aws-sdk-core 3.110.0 → 3.111.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5d99d0d99ddc550900a970a6dc9732b2f4c3590bbf080941251f74dd1ca81f14
-  data.tar.gz: c99d3231552426bf0a12abf73a06296199918d20eadec98600968454bef4a9f8
+  metadata.gz: 282c3ce5ec4daab7cb7895b862eeb462c5fc75ddd4376a4d1dc54e8f824ea632
+  data.tar.gz: b5db0f7c8cb0b0cb15fd95e1382b508cd0f593d592a927450b1de66a295c7fec
 SHA512:
-  metadata.gz: 8142f6e7ae0220d035dfc20af20553a3c2581acc729e939c52588434740ed71e0e28c0424aed8cd128d8621456fe53bc6cb903b6f21b4371dd737467da9bf8aa
-  data.tar.gz: 791e39ed9ad2e35b632b3493c28b3d5795235aea711b6fff5d7cd8c666cca5a1b196502cdaa0845e1c4dc5403d937479bc9c8849e018696e03217193bda95275
+  metadata.gz: c1a17c1d2a6f77752f8a6c6bf79adc66d17b4f2af60e5d90a6e77526d5141a071e9505e2650dbe649455227e0715354fe0d0c71ab55bd1151ad182f17e4db072
+  data.tar.gz: b4aa536d89780e128d8ea57cac65844f9f996fec1f7d29f4dd914a449c1ab33fa1b2d8c3f3381e081ee2550dd0adfc2e967a6770c23b158b08e6f29ab9b2c458

data/VERSION

@@ -1 +1 @@
-3.110.0
+3.111.0

data/lib/aws-sdk-core.rb

@@ -21,6 +21,7 @@ require_relative 'aws-sdk-core/process_credentials'
 require_relative 'aws-sdk-core/sso_credentials'
 
 # client modules
+
 require_relative 'aws-sdk-core/client_stubs'
 require_relative 'aws-sdk-core/async_client_stubs'
 require_relative 'aws-sdk-core/eager_loader'
@@ -81,10 +82,11 @@ require_relative 'aws-sdk-core/endpoint_cache'
 require_relative 'aws-sdk-core/client_side_monitoring/request_metrics'
 require_relative 'aws-sdk-core/client_side_monitoring/publisher'
 
-# arn
+# utilities
 
 require_relative 'aws-sdk-core/arn'
 require_relative 'aws-sdk-core/arn_parser'
+require_relative 'aws-sdk-core/ec2_metadata'
 
