aws-sdk-core 3.152.0 → 3.234.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +942 -1
- data/VERSION +1 -1
- data/lib/aws-defaults/default_configuration.rb +5 -6
- data/lib/aws-defaults.rb +4 -1
- data/lib/aws-sdk-core/arn.rb +14 -3
- data/lib/aws-sdk-core/assume_role_credentials.rb +21 -13
- data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +16 -9
- data/lib/aws-sdk-core/binary/decode_handler.rb +3 -9
- data/lib/aws-sdk-core/binary/encode_handler.rb +13 -2
- data/lib/aws-sdk-core/binary/event_builder.rb +34 -37
- data/lib/aws-sdk-core/binary/event_stream_decoder.rb +1 -0
- data/lib/aws-sdk-core/binary/event_stream_encoder.rb +4 -3
- data/lib/aws-sdk-core/cbor/decoder.rb +308 -0
- data/lib/aws-sdk-core/cbor/encoder.rb +243 -0
- data/lib/aws-sdk-core/cbor.rb +53 -0
- data/lib/aws-sdk-core/client_side_monitoring.rb +9 -0
- data/lib/aws-sdk-core/client_stubs.rb +33 -55
- data/lib/aws-sdk-core/credential_provider.rb +8 -1
- data/lib/aws-sdk-core/credential_provider_chain.rb +81 -29
- data/lib/aws-sdk-core/credentials.rb +19 -6
- data/lib/aws-sdk-core/ec2_metadata.rb +1 -1
- data/lib/aws-sdk-core/ecs_credentials.rb +186 -60
- data/lib/aws-sdk-core/endpoints/condition.rb +41 -0
- data/lib/aws-sdk-core/endpoints/endpoint.rb +19 -0
- data/lib/aws-sdk-core/endpoints/endpoint_rule.rb +75 -0
- data/lib/aws-sdk-core/endpoints/error_rule.rb +42 -0
- data/lib/aws-sdk-core/endpoints/function.rb +80 -0
- data/lib/aws-sdk-core/endpoints/matchers.rb +129 -0
- data/lib/aws-sdk-core/endpoints/reference.rb +31 -0
- data/lib/aws-sdk-core/endpoints/rule.rb +25 -0
- data/lib/aws-sdk-core/endpoints/rule_set.rb +52 -0
- data/lib/aws-sdk-core/endpoints/rules_provider.rb +37 -0
- data/lib/aws-sdk-core/endpoints/templater.rb +58 -0
- data/lib/aws-sdk-core/endpoints/tree_rule.rb +45 -0
- data/lib/aws-sdk-core/endpoints/url.rb +60 -0
- data/lib/aws-sdk-core/endpoints.rb +158 -0
- data/lib/aws-sdk-core/error_handler.rb +46 -0
- data/lib/aws-sdk-core/errors.rb +14 -5
- data/lib/aws-sdk-core/event_emitter.rb +1 -17
- data/lib/aws-sdk-core/ini_parser.rb +7 -0
- data/lib/aws-sdk-core/instance_profile_credentials.rb +168 -155
- data/lib/aws-sdk-core/json/builder.rb +8 -1
- data/lib/aws-sdk-core/json/error_handler.rb +46 -11
- data/lib/aws-sdk-core/json/handler.rb +13 -6
- data/lib/aws-sdk-core/json/json_engine.rb +3 -1
- data/lib/aws-sdk-core/json/oj_engine.rb +7 -1
- data/lib/aws-sdk-core/json/parser.rb +33 -3
- data/lib/aws-sdk-core/json.rb +43 -14
- data/lib/aws-sdk-core/log/formatter.rb +6 -0
- data/lib/aws-sdk-core/log/param_filter.rb +2 -2
- data/lib/aws-sdk-core/log/param_formatter.rb +7 -3
- data/lib/aws-sdk-core/log.rb +10 -0
- data/lib/aws-sdk-core/lru_cache.rb +75 -0
- data/lib/aws-sdk-core/pageable_response.rb +3 -1
- data/lib/aws-sdk-core/param_validator.rb +9 -4
- data/lib/aws-sdk-core/plugins/bearer_authorization.rb +2 -0
- data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +348 -169
- data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb +1 -1
- data/lib/aws-sdk-core/plugins/client_metrics_send_plugin.rb +14 -2
- data/lib/aws-sdk-core/plugins/credentials_configuration.rb +84 -38
- data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +6 -2
