aws-sdk-core 3.121.3 → 3.122.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ca78fa40d16ef2a56d695fd3149837b9c9b41f12fe4584d0c6e9920cf88e0696
-  data.tar.gz: b907fc2f3b8c3fac0c26a615f7bb310f110875d0c4baab3dce38a8b91ee64cb9
+  metadata.gz: 537c37ff87364e7db7df2b499b7e82544a3912b817b32d4b43ae81a32c511f7b
+  data.tar.gz: 7deac3f2493760b46f54ae0f54022878641023f54566af10d56e270ea7590935
 SHA512:
-  metadata.gz: 6e8ec45394f4e8b8b0f960c85192968cb811e09a1f23b31cb531df9a2eb81fffad4e5420ce5cf714fefa6b4dd0622588d39f1a340284ce3c5bde4603e55d03c8
-  data.tar.gz: ec673c9df67c90297099d4243d44d48bc290c3b0169899c9cd6e40058dcc40db29775fa40d814025e24c94d6bb9ebda7a118781516859f17c2c3a83f320161ec
+  metadata.gz: 63aa35b1adf4d9f660f35af4f174922fe417b9f1124602d493d4fcc90c256e8ffb472489c606746f8c06f72f71c9faa33a8a1746d7496e1fc76a2a8d138a5b7e
+  data.tar.gz: 113f6de79f057dd502327550b44566f52f291f1358817778dc915849c4838b29f9724f1cd4ad5f75b2df153675e058982b26a47ffbc585d008b280fb87744417

data/CHANGELOG.md

@@ -1,6 +1,41 @@
 Unreleased Changes
 ------------------
 
+3.122.1 (2021-11-09)
+------------------
+
+* Issue - Correctly serialize/deserialize header lists.
+
+3.122.0 (2021-11-04)
+------------------
+
+* Feature - Updated Aws::STS::Client with the latest API changes.
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+* Issue - Fix parsing of ISO8601 timestamps with millisecond precision in headers.
+
+* Feature - Support modeled dualstack endpoints. It can be configured with shared configuration (`use_dualstack_endpoint`), an ENV variable (`AWS_USE_DUALSTACK_ENDPOINT`), and a constructor option (`:use_dualstack_endpoint`). Requests made to services without a dualstack endpoint will fail.
+
+* Feature - Support modeled fips endpoints. It can be configured with shared configuration (`use_fips_endpoint`), an ENV variable (`AWS_USE_FIPS_ENDPOINT`), and a constructor option (`:use_fips_endpoint`). Requests made to services without a fips endpoint will fail.
+
+3.121.6 (2021-11-02)
+------------------
+
+* Issue - Improve `SSOCredentials` error handling when profile file does not exist (#2605)
+
+3.121.5 (2021-10-29)
+------------------
+
+* Issue - bump minimum version of `aws-partitions` (#2603).
+
+3.121.4 (2021-10-28)
+------------------
+
+* Issue - This version has been yanked. (#2603).
+
+* Issue - use the `EndpointProvider` to lookup signing region and name.
+
 3.121.3 (2021-10-20)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-3.121.3
+3.122.1

data/lib/aws-sdk-core/plugins/regional_endpoint.rb

@@ -24,6 +24,25 @@ a default `:region` is searched for in the following locations:
         resolve_region(cfg)
       end
 
+      option(:use_dualstack_endpoint,
+        doc_type: 'Boolean',
+        docstring: <<-DOCS) do |cfg|
+When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
+will be used if available.
+        DOCS
+        resolve_use_dualstack_endpoint(cfg)
+      end
+
+      option(:use_fips_endpoint,
+        doc_type: 'Boolean',
+        docstring: <<-DOCS) do |cfg|
+When set to `true`, fips compatible endpoints will be used if available.
+When a `fips` region is used, the region is normalized and this config
+is set to `true`.
+        DOCS
+        resolve_use_fips_endpoint(cfg)
+      end
+
       option(:regional_endpoint, false)
 
       option(:endpoint, doc_type: String, docstring: <<-DOCS) do |cfg|
@@ -42,10 +61,23 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
             raise Errors::InvalidRegionError
           end
 
