aws-sdk-core 3.200.0 → 3.201.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 370a79ef96fb4ff40cbbfcba57d5b0f01d19220c46f8bc77e96984ed14f10ffd
4
- data.tar.gz: 5be2366a83a15ced7f51ceb976a934f5b3a4f26b16337f298d12152f9fe576e8
3
+ metadata.gz: 3242d42e3e0e5e2edc14b5952789ec1dcf2a1a815c2e3378b8c317279cfb4cde
4
+ data.tar.gz: ccf76742ca38e548949a69a6d75ad7040e605247b378a597ec6d00336df816f2
5
5
  SHA512:
6
- metadata.gz: 164598c925b921092a9a9cebc3a28786f6add8737971d3e7322308dad25035d07664a90b7d9cdc01aabb2601a6ebeebeb6ee83a3cfd309fdcd2849eed3f50c51
7
- data.tar.gz: 306ce42e04c16d1c7bf3e6509f7641b60be02e74efa80698b3feef014117ee07c256a8703bb6e8de3dd5fc5e33018ff8f1551bef712eb81093b8289e4322ab60
6
+ metadata.gz: 012726aaef8a0b88c05c1f2168096c9d0f69385f618a1eaba177d949fcf715488d8a7b3475f5eb157f7c0d1a81a7c936851d96f4b25af5a6c1ca329ff98c17ad
7
+ data.tar.gz: ab95eaef0edc1d0f0a4c04ffa1a1c401b1caff844e56c000df70a8333af8953f82d89828ad52886a5915842c85528399909c895201f666df04a9f015ca8648e9
data/CHANGELOG.md CHANGED
@@ -1,6 +1,35 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 3.201.3 (2024-07-23)
5
+ ------------------
6
+
7
+ * Issue - Add `disableNormalizePath` when resolving auth_scheme for S3.
8
+
9
+ 3.201.2 (2024-07-18)
10
+ ------------------
11
+
12
+ * Issue - Allow modeled types to be used for Union inputs.
13
+ * Issue - Ensure that nested sensitive members and sensitive members of lists and maps are filtered.
14
+
15
+ 3.201.1 (2024-07-05)
16
+ ------------------
17
+
18
+ * Issue - Fix `Aws::ProcessCredentials` warning in cases where shared config is used.
19
+
20
+ 3.201.0 (2024-07-02)
21
+ ------------------
22
+
23
+ * Feature - Updated Aws::STS::Client with the latest API changes.
24
+
25
+ * Feature - Updated Aws::SSOOIDC::Client with the latest API changes.
26
+
27
+ * Feature - Updated Aws::SSO::Client with the latest API changes.
28
+
29
+ * Feature - Support `auth` trait to enable SigV4a based services.
30
+
31
+ * Feature - Support configuration for sigv4a signing regions using `ENV['AWS_SIGV4A_SIGNING_REGION_SET']`, `sigv4a_signing_region_set` shared config, or the `sigv4a_signing_region_set` client option.
32
+
4
33
  3.200.0 (2024-06-28)
5
34
  ------------------
6
35
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.200.0
1
+ 3.201.3
@@ -84,7 +84,7 @@ module Aws
84
84
  def static_profile_process_credentials(options)
85
85
  if Aws.shared_config.config_enabled? && options[:config] && options[:config].profile
86
86
  process_provider = Aws.shared_config.credential_process(profile: options[:config].profile)
87
- ProcessCredentials.new(process_provider) if process_provider
87
+ ProcessCredentials.new([process_provider]) if process_provider
88
88
  end
89
89
  rescue Errors::NoSuchProfileError
90
90
  nil
@@ -117,9 +117,9 @@ module Aws
117
117
 
118
118
  def process_credentials(options)
119
119
  profile_name = determine_profile_name(options)
120
- if Aws.shared_config.config_enabled? &&
121
- (process_provider = Aws.shared_config.credential_process(profile: profile_name))
122
- ProcessCredentials.new(process_provider)
120
+ if Aws.shared_config.config_enabled?
121
+ process_provider = Aws.shared_config.credential_process(profile: profile_name)
122
+ ProcessCredentials.new([process_provider]) if process_provider
123
123
  end
124
124
  rescue Errors::NoSuchProfileError
125
125
  nil
@@ -14,9 +14,15 @@ require_relative 'endpoints/templater'
14
14
  require_relative 'endpoints/tree_rule'
15
15
  require_relative 'endpoints/url'
16
16
 