- data/lib/aws-sdk-core/plugins/endpoint_pattern.rb +40 -32
- data/lib/aws-sdk-core/plugins/global_configuration.rb +8 -9
- data/lib/aws-sdk-core/plugins/http_checksum.rb +3 -8
- data/lib/aws-sdk-core/plugins/invocation_id.rb +1 -11
- data/lib/aws-sdk-core/plugins/logging.rb +2 -0
- data/lib/aws-sdk-core/plugins/protocols/api_gateway.rb +3 -1
- data/lib/aws-sdk-core/plugins/protocols/ec2.rb +2 -24
- data/lib/aws-sdk-core/plugins/protocols/json_rpc.rb +6 -8
- data/lib/aws-sdk-core/plugins/protocols/query.rb +4 -2
- data/lib/aws-sdk-core/plugins/protocols/rest_json.rb +3 -15
- data/lib/aws-sdk-core/plugins/protocols/rest_xml.rb +3 -0
- data/lib/aws-sdk-core/plugins/protocols/rpc_v2.rb +17 -0
- data/lib/aws-sdk-core/plugins/regional_endpoint.rb +164 -34
- data/lib/aws-sdk-core/plugins/request_compression.rb +226 -0
- data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +2 -1
- data/lib/aws-sdk-core/plugins/retry_errors.rb +12 -3
- data/lib/aws-sdk-core/plugins/sign.rb +222 -0
- data/lib/aws-sdk-core/plugins/signature_v2.rb +2 -0
- data/lib/aws-sdk-core/plugins/signature_v4.rb +2 -0
- data/lib/aws-sdk-core/plugins/stub_responses.rb +59 -9
- data/lib/aws-sdk-core/plugins/telemetry.rb +75 -0
- data/lib/aws-sdk-core/plugins/transfer_encoding.rb +16 -9
- data/lib/aws-sdk-core/plugins/user_agent.rb +192 -14
- data/lib/aws-sdk-core/plugins.rb +39 -0
- data/lib/aws-sdk-core/process_credentials.rb +48 -29
- data/lib/aws-sdk-core/query/ec2_handler.rb +27 -0
- data/lib/aws-sdk-core/query/ec2_param_builder.rb +5 -7
- data/lib/aws-sdk-core/query/handler.rb +4 -4
- data/lib/aws-sdk-core/query/param_builder.rb +2 -2
- data/lib/aws-sdk-core/query.rb +2 -1
- data/lib/aws-sdk-core/refreshing_credentials.rb +20 -23
- data/lib/aws-sdk-core/resources.rb +8 -0
- data/lib/aws-sdk-core/rest/content_type_handler.rb +60 -0
- data/lib/aws-sdk-core/rest/handler.rb +3 -4
- data/lib/aws-sdk-core/rest/request/body.rb +32 -5
- data/lib/aws-sdk-core/rest/request/endpoint.rb +24 -4
- data/lib/aws-sdk-core/rest/request/headers.rb +14 -10
- data/lib/aws-sdk-core/rest/request/querystring_builder.rb +62 -36
- data/lib/aws-sdk-core/rest/response/body.rb +15 -1
- data/lib/aws-sdk-core/rest/response/header_list_parser.rb +79 -0
- data/lib/aws-sdk-core/rest/response/headers.rb +8 -3
- data/lib/aws-sdk-core/rest.rb +1 -0
- data/lib/aws-sdk-core/rpc_v2/builder.rb +62 -0
- data/lib/aws-sdk-core/rpc_v2/cbor_engine.rb +18 -0
- data/lib/aws-sdk-core/rpc_v2/content_type_handler.rb +47 -0
- data/lib/aws-sdk-core/rpc_v2/error_handler.rb +95 -0
- data/lib/aws-sdk-core/rpc_v2/handler.rb +79 -0
- data/lib/aws-sdk-core/rpc_v2/parser.rb +98 -0
- data/lib/aws-sdk-core/rpc_v2.rb +69 -0
- data/lib/aws-sdk-core/shared_config.rb +160 -36
- data/lib/aws-sdk-core/shared_credentials.rb +1 -7
- data/lib/aws-sdk-core/sso_credentials.rb +84 -46
- data/lib/aws-sdk-core/sso_token_provider.rb +3 -2
- data/lib/aws-sdk-core/static_token_provider.rb +1 -2
- data/lib/aws-sdk-core/stubbing/protocols/ec2.rb +12 -11
- data/lib/aws-sdk-core/stubbing/protocols/json.rb +11 -10
- data/lib/aws-sdk-core/stubbing/protocols/query.rb +7 -6
- data/lib/aws-sdk-core/stubbing/protocols/rest.rb +2 -1
