aws-sdk-core 3.121.2 → 3.122.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4b9f3fb30de8f9941d6f38fba87b19a9a68885fa51f28604481686e9dac1848c
-  data.tar.gz: 258e63026024946722a4bbdaaf34d91b633857a9b0310d735547e1cadfbefd51
+  metadata.gz: 41135e32f0e535e0205dbf19edc735e9dcbcc1098355cd95b0c1a4fc336e9176
+  data.tar.gz: 0e0282593133b8947242ee334661728764de5932e1e2e22b105ab4648da46128
 SHA512:
-  metadata.gz: 6706b957d3f7649d5886e388fefb261b6863168ac64c1b3e86e2e912dc1d692e60c0349d9c8109afbe9dc594e612e8a4f3f0cd00ab68b7dbfedf1812dd608570
-  data.tar.gz: 67fd627aabe9d7ccb53aec0d5c161d6ce255d51427166e0dfd3370210e1bb08bb242ec4d8632a73bcce006e13288057077e20b148b72092f60720ecd54d00291
+  metadata.gz: 17dafa3b644e7cf3c72283e07e6ef951490b9ab4d3a30a34a871a4431185619f906c4e63d914515a654d1ab10e40d656a3faa6786e2e25cbd76d01859a197c56
+  data.tar.gz: e9cc0efc4f6a4021c1d3ba497f335899444befabf8f4b645ed4fc0f1c10c8ca208cb85fe350f6f21248ca34ebbe5d313b1457502a3e06951a3b12f8437709b2a

data/CHANGELOG.md

@@ -1,6 +1,41 @@
 Unreleased Changes
 ------------------
 
+3.122.0 (2021-11-04)
+------------------
+
+* Feature - Updated Aws::STS::Client with the latest API changes.
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+* Issue - Fix parsing of ISO8601 timestamps with millisecond precision in headers.
+
+* Feature - Support modeled dualstack endpoints. It can be configured with shared configuration (`use_dualstack_endpoint`), an ENV variable (`AWS_USE_DUALSTACK_ENDPOINT`), and a constructor option (`:use_dualstack_endpoint`). Requests made to services without a dualstack endpoint will fail.
+
+* Feature - Support modeled fips endpoints. It can be configured with shared configuration (`use_fips_endpoint`), an ENV variable (`AWS_USE_FIPS_ENDPOINT`), and a constructor option (`:use_fips_endpoint`). Requests made to services without a fips endpoint will fail.
+
+3.121.6 (2021-11-02)
+------------------
+
+* Issue - Improve `SSOCredentials` error handling when profile file does not exist (#2605)
+
+3.121.5 (2021-10-29)
+------------------
+
+* Issue - bump minimum version of `aws-partitions` (#2603).
+
+3.121.4 (2021-10-28)
+------------------
+
+* Issue - This version has been yanked. (#2603).
+
+* Issue - use the `EndpointProvider` to lookup signing region and name.
+
+3.121.3 (2021-10-20)
+------------------
+
+* Issue - Use endpointPrefix when looking up the `signing_region` from the `EndpointProvider`.
+
 3.121.2 (2021-10-18)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-3.121.2
+3.122.0

data/lib/aws-sdk-core/plugins/regional_endpoint.rb

@@ -24,6 +24,25 @@ a default `:region` is searched for in the following locations:
         resolve_region(cfg)
       end
 
+      option(:use_dualstack_endpoint,
+        doc_type: 'Boolean',
+        docstring: <<-DOCS) do |cfg|
+When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
+will be used if available.
+        DOCS
+        resolve_use_dualstack_endpoint(cfg)
+      end
+
+      option(:use_fips_endpoint,
+        doc_type: 'Boolean',
+        docstring: <<-DOCS) do |cfg|
+When set to `true`, fips compatible endpoints will be used if available.
+When a `fips` region is used, the region is normalized and this config
+is set to `true`.
+        DOCS
+        resolve_use_fips_endpoint(cfg)
+      end
+
       option(:regional_endpoint, false)
 
       option(:endpoint, doc_type: String, docstring: <<-DOCS) do |cfg|
@@ -42,10 +61,23 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
             raise Errors::InvalidRegionError
           end
 
