aws-sdk-core 3.185.1 → 3.214.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +409 -0
- data/VERSION +1 -1
- data/lib/aws-defaults/default_configuration.rb +1 -2
- data/lib/aws-defaults.rb +4 -1
- data/lib/aws-sdk-core/assume_role_credentials.rb +12 -5
- data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +13 -7
- data/lib/aws-sdk-core/binary/decode_handler.rb +3 -9
- data/lib/aws-sdk-core/binary/encode_handler.rb +1 -1
- data/lib/aws-sdk-core/binary/event_builder.rb +34 -37
- data/lib/aws-sdk-core/binary/event_stream_decoder.rb +1 -0
- data/lib/aws-sdk-core/binary/event_stream_encoder.rb +4 -3
- data/lib/aws-sdk-core/cbor/decoder.rb +310 -0
- data/lib/aws-sdk-core/cbor/encoder.rb +243 -0
- data/lib/aws-sdk-core/cbor.rb +53 -0
- data/lib/aws-sdk-core/client_side_monitoring.rb +9 -0
- data/lib/aws-sdk-core/client_stubs.rb +23 -19
- data/lib/aws-sdk-core/credential_provider.rb +1 -1
- data/lib/aws-sdk-core/credential_provider_chain.rb +13 -6
- data/lib/aws-sdk-core/credentials.rb +13 -6
- data/lib/aws-sdk-core/ec2_metadata.rb +1 -1
- data/lib/aws-sdk-core/ecs_credentials.rb +78 -11
- data/lib/aws-sdk-core/endpoints/endpoint.rb +3 -1
- data/lib/aws-sdk-core/endpoints/matchers.rb +6 -9
- data/lib/aws-sdk-core/endpoints.rb +74 -18
- data/lib/aws-sdk-core/error_handler.rb +41 -0
- data/lib/aws-sdk-core/errors.rb +11 -2
- data/lib/aws-sdk-core/event_emitter.rb +0 -16
- data/lib/aws-sdk-core/instance_profile_credentials.rb +55 -32
- data/lib/aws-sdk-core/json/builder.rb +8 -1
- data/lib/aws-sdk-core/json/error_handler.rb +17 -11
- data/lib/aws-sdk-core/json/handler.rb +13 -6
- data/lib/aws-sdk-core/json/json_engine.rb +3 -1
- data/lib/aws-sdk-core/json/oj_engine.rb +7 -1
- data/lib/aws-sdk-core/json/parser.rb +32 -2
- data/lib/aws-sdk-core/json.rb +43 -14
- data/lib/aws-sdk-core/log/param_filter.rb +2 -2
- data/lib/aws-sdk-core/log.rb +10 -0
- data/lib/aws-sdk-core/lru_cache.rb +75 -0
- data/lib/aws-sdk-core/pageable_response.rb +1 -1
- data/lib/aws-sdk-core/param_validator.rb +7 -2
- data/lib/aws-sdk-core/plugins/bearer_authorization.rb +2 -0
- data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +6 -3
- data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb +1 -0
- data/lib/aws-sdk-core/plugins/client_metrics_send_plugin.rb +14 -2
- data/lib/aws-sdk-core/plugins/credentials_configuration.rb +9 -3
- data/lib/aws-sdk-core/plugins/global_configuration.rb +8 -9
- data/lib/aws-sdk-core/plugins/http_checksum.rb +2 -1
- data/lib/aws-sdk-core/plugins/invocation_id.rb +1 -11
- data/lib/aws-sdk-core/plugins/logging.rb +2 -0
- data/lib/aws-sdk-core/plugins/protocols/api_gateway.rb +3 -1
- data/lib/aws-sdk-core/plugins/protocols/ec2.rb +2 -24
- data/lib/aws-sdk-core/plugins/protocols/json_rpc.rb +6 -8
- data/lib/aws-sdk-core/plugins/protocols/query.rb +4 -2
- data/lib/aws-sdk-core/plugins/protocols/rest_json.rb +3 -15
- data/lib/aws-sdk-core/plugins/protocols/rest_xml.rb +3 -0
- data/lib/aws-sdk-core/plugins/protocols/rpc_v2.rb +17 -0
- data/lib/aws-sdk-core/plugins/regional_endpoint.rb +74 -25
- data/lib/aws-sdk-core/plugins/request_compression.rb +11 -2
- data/lib/aws-sdk-core/plugins/retry_errors.rb +12 -3
- data/lib/aws-sdk-core/plugins/sign.rb +27 -15
- data/lib/aws-sdk-core/plugins/signature_v2.rb +2 -1
- data/lib/aws-sdk-core/plugins/signature_v4.rb +2 -1
- data/lib/aws-sdk-core/plugins/stub_responses.rb +30 -2
- data/lib/aws-sdk-core/plugins/telemetry.rb +75 -0
- data/lib/aws-sdk-core/plugins/transfer_encoding.rb +16 -9
- data/lib/aws-sdk-core/plugins/user_agent.rb +70 -26
- data/lib/aws-sdk-core/plugins.rb +39 -0
- data/lib/aws-sdk-core/process_credentials.rb +47 -28
- data/lib/aws-sdk-core/query/ec2_handler.rb +27 -0
- data/lib/aws-sdk-core/query/ec2_param_builder.rb +5 -7
- data/lib/aws-sdk-core/query/handler.rb +4 -4
- data/lib/aws-sdk-core/query/param_builder.rb +2 -2
- data/lib/aws-sdk-core/query.rb +2 -1
- data/lib/aws-sdk-core/refreshing_credentials.rb +12 -6
- data/lib/aws-sdk-core/resources.rb +8 -0
- data/lib/aws-sdk-core/rest/content_type_handler.rb +60 -0
- data/lib/aws-sdk-core/rest/handler.rb +3 -4
- data/lib/aws-sdk-core/rest/request/body.rb +32 -5
- data/lib/aws-sdk-core/rest/request/endpoint.rb +24 -4
- data/lib/aws-sdk-core/rest/request/headers.rb +14 -6
- data/lib/aws-sdk-core/rest/request/querystring_builder.rb +62 -36
- data/lib/aws-sdk-core/rest/response/body.rb +15 -1
- data/lib/aws-sdk-core/rest/response/header_list_parser.rb +79 -0
- data/lib/aws-sdk-core/rest/response/headers.rb +8 -3
- data/lib/aws-sdk-core/rest.rb +1 -0
- data/lib/aws-sdk-core/rpc_v2/builder.rb +62 -0
- data/lib/aws-sdk-core/rpc_v2/cbor_engine.rb +18 -0
- data/lib/aws-sdk-core/rpc_v2/content_type_handler.rb +47 -0