17
+ require 'aws-sigv4'
18
+
17
19
  module Aws
18
20
  # @api private
19
21
  module Endpoints
22
+ supported_auth_traits = %w[aws.auth#sigv4 smithy.api#httpBearerAuth smithy.api#noAuth]
23
+ supported_auth_traits += ['aws.auth#sigv4a'] if Aws::Sigv4::Signer.use_crt?
24
+ SUPPORTED_AUTH_TRAITS = supported_auth_traits.freeze
25
+
20
26
  class << self
21
27
  def resolve_auth_scheme(context, endpoint)
22
28
  if endpoint && (auth_schemes = endpoint.properties['authSchemes'])
@@ -33,8 +39,71 @@ module Aws
33
39
 
34
40
  private
35
41
 
42
+ def merge_signing_defaults(auth_scheme, config)
43
+ if %w[sigv4 sigv4a sigv4-s3express].include?(auth_scheme['name'])
44
+ auth_scheme['signingName'] ||= sigv4_name(config)
45
+
46
+ # back fill disableNormalizePath for S3 until it gets correctly set in the rules
47
+ if auth_scheme['signingName'] == 's3' &&
48
+ !auth_scheme.include?('disableNormalizePath') &&
49
+ auth_scheme.include?('disableDoubleEncoding')
50
+ auth_scheme['disableNormalizePath'] = auth_scheme['disableDoubleEncoding']
51
+ end
52
+ if auth_scheme['name'] == 'sigv4a'
53
+ # config option supersedes endpoint properties
54
+ auth_scheme['signingRegionSet'] =
55
+ config.sigv4a_signing_region_set || auth_scheme['signingRegionSet'] || [config.region]
56
+ else
57
+ auth_scheme['signingRegion'] ||= config.region
58
+ end
59
+ end
60
+ auth_scheme
61
+ end
62
+
63
+ def sigv4_name(config)
64
+ config.api.metadata['signingName'] ||
65
+ config.api.metadata['endpointPrefix']
66
+ end
67
+
36
68
  def default_auth_scheme(context)
37
- case default_api_authtype(context)
69
+ if (auth_list = default_api_auth(context))
70
+ auth = auth_list.find { |a| SUPPORTED_AUTH_TRAITS.include?(a) }
71
+ case auth
72
+ when 'aws.auth#sigv4', 'aws.auth#sigv4a'
73
+ auth_scheme = { 'name' => auth.split('#').last }
74
+ if s3_or_s3v4_signature_version?(context)
75
+ auth_scheme = auth_scheme.merge(
76
+ 'disableDoubleEncoding' => true,
77
+ 'disableNormalizePath' => true
78
+ )
79
+ end
80
+ merge_signing_defaults(auth_scheme, context.config)
81
+ when 'smithy.api#httpBearerAuth'
82
+ { 'name' => 'bearer' }
83
+ when 'smithy.api#noAuth'
84
+ { 'name' => 'none' }
85
+ else
86
+ raise 'No supported auth trait for this endpoint.'
87
+ end
88
+ else
89
+ legacy_default_auth_scheme(context)
90
+ end
91
+ end
92
+
93
+ def default_api_auth(context)
94
+ context.config.api.operation(context.operation_name)['auth'] ||
95
+ context.config.api.metadata['auth']
96
+ end
97
+
98
+ def s3_or_s3v4_signature_version?(context)
99
+ %w[s3 s3v4].include?(context.config.api.metadata['signatureVersion'])
100
+ end
101
+
102
+ # Legacy auth resolution - looks for deprecated signatureVersion
103
+ # and authType traits.
104
+
105
+ def legacy_default_auth_scheme(context)
106
+ case legacy_default_api_authtype(context)
38
107
  when 'v4', 'v4-unsigned-body'
39
108
  auth_scheme = { 'name' => 'sigv4' }
40
109
  merge_signing_defaults(auth_scheme, context.config)
@@ -52,27 +121,11 @@ module Aws
52
121
  end
53
122
  end
54
123
 
