|
+
# one chunk of data to be read.
|
48
|
+
# @option options [IO] :http_debug_output An output stream for debugging. Do
|
49
|
+
# not use this in production.
|
50
|
+
# @option options [Integer,Proc] :backoff A backoff used for retryable
|
51
|
+
# requests. When given an Integer, it sleeps that amount. When given a
|
52
|
+
# Proc, it is called with the current number of failed retries.
|
53
|
+
def initialize(options = {})
|
54
|
+
@token_ttl = options[:token_ttl] || 21_600
|
55
|
+
@retries = options[:retries] || 3
|
56
|
+
@backoff = backoff(options[:backoff])
|
57
|
+
|
58
|
+
@endpoint = options[:endpoint] || '169.254.169.254'
|
59
|
+
@port = options[:port] || 80
|
60
|
+
|
61
|
+
@http_open_timeout = options[:http_open_timeout] || 1
|
62
|
+
@http_read_timeout = options[:http_read_timeout] || 1
|
63
|
+
@http_debug_output = options[:http_debug_output]
|
64
|
+
|
65
|
+
@token = nil
|
66
|
+
@mutex = Mutex.new
|
67
|
+
end
|
68
|
+
|
69
|
+
# Fetches a given metadata category using a String path, and returns the
|
70
|
+
# result as a String. A path starts with the API version (usually
|
71
|
+
# "/latest/"). See the instance data categories for possible paths.
|
72
|
+
#
|
73
|
+
# @example Fetching the instance ID
|
74
|
+
#
|
75
|
+
# ec2_metadata = Aws::EC2Metadata.new
|
76
|
+
# ec2_metadata.get('/latest/meta-data/instance-id')
|
77
|
+
# => "i-023a25f10a73a0f79"
|
78
|
+
#
|
79
|
+
# @Note This implementation always returns a String and will not parse any
|
80
|
+
# responses. Parsable responses may include JSON objects or directory
|
81
|
+
# listings, which are strings separated by line feeds (ASCII 10).
|
82
|
+
#
|
83
|
+
# @example Fetching and parsing JSON meta-data
|
84
|
+
#
|
85
|
+
# require 'json'
|
86
|
+
# data = ec2_metadata.get('/latest/dynamic/instance-identity/document')
|
87
|
+
# JSON.parse(data)
|
88
|
+
# => {"accountId"=>"012345678912", ... }
|
89
|
+
#
|
90
|
+
# @example Fetching and parsing directory listings
|
91
|
+
#
|
92
|
+
# listing = ec2_metadata.get('/latest/meta-data')
|
93
|
+
# listing.split(10.chr)
|
94
|
+
# => ["ami-id", "ami-launch-index", ...]
|
95
|
+
#
|
96
|
+
# @Note Unlike other services, IMDS does not have a service API model. This
|
97
|
+
# means that we cannot confidently generate code with methods and
|
98
|
+
# response structures. This implementation ensures that new IMDS features
|
99
|
+
# are always supported by being deployed to the instance and does not
|
100
|
+
# require code changes.
|
101
|
+
#
|
102
|
+
# @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-categories.html
|
103
|
+
# @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html
|
104
|
+
# @param [String] path The full path to the metadata.
|
105
|
+
def get(path)
|
106
|
+
retry_errors(max_retries: @retries) do
|
107
|
+
@mutex.synchronize do
|
108
|
+
fetch_token unless @token && !@token.expired?
|
109
|
+
end
|
110
|
+
|
111
|
+
open_connection do |conn|
|
112
|
+
http_get(conn, path, @token.value)
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
private
|
118
|
+
|
119
|
+
def fetch_token
|
120
|
+
open_connection do |conn|
|
121
|
+
token_value, token_ttl = http_put(conn, @token_ttl)
|
122
|
+
@token = Token.new(value: token_value, ttl: token_ttl)
|
123
|
+
end
|
124
|
+
end
|
125
|
+
|
126
|
+
def http_get(connection, path, token)
|
127
|
+
headers = {
|
128
|
+
'User-Agent' => "aws-sdk-ruby3/#{CORE_GEM_VERSION}",
|
129
|
+
'x-aws-ec2-metadata-token' => token
|
130
|
+
}
|
131
|
+
request = Net::HTTP::Get.new(path, headers)
|
132
|
+
response = connection.request(request)
|
133
|
+
|
134
|
+
case response.code.to_i
|
135
|
+
when 200
|
136
|
+
response.body
|
137
|
+
when 401
|
138
|
+
raise TokenExpiredError
|
139
|
+
when 404
|
140
|
+
raise MetadataNotFoundError
|
141
|
+
end
|
142
|
+
end
|
143
|
+
|
144
|
+
def http_put(connection, ttl)
|
145
|
+
headers = {
|
146
|
+
'User-Agent' => "aws-sdk-ruby3/#{CORE_GEM_VERSION}",
|
147
|
+
'x-aws-ec2-metadata-token-ttl-seconds' => ttl.to_s
|
148
|
+
}
|
149
|
+
request = Net::HTTP::Put.new(METADATA_TOKEN_PATH, headers)
|
150
|
+
response = connection.request(request)
|
151
|
+
|
152
|
+
case response.code.to_i
|
153
|
+
when 200
|
154
|
+
[
|
155
|
+
response.body,
|
156
|
+
response.header['x-aws-ec2-metadata-token-ttl-seconds'].to_i
|
157
|
+
]
|
158
|
+
when 400
|
159
|
+
raise TokenRetrievalError
|
160
|
+
when 403
|
161
|
+
raise RequestForbiddenError
|
162
|
+
end
|
163
|
+
end
|
164
|
+
|
165
|
+
def open_connection
|
166
|
+
http = Net::HTTP.new(@endpoint, @port, nil)
|
167
|
+
http.open_timeout = @http_open_timeout
|
168
|
+
http.read_timeout = @http_read_timeout
|
169
|
+
http.set_debug_output(@http_debug_output) if @http_debug_output
|
170
|
+
http.start
|
171
|
+
yield(http).tap { http.finish }
|
172
|
+
end
|
173
|
+
|
174
|
+
def retry_errors(options = {}, &_block)
|
175
|
+
max_retries = options[:max_retries]