+          region = cfg.region
+          new_region = region.gsub('fips-', '').gsub('-fips', '')
+          if region != new_region
+            warn("Legacy region #{region} was transformed to #{new_region}."\
+                 '`use_fips_endpoint` config was set to true.')
+            cfg.override_config(:use_fips_endpoint, true)
+            cfg.override_config(:region, new_region)
+          end
+
           Aws::Partitions::EndpointProvider.resolve(
             cfg.region,
             endpoint_prefix,
-            sts_regional
+            sts_regional,
+            {
+              dualstack: cfg.use_dualstack_endpoint,
+              fips: cfg.use_fips_endpoint
+            }
           )
         end
       end
@@ -66,6 +98,20 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
           cfg_region = Aws.shared_config.region(profile: cfg.profile)
           env_region || cfg_region
         end
+
+        def resolve_use_dualstack_endpoint(cfg)
+          value = ENV['AWS_USE_DUALSTACK_ENDPOINT']
+          value ||= Aws.shared_config.use_dualstack_endpoint(
+            profile: cfg.profile
+          )
+          Aws::Util.str_2_bool(value) || false
+        end
+
+        def resolve_use_fips_endpoint(cfg)
+          value = ENV['AWS_USE_FIPS_ENDPOINT']
+          value ||= Aws.shared_config.use_fips_endpoint(profile: cfg.profile)
+          Aws::Util.str_2_bool(value) || false
+        end
       end
     end
   end

data/lib/aws-sdk-core/plugins/signature_v4.rb

@@ -12,32 +12,22 @@ module Aws
       end
 
       option(:sigv4_name) do |cfg|
-        cfg.api.metadata['signingName'] || cfg.api.metadata['endpointPrefix']
+        signingName = if cfg.region
+          Aws::Partitions::EndpointProvider.signing_service(
+            cfg.region, cfg.api.metadata['endpointPrefix']
+          )
+        end
+        signingName || cfg.api.metadata['signingName'] || cfg.api.metadata['endpointPrefix']
       end
 
       option(:sigv4_region) do |cfg|
-
-        # The signature version 4 signing region is most
-        # commonly the configured region. There are a few
-        # notable exceptions:
-        #
-        # * Some services have a global endpoint to the entire
-        #   partition. For example, when constructing a route53
-        #   client for a region like "us-west-2", we will
-        #   always use "route53.amazonaws.com". This endpoint
-        #   is actually global to the entire partition,
-        #   and must be signed as "us-east-1".
-        #
-        # * When the region is configured, but it is configured
-        #   to a non region, such as "aws-global". This is similar
-        #   to the previous case. We use the Aws::Partitions::EndpointProvider
-        #   to resolve to the actual signing region.
-        #
-        prefix = cfg.api.metadata['endpointPrefix']
-        if prefix && cfg.endpoint.to_s.match(/#{prefix}\.amazonaws\.com/)
-          'us-east-1'
-        elsif cfg.region
-          Aws::Partitions::EndpointProvider.signing_region(cfg.region, cfg.sigv4_name)
+        if cfg.region
+          if cfg.respond_to?(:sts_regional_endpoints)
+            sts_regional = cfg.sts_regional_endpoints
+          end
+          Aws::Partitions::EndpointProvider.signing_region(
+            cfg.region, cfg.api.metadata['endpointPrefix'], sts_regional
+          )
         end
       end
 

data/lib/aws-sdk-core/rest/response/headers.rb

@@ -41,7 +41,7 @@ module Aws
           when FloatShape then value.to_f
           when BooleanShape then value == 'true'
           when TimestampShape
-            if value =~ /\d+(\.\d*)/
+            if value =~ /^\d+(\.\d*)/
               Time.at(value.to_f)
             elsif value =~ /^\d+$/
               Time.at(value.to_i)