55
- def merge_signing_defaults(auth_scheme, config)
56
- if %w[sigv4 sigv4a sigv4-s3express].include?(auth_scheme['name'])
57
- auth_scheme['signingName'] ||= sigv4_name(config)
58
- if auth_scheme['name'] == 'sigv4a'
59
- auth_scheme['signingRegionSet'] ||= ['*']
60
- else
61
- auth_scheme['signingRegion'] ||= config.region
62
- end
63
- end
64
- auth_scheme
65
- end
66
-
67
- def default_api_authtype(context)
124
+ def legacy_default_api_authtype(context)
68
125
  context.config.api.operation(context.operation_name)['authtype'] ||
69
126
  context.config.api.metadata['signatureVersion']
70
127
  end
71
128
 
72
- def sigv4_name(config)
73
- config.api.metadata['signingName'] ||
74
- config.api.metadata['endpointPrefix']
75
- end
76
129
  end
77
130
  end
78
131
  end
@@ -236,6 +236,15 @@ module Aws
236
236
  end
237
237
  end
238
238
 
239
+ # Raised when a client is constructed and the sigv4a region set is invalid.
240
+ # It is invalid when it is empty and/or contains empty strings.
241
+ class InvalidRegionSetError < ArgumentError
242
+ def initialize(*args)
243
+ msg = 'The provided sigv4a region set was empty or invalid.'
244
+ super(msg)
245
+ end
246
+ end
247
+
239
248
  # Raised when a client is contsructed and the region is not valid.
240
249
  class InvalidRegionError < ArgumentError
241
250
  def initialize(*args)
@@ -55,14 +55,14 @@ module Aws
55
55
  filtered[key] = if @enabled && filters.include?(key)
56
56
  '[FILTERED]'
57
57
  else
58
- filter(value, type)
58
+ filter(value, value.class)
59
59
  end
60
60
  end
61
61
  filtered
62
62
  end
63
63
 
64
64
  def filter_array(values, type)
65
- values.map { |value| filter(value, type) }
65
+ values.map { |value| filter(value, value.class) }
66
66
  end
67
67
 
68
68
  end
@@ -71,7 +71,7 @@ module Aws
71
71
  end
72
72
 
73
73
  if @validate_required && shape.union
74
- set_values = @input ? values.length : values.to_h.length
74
+ set_values = values.to_h.length
75
75
  if set_values > 1
76
76
  errors << "multiple values provided to union at #{context} - must contain exactly one of the supported types: #{shape.member_names.join(', ')}"
77
77
  elsif set_values == 0
@@ -4,6 +4,8 @@ module Aws
4
4
  # @api private
5
5
  module Plugins
6
6
  # @api private
7
+ # Deprecated - does not look at new traits like `auth` and `unsignedPayload`
8
+ # Necessary to exist after endpoints 2.0 for old service clients + new core
7
9
  class BearerAuthorization < Seahorse::Client::Plugin
8
10
 
9
11
  option(:token_provider,
@@ -238,7 +238,8 @@ module Aws
238
238
 
239
239
  # determine where (header vs trailer) a request checksum should be added
240
240
  def checksum_request_in(context)
241
- if context.operation['authtype'].eql?('v4-unsigned-body')
241
+ if context.operation['unsignedPayload'] ||
242
+ context.operation['authtype'] == 'v4-unsigned-body'
242
243
  'trailer'
243
244
  else
244
245
  'header'
@@ -24,6 +24,21 @@ a default `:region` is searched for in the following locations:
24
24
  resolve_region(cfg)
25
25
  end
26
26
 
