RubyGems - aws-sdk-core - Versions diffs - 3.46.2 → 3.126.2 - Mend

aws-sdk-core 3.46.2 → 3.126.2

Files changed (206) hide show

checksums.yaml +5 -5
data/CHANGELOG.md +1258 -0
data/LICENSE.txt +202 -0
data/VERSION +1 -1
data/lib/aws-defaults/default_configuration.rb +153 -0
data/lib/aws-defaults/defaults_mode_config_resolver.rb +107 -0
data/lib/aws-defaults.rb +3 -0
data/lib/aws-sdk-core/arn.rb +92 -0
data/lib/aws-sdk-core/arn_parser.rb +40 -0
data/lib/aws-sdk-core/assume_role_credentials.rb +20 -0
data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +109 -0
data/lib/aws-sdk-core/async_client_stubs.rb +82 -0
data/lib/aws-sdk-core/binary/decode_handler.rb +11 -1
data/lib/aws-sdk-core/binary/encode_handler.rb +34 -0
data/lib/aws-sdk-core/binary/event_builder.rb +124 -0
data/lib/aws-sdk-core/binary/event_parser.rb +50 -18
data/lib/aws-sdk-core/binary/event_stream_decoder.rb +7 -2
data/lib/aws-sdk-core/binary/event_stream_encoder.rb +55 -0
data/lib/aws-sdk-core/binary.rb +5 -0
data/lib/aws-sdk-core/client_side_monitoring/publisher.rb +11 -1
data/lib/aws-sdk-core/client_side_monitoring/request_metrics.rb +2 -0
data/lib/aws-sdk-core/client_stubs.rb +16 -13
data/lib/aws-sdk-core/credential_provider.rb +1 -30
data/lib/aws-sdk-core/credential_provider_chain.rb +102 -40
data/lib/aws-sdk-core/credentials.rb +2 -0
data/lib/aws-sdk-core/deprecations.rb +17 -11
data/lib/aws-sdk-core/eager_loader.rb +2 -0
data/lib/aws-sdk-core/ec2_metadata.rb +238 -0
data/lib/aws-sdk-core/ecs_credentials.rb +18 -9
data/lib/aws-sdk-core/endpoint_cache.rb +16 -11
data/lib/aws-sdk-core/errors.rb +138 -15
data/lib/aws-sdk-core/event_emitter.rb +44 -0
data/lib/aws-sdk-core/ini_parser.rb +2 -0
data/lib/aws-sdk-core/instance_profile_credentials.rb +179 -42
data/lib/aws-sdk-core/json/builder.rb +2 -0
data/lib/aws-sdk-core/json/error_handler.rb +21 -2
data/lib/aws-sdk-core/json/handler.rb +21 -1
data/lib/aws-sdk-core/json/json_engine.rb +12 -8
data/lib/aws-sdk-core/json/oj_engine.rb +35 -6
data/lib/aws-sdk-core/json/parser.rb +10 -0
data/lib/aws-sdk-core/json.rb +11 -28
data/lib/aws-sdk-core/log/formatter.rb +16 -4
data/lib/aws-sdk-core/log/handler.rb +2 -0
data/lib/aws-sdk-core/log/param_filter.rb +38 -13
data/lib/aws-sdk-core/log/param_formatter.rb +2 -0
data/lib/aws-sdk-core/pageable_response.rb +48 -24
data/lib/aws-sdk-core/pager.rb +5 -0
data/lib/aws-sdk-core/param_converter.rb +2 -0
data/lib/aws-sdk-core/param_validator.rb +63 -7
data/lib/aws-sdk-core/plugins/api_key.rb +5 -1
data/lib/aws-sdk-core/plugins/apig_authorizer_token.rb +2 -0
data/lib/aws-sdk-core/plugins/apig_credentials_configuration.rb +2 -0
data/lib/aws-sdk-core/plugins/apig_user_agent.rb +2 -0
data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb +28 -1
data/lib/aws-sdk-core/plugins/client_metrics_send_plugin.rb +2 -0
data/lib/aws-sdk-core/plugins/credentials_configuration.rb +26 -7
data/lib/aws-sdk-core/plugins/defaults_mode.rb +40 -0
data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +12 -4
data/lib/aws-sdk-core/plugins/endpoint_pattern.rb +8 -6
data/lib/aws-sdk-core/plugins/event_stream_configuration.rb +16 -0
data/lib/aws-sdk-core/plugins/global_configuration.rb +2 -0
data/lib/aws-sdk-core/plugins/helpful_socket_errors.rb +2 -0
data/lib/aws-sdk-core/plugins/http_checksum.rb +57 -0
data/lib/aws-sdk-core/plugins/idempotency_token.rb +2 -0
data/lib/aws-sdk-core/plugins/invocation_id.rb +35 -0
data/lib/aws-sdk-core/plugins/jsonvalue_converter.rb +2 -0
data/lib/aws-sdk-core/plugins/logging.rb +2 -0
data/lib/aws-sdk-core/plugins/param_converter.rb +2 -0
data/lib/aws-sdk-core/plugins/param_validator.rb +2 -0
data/lib/aws-sdk-core/plugins/protocols/api_gateway.rb +19 -0
data/lib/aws-sdk-core/plugins/protocols/ec2.rb +2 -0
