aws-sdk-core 3.11.0 → 3.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c824a5bc98f14b37660ff57fb2572657be420e34
4
- data.tar.gz: 08bb3307bed0bc4badbe3851997da2c00eeb0729
3
+ metadata.gz: d21e2fa4df210cb1859bc936f7d7ee12d8d1d9e9
4
+ data.tar.gz: 59a105fc96518c7687e4ec3078c77314da2512c9
5
5
  SHA512:
6
- metadata.gz: 5ed7f36c913474c7e9a6e2ceeabca40847283382b11474e1474a1ac6c6cea7c7d0c1fd0b98c0ea6aa4f45f8795a7dfdbf580114f291be00e8652b16c60d27edd
7
- data.tar.gz: 8aacd21ea03e66638bfeda0a9577f97c5c2655e7c9469c5ad5c32c3218d8538500da939f677e76b4313c88c202a7335b3253bb72cf8ec8f53738b26ebad6dd79
6
+ metadata.gz: e43b65a43fe6a15b943d77e352af0bb185915b57b9268691747e972fca4f7aa8603bf72ba1a196fe6b6db2fc861e9a4c01985a6c96cd49d1971e8e19853460d8
7
+ data.tar.gz: c9786f52116c3c4f0b2c41a16945aaf7cf44e7a441066959235c326c72d129fcd819131506ecd1c4aacd34169760a75b3e922065efadd785bdaef4aae2df15a1
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.11.0
1
+ 3.12.0
@@ -94,7 +94,8 @@ module Aws
94
94
  def assume_role_with_profile(prof, region)
95
95
  Aws.shared_config.assume_role_credentials_from_config(
96
96
  profile: prof,
97
- region: region
97
+ region: region,
98
+ chain_config: @config
98
99
  )
99
100
  end
100
101
 
@@ -46,6 +46,18 @@ module Aws
46
46
  # expected, and there is no source profile specified.
47
47
  class NoSourceProfileError < RuntimeError; end
48
48
 
