aws-sdk-core 3.249.0 → 3.252.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2aac2c3b838ca898d180060ba1aa813c6740d469757e723cc332aae9b82efa64
4
- data.tar.gz: 4f82adb4f30c65c745fb87a780339735dbeb081d7c63a06410737279f13ffd64
3
+ metadata.gz: 96694b8f2f5836a441a97a28c54192ac0c7ecd4bc17ce0e7f38aa1979f4b44ce
4
+ data.tar.gz: 22beaae2d0474238fb04148a1b388ce0de31efa1f8f2ac5c7daff1315cfbb44f
5
5
  SHA512:
6
- metadata.gz: 5dff30a277439874f787c39903d37c9571969fbd0f883a1039eb1ea75260d8454f6c77477917e9e660fd426905e1dee67000ac7136bd39f0d28110558aaf00d8
7
- data.tar.gz: 321a1cb89e250911a05166a6d39575b099f7822c130207455091bdb76d14028ba739d6d1bbdfc9fc0e68fc7f49e6cc7a4e785533e6d156b84d68e6447f08b5cd
6
+ metadata.gz: 40fa25ff493916dd88b63b5bc77f18675e066fbf74a38773adee76b1ec6b4376430d03fb53697ddb0759e11c41815e54c7e30bba71cd0622571f1ae18a47a2d8
7
+ data.tar.gz: c81b88488d9029025ecec32d86b9fd83ae71b8e144025eaf859227e75996d8f9b1bce06ee375de7f9ac00eea06d36a48744f79b49db4ab3b636596fbcf2a8d19
data/CHANGELOG.md CHANGED
@@ -1,6 +1,25 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 3.252.0 (2026-06-10)
5
+ ------------------
6
+
7
+ * Feature - Updated Aws::Signin::Client with the latest API changes.
8
+
9
+ * Feature - AWS Sign-In now allows customers to control access to the AWS Management Console using resource-based policies. With this release customers can restrict console access based on network perimeters such as VPC IDs, VPC endpoints, and IP addresses.
10
+
11
+ 3.251.0 (2026-06-02)
12
+ ------------------
13
+
14
+ * Feature - Adding new BDD representation of endpoint ruleset
15
+
16
+ 3.250.0 (2026-05-28)
17
+ ------------------
18
+
19
+ * Feature - Adding new BDD representation of endpoint ruleset
20
+
21
+ * Issue - Prevent unbounded recursion in CBOR decoder that could cause process termination on malformed responses.
22
+
4
23
  3.249.0 (2026-05-22)
5
24
  ------------------
6
25
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.249.0
1
+ 3.252.0
@@ -7,6 +7,7 @@ module Aws
7
7
  def initialize(bytes)
8
8
  @buffer = bytes
9
9
  @pos = 0
10
+ @depth = 0
10
11
  end
11
12
 
12
13
  def decode
@@ -25,10 +26,14 @@ module Aws
25
26
  TAG_TYPE_BIGNUM = 2
26
27
  TAG_TYPE_NEG_BIGNUM = 3
27
28
  TAG_TYPE_BIGDEC = 4
29
+ MAX_DEPTH = 128 # Value chosen to match other SDKs
28
30
 
29
31
  # high level, generic decode. Based on the next type. Consumes and returns
30
32
  # the next item as a ruby object.
31
33
  def decode_item
34
+ @depth += 1
35
+ raise Error, "Maximum nesting depth (#{MAX_DEPTH}) exceeded" if @depth > MAX_DEPTH
36
+
32
37
  case (next_type = peek_type)
33
38
  when :array
34
39
  read_array.times.map { decode_item }
@@ -75,6 +80,8 @@ module Aws
75
80
  else
76
81
  send("read_#{next_type}")
77
82
  end
83
+ ensure
84
+ @depth -= 1
78
85
  end
79
86
 
80
87
  # low level streaming interface
@@ -121,8 +128,7 @@ module Aws
121
128
  when 0 then val
122
129
  when 1 then -1 - val
123
130
  else
124
- raise Error,
125
- "Expected Integer (0,1) got major type: #{major_type}"
131
+ raise Error, "Expected Integer (0,1) got major type: #{major_type}"
126
132
  end
127
133
  end
128
134
 
@@ -173,8 +179,7 @@ module Aws
173
179
 
174
180
  def read_reserved_undefined
175
181
  _major_type, add_info = read_info
176
- raise Error,
177
- "Undefined reserved additional information: #{add_info}"
182
+ raise Error, "Undefined reserved additional information: #{add_info}"
178
183
  end
179
184
 