data/lib/aws-sdk-core/plugins/protocols/json_rpc.rb +2 -0
data/lib/aws-sdk-core/plugins/protocols/query.rb +2 -0
data/lib/aws-sdk-core/plugins/protocols/rest_json.rb +18 -1
data/lib/aws-sdk-core/plugins/protocols/rest_xml.rb +2 -0
data/lib/aws-sdk-core/plugins/recursion_detection.rb +27 -0
data/lib/aws-sdk-core/plugins/regional_endpoint.rb +74 -16
data/lib/aws-sdk-core/plugins/response_paging.rb +2 -0
data/lib/aws-sdk-core/plugins/retries/client_rate_limiter.rb +139 -0
data/lib/aws-sdk-core/plugins/retries/clock_skew.rb +100 -0
data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +146 -0
data/lib/aws-sdk-core/plugins/retries/retry_quota.rb +59 -0
data/lib/aws-sdk-core/plugins/retry_errors.rb +295 -107
data/lib/aws-sdk-core/plugins/signature_v2.rb +2 -0
data/lib/aws-sdk-core/plugins/signature_v4.rb +28 -25
data/lib/aws-sdk-core/plugins/stub_responses.rb +24 -7
data/lib/aws-sdk-core/plugins/transfer_encoding.rb +53 -0
data/lib/aws-sdk-core/plugins/user_agent.rb +6 -8
data/lib/aws-sdk-core/process_credentials.rb +12 -5
data/lib/aws-sdk-core/query/ec2_param_builder.rb +2 -0
data/lib/aws-sdk-core/query/handler.rb +2 -0
data/lib/aws-sdk-core/query/param.rb +2 -0
data/lib/aws-sdk-core/query/param_builder.rb +2 -0
data/lib/aws-sdk-core/query/param_list.rb +2 -0
data/lib/aws-sdk-core/query.rb +2 -0
data/lib/aws-sdk-core/refreshing_credentials.rb +15 -2
data/lib/aws-sdk-core/resources/collection.rb +2 -0
data/lib/aws-sdk-core/rest/handler.rb +2 -0
data/lib/aws-sdk-core/rest/request/body.rb +21 -1
data/lib/aws-sdk-core/rest/request/builder.rb +2 -0
data/lib/aws-sdk-core/rest/request/endpoint.rb +10 -3
data/lib/aws-sdk-core/rest/request/headers.rb +20 -6
data/lib/aws-sdk-core/rest/request/querystring_builder.rb +4 -2
data/lib/aws-sdk-core/rest/response/body.rb +2 -0
data/lib/aws-sdk-core/rest/response/headers.rb +6 -3
data/lib/aws-sdk-core/rest/response/parser.rb +2 -0
data/lib/aws-sdk-core/rest/response/status_code.rb +2 -0
data/lib/aws-sdk-core/rest.rb +2 -0
data/lib/aws-sdk-core/shared_config.rb +153 -127
data/lib/aws-sdk-core/shared_credentials.rb +9 -1
data/lib/aws-sdk-core/sso_credentials.rb +136 -0
data/lib/aws-sdk-core/structure.rb +14 -4
data/lib/aws-sdk-core/stubbing/data_applicator.rb +2 -0
data/lib/aws-sdk-core/stubbing/empty_stub.rb +2 -0
data/lib/aws-sdk-core/stubbing/protocols/api_gateway.rb +2 -0
data/lib/aws-sdk-core/stubbing/protocols/ec2.rb +2 -0
data/lib/aws-sdk-core/stubbing/protocols/json.rb +3 -1
data/lib/aws-sdk-core/stubbing/protocols/query.rb +4 -2
data/lib/aws-sdk-core/stubbing/protocols/rest.rb +52 -7
data/lib/aws-sdk-core/stubbing/protocols/rest_json.rb +3 -1
data/lib/aws-sdk-core/stubbing/protocols/rest_xml.rb +2 -2
data/lib/aws-sdk-core/stubbing/stub_data.rb +15 -4
data/lib/aws-sdk-core/stubbing/xml_error.rb +2 -0
data/lib/aws-sdk-core/type_builder.rb +2 -0
data/lib/aws-sdk-core/util.rb +6 -0
data/lib/aws-sdk-core/waiters/errors.rb +2 -0
data/lib/aws-sdk-core/waiters/poller.rb +2 -0
data/lib/aws-sdk-core/waiters/waiter.rb +4 -2
data/lib/aws-sdk-core/waiters.rb +2 -0
data/lib/aws-sdk-core/xml/builder.rb +5 -3
data/lib/aws-sdk-core/xml/default_list.rb +2 -0
data/lib/aws-sdk-core/xml/default_map.rb +2 -0
data/lib/aws-sdk-core/xml/doc_builder.rb +15 -4
data/lib/aws-sdk-core/xml/error_handler.rb +29 -4
data/lib/aws-sdk-core/xml/parser/engines/libxml.rb +2 -0
data/lib/aws-sdk-core/xml/parser/engines/nokogiri.rb +2 -0
data/lib/aws-sdk-core/xml/parser/engines/oga.rb +2 -0
data/lib/aws-sdk-core/xml/parser/engines/ox.rb +3 -1
data/lib/aws-sdk-core/xml/parser/engines/rexml.rb +4 -1
data/lib/aws-sdk-core/xml/parser/frame.rb +25 -0
data/lib/aws-sdk-core/xml/parser/parsing_error.rb +2 -0
data/lib/aws-sdk-core/xml/parser/stack.rb +2 -0
