aws-sdk-core 3.121.3 → 3.122.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +35 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-core/plugins/regional_endpoint.rb +47 -1
- data/lib/aws-sdk-core/plugins/signature_v4.rb +13 -23
- data/lib/aws-sdk-core/rest/request/headers.rb +6 -1
- data/lib/aws-sdk-core/rest/response/headers.rb +3 -1
- data/lib/aws-sdk-core/shared_config.rb +2 -0
- data/lib/aws-sdk-core/sso_credentials.rb +1 -1
- data/lib/aws-sdk-core.rb +3 -0
- data/lib/aws-sdk-sso/client.rb +10 -1
- data/lib/aws-sdk-sso.rb +1 -1
- data/lib/aws-sdk-sts/client.rb +10 -1
- data/lib/aws-sdk-sts/presigner.rb +7 -1
- data/lib/aws-sdk-sts.rb +1 -1
- data/lib/seahorse/client/configuration.rb +4 -0
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 537c37ff87364e7db7df2b499b7e82544a3912b817b32d4b43ae81a32c511f7b
|
4
|
+
data.tar.gz: 7deac3f2493760b46f54ae0f54022878641023f54566af10d56e270ea7590935
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 63aa35b1adf4d9f660f35af4f174922fe417b9f1124602d493d4fcc90c256e8ffb472489c606746f8c06f72f71c9faa33a8a1746d7496e1fc76a2a8d138a5b7e
|
7
|
+
data.tar.gz: 113f6de79f057dd502327550b44566f52f291f1358817778dc915849c4838b29f9724f1cd4ad5f75b2df153675e058982b26a47ffbc585d008b280fb87744417
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,41 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
3.122.1 (2021-11-09)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Issue - Correctly serialize/deserialize header lists.
|
8
|
+
|
9
|
+
3.122.0 (2021-11-04)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Updated Aws::STS::Client with the latest API changes.
|
13
|
+
|
14
|
+
* Feature - Updated Aws::SSO::Client with the latest API changes.
|
15
|
+
|
16
|
+
* Issue - Fix parsing of ISO8601 timestamps with millisecond precision in headers.
|
17
|
+
|
18
|
+
* Feature - Support modeled dualstack endpoints. It can be configured with shared configuration (`use_dualstack_endpoint`), an ENV variable (`AWS_USE_DUALSTACK_ENDPOINT`), and a constructor option (`:use_dualstack_endpoint`). Requests made to services without a dualstack endpoint will fail.
|
19
|
+
|
20
|
+
* Feature - Support modeled fips endpoints. It can be configured with shared configuration (`use_fips_endpoint`), an ENV variable (`AWS_USE_FIPS_ENDPOINT`), and a constructor option (`:use_fips_endpoint`). Requests made to services without a fips endpoint will fail.
|
21
|
+
|
22
|
+
3.121.6 (2021-11-02)
|
23
|
+
------------------
|
24
|
+
|
25
|
+
* Issue - Improve `SSOCredentials` error handling when profile file does not exist (#2605)
|
26
|
+
|
27
|
+
3.121.5 (2021-10-29)
|
28
|
+
------------------
|
29
|
+
|
30
|
+
* Issue - bump minimum version of `aws-partitions` (#2603).
|
31
|
+
|
32
|
+
3.121.4 (2021-10-28)
|
33
|
+
------------------
|
34
|
+
|
35
|
+
* Issue - This version has been yanked. (#2603).
|
36
|
+
|
37
|
+
* Issue - use the `EndpointProvider` to lookup signing region and name.
|
38
|
+
|
4
39
|
3.121.3 (2021-10-20)
|
5
40
|
------------------
|
6
41
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
3.
|
1
|
+
3.122.1
|
@@ -24,6 +24,25 @@ a default `:region` is searched for in the following locations:
|
|
24
24
|
resolve_region(cfg)
|
25
25
|
end
|
26
26
|
|
27
|
+
option(:use_dualstack_endpoint,
|
28
|
+
doc_type: 'Boolean',
|
29
|
+
docstring: <<-DOCS) do |cfg|
|
30
|
+
When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
|
31
|
+
will be used if available.