49
+ # Raised when a client is constructed with Assume Role credentials using
50
+ # a credential_source, and that source type is unsupported.
51
+ class InvalidCredentialSourceError < RuntimeError; end
52
+
53
+ # Raised when a client is constructed with Assume Role credentials, but
54
+ # the profile has both source_profile and credential_source.
55
+ class CredentialSourceConflictError < RuntimeError; end
56
+
57
+ # Raised when a client is constructed with Assume Role credentials using
58
+ # a credential_source, and that source doesn't provide credentials.
59
+ class NoSourceCredentialsError < RuntimeError; end
60
+
49
61
  # Raised when a client is constructed and credentials are not
50
62
  # set, or the set credentials are empty.
51
63
  class MissingCredentialsError < RuntimeError
@@ -20,9 +20,6 @@ When provided, `x-api-key` header will be injected with the value provided.
20
20
  # @api private
21
21
  class OptionHandler < Seahorse::Client::Handler
22
22
  def call(context)
23
- # apply APIG user-agent by default
24
- context.config.user_agent_suffix ||= 'aws-apig-ruby'
25
-
26
23
  if context.operation.require_apikey
27
24
  api_key = context.params.delete(:api_key)
28
25
  api_key = context.config.api_key if api_key.nil?
@@ -0,0 +1,37 @@
1
+ module Aws
2
+ module Plugins
3
+ # @api private
4
+ class APIGUserAgent < Seahorse::Client::Plugin
5
+
6
+ option(:user_agent_suffix)
7
+
8
+ # @api private
9
+ class Handler < Seahorse::Client::Handler
10
+
11
+ def call(context)
12
+ set_user_agent(context)
13
+ @handler.call(context)
14
+ end
15
+
16
+ def set_user_agent(context)
17
+ ua = "aws-apig-ruby/#{CORE_GEM_VERSION}"
18
+
19
+ begin
20
+ ua += " #{RUBY_ENGINE}/#{RUBY_VERSION}"
21
+ rescue
22
+ ua += " RUBY_ENGINE_NA/#{RUBY_VERSION}"
23
+ end
24
+
25
+ ua += " #{RUBY_PLATFORM}"
26
+ ua += " #{context.config.user_agent_suffix}" if context.config.user_agent_suffix
27
+
28
+ context.http_request.headers['User-Agent'] = ua.strip
29
+ end
30
+
31
+ end
32
+
33
+ handler(Handler)
34
+
35
+ end
36
+ end
37
+ end
@@ -106,9 +106,10 @@ module Aws
106
106
  # file, if present.
107
107
  def assume_role_credentials_from_config(opts = {})
108
108
  p = opts.delete(:profile) || @profile_name
109
- credentials = assume_role_from_profile(@parsed_credentials, p, opts)
109
+ chain_config = opts.delete(:chain_config)
110
+ credentials = assume_role_from_profile(@parsed_credentials, p, opts, chain_config)
110
111
  if @parsed_config
111
- credentials ||= assume_role_from_profile(@parsed_config, p, opts)
112
+ credentials ||= assume_role_from_profile(@parsed_config, p, opts, chain_config)
112
113
  end
113
114
  credentials
114
115
  end
@@ -133,10 +134,19 @@ module Aws
133
134
  (@parsed_credentials && !@parsed_credentials.empty?) ||
134
135
  (@parsed_config && !@parsed_config.empty?)
135
136
  end
136
- def assume_role_from_profile(cfg, profile, opts)
137
+
138
+ def assume_role_from_profile(cfg, profile, opts, chain_config)
137
139
  if cfg && prof_cfg = cfg[profile]
138
140
  opts[:source_profile] ||= prof_cfg["source_profile"]
139
- if opts[:source_profile]
141
+ credential_source = opts.delete(:credential_source)
142
+ credential_source ||= prof_cfg["credential_source"]
143
+ if opts[:source_profile] && credential_source
144
+ raise Errors::CredentialSourceConflictError.new(
145
+ "Profile #{profile} has a source_profile, and "\
146
+ "a credential_source. For assume role credentials, must "\
147
+ "provide only source_profile or credential_source, not both."
148
+ )
149
+ elsif opts[:source_profile]
140
150
  opts[:credentials] = credentials(profile: opts[:source_profile])
141
151
  if opts[:credentials]
142
152
  opts[:role_session_name] ||= prof_cfg["role_session_name"]
@@ -152,6 +162,25 @@ module Aws
152
162
  " source_profile does not have credentials."
153
163
  )
154
164
  end
165
+ elsif credential_source
166
+ opts[:credentials] = credentials_from_source(
167
+ credential_source,
168
+ chain_config
169
+ )
170
+ if opts[:credentials]
171
+ opts[:role_session_name] ||= prof_cfg["role_session_name"]
172
+ opts[:role_session_name] ||= "default_session"
173
+ opts[:role_arn] ||= prof_cfg["role_arn"]
174
+ opts[:external_id] ||= prof_cfg["external_id"]
175
+ opts[:serial_number] ||= prof_cfg["mfa_serial"]
176
+ opts.delete(:source_profile) # Cleanup
177
+ AssumeRoleCredentials.new(opts)
178
+ else
179
+ raise Errors::NoSourceCredentials.new(
180
+ "Profile #{profile} could not get source credentials from"\
181
+ " provider #{credential_source}"
182
+ )
183
+ end
155
184
  elsif prof_cfg["role_arn"]
156
185
  raise Errors::NoSourceProfileError.new(
157
186
  "Profile #{profile} has a role_arn, but no source_profile."
@@ -164,6 +193,23 @@ module Aws
164
193
  end
165
194
  end
166
195
 
196
+ def credentials_from_source(credential_source, config)
197
+ case credential_source
198
+ when "Ec2InstanceMetadata"
199
+ InstanceProfileCredentials.new(
200
+ retries: config ? config.instance_profile_credentials_retries : 0,
201
+ http_open_timeout: config ? config.instance_profile_credentials_timeout : 1,
202
+ http_read_timeout: config ? config.instance_profile_credentials_timeout : 1
203
+ )
204
+ when "EcsContainer"
205
+ ECSCredentials.new
206
+ else
207
+ raise Errors::InvalidCredentialSourceError.new(
208
+ "Unsupported credential_source: #{credential_source}"
209
+ )
210
+ end
211
+ end
212
+
167
213
  def credentials_from_shared(profile, opts)
168
214
  if @parsed_credentials && prof_config = @parsed_credentials[profile]
169
215
  credentials_from_profile(prof_config)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.11.0
4
+ version: 3.12.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-11-29 00:00:00.000000000 Z
11
+ date: 2017-12-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jmespath
@@ -91,6 +91,7 @@ files:
91
91
  - lib/aws-sdk-core/plugins/api_key.rb
92
92
  - lib/aws-sdk-core/plugins/apig_authorizer_token.rb
93
93
  - lib/aws-sdk-core/plugins/apig_credentials_configuration.rb
94
+ - lib/aws-sdk-core/plugins/apig_user_agent.rb
94
95
  - lib/aws-sdk-core/plugins/credentials_configuration.rb
95
96
  - lib/aws-sdk-core/plugins/global_configuration.rb
96
97
  - lib/aws-sdk-core/plugins/helpful_socket_errors.rb