data/lib/aws-sdk-core/xml/parser.rb +7 -0
data/lib/aws-sdk-core/xml.rb +2 -0
data/lib/aws-sdk-core.rb +23 -4
data/lib/aws-sdk-sso/client.rb +568 -0
data/lib/aws-sdk-sso/client_api.rb +190 -0
data/lib/aws-sdk-sso/customizations.rb +1 -0
data/lib/aws-sdk-sso/errors.rb +102 -0
data/lib/aws-sdk-sso/resource.rb +26 -0
data/lib/aws-sdk-sso/types.rb +352 -0
data/lib/aws-sdk-sso.rb +55 -0
data/lib/aws-sdk-sts/client.rb +1282 -531
data/lib/aws-sdk-sts/client_api.rb +76 -1
data/lib/aws-sdk-sts/customizations.rb +4 -0
data/lib/aws-sdk-sts/errors.rb +153 -1
data/lib/aws-sdk-sts/plugins/sts_regional_endpoints.rb +38 -0
data/lib/aws-sdk-sts/presigner.rb +75 -0
data/lib/aws-sdk-sts/resource.rb +4 -1
data/lib/aws-sdk-sts/types.rb +958 -229
data/lib/aws-sdk-sts.rb +16 -6
data/lib/seahorse/client/async_base.rb +52 -0
data/lib/seahorse/client/async_response.rb +64 -0
data/lib/seahorse/client/base.rb +7 -2
data/lib/seahorse/client/block_io.rb +6 -2
data/lib/seahorse/client/configuration.rb +7 -1
data/lib/seahorse/client/events.rb +3 -1
data/lib/seahorse/client/h2/connection.rb +250 -0
data/lib/seahorse/client/h2/handler.rb +152 -0
data/lib/seahorse/client/handler.rb +2 -0
data/lib/seahorse/client/handler_builder.rb +2 -0
data/lib/seahorse/client/handler_list.rb +2 -0
data/lib/seahorse/client/handler_list_entry.rb +6 -4
data/lib/seahorse/client/http/async_response.rb +44 -0
data/lib/seahorse/client/http/headers.rb +2 -0
data/lib/seahorse/client/http/request.rb +5 -3
data/lib/seahorse/client/http/response.rb +18 -11
data/lib/seahorse/client/logging/formatter.rb +6 -2
data/lib/seahorse/client/logging/handler.rb +2 -0
data/lib/seahorse/client/managed_file.rb +2 -0
data/lib/seahorse/client/net_http/connection_pool.rb +30 -23
data/lib/seahorse/client/net_http/handler.rb +24 -7
data/lib/seahorse/client/net_http/patches.rb +15 -84
data/lib/seahorse/client/networking_error.rb +30 -0
data/lib/seahorse/client/plugin.rb +10 -7
data/lib/seahorse/client/plugin_list.rb +2 -0
data/lib/seahorse/client/plugins/content_length.rb +14 -3
data/lib/seahorse/client/plugins/endpoint.rb +4 -2
data/lib/seahorse/client/plugins/h2.rb +69 -0
data/lib/seahorse/client/plugins/logging.rb +2 -0
data/lib/seahorse/client/plugins/net_http.rb +39 -3
data/lib/seahorse/client/plugins/operation_methods.rb +2 -0
data/lib/seahorse/client/plugins/raise_response_errors.rb +2 -0
data/lib/seahorse/client/plugins/request_callback.rb +110 -0
data/lib/seahorse/client/plugins/response_target.rb +23 -14
data/lib/seahorse/client/request.rb +2 -0
data/lib/seahorse/client/request_context.rb +2 -0
data/lib/seahorse/client/response.rb +5 -5
data/lib/seahorse/model/api.rb +10 -0
data/lib/seahorse/model/authorizer.rb +2 -0
data/lib/seahorse/model/operation.rb +9 -0
data/lib/seahorse/model/shapes.rb +29 -2
data/lib/seahorse/util.rb +8 -1
data/lib/seahorse/version.rb +2 -0
data/lib/seahorse.rb +12 -0
metadata +64 -14

data/lib/aws-sdk-sts/client_api.rb CHANGED Viewed

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:
-# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
 #
 # WARNING ABOUT GENERATED CODE
@@ -24,6 +26,8 @@ module Aws::STS
     DecodeAuthorizationMessageResponse = Shapes::StructureShape.new(name: 'DecodeAuthorizationMessageResponse')
     ExpiredTokenException = Shapes::StructureShape.new(name: 'ExpiredTokenException')
     FederatedUser = Shapes::StructureShape.new(name: 'FederatedUser')
+    GetAccessKeyInfoRequest = Shapes::StructureShape.new(name: 'GetAccessKeyInfoRequest')
+    GetAccessKeyInfoResponse = Shapes::StructureShape.new(name: 'GetAccessKeyInfoResponse')
     GetCallerIdentityRequest = Shapes::StructureShape.new(name: 'GetCallerIdentityRequest')
     GetCallerIdentityResponse = Shapes::StructureShape.new(name: 'GetCallerIdentityResponse')