180
185
  def read_boolean
@@ -183,9 +188,7 @@ module Aws
183
188
  when 20 then false
184
189
  when 21 then true
185
190
  else
186
- raise Error,
187
- 'Invalid Boolean simple type, expected add_info of 20 or 21, ' \
188
- "got: #{add_info}"
191
+ raise Error, "Invalid Boolean simple type, expected add_info of 20 or 21, got: #{add_info}"
189
192
  end
190
193
  end
191
194
 
@@ -221,7 +224,7 @@ module Aws
221
224
  # exp-15-10
222
225
  Math.ldexp(1024 + mant, exp - 25)
223
226
  end
224
- if (b16[15]).zero?
227
+ if b16[15].zero?
225
228
  val
226
229
  else
227
230
  -val
@@ -250,9 +253,7 @@ module Aws
250
253
  when 2 then v
251
254
  when 3 then -1 - v
252
255
  else
253
- raise Error,
254
- 'Invalid Tag value for BigNum, ' \
255
- "expected 2 or 3, got: #{tag_value}"
256
+ raise Error, "Invalid Tag value for BigNum, expected 2 or 3, got: #{tag_value}"
256
257
  end
257
258
  end
258
259
 
@@ -559,6 +559,267 @@ module Aws::Signin
559
559
  req.send_request(options)
560
560
  end
561
561
 
