aws-sdk-core 3.130.2 → 3.131.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ff22a0d39db864fb7a965fedeb1f45730a70840d8ae4475e2222529604e3a707
-  data.tar.gz: 90117e48ef4377412254102c08d95718c14b407c64be26b8bb0c62b4b349bfa2
+  metadata.gz: a0e337e99efba0bb583eb3c1d9105d605fcdc749cf1b1e5b25ed1dbf95f025f6
+  data.tar.gz: 715357c6e4be37d8cbc7ce0397b9544efe6aca75d36d7836646e3ff4719d8a1c
 SHA512:
-  metadata.gz: dded90c284f709ca41f859ffb832c243728e2d19d630a84c6ba960052e8004af3e90c292f307c8ab76d2f0578ae2259402c4b96ad3a73c7a7e48e9b72c23a919
-  data.tar.gz: bf2b97dc6ce9aafca32582f0e06b0245bf0741f897cfe1ebadf7369f1e7344604247803b396aedc6da37415594baacdce933cd22afba09abc61684884dafe135
+  metadata.gz: d971104a0185146cc755e7e64812c58d69134fae5d69dcfe507f9fa3161166563600244857b66e2d0308e347aa48d8294419c0a11d46a993b329ee80726ba48c
+  data.tar.gz: 542ea1589f1097d45d056b2451c62587295917137994ef7ef29b52e87d09ecaf07550c7e3c8ac521183c002fec4f6fb96f8cc50ca7a26e4910c8bfe0ab715cde

data/CHANGELOG.md

@@ -1,6 +1,21 @@
 Unreleased Changes
 ------------------
 
+3.131.2 (2022-06-20)
+------------------
+
+* Issue - Populate context :request_id for XML error responses.
+
+3.131.1 (2022-05-20)
+------------------
+
+* Issue - Bump the minimum version of `jmespath` dependency.
+
+3.131.0 (2022-05-16)
+------------------
+
+* Feature - Updated Aws::STS::Client with the latest API changes.
+
 3.130.2 (2022-04-22)
 ------------------
 
@@ -50,7 +65,7 @@ Unreleased Changes
 3.126.2 (2022-02-16)
 ------------------
 
-* Issue - Add a before_refresh callback to AssumeRoleCredentials (#2529). 
+* Issue - Add a before_refresh callback to AssumeRoleCredentials (#2529).
 * Issue - Raise a `NoSuchProfileError` when config and credentials files don't exist.
 
 3.126.1 (2022-02-14)

data/VERSION

@@ -1 +1 @@
-3.130.2
+3.131.2

data/lib/aws-sdk-core/assume_role_credentials.rb

@@ -3,25 +3,20 @@
 require 'set'
 
 module Aws
-
-  # An auto-refreshing credential provider that works by assuming
-  # a role via {Aws::STS::Client#assume_role}.
+  # An auto-refreshing credential provider that assumes a role via
+  # {Aws::STS::Client#assume_role}.
   #
   #     role_credentials = Aws::AssumeRoleCredentials.new(
   #       client: Aws::STS::Client.new(...),
   #       role_arn: "linked::account::arn",
   #       role_session_name: "session-name"
   #     )
-  #
   #     ec2 = Aws::EC2::Client.new(credentials: role_credentials)
   #
-  # If you omit `:client` option, a new {STS::Client} object will be
-  # constructed.
+  # If you omit `:client` option, a new {Aws::STS::Client} object will be
+  # constructed with additional options that were provided.
   #
-  # The AssumeRoleCredentials also provides a `before_refresh` callback
-  # that can be used to help manage refreshing tokens.
-  # `before_refresh` is called when AWS credentials are required and need
-  # to be refreshed and it is called with the AssumeRoleCredentials object.
+  # @see Aws::STS::Client#assume_role
   class AssumeRoleCredentials
 
     include CredentialProvider

data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb

@@ -5,9 +5,8 @@ require 'securerandom'
 require 'base64'
 