- data/lib/aws-sdk-core/stubbing/protocols/rest_json.rb +9 -8
- data/lib/aws-sdk-core/stubbing/protocols/rest_xml.rb +6 -5
- data/lib/aws-sdk-core/stubbing/protocols/rpc_v2.rb +39 -0
- data/lib/aws-sdk-core/stubbing/stub_data.rb +11 -0
- data/lib/aws-sdk-core/stubbing.rb +22 -0
- data/lib/aws-sdk-core/telemetry/base.rb +177 -0
- data/lib/aws-sdk-core/telemetry/no_op.rb +70 -0
- data/lib/aws-sdk-core/telemetry/otel.rb +235 -0
- data/lib/aws-sdk-core/telemetry/span_kind.rb +22 -0
- data/lib/aws-sdk-core/telemetry/span_status.rb +59 -0
- data/lib/aws-sdk-core/telemetry.rb +78 -0
- data/lib/aws-sdk-core/token.rb +3 -3
- data/lib/aws-sdk-core/token_provider.rb +4 -0
- data/lib/aws-sdk-core/token_provider_chain.rb +2 -6
- data/lib/aws-sdk-core/util.rb +41 -1
- data/lib/aws-sdk-core/waiters/poller.rb +12 -5
- data/lib/aws-sdk-core/xml/builder.rb +17 -9
- data/lib/aws-sdk-core/xml/error_handler.rb +35 -43
- data/lib/aws-sdk-core/xml/parser/frame.rb +4 -20
- data/lib/aws-sdk-core/xml/parser/{engines/oga.rb → oga_engine.rb} +2 -0
- data/lib/aws-sdk-core/xml/parser/stack.rb +2 -0
- data/lib/aws-sdk-core/xml/parser.rb +2 -6
- data/lib/aws-sdk-core.rb +82 -103
- data/lib/aws-sdk-sso/client.rb +219 -89
- data/lib/aws-sdk-sso/client_api.rb +7 -0
- data/lib/aws-sdk-sso/endpoint_parameters.rb +69 -0
- data/lib/aws-sdk-sso/endpoint_provider.rb +53 -0
- data/lib/aws-sdk-sso/endpoints.rb +20 -0
- data/lib/aws-sdk-sso/plugins/endpoints.rb +77 -0
- data/lib/aws-sdk-sso/types.rb +1 -35
- data/lib/aws-sdk-sso.rb +15 -7
- data/lib/aws-sdk-ssooidc/client.rb +650 -118
- data/lib/aws-sdk-ssooidc/client_api.rb +94 -1
- data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +69 -0
- data/lib/aws-sdk-ssooidc/endpoint_provider.rb +53 -0
- data/lib/aws-sdk-ssooidc/endpoints.rb +20 -0
- data/lib/aws-sdk-ssooidc/errors.rb +62 -0
- data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +77 -0
- data/lib/aws-sdk-ssooidc/types.rb +437 -67
- data/lib/aws-sdk-ssooidc.rb +15 -7
- data/lib/aws-sdk-sts/client.rb +670 -368
- data/lib/aws-sdk-sts/client_api.rb +48 -9
- data/lib/aws-sdk-sts/customizations.rb +5 -2
- data/lib/aws-sdk-sts/endpoint_parameters.rb +79 -0
- data/lib/aws-sdk-sts/endpoint_provider.rb +107 -0
- data/lib/aws-sdk-sts/endpoints.rb +20 -0
- data/lib/aws-sdk-sts/errors.rb +15 -0
- data/lib/aws-sdk-sts/plugins/endpoints.rb +77 -0
- data/lib/aws-sdk-sts/presigner.rb +12 -18
- data/lib/aws-sdk-sts/types.rb +296 -222
- data/lib/aws-sdk-sts.rb +15 -7
- data/lib/seahorse/client/async_base.rb +4 -6
- data/lib/seahorse/client/async_response.rb +19 -0
- data/lib/seahorse/client/base.rb +18 -21
- data/lib/seahorse/client/configuration.rb +1 -5
- data/lib/seahorse/client/h2/connection.rb +27 -36
- data/lib/seahorse/client/h2/handler.rb +14 -3
- data/lib/seahorse/client/handler.rb +1 -1
- data/lib/seahorse/client/http/response.rb +1 -1
- data/lib/seahorse/client/net_http/connection_pool.rb +15 -12
- data/lib/seahorse/client/net_http/handler.rb +21 -9
- data/lib/seahorse/client/net_http/patches.rb +1 -4
- data/lib/seahorse/client/networking_error.rb +1 -1
- data/lib/seahorse/client/plugin.rb +9 -0
- data/lib/seahorse/client/plugins/endpoint.rb +0 -1
