aws-sdk-core 3.169.0 → 3.171.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-core/credential_provider_chain.rb +2 -1
- data/lib/aws-sdk-core/ecs_credentials.rb +111 -53
- data/lib/aws-sdk-sso/client.rb +1 -1
- data/lib/aws-sdk-sso.rb +1 -1
- data/lib/aws-sdk-ssooidc/client.rb +1 -1
- data/lib/aws-sdk-ssooidc.rb +1 -1
- data/lib/aws-sdk-sts/client.rb +13 -11
- data/lib/aws-sdk-sts/endpoint_provider.rb +17 -17
- data/lib/aws-sdk-sts.rb +1 -1
- data/lib/seahorse/client/h2/connection.rb +10 -6
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e4b9ed82ab5a4b3e5871bca537f3a650a468131bc35120873f02edb0a35017b1
|
|
4
|
+
data.tar.gz: d5a49d43dfdec90623e9ee88be22b5c2e45a7413b91bac4e881b1002e3c6cce0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f0f8e07aada15f369b444d10325601352057ddfff2b6020b27cb8c8c8cdcd42001f8f5ecff8855abdbea8a932ff92b1a8ffd771a2a846f9a595f08f94ee9c28b
|
|
7
|
+
data.tar.gz: 53f75fd8a1e204a21a231ae4010c85f39a11420ffd430c51430e85c3203d214e51c7fda54c92258409a644f118589ce0bb5dab7e7ec45cbcd927d03afd930c25
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,21 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
3.171.0 (2023-03-22)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Add support for `AWS_CONTAINER_CREDENTIALS_FULL_URI` and `AWS_CONTAINER_AUTHORIZATION_TOKEN` environment variables to `ECSCredentials`.
|
|
8
|
+
|
|
9
|
+
3.170.1 (2023-03-17)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Issue - Reduce memory usage in H2::Connection when `http_wire_log` is not set.
|
|
13
|
+
|
|
14
|
+
3.170.0 (2023-01-25)
|
|
15
|
+
------------------
|
|
16
|
+
|
|
17
|
+
* Feature - Updated Aws::STS::Client with the latest API changes.
|
|
18
|
+
|
|
4
19
|
3.169.0 (2023-01-18)
|
|
5
20
|
------------------
|
|
6
21
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.
|
|
1
|
+
3.171.0
|
|
@@ -161,7 +161,8 @@ module Aws
|
|
|
161
161
|
|
|
162
162
|
def instance_profile_credentials(options)
|
|
163
163
|
profile_name = determine_profile_name(options)
|
|
164
|
-
if ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI']
|
|
164
|
+
if ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI'] ||
|
|
165
|
+
ENV['AWS_CONTAINER_CREDENTIALS_FULL_URI']
|
|
165
166
|
ECSCredentials.new(options)
|
|
166
167
|
else
|
|
167
168
|
InstanceProfileCredentials.new(options.merge(profile: profile_name))
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require 'time'
|
|
4
4
|
require 'net/http'
|
|
5
|
+
require 'resolv'
|
|
5
6
|
|
|
6
7
|
module Aws
|
|
7
8
|
# An auto-refreshing credential provider that loads credentials from
|
|
@@ -10,7 +11,6 @@ module Aws
|
|
|
10
11
|
# ecs_credentials = Aws::ECSCredentials.new(retries: 3)
|
|
11
12
|
# ec2 = Aws::EC2::Client.new(credentials: ecs_credentials)
|
|
12
13
|
class ECSCredentials
|
|
13
|
-
|
|
14
14
|
include CredentialProvider
|
|
15
15
|
include RefreshingCredentials
|
|
16
16
|
|
|
@@ -29,16 +29,22 @@ module Aws
|
|
|
29
29
|
Errno::ENETUNREACH,
|
|
30
30
|
SocketError,
|
|
31
31
|
Timeout::Error,
|
|
32
|
-
Non200Response
|
|
33
|
-
]
|
|
32
|
+
Non200Response
|
|
33
|
+
].freeze
|
|
34
34
|
|
|
35
35
|
# @param [Hash] options
|
|
36
36
|
# @option options [Integer] :retries (5) Number of times to retry
|
|
37
37
|
# when retrieving credentials.
|
|
38
|
-
# @option options [String] :ip_address ('169.254.170.2')
|
|
39
|
-
#
|
|
38
|
+
# @option options [String] :ip_address ('169.254.170.2') This value is
|
|
39
|
+
# ignored if `endpoint` is set and `credential_path` is not set.
|
|
40
|
+
# @option options [Integer] :port (80) This value is ignored if `endpoint`
|
|
41
|
+
# is set and `credential_path` is not set.
|
|
40
42
|
# @option options [String] :credential_path By default, the value of the
|
|
41
43
|
# AWS_CONTAINER_CREDENTIALS_RELATIVE_URI environment variable.
|
|
44
|
+
# @option options [String] :endpoint The ECS credential endpoint.
|
|
45
|
+
# By default, this is the value of the AWS_CONTAINER_CREDENTIALS_FULL_URI
|
|
46
|
+
# environment variable. This value is ignored if `credential_path` or
|
|
47
|
+
# ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI'] is set.
|
|
42
48
|
# @option options [Float] :http_open_timeout (5)
|
|
43
49
|
# @option options [Float] :http_read_timeout (5)
|
|
44
50
|
# @option options [Numeric, Proc] :delay By default, failures are retried
|
|
@@ -52,17 +58,15 @@ module Aws
|
|
|
52
58
|
# credentials are refreshed. `before_refresh` is called
|
|
53
59
|
# with an instance of this object when
|
|
54
60
|
# AWS credentials are required and need to be refreshed.
|
|
55
|
-
def initialize
|
|
61
|
+
def initialize(options = {})
|
|
62
|
+
credential_path = options[:credential_path] ||
|
|
63
|
+
ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI']
|
|
64
|
+
endpoint = options[:endpoint] ||
|
|
65
|
+
ENV['AWS_CONTAINER_CREDENTIALS_FULL_URI']
|
|
66
|
+
initialize_uri(options, credential_path, endpoint)
|
|
67
|
+
@authorization_token = ENV['AWS_CONTAINER_AUTHORIZATION_TOKEN']
|
|
68
|
+
|
|
56
69
|
@retries = options[:retries] || 5
|
|
57
|
-
@ip_address = options[:ip_address] || '169.254.170.2'
|
|
58
|
-
@port = options[:port] || 80
|
|
59
|
-
@credential_path = options[:credential_path]
|
|
60
|
-
@credential_path ||= ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI']
|
|
61
|
-
unless @credential_path
|
|
62
|
-
raise ArgumentError.new(
|
|
63
|
-
"Cannot instantiate an ECS Credential Provider without a credential path."
|
|
64
|
-
)
|
|
65
|
-
end
|
|
66
70
|
@http_open_timeout = options[:http_open_timeout] || 5
|
|
67
71
|
@http_read_timeout = options[:http_read_timeout] || 5
|
|
68
72
|
@http_debug_output = options[:http_debug_output]
|
|
@@ -77,11 +81,69 @@ module Aws
|
|
|
77
81
|
|
|
78
82
|
private
|
|
79
83
|
|
|
84
|
+
def initialize_uri(options, credential_path, endpoint)
|
|
85
|
+
if credential_path
|
|
86
|
+
initialize_relative_uri(options, credential_path)
|
|
87
|
+
# Use FULL_URI/endpoint only if RELATIVE_URI/path is not set
|
|
88
|
+
elsif endpoint
|
|
89
|
+
initialize_full_uri(endpoint)
|
|
90
|
+
else
|
|
91
|
+
raise ArgumentError,
|
|
92
|
+
'Cannot instantiate an ECS Credential Provider '\
|
|
93
|
+
'without a credential path or endpoint.'
|
|
94
|
+
end
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
def initialize_relative_uri(options, path)
|
|
98
|
+
@host = options[:ip_address] || '169.254.170.2'
|
|
99
|
+
@port = options[:port] || 80
|
|
100
|
+
@scheme = 'http'
|
|
101
|
+
@credential_path = path
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def initialize_full_uri(endpoint)
|
|
105
|
+
uri = URI.parse(endpoint)
|
|
106
|
+
validate_full_uri!(uri)
|
|
107
|
+
@host = uri.host
|
|
108
|
+
@port = uri.port
|
|
109
|
+
@scheme = uri.scheme
|
|
110
|
+
@credential_path = uri.path
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
# Validate that the full URI is using a loopback address if scheme is http.
|
|
114
|
+
def validate_full_uri!(full_uri)
|
|
115
|
+
return unless full_uri.scheme == 'http'
|
|
116
|
+
|
|
117
|
+
begin
|
|
118
|
+
return if ip_loopback?(IPAddr.new(full_uri.host))
|
|
119
|
+
rescue IPAddr::InvalidAddressError
|
|
120
|
+
addresses = Resolv.getaddresses(full_uri.host)
|
|
121
|
+
return if addresses.all? { |addr| ip_loopback?(IPAddr.new(addr)) }
|
|
122
|
+
end
|
|
123
|
+
|
|
124
|
+
raise ArgumentError,
|
|
125
|
+
'AWS_CONTAINER_CREDENTIALS_FULL_URI must use a loopback '\
|
|
126
|
+
'address when using the http scheme.'
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
# loopback? method is available in Ruby 2.5+
|
|
130
|
+
# Replicate the logic here.
|
|
131
|
+
def ip_loopback?(ip_address)
|
|
132
|
+
case ip_address.family
|
|
133
|
+
when Socket::AF_INET
|
|
134
|
+
ip_address & 0xff000000 == 0x7f000000
|
|
135
|
+
when Socket::AF_INET6
|
|
136
|
+
ip_address == 1
|
|
137
|
+
else
|
|
138
|
+
false
|
|
139
|
+
end
|
|
140
|
+
end
|
|
141
|
+
|
|
80
142
|
def backoff(backoff)
|
|
81
143
|
case backoff
|
|
82
144
|
when Proc then backoff
|
|
83
|
-
when Numeric then
|
|
84
|
-
else
|
|
145
|
+
when Numeric then ->(_) { sleep(backoff) }
|
|
146
|
+
else ->(num_failures) { Kernel.sleep(1.2**num_failures) }
|
|
85
147
|
end
|
|
86
148
|
end
|
|
87
149
|
|
|
@@ -89,68 +151,64 @@ module Aws
|
|
|
89
151
|
# Retry loading credentials up to 3 times is the instance metadata
|
|
90
152
|
# service is responding but is returning invalid JSON documents
|
|
91
153
|
# in response to the GET profile credentials call.
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
end
|
|
102
|
-
rescue Aws::Json::ParseError
|
|
103
|
-
raise Aws::Errors::MetadataParserError.new
|
|
154
|
+
|
|
155
|
+
retry_errors([Aws::Json::ParseError, StandardError], max_retries: 3) do
|
|
156
|
+
c = Aws::Json.load(get_credentials.to_s)
|
|
157
|
+
@credentials = Credentials.new(
|
|
158
|
+
c['AccessKeyId'],
|
|
159
|
+
c['SecretAccessKey'],
|
|
160
|
+
c['Token']
|
|
161
|
+
)
|
|
162
|
+
@expiration = c['Expiration'] ? Time.iso8601(c['Expiration']) : nil
|
|
104
163
|
end
|
|
164
|
+
rescue Aws::Json::ParseError
|
|
165
|
+
raise Aws::Errors::MetadataParserError
|
|
105
166
|
end
|
|
106
167
|
|
|
107
168
|
def get_credentials
|
|
108
169
|
# Retry loading credentials a configurable number of times if
|
|
109
170
|
# the instance metadata service is not responding.
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
end
|
|
171
|
+
|
|
172
|
+
retry_errors(NETWORK_ERRORS, max_retries: @retries) do
|
|
173
|
+
open_connection do |conn|
|
|
174
|
+
http_get(conn, @credential_path)
|
|
115
175
|
end
|
|
116
|
-
rescue
|
|
117
|
-
'{}'
|
|
118
176
|
end
|
|
177
|
+
rescue StandardError
|
|
178
|
+
'{}'
|
|
119
179
|
end
|
|
120
180
|
|
|
121
181
|
def open_connection
|
|
122
|
-
http = Net::HTTP.new(@
|
|
182
|
+
http = Net::HTTP.new(@host, @port, nil)
|
|
123
183
|
http.open_timeout = @http_open_timeout
|
|
124
184
|
http.read_timeout = @http_read_timeout
|
|
125
185
|
http.set_debug_output(@http_debug_output) if @http_debug_output
|
|
186
|
+
http.use_ssl = @scheme == 'https'
|
|
126
187
|
http.start
|
|
127
188
|
yield(http).tap { http.finish }
|
|
128
189
|
end
|
|
129
190
|
|
|
130
191
|
def http_get(connection, path)
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
192
|
+
request = Net::HTTP::Get.new(path)
|
|
193
|
+
request['Authorization'] = @authorization_token if @authorization_token
|
|
194
|
+
response = connection.request(request)
|
|
195
|
+
raise Non200Response unless response.code.to_i == 200
|
|
196
|
+
|
|
197
|
+
response.body
|
|
137
198
|
end
|
|
138
199
|
|
|
139
|
-
def retry_errors(error_classes, options = {}
|
|
200
|
+
def retry_errors(error_classes, options = {})
|
|
140
201
|
max_retries = options[:max_retries]
|
|
141
202
|
retries = 0
|
|
142
203
|
begin
|
|
143
204
|
yield
|
|
144
|
-
rescue *error_classes =>
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
raise
|
|
151
|
-
end
|
|
205
|
+
rescue *error_classes => _e
|
|
206
|
+
raise unless retries < max_retries
|
|
207
|
+
|
|
208
|
+
@backoff.call(retries)
|
|
209
|
+
retries += 1
|
|
210
|
+
retry
|
|
152
211
|
end
|
|
153
212
|
end
|
|
154
|
-
|
|
155
213
|
end
|
|
156
214
|
end
|
data/lib/aws-sdk-sso/client.rb
CHANGED
data/lib/aws-sdk-sso.rb
CHANGED
data/lib/aws-sdk-ssooidc.rb
CHANGED
data/lib/aws-sdk-sts/client.rb
CHANGED
|
@@ -376,14 +376,13 @@ module Aws::STS
|
|
|
376
376
|
# @!group API Operations
|
|
377
377
|
|
|
378
378
|
# Returns a set of temporary security credentials that you can use to
|
|
379
|
-
# access Amazon Web Services resources
|
|
380
|
-
#
|
|
381
|
-
#
|
|
382
|
-
#
|
|
383
|
-
#
|
|
384
|
-
#
|
|
385
|
-
#
|
|
386
|
-
# operations][2] in the *IAM User Guide*.
|
|
379
|
+
# access Amazon Web Services resources. These temporary credentials
|
|
380
|
+
# consist of an access key ID, a secret access key, and a security
|
|
381
|
+
# token. Typically, you use `AssumeRole` within your account or for
|
|
382
|
+
# cross-account access. For a comparison of `AssumeRole` with other API
|
|
383
|
+
# operations that produce temporary credentials, see [Requesting
|
|
384
|
+
# Temporary Security Credentials][1] and [Comparing the Amazon Web
|
|
385
|
+
# Services STS API operations][2] in the *IAM User Guide*.
|
|
387
386
|
#
|
|
388
387
|
# **Permissions**
|
|
389
388
|
#
|
|
@@ -1843,13 +1842,16 @@ module Aws::STS
|
|
|
1843
1842
|
# **Permissions**
|
|
1844
1843
|
#
|
|
1845
1844
|
# You can use the temporary credentials created by `GetFederationToken`
|
|
1846
|
-
# in any Amazon Web Services service
|
|
1845
|
+
# in any Amazon Web Services service with the following exceptions:
|
|
1847
1846
|
#
|
|
1848
1847
|
# * You cannot call any IAM operations using the CLI or the Amazon Web
|
|
1849
|
-
# Services API.
|
|
1848
|
+
# Services API. This limitation does not apply to console sessions.
|
|
1850
1849
|
#
|
|
1851
1850
|
# * You cannot call any STS operations except `GetCallerIdentity`.
|
|
1852
1851
|
#
|
|
1852
|
+
# You can use temporary credentials for single sign-on (SSO) to the
|
|
1853
|
+
# console.
|
|
1854
|
+
#
|
|
1853
1855
|
# You must pass an inline or managed [session policy][6] to this
|
|
1854
1856
|
# operation. You can pass a single JSON policy document to use as an
|
|
1855
1857
|
# inline session policy. You can also specify up to 10 managed policy
|
|
@@ -2316,7 +2318,7 @@ module Aws::STS
|
|
|
2316
2318
|
params: params,
|
|
2317
2319
|
config: config)
|
|
2318
2320
|
context[:gem_name] = 'aws-sdk-core'
|
|
2319
|
-
context[:gem_version] = '3.
|
|
2321
|
+
context[:gem_version] = '3.171.0'
|
|
2320
2322
|
Seahorse::Client::Request.new(handlers, context)
|
|
2321
2323
|
end
|
|
2322
2324
|
|
|
@@ -18,54 +18,54 @@ module Aws::STS
|
|
|
18
18
|
if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
|
|
19
19
|
if Aws::Endpoints::Matchers.boolean_equals?(use_global_endpoint, true) && Aws::Endpoints::Matchers.boolean_equals?(use_fips, false) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, false) && Aws::Endpoints::Matchers.not(Aws::Endpoints::Matchers.set?(endpoint))
|
|
20
20
|
if Aws::Endpoints::Matchers.string_equals?(region, "ap-northeast-1")
|
|
21
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
21
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
22
22
|
end
|
|
23
23
|
if Aws::Endpoints::Matchers.string_equals?(region, "ap-south-1")
|
|
24
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
24
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
25
25
|
end
|
|
26
26
|
if Aws::Endpoints::Matchers.string_equals?(region, "ap-southeast-1")
|
|
27
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
27
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
28
28
|
end
|
|
29
29
|
if Aws::Endpoints::Matchers.string_equals?(region, "ap-southeast-2")
|
|
30
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
30
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
31
31
|
end
|
|
32
32
|
if Aws::Endpoints::Matchers.string_equals?(region, "aws-global")
|
|
33
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
33
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
34
34
|
end
|
|
35
35
|
if Aws::Endpoints::Matchers.string_equals?(region, "ca-central-1")
|
|
36
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
36
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
37
37
|
end
|
|
38
38
|
if Aws::Endpoints::Matchers.string_equals?(region, "eu-central-1")
|
|
39
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
39
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
40
40
|
end
|
|
41
41
|
if Aws::Endpoints::Matchers.string_equals?(region, "eu-north-1")
|
|
42
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
42
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
43
43
|
end
|
|
44
44
|
if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-1")
|
|
45
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
45
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
46
46
|
end
|
|
47
47
|
if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-2")
|
|
48
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
48
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
49
49
|
end
|
|
50
50
|
if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-3")
|
|
51
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
51
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
52
52
|
end
|
|
53
53
|
if Aws::Endpoints::Matchers.string_equals?(region, "sa-east-1")
|
|
54
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
54
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
55
55
|
end
|
|
56
56
|
if Aws::Endpoints::Matchers.string_equals?(region, "us-east-1")
|
|
57
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
57
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
58
58
|
end
|
|
59
59
|
if Aws::Endpoints::Matchers.string_equals?(region, "us-east-2")
|
|
60
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
60
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
61
61
|
end
|
|
62
62
|
if Aws::Endpoints::Matchers.string_equals?(region, "us-west-1")
|
|
63
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
63
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
64
64
|
end
|
|
65
65
|
if Aws::Endpoints::Matchers.string_equals?(region, "us-west-2")
|
|
66
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
66
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"us-east-1", "signingName"=>"sts"}]})
|
|
67
67
|
end
|
|
68
|
-
return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "
|
|
68
|
+
return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingRegion"=>"#{region}", "signingName"=>"sts"}]})
|
|
69
69
|
end
|
|
70
70
|
if Aws::Endpoints::Matchers.set?(endpoint) && (url = Aws::Endpoints::Matchers.parse_url(endpoint))
|
|
71
71
|
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
data/lib/aws-sdk-sts.rb
CHANGED
|
@@ -43,7 +43,9 @@ module Seahorse
|
|
|
43
43
|
@h2_client = HTTP2::Client.new(
|
|
44
44
|
settings_max_concurrent_streams: max_concurrent_streams
|
|
45
45
|
)
|
|
46
|
-
@logger =
|
|
46
|
+
@logger = if @http_wire_trace
|
|
47
|
+
options[:logger] || Logger.new($stdout)
|
|
48
|
+
end
|
|
47
49
|
@chunk_size = options[:read_chunk_size] || CHUNKSIZE
|
|
48
50
|
@errors = []
|
|
49
51
|
@status = :ready
|
|
@@ -180,11 +182,13 @@ module Seahorse
|
|
|
180
182
|
@socket.flush
|
|
181
183
|
end
|
|
182
184
|
end
|
|
183
|
-
@
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
185
|
+
if @http_wire_trace
|
|
186
|
+
@h2_client.on(:frame_sent) do |frame|
|
|
187
|
+
debug_output("frame: #{frame.inspect}", :send)
|
|
188
|
+
end
|
|
189
|
+
@h2_client.on(:frame_received) do |frame|
|
|
190
|
+
debug_output("frame: #{frame.inspect}", :receive)
|
|
191
|
+
end
|
|
188
192
|
end
|
|
189
193
|
end
|
|
190
194
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.171.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-03-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jmespath
|