- data/lib/aws-sdk-core/rpc_v2/error_handler.rb +85 -0
- data/lib/aws-sdk-core/rpc_v2/handler.rb +79 -0
- data/lib/aws-sdk-core/rpc_v2/parser.rb +90 -0
- data/lib/aws-sdk-core/rpc_v2.rb +69 -0
- data/lib/aws-sdk-core/shared_config.rb +7 -2
- data/lib/aws-sdk-core/shared_credentials.rb +0 -7
- data/lib/aws-sdk-core/sso_credentials.rb +2 -1
- data/lib/aws-sdk-core/stubbing/protocols/ec2.rb +12 -11
- data/lib/aws-sdk-core/stubbing/protocols/json.rb +11 -10
- data/lib/aws-sdk-core/stubbing/protocols/query.rb +7 -6
- data/lib/aws-sdk-core/stubbing/protocols/rest.rb +2 -1
- data/lib/aws-sdk-core/stubbing/protocols/rest_json.rb +9 -8
- data/lib/aws-sdk-core/stubbing/protocols/rest_xml.rb +6 -5
- data/lib/aws-sdk-core/stubbing/protocols/rpc_v2.rb +39 -0
- data/lib/aws-sdk-core/stubbing.rb +22 -0
- data/lib/aws-sdk-core/telemetry/base.rb +177 -0
- data/lib/aws-sdk-core/telemetry/no_op.rb +70 -0
- data/lib/aws-sdk-core/telemetry/otel.rb +235 -0
- data/lib/aws-sdk-core/telemetry/span_kind.rb +22 -0
- data/lib/aws-sdk-core/telemetry/span_status.rb +59 -0
- data/lib/aws-sdk-core/telemetry.rb +78 -0
- data/lib/aws-sdk-core/util.rb +39 -0
- data/lib/aws-sdk-core/waiters/poller.rb +10 -5
- data/lib/aws-sdk-core/xml/builder.rb +17 -9
- data/lib/aws-sdk-core/xml/error_handler.rb +32 -42
- data/lib/aws-sdk-core/xml/parser/frame.rb +4 -20
- data/lib/aws-sdk-core/xml/parser/stack.rb +2 -0
- data/lib/aws-sdk-core/xml/parser.rb +2 -6
- data/lib/aws-sdk-core.rb +82 -107
- data/lib/aws-sdk-sso/client.rb +119 -55
- data/lib/aws-sdk-sso/client_api.rb +7 -0
- data/lib/aws-sdk-sso/endpoint_parameters.rb +9 -6
- data/lib/aws-sdk-sso/endpoints.rb +2 -54
- data/lib/aws-sdk-sso/plugins/endpoints.rb +23 -22
- data/lib/aws-sdk-sso/types.rb +1 -0
- data/lib/aws-sdk-sso.rb +15 -11
- data/lib/aws-sdk-ssooidc/client.rb +504 -83
- data/lib/aws-sdk-ssooidc/client_api.rb +83 -1
- data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +9 -6
- data/lib/aws-sdk-ssooidc/endpoint_provider.rb +2 -2
- data/lib/aws-sdk-ssooidc/endpoints.rb +2 -40
- data/lib/aws-sdk-ssooidc/errors.rb +52 -0
- data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +23 -20
- data/lib/aws-sdk-ssooidc/types.rb +373 -51
- data/lib/aws-sdk-ssooidc.rb +15 -11
- data/lib/aws-sdk-sts/client.rb +334 -105
- data/lib/aws-sdk-sts/client_api.rb +36 -10
- data/lib/aws-sdk-sts/customizations.rb +5 -1
- data/lib/aws-sdk-sts/endpoint_parameters.rb +10 -9
- data/lib/aws-sdk-sts/endpoint_provider.rb +2 -2
- data/lib/aws-sdk-sts/endpoints.rb +2 -118
- data/lib/aws-sdk-sts/plugins/endpoints.rb +23 -30
- data/lib/aws-sdk-sts/presigner.rb +1 -1
- data/lib/aws-sdk-sts/types.rb +188 -30
- data/lib/aws-sdk-sts.rb +15 -11
- data/lib/seahorse/client/async_base.rb +1 -1
- data/lib/seahorse/client/async_response.rb +19 -0
- data/lib/seahorse/client/base.rb +18 -7
- data/lib/seahorse/client/h2/handler.rb +14 -3
- data/lib/seahorse/client/handler.rb +1 -1
- data/lib/seahorse/client/net_http/connection_pool.rb +11 -11
- data/lib/seahorse/client/net_http/handler.rb +21 -9
- data/lib/seahorse/client/net_http/patches.rb +1 -4
- data/lib/seahorse/client/plugin.rb +9 -0
- data/lib/seahorse/client/plugins/endpoint.rb +0 -1
- data/lib/seahorse/client/plugins/h2.rb +3 -3
- data/lib/seahorse/client/plugins/net_http.rb +57 -16
- data/lib/seahorse/client/request_context.rb +8 -1
- data/lib/seahorse/model/shapes.rb +2 -2
- data/sig/aws-sdk-core/client_stubs.rbs +10 -0
- data/sig/aws-sdk-core/errors.rbs +22 -0
- data/sig/aws-sdk-core/resources/collection.rbs +21 -0
- data/sig/aws-sdk-core/structure.rbs +4 -0
- data/sig/aws-sdk-core/telemetry/base.rbs +46 -0
- data/sig/aws-sdk-core/telemetry/otel.rbs +22 -0
- data/sig/aws-sdk-core/telemetry/span_kind.rbs +15 -0
- data/sig/aws-sdk-core/telemetry/span_status.rbs +24 -0
- data/sig/aws-sdk-core/waiters/errors.rbs +20 -0
- data/sig/aws-sdk-core.rbs +7 -0
- data/sig/seahorse/client/base.rbs +25 -0
- data/sig/seahorse/client/handler_builder.rbs +16 -0
- data/sig/seahorse/client/response.rbs +61 -0
- metadata +61 -19
- /data/lib/aws-sdk-core/xml/parser/{engines/libxml.rb → libxml_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/nokogiri.rb → nokogiri_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/oga.rb → oga_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/ox.rb → ox_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/rexml.rb → rexml_engine.rb} +0 -0
|
@@ -13,8 +13,7 @@ module Aws
|
|
|
13
13
|
option(:sigv4_region)
|
|
14
14
|
option(:unsigned_operations, default: [])
|
|
15
15
|
|
|
16
|
-
supported_auth_types = %w[sigv4 bearer none]
|
|
17
|
-
supported_auth_types += ['sigv4a'] if Aws::Sigv4::Signer.use_crt?