- data/lib/seahorse/client/plugins/h2.rb +4 -4
- data/lib/seahorse/client/plugins/net_http.rb +57 -16
- data/lib/seahorse/client/plugins/request_callback.rb +40 -9
- data/lib/seahorse/client/request_context.rb +9 -2
- data/lib/seahorse/client/response.rb +8 -0
- data/lib/seahorse/model/operation.rb +3 -0
- data/lib/seahorse/model/shapes.rb +2 -2
- data/lib/seahorse/util.rb +6 -1
- data/sig/aws-sdk-core/async_client_stubs.rbs +21 -0
- data/sig/aws-sdk-core/client_stubs.rbs +10 -0
- data/sig/aws-sdk-core/errors.rbs +22 -0
- data/sig/aws-sdk-core/resources/collection.rbs +21 -0
- data/sig/aws-sdk-core/structure.rbs +4 -0
- data/sig/aws-sdk-core/telemetry/base.rbs +46 -0
- data/sig/aws-sdk-core/telemetry/otel.rbs +22 -0
- data/sig/aws-sdk-core/telemetry/span_kind.rbs +15 -0
- data/sig/aws-sdk-core/telemetry/span_status.rbs +24 -0
- data/sig/aws-sdk-core/waiters/errors.rbs +20 -0
- data/sig/aws-sdk-core.rbs +7 -0
- data/sig/seahorse/client/async_base.rbs +18 -0
- data/sig/seahorse/client/base.rbs +25 -0
- data/sig/seahorse/client/handler_builder.rbs +16 -0
- data/sig/seahorse/client/response.rbs +61 -0
- metadata +133 -23
- /data/lib/aws-sdk-core/xml/parser/{engines/libxml.rb → libxml_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/nokogiri.rb → nokogiri_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/ox.rb → ox_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/rexml.rb → rexml_engine.rb} +0 -0
|
@@ -15,26 +15,11 @@ module Aws
|
|
|
15
15
|
|
|
16
16
|
# @api private
|
|
17
17
|
def setup_stubbing
|
|
18
|
-
@stubs = {}
|
|
19
|
-
@stub_mutex = Mutex.new
|
|
20
18
|
if Hash === @config.stub_responses
|
|
21
19
|
@config.stub_responses.each do |operation_name, stubs|
|
|
22
20
|
apply_stubs(operation_name, Array === stubs ? stubs : [stubs])
|
|
23
21
|
end
|
|
24
22
|
end
|
|
25
|
-
|
|
26
|
-
# When a client is stubbed allow the user to access the requests made
|
|
27
|
-
@api_requests = []
|
|
28
|
-
|
|
29
|
-
requests = @api_requests
|
|
30
|
-
self.handle do |context|
|
|
31
|
-
requests << {
|
|
32
|
-
operation_name: context.operation_name,
|
|
33
|
-
params: context.params,
|
|
34
|
-
context: context
|
|
35
|
-
}
|
|
36
|
-
@handler.call(context)
|
|
37
|
-
end
|
|
38
23
|
end
|
|
39
24
|
|
|
40
25
|
# Configures what data / errors should be returned from the named operation
|
|
@@ -174,7 +159,7 @@ module Aws
|
|
|
174
159
|
# on a client that has not enabled response stubbing via
|
|
175
160
|
# `:stub_responses => true`.
|
|
176
161
|
def stub_responses(operation_name, *stubs)
|
|
177
|
-
if config.stub_responses
|
|
162
|
+
if @config.stub_responses
|
|
178
163
|
apply_stubs(operation_name, stubs.flatten)
|
|
179
164
|
else
|
|
180
165
|
msg = 'stubbing is not enabled; enable stubbing in the constructor '\
|
|
@@ -193,11 +178,13 @@ module Aws
|
|
|
193
178
|
# @raise [NotImplementedError] Raises `NotImplementedError` when the client
|
|
194
179
|
# is not stubbed.
|
|
195
180
|
def api_requests(options = {})
|
|
196
|
-
if config.stub_responses
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
181
|
+
if @config.stub_responses
|
|
182
|
+
@config.api_requests_mutex.synchronize do
|
|
183
|
+
if options[:exclude_presign]