27
+ option(:sigv4a_signing_region_set,
28
+ doc_type: Array,
29
+ rbs_type: 'Array[String]',
30
+ docstring: <<-DOCS) do |cfg|
31
+ A list of regions that should be signed with SigV4a signing. When
32
+ not passed, a default `:sigv4a_signing_region_set` is searched for
33
+ in the following locations:
34
+
35
+ * `Aws.config[:sigv4a_signing_region_set]`
36
+ * `ENV['AWS_SIGV4A_SIGNING_REGION_SET']`
37
+ * `~/.aws/config`
38
+ DOCS
39
+ resolve_sigv4a_signing_region_set(cfg)
40
+ end
41
+
27
42
  option(:use_dualstack_endpoint,
28
43
  doc_type: 'Boolean',
29
44
  docstring: <<-DOCS) do |cfg|
@@ -65,9 +80,17 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
65
80
  end
66
81
 
67
82
  def after_initialize(client)
68
- if client.config.region.nil? || client.config.region == ''
69
- raise Errors::MissingRegionError
70
- end
83
+ region = client.config.region
84
+ raise Errors::MissingRegionError if region.nil? || region == ''
85
+
86
+ region_set = client.config.sigv4a_signing_region_set
87
+ return if region_set.nil?
88
+ raise Errors::InvalidRegionSetError unless region_set.is_a?(Array)
89
+
90
+ region_set = region_set.compact.reject(&:empty?)
91
+ raise Errors::InvalidRegionSetError if region_set.empty?
92
+
93
+ client.config.sigv4a_signing_region_set = region_set
71
94
  end
72
95
 
73
96
  class << self
@@ -81,6 +104,12 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
81
104
  env_region || cfg_region
82
105
  end
83
106
 
107
+ def resolve_sigv4a_signing_region_set(cfg)
108
+ value = ENV['AWS_SIGV4A_SIGNING_REGION_SET']
109
+ value ||= Aws.shared_config.sigv4a_signing_region_set(profile: cfg.profile)
110
+ value.split(',') if value
111
+ end
112
+
84
113
  def resolve_use_dualstack_endpoint(cfg)
85
114
  value = ENV['AWS_USE_DUALSTACK_ENDPOINT']
86
115
  value ||= Aws.shared_config.use_dualstack_endpoint(
@@ -102,7 +102,7 @@ module Aws
102
102
  end
103
103
 
104
104
  region = if scheme_name == 'sigv4a'
105
- auth_scheme['signingRegionSet'].first
105
+ auth_scheme['signingRegionSet'].join(',')
106
106
  else
107
107
  auth_scheme['signingRegion']
108
108
  end
@@ -159,17 +159,20 @@ module Aws
159
159
  private
160
160
 
161
161
  def apply_authtype(context, req)
162
- # only used for eventstreaming at input
162
+ # only used for event streaming at input
163
163
  if context[:input_event_emitter]
164
164
  req.headers['X-Amz-Content-Sha256'] = 'STREAMING-AWS4-HMAC-SHA256-EVENTS'
165
- else
166
- if context.operation['authtype'].eql?('v4-unsigned-body') &&
167
- req.endpoint.scheme.eql?('https')
168
- req.headers['X-Amz-Content-Sha256'] ||= 'UNSIGNED-PAYLOAD'
169
- end
165
+ elsif unsigned_payload?(context, req)
166
+ req.headers['X-Amz-Content-Sha256'] ||= 'UNSIGNED-PAYLOAD'
170
167
  end
171
168
  end
172
169
 
170
+ def unsigned_payload?(context, req)
171
+ (context.operation['unsignedPayload'] ||
172
+ context.operation['authtype'] == 'v4-unsigned-body') &&
173
+ req.endpoint.scheme == 'https'
174
+ end
175
+
173
176
  def reset_signature(req)
174
177
  # in case this request is being re-signed
175
178
  req.headers.delete('Authorization')
@@ -3,7 +3,8 @@
3
3
  module Aws
4
4
  module Plugins
5
5
  # @api private
6
- # Necessary to keep after Endpoints 2.0
6
+ # Deprecated - does not look at new traits like `auth` and `unsignedPayload`
7
+ # Necessary to exist after endpoints 2.0 for old service clients + new core
7
8
  class SignatureV2 < Seahorse::Client::Plugin
8
9
 
9
10
  option(:v2_signer) do |cfg|
@@ -5,7 +5,8 @@ require 'aws-sigv4'
5
5
  module Aws
6
6
  module Plugins
7
7
  # @api private
8
- # Necessary to exist after endpoints 2.0
8
+ # Deprecated - does not look at new traits like `auth` and `unsignedPayload`
9
+ # Necessary to exist after endpoints 2.0 for old service clients + new core
9
10
  class SignatureV4 < Seahorse::Client::Plugin
10
11
 