|
176
|
+
retries = 0
|
177
|
+
begin
|
178
|
+
yield
|
179
|
+
# These errors should not be retried.
|
180
|
+
rescue TokenRetrievalError, MetadataNotFoundError, RequestForbiddenError
|
181
|
+
raise
|
182
|
+
# StandardError is not ideal but it covers Net::HTTP errors.
|
183
|
+
# https://gist.github.com/tenderlove/245188
|
184
|
+
rescue StandardError, TokenExpiredError
|
185
|
+
raise unless retries < max_retries
|
186
|
+
|
187
|
+
@backoff.call(retries)
|
188
|
+
retries += 1
|
189
|
+
retry
|
190
|
+
end
|
191
|
+
end
|
192
|
+
|
193
|
+
def backoff(backoff)
|
194
|
+
case backoff
|
195
|
+
when Proc then backoff
|
196
|
+
when Numeric then ->(_) { Kernel.sleep(backoff) }
|
197
|
+
else ->(num_failures) { Kernel.sleep(1.2**num_failures) }
|
198
|
+
end
|
199
|
+
end
|
200
|
+
|
201
|
+
# @api private
|
202
|
+
class Token
|
203
|
+
def initialize(options = {})
|
204
|
+
@ttl = options[:ttl]
|
205
|
+
@value = options[:value]
|
206
|
+
@created_time = Time.now
|
207
|
+
end
|
208
|
+
|
209
|
+
# [String] Returns the token value.
|
210
|
+
attr_reader :value
|
211
|
+
|
212
|
+
# [Boolean] Returns true if the token expired.
|
213
|
+
def expired?
|
214
|
+
Time.now - @created_time > @ttl
|
215
|
+
end
|
216
|
+
end
|
217
|
+
end
|
218
|
+
end
|
@@ -21,8 +21,7 @@ to default service endpoint when available.
|
|
21
21
|
class Handler < Seahorse::Client::Handler
|
22
22
|
|
23
23
|
def call(context)
|
24
|
-
if context.config.
|
25
|
-
!context.config.disable_host_prefix_injection
|
24
|
+
if !context.config.disable_host_prefix_injection
|
26
25
|
endpoint_trait = context.operation.endpoint_pattern
|
27
26
|
if endpoint_trait && !endpoint_trait.empty?
|
28
27
|
_apply_endpoint_trait(context, endpoint_trait)
|
@@ -176,11 +176,12 @@ a clock skew correction and retry requests with skewed client clocks.
|
|
176
176
|
end
|
177
177
|
|
178
178
|
def self.resolve_max_attempts(cfg)
|
179
|
-
value = (ENV['AWS_MAX_ATTEMPTS']
|
179
|
+
value = (ENV['AWS_MAX_ATTEMPTS']) ||
|
180
180
|
Aws.shared_config.max_attempts(profile: cfg.profile) ||
|
181
|
-
3
|
181
|
+
'3'
|
182
|
+
value = value.to_i
|
182
183
|
# Raise if provided value is not a positive integer
|
183
|
-
if
|
184
|
+
if value <= 0
|
184
185
|
raise ArgumentError,
|
185
186
|
'Must provide a positive integer for max_attempts profile '\
|
186
187
|
'option or for ENV[\'AWS_MAX_ATTEMPTS\']'
|
@@ -70,6 +70,11 @@ module Aws
|
|
70
70
|
[:ox, :oga, :libxml, :nokogiri, :rexml].each do |name|
|
71
71
|
@engine ||= try_load_engine(name)
|
72
72
|
end
|
73
|
+
unless @engine
|
74
|
+
raise 'Unable to find a compatible xml library. ' \
|
75
|
+
'Ensure that you have installed or added to your Gemfile one of ' \
|
76
|
+
'ox, oga, libxml, nokogiri or rexml'
|
77
|
+
end
|
73
78
|
end
|
74
79
|
|
75
80
|
private
|
@@ -1,8 +1,16 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
use_system_rexml = ((RUBY_VERSION <=> "2.0.0") < 0)
|
4
|
+
if use_system_rexml
|
5
|
+
require "rbconfig"
|
6
|
+
$LOAD_PATH.unshift(RbConfig::CONFIG["rubylibdir"])
|
7
|
+
end
|
8
|
+
|
3
9
|
require 'rexml/document'
|
4
10
|
require 'rexml/streamlistener'
|
5
11
|
|
12
|
+
$LOAD_PATH.shift if use_system_rexml
|
13
|
+
|
6
14
|
module Aws
|
7
15
|
module Xml
|
8
16
|
class Parser
|
data/lib/aws-sdk-sso.rb
CHANGED
data/lib/aws-sdk-sso/client.rb
CHANGED
@@ -11,7 +11,7 @@ module Aws
|
|
11
11
|
|
12
12
|
class Handler < Seahorse::Client::Handler
|
13
13
|
def call(context)