|
|
184
|
+
@config.api_requests.reject {|req| req[:context][:presigned_url] }
|
|
185
|
+
else
|
|
186
|
+
@config.api_requests
|
|
187
|
+
end
|
|
201
188
|
end
|
|
202
189
|
else
|
|
203
190
|
msg = 'This method is only implemented for stubbed clients, and is '\
|
|
@@ -225,54 +212,44 @@ module Aws
|
|
|
225
212
|
# @return [Structure] Returns a stubbed response data structure. The
|
|
226
213
|
# actual class returned will depend on the given `operation_name`.
|
|
227
214
|
def stub_data(operation_name, data = {})
|
|
228
|
-
Stubbing::StubData.new(config.api.operation(operation_name)).stub(data)
|
|
215
|
+
Stubbing::StubData.new(@config.api.operation(operation_name)).stub(data)
|
|
229
216
|
end
|
|
230
217
|
|
|
231
218
|
# @api private
|
|
232
219
|
def next_stub(context)
|
|
233
220
|
operation_name = context.operation_name.to_sym
|
|
234
|
-
stub = @
|
|
235
|
-
stubs = @stubs[operation_name] || []
|
|
221
|
+
stub = @config.stubs_mutex.synchronize do
|
|
222
|
+
stubs = @config.stubs[operation_name] || []
|
|
236
223
|
case stubs.length
|
|
237
|
-
when 0 then
|
|
224
|
+
when 0 then stub_data(operation_name)
|
|
238
225
|
when 1 then stubs.first
|
|
239
226
|
else stubs.shift
|
|
240
227
|
end
|
|
241
228
|
end
|
|
242
|
-
|
|
229
|
+
stub = convert_stub(operation_name, stub, context)
|
|
230
|
+
stub[:mutex] = Mutex.new
|
|
231
|
+
stub
|
|
243
232
|
end
|
|
244
233
|
|
|
245
234
|
private
|
|
246
235
|
|
|
247
|
-
def
|
|
248
|
-
|
|
249
|
-
|
|
236
|
+
def apply_stubs(operation_name, stubs)
|
|
237
|
+
@config.stubs_mutex.synchronize do
|
|
238
|
+
@config.stubs[operation_name.to_sym] = stubs
|
|
239
|
+
end
|
|
250
240
|
end
|
|
251
241
|
|
|
252
242
|
# This method converts the given stub data and converts it to a
|
|
253
243
|
# HTTP response (when possible). This enables the response stubbing
|
|
254
244
|
# plugin to provide a HTTP response that triggers all normal events
|
|
255
245
|
# during response handling.
|
|
256
|
-
def
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
convert_stub(operation_name, stub)
|
|
260
|
-
end
|
|
261
|
-
end
|
|
262
|
-
end
|
|
263
|
-
|
|
264
|
-
def convert_stub(operation_name, stub)
|
|
265
|
-
stub = case stub
|
|
266
|
-
when Proc then stub
|
|
246
|
+
def convert_stub(operation_name, stub, context)
|
|
247
|
+
case stub
|
|
248
|
+
when Proc then convert_stub(operation_name, stub.call(context), context)
|
|
267
249
|
when Exception, Class then { error: stub }
|
|
268
250
|
when String then service_error_stub(stub)
|
|
269
|
-
|
|
270
|
-
else { data: stub }
|
|
271
|
-
end
|
|
272
|
-
if Hash === stub
|
|
273
|
-
stub[:mutex] = Mutex.new
|
|
251
|
+
else http_response_stub(operation_name, stub)
|
|
274
252
|
end
|
|
275
|
-
stub
|
|
276
253
|
end
|
|
277
254
|
|
|
278
255
|
def service_error_stub(error_code)
|
|
@@ -296,21 +273,22 @@ module Aws
|
|
|
296
273
|
end
|
|
297
274
|
|
|
298
275
|
def data_to_http_resp(operation_name, data)
|
|
299
|
-
api = config.api
|
|
276
|
+
api = @config.api
|
|
300
277
|
operation = api.operation(operation_name)
|
|
301
278
|
ParamValidator.new(operation.output, input: false).validate!(data)
|
|
302
279
|
protocol_helper.stub_data(api, operation, data)
|
|
303
280
|
end
|
|
304
281
|
|
|
305
282
|
def protocol_helper
|
|
306
|
-
case config.api.metadata['protocol']
|
|
307
|
-
when 'json'
|
|
308
|
-
when '
|
|
309
|
-
when '
|
|
310
|
-
when '
|
|
311
|
-
when '
|
|
312
|
-
when '
|
|
313
|
-
|
|
283
|
+
case @config.api.metadata['protocol']
|
|
284
|
+
when 'json' then Stubbing::Protocols::Json
|
|
285
|
+
when 'rest-json' then Stubbing::Protocols::RestJson
|
|
286
|
+
when 'rest-xml' then Stubbing::Protocols::RestXml
|
|
287
|
+
when 'query' then Stubbing::Protocols::Query
|
|
288
|
+
when 'ec2' then Stubbing::Protocols::EC2
|
|
289
|
+
when 'smithy-rpc-v2-cbor' then Stubbing::Protocols::RpcV2
|
|
290
|
+
when 'api-gateway' then Stubbing::Protocols::ApiGateway
|
|
291
|
+
else raise 'unsupported protocol'
|
|
314
292
|
end.new
|
|
315
293
|
end
|
|
316
294
|
end
|
|
@@ -6,9 +6,16 @@ module Aws
|
|
|
6
6
|
# @return [Credentials]
|
|
7
7
|
attr_reader :credentials
|
|
8
8
|
|
|
9
|
+
# @return [Time]
|
|
10
|
+
attr_reader :expiration
|
|
11
|
+
|
|
12
|
+
# @api private
|
|
13
|
+
# Returns UserAgent metrics for credentials.
|
|
14
|
+
attr_accessor :metrics
|
|
15
|
+
|
|
9
16
|
# @return [Boolean]
|
|
10
17
|
def set?