     GetFederationTokenRequest = Shapes::StructureShape.new(name: 'GetFederationTokenRequest')
@@ -38,10 +42,12 @@ module Aws::STS
     MalformedPolicyDocumentException = Shapes::StructureShape.new(name: 'MalformedPolicyDocumentException')
     NameQualifier = Shapes::StringShape.new(name: 'NameQualifier')
     PackedPolicyTooLargeException = Shapes::StructureShape.new(name: 'PackedPolicyTooLargeException')
+    PolicyDescriptorType = Shapes::StructureShape.new(name: 'PolicyDescriptorType')
     RegionDisabledException = Shapes::StructureShape.new(name: 'RegionDisabledException')
     SAMLAssertionType = Shapes::StringShape.new(name: 'SAMLAssertionType')
     Subject = Shapes::StringShape.new(name: 'Subject')
     SubjectType = Shapes::StringShape.new(name: 'SubjectType')
+    Tag = Shapes::StructureShape.new(name: 'Tag')
     accessKeyIdType = Shapes::StringShape.new(name: 'accessKeyIdType')
     accessKeySecretType = Shapes::StringShape.new(name: 'accessKeySecretType')
     accountType = Shapes::StringShape.new(name: 'accountType')
@@ -62,11 +68,17 @@ module Aws::STS
     malformedPolicyDocumentMessage = Shapes::StringShape.new(name: 'malformedPolicyDocumentMessage')
     nonNegativeIntegerType = Shapes::IntegerShape.new(name: 'nonNegativeIntegerType')
     packedPolicyTooLargeMessage = Shapes::StringShape.new(name: 'packedPolicyTooLargeMessage')
+    policyDescriptorListType = Shapes::ListShape.new(name: 'policyDescriptorListType')
     regionDisabledMessage = Shapes::StringShape.new(name: 'regionDisabledMessage')
     roleDurationSecondsType = Shapes::IntegerShape.new(name: 'roleDurationSecondsType')
     roleSessionNameType = Shapes::StringShape.new(name: 'roleSessionNameType')
     serialNumberType = Shapes::StringShape.new(name: 'serialNumberType')
     sessionPolicyDocumentType = Shapes::StringShape.new(name: 'sessionPolicyDocumentType')
+    sourceIdentityType = Shapes::StringShape.new(name: 'sourceIdentityType')
+    tagKeyListType = Shapes::ListShape.new(name: 'tagKeyListType')
+    tagKeyType = Shapes::StringShape.new(name: 'tagKeyType')
+    tagListType = Shapes::ListShape.new(name: 'tagListType')
+    tagValueType = Shapes::StringShape.new(name: 'tagValueType')
     tokenCodeType = Shapes::StringShape.new(name: 'tokenCodeType')
     tokenType = Shapes::StringShape.new(name: 'tokenType')
     urlType = Shapes::StringShape.new(name: 'urlType')
@@ -76,21 +88,27 @@ module Aws::STS
     AssumeRoleRequest.add_member(:role_arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "RoleArn"))
     AssumeRoleRequest.add_member(:role_session_name, Shapes::ShapeRef.new(shape: roleSessionNameType, required: true, location_name: "RoleSessionName"))
+    AssumeRoleRequest.add_member(:policy_arns, Shapes::ShapeRef.new(shape: policyDescriptorListType, location_name: "PolicyArns"))
     AssumeRoleRequest.add_member(:policy, Shapes::ShapeRef.new(shape: sessionPolicyDocumentType, location_name: "Policy"))
     AssumeRoleRequest.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: roleDurationSecondsType, location_name: "DurationSeconds"))
+    AssumeRoleRequest.add_member(:tags, Shapes::ShapeRef.new(shape: tagListType, location_name: "Tags"))
+    AssumeRoleRequest.add_member(:transitive_tag_keys, Shapes::ShapeRef.new(shape: tagKeyListType, location_name: "TransitiveTagKeys"))
     AssumeRoleRequest.add_member(:external_id, Shapes::ShapeRef.new(shape: externalIdType, location_name: "ExternalId"))
     AssumeRoleRequest.add_member(:serial_number, Shapes::ShapeRef.new(shape: serialNumberType, location_name: "SerialNumber"))
     AssumeRoleRequest.add_member(:token_code, Shapes::ShapeRef.new(shape: tokenCodeType, location_name: "TokenCode"))