|
14
|
-
# Some
|
14
|
+
# Some operations break when given an empty content-type header.
|
15
15
|
# The SDK adds this blank content-type header
|
16
16
|
# since Net::HTTP provides a default that can break services.
|
17
17
|
# We're setting one here even though it's not used or necessary.
|
data/lib/aws-sdk-sts.rb
CHANGED
@@ -8,6 +8,10 @@
|
|
8
8
|
# WARNING ABOUT GENERATED CODE
|
9
9
|
|
10
10
|
|
11
|
+
unless Module.const_defined?(:Aws)
|
12
|
+
require 'aws-sdk-core'
|
13
|
+
require 'aws-sigv4'
|
14
|
+
end
|
11
15
|
|
12
16
|
require_relative 'aws-sdk-sts/types'
|
13
17
|
require_relative 'aws-sdk-sts/client_api'
|
@@ -46,6 +50,6 @@ require_relative 'aws-sdk-sts/customizations'
|
|
46
50
|
# @!group service
|
47
51
|
module Aws::STS
|
48
52
|
|
49
|
-
GEM_VERSION = '3.
|
53
|
+
GEM_VERSION = '3.112.0'
|
50
54
|
|
51
55
|
end
|
data/lib/aws-sdk-sts/client.rb
CHANGED
@@ -2204,7 +2204,7 @@ module Aws::STS
|
|
2204
2204
|
params: params,
|
2205
2205
|
config: config)
|
2206
2206
|
context[:gem_name] = 'aws-sdk-core'
|
2207
|
-
context[:gem_version] = '3.
|
2207
|
+
context[:gem_version] = '3.112.0'
|
2208
2208
|
Seahorse::Client::Request.new(handlers, context)
|
2209
2209
|
end
|
2210
2210
|
|
@@ -75,7 +75,7 @@ module Seahorse
|
|
75
75
|
def connect(endpoint)
|
76
76
|
@mutex.synchronize {
|
77
77
|
if @status == :ready
|
78
|
-
tcp, addr = _tcp_socket(endpoint)
|
78
|
+
tcp, addr = _tcp_socket(endpoint)
|
79
79
|
debug_output("opening connection to #{endpoint.host}:#{endpoint.port} ...")
|
80
80
|
_nonblocking_connect(tcp, addr)
|
81
81
|
debug_output('opened')
|
@@ -245,4 +245,3 @@ module Seahorse
|
|
245
245
|
end
|
246
246
|
end
|
247
247
|
end
|
248
|
-
|
@@ -25,7 +25,8 @@ module Seahorse
|
|
25
25
|
SocketError, EOFError, IOError, Timeout::Error,
|
26
26
|
Errno::ECONNABORTED, Errno::ECONNRESET, Errno::EPIPE,
|
27
27
|
Errno::EINVAL, Errno::ETIMEDOUT, OpenSSL::SSL::SSLError,
|
28
|
-
Errno::EHOSTUNREACH, Errno::ECONNREFUSED
|
28
|
+
Errno::EHOSTUNREACH, Errno::ECONNREFUSED,
|
29
|
+
Net::HTTPFatalError # for proxy connection failures
|
29
30
|
]
|
30
31
|
|
31
32
|
# does not exist in Ruby 1.9.3
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.112.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-02-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jmespath
|
@@ -108,6 +108,7 @@ files:
|
|
108
108
|
- lib/aws-sdk-core/credentials.rb
|
109
109
|
- lib/aws-sdk-core/deprecations.rb
|
110
110
|
- lib/aws-sdk-core/eager_loader.rb
|
111
|
+
- lib/aws-sdk-core/ec2_metadata.rb
|
111
112
|
- lib/aws-sdk-core/ecs_credentials.rb
|
112
113
|
- lib/aws-sdk-core/endpoint_cache.rb
|
113
114
|
- lib/aws-sdk-core/errors.rb
|