|
|
11
|
-
|
|
18
|
+
!!@credentials && @credentials.set?
|
|
12
19
|
end
|
|
13
20
|
|
|
14
21
|
end
|
|
@@ -11,7 +11,7 @@ module Aws
|
|
|
11
11
|
def resolve
|
|
12
12
|
providers.each do |method_name, options|
|
|
13
13
|
provider = send(method_name, options.merge(config: @config))
|
|
14
|
-
return provider if provider
|
|
14
|
+
return provider if provider&.set?
|
|
15
15
|
end
|
|
16
16
|
nil
|
|
17
17
|
end
|
|
@@ -42,50 +42,77 @@ module Aws
|
|
|
42
42
|
|
|
43
43
|
def static_credentials(options)
|
|
44
44
|
if options[:config]
|
|
45
|
-
Credentials.new(
|
|
45
|
+
creds = Credentials.new(
|
|
46
46
|
options[:config].access_key_id,
|
|
47
47
|
options[:config].secret_access_key,
|
|
48
|
-
options[:config].session_token
|
|
48
|
+
options[:config].session_token,
|
|
49
|
+
account_id: options[:config].account_id
|
|
49
50
|
)
|
|
51
|
+
creds.metrics = ['CREDENTIALS_PROFILE']
|
|
52
|
+
creds
|
|
50
53
|
end
|
|
51
54
|
end
|
|
52
55
|
|
|
53
56
|
def static_profile_assume_role_web_identity_credentials(options)
|
|
54
|
-
|
|
55
|
-
|
|
57
|
+
return unless Aws.shared_config.config_enabled? && options[:config]&.profile
|
|
58
|
+
|
|
59
|
+
with_metrics('CREDENTIALS_CODE') do
|
|
60
|
+
creds = Aws.shared_config.assume_role_web_identity_credentials_from_config(
|
|
56
61
|
profile: options[:config].profile,
|
|
57
62
|
region: options[:config].region
|
|
58
63
|
)
|
|
64
|
+
return unless creds
|
|
65
|
+
|
|
66
|
+
creds.metrics << 'CREDENTIALS_CODE'
|
|
67
|
+
creds
|
|
59
68
|
end
|
|
60
69
|
end
|
|
61
70
|
|
|
62
71
|
def static_profile_sso_credentials(options)
|
|
63
|
-
|
|
64
|
-
|
|
72
|
+
return unless Aws.shared_config.config_enabled? && options[:config]&.profile
|
|
73
|
+
|
|
74
|
+
with_metrics('CREDENTIALS_CODE') do
|
|
75
|
+
creds = Aws.shared_config.sso_credentials_from_config(
|
|
65
76
|
profile: options[:config].profile
|
|
66
77
|
)
|
|
78
|
+
return unless creds
|
|
79
|
+
|
|
80
|
+
creds.metrics << 'CREDENTIALS_CODE'
|
|
81
|
+
creds
|
|
67
82
|
end
|
|
68
83
|
end
|
|
69
84
|
|
|
70
85
|
def static_profile_assume_role_credentials(options)
|
|
71
|
-
|
|
72
|
-
|
|
86
|
+
return unless Aws.shared_config.config_enabled? && options[:config]&.profile
|
|
87
|
+
|
|
88
|
+
with_metrics('CREDENTIALS_CODE') do
|
|
89
|
+
creds = assume_role_with_profile(options, options[:config].profile)
|
|
90
|
+
return unless creds
|
|
91
|
+
|
|
92
|
+
creds.metrics << 'CREDENTIALS_CODE'
|
|
93
|
+
creds
|
|
73
94
|
end
|
|
74
95
|
end
|
|
75
96
|
|
|
76
97
|
def static_profile_credentials(options)
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
98
|
+
return unless options[:config]&.profile
|
|
99
|
+
|
|
100
|
+
creds = SharedCredentials.new(profile_name: options[:config].profile)
|
|
101
|
+
creds.metrics << 'CREDENTIALS_PROFILE'
|
|
102
|
+
creds
|
|
80
103
|
rescue Errors::NoSuchProfileError
|
|
81
104
|
nil
|
|
82
105
|
end
|
|
83
106
|
|
|
84
107
|
def static_profile_process_credentials(options)