562
+ # Delete console authorization configuration with automatic scope
563
+ # detection
564
+ #
565
+ # @option params [String] :target_id
566
+ # Target account identifier
567
+ #
568
+ # @return [Types::DeleteConsoleAuthorizationConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
569
+ #
570
+ # * {Types::DeleteConsoleAuthorizationConfigurationOutput#target_id #target_id} => String
571
+ # * {Types::DeleteConsoleAuthorizationConfigurationOutput#scope #scope} => String
572
+ # * {Types::DeleteConsoleAuthorizationConfigurationOutput#console_authorization_enabled #console_authorization_enabled} => Boolean
573
+ #
574
+ # @example Request syntax with placeholder values
575
+ #
576
+ # resp = client.delete_console_authorization_configuration({
577
+ # target_id: "TargetId",
578
+ # })
579
+ #
580
+ # @example Response structure
581
+ #
582
+ # resp.target_id #=> String
583
+ # resp.scope #=> String
584
+ # resp.console_authorization_enabled #=> Boolean
585
+ #
586
+ # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/DeleteConsoleAuthorizationConfiguration AWS API Documentation
587
+ #
588
+ # @overload delete_console_authorization_configuration(params = {})
589
+ # @param [Hash] params ({})
590
+ def delete_console_authorization_configuration(params = {}, options = {})
591
+ req = build_request(:delete_console_authorization_configuration, params)
592
+ req.send_request(options)
593
+ end
594
+
595
+ # Remove a permission statement from the account's SignIn
596
+ # resource-based policy
597
+ #
598
+ # @option params [required, String] :statement_id
599
+ # Unique identifier of the permission statement to delete
600
+ #
601
+ # @option params [String] :client_token
602
+ # Idempotency token for the request
603
+ #
604
+ # **A suitable default value is auto-generated.** You should normally
605
+ # not need to pass this option.**
606
+ #
607
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
608
+ #
609
+ # @example Request syntax with placeholder values
610
+ #
611
+ # resp = client.delete_resource_permission_statement({
612
+ # statement_id: "StatementId", # required
613
+ # client_token: "ClientToken",
614
+ # })
615
+ #
616
+ # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/DeleteResourcePermissionStatement AWS API Documentation
617
+ #
618
+ # @overload delete_resource_permission_statement(params = {})
619
+ # @param [Hash] params ({})
620
+ def delete_resource_permission_statement(params = {}, options = {})
621
+ req = build_request(:delete_resource_permission_statement, params)
622
+ req.send_request(options)
623
+ end
624
+
625
+ # Get console authorization configuration with automatic scope detection
626
+ #
627
+ # @option params [String] :target_id
628
+ # Target account identifier
629
+ #
630
+ # @return [Types::GetConsoleAuthorizationConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
631
+ #
632
+ # * {Types::GetConsoleAuthorizationConfigurationOutput#target_id #target_id} => String
633
+ # * {Types::GetConsoleAuthorizationConfigurationOutput#scope #scope} => String
634
+ # * {Types::GetConsoleAuthorizationConfigurationOutput#console_authorization_enabled #console_authorization_enabled} => Boolean
635
+ #
636
+ # @example Request syntax with placeholder values
637
+ #
638
+ # resp = client.get_console_authorization_configuration({
639
+ # target_id: "TargetId",
640
+ # })
641
+ #
642
+ # @example Response structure
643
+ #
644
+ # resp.target_id #=> String
645
+ # resp.scope #=> String
646
+ # resp.console_authorization_enabled #=> Boolean
647
+ #
648
+ # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/GetConsoleAuthorizationConfiguration AWS API Documentation
649
+ #
650
+ # @overload get_console_authorization_configuration(params = {})
651
+ # @param [Hash] params ({})
652
+ def get_console_authorization_configuration(params = {}, options = {})
653
+ req = build_request(:get_console_authorization_configuration, params)
654
+ req.send_request(options)
655
+ end
656
+
657
+ # Retrieve the account's consolidated SignIn resource-based policy
658
+ #
659
+ # @return [Types::GetResourcePolicyOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
660
+ #
661
+ # * {Types::GetResourcePolicyOutput#signin_resource_based_policy #signin_resource_based_policy} => Types::SigninResourceBasedPolicy
662
+ #
663
+ # @example Response structure
664
+ #
665
+ # resp.signin_resource_based_policy.version #=> String
666
+ # resp.signin_resource_based_policy.statement #=> Array
667
+ # resp.signin_resource_based_policy.statement[0].effect #=> String
668
+ # resp.signin_resource_based_policy.statement[0].principal #=> Hash
669
+ # resp.signin_resource_based_policy.statement[0].principal["String"] #=> String
670
+ # resp.signin_resource_based_policy.statement[0].action #=> Array
671
+ # resp.signin_resource_based_policy.statement[0].action[0] #=> String
672
+ # resp.signin_resource_based_policy.statement[0].resource #=> String
673
+ # resp.signin_resource_based_policy.statement[0].condition #=> Hash
674
+ # resp.signin_resource_based_policy.statement[0].condition["ConditionType"] #=> Hash
675
+ # resp.signin_resource_based_policy.statement[0].condition["ConditionType"]["String"] #=> Array
676
+ # resp.signin_resource_based_policy.statement[0].condition["ConditionType"]["String"][0] #=> String
677
+ #
678
+ # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/GetResourcePolicy AWS API Documentation
679
+ #
680
+ # @overload get_resource_policy(params = {})
681
+ # @param [Hash] params ({})
682
+ def get_resource_policy(params = {}, options = {})
683
+ req = build_request(:get_resource_policy, params)
684
+ req.send_request(options)
685
+ end
686
+
687
+ # Retrieve all permission statements in the account's SignIn
688
+ # resource-based policy
689
+ #
690
+ # @option params [Integer] :max_results
691
+ # Maximum number of results to return
692
+ #
693
+ # @option params [String] :next_token
694
+ # Token for pagination
695
+ #
696
+ # @return [Types::ListResourcePermissionStatementsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
697
+ #
698
+ # * {Types::ListResourcePermissionStatementsOutput#permission_statements #permission_statements} => Array<Types::PermissionStatementSummary>
699
+ # * {Types::ListResourcePermissionStatementsOutput#next_token #next_token} => String
700
+ #
701
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
702
+ #
703
+ # @example Request syntax with placeholder values
704
+ #
705
+ # resp = client.list_resource_permission_statements({
706
+ # max_results: 1,
707
+ # next_token: "NextToken",
708
+ # })
709
+ #
710
+ # @example Response structure
711
+ #
712
+ # resp.permission_statements #=> Array
713
+ # resp.permission_statements[0].sid #=> String
714
+ # resp.permission_statements[0].condition #=> Hash
715
+ # resp.permission_statements[0].condition["ConditionType"] #=> Hash
716
+ # resp.permission_statements[0].condition["ConditionType"]["String"] #=> Array
717
+ # resp.permission_statements[0].condition["ConditionType"]["String"][0] #=> String
718
+ # resp.next_token #=> String
719
+ #
720
+ # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/ListResourcePermissionStatements AWS API Documentation
721
+ #
722
+ # @overload list_resource_permission_statements(params = {})
723
+ # @param [Hash] params ({})
724
+ def list_resource_permission_statements(params = {}, options = {})
725
+ req = build_request(:list_resource_permission_statements, params)
726
+ req.send_request(options)
727
+ end
728
+
729
+ # Enable console authorization configuration with automatic scope
730
+ # detection
731
+ #
732
+ # @option params [String] :target_id
733
+ # Target account identifier
734
+ #
735
+ # @return [Types::PutConsoleAuthorizationConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
736
+ #
737
+ # * {Types::PutConsoleAuthorizationConfigurationOutput#target_id #target_id} => String
738
+ # * {Types::PutConsoleAuthorizationConfigurationOutput#scope #scope} => String
739
+ # * {Types::PutConsoleAuthorizationConfigurationOutput#console_authorization_enabled #console_authorization_enabled} => Boolean
740
+ #
741
+ # @example Request syntax with placeholder values
742
+ #
743
+ # resp = client.put_console_authorization_configuration({
744
+ # target_id: "TargetId",
745
+ # })
746
+ #
747
+ # @example Response structure
748
+ #
749
+ # resp.target_id #=> String
750
+ # resp.scope #=> String
751
+ # resp.console_authorization_enabled #=> Boolean
752
+ #
753
+ # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/PutConsoleAuthorizationConfiguration AWS API Documentation
754
+ #
755
+ # @overload put_console_authorization_configuration(params = {})
756
+ # @param [Hash] params ({})
757
+ def put_console_authorization_configuration(params = {}, options = {})
758
+ req = build_request(:put_console_authorization_configuration, params)
759
+ req.send_request(options)
760
+ end
761
+
762
+ # Create a permission statement in the account's SignIn resource-based
763
+ # policy
764
+ #
765
+ # @option params [String] :source_vpc
766
+ # VPC identifier to restrict console access
767
+ #
768
+ # @option params [String] :signin_source_vpce
769
+ # SignIn VPC endpoint identifier
770
+ #
771
+ # @option params [String] :console_source_vpce
772
+ # Console VPC endpoint identifier
773
+ #
774
+ # @option params [String] :vpc_source_ip
775
+ # Source IP address within VPC
776
+ #
777
+ # @option params [String] :source_ip
778
+ # Source IP address
779
+ #
780
+ # @option params [String] :requested_region
781
+ # AWS region where the VPC and VPC endpoint reside Required when
782
+ # sourceVpc or signinSourceVpce/consoleSourceVpce is provided
783
+ #
784
+ # @option params [String] :excluded_principal
785
+ # Principal to exclude from the permission statement
786
+ #
787
+ # @option params [String] :client_token
788
+ # Idempotency token for the request
789
+ #
790
+ # **A suitable default value is auto-generated.** You should normally
791
+ # not need to pass this option.**
792
+ #
793
+ # @return [Types::PutResourcePermissionStatementOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
794
+ #
795
+ # * {Types::PutResourcePermissionStatementOutput#statement_id #statement_id} => String
796
+ #
797
+ # @example Request syntax with placeholder values
798
+ #
799
+ # resp = client.put_resource_permission_statement({
800
+ # source_vpc: "SourceVpc",
801
+ # signin_source_vpce: "SourceVpce",
802
+ # console_source_vpce: "SourceVpce",
803
+ # vpc_source_ip: "VpcSourceIp",
804
+ # source_ip: "SourceIp",
805
+ # requested_region: "RequestedRegion",
806
+ # excluded_principal: "ExcludedPrincipal",
807
+ # client_token: "ClientToken",
808
+ # })
809
+ #
810
+ # @example Response structure
811
+ #
812
+ # resp.statement_id #=> String
813
+ #
814
+ # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/PutResourcePermissionStatement AWS API Documentation
815
+ #
816
+ # @overload put_resource_permission_statement(params = {})
817
+ # @param [Hash] params ({})
818
+ def put_resource_permission_statement(params = {}, options = {})
819
+ req = build_request(:put_resource_permission_statement, params)
820
+ req.send_request(options)
821
+ end
822
+
562
823
  # @!endgroup
563
824
 
564
825
  # @param params ({})
@@ -577,7 +838,7 @@ module Aws::Signin
577
838
  tracer: tracer
578
839
  )
579
840
  context[:gem_name] = 'aws-sdk-core'
580
- context[:gem_version] = '3.249.0'
841
+ context[:gem_version] = '3.252.0'
581
842
  Seahorse::Client::Request.new(handlers, context)
582
843
  end
583
844