data/lib/aws-sdk-core/shared_config.rb

@@ -163,6 +163,8 @@ module Aws
       :ca_bundle,
       :credential_process,
       :endpoint_discovery_enabled,
+      :use_dualstack_endpoint,
+      :use_fips_endpoint,
       :ec2_metadata_service_endpoint,
       :ec2_metadata_service_endpoint_mode,
       :max_attempts,

data/lib/aws-sdk-core/sso_credentials.rb

@@ -100,7 +100,7 @@ module Aws
         raise ArgumentError, 'Cached SSO Token is expired.'
       end
       cached_token
-    rescue Aws::Json::ParseError, ArgumentError
+    rescue Errno::ENOENT, Aws::Json::ParseError, ArgumentError
       raise Errors::InvalidSSOCredentials, SSO_LOGIN_GUIDANCE
     end
 

data/lib/aws-sdk-core.rb

@@ -88,6 +88,9 @@ require_relative 'aws-sdk-core/arn'
 require_relative 'aws-sdk-core/arn_parser'
 require_relative 'aws-sdk-core/ec2_metadata'
 
+# plugins
+# loaded through building STS or SSO ..
+
 # aws-sdk-sts is included to support Aws::AssumeRoleCredentials
 require_relative 'aws-sdk-sts'
 

data/lib/aws-sdk-sso/client.rb

@@ -275,6 +275,15 @@ module Aws::SSO
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Boolean] :use_dualstack_endpoint
+    #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
+    #     will be used if available.
+    #
+    #   @option options [Boolean] :use_fips_endpoint
+    #     When set to `true`, fips compatible endpoints will be used if available.
+    #     When a `fips` region is used, the region is normalized and this config
+    #     is set to `true`.
+    #
     #   @option options [Boolean] :validate_params (true)
     #     When `true`, request parameters are validated before
     #     sending the request.
@@ -521,7 +530,7 @@ module Aws::SSO
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.121.2'
+      context[:gem_version] = '3.122.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-sso.rb

@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
 # @!group service
 module Aws::SSO
 
-  GEM_VERSION = '3.121.2'
+  GEM_VERSION = '3.122.0'
 
 end

data/lib/aws-sdk-sts/client.rb

@@ -282,6 +282,15 @@ module Aws::STS
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Boolean] :use_dualstack_endpoint
+    #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
+    #     will be used if available.
+    #
+    #   @option options [Boolean] :use_fips_endpoint
+    #     When set to `true`, fips compatible endpoints will be used if available.
+    #     When a `fips` region is used, the region is normalized and this config
+    #     is set to `true`.
+    #
     #   @option options [Boolean] :validate_params (true)
     #     When `true`, request parameters are validated before
     #     sending the request.
@@ -2303,7 +2312,7 @@ module Aws::STS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.121.2'
+      context[:gem_version] = '3.122.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-sts/presigner.rb

@@ -53,7 +53,13 @@ module Aws
         )
 
         url = Aws::Partitions::EndpointProvider.resolve(
-          req.context.config.region, 'sts', 'regional'
+          req.context.config.region,
+          'sts',
+          req.context.config.sts_regional_endpoints,
+          {
+            dualstack: req.context.config.use_dualstack_endpoint,
+            fips: req.context.config.use_fips_endpoint
+          }
         )
         url += "/?#{param_list}"
 

data/lib/aws-sdk-sts.rb

@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sts/customizations'
 # @!group service
 module Aws::STS
 
-  GEM_VERSION = '3.121.2'
+  GEM_VERSION = '3.122.0'
 
 end

data/lib/seahorse/client/configuration.rb

@@ -195,6 +195,10 @@ module Seahorse
           @members.include?(method_name) or super
         end
 
+        def override_config(k, v)
+          @struct[k] = v
+        end
+
         private
 
         def value_at(opt_name)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-core
 version: !ruby/object:Gem::Version
-  version: 3.121.2
+  version: 3.122.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-10-18 00:00:00.000000000 Z
+date: 2021-11-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jmespath
@@ -33,7 +33,7 @@ dependencies:
         version: '1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.239.0
+        version: 1.525.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -43,7 +43,7 @@ dependencies:
         version: '1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.239.0
+        version: 1.525.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement