aws-sdk-core 3.152.0 → 3.234.0

data/VERSION

@@ -1 +1 @@
-3.152.0
+3.234.0

data/lib/aws-defaults/default_configuration.rb

@@ -20,7 +20,7 @@ module Aws
   #  * Globally via the "AWS_DEFAULTS_MODE" environment variable.
   #
   #
-  # @code_generation START - documentation
+  # #defaults START - documentation
   # The following `:default_mode` values are supported:
   #
   # * `'standard'` -
@@ -105,10 +105,10 @@ module Aws
   # [2]: https://docs.aws.amazon.com/sdkref/latest/guide/setting-global-retry_mode.html
   # [3]: https://docs.aws.amazon.com/sdkref/latest/guide/setting-global-sts_regional_endpoints.html
   #
-  # @code_generation END - documentation
+  # #defaults END - documentation
   module DefaultsModeConfiguration
     # @api private
-    # @code_generation START - configuration
+    # #defaults START - configuration
     SDK_DEFAULT_CONFIGURATION = 
     {
       "version" => 1,
@@ -128,8 +128,7 @@ module Aws
             "override" => 3100
           }
         },
-        "in-region" => {
-        },
+        "in-region" => {},
         "cross-region" => {
           "connectTimeoutInMillis" => {
             "override" => 3100
@@ -148,6 +147,6 @@ module Aws
         }
       }
     }
-    # @code_generation END - configuration
+    # #defaults END - configuration
   end
 end

data/lib/aws-defaults.rb

@@ -1,3 +1,6 @@
 # frozen_string_literal: true
 
-require_relative 'aws-defaults/default_configuration'
+module Aws
+  autoload :DefaultsModeConfiguration, 'aws-defaults/default_configuration'
+  autoload :DefaultsModeConfigResolver, 'aws-defaults/defaults_mode_config_resolver'
+end

data/lib/aws-sdk-core/arn.rb

@@ -24,9 +24,7 @@ module Aws
   #   arn.resource
   #   # => foo/bar
   #
-  #   # Note: parser available for parsing resource details
-  #   @see Aws::ARNParser#parse_resource
-  #
+  # @see ARNParser
   # @see https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-arns
   class ARN
 
@@ -88,5 +86,18 @@ module Aws
         resource: @resource
       }
     end
+
+    # Return the ARN as JSON
+    #
+    # @return [Hash]
+    def as_json(_options = nil)
+      {
+        'partition' => @partition,
+        'service' => @service,
+        'region' => @region,
+        'accountId' => @account_id,
+        'resource' => @resource
+      }
+    end
   end
 end

data/lib/aws-sdk-core/assume_role_credentials.rb

@@ -7,7 +7,7 @@ module Aws
   # {Aws::STS::Client#assume_role}.
   #
   #     role_credentials = Aws::AssumeRoleCredentials.new(
-  #       client: Aws::STS::Client.new(...),
+  #       client: Aws::STS::Client.new(sts_options),
   #       role_arn: "linked::account::arn",
   #       role_session_name: "session-name"
   #     )
@@ -28,15 +28,15 @@ module Aws
     # @option options [Integer] :duration_seconds
     # @option options [String] :external_id
     # @option options [STS::Client] :client
-    # @option options [Callable] before_refresh Proc called before
+    # @option options [Proc] :before_refresh A Proc called before
     #   credentials are refreshed.  Useful for updating tokens.
-    #   `before_refresh` is called when AWS credentials are
-    #   required and need to be refreshed. Tokens can be refreshed using
-    #   the following example:
+    #   `:before_refresh` is called when AWS credentials are
+    #   required and need to be refreshed. See the example in this doc.
     #
-    #      before_refresh = Proc.new do |assume_role_credentials| do
-    #        assume_role_credentials.assume_role_params['token_code'] = update_token
-    #      end
+    # @example Tokens can be refreshed using a Proc.
+    #   before_refresh = Proc.new do |assume_role_credentials|
+    #     assume_role_credentials.assume_role_params['token_code'] = update_token
+    #   end
     #
     def initialize(options = {})
       client_opts = {}
@@ -50,6 +50,7 @@ module Aws
       end
       @client = client_opts[:client] || STS::Client.new(client_opts)
       @async_refresh = true
+      @metrics = ['CREDENTIALS_STS_ASSUME_ROLE']
       super
     end
 
@@ -62,13 +63,20 @@ module Aws
     private
 
     def refresh
-      c = @client.assume_role(@assume_role_params).credentials
+      resp = @client.assume_role(@assume_role_params)
+      creds = resp.credentials
       @credentials = Credentials.new(
-        c.access_key_id,
-        c.secret_access_key,
-        c.session_token
+        creds.access_key_id,
+        creds.secret_access_key,
+        creds.session_token,
+        account_id: parse_account_id(resp)
       )
-      @expiration = c.expiration
+      @expiration = creds.expiration
+    end
+
+    def parse_account_id(resp)
+      arn = resp.assumed_role_user&.arn
+      ARNParser.parse(arn).account_id if ARNParser.arn?(arn)
     end
 
     class << self

data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb

@@ -9,11 +9,11 @@ module Aws
   # {Aws::STS::Client#assume_role_with_web_identity}.
   #
   #     role_credentials = Aws::AssumeRoleWebIdentityCredentials.new(
-  #       client: Aws::STS::Client.new(...),
+  #       client: Aws::STS::Client.new(sts_options),
   #       role_arn: "linked::account::arn",
   #       web_identity_token_file: "/path/to/token/file",
   #       role_session_name: "session-name"
-  #       ...
+  #       # ...
   #     )
   #     ec2 = Aws::EC2::Client.new(credentials: role_credentials)
   #
@@ -60,7 +60,8 @@ module Aws
         # not provided, generate encoded UUID as session name
         @assume_role_web_identity_params[:role_session_name] = _session_name
       end
-      @client = client_opts[:client] || STS::Client.new(client_opts.merge(credentials: false))
+      @client = client_opts[:client] || STS::Client.new(client_opts.merge(credentials: nil))
+      @metrics = ['CREDENTIALS_STS_ASSUME_ROLE_WEB_ID']
       super
     end
 
@@ -73,14 +74,15 @@ module Aws
       # read from token file everytime it refreshes
       @assume_role_web_identity_params[:web_identity_token] = _token_from_file(@token_file)
 
-      c = @client.assume_role_with_web_identity(
-        @assume_role_web_identity_params).credentials
+      resp = @client.assume_role_with_web_identity(@assume_role_web_identity_params)
+      creds = resp.credentials
       @credentials = Credentials.new(
-        c.access_key_id,
-        c.secret_access_key,
-        c.session_token
+        creds.access_key_id,
+        creds.secret_access_key,
+        creds.session_token,
+        account_id: parse_account_id(resp)
       )
-      @expiration = c.expiration
+      @expiration = creds.expiration
     end
 
     def _token_from_file(path)
@@ -94,6 +96,11 @@ module Aws
       Base64.strict_encode64(SecureRandom.uuid)
     end
 
+    def parse_account_id(resp)
+      arn = resp.assumed_role_user&.arn
+      ARNParser.parse(arn).account_id if ARNParser.arn?(arn)
+    end
+
     class << self
 
       # @api private

data/lib/aws-sdk-core/binary/decode_handler.rb

@@ -22,22 +22,16 @@ module Aws
       end
 
       def attach_eventstream_listeners(context, rules)
-
         context.http_response.on_headers(200) do
-          protocol = context.config.api.metadata['protocol']
-          output_handler = context[:output_event_stream_handler] || context[:event_stream_handler]
+          output_handler = context[:output_event_stream_handler] ||
+                           context[:event_stream_handler]
           context.http_response.body = EventStreamDecoder.new(
-            protocol,
+            context.config.protocol,
             rules,
             context.operation.output,
             context.operation.errors,
             context.http_response.body,
             output_handler)
-          if input_emitter = context[:input_event_emitter]
-            # #emit will be blocked until 200 success
-            # see Aws::EventEmitter#emit
-            input_emitter.signal_queue << "ready"
-          end
         end
 
         context.http_response.on_success(200) do

data/lib/aws-sdk-core/binary/encode_handler.rb

@@ -10,10 +10,10 @@ module Aws
         if eventstream_member = eventstream_input?(context)
           input_es_handler = context[:input_event_stream_handler]
           input_es_handler.event_emitter.encoder = EventStreamEncoder.new(
-            context.config.api.metadata['protocol'],
+            context.config.protocol,
             eventstream_member,
             context.operation.input,
-            context.config.sigv4_signer
+            signer_for(context)
           )
           context[:input_event_emitter] = input_es_handler.event_emitter
         end
@@ -22,6 +22,17 @@ module Aws
 
       private
 
+      def signer_for(context)
+        # New endpoint/signing logic, use the auth scheme to make a signer
+        if context[:auth_scheme]
+          Aws::Plugins::Sign.signer_for(context[:auth_scheme], context.config)
+        else
+          # Previous implementation always assumed sigv4_signer from config.
+          # Relies only on sigv4 signing (and plugin) for event stream services
+          context.config.sigv4_signer
+        end
+      end
+
       def eventstream_input?(ctx)
         ctx.operation.input.shape.members.each do |_, ref|
           return ref if ref.eventstream

data/lib/aws-sdk-core/binary/event_builder.rb

@@ -42,41 +42,39 @@ module Aws
           end
         end
 
-        # implict payload
-        if !explicit_payload && !implicit_payload_members.empty?
-          if implicit_payload_members.size > 1
-            payload_shape = Shapes::StructureShape.new
-            implicit_payload_members.each do |m_name, m_ref|
-              payload_shape.add_member(m_name, m_ref)
-            end
-            payload_ref = Shapes::ShapeRef.new(shape: payload_shape)
-
-            payload = build_payload_members(payload_ref, params)
-          else
-            m_name, m_ref = implicit_payload_members.first
-            streaming, content_type = _content_type(m_ref.shape)
-
-            es_headers[":content-type"] = Aws::EventStream::HeaderValue.new(
-              type: "string", value: content_type)
-            payload = _build_payload(streaming, m_ref, params[m_name])
-          end
-        end
-
-
+        # handle header members for all cases
         event_ref.shape.members.each do |member_name, member_ref|
           if member_ref.eventheader && params[member_name]
             header_value = params[member_name]
             es_headers[member_ref.shape.name] = Aws::EventStream::HeaderValue.new(
-              type: _header_value_type(member_ref.shape, header_value),
+              type: header_value_type(member_ref.shape, header_value),
               value: header_value
             )
-          elsif member_ref.eventpayload && params[member_name]
-            # explicit payload
-            streaming, content_type = _content_type(member_ref.shape)
+          end
+        end
+
+        # implict payload
+        if !explicit_payload && !implicit_payload_members.empty?
+          payload_shape = StructureShape.new
+          implicit_payload_members.each do |m_name, m_ref|
+            payload_shape.add_member(m_name, m_ref)
+          end
+          payload_ref = ShapeRef.new(shape: payload_shape)
 
-            es_headers[":content-type"] = Aws::EventStream::HeaderValue.new(
-              type: "string", value: content_type)
-            payload = _build_payload(streaming, member_ref, params[member_name])
+          payload = build_payload_members(payload_ref, params)
+                      .force_encoding(Encoding::BINARY)
+
+
+          es_headers[":content-type"] = Aws::EventStream::HeaderValue.new(
+            type: "string", value: content_type(payload_ref.shape))
+        else
+          # explicit payload, serialize just the payload member
+          event_ref.shape.members.each do |member_name, member_ref|
+            if member_ref.eventpayload && params[member_name]
+              es_headers[":content-type"] = Aws::EventStream::HeaderValue.new(
+                type: "string", value: content_type(member_ref.shape))
+              payload = params[member_name]
+            end
           end
         end
 
@@ -86,15 +84,15 @@ module Aws
         )
       end
 
-      def _content_type(shape)
+      def content_type(shape)
         case shape
-        when BlobShape then [true, "application/octet-stream"]
-        when StringShape then [true, "text/plain"]
+        when BlobShape then "application/octet-stream"
+        when StringShape then "text/plain"
         when StructureShape then
           if @serializer_class.name.include?('Xml')
-            [false, "text/xml"]
+            "text/xml"
           elsif @serializer_class.name.include?('Json')
-            [false, "application/json"]
+            "application/json"
           end
         else
           raise Aws::Errors::EventStreamBuilderError.new(
@@ -102,7 +100,7 @@ module Aws
         end
       end
 
-      def _header_value_type(shape, value)
+      def header_value_type(shape, value)
         case shape
         when StringShape then "string"
         when IntegerShape then "integer"
@@ -115,10 +113,9 @@ module Aws
         end
       end
 
-      def _build_payload(streaming, ref, value)
-        streaming ? value : @serializer_class.new(ref).serialize(value)
+      def build_payload_members(payload_ref, params)
+        @serializer_class.new(payload_ref).serialize(params)
       end
-
     end
   end
 end

data/lib/aws-sdk-core/binary/event_stream_decoder.rb

@@ -47,6 +47,7 @@ module Aws
         when 'rest-xml' then Aws::Xml::Parser
         when 'rest-json' then Aws::Json::Parser
         when 'json' then Aws::Json::Parser
+        when 'smithy-rpc-v2-cbor' then Aws::RpcV2::Parser
         else raise "unsupported protocol #{protocol} for event stream"
         end
       end

data/lib/aws-sdk-core/binary/event_stream_encoder.rb

@@ -43,9 +43,10 @@ module Aws
 
       def serializer_class(protocol)
         case protocol
-        when 'rest-xml' then Xml::Builder
-        when 'rest-json' then Json::Builder
-        when 'json' then Json::Builder
+        when 'rest-xml' then Aws::Xml::Builder
+        when 'rest-json' then Aws::Json::Builder
+        when 'json' then Aws::Json::Builder
+        when 'smithy-rpc-v2-cbor' then Aws::RpcV2::Builder
         else raise "unsupported protocol #{protocol} for event stream"
         end
       end