|
32
|
+
DOCS
|
33
|
+
resolve_use_dualstack_endpoint(cfg)
|
34
|
+
end
|
35
|
+
|
36
|
+
option(:use_fips_endpoint,
|
37
|
+
doc_type: 'Boolean',
|
38
|
+
docstring: <<-DOCS) do |cfg|
|
39
|
+
When set to `true`, fips compatible endpoints will be used if available.
|
40
|
+
When a `fips` region is used, the region is normalized and this config
|
41
|
+
is set to `true`.
|
42
|
+
DOCS
|
43
|
+
resolve_use_fips_endpoint(cfg)
|
44
|
+
end
|
45
|
+
|
27
46
|
option(:regional_endpoint, false)
|
28
47
|
|
29
48
|
option(:endpoint, doc_type: String, docstring: <<-DOCS) do |cfg|
|
@@ -42,10 +61,23 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
|
|
42
61
|
raise Errors::InvalidRegionError
|
43
62
|
end
|
44
63
|
|
64
|
+
region = cfg.region
|
65
|
+
new_region = region.gsub('fips-', '').gsub('-fips', '')
|
66
|
+
if region != new_region
|
67
|
+
warn("Legacy region #{region} was transformed to #{new_region}."\
|
68
|
+
'`use_fips_endpoint` config was set to true.')
|
69
|
+
cfg.override_config(:use_fips_endpoint, true)
|
70
|
+
cfg.override_config(:region, new_region)
|
71
|
+
end
|
72
|
+
|
45
73
|
Aws::Partitions::EndpointProvider.resolve(
|
46
74
|
cfg.region,
|
47
75
|
endpoint_prefix,
|
48
|
-
sts_regional
|
76
|
+
sts_regional,
|
77
|
+
{
|
78
|
+
dualstack: cfg.use_dualstack_endpoint,
|
79
|
+
fips: cfg.use_fips_endpoint
|
80
|
+
}
|
49
81
|
)
|
50
82
|
end
|
51
83
|
end
|
@@ -66,6 +98,20 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
|
|
66
98
|
cfg_region = Aws.shared_config.region(profile: cfg.profile)
|
67
99
|
env_region || cfg_region
|
68
100
|
end
|
101
|
+
|
102
|
+
def resolve_use_dualstack_endpoint(cfg)
|
103
|
+
value = ENV['AWS_USE_DUALSTACK_ENDPOINT']
|
104
|
+
value ||= Aws.shared_config.use_dualstack_endpoint(
|
105
|
+
profile: cfg.profile
|
106
|
+
)
|
107
|
+
Aws::Util.str_2_bool(value) || false
|
108
|
+
end
|
109
|
+
|
110
|
+
def resolve_use_fips_endpoint(cfg)
|
111
|
+
value = ENV['AWS_USE_FIPS_ENDPOINT']
|
112
|
+
value ||= Aws.shared_config.use_fips_endpoint(profile: cfg.profile)
|
113
|
+
Aws::Util.str_2_bool(value) || false
|
114
|
+
end
|
69
115
|
end
|
70
116
|
end
|
71
117
|
end
|
@@ -12,32 +12,22 @@ module Aws
|
|
12
12
|
end
|
13
13
|
|
14
14
|
option(:sigv4_name) do |cfg|
|
15
|
-
|
15
|
+
signingName = if cfg.region
|
16
|
+
Aws::Partitions::EndpointProvider.signing_service(
|
17
|
+
cfg.region, cfg.api.metadata['endpointPrefix']
|
18
|
+
)
|
19
|
+
end
|
20
|
+
signingName || cfg.api.metadata['signingName'] || cfg.api.metadata['endpointPrefix']