+          region = cfg.region
+          new_region = region.gsub('fips-', '').gsub('-fips', '')
+          if region != new_region
+            warn("Legacy region #{region} was transformed to #{new_region}."\
+                 '`use_fips_endpoint` config was set to true.')
+            cfg.override_config(:use_fips_endpoint, true)
+            cfg.override_config(:region, new_region)
+          end
+
           Aws::Partitions::EndpointProvider.resolve(
             cfg.region,
             endpoint_prefix,
-            sts_regional
+            sts_regional,
+            {
+              dualstack: cfg.use_dualstack_endpoint,
+              fips: cfg.use_fips_endpoint
+            }
           )
         end
       end
@@ -66,6 +98,20 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
           cfg_region = Aws.shared_config.region(profile: cfg.profile)
           env_region || cfg_region
         end
+
+        def resolve_use_dualstack_endpoint(cfg)
+          value = ENV['AWS_USE_DUALSTACK_ENDPOINT']
+          value ||= Aws.shared_config.use_dualstack_endpoint(
+            profile: cfg.profile
+          )
+          Aws::Util.str_2_bool(value) || false
+        end
+
+        def resolve_use_fips_endpoint(cfg)
+          value = ENV['AWS_USE_FIPS_ENDPOINT']
+          value ||= Aws.shared_config.use_fips_endpoint(profile: cfg.profile)
+          Aws::Util.str_2_bool(value) || false
+        end
       end
     end
   end

data/lib/aws-sdk-core/plugins/signature_v4.rb

@@ -12,32 +12,22 @@ module Aws
       end
 
       option(:sigv4_name) do |cfg|
-        cfg.api.metadata['signingName'] || cfg.api.metadata['endpointPrefix']
+        signingName = if cfg.region
+          Aws::Partitions::EndpointProvider.signing_service(
+            cfg.region, cfg.api.metadata['endpointPrefix']
+          )
+        end
+        signingName || cfg.api.metadata['signingName'] || cfg.api.metadata['endpointPrefix']
       end
 
       option(:sigv4_region) do |cfg|
-
-        # The signature version 4 signing region is most
-        # commonly the configured region. There are a few
-        # notable exceptions:
-        #
-        # * Some services have a global endpoint to the entire
-        #   partition. For example, when constructing a route53
-        #   client for a region like "us-west-2", we will
-        #   always use "route53.amazonaws.com". This endpoint
-        #   is actually global to the entire partition,
-        #   and must be signed as "us-east-1".
-        #
-        # * When the region is configured, but it is configured
-        #   to a non region, such as "aws-global". This is similar
-        #   to the previous case. We use the Aws::Partitions::EndpointProvider
-        #   to resolve to the actual signing region.
-        #
-        prefix = cfg.api.metadata['endpointPrefix']
-        if prefix && cfg.endpoint.to_s.match(/#{prefix}\.amazonaws\.com/)
-          'us-east-1'
-        elsif cfg.region
-          Aws::Partitions::EndpointProvider.signing_region(cfg.region, prefix)
+        if cfg.region
+          if cfg.respond_to?(:sts_regional_endpoints)
+            sts_regional = cfg.sts_regional_endpoints
+          end
+          Aws::Partitions::EndpointProvider.signing_region(
+            cfg.region, cfg.api.metadata['endpointPrefix'], sts_regional
+          )
         end
       end
 

data/lib/aws-sdk-core/rest/request/headers.rb

@@ -35,6 +35,7 @@ module Aws
           headers[ref.location_name] =
             case ref.shape
             when TimestampShape then timestamp(ref, value)
+            when ListShape then list(ref, value)
             else value.to_s
             end
         end
@@ -49,6 +50,10 @@ module Aws
           end
         end
 
+        def list(_ref, value)
+          value.compact.join(",")
+        end
+
         def apply_header_map(headers, ref, values)
           prefix = ref.location_name || ''
           values.each_pair do |name, value|
@@ -57,7 +62,7 @@ module Aws
         end
 