11
12
  V4_AUTH = %w[v4 v4-unsigned-payload v4-unsigned-body]
@@ -5,7 +5,8 @@ module Aws
5
5
 
6
6
  # For Streaming Input Operations, when `requiresLength` is enabled
7
7
  # checking whether `Content-Length` header can be set,
8
- # for `v4-unsigned-body` operations, set `Transfer-Encoding` header
8
+ # for `unsignedPayload` and `v4-unsigned-body` operations,
9
+ # set `Transfer-Encoding` header.
9
10
  class TransferEncoding < Seahorse::Client::Plugin
10
11
 
11
12
  # @api private
@@ -16,8 +17,8 @@ module Aws
16
17
  unless context.http_request.body.respond_to?(:size)
17
18
  if requires_length?(context.operation.input)
18
19
  # if size of the IO is not available but required
19
- raise Aws::Errors::MissingContentLength.new
20
- elsif context.operation['authtype'] == "v4-unsigned-body"
20
+ raise Aws::Errors::MissingContentLength
21
+ elsif unsigned_payload?(context.operation)
21
22
  context.http_request.headers['Transfer-Encoding'] = 'chunked'
22
23
  end
23
24
  end
@@ -29,18 +30,24 @@ module Aws
29
30
  private
30
31
 
31
32
  def streaming?(ref)
32
- if payload = ref[:payload_member]
33
- payload["streaming"] || # checking ref and shape
34
- payload.shape["streaming"]
33
+ if (payload = ref[:payload_member])
34
+ payload['streaming'] || payload.shape['streaming']
35
35
  else
36
36
  false
37
37
  end
38
38
  end
39
39
 
40
+ def unsigned_payload?(operation)
41
+ operation['unsignedPayload'] ||
42
+ operation['authtype'] == 'v4-unsigned-body'
43
+ end
44
+
40
45
  def requires_length?(ref)
41
- payload = ref[:payload_member]
42
- payload["requiresLength"] || # checking ref and shape
43
- payload.shape["requiresLength"]
46
+ if (payload = ref[:payload_member])
47
+ payload['requiresLength'] || payload.shape['requiresLength']
48
+ else
49
+ false
50
+ end
44
51
  end
45
52
 
46
53
  end
@@ -198,6 +198,7 @@ module Aws
198
198
 
199
199
  config_reader(
200
200
  :region,
201
+ :sigv4a_signing_region_set,
201
202
  :ca_bundle,
202
203
  :credential_process,
203
204
  :endpoint_discovery_enabled,
@@ -338,7 +339,7 @@ module Aws
338
339
  if @parsed_config
339
340
  credential_process ||= @parsed_config.fetch(profile, {})['credential_process']
340
341
  end
341
- ProcessCredentials.new(credential_process) if credential_process
342
+ ProcessCredentials.new([credential_process]) if credential_process
342
343
  end
343
344
 
344
345
  def credentials_from_shared(profile, _opts)
@@ -312,6 +312,15 @@ module Aws::SSO
312
312
  #
313
313
  # @option options [String] :session_token
314
314
  #
315
+ # @option options [Array] :sigv4a_signing_region_set
316
+ # A list of regions that should be signed with SigV4a signing. When
317
+ # not passed, a default `:sigv4a_signing_region_set` is searched for
318
+ # in the following locations:
319
+ #
320
+ # * `Aws.config[:sigv4a_signing_region_set]`
321
+ # * `ENV['AWS_SIGV4A_SIGNING_REGION_SET']`
322
+ # * `~/.aws/config`
323
+ #
315
324
  # @option options [Boolean] :stub_responses (false)
316
325
  # Causes the client to return stubbed responses. By default
317
326
  # fake responses are generated and returned. You can specify
@@ -633,7 +642,7 @@ module Aws::SSO
633
642
  params: params,
634
643
  config: config)
635
644
  context[:gem_name] = 'aws-sdk-core'
636
- context[:gem_version] = '3.200.0'
645
+ context[:gem_version] = '3.201.3'
637
646
  Seahorse::Client::Request.new(handlers, context)
638
647
  end
639
648
 
@@ -129,6 +129,7 @@ module Aws::SSO
129
129
  o.http_method = "GET"
130
130
  o.http_request_uri = "/federation/credentials"
131
131
  o['authtype'] = "none"
132
+ o['auth'] = ["smithy.api#noAuth"]
132
133
  o.input = Shapes::ShapeRef.new(shape: GetRoleCredentialsRequest)
133
134
  o.output = Shapes::ShapeRef.new(shape: GetRoleCredentialsResponse)
134
135
  o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
@@ -142,6 +143,7 @@ module Aws::SSO
142
143
  o.http_method = "GET"
143
144
  o.http_request_uri = "/assignment/roles"
144
145
  o['authtype'] = "none"
146
+ o['auth'] = ["smithy.api#noAuth"]
145
147
  o.input = Shapes::ShapeRef.new(shape: ListAccountRolesRequest)
146
148
  o.output = Shapes::ShapeRef.new(shape: ListAccountRolesResponse)
147
149
  o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
@@ -161,6 +163,7 @@ module Aws::SSO
161
163
  o.http_method = "GET"
162
164
  o.http_request_uri = "/assignment/accounts"
163
165
  o['authtype'] = "none"
166
+ o['auth'] = ["smithy.api#noAuth"]
164
167
  o.input = Shapes::ShapeRef.new(shape: ListAccountsRequest)
165
168
  o.output = Shapes::ShapeRef.new(shape: ListAccountsResponse)
166
169
  o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
@@ -180,6 +183,7 @@ module Aws::SSO
180
183
  o.http_method = "POST"
181
184
  o.http_request_uri = "/logout"
182
185
  o['authtype'] = "none"
186
+ o['auth'] = ["smithy.api#noAuth"]
183
187
  o.input = Shapes::ShapeRef.new(shape: LogoutRequest)
184
188
  o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
185
189
  o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
data/lib/aws-sdk-sso.rb CHANGED
@@ -54,6 +54,6 @@ require_relative 'aws-sdk-sso/customizations'
54
54
  # @!group service
55
55
  module Aws::SSO
56
56
 
57
- GEM_VERSION = '3.200.0'
57
+ GEM_VERSION = '3.201.3'
58
58
 
59
59
  end
@@ -312,6 +312,15 @@ module Aws::SSOOIDC
312
312
  #
313
313
  # @option options [String] :session_token
314
314
  #
315
+ # @option options [Array] :sigv4a_signing_region_set
316
+ # A list of regions that should be signed with SigV4a signing. When
317
+ # not passed, a default `:sigv4a_signing_region_set` is searched for
318
+ # in the following locations:
319
+ #
320
+ # * `Aws.config[:sigv4a_signing_region_set]`
321
+ # * `ENV['AWS_SIGV4A_SIGNING_REGION_SET']`
322
+ # * `~/.aws/config`
323
+ #
315
324
  # @option options [Boolean] :stub_responses (false)
316
325
  # Causes the client to return stubbed responses. By default
317
326
  # fake responses are generated and returned. You can specify
@@ -986,7 +995,7 @@ module Aws::SSOOIDC
986
995
  params: params,
987
996
  config: config)
988
997
  context[:gem_name] = 'aws-sdk-core'
989
- context[:gem_version] = '3.200.0'
998
+ context[:gem_version] = '3.201.3'
990
999
  Seahorse::Client::Request.new(handlers, context)
991
1000
  end
992
1001
 