|
16
21
|
end
|
17
22
|
|
18
23
|
option(:sigv4_region) do |cfg|
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
# client for a region like "us-west-2", we will
|
27
|
-
# always use "route53.amazonaws.com". This endpoint
|
28
|
-
# is actually global to the entire partition,
|
29
|
-
# and must be signed as "us-east-1".
|
30
|
-
#
|
31
|
-
# * When the region is configured, but it is configured
|
32
|
-
# to a non region, such as "aws-global". This is similar
|
33
|
-
# to the previous case. We use the Aws::Partitions::EndpointProvider
|
34
|
-
# to resolve to the actual signing region.
|
35
|
-
#
|
36
|
-
prefix = cfg.api.metadata['endpointPrefix']
|
37
|
-
if prefix && cfg.endpoint.to_s.match(/#{prefix}\.amazonaws\.com/)
|
38
|
-
'us-east-1'
|
39
|
-
elsif cfg.region
|
40
|
-
Aws::Partitions::EndpointProvider.signing_region(cfg.region, prefix)
|
24
|
+
if cfg.region
|
25
|
+
if cfg.respond_to?(:sts_regional_endpoints)
|
26
|
+
sts_regional = cfg.sts_regional_endpoints
|
27
|
+
end
|
28
|
+
Aws::Partitions::EndpointProvider.signing_region(
|
29
|
+
cfg.region, cfg.api.metadata['endpointPrefix'], sts_regional
|
30
|
+
)
|
41
31
|
end
|
42
32
|
end
|
43
33
|
|
@@ -35,6 +35,7 @@ module Aws
|
|
35
35
|
headers[ref.location_name] =
|
36
36
|
case ref.shape
|
37
37
|
when TimestampShape then timestamp(ref, value)
|
38
|
+
when ListShape then list(ref, value)
|
38
39
|
else value.to_s
|
39
40
|
end
|
40
41
|
end
|
@@ -49,6 +50,10 @@ module Aws
|
|
49
50
|
end
|
50
51
|
end
|
51
52
|
|
53
|
+
def list(_ref, value)
|
54
|
+
value.compact.join(",")
|
55
|
+
end
|
56
|
+
|
52
57
|
def apply_header_map(headers, ref, values)
|
53
58
|
prefix = ref.location_name || ''
|
54
59
|
values.each_pair do |name, value|
|
@@ -57,7 +62,7 @@ module Aws
|
|
57
62
|
end
|
58
63
|
|
59
64
|
# With complex headers value in json syntax,
|
60
|
-
# base64 encodes value to
|
65
|
+
# base64 encodes value to avoid weird characters
|
61
66
|
# causing potential issues in headers
|
62
67
|
def apply_json_trait(value)
|
63
68
|
Base64.strict_encode64(value)
|
@@ -40,8 +40,10 @@ module Aws
|
|
40
40
|
when IntegerShape then value.to_i
|
41
41
|
when FloatShape then value.to_f
|
42
42
|
when BooleanShape then value == 'true'
|
43
|
+
when ListShape then
|
44
|
+
value.split(",").map { |v| cast_value(ref.shape.member, v) }
|
43
45
|
when TimestampShape
|
44
|
-
if value =~
|
46
|
+
if value =~ /^\d+(\.\d*)/
|
45
47
|
Time.at(value.to_f)
|
46
48
|
elsif value =~ /^\d+$/
|
47
49
|
Time.at(value.to_i)
|
@@ -100,7 +100,7 @@ module Aws
|
|
100
100
|
raise ArgumentError, 'Cached SSO Token is expired.'
|
101
101
|
end
|
102
102
|
cached_token
|
103
|
-
rescue Aws::Json::ParseError, ArgumentError
|
103
|
+
rescue Errno::ENOENT, Aws::Json::ParseError, ArgumentError
|
104
104
|
raise Errors::InvalidSSOCredentials, SSO_LOGIN_GUIDANCE
|
105
105
|
end
|
106
106
|
|
data/lib/aws-sdk-core.rb
CHANGED
@@ -88,6 +88,9 @@ require_relative 'aws-sdk-core/arn'
|
|
88
88
|
require_relative 'aws-sdk-core/arn_parser'
|
89
89
|
require_relative 'aws-sdk-core/ec2_metadata'
|
90
90
|
|
91
|
+
# plugins
|
92
|
+
# loaded through building STS or SSO ..
|
93
|
+
|
91
94
|
# aws-sdk-sts is included to support Aws::AssumeRoleCredentials
|
92
95
|
require_relative 'aws-sdk-sts'