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
108
|
+
return unless Aws.shared_config.config_enabled? && options[:config]&.profile
|
|
109
|
+
|
|
110
|
+
process_provider = Aws.shared_config.credential_process(profile: options[:config].profile)
|
|
111
|
+
return unless process_provider
|
|
112
|
+
|
|
113
|
+
creds = ProcessCredentials.new([process_provider])
|
|
114
|
+
creds.metrics.concat(%w[CREDENTIALS_PROFILE_PROCESS CREDENTIALS_CODE])
|
|
115
|
+
creds
|
|
89
116
|
rescue Errors::NoSuchProfileError
|
|
90
117
|
nil
|
|
91
118
|
end
|
|
@@ -94,7 +121,15 @@ module Aws
|
|
|
94
121
|
key = %w[AWS_ACCESS_KEY_ID AMAZON_ACCESS_KEY_ID AWS_ACCESS_KEY]
|
|
95
122
|
secret = %w[AWS_SECRET_ACCESS_KEY AMAZON_SECRET_ACCESS_KEY AWS_SECRET_KEY]
|
|
96
123
|
token = %w[AWS_SESSION_TOKEN AMAZON_SESSION_TOKEN]
|
|
97
|
-
|
|
124
|
+
account_id = %w[AWS_ACCOUNT_ID]
|
|
125
|
+
creds = Credentials.new(
|
|
126
|
+
envar(key),
|
|
127
|
+
envar(secret),
|
|
128
|
+
envar(token),
|
|
129
|
+
account_id: envar(account_id)
|
|
130
|
+
)
|
|
131
|
+
creds.metrics = ['CREDENTIALS_ENV_VARS']
|
|
132
|
+
creds
|
|
98
133
|
end
|
|
99
134
|
|
|
100
135
|
def envar(keys)
|
|
@@ -105,21 +140,27 @@ module Aws
|
|
|
105
140
|
end
|
|
106
141
|
|
|
107
142
|
def determine_profile_name(options)
|
|
108
|
-
(options[:config]
|
|
143
|
+
(options[:config]&.profile) || ENV['AWS_PROFILE'] || ENV['AWS_DEFAULT_PROFILE'] || 'default'
|
|
109
144
|
end
|
|
110
145
|
|
|
111
146
|
def shared_credentials(options)
|
|
112
147
|
profile_name = determine_profile_name(options)
|
|
113
|
-
SharedCredentials.new(profile_name: profile_name)
|
|
148
|
+
creds = SharedCredentials.new(profile_name: profile_name)
|
|
149
|
+
creds.metrics = ['CREDENTIALS_PROFILE']
|
|
150
|
+
creds
|
|
114
151
|
rescue Errors::NoSuchProfileError
|
|
115
152
|
nil
|
|
116
153
|
end
|
|
117
154
|
|
|
118
155
|
def process_credentials(options)
|
|
119
156
|
profile_name = determine_profile_name(options)
|
|
120
|
-
if Aws.shared_config.config_enabled?
|
|
121
|
-
|
|
122
|
-
|
|
157
|
+
if Aws.shared_config.config_enabled?
|
|
158
|
+
process_provider = Aws.shared_config.credential_process(profile: profile_name)
|
|
159
|
+
if process_provider
|
|
160
|
+
creds = ProcessCredentials.new([process_provider])
|
|
161
|
+
creds.metrics << 'CREDENTIALS_PROFILE_PROCESS'
|
|
162
|
+
creds
|
|
163
|
+
end
|
|
123
164
|
end
|
|
124
165
|
rescue Errors::NoSuchProfileError
|
|
125
166
|
nil
|
|
@@ -149,7 +190,11 @@ module Aws
|
|
|
149
190
|
role_session_name: ENV['AWS_ROLE_SESSION_NAME']
|
|
150
191
|
}
|
|
151
192
|
cfg[:region] = region if region
|
|
152
|
-
|
|
193
|
+
Aws::Plugins::UserAgent.metric('CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN') do
|
|
194
|
+
creds = AssumeRoleWebIdentityCredentials.new(cfg)
|
|
195
|
+
creds.metrics << 'CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN'
|
|
196
|
+
creds
|
|
197
|
+
end
|
|
153
198
|
elsif Aws.shared_config.config_enabled?