@@ -225,6 +225,7 @@ module Aws::SSOOIDC
225
225
  o.http_method = "POST"
226
226
  o.http_request_uri = "/token"
227
227
  o['authtype'] = "none"
228
+ o['auth'] = ["smithy.api#noAuth"]
228
229
  o.input = Shapes::ShapeRef.new(shape: CreateTokenRequest)
229
230
  o.output = Shapes::ShapeRef.new(shape: CreateTokenResponse)
230
231
  o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
@@ -265,6 +266,7 @@ module Aws::SSOOIDC
265
266
  o.http_method = "POST"
266
267
  o.http_request_uri = "/client/register"
267
268
  o['authtype'] = "none"
269
+ o['auth'] = ["smithy.api#noAuth"]
268
270
  o.input = Shapes::ShapeRef.new(shape: RegisterClientRequest)
269
271
  o.output = Shapes::ShapeRef.new(shape: RegisterClientResponse)
270
272
  o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
@@ -280,6 +282,7 @@ module Aws::SSOOIDC
280
282
  o.http_method = "POST"
281
283
  o.http_request_uri = "/device_authorization"
282
284
  o['authtype'] = "none"
285
+ o['auth'] = ["smithy.api#noAuth"]
283
286
  o.input = Shapes::ShapeRef.new(shape: StartDeviceAuthorizationRequest)
284
287
  o.output = Shapes::ShapeRef.new(shape: StartDeviceAuthorizationResponse)
285
288
  o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
@@ -54,6 +54,6 @@ require_relative 'aws-sdk-ssooidc/customizations'
54
54
  # @!group service
55
55
  module Aws::SSOOIDC
56
56
 
57
- GEM_VERSION = '3.200.0'
57
+ GEM_VERSION = '3.201.3'
58
58
 
59
59
  end
@@ -314,6 +314,15 @@ module Aws::STS
314
314
  #
315
315
  # @option options [String] :session_token
316
316
  #
317
+ # @option options [Array] :sigv4a_signing_region_set
318
+ # A list of regions that should be signed with SigV4a signing. When
319
+ # not passed, a default `:sigv4a_signing_region_set` is searched for
320
+ # in the following locations:
321
+ #
322
+ # * `Aws.config[:sigv4a_signing_region_set]`
323
+ # * `ENV['AWS_SIGV4A_SIGNING_REGION_SET']`
324
+ # * `~/.aws/config`
325
+ #
317
326
  # @option options [String] :sts_regional_endpoints ("regional")
318
327
  # Passing in 'regional' to enable regional endpoint for STS for all supported
319
328
  # regions (except 'aws-global'). Using 'legacy' mode will force all legacy
@@ -2380,7 +2389,7 @@ module Aws::STS
2380
2389
  params: params,
2381
2390
  config: config)
2382
2391
  context[:gem_name] = 'aws-sdk-core'
2383
- context[:gem_version] = '3.200.0'
2392
+ context[:gem_version] = '3.201.3'
2384
2393
  Seahorse::Client::Request.new(handlers, context)
2385
2394
  end
2386
2395
 
@@ -280,7 +280,7 @@ module Aws::STS
280
280
  o.name = "AssumeRoleWithSAML"
281
281
  o.http_method = "POST"
282
282
  o.http_request_uri = "/"
283
- o['authtype'] = "none"
283
+ o['auth'] = ["smithy.api#noAuth"]
284
284
  o.input = Shapes::ShapeRef.new(shape: AssumeRoleWithSAMLRequest)
285
285
  o.output = Shapes::ShapeRef.new(shape: AssumeRoleWithSAMLResponse)
286
286
  o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
@@ -295,7 +295,7 @@ module Aws::STS
295
295
  o.name = "AssumeRoleWithWebIdentity"
296
296
  o.http_method = "POST"
297
297
  o.http_request_uri = "/"
298
- o['authtype'] = "none"
298
+ o['auth'] = ["smithy.api#noAuth"]
299
299
  o.input = Shapes::ShapeRef.new(shape: AssumeRoleWithWebIdentityRequest)
300
300
  o.output = Shapes::ShapeRef.new(shape: AssumeRoleWithWebIdentityResponse)
301
301
  o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
data/lib/aws-sdk-sts.rb CHANGED
@@ -54,6 +54,6 @@ require_relative 'aws-sdk-sts/customizations'
54
54
  # @!group service
55
55
  module Aws::STS
56
56
 
57
- GEM_VERSION = '3.200.0'
57
+ GEM_VERSION = '3.201.3'
58
58
 
59
59
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.200.0
4
+ version: 3.201.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-06-28 00:00:00.000000000 Z
11
+ date: 2024-07-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jmespath