 # aws-sdk-sts is included to support Aws::AssumeRoleCredentials
 require 'aws-sdk-sts'

data/lib/aws-sdk-core/ec2_metadata.rb

@@ -0,0 +1,218 @@
+# frozen_string_literal: true
+
+require 'time'
+require 'net/http'
+
+module Aws
+  # A client that can query version 2 of the EC2 Instance Metadata
+  class EC2Metadata
+    # Path for PUT request for token
+    # @api private
+    METADATA_TOKEN_PATH = '/latest/api/token'.freeze
+
+    # Raised when the PUT request is not valid. This would be thrown if
+    # `token_ttl` is not an Integer.
+    # @api private
+    class TokenRetrievalError < RuntimeError; end
+
+    # Token has expired, and the request can be retried with a new token.
+    # @api private
+    class TokenExpiredError < RuntimeError; end
+
+    # The requested metadata path does not exist.
+    # @api private
+    class MetadataNotFoundError < RuntimeError; end
+
+    # The request is not allowed or IMDS is turned off.
+    # @api private
+    class RequestForbiddenError < RuntimeError; end
+
+    # Creates a client that can query version 2 of the EC2 Instance Metadata
+    #   service (IMDS).
+    #
+    # @note Customers using containers may need to increase their hop limit
+    #   to access IMDSv2.
+    # @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html#instance-metadata-transition-to-version-2
+    #
+    # @param [Hash] options
+    # @option options [Integer] :token_ttl (21600) The session token's TTL,
+    #   defaulting to 6 hours.
+    # @option options [Integer] :retries (3) The number of retries for failed
+    #   requests.
+    # @option options [String] :endpoint (169.254.169.254) The IMDS endpoint.
+    # @option options [Integer] :port (80) The IMDS endpoint port.
+    # @option options [Integer] :http_open_timeout (1) The number of seconds to
+    #   wait for the connection to open.
+    # @option options [Integer] :http_read_timeout (1) The number of seconds for
+    #   one chunk of data to be read.
+    # @option options [IO] :http_debug_output An output stream for debugging. Do
+    #   not use this in production.
+    # @option options [Integer,Proc] :backoff A backoff used for retryable
+    #   requests. When given an Integer, it sleeps that amount. When given a
+    #   Proc, it is called with the current number of failed retries.
+    def initialize(options = {})
+      @token_ttl = options[:token_ttl] || 21_600
+      @retries = options[:retries] || 3
+      @backoff = backoff(options[:backoff])
+
+      @endpoint = options[:endpoint] || '169.254.169.254'
+      @port = options[:port] || 80
+
+      @http_open_timeout = options[:http_open_timeout] || 1
+      @http_read_timeout = options[:http_read_timeout] || 1
+      @http_debug_output = options[:http_debug_output]
+
+      @token = nil
+      @mutex = Mutex.new
+    end
+
+    # Fetches a given metadata category using a String path, and returns the
+    #   result as a String. A path starts with the API version (usually
+    #   "/latest/"). See the instance data categories for possible paths.
+    #
+    # @example Fetching the instance ID
+    #
+    #   ec2_metadata = Aws::EC2Metadata.new
+    #   ec2_metadata.get('/latest/meta-data/instance-id')
+    #   => "i-023a25f10a73a0f79"
+    #
+    # @Note This implementation always returns a String and will not parse any
+    #   responses. Parsable responses may include JSON objects or directory
+    #   listings, which are strings separated by line feeds (ASCII 10).
+    #
+    # @example Fetching and parsing JSON meta-data
+    #
+    #   require 'json'
+    #   data = ec2_metadata.get('/latest/dynamic/instance-identity/document')
+    #   JSON.parse(data)
+    #   => {"accountId"=>"012345678912", ... }
+    #
+    # @example Fetching and parsing directory listings
+    #
+    #   listing = ec2_metadata.get('/latest/meta-data')
+    #   listing.split(10.chr)
+    #   => ["ami-id", "ami-launch-index", ...]
+    #
+    # @Note Unlike other services, IMDS does not have a service API model. This
+    #   means that we cannot confidently generate code with methods and
+    #   response structures. This implementation ensures that new IMDS features
+    #   are always supported by being deployed to the instance and does not
+    #   require code changes.
+    #
+    # @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-categories.html
+    # @see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html
+    # @param [String] path The full path to the metadata.
+    def get(path)
+      retry_errors(max_retries: @retries) do
+        @mutex.synchronize do
+          fetch_token unless @token && !@token.expired?
+        end
+
+        open_connection do |conn|
+          http_get(conn, path, @token.value)
+        end
+      end
+    end
+
+    private
+
+    def fetch_token
+      open_connection do |conn|
+        token_value, token_ttl = http_put(conn, @token_ttl)
+        @token = Token.new(value: token_value, ttl: token_ttl)
+      end
+    end
+
+    def http_get(connection, path, token)
+      headers = {
+        'User-Agent' => "aws-sdk-ruby3/#{CORE_GEM_VERSION}",
+        'x-aws-ec2-metadata-token' => token
+      }
+      request = Net::HTTP::Get.new(path, headers)
+      response = connection.request(request)
+
+      case response.code.to_i
+      when 200
+        response.body
+      when 401
+        raise TokenExpiredError
+      when 404
+        raise MetadataNotFoundError
+      end
+    end
+
+    def http_put(connection, ttl)
+      headers = {
+        'User-Agent' => "aws-sdk-ruby3/#{CORE_GEM_VERSION}",
+        'x-aws-ec2-metadata-token-ttl-seconds' => ttl.to_s
+      }
+      request = Net::HTTP::Put.new(METADATA_TOKEN_PATH, headers)
+      response = connection.request(request)
+
+      case response.code.to_i
+      when 200
+        [
+          response.body,
+          response.header['x-aws-ec2-metadata-token-ttl-seconds'].to_i
+        ]
+      when 400
+        raise TokenRetrievalError
+      when 403
+        raise RequestForbiddenError
+      end
+    end
+
+    def open_connection
+      http = Net::HTTP.new(@endpoint, @port, nil)
+      http.open_timeout = @http_open_timeout
+      http.read_timeout = @http_read_timeout
+      http.set_debug_output(@http_debug_output) if @http_debug_output
+      http.start
+      yield(http).tap { http.finish }
+    end
+
+    def retry_errors(options = {}, &_block)
+      max_retries = options[:max_retries]
+      retries = 0
+      begin
+        yield
+      # These errors should not be retried.
+      rescue TokenRetrievalError, MetadataNotFoundError, RequestForbiddenError
+        raise
+      # StandardError is not ideal but it covers Net::HTTP errors.
+      # https://gist.github.com/tenderlove/245188
+      rescue StandardError, TokenExpiredError
+        raise unless retries < max_retries
+
+        @backoff.call(retries)
+        retries += 1
+        retry
+      end
+    end
+
+    def backoff(backoff)
+      case backoff
+      when Proc then backoff
+      when Numeric then ->(_) { Kernel.sleep(backoff) }
+      else ->(num_failures) { Kernel.sleep(1.2**num_failures) }
+      end
+    end
+
+    # @api private
+    class Token
+      def initialize(options = {})
+        @ttl   = options[:ttl]
+        @value = options[:value]
+        @created_time = Time.now
+      end
+
+      # [String] Returns the token value.
+      attr_reader :value
+
+      # [Boolean] Returns true if the token expired.
+      def expired?
+        Time.now - @created_time > @ttl
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/xml/parser.rb