+    AssumeRoleRequest.add_member(:source_identity, Shapes::ShapeRef.new(shape: sourceIdentityType, location_name: "SourceIdentity"))
     AssumeRoleRequest.struct_class = Types::AssumeRoleRequest
     AssumeRoleResponse.add_member(:credentials, Shapes::ShapeRef.new(shape: Credentials, location_name: "Credentials"))
     AssumeRoleResponse.add_member(:assumed_role_user, Shapes::ShapeRef.new(shape: AssumedRoleUser, location_name: "AssumedRoleUser"))
     AssumeRoleResponse.add_member(:packed_policy_size, Shapes::ShapeRef.new(shape: nonNegativeIntegerType, location_name: "PackedPolicySize"))
+    AssumeRoleResponse.add_member(:source_identity, Shapes::ShapeRef.new(shape: sourceIdentityType, location_name: "SourceIdentity"))
     AssumeRoleResponse.struct_class = Types::AssumeRoleResponse
     AssumeRoleWithSAMLRequest.add_member(:role_arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "RoleArn"))
     AssumeRoleWithSAMLRequest.add_member(:principal_arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "PrincipalArn"))
     AssumeRoleWithSAMLRequest.add_member(:saml_assertion, Shapes::ShapeRef.new(shape: SAMLAssertionType, required: true, location_name: "SAMLAssertion"))
+    AssumeRoleWithSAMLRequest.add_member(:policy_arns, Shapes::ShapeRef.new(shape: policyDescriptorListType, location_name: "PolicyArns"))
     AssumeRoleWithSAMLRequest.add_member(:policy, Shapes::ShapeRef.new(shape: sessionPolicyDocumentType, location_name: "Policy"))
     AssumeRoleWithSAMLRequest.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: roleDurationSecondsType, location_name: "DurationSeconds"))
     AssumeRoleWithSAMLRequest.struct_class = Types::AssumeRoleWithSAMLRequest
@@ -103,12 +121,14 @@ module Aws::STS
     AssumeRoleWithSAMLResponse.add_member(:issuer, Shapes::ShapeRef.new(shape: Issuer, location_name: "Issuer"))
     AssumeRoleWithSAMLResponse.add_member(:audience, Shapes::ShapeRef.new(shape: Audience, location_name: "Audience"))
     AssumeRoleWithSAMLResponse.add_member(:name_qualifier, Shapes::ShapeRef.new(shape: NameQualifier, location_name: "NameQualifier"))
+    AssumeRoleWithSAMLResponse.add_member(:source_identity, Shapes::ShapeRef.new(shape: sourceIdentityType, location_name: "SourceIdentity"))
     AssumeRoleWithSAMLResponse.struct_class = Types::AssumeRoleWithSAMLResponse
     AssumeRoleWithWebIdentityRequest.add_member(:role_arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "RoleArn"))
     AssumeRoleWithWebIdentityRequest.add_member(:role_session_name, Shapes::ShapeRef.new(shape: roleSessionNameType, required: true, location_name: "RoleSessionName"))
     AssumeRoleWithWebIdentityRequest.add_member(:web_identity_token, Shapes::ShapeRef.new(shape: clientTokenType, required: true, location_name: "WebIdentityToken"))
     AssumeRoleWithWebIdentityRequest.add_member(:provider_id, Shapes::ShapeRef.new(shape: urlType, location_name: "ProviderId"))
+    AssumeRoleWithWebIdentityRequest.add_member(:policy_arns, Shapes::ShapeRef.new(shape: policyDescriptorListType, location_name: "PolicyArns"))
     AssumeRoleWithWebIdentityRequest.add_member(:policy, Shapes::ShapeRef.new(shape: sessionPolicyDocumentType, location_name: "Policy"))
     AssumeRoleWithWebIdentityRequest.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: roleDurationSecondsType, location_name: "DurationSeconds"))
     AssumeRoleWithWebIdentityRequest.struct_class = Types::AssumeRoleWithWebIdentityRequest
@@ -119,6 +139,7 @@ module Aws::STS
     AssumeRoleWithWebIdentityResponse.add_member(:packed_policy_size, Shapes::ShapeRef.new(shape: nonNegativeIntegerType, location_name: "PackedPolicySize"))
     AssumeRoleWithWebIdentityResponse.add_member(:provider, Shapes::ShapeRef.new(shape: Issuer, location_name: "Provider"))