 module Aws
-
-  # An auto-refreshing credential provider that works by assuming
-  # a role via {Aws::STS::Client#assume_role_with_web_identity}.
+  # An auto-refreshing credential provider that assumes a role via
+  # {Aws::STS::Client#assume_role_with_web_identity}.
   #
   #     role_credentials = Aws::AssumeRoleWebIdentityCredentials.new(
   #       client: Aws::STS::Client.new(...),
@@ -16,12 +15,12 @@ module Aws
   #       role_session_name: "session-name"
   #       ...
   #     )
-  #     For full list of parameters accepted
-  #     @see Aws::STS::Client#assume_role_with_web_identity
+  #     ec2 = Aws::EC2::Client.new(credentials: role_credentials)
   #
+  # If you omit `:client` option, a new {Aws::STS::Client} object will be
+  # constructed with additional options that were provided.
   #
-  # If you omit `:client` option, a new {STS::Client} object will be
-  # constructed.
+  # @see Aws::STS::Client#assume_role_with_web_identity
   class AssumeRoleWebIdentityCredentials
 
     include CredentialProvider

data/lib/aws-sdk-core/ecs_credentials.rb

@@ -4,6 +4,11 @@ require 'time'
 require 'net/http'
 
 module Aws
+  # An auto-refreshing credential provider that loads credentials from
+  # instances running in ECS.
+  #
+  #     ecs_credentials = Aws::ECSCredentials.new(retries: 3)
+  #     ec2 = Aws::EC2::Client.new(credentials: ecs_credentials)
   class ECSCredentials
 
     include CredentialProvider

data/lib/aws-sdk-core/instance_profile_credentials.rb

@@ -4,6 +4,11 @@ require 'time'
 require 'net/http'
 
 module Aws
+  # An auto-refreshing credential provider that loads credentials from
+  # EC2 instances.
+  #
+  #     instance_credentials = Aws::InstanceProfileCredentials.new
+  #     ec2 = Aws::EC2::Client.new(credentials: instance_credentials)
   class InstanceProfileCredentials
     include CredentialProvider
     include RefreshingCredentials

data/lib/aws-sdk-core/process_credentials.rb

@@ -1,19 +1,16 @@
 # frozen_string_literal: true
 
 module Aws
-
   # A credential provider that executes a given process and attempts
-  # to read its stdout to recieve a JSON payload containing the credentials
-  #
-  # Automatically handles refreshing credentials if an Expiration time is
-  # provided in the credentials payload
-  #
-  #     credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc').credentials
+  # to read its stdout to recieve a JSON payload containing the credentials.
   #
+  #     credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc')
   #     ec2 = Aws::EC2::Client.new(credentials: credentials)
   #
-  # More documentation on process based credentials can be found here:
-  # https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#sourcing-credentials-from-external-processes
+  # Automatically handles refreshing credentials if an Expiration time is
+  # provided in the credentials payload.
+  #
+  # @see https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#sourcing-credentials-from-external-processes
   class ProcessCredentials
 
     include CredentialProvider

data/lib/aws-sdk-core/rest/handler.rb

@@ -17,7 +17,7 @@ module Aws
 
       def apply_request_id(context)
         h = context.http_response.headers
-        context[:request_id] = h['x-amz-request-id'] || h['x-amzn-requestid']
+        context[:request_id] ||= h['x-amz-request-id'] || h['x-amzn-requestid']
       end
 
     end

data/lib/aws-sdk-core/sso_credentials.rb

@@ -1,17 +1,12 @@
 # frozen_string_literal: true
 
 module Aws
-  # An auto-refreshing credential provider that works by assuming a
-  # role via {Aws::SSO::Client#get_role_credentials} using a cached access
-  # token.  This class does NOT implement the SSO login token flow - tokens
+  # An auto-refreshing credential provider that assumes a role via
+  # {Aws::SSO::Client#get_role_credentials} using a cached access
+  # token. This class does NOT implement the SSO login token flow - tokens
   # must generated and refreshed separately by running `aws login` from the
   # AWS CLI with the correct profile.
   #
-  # For more background on AWS SSO see the official
-  # {https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html what is SSO Userguide}
-  #
-  # ## Refreshing Credentials from SSO
-  #
   # The `SSOCredentials` will auto-refresh the AWS credentials from SSO. In
   # addition to AWS credentials expiring after a given amount of time, the
   # access token generated and cached from `aws login` will also expire.
@@ -20,7 +15,6 @@ module Aws
   # the token value, but this can be done by running `aws login` with the
   # correct profile.
   #
-  #
   #     # You must first run aws sso login --profile your-sso-profile
   #     sso_credentials = Aws::SSOCredentials.new(
   #       sso_account_id: '123456789',
@@ -28,11 +22,13 @@ module Aws
   #       sso_region: "us-east-1",
   #       sso_start_url: 'https://your-start-url.awsapps.com/start'
   #     )
-  #
   #     ec2 = Aws::EC2::Client.new(credentials: sso_credentials)
   #
-  # If you omit `:client` option, a new {SSO::Client} object will be
-  # constructed.
+  # If you omit `:client` option, a new {Aws::SSO::Client} object will be
+  # constructed with additional options that were provided.
+  #
+  # @see Aws::SSO::Client#get_role_credentials
+  # @see https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html
   class SSOCredentials
 
