aws-sdk-core 3.169.0 → 3.171.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-core/credential_provider_chain.rb +2 -1
- data/lib/aws-sdk-core/ecs_credentials.rb +111 -53
- data/lib/aws-sdk-sso/client.rb +1 -1
- data/lib/aws-sdk-sso.rb +1 -1
- data/lib/aws-sdk-ssooidc/client.rb +1 -1
- data/lib/aws-sdk-ssooidc.rb +1 -1
- data/lib/aws-sdk-sts/client.rb +13 -11
- data/lib/aws-sdk-sts/endpoint_provider.rb +17 -17
- data/lib/aws-sdk-sts.rb +1 -1
- data/lib/seahorse/client/h2/connection.rb +10 -6
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e4b9ed82ab5a4b3e5871bca537f3a650a468131bc35120873f02edb0a35017b1
|
|
4
|
+
data.tar.gz: d5a49d43dfdec90623e9ee88be22b5c2e45a7413b91bac4e881b1002e3c6cce0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f0f8e07aada15f369b444d10325601352057ddfff2b6020b27cb8c8c8cdcd42001f8f5ecff8855abdbea8a932ff92b1a8ffd771a2a846f9a595f08f94ee9c28b
|
|
7
|
+
data.tar.gz: 53f75fd8a1e204a21a231ae4010c85f39a11420ffd430c51430e85c3203d214e51c7fda54c92258409a644f118589ce0bb5dab7e7ec45cbcd927d03afd930c25
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,21 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
3.171.0 (2023-03-22)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Add support for `AWS_CONTAINER_CREDENTIALS_FULL_URI` and `AWS_CONTAINER_AUTHORIZATION_TOKEN` environment variables to `ECSCredentials`.
|
|
8
|
+
|
|
9
|
+
3.170.1 (2023-03-17)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Issue - Reduce memory usage in H2::Connection when `http_wire_log` is not set.
|
|
13
|
+
|
|
14
|
+
3.170.0 (2023-01-25)
|
|
15
|
+
------------------
|
|
16
|
+
|
|
17
|
+
* Feature - Updated Aws::STS::Client with the latest API changes.
|
|
18
|
+
|
|
4
19
|
3.169.0 (2023-01-18)
|
|
5
20
|
------------------
|
|
6
21
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.
|
|
1
|
+
3.171.0
|
|
@@ -161,7 +161,8 @@ module Aws
|
|
|
161
161
|
|
|
162
162
|
def instance_profile_credentials(options)
|
|
163
163
|
profile_name = determine_profile_name(options)
|
|
164
|
-
if ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI']
|
|
164
|
+
if ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI'] ||
|
|
165
|
+
ENV['AWS_CONTAINER_CREDENTIALS_FULL_URI']
|
|
165
166
|
ECSCredentials.new(options)
|
|
166
167
|
else
|
|
167
168
|
InstanceProfileCredentials.new(options.merge(profile: profile_name))
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require 'time'
|
|
4
4
|
require 'net/http'
|
|
5
|
+
require 'resolv'
|
|
5
6
|
|
|
6
7
|
module Aws
|
|
7
8
|
# An auto-refreshing credential provider that loads credentials from
|
|
@@ -10,7 +11,6 @@ module Aws
|
|
|
10
11
|
# ecs_credentials = Aws::ECSCredentials.new(retries: 3)
|
|
11
12
|
# ec2 = Aws::EC2::Client.new(credentials: ecs_credentials)
|
|
12
13
|
class ECSCredentials
|
|
13
|
-
|
|
14
14
|
include CredentialProvider
|
|
15
15
|
include RefreshingCredentials
|
|
16
16
|
|
|
@@ -29,16 +29,22 @@ module Aws
|
|
|
29
29
|
Errno::ENETUNREACH,
|
|
30
30
|
SocketError,
|
|
31
31
|
Timeout::Error,
|
|
32
|
-
Non200Response
|
|
33
|
-
]
|
|
32
|
+
Non200Response
|
|
33
|
+
].freeze
|
|
34
34
|
|
|
35
35
|
# @param [Hash] options
|
|
36
36
|
# @option options [Integer] :retries (5) Number of times to retry
|
|
37
37
|
# when retrieving credentials.
|
|
38
|
-
# @option options [String] :ip_address ('169.254.170.2')
|
|
39
|
-
#
|
|
38
|
+
# @option options [String] :ip_address ('169.254.170.2') This value is
|
|
39
|
+
# ignored if `endpoint` is set and `credential_path` is not set.
|
|
40
|
+
# @option options [Integer] :port (80) This value is ignored if `endpoint`
|
|
41
|
+
# is set and `credential_path` is not set.
|
|
40
42
|
# @option options [String] :credential_path By default, the value of the
|
|
41
43
|
# AWS_CONTAINER_CREDENTIALS_RELATIVE_URI environment variable.
|
|
44
|
+
# @option options [String] :endpoint The ECS credential endpoint.
|
|
45
|
+
# By default, this is the value of the AWS_CONTAINER_CREDENTIALS_FULL_URI
|
|
46
|
+
# environment variable. This value is ignored if `credential_path` or
|
|
47
|
+
# ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI'] is set.
|
|
42
48
|
# @option options [Float] :http_open_timeout (5)
|
|
43
49
|
# @option options [Float] :http_read_timeout (5)
|
|
44
50
|
# @option options [Numeric, Proc] :delay By default, failures are retried
|
|
@@ -52,17 +58,15 @@ module Aws
|
|
|
52
58
|
# credentials are refreshed. `before_refresh` is called
|
|
53
59
|
# with an instance of this object when
|
|
54
60
|
# AWS credentials are required and need to be refreshed.
|
|
55
|
-
def initialize
|
|
61
|
+
def initialize(options = {})
|
|
62
|
+
credential_path = options[:credential_path] ||
|
|
63
|
+
ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI']
|
|
64
|
+
endpoint = options[:endpoint] ||
|
|
65
|
+
ENV['AWS_CONTAINER_CREDENTIALS_FULL_URI']
|
|
66
|
+
initialize_uri(options, credential_path, endpoint)
|
|
67
|
+
@authorization_token = ENV['AWS_CONTAINER_AUTHORIZATION_TOKEN']
|
|
68
|
+
|
|
56
69
|
@retries = options[:retries] || 5
|
|
57
|
-
@ip_address = options[:ip_address] || '169.254.170.2'
|
|
58
|
-
@port = options[:port] || 80
|
|
59
|
-
@credential_path = options[:credential_path]
|
|
60
|
-
@credential_path ||= ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI']
|
|
61
|
-
unless @credential_path
|
|
62
|
-
raise ArgumentError.new(
|
|
63
|
-
"Cannot instantiate an ECS Credential Provider without a credential path."
|
|
64
|
-
)
|
|
65
|
-
end
|
|
66
70
|
@http_open_timeout = options[:http_open_timeout] || 5
|
|
67
71
|
@http_read_timeout = options[:http_read_timeout] || 5
|
|
68
72
|
@http_debug_output = options[:http_debug_output]
|
|
@@ -77,11 +81,69 @@ module Aws
|
|
|
77
81
|
|
|
78
82
|
private
|
|
79
83
|
|
|
84
|
+
def initialize_uri(options, credential_path, endpoint)
|
|
85
|
+
if credential_path
|
|
86
|
+
initialize_relative_uri(options, credential_path)
|
|
87
|
+
# Use FULL_URI/endpoint only if RELATIVE_URI/path is not set
|
|
88
|
+
elsif endpoint
|
|
89
|
+
initialize_full_uri(endpoint)
|
|
90
|
+
else
|
|
91
|
+
raise ArgumentError,
|
|
92
|
+
'Cannot instantiate an ECS Credential Provider '\
|
|
93
|
+
'without a credential path or endpoint.'
|
|
94
|
+
end
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
def initialize_relative_uri(options, path)
|
|
98
|
+
@host = options[:ip_address] || '169.254.170.2'
|
|
99
|
+
@port = options[:port] || 80
|
|
100
|
+
@scheme = 'http'
|
|
101
|
+
@credential_path = path
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def initialize_full_uri(endpoint)
|
|
105
|
+
uri = URI.parse(endpoint)
|
|
106
|
+
validate_full_uri!(uri)
|
|
107
|
+
@host = uri.host
|
|
108
|
+
@port = uri.port
|
|
109
|
+
@scheme = uri.scheme
|
|
110
|
+
@credential_path = uri.path
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
# Validate that the full URI is using a loopback address if scheme is http.
|
|
114
|
+
def validate_full_uri!(full_uri)
|
|
115
|
+
return unless full_uri.scheme == 'http'
|
|
116
|
+
|
|
117
|
+
begin
|
|
118
|
+
return if ip_loopback?(IPAddr.new(full_uri.host))
|
|
119
|
+
rescue IPAddr::InvalidAddressError
|
|
120
|
+
addresses = Resolv.getaddresses(full_uri.host)
|
|
121
|
+
return if addresses.all? { |addr| ip_loopback?(IPAddr.new(addr)) }
|
|
122
|
+
end
|
|
123
|
+
|
|
124
|
+
raise ArgumentError,
|
|
125
|
+
'AWS_CONTAINER_CREDENTIALS_FULL_URI must use a loopback '\
|
|
126
|
+
'address when using the http scheme.'
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
# loopback? method is available in Ruby 2.5+
|
|
130
|
+
# Replicate the logic here.
|
|
131
|
+
def ip_loopback?(ip_address)
|
|
132
|
+
case ip_address.family
|
|
133
|
+
when Socket::AF_INET
|
|
134
|
+
ip_address & 0xff000000 == 0x7f000000
|
|
135
|
+
when Socket::AF_INET6
|
|
136
|
+
ip_address == 1
|
|
137
|
+
else
|
|
138
|
+
false
|
|
139
|
+
end
|
|
140
|
+
end
|
|
141
|
+
|
|
80
142
|
def backoff(backoff)
|
|
81
143
|
case backoff
|
|
82
144
|
when Proc then backoff
|
|
83
|
-
when Numeric then
|
|
84
|
-
else
|
|
145
|
+
when Numeric then ->(_) { sleep(backoff) }
|
|
146
|
+
else ->(num_failures) { Kernel.sleep(1.2**num_failures) }
|
|
85
147
|
end
|
|
86
148
|
end
|
|
87
149
|
|
|
@@ -89,68 +151,64 @@ module Aws
|
|
|
89
151
|
# Retry loading credentials up to 3 times is the instance metadata
|
|
90
152
|
# service is responding but is returning invalid JSON documents
|
|
91
153
|
# in response to the GET profile credentials call.
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
end
|
|
102
|
-
rescue Aws::Json::ParseError
|
|
103
|
-
raise Aws::Errors::MetadataParserError.new
|
|
154
|
+
|
|
155
|
+
retry_errors([Aws::Json::ParseError, StandardError], max_retries: 3) do
|
|
156
|
+
c = Aws::Json.load(get_credentials.to_s)
|
|
157
|
+
@credentials = Credentials.new(
|
|
158
|
+
c['AccessKeyId'],
|
|
159
|
+
c['SecretAccessKey'],
|
|
160
|
+
c['Token']
|
|
161
|
+
)
|
|
162
|
+
@expiration = c['Expiration'] ? Time.iso8601(c['Expiration']) : nil
|
|
104
163
|
end
|
|
164
|
+
rescue Aws::Json::ParseError
|
|
165
|
+
raise Aws::Errors::MetadataParserError
|
|
105
166
|
end
|
|
106
167
|
|
|
107
168
|
def get_credentials
|
|
108
169
|
# Retry loading credentials a configurable number of times if
|
|
109
170
|
# the instance metadata service is not responding.
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
end
|
|
171
|
+
|
|
172
|
+
retry_errors(NETWORK_ERRORS, max_retries: @retries) do
|
|
173
|
+
open_connection do |conn|
|
|
174
|
+
http_get(conn, @credential_path)
|
|
115
175
|
end
|
|
116
|
-
rescue
|
|
117
|
-
'{}'
|
|
118
176
|
end
|
|
177
|
+
rescue StandardError
|
|
178
|
+
'{}'
|
|
119
179
|
end
|
|
120
180
|
|
|
121
181
|
def open_connection
|
|
122
|
-
http = Net::HTTP.new(@
|
|
182
|
+
http = Net::HTTP.new(@host, @port, nil)
|
|
123
183
|
http.open_timeout = @http_open_timeout
|
|
124
184
|
http.read_timeout = @http_read_timeout
|
|
125
185
|
http.set_debug_output(@http_debug_output) if @http_debug_output
|
|
186
|
+
http.use_ssl = @scheme == 'https'
|
|
126
187
|
http.start
|
|
127
188
|
yield(http).tap { http.finish }
|
|
128
189
|
end
|
|
129
190
|
|
|
130
191
|
def http_get(connection, path)
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
192
|
+
request = Net::HTTP::Get.new(path)
|
|
193
|
+
request['Authorization'] = @authorization_token if @authorization_token
|
|
194
|
+
response = connection.request(request)
|
|
195
|
+
raise Non200Response unless response.code.to_i == 200
|
|
196
|
+
|
|
197
|
+
response.body
|
|
137
198
|
end
|
|
138
199
|
|
|
139
|
-
def retry_errors(error_classes, options = {}
|
|
200
|
+
def retry_errors(error_classes, options = {})
|
|
140
201
|
max_retries = options[:max_retries]
|
|
141
202
|
retries = 0
|
|
142
203
|
begin
|
|
143
204
|
yield
|
|
144
|
-
rescue *error_classes =>
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
raise
|
|
151
|
-
end
|
|
205
|
+
rescue *error_classes => _e
|
|
206
|
+
raise unless retries < max_retries
|
|
207
|
+
|
|
208
|
+
@backoff.call(retries)
|
|
209
|
+
retries += 1
|
|
210
|
+
retry
|
|
152
211
|
end
|
|
153
212
|
end
|
|
154
|
-
|
|
155
213
|
end
|
|
156
214
|
end
|
data/lib/aws-sdk-sso/client.rb
CHANGED
data/lib/aws-sdk-sso.rb
CHANGED
data/lib/aws-sdk-ssooidc.rb
CHANGED
data/lib/aws-sdk-sts/client.rb
CHANGED
|
@@ -376,14 +376,13 @@ module Aws::STS
|
|
|
376
376
|
# @!group API Operations
|
|
377
377
|
|
|
378
378
|
# Returns a set of temporary security credentials that you can use to
|
|
379
|
-
# access Amazon Web Services resources
|
|
380
|
-
#
|
|
381
|
-
#
|
|
382
|
-
#
|
|
383
|
-
#
|
|
384
|
-
#
|
|
385
|
-
#
|
|
386
|
-
# operations][2] in the *IAM User Guide*.
|
|
379
|
+
# access Amazon Web Services resources. These temporary credentials
|
|
380
|
+
# consist of an access key ID, a secret access key, and a security
|
|
381
|
+
# token. Typically, you use `AssumeRole` within your account or for
|
|
382
|
+
# cross-account access. For a comparison of `AssumeRole` with other API
|
|
383
|
+
# operations that produce temporary credentials, see [Requesting
|
|
384
|
+
# Temporary Security Credentials][1] and [Comparing the Amazon Web
|
|
385
|
+
# Services STS API operations][2] in the *IAM User Guide*.
|
|
387
386
|
#
|
|
388
387
|
# **Permissions**
|
|
389
388
|
#
|
|
@@ -1843,13 +1842,16 @@ module Aws::STS
|
|
|
1843
1842
|
# **Permissions**
|
|
1844
1843
|
#
|
|
1845
1844
|
# You can use the temporary credentials created by `GetFederationToken`
|
|
1846
|
-
# in any Amazon Web Services service
|
|
1845
|
+
# in any Amazon Web Services service with the following exceptions:
|
|
1847
1846
|
#
|
|
1848
1847
|
# * You cannot call any IAM operations using the CLI or the Amazon Web
|
|
1849
|
-
# Services API.
|
|
1848
|
+
# Services API. This limitation does not apply to console sessions.
|
|
1850
1849
|
#
|
|
1851
1850
|
# * You cannot call any STS operations except `GetCallerIdentity`.
|
|
1852
1851
|
#
|
|
1852
|
+
# You can use temporary credentials for single sign-on (SSO) to the
|
|
1853
|
+
# console.
|
|
1854
|
+
#
|
|
1853
1855
|
# You must pass an inline or managed [session policy][6] to this
|
|
1854
1856
|
# operation. You can pass a single JSON policy document to use as an
|
|
1855
1857
|
# inline session policy. You can also specify up to 10 managed policy
|
|
@@ -2316,7 +2318,7 @@ module Aws::STS
|
|
|
2316
2318
|
params: params,
|
|
2317
2319
|
config: config)
|
|
2318
2320
|
context[:gem_name] = 'aws-sdk-core'
|
|
2319
|
-
context[:gem_version] = '3.
|
|
2321
|
+
context[:gem_version] = '3.171.0'
|
|
2320
2322
|
Seahorse::Client::Request.new(handlers, context)
|
|
2321
2323
|
end
|
|
2322
2324
|
|
|
@@ -18,54 +18,54 @@ module Aws::STS
|
|
|
18
18
|
if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
|
|
19
19
|
if Aws::Endpoints::Matchers.boolean_equals?(use_global_endpoint, true) && Aws::Endpoints::Matchers.boolean_equals?(use_fips, false) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, false) && Aws::Endpoints::Matchers.not(Aws::Endpoints::Matchers.set?(endpoint))
|
|
20
20
|
if Aws::Endpoints::Matchers.string_equals?(region, "ap-northeast-1")
|
|
21
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
21
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
22
22
|
end
|
|
23
23
|
if Aws::Endpoints::Matchers.string_equals?(region, "ap-south-1")
|
|
24
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
24
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
25
25
|
end
|
|
26
26
|
if Aws::Endpoints::Matchers.string_equals?(region, "ap-southeast-1")
|
|
27
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
27
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
28
28
|
end
|
|
29
29
|
if Aws::Endpoints::Matchers.string_equals?(region, "ap-southeast-2")
|
|
30
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
30
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
31
31
|
end
|
|
32
32
|
if Aws::Endpoints::Matchers.string_equals?(region, "aws-global")
|
|
33
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
33
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
34
34
|
end
|
|
35
35
|
if Aws::Endpoints::Matchers.string_equals?(region, "ca-central-1")
|
|
36
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
36
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
37
37
|
end
|
|
38
38
|
if Aws::Endpoints::Matchers.string_equals?(region, "eu-central-1")
|
|
39
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
39
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
40
40
|
end
|
|
41
41
|
if Aws::Endpoints::Matchers.string_equals?(region, "eu-north-1")
|
|
42
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
42
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
43
43
|
end
|
|
44
44
|
if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-1")
|
|
45
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
45
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
46
46
|
end
|
|
47
47
|
if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-2")
|
|
48
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
48
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
49
49
|
end
|
|
50
50
|
if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-3")
|
|
51
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
51
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
52
52
|
end
|
|
53
53
|
if Aws::Endpoints::Matchers.string_equals?(region, "sa-east-1")
|
|
54
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
54
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
55
55
|
end
|
|
56
56
|
if Aws::Endpoints::Matchers.string_equals?(region, "us-east-1")
|
|
57
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
57
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
58
58
|
end
|
|
59
59
|
if Aws::Endpoints::Matchers.string_equals?(region, "us-east-2")
|
|
60
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
60
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
61
61
|
end
|
|
62
62
|
if Aws::Endpoints::Matchers.string_equals?(region, "us-west-1")
|
|
63
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
63
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
64
64
|
end
|
|
65
65
|
if Aws::Endpoints::Matchers.string_equals?(region, "us-west-2")
|
|
66
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
66
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
67
67
|
end
|
|
68
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
68
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"#{region}", "signingName"=>"sts"}]})
|
|
69
69
|
end
|
|
70
70
|
if Aws::Endpoints::Matchers.set?(endpoint) && (url = Aws::Endpoints::Matchers.parse_url(endpoint))
|
|
71
71
|
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
data/lib/aws-sdk-sts.rb
CHANGED
|
@@ -43,7 +43,9 @@ module Seahorse
|
|
|
43
43
|
@h2_client = HTTP2::Client.new(
|
|
44
44
|
settings_max_concurrent_streams: max_concurrent_streams
|
|
45
45
|
)
|
|
46
|
-
@logger =
|
|
46
|
+
@logger = if @http_wire_trace
|
|
47
|
+
options[:logger] || Logger.new($stdout)
|
|
48
|
+
end
|
|
47
49
|
@chunk_size = options[:read_chunk_size] || CHUNKSIZE
|
|
48
50
|
@errors = []
|
|
49
51
|
@status = :ready
|
|
@@ -180,11 +182,13 @@ module Seahorse
|
|
|
180
182
|
@socket.flush
|
|
181
183
|
end
|
|
182
184
|
end
|
|
183
|
-
@
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
185
|
+
if @http_wire_trace
|
|
186
|
+
@h2_client.on(:frame_sent) do |frame|
|
|
187
|
+
debug_output("frame: #{frame.inspect}", :send)
|
|
188
|
+
end
|
|
189
|
+
@h2_client.on(:frame_received) do |frame|
|
|
190
|
+
debug_output("frame: #{frame.inspect}", :receive)
|
|
191
|
+
end
|
|
188
192
|
end
|
|
189
193
|
end
|
|
190
194
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.171.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-03-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jmespath
|