|
|
16
|
+
supported_auth_types = %w[sigv4 bearer sigv4-s3express sigv4a none]
|
|
18
17
|
SUPPORTED_AUTH_TYPES = supported_auth_types.freeze
|
|
19
18
|
|
|
20
19
|
def add_handlers(handlers, cfg)
|
|
@@ -24,10 +23,14 @@ module Aws
|
|
|
24
23
|
|
|
25
24
|
# @api private
|
|
26
25
|
# Return a signer with the `sign(context)` method
|
|
27
|
-
def self.signer_for(auth_scheme, config,
|
|
26
|
+
def self.signer_for(auth_scheme, config, sigv4_region_override = nil, sigv4_credentials_override = nil)
|
|
28
27
|
case auth_scheme['name']
|
|
29
|
-
when 'sigv4', 'sigv4a'
|
|
30
|
-
|
|
28
|
+
when 'sigv4', 'sigv4a', 'sigv4-s3express'
|
|
29
|
+
sigv4_overrides = {
|
|
30
|
+
region: sigv4_region_override,
|
|
31
|
+
credentials: sigv4_credentials_override
|
|
32
|
+
}
|
|
33
|
+
SignatureV4.new(auth_scheme, config, sigv4_overrides)
|
|
31
34
|
when 'bearer'
|
|
32
35
|
Bearer.new
|
|
33
36
|
else
|
|
@@ -42,7 +45,8 @@ module Aws
|
|
|
42
45
|
signer = Sign.signer_for(
|
|
43
46
|
context[:auth_scheme],
|
|
44
47
|
context.config,
|
|
45
|
-
context[:sigv4_region]
|
|
48
|
+
context[:sigv4_region],
|
|
49
|
+
context[:sigv4_credentials]
|
|
46
50
|
)
|
|
47
51
|
signer.sign(context)
|
|
48
52
|
end
|
|
@@ -88,24 +92,24 @@ module Aws
|
|
|
88
92
|
|
|
89
93
|
# @api private
|
|
90
94
|
class SignatureV4
|
|
91
|
-
def initialize(auth_scheme, config,
|
|
95
|
+
def initialize(auth_scheme, config, sigv4_overrides = {})
|
|
92
96
|
scheme_name = auth_scheme['name']
|
|
93
97
|
|
|
94
|
-
unless %w[sigv4 sigv4a].include?(scheme_name)
|
|
98
|
+
unless %w[sigv4 sigv4a sigv4-s3express].include?(scheme_name)
|
|
95
99
|
raise ArgumentError,
|
|
96
|
-
"Expected sigv4 or
|
|
100
|
+
"Expected sigv4, sigv4a, or sigv4-s3express auth scheme, got #{scheme_name}"
|
|
97
101
|
end
|
|
98
102
|
|
|
99
103
|
region = if scheme_name == 'sigv4a'
|
|
100
|
-
auth_scheme['signingRegionSet'].
|
|
104
|
+
auth_scheme['signingRegionSet'].join(',')
|
|
101
105
|
else
|
|
102
106
|
auth_scheme['signingRegion']
|
|
103
107
|
end
|
|
104
108
|
begin
|
|
105
|
-
@signer = Aws::Sigv4::Signer.new(
|
|
109
|
+
@signer = config.sigv4_signer || Aws::Sigv4::Signer.new(
|
|
106
110
|
service: config.sigv4_name || auth_scheme['signingName'],
|
|
107
|
-
region:
|
|
108
|
-
credentials_provider: config.credentials,
|
|
111
|
+
region: sigv4_overrides[:region] || config.sigv4_region || region,
|
|
112
|
+
credentials_provider: sigv4_overrides[:credentials] || config.credentials,
|
|
109
113
|
signing_algorithm: scheme_name.to_sym,
|
|
110
114
|
uri_escape_path: !!!auth_scheme['disableDoubleEncoding'],
|
|
111
115
|
normalize_path: !!!auth_scheme['disableNormalizePath'],
|
|
@@ -154,12 +158,20 @@ module Aws
|
|
|
154
158
|
private
|
|
155
159
|
|
|
156
160
|
def apply_authtype(context, req)
|
|
157
|
-
|
|
158
|
-
|
|
161
|
+
# only used for event streaming at input
|
|
162
|
+
if context[:input_event_emitter]
|
|
163
|
+
req.headers['X-Amz-Content-Sha256'] = 'STREAMING-AWS4-HMAC-SHA256-EVENTS'
|
|
164
|
+
elsif unsigned_payload?(context, req)
|
|
159
165
|
req.headers['X-Amz-Content-Sha256'] ||= 'UNSIGNED-PAYLOAD'
|
|
160
166
|
end
|
|
161
167
|
end
|
|
162
168
|
|
|
169
|
+
def unsigned_payload?(context, req)
|
|
170
|
+
(context.operation['unsignedPayload'] ||
|
|
171
|
+
context.operation['authtype'] == 'v4-unsigned-body') &&
|
|
172
|
+
req.endpoint.scheme == 'https'
|
|
173
|
+
end
|
|
174
|
+
|
|
163
175
|
def reset_signature(req)
|
|
164
176
|
# in case this request is being re-signed
|
|
165
177
|
req.headers.delete('Authorization')
|
|
@@ -3,7 +3,8 @@
|
|
|
3
3
|
module Aws
|
|
4
4
|
module Plugins
|
|
5
5
|
# @api private
|
|
6
|
-
#
|
|
6
|
+
# Deprecated - does not look at new traits like `auth` and `unsignedPayload`
|
|
7
|
+
# Necessary to exist after endpoints 2.0 for old service clients + new core
|
|
7
8
|
class SignatureV2 < Seahorse::Client::Plugin
|
|
8
9
|
|
|
9
10
|
option(:v2_signer) do |cfg|
|
|
@@ -5,7 +5,8 @@ require 'aws-sigv4'
|
|
|
5
5
|
module Aws
|
|
6
6
|
module Plugins
|
|
7
7
|
# @api private
|
|
8
|
-
#
|
|
8
|
+
# Deprecated - does not look at new traits like `auth` and `unsignedPayload`
|
|
9
|
+
# Necessary to exist after endpoints 2.0 for old service clients + new core
|
|
9
10
|
class SignatureV4 < Seahorse::Client::Plugin
|
|
10
11
|
|
|
11
12
|
V4_AUTH = %w[v4 v4-unsigned-payload v4-unsigned-body]
|
|
@@ -8,6 +8,7 @@ module Aws
|
|
|
8
8
|
option(:stub_responses,
|
|
9
9
|
default: false,
|
|
10
10
|
doc_type: 'Boolean',
|
|
11
|
+
rbs_type: 'untyped',
|
|
11
12
|
docstring: <<-DOCS)
|
|
12
13
|
Causes the client to return stubbed responses. By default
|
|
13
14
|
fake responses are generated and returned. You can specify
|
|
@@ -48,6 +49,14 @@ requests are made, and retries are disabled.
|
|
|
48
49
|
class Handler < Seahorse::Client::Handler
|
|
49
50
|
|
|
50
51
|
def call(context)
|
|
52
|
+
span_wrapper(context) do
|
|
53
|
+
stub_responses(context)
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
private
|
|
58
|
+
|
|
59
|
+
def stub_responses(context)
|
|
51
60
|
stub = context.client.next_stub(context)
|
|
52
61
|
resp = Seahorse::Client::Response.new(context: context)
|
|
53
62
|
async_mode = context.client.is_a? Seahorse::Client::AsyncBase
|
|
@@ -57,8 +66,15 @@ requests are made, and retries are disabled.
|
|
|
57
66
|
apply_stub(stub, resp, async_mode)
|
|
58
67
|
end
|
|
59
68
|
|
|
60
|
-
async_mode
|
|
61
|
-
|
|
69
|
+
if async_mode
|
|
70
|
+
Seahorse::Client::AsyncResponse.new(
|
|
71
|
+
context: context,
|
|
72
|
+
stream: context[:input_event_stream_handler].event_emitter.stream,
|
|
73
|
+
sync_queue: Queue.new
|
|
74
|
+
)
|
|
75
|
+
else
|
|
76
|
+
resp
|
|
77
|
+
end
|
|
62
78
|
end
|
|
63
79
|
|
|
64
80
|
def apply_stub(stub, response, async_mode = false)
|
|
@@ -98,6 +114,18 @@ requests are made, and retries are disabled.
|
|
|
98
114
|
http_resp.signal_done
|
|
99
115
|
end
|
|
100
116
|
|
|
117
|
+
def span_wrapper(context, &block)
|
|
118
|
+
context.tracer.in_span(
|
|
119
|
+
'Handler.StubResponses',
|
|
120
|
+
attributes: Aws::Telemetry.http_request_attrs(context)
|
|
121
|
+
) do |span|
|
|
122
|
+
block.call.tap do
|
|
123
|
+
span.add_attributes(
|
|
124
|
+
Aws::Telemetry.http_response_attrs(context)
|
|
125
|
+
)
|
|
126
|
+
end
|
|
127
|
+
end
|
|
128
|
+
end
|
|
101
129
|
end
|
|
102
130
|
end
|
|
103
131
|
end
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Aws
|
|
4
|
+
module Plugins
|
|
5
|
+
# @api private
|
|
6
|
+
class Telemetry < Seahorse::Client::Plugin
|
|
7
|
+
option(
|
|
8
|
+
:telemetry_provider,
|
|
9
|
+
default: Aws::Telemetry::NoOpTelemetryProvider,
|
|
10
|
+
doc_type: Aws::Telemetry::TelemetryProviderBase,
|
|
11
|
+
rbs_type: Aws::Telemetry::TelemetryProviderBase,
|
|
12
|
+
docstring: <<-DOCS) do |_cfg|
|
|
13
|
+
Allows you to provide a telemetry provider, which is used to
|
|
14
|
+
emit telemetry data. By default, uses `NoOpTelemetryProvider` which
|
|
15
|
+
will not record or emit any telemetry data. The SDK supports the
|
|
16
|
+
following telemetry providers:
|
|
17
|
+
|
|
18
|
+
* OpenTelemetry (OTel) - To use the OTel provider, install and require the
|
|
19
|
+
`opentelemetry-sdk` gem and then, pass in an instance of a
|
|
20
|
+
`Aws::Telemetry::OTelProvider` for telemetry provider.
|
|
21
|
+
DOCS
|
|
22
|
+
Aws::Telemetry::NoOpTelemetryProvider.new
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def after_initialize(client)
|
|
26
|
+
validate_telemetry_provider(client.config)
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def validate_telemetry_provider(config)
|
|
30
|
+
unless config.telemetry_provider.is_a?(Aws::Telemetry::TelemetryProviderBase)
|
|
31
|
+
raise ArgumentError,
|
|
32
|
+
'Must provide a telemetry provider for the '\
|
|
33
|
+
'`telemetry_provider` configuration option.'
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
class Handler < Seahorse::Client::Handler
|
|
38
|
+
def call(context)
|
|
39
|
+
span_wrapper(context) { @handler.call(context) }
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
private
|
|
43
|
+
|
|
44
|
+
def span_wrapper(context, &block)
|
|
45
|
+
service_id = service_id(context)
|
|
46
|
+
attributes = {
|
|
47
|
+
'rpc.system' => 'aws-api',
|
|
48
|
+
'rpc.service' => service_id,
|
|
49
|
+
'rpc.method' => context.operation.name,
|
|
50
|
+
'code.function' => context.operation_name.to_s,
|
|
51
|
+
'code.namespace' => 'Aws::Plugins::Telemetry'
|
|
52
|
+
}
|
|
53
|
+
context.tracer.in_span(
|
|
54
|
+
parent_span_name(context, service_id),
|
|
55
|
+
attributes: attributes,
|
|
56
|
+
kind: Aws::Telemetry::SpanKind::CLIENT,
|
|
57
|
+
&block
|
|
58
|
+
)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def service_id(context)
|
|
62
|
+
context.config.api.metadata['serviceId'] ||
|
|
63
|
+
context.config.api.metadata['serviceAbbreviation'] ||
|
|
64
|
+
context.config.api.metadata['serviceFullName']
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def parent_span_name(context, service_id)
|
|
68
|
+
"#{service_id}.#{context.operation.name}".delete(' ')
|
|
69
|
+
end
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
handler(Handler, step: :initialize, priority: 99)
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
end
|
|
@@ -5,7 +5,8 @@ module Aws
|
|
|
5
5
|
|
|
6
6
|
# For Streaming Input Operations, when `requiresLength` is enabled
|
|
7
7
|
# checking whether `Content-Length` header can be set,
|
|
8
|
-
# for `v4-unsigned-body` operations,
|
|
8
|
+
# for `unsignedPayload` and `v4-unsigned-body` operations,
|
|
9
|
+
# set `Transfer-Encoding` header.
|
|
9
10
|
class TransferEncoding < Seahorse::Client::Plugin
|
|
10
11
|
|
|
11
12
|
# @api private
|
|
@@ -16,8 +17,8 @@ module Aws
|
|
|
16
17
|
unless context.http_request.body.respond_to?(:size)
|
|
17
18
|
if requires_length?(context.operation.input)
|
|
18
19
|
# if size of the IO is not available but required
|
|
19
|
-
raise Aws::Errors::MissingContentLength
|
|
20
|
-
elsif context.operation
|
|
20
|
+
raise Aws::Errors::MissingContentLength
|
|
21
|
+
elsif unsigned_payload?(context.operation)
|
|
21
22
|
context.http_request.headers['Transfer-Encoding'] = 'chunked'
|
|
22
23
|
end
|
|
23
24
|
end
|
|
@@ -29,18 +30,24 @@ module Aws
|
|
|
29
30
|
private
|
|
30
31
|
|
|
31
32
|
def streaming?(ref)
|
|
32
|
-
if payload = ref[:payload_member]
|
|
33
|
-
payload[
|
|
34
|
-
payload.shape["streaming"]
|
|
33
|
+
if (payload = ref[:payload_member])
|
|
34
|
+
payload['streaming'] || payload.shape['streaming']
|
|
35
35
|
else
|
|
36
36
|
false
|
|
37
37
|
end
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
+
def unsigned_payload?(operation)
|
|
41
|
+
operation['unsignedPayload'] ||
|
|
42
|
+
operation['authtype'] == 'v4-unsigned-body'
|
|
43
|
+
end
|
|
44
|
+
|
|
40
45
|
def requires_length?(ref)
|
|
41
|
-
payload = ref[:payload_member]
|
|
42
|
-
|
|
43
|
-
|
|
46
|
+
if (payload = ref[:payload_member])
|
|
47
|
+
payload['requiresLength'] || payload.shape['requiresLength']
|
|
48
|
+
else
|
|
49
|
+
false
|
|
50
|
+
end
|
|
44
51
|
end
|
|
45
52
|
|
|
46
53
|
end
|
|
@@ -4,6 +4,31 @@ module Aws
|
|
|
4
4
|
module Plugins
|
|
5
5
|
# @api private
|
|
6
6
|
class UserAgent < Seahorse::Client::Plugin
|
|
7
|
+
METRICS = Aws::Json.load(<<-METRICS)
|
|
8
|
+
{
|
|
9
|
+
"RESOURCE_MODEL": "A",
|
|
10
|
+
"WAITER": "B",
|
|
11
|
+
"PAGINATOR": "C",
|
|
12
|
+
"RETRY_MODE_LEGACY": "D",
|
|
13
|
+
"RETRY_MODE_STANDARD": "E",
|
|
14
|
+
"RETRY_MODE_ADAPTIVE": "F",
|
|
15
|
+
"S3_TRANSFER": "G",
|
|
16
|
+
"S3_CRYPTO_V1N": "H",
|
|
17
|
+
"S3_CRYPTO_V2": "I",
|
|
18
|
+
"S3_EXPRESS_BUCKET": "J",
|
|
19
|
+
"S3_ACCESS_GRANTS": "K",
|
|
20
|
+
"GZIP_REQUEST_COMPRESSION": "L",
|
|
21
|
+
"PROTOCOL_RPC_V2_CBOR": "M",
|
|
22
|
+
"ENDPOINT_OVERRIDE": "N",
|
|
23
|
+
"ACCOUNT_ID_ENDPOINT": "O",
|
|
24
|
+
"ACCOUNT_ID_MODE_PREFERRED": "P",
|
|
25
|
+
"ACCOUNT_ID_MODE_DISABLED": "Q",
|
|
26
|
+
"ACCOUNT_ID_MODE_REQUIRED": "R",
|
|
27
|
+
"SIGV4A_SIGNING": "S",
|
|
28
|
+
"RESOLVED_ACCOUNT_ID": "T"
|
|
29
|
+
}
|
|
30
|
+
METRICS
|
|
31
|
+
|
|
7
32
|
# @api private
|
|
8
33
|
option(:user_agent_suffix)
|
|
9
34
|
# @api private
|
|
@@ -14,20 +39,27 @@ module Aws
|
|
|
14
39
|
doc_type: 'String',
|
|
15
40
|
docstring: <<-DOCS) do |cfg|
|
|
16
41
|
A unique and opaque application ID that is appended to the
|
|
17
|
-
User-Agent header as app
|
|
18
|
-
maximum length of 50.
|
|
42
|
+
User-Agent header as app/sdk_ua_app_id. It should have a
|
|
43
|
+
maximum length of 50. This variable is sourced from environment
|
|
44
|
+
variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
|
|
19
45
|
DOCS
|
|
20
46
|
app_id = ENV['AWS_SDK_UA_APP_ID']
|
|
21
47
|
app_id ||= Aws.shared_config.sdk_ua_app_id(profile: cfg.profile)
|
|
22
48
|
app_id
|
|
23
49
|
end
|
|
24
50
|
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
51
|
+
# Deprecated - must exist for old service gems
|
|
52
|
+
def self.feature(_feature, &block)
|
|
53
|
+
block.call
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def self.metric(*metrics, &block)
|
|
57
|
+
Thread.current[:aws_sdk_core_user_agent_metric] ||= []
|
|
58
|
+
metrics = metrics.map { |metric| METRICS[metric] }.compact
|
|
59
|
+
Thread.current[:aws_sdk_core_user_agent_metric].concat(metrics)
|
|
28
60
|
block.call
|
|
29
61
|
ensure
|
|
30
|
-
Thread.current[:
|
|
62
|
+
Thread.current[:aws_sdk_core_user_agent_metric].pop(metrics.size)
|
|
31
63
|
end
|
|
32
64
|
|
|
33
65
|
# @api private
|
|
@@ -48,15 +80,24 @@ maximum length of 50.
|
|
|
48
80
|
|
|
49
81
|
def to_s
|
|
50
82
|
ua = "aws-sdk-ruby3/#{CORE_GEM_VERSION}"
|
|
51
|
-
ua += ' ua/2.
|
|
52
|
-
|
|
83
|
+
ua += ' ua/2.1'
|
|
84
|
+
if (api_m = api_metadata)
|
|
85
|
+
ua += " #{api_m}"
|
|
86
|
+
end
|
|
53
87
|
ua += " #{os_metadata}"
|
|
54
88
|
ua += " #{language_metadata}"
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
89
|
+
if (env_m = env_metadata)
|
|
90
|
+
ua += " #{env_m}"
|
|
91
|
+
end
|
|
92
|
+
if (app_id_m = app_id_metadata)
|
|
93
|
+
ua += " #{app_id_m}"
|
|
94
|
+
end
|
|
95
|
+
if (framework_m = framework_metadata)
|
|
96
|
+
ua += " #{framework_m}"
|
|
97
|
+
end
|
|
98
|
+
if (metric_m = metric_metadata)
|
|
99
|
+
ua += " #{metric_m}"
|
|
100
|
+
end
|
|
60
101
|
if @context.config.user_agent_suffix
|
|
61
102
|
ua += " #{@context.config.user_agent_suffix}"
|
|
62
103
|
end
|
|
@@ -92,7 +133,6 @@ maximum length of 50.
|
|
|
92
133
|
local_version = Gem::Platform.local.version
|
|
93
134
|
metadata += "##{local_version}" if local_version
|
|
94
135
|
metadata += " md/#{RbConfig::CONFIG['host_cpu']}"
|
|
95
|
-
metadata
|
|
96
136
|
end
|
|
97
137
|
|
|
98
138
|
# Used to be RUBY_ENGINE/RUBY_VERSION
|
|
@@ -106,11 +146,7 @@ maximum length of 50.
|
|
|
106
146
|
"exec-env/#{execution_env}"
|
|
107
147
|
end
|
|
108
148
|
|
|
109
|
-
def
|
|
110
|
-
"cfg/retry-mode##{@context.config.retry_mode}"
|
|
111
|
-
end
|
|
112
|
-
|
|
113
|
-
def app_id
|
|
149
|
+
def app_id_metadata
|
|
114
150
|
return unless (app_id = @context.config.sdk_ua_app_id)
|
|
115
151
|
|
|
116
152
|
# Sanitize and only allow these characters
|
|
@@ -118,12 +154,6 @@ maximum length of 50.
|
|
|
118
154
|
"app/#{app_id}"
|
|
119
155
|
end
|
|
120
156
|
|
|
121
|
-
def feature_metadata
|
|
122
|
-
return unless Thread.current[:aws_sdk_core_user_agent_feature]
|
|
123
|
-
|
|
124
|
-
Thread.current[:aws_sdk_core_user_agent_feature].join(' ')
|
|
125
|
-
end
|
|
126
|
-
|
|
127
157
|
def framework_metadata
|
|
128
158
|
if (frameworks_cfg = @context.config.user_agent_frameworks).empty?
|
|
129
159
|
return
|
|
@@ -140,10 +170,24 @@ maximum length of 50.
|
|
|
140
170
|
end
|
|
141
171
|
frameworks.map { |n, v| "lib/#{n}##{v}" }.join(' ')
|
|
142
172
|
end
|
|
173
|
+
|
|
174
|
+
def metric_metadata
|
|
175
|
+
if Thread.current[:aws_sdk_core_user_agent_metric].nil? ||
|
|
176
|
+
Thread.current[:aws_sdk_core_user_agent_metric].empty?
|
|
177
|
+
return
|
|
178
|
+
end
|
|
179
|
+
|
|
180
|
+
metrics = Thread.current[:aws_sdk_core_user_agent_metric].join(',')
|
|
181
|
+
# Metric metadata is limited to 1024 bytes
|
|
182
|
+
return "m/#{metrics}" if metrics.bytesize <= 1024
|
|
183
|
+
|
|
184
|
+
# Removes the last unfinished metric
|
|
185
|
+
"m/#{metrics[0...metrics[0..1024].rindex(',')]}"
|
|
186
|
+
end
|
|
143
187
|
end
|
|
144
188
|
end
|
|
145
189
|
|
|
146
|
-
handler(Handler, priority:
|
|
190
|
+
handler(Handler, step: :sign, priority: 97)
|
|
147
191
|
end
|
|
148
192
|
end
|
|
149
193
|
end
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Aws
|
|
4
|
+
# setup autoloading for Plugins
|
|
5
|
+
# Most plugins are required explicitly from service clients
|
|
6
|
+
# but users may reference them outside of client usage.
|
|
7
|
+
module Plugins
|
|
8
|
+
autoload :ApiKey, 'aws-sdk-core/plugins/api_key'
|
|
9
|
+
autoload :BearerAuthorization, 'aws-sdk-core/plugins/bearer_authorization'
|
|
10
|
+
autoload :ChecksumAlgorithm, 'aws-sdk-core/plugins/checksum_algorithm'
|
|
11
|
+
autoload :ClientMetricsPlugin, 'aws-sdk-core/plugins/client_metrics_plugin'
|
|
12
|
+
autoload :ClientMetricsSendPlugin, 'aws-sdk-core/plugins/client_metrics_send_plugin'
|
|
13
|
+
autoload :CredentialsConfiguration, 'aws-sdk-core/plugins/credentials_configuration'
|
|
14
|
+
autoload :DefaultsMode, 'aws-sdk-core/plugins/defaults_mode'
|
|
15
|
+
autoload :EndpointDiscovery, 'aws-sdk-core/plugins/endpoint_discovery'
|
|
16
|
+
autoload :EndpointPattern, 'aws-sdk-core/plugins/endpoint_pattern'
|
|
17
|
+
autoload :EventStreamConfiguration, 'aws-sdk-core/plugins/event_stream_configuration'
|
|
18
|
+
autoload :GlobalConfiguration, 'aws-sdk-core/plugins/global_configuration'
|
|
19
|
+
autoload :HelpfulSocketErrors, 'aws-sdk-core/plugins/helpful_socket_errors'
|
|
20
|
+
autoload :HttpChecksum, 'aws-sdk-core/plugins/http_checksum'
|
|
21
|
+
autoload :IdempotencyToken, 'aws-sdk-core/plugins/idempotency_token'
|
|
22
|
+
autoload :InvocationId, 'aws-sdk-core/plugins/invocation_id'
|
|
23
|
+
autoload :JsonvalueConverter, 'aws-sdk-core/plugins/jsonvalue_converter'
|
|
24
|
+
autoload :Logging, 'aws-sdk-core/plugins/logging'
|
|
25
|
+
autoload :ParamConverter, 'aws-sdk-core/plugins/param_converter'
|
|
26
|
+
autoload :ParamValidator, 'aws-sdk-core/plugins/param_validator'
|
|
27
|
+
autoload :RecursionDetection, 'aws-sdk-core/plugins/recursion_detection'
|
|
28
|
+
autoload :RegionalEndpoint, 'aws-sdk-core/plugins/regional_endpoint'
|
|
29
|
+
autoload :RequestCompression, 'aws-sdk-core/plugins/request_compression'
|
|
30
|
+
autoload :ResponsePaging, 'aws-sdk-core/plugins/response_paging'
|
|
31
|
+
autoload :RetryErrors, 'aws-sdk-core/plugins/retry_errors'
|
|
32
|
+
autoload :Sign, 'aws-sdk-core/plugins/sign'
|
|
33
|
+
autoload :SignatureV4, 'aws-sdk-core/plugins/signature_v4'
|
|
34
|
+
autoload :StubResponses, 'aws-sdk-core/plugins/stub_responses'
|
|
35
|
+
autoload :Telemetry, 'aws-sdk-core/plugins/telemetry'
|
|
36
|
+
autoload :TransferEncoding, 'aws-sdk-core/plugins/transfer_encoding'
|
|
37
|
+
autoload :UserAgent, 'aws-sdk-core/plugins/user_agent'
|
|
38
|
+
end
|
|
39
|
+
end
|
|
@@ -2,9 +2,15 @@
|
|
|
2
2
|
|
|
3
3
|
module Aws
|
|
4
4
|
# A credential provider that executes a given process and attempts
|
|
5
|
-
# to read its stdout to
|
|
5
|
+
# to read its stdout to receive a JSON payload containing the credentials.
|
|
6
6
|
#
|
|
7
|
-
# credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc')
|
|
7
|
+
# credentials = Aws::ProcessCredentials.new(['/usr/bin/credential_proc'])
|
|
8
|
+
# ec2 = Aws::EC2::Client.new(credentials: credentials)
|
|
9
|
+
#
|
|
10
|
+
# Arguments should be provided as strings in the array, for example:
|
|
11
|
+
#
|
|
12
|
+
# process = ['/usr/bin/credential_proc', 'arg1', 'arg2']
|
|
13
|
+
# credentials = Aws::ProcessCredentials.new(process)
|
|
8
14
|
# ec2 = Aws::EC2::Client.new(credentials: credentials)
|
|
9
15
|
#
|
|
10
16
|
# Automatically handles refreshing credentials if an Expiration time is
|
|
@@ -19,56 +25,69 @@ module Aws
|
|
|
19
25
|
# Creates a new ProcessCredentials object, which allows an
|
|
20
26
|
# external process to be used as a credential provider.
|
|
21
27
|
#
|
|
22
|
-
# @param [String] process
|
|
23
|
-
#
|
|
28
|
+
# @param [Array<String>, String] process An array of strings including
|
|
29
|
+
# the process name and its arguments to execute, or a single string to be
|
|
30
|
+
# executed by the shell (deprecated and insecure).
|
|
24
31
|
def initialize(process)
|
|
32
|
+
if process.is_a?(String)
|
|
33
|
+
warn('Passing a single string to Aws::ProcessCredentials.new '\
|
|
34
|
+
'is insecure, please use use an array of system arguments instead')
|
|
35
|
+
end
|
|
25
36
|
@process = process
|
|
26
|
-
@credentials = credentials_from_process
|
|
37
|
+
@credentials = credentials_from_process
|
|
27
38
|
@async_refresh = false
|
|
28
39
|
|
|
29
40
|
super
|
|
30
41
|
end
|
|
31
42
|
|
|
32
43
|
private
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
44
|
+
|
|
45
|
+
def credentials_from_process
|
|
46
|
+
r, w = IO.pipe
|
|
47
|
+
success = system(*@process, out: w)
|
|
48
|
+
w.close
|
|
49
|
+
raw_out = r.read
|
|
50
|
+
r.close
|
|
51
|
+
|
|
52
|
+
unless success
|
|
53
|
+
raise Errors::InvalidProcessCredentialsPayload.new(
|
|
54
|
+
'credential_process provider failure, the credential process had '\
|
|
55
|
+
'non zero exit status and failed to provide credentials'
|
|
56
|
+
)
|
|
39
57
|
end
|
|
40
58
|
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
raise Errors::InvalidProcessCredentialsPayload.new("Invalid JSON response")
|
|
46
|
-
end
|
|
47
|
-
payload_version = creds_json['Version']
|
|
48
|
-
if payload_version == 1
|
|
49
|
-
_parse_payload_format_v1(creds_json)
|
|
50
|
-
else
|
|
51
|
-
raise Errors::InvalidProcessCredentialsPayload.new("Invalid version #{payload_version} for credentials payload")
|
|
52
|
-
end
|
|
53
|
-
else
|
|
54
|
-
raise Errors::InvalidProcessCredentialsPayload.new('credential_process provider failure, the credential process had non zero exit status and failed to provide credentials')
|
|
59
|
+
begin
|
|
60
|
+
creds_json = Aws::Json.load(raw_out)
|
|
61
|
+
rescue Aws::Json::ParseError
|
|
62
|
+
raise Errors::InvalidProcessCredentialsPayload.new('Invalid JSON response')
|
|
55
63
|
end
|
|
64
|
+
|
|
65
|
+
payload_version = creds_json['Version']
|
|
66
|
+
return _parse_payload_format_v1(creds_json) if payload_version == 1
|
|
67
|
+
|
|
68
|
+
raise Errors::InvalidProcessCredentialsPayload.new(
|
|
69
|
+
"Invalid version #{payload_version} for credentials payload"
|
|
70
|
+
)
|
|
56
71
|
end
|
|
57
72
|
|
|
58
73
|
def _parse_payload_format_v1(creds_json)
|
|
59
74
|
creds = Credentials.new(
|
|
60
75
|
creds_json['AccessKeyId'],
|
|
61
76
|
creds_json['SecretAccessKey'],
|
|
62
|
-
creds_json['SessionToken']
|
|
77
|
+
creds_json['SessionToken'],
|
|
78
|
+
account_id: creds_json['AccountId']
|
|
63
79
|
)
|
|
64
80
|
|
|
65
81
|
@expiration = creds_json['Expiration'] ? Time.iso8601(creds_json['Expiration']) : nil
|
|
66
82
|
return creds if creds.set?
|
|
67
|
-
|
|
83
|
+
|
|
84
|
+
raise Errors::InvalidProcessCredentialsPayload.new(
|
|
85
|
+
'Invalid payload for JSON credentials version 1'
|
|
86
|
+
)
|
|
68
87
|
end
|
|
69
88
|
|
|
70
89
|
def refresh
|
|
71
|
-
@credentials = credentials_from_process
|
|
90
|
+
@credentials = credentials_from_process
|
|
72
91
|
end
|
|
73
92
|
|
|
74
93
|
def near_expiration?(expiration_length)
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Aws
|
|
4
|
+
# @api private
|
|
5
|
+
module Query
|
|
6
|
+
class EC2Handler < Aws::Query::Handler
|
|
7
|
+
|
|
8
|
+
def apply_params(param_list, params, rules)
|
|
9
|
+
Aws::Query::EC2ParamBuilder.new(param_list).apply(rules, params)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def parse_xml(context)
|
|
13
|
+
if (rules = context.operation.output)
|
|
14
|
+
parser = Xml::Parser.new(rules)
|
|
15
|
+
parser.parse(xml(context)) do |path, value|
|
|
16
|
+
if path.size == 2 && path.last == 'requestId'
|
|
17
|
+
context.metadata[:request_id] = value
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
else
|
|
21
|
+
EmptyStructure.new
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
@@ -31,13 +31,11 @@ module Aws
|
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
def list(ref, values, prefix)
|
|
34
|
-
if values.empty?
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
format(member_ref, value, "#{prefix}.#{n+1}")
|
|
40
|
-
end
|
|
34
|
+
return if values.empty?
|
|
35
|
+
|
|
36
|
+
member_ref = ref.shape.member
|
|
37
|
+
values.each.with_index do |value, n|
|
|
38
|
+
format(member_ref, value, "#{prefix}.#{n + 1}")
|
|
41
39
|
end
|
|
42
40
|
end
|
|
43
41
|
|