         # With complex headers value in json syntax,
-        # base64 encodes value to aviod weird characters
+        # base64 encodes value to avoid weird characters
         # causing potential issues in headers
         def apply_json_trait(value)
           Base64.strict_encode64(value)

data/lib/aws-sdk-core/rest/response/headers.rb

@@ -40,8 +40,10 @@ module Aws
           when IntegerShape then value.to_i
           when FloatShape then value.to_f
           when BooleanShape then value == 'true'
+          when ListShape then
+            value.split(",").map { |v| cast_value(ref.shape.member, v) }
           when TimestampShape
-            if value =~ /\d+(\.\d*)/
+            if value =~ /^\d+(\.\d*)/
               Time.at(value.to_f)
             elsif value =~ /^\d+$/
               Time.at(value.to_i)

data/lib/aws-sdk-core/shared_config.rb

@@ -163,6 +163,8 @@ module Aws
       :ca_bundle,
       :credential_process,
       :endpoint_discovery_enabled,
+      :use_dualstack_endpoint,
+      :use_fips_endpoint,
       :ec2_metadata_service_endpoint,
       :ec2_metadata_service_endpoint_mode,
       :max_attempts,

data/lib/aws-sdk-core/sso_credentials.rb

@@ -100,7 +100,7 @@ module Aws
         raise ArgumentError, 'Cached SSO Token is expired.'
       end
       cached_token
-    rescue Aws::Json::ParseError, ArgumentError
+    rescue Errno::ENOENT, Aws::Json::ParseError, ArgumentError
       raise Errors::InvalidSSOCredentials, SSO_LOGIN_GUIDANCE
     end
 

data/lib/aws-sdk-core.rb

@@ -88,6 +88,9 @@ require_relative 'aws-sdk-core/arn'
 require_relative 'aws-sdk-core/arn_parser'
 require_relative 'aws-sdk-core/ec2_metadata'
 
+# plugins
+# loaded through building STS or SSO ..
+
 # aws-sdk-sts is included to support Aws::AssumeRoleCredentials
 require_relative 'aws-sdk-sts'
 

data/lib/aws-sdk-sso/client.rb

@@ -275,6 +275,15 @@ module Aws::SSO
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Boolean] :use_dualstack_endpoint
+    #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
+    #     will be used if available.
+    #
+    #   @option options [Boolean] :use_fips_endpoint
+    #     When set to `true`, fips compatible endpoints will be used if available.
+    #     When a `fips` region is used, the region is normalized and this config
+    #     is set to `true`.
+    #
     #   @option options [Boolean] :validate_params (true)
     #     When `true`, request parameters are validated before
     #     sending the request.
@@ -521,7 +530,7 @@ module Aws::SSO
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.121.3'
+      context[:gem_version] = '3.122.1'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-sso.rb

@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
 # @!group service
 module Aws::SSO
 
-  GEM_VERSION = '3.121.3'
+  GEM_VERSION = '3.122.1'
 
 end

data/lib/aws-sdk-sts/client.rb

@@ -282,6 +282,15 @@ module Aws::STS
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Boolean] :use_dualstack_endpoint
+    #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
+    #     will be used if available.
+    #
+    #   @option options [Boolean] :use_fips_endpoint
+    #     When set to `true`, fips compatible endpoints will be used if available.
+    #     When a `fips` region is used, the region is normalized and this config
+    #     is set to `true`.
+    #
     #   @option options [Boolean] :validate_params (true)
     #     When `true`, request parameters are validated before
     #     sending the request.
@@ -2303,7 +2312,7 @@ module Aws::STS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.121.3'
+      context[:gem_version] = '3.122.1'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-sts/presigner.rb

@@ -53,7 +53,13 @@ module Aws
         )
 
         url = Aws::Partitions::EndpointProvider.resolve(
-          req.context.config.region, 'sts', 'regional'
+          req.context.config.region,
+          'sts',
+          req.context.config.sts_regional_endpoints,
+          {
+            dualstack: req.context.config.use_dualstack_endpoint,
+            fips: req.context.config.use_fips_endpoint
+          }
         )
         url += "/?#{param_list}"
 

data/lib/aws-sdk-sts.rb

@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sts/customizations'
 # @!group service
 module Aws::STS
 
-  GEM_VERSION = '3.121.3'
+  GEM_VERSION = '3.122.1'
 
 end

data/lib/seahorse/client/configuration.rb

@@ -195,6 +195,10 @@ module Seahorse
           @members.include?(method_name) or super
         end
 
+        def override_config(k, v)
+          @struct[k] = v
+        end
+
         private
 
         def value_at(opt_name)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-core
 version: !ruby/object:Gem::Version
-  version: 3.121.3
+  version: 3.122.1
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-10-20 00:00:00.000000000 Z
+date: 2021-11-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jmespath
@@ -33,7 +33,7 @@ dependencies:
         version: '1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.239.0
+        version: 1.525.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -43,7 +43,7 @@ dependencies:
         version: '1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.239.0
+        version: 1.525.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement