aws-sdk-core 3.11.0 → 3.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d21e2fa4df210cb1859bc936f7d7ee12d8d1d9e9
|
4
|
+
data.tar.gz: 59a105fc96518c7687e4ec3078c77314da2512c9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e43b65a43fe6a15b943d77e352af0bb185915b57b9268691747e972fca4f7aa8603bf72ba1a196fe6b6db2fc861e9a4c01985a6c96cd49d1971e8e19853460d8
|
7
|
+
data.tar.gz: c9786f52116c3c4f0b2c41a16945aaf7cf44e7a441066959235c326c72d129fcd819131506ecd1c4aacd34169760a75b3e922065efadd785bdaef4aae2df15a1
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
3.
|
1
|
+
3.12.0
|
data/lib/aws-sdk-core/errors.rb
CHANGED
@@ -46,6 +46,18 @@ module Aws
|
|
46
46
|
# expected, and there is no source profile specified.
|
47
47
|
class NoSourceProfileError < RuntimeError; end
|
48
48
|
|
49
|
+
# Raised when a client is constructed with Assume Role credentials using
|
50
|
+
# a credential_source, and that source type is unsupported.
|
51
|
+
class InvalidCredentialSourceError < RuntimeError; end
|
52
|
+
|
53
|
+
# Raised when a client is constructed with Assume Role credentials, but
|
54
|
+
# the profile has both source_profile and credential_source.
|
55
|
+
class CredentialSourceConflictError < RuntimeError; end
|
56
|
+
|
57
|
+
# Raised when a client is constructed with Assume Role credentials using
|
58
|
+
# a credential_source, and that source doesn't provide credentials.
|
59
|
+
class NoSourceCredentialsError < RuntimeError; end
|
60
|
+
|
49
61
|
# Raised when a client is constructed and credentials are not
|
50
62
|
# set, or the set credentials are empty.
|
51
63
|
class MissingCredentialsError < RuntimeError
|
@@ -20,9 +20,6 @@ When provided, `x-api-key` header will be injected with the value provided.
|
|
20
20
|
# @api private
|
21
21
|
class OptionHandler < Seahorse::Client::Handler
|
22
22
|
def call(context)
|
23
|
-
# apply APIG user-agent by default
|
24
|
-
context.config.user_agent_suffix ||= 'aws-apig-ruby'
|
25
|
-
|
26
23
|
if context.operation.require_apikey
|
27
24
|
api_key = context.params.delete(:api_key)
|
28
25
|
api_key = context.config.api_key if api_key.nil?
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module Aws
|
2
|
+
module Plugins
|
3
|
+
# @api private
|
4
|
+
class APIGUserAgent < Seahorse::Client::Plugin
|
5
|
+
|
6
|
+
option(:user_agent_suffix)
|
7
|
+
|
8
|
+
# @api private
|
9
|
+
class Handler < Seahorse::Client::Handler
|
10
|
+
|
11
|
+
def call(context)
|
12
|
+
set_user_agent(context)
|
13
|
+
@handler.call(context)
|
14
|
+
end
|
15
|
+
|
16
|
+
def set_user_agent(context)
|
17
|
+
ua = "aws-apig-ruby/#{CORE_GEM_VERSION}"
|
18
|
+
|
19
|
+
begin
|
20
|
+
ua += " #{RUBY_ENGINE}/#{RUBY_VERSION}"
|
21
|
+
rescue
|
22
|
+
ua += " RUBY_ENGINE_NA/#{RUBY_VERSION}"
|
23
|
+
end
|
24
|
+
|
25
|
+
ua += " #{RUBY_PLATFORM}"
|
26
|
+
ua += " #{context.config.user_agent_suffix}" if context.config.user_agent_suffix
|
27
|
+
|
28
|
+
context.http_request.headers['User-Agent'] = ua.strip
|
29
|
+
end
|
30
|
+
|
31
|
+
end
|
32
|
+
|
33
|
+
handler(Handler)
|
34
|
+
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -106,9 +106,10 @@ module Aws
|
|
106
106
|
# file, if present.
|
107
107
|
def assume_role_credentials_from_config(opts = {})
|
108
108
|
p = opts.delete(:profile) || @profile_name
|
109
|
-
|
109
|
+
chain_config = opts.delete(:chain_config)
|
110
|
+
credentials = assume_role_from_profile(@parsed_credentials, p, opts, chain_config)
|
110
111
|
if @parsed_config
|
111
|
-
credentials ||= assume_role_from_profile(@parsed_config, p, opts)
|
112
|
+
credentials ||= assume_role_from_profile(@parsed_config, p, opts, chain_config)
|
112
113
|
end
|
113
114
|
credentials
|
114
115
|
end
|
@@ -133,10 +134,19 @@ module Aws
|
|
133
134
|
(@parsed_credentials && !@parsed_credentials.empty?) ||
|
134
135
|
(@parsed_config && !@parsed_config.empty?)
|
135
136
|
end
|
136
|
-
|
137
|
+
|
138
|
+
def assume_role_from_profile(cfg, profile, opts, chain_config)
|
137
139
|
if cfg && prof_cfg = cfg[profile]
|
138
140
|
opts[:source_profile] ||= prof_cfg["source_profile"]
|
139
|
-
|
141
|
+
credential_source = opts.delete(:credential_source)
|
142
|
+
credential_source ||= prof_cfg["credential_source"]
|
143
|
+
if opts[:source_profile] && credential_source
|
144
|
+
raise Errors::CredentialSourceConflictError.new(
|
145
|
+
"Profile #{profile} has a source_profile, and "\
|
146
|
+
"a credential_source. For assume role credentials, must "\
|
147
|
+
"provide only source_profile or credential_source, not both."
|
148
|
+
)
|
149
|
+
elsif opts[:source_profile]
|
140
150
|
opts[:credentials] = credentials(profile: opts[:source_profile])
|
141
151
|
if opts[:credentials]
|
142
152
|
opts[:role_session_name] ||= prof_cfg["role_session_name"]
|
@@ -152,6 +162,25 @@ module Aws
|
|
152
162
|
" source_profile does not have credentials."
|
153
163
|
)
|
154
164
|
end
|
165
|
+
elsif credential_source
|
166
|
+
opts[:credentials] = credentials_from_source(
|
167
|
+
credential_source,
|
168
|
+
chain_config
|
169
|
+
)
|
170
|
+
if opts[:credentials]
|
171
|
+
opts[:role_session_name] ||= prof_cfg["role_session_name"]
|
172
|
+
opts[:role_session_name] ||= "default_session"
|
173
|
+
opts[:role_arn] ||= prof_cfg["role_arn"]
|
174
|
+
opts[:external_id] ||= prof_cfg["external_id"]
|
175
|
+
opts[:serial_number] ||= prof_cfg["mfa_serial"]
|
176
|
+
opts.delete(:source_profile) # Cleanup
|
177
|
+
AssumeRoleCredentials.new(opts)
|
178
|
+
else
|
179
|
+
raise Errors::NoSourceCredentials.new(
|
180
|
+
"Profile #{profile} could not get source credentials from"\
|
181
|
+
" provider #{credential_source}"
|
182
|
+
)
|
183
|
+
end
|
155
184
|
elsif prof_cfg["role_arn"]
|
156
185
|
raise Errors::NoSourceProfileError.new(
|
157
186
|
"Profile #{profile} has a role_arn, but no source_profile."
|
@@ -164,6 +193,23 @@ module Aws
|
|
164
193
|
end
|
165
194
|
end
|
166
195
|
|
196
|
+
def credentials_from_source(credential_source, config)
|
197
|
+
case credential_source
|
198
|
+
when "Ec2InstanceMetadata"
|
199
|
+
InstanceProfileCredentials.new(
|
200
|
+
retries: config ? config.instance_profile_credentials_retries : 0,
|
201
|
+
http_open_timeout: config ? config.instance_profile_credentials_timeout : 1,
|
202
|
+
http_read_timeout: config ? config.instance_profile_credentials_timeout : 1
|
203
|
+
)
|
204
|
+
when "EcsContainer"
|
205
|
+
ECSCredentials.new
|
206
|
+
else
|
207
|
+
raise Errors::InvalidCredentialSourceError.new(
|
208
|
+
"Unsupported credential_source: #{credential_source}"
|
209
|
+
)
|
210
|
+
end
|
211
|
+
end
|
212
|
+
|
167
213
|
def credentials_from_shared(profile, opts)
|
168
214
|
if @parsed_credentials && prof_config = @parsed_credentials[profile]
|
169
215
|
credentials_from_profile(prof_config)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.12.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-12-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jmespath
|
@@ -91,6 +91,7 @@ files:
|
|
91
91
|
- lib/aws-sdk-core/plugins/api_key.rb
|
92
92
|
- lib/aws-sdk-core/plugins/apig_authorizer_token.rb
|
93
93
|
- lib/aws-sdk-core/plugins/apig_credentials_configuration.rb
|
94
|
+
- lib/aws-sdk-core/plugins/apig_user_agent.rb
|
94
95
|
- lib/aws-sdk-core/plugins/credentials_configuration.rb
|
95
96
|
- lib/aws-sdk-core/plugins/global_configuration.rb
|
96
97
|
- lib/aws-sdk-core/plugins/helpful_socket_errors.rb
|