     AssumeRoleWithWebIdentityResponse.add_member(:audience, Shapes::ShapeRef.new(shape: Audience, location_name: "Audience"))
+    AssumeRoleWithWebIdentityResponse.add_member(:source_identity, Shapes::ShapeRef.new(shape: sourceIdentityType, location_name: "SourceIdentity"))
     AssumeRoleWithWebIdentityResponse.struct_class = Types::AssumeRoleWithWebIdentityResponse
     AssumedRoleUser.add_member(:assumed_role_id, Shapes::ShapeRef.new(shape: assumedRoleIdType, required: true, location_name: "AssumedRoleId"))
@@ -137,10 +158,19 @@ module Aws::STS
     DecodeAuthorizationMessageResponse.add_member(:decoded_message, Shapes::ShapeRef.new(shape: decodedMessageType, location_name: "DecodedMessage"))
     DecodeAuthorizationMessageResponse.struct_class = Types::DecodeAuthorizationMessageResponse
+    ExpiredTokenException.add_member(:message, Shapes::ShapeRef.new(shape: expiredIdentityTokenMessage, location_name: "message"))
+    ExpiredTokenException.struct_class = Types::ExpiredTokenException
     FederatedUser.add_member(:federated_user_id, Shapes::ShapeRef.new(shape: federatedIdType, required: true, location_name: "FederatedUserId"))
     FederatedUser.add_member(:arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "Arn"))
     FederatedUser.struct_class = Types::FederatedUser
+    GetAccessKeyInfoRequest.add_member(:access_key_id, Shapes::ShapeRef.new(shape: accessKeyIdType, required: true, location_name: "AccessKeyId"))
+    GetAccessKeyInfoRequest.struct_class = Types::GetAccessKeyInfoRequest
+    GetAccessKeyInfoResponse.add_member(:account, Shapes::ShapeRef.new(shape: accountType, location_name: "Account"))
+    GetAccessKeyInfoResponse.struct_class = Types::GetAccessKeyInfoResponse
     GetCallerIdentityRequest.struct_class = Types::GetCallerIdentityRequest
     GetCallerIdentityResponse.add_member(:user_id, Shapes::ShapeRef.new(shape: userIdType, location_name: "UserId"))
@@ -150,7 +180,9 @@ module Aws::STS
     GetFederationTokenRequest.add_member(:name, Shapes::ShapeRef.new(shape: userNameType, required: true, location_name: "Name"))
     GetFederationTokenRequest.add_member(:policy, Shapes::ShapeRef.new(shape: sessionPolicyDocumentType, location_name: "Policy"))
+    GetFederationTokenRequest.add_member(:policy_arns, Shapes::ShapeRef.new(shape: policyDescriptorListType, location_name: "PolicyArns"))
     GetFederationTokenRequest.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: durationSecondsType, location_name: "DurationSeconds"))
+    GetFederationTokenRequest.add_member(:tags, Shapes::ShapeRef.new(shape: tagListType, location_name: "Tags"))
     GetFederationTokenRequest.struct_class = Types::GetFederationTokenRequest
     GetFederationTokenResponse.add_member(:credentials, Shapes::ShapeRef.new(shape: Credentials, location_name: "Credentials"))
@@ -166,6 +198,40 @@ module Aws::STS
     GetSessionTokenResponse.add_member(:credentials, Shapes::ShapeRef.new(shape: Credentials, location_name: "Credentials"))
     GetSessionTokenResponse.struct_class = Types::GetSessionTokenResponse
+    IDPCommunicationErrorException.add_member(:message, Shapes::ShapeRef.new(shape: idpCommunicationErrorMessage, location_name: "message"))
+    IDPCommunicationErrorException.struct_class = Types::IDPCommunicationErrorException
+    IDPRejectedClaimException.add_member(:message, Shapes::ShapeRef.new(shape: idpRejectedClaimMessage, location_name: "message"))
+    IDPRejectedClaimException.struct_class = Types::IDPRejectedClaimException
+    InvalidAuthorizationMessageException.add_member(:message, Shapes::ShapeRef.new(shape: invalidAuthorizationMessage, location_name: "message"))