|
|
154
199
|
profile = options[:config].profile if options[:config]
|
|
155
200
|
Aws.shared_config.assume_role_web_identity_credentials_from_config(
|
|
@@ -161,20 +206,27 @@ module Aws
|
|
|
161
206
|
|
|
162
207
|
def instance_profile_credentials(options)
|
|
163
208
|
profile_name = determine_profile_name(options)
|
|
164
|
-
if ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI']
|
|
209
|
+
if ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI'] ||
|
|
210
|
+
ENV['AWS_CONTAINER_CREDENTIALS_FULL_URI']
|
|
165
211
|
ECSCredentials.new(options)
|
|
166
|
-
|
|
212
|
+
elsif !(ENV.fetch('AWS_EC2_METADATA_DISABLED', 'false').downcase == 'true')
|
|
167
213
|
InstanceProfileCredentials.new(options.merge(profile: profile_name))
|
|
168
214
|
end
|
|
169
215
|
end
|
|
170
216
|
|
|
171
217
|
def assume_role_with_profile(options, profile_name)
|
|
172
|
-
|
|
173
|
-
Aws.shared_config.assume_role_credentials_from_config(
|
|
218
|
+
assume_opts = {
|
|
174
219
|
profile: profile_name,
|
|
175
|
-
region: region,
|
|
176
220
|
chain_config: @config
|
|
177
|
-
|
|
221
|
+
}
|
|
222
|
+
if options[:config]&.region
|
|
223
|
+
assume_opts[:region] = options[:config].region
|
|
224
|
+
end
|
|
225
|
+
Aws.shared_config.assume_role_credentials_from_config(assume_opts)
|
|
226
|
+
end
|
|
227
|
+
|
|
228
|
+
def with_metrics(metrics, &block)
|
|
229
|
+
Aws::Plugins::UserAgent.metric(*metrics, &block)
|
|
178
230
|
end
|
|
179
231
|
end
|
|
180
232
|
end
|
|
@@ -6,21 +6,34 @@ module Aws
|
|
|
6
6
|
# @param [String] access_key_id
|
|
7
7
|
# @param [String] secret_access_key
|
|
8
8
|
# @param [String] session_token (nil)
|
|
9
|
-
|
|
9
|
+
# @param [Hash] kwargs
|
|
10
|
+
# @option kwargs [String] :credential_scope (nil)
|
|
11
|
+
def initialize(access_key_id, secret_access_key, session_token = nil,
|
|
12
|
+
**kwargs)
|
|
10
13
|
@access_key_id = access_key_id
|
|
11
14
|
@secret_access_key = secret_access_key
|
|
12
15
|
@session_token = session_token
|
|
16
|
+
@account_id = kwargs[:account_id]
|
|
17
|
+
@metrics = ['CREDENTIALS_CODE']
|
|
13
18
|
end
|
|
14
19
|
|
|
15
|
-
# @return [String
|
|
20
|
+
# @return [String]
|
|
16
21
|
attr_reader :access_key_id
|
|
17
22
|
|
|
18
|
-
# @return [String
|
|
23
|
+
# @return [String]
|
|
19
24
|
attr_reader :secret_access_key
|
|
20
25
|
|
|
21
26
|
# @return [String, nil]
|
|
22
27
|
attr_reader :session_token
|
|
23
28
|
|
|
29
|
+
# @return [String, nil]
|
|
30
|
+
attr_reader :account_id
|
|
31
|
+
|
|
32
|
+
# @api private
|
|
33
|
+
# Returns the credentials source. Used for tracking credentials
|
|
34
|
+
# related UserAgent metrics.
|
|
35
|
+
attr_accessor :metrics
|
|
36
|
+
|
|
24
37
|
# @return [Credentials]
|
|
25
38
|
def credentials
|
|
26
39
|
self
|
|
@@ -30,9 +43,9 @@ module Aws
|
|
|
30
43
|
# access key are both set.
|
|
31
44
|
def set?
|
|
32
45
|
!access_key_id.nil? &&
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
46
|
+
!access_key_id.empty? &&
|
|
47
|
+
!secret_access_key.nil? &&
|
|
48
|
+
!secret_access_key.empty?
|
|
36
49
|
end
|
|
37
50
|
|
|
38
51
|
# Removing the secret access key from the default inspect string.
|
|
@@ -183,7 +183,7 @@ module Aws
|
|
|
183
183
|
|
|
184
184
|
def open_connection
|
|
185
185
|
uri = URI.parse(@endpoint)
|
|
186
|
-
http = Net::HTTP.new(uri.hostname || @endpoint,
|
|
186
|
+
http = Net::HTTP.new(uri.hostname || @endpoint, uri.port || @port)
|
|
187
187
|
http.open_timeout = @http_open_timeout
|
|
188
188
|
http.read_timeout = @http_read_timeout
|
|
189
189
|
http.set_debug_output(@http_debug_output) if @http_debug_output
|