     include CredentialProvider

data/lib/aws-sdk-core/xml/error_handler.rb

@@ -24,6 +24,7 @@ module Aws
         else
           code, message, data = extract_error(body, context)
         end
+        context[:request_id] = request_id(body)
         errors_module = context.client.class.errors_module
         error_class = errors_module.error_class(code).new(context, message, data)
         error_class
@@ -94,6 +95,12 @@ module Aws
         end
       end
 
+      def request_id(body)
+        if matches = body.match(/<RequestId>(.+?)<\/RequestId>/m)
+          matches[1]
+        end
+      end
+
       def unescape(str)
         CGI.unescapeHTML(str)
       end

data/lib/aws-sdk-sso/client.rb

@@ -545,7 +545,7 @@ module Aws::SSO
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.130.2'
+      context[:gem_version] = '3.131.2'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-sso.rb

@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
 # @!group service
 module Aws::SSO
 
-  GEM_VERSION = '3.130.2'
+  GEM_VERSION = '3.131.2'
 
 end

data/lib/aws-sdk-sts/client.rb

@@ -2145,6 +2145,14 @@ module Aws::STS
     # Credentials][1] and [Comparing the Amazon Web Services STS API
     # operations][2] in the *IAM User Guide*.
     #
+    # <note markdown="1"> No permissions are required for users to perform this operation. The
+    # purpose of the `sts:GetSessionToken` operation is to authenticate the
+    # user using MFA. You cannot use policies to control authentication
+    # operations. For more information, see [Permissions for
+    # GetSessionToken][3] in the *IAM User Guide*.
+    #
+    #  </note>
+    #
     # **Session Duration**
     #
     # The `GetSessionToken` operation must be called by using the long-term
@@ -2170,7 +2178,7 @@ module Aws::STS
     #
     # <note markdown="1"> We recommend that you do not call `GetSessionToken` with Amazon Web
     # Services account root user credentials. Instead, follow our [best
-    # practices][3] by creating one or more IAM users, giving them the
+    # practices][4] by creating one or more IAM users, giving them the
     # necessary permissions, and using IAM users for everyday interaction
     # with Amazon Web Services.
     #
@@ -2186,14 +2194,15 @@ module Aws::STS
     #
     # For more information about using `GetSessionToken` to create temporary
     # credentials, go to [Temporary Credentials for Users in Untrusted
-    # Environments][4] in the *IAM User Guide*.
+    # Environments][5] in the *IAM User Guide*.
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html
     # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison
-    # [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users
-    # [4]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken
+    # [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getsessiontoken.html
+    # [4]: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users
+    # [5]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken
     #
     # @option params [Integer] :duration_seconds
     #   The duration, in seconds, that the credentials should remain valid.
@@ -2290,7 +2299,7 @@ module Aws::STS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.130.2'
+      context[:gem_version] = '3.131.2'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-sts.rb

@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sts/customizations'
 # @!group service
 module Aws::STS
 
-  GEM_VERSION = '3.130.2'
+  GEM_VERSION = '3.131.2'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-core
 version: !ruby/object:Gem::Version
-  version: 3.130.2
+  version: 3.131.2
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-04-22 00:00:00.000000000 Z
+date: 2022-06-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jmespath
@@ -16,14 +16,20 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.1
 - !ruby/object:Gem::Dependency
   name: aws-partitions
   requirement: !ruby/object:Gem::Requirement