+    InvalidAuthorizationMessageException.struct_class = Types::InvalidAuthorizationMessageException
+    InvalidIdentityTokenException.add_member(:message, Shapes::ShapeRef.new(shape: invalidIdentityTokenMessage, location_name: "message"))
+    InvalidIdentityTokenException.struct_class = Types::InvalidIdentityTokenException
+    MalformedPolicyDocumentException.add_member(:message, Shapes::ShapeRef.new(shape: malformedPolicyDocumentMessage, location_name: "message"))
+    MalformedPolicyDocumentException.struct_class = Types::MalformedPolicyDocumentException
+    PackedPolicyTooLargeException.add_member(:message, Shapes::ShapeRef.new(shape: packedPolicyTooLargeMessage, location_name: "message"))
+    PackedPolicyTooLargeException.struct_class = Types::PackedPolicyTooLargeException
+    PolicyDescriptorType.add_member(:arn, Shapes::ShapeRef.new(shape: arnType, location_name: "arn"))
+    PolicyDescriptorType.struct_class = Types::PolicyDescriptorType
+    RegionDisabledException.add_member(:message, Shapes::ShapeRef.new(shape: regionDisabledMessage, location_name: "message"))
+    RegionDisabledException.struct_class = Types::RegionDisabledException
+    Tag.add_member(:key, Shapes::ShapeRef.new(shape: tagKeyType, required: true, location_name: "Key"))
+    Tag.add_member(:value, Shapes::ShapeRef.new(shape: tagValueType, required: true, location_name: "Value"))
+    Tag.struct_class = Types::Tag
+    policyDescriptorListType.member = Shapes::ShapeRef.new(shape: PolicyDescriptorType)
+    tagKeyListType.member = Shapes::ShapeRef.new(shape: tagKeyType)
+    tagListType.member = Shapes::ShapeRef.new(shape: Tag)
     # @api private
     API = Seahorse::Model::Api.new.tap do |api|
@@ -194,6 +260,7 @@ module Aws::STS
         o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
         o.errors << Shapes::ShapeRef.new(shape: PackedPolicyTooLargeException)
         o.errors << Shapes::ShapeRef.new(shape: RegionDisabledException)
+        o.errors << Shapes::ShapeRef.new(shape: ExpiredTokenException)
       end)
       api.add_operation(:assume_role_with_saml, Seahorse::Model::Operation.new.tap do |o|
@@ -236,6 +303,14 @@ module Aws::STS
         o.errors << Shapes::ShapeRef.new(shape: InvalidAuthorizationMessageException)
       end)
+      api.add_operation(:get_access_key_info, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetAccessKeyInfo"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: GetAccessKeyInfoRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetAccessKeyInfoResponse)
+      end)
       api.add_operation(:get_caller_identity, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetCallerIdentity"
         o.http_method = "POST"

data/lib/aws-sdk-sts/customizations.rb CHANGED Viewed

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+# utility classes
+require 'aws-sdk-sts/presigner'

data/lib/aws-sdk-sts/errors.rb CHANGED Viewed

@@ -1,14 +1,166 @@
+# frozen_string_literal: true
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:
-# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
 #
 # WARNING ABOUT GENERATED CODE
 module Aws::STS
+  # When STS returns an error response, the Ruby SDK constructs and raises an error.
+  # These errors all extend Aws::STS::Errors::ServiceError < {Aws::Errors::ServiceError}
+  #
+  # You can rescue all STS errors using ServiceError:
+  #
+  #     begin
+  #       # do stuff
+  #     rescue Aws::STS::Errors::ServiceError
+  #       # rescues all STS API errors
+  #     end
+  #
+  #
+  # ## Request Context
+  # ServiceError objects have a {Aws::Errors::ServiceError#context #context} method that returns
+  # information about the request that generated the error.
+  # See {Seahorse::Client::RequestContext} for more information.