@@ -70,6 +70,11 @@ module Aws
           [:ox, :oga, :libxml, :nokogiri, :rexml].each do |name|
             @engine ||= try_load_engine(name)
           end
+          unless @engine
+            raise 'Unable to find a compatible xml library. ' \
+            'Ensure that you have installed or added to your Gemfile one of ' \
+            'ox, oga, libxml, nokogiri or rexml'
+          end
         end
 
         private

data/lib/aws-sdk-core/xml/parser/engines/rexml.rb

@@ -1,8 +1,16 @@
 # frozen_string_literal: true
 
+use_system_rexml = ((RUBY_VERSION <=> "2.0.0") < 0)
+if use_system_rexml
+  require "rbconfig"
+  $LOAD_PATH.unshift(RbConfig::CONFIG["rubylibdir"])
+end
+
 require 'rexml/document'
 require 'rexml/streamlistener'
 
+$LOAD_PATH.shift if use_system_rexml
+
 module Aws
   module Xml
     class Parser

data/lib/aws-sdk-sso.rb

@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
 # @!group service
 module Aws::SSO
 
-  GEM_VERSION = '3.110.0'
+  GEM_VERSION = '3.111.0'
 
 end

data/lib/aws-sdk-sso/client.rb

@@ -523,7 +523,7 @@ module Aws::SSO
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.110.0'
+      context[:gem_version] = '3.111.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-sts.rb

@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sts/customizations'
 # @!group service
 module Aws::STS
 
-  GEM_VERSION = '3.110.0'
+  GEM_VERSION = '3.111.0'
 
 end

data/lib/aws-sdk-sts/client.rb

@@ -2204,7 +2204,7 @@ module Aws::STS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.110.0'
+      context[:gem_version] = '3.111.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/seahorse/client/h2/connection.rb

@@ -75,7 +75,7 @@ module Seahorse
         def connect(endpoint)
           @mutex.synchronize {
             if @status == :ready
-              tcp, addr = _tcp_socket(endpoint) 
+              tcp, addr = _tcp_socket(endpoint)
               debug_output("opening connection to #{endpoint.host}:#{endpoint.port} ...")
               _nonblocking_connect(tcp, addr)
               debug_output('opened')
@@ -245,4 +245,3 @@ module Seahorse
     end
   end
 end
-

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-core
 version: !ruby/object:Gem::Version
-  version: 3.110.0
+  version: 3.111.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-03 00:00:00.000000000 Z
+date: 2021-01-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jmespath
@@ -108,6 +108,7 @@ files:
 - lib/aws-sdk-core/credentials.rb
 - lib/aws-sdk-core/deprecations.rb
 - lib/aws-sdk-core/eager_loader.rb
+- lib/aws-sdk-core/ec2_metadata.rb
 - lib/aws-sdk-core/ecs_credentials.rb
 - lib/aws-sdk-core/endpoint_cache.rb
 - lib/aws-sdk-core/errors.rb