|
93
96
|
|
data/lib/aws-sdk-sso/client.rb
CHANGED
@@ -275,6 +275,15 @@ module Aws::SSO
|
|
275
275
|
# ** Please note ** When response stubbing is enabled, no HTTP
|
276
276
|
# requests are made, and retries are disabled.
|
277
277
|
#
|
278
|
+
# @option options [Boolean] :use_dualstack_endpoint
|
279
|
+
# When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
|
280
|
+
# will be used if available.
|
281
|
+
#
|
282
|
+
# @option options [Boolean] :use_fips_endpoint
|
283
|
+
# When set to `true`, fips compatible endpoints will be used if available.
|
284
|
+
# When a `fips` region is used, the region is normalized and this config
|
285
|
+
# is set to `true`.
|
286
|
+
#
|
278
287
|
# @option options [Boolean] :validate_params (true)
|
279
288
|
# When `true`, request parameters are validated before
|
280
289
|
# sending the request.
|
@@ -521,7 +530,7 @@ module Aws::SSO
|
|
521
530
|
params: params,
|
522
531
|
config: config)
|
523
532
|
context[:gem_name] = 'aws-sdk-core'
|
524
|
-
context[:gem_version] = '3.
|
533
|
+
context[:gem_version] = '3.122.1'
|
525
534
|
Seahorse::Client::Request.new(handlers, context)
|
526
535
|
end
|
527
536
|
|
data/lib/aws-sdk-sso.rb
CHANGED
data/lib/aws-sdk-sts/client.rb
CHANGED
@@ -282,6 +282,15 @@ module Aws::STS
|
|
282
282
|
# ** Please note ** When response stubbing is enabled, no HTTP
|
283
283
|
# requests are made, and retries are disabled.
|
284
284
|
#
|
285
|
+
# @option options [Boolean] :use_dualstack_endpoint
|
286
|
+
# When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
|
287
|
+
# will be used if available.
|
288
|
+
#
|
289
|
+
# @option options [Boolean] :use_fips_endpoint
|
290
|
+
# When set to `true`, fips compatible endpoints will be used if available.
|
291
|
+
# When a `fips` region is used, the region is normalized and this config
|
292
|
+
# is set to `true`.
|
293
|
+
#
|
285
294
|
# @option options [Boolean] :validate_params (true)
|
286
295
|
# When `true`, request parameters are validated before
|
287
296
|
# sending the request.
|
@@ -2303,7 +2312,7 @@ module Aws::STS
|
|
2303
2312
|
params: params,
|
2304
2313
|
config: config)
|
2305
2314
|
context[:gem_name] = 'aws-sdk-core'
|
2306
|
-
context[:gem_version] = '3.
|
2315
|
+
context[:gem_version] = '3.122.1'
|
2307
2316
|
Seahorse::Client::Request.new(handlers, context)
|
2308
2317
|
end
|
2309
2318
|
|
@@ -53,7 +53,13 @@ module Aws
|
|
53
53
|
)
|
54
54
|
|
55
55
|
url = Aws::Partitions::EndpointProvider.resolve(
|
56
|
-
req.context.config.region,
|
56
|
+
req.context.config.region,
|
57
|
+
'sts',
|
58
|
+
req.context.config.sts_regional_endpoints,
|
59
|
+
{
|
60
|
+
dualstack: req.context.config.use_dualstack_endpoint,
|
61
|
+
fips: req.context.config.use_fips_endpoint
|
62
|
+
}
|
57
63
|
)
|
58
64
|
url += "/?#{param_list}"
|
59
65
|
|
data/lib/aws-sdk-sts.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.122.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-11-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jmespath
|
@@ -33,7 +33,7 @@ dependencies:
|
|
33
33
|
version: '1'
|
34
34
|
- - ">="
|
35
35
|
- !ruby/object:Gem::Version
|
36
|
-
version: 1.
|
36
|
+
version: 1.525.0
|
37
37
|
type: :runtime
|
38
38
|
prerelease: false
|
39
39
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -43,7 +43,7 @@ dependencies:
|
|
43
43
|
version: '1'
|
44
44
|
- - ">="
|
45
45
|
- !ruby/object:Gem::Version
|
46
|
-
version: 1.
|
46
|
+
version: 1.525.0
|
47
47
|
- !ruby/object:Gem::Dependency
|
48
48
|
name: aws-sigv4
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|