+  #
+  # ## Error Classes
+  # * {ExpiredTokenException}
+  # * {IDPCommunicationErrorException}
+  # * {IDPRejectedClaimException}
+  # * {InvalidAuthorizationMessageException}
+  # * {InvalidIdentityTokenException}
+  # * {MalformedPolicyDocumentException}
+  # * {PackedPolicyTooLargeException}
+  # * {RegionDisabledException}
+  #
+  # Additionally, error classes are dynamically generated for service errors based on the error code
+  # if they are not defined above.
   module Errors
     extend Aws::Errors::DynamicErrors
+    class ExpiredTokenException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::ExpiredTokenException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+    class IDPCommunicationErrorException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::IDPCommunicationErrorException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+    class IDPRejectedClaimException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::IDPRejectedClaimException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+    class InvalidAuthorizationMessageException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::InvalidAuthorizationMessageException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+    class InvalidIdentityTokenException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::InvalidIdentityTokenException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+    class MalformedPolicyDocumentException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::MalformedPolicyDocumentException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+    class PackedPolicyTooLargeException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::PackedPolicyTooLargeException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+    class RegionDisabledException < ServiceError
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::RegionDisabledException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
   end
 end

data/lib/aws-sdk-sts/plugins/sts_regional_endpoints.rb ADDED Viewed

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+module Aws
+  module STS
+    module Plugins
+      class STSRegionalEndpoints < Seahorse::Client::Plugin
+        option(:sts_regional_endpoints,
+          default: 'regional',
+          doc_type: String,
+          docstring: <<-DOCS) do |cfg|
+Passing in 'regional' to enable regional endpoint for STS for all supported
+regions (except 'aws-global'). Using 'legacy' mode will force all legacy
+regions to resolve to the STS global endpoint.
+          DOCS
+          resolve_sts_regional_endpoints(cfg)
+        end
+        private
+        def self.resolve_sts_regional_endpoints(cfg)
+          env_mode = ENV['AWS_STS_REGIONAL_ENDPOINTS']
+          env_mode = nil if env_mode == ''
+          cfg_mode = Aws.shared_config.sts_regional_endpoints(
+            profile: cfg.profile)
+          default_mode_value =
+            if cfg.respond_to?(:defaults_mode_config_resolver)
+              cfg.defaults_mode_config_resolver.resolve(:sts_regional_endpoints)
+            end
+          env_mode || cfg_mode || default_mode_value || 'regional'
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-sts/presigner.rb ADDED Viewed

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+require 'aws-sigv4'
+module Aws
+  module STS
+    # Allows you to create presigned URLs for STS operations.
+    #
+    # @example
+    #
+    #   signer = Aws::STS::Presigner.new
+    #   url = signer.get_caller_identity_presigned_url(
+    #     headers: {"X-K8s-Aws-Id" => 'my-eks-cluster'}
+    #   )
+    class Presigner
+      # @option options [Client] :client Optionally provide an existing
+      #   STS client
+      def initialize(options = {})
+        @client = options[:client] || Aws::STS::Client.new
+      end
+      # Returns a presigned url for get_caller_identity.
+      #
+      # @option options [Hash] :headers
+      #   Headers that should be signed and sent along with the request. All
+      #   x-amz-* headers must be present during signing. Other headers are
+      #   optional.
+      #
+      # @return [String] A presigned url string.
+      #
+      # @example
+      #
+      #   url = signer.get_caller_identity_presigned_url(
+      #     headers: {"X-K8s-Aws-Id" => 'my-eks-cluster'},
+      #   )
+      #
+      # This can be easily converted to a token used by the EKS service:
+      # {https://ruby-doc.org/stdlib-2.3.1/libdoc/base64/rdoc/Base64.html#method-i-encode64}
+      # "k8s-aws-v1." + Base64.urlsafe_encode64(url).chomp("==")
+      def get_caller_identity_presigned_url(options = {})
+        req = @client.build_request(:get_session_token, {})
+        param_list = Aws::Query::ParamList.new
+        param_list.set('Action', 'GetCallerIdentity')
+        param_list.set('Version', req.context.config.api.version)
+        Aws::Query::EC2ParamBuilder.new(param_list)
+          .apply(req.context.operation.input, {})
+        signer = Aws::Sigv4::Signer.new(
+          service: 'sts',
+          region: req.context.config.region,
+          credentials_provider: req.context.config.credentials
+        )
+        url = Aws::Partitions::EndpointProvider.resolve(
+          req.context.config.region,
+          'sts',
+          req.context.config.sts_regional_endpoints,
+          {
+            dualstack: req.context.config.use_dualstack_endpoint,
+            fips: req.context.config.use_fips_endpoint
+          }
+        )
+        url += "/?#{param_list}"
+        signer.presign_url(
+          http_method: 'GET',
+          url: url,
+          body: '',
+          headers: options[:headers]
+        ).to_s
+      end
+    end
+  end
+end

data/lib/aws-sdk-sts/resource.rb CHANGED Viewed

@@ -1,11 +1,14 @@
+# frozen_string_literal: true
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:
-# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
 #
 # WARNING ABOUT GENERATED CODE
 module Aws::STS
   class Resource
     # @param options ({})