aws-sdk-core 3.54.2 → 3.75.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 957c22992e76e2f143a965bd0ec0b377f9ad95ac
4
- data.tar.gz: a2aae223f15b9a3d0df478ce8eabd8b8a48136b8
3
+ metadata.gz: 194df940a18e57a3fbf75e09c42328b35988c17e
4
+ data.tar.gz: fa8cf2d891ba162504b4a7cee3708fcca2078691
5
5
  SHA512:
6
- metadata.gz: e35f246d2a7ffa5789ec88035a55e4b6def9e99322f9560b53d70c21acfd34b11a6f0e248d8063af33e4d59a4c1a50f905d84434c35c99873b6093a4da9c64bb
7
- data.tar.gz: 6e1ad990cd9343153d41a8f92f8f4801eb703504e4ec23da383496ebc2d994f448f85a30b11ad5726946bbbc7f2512897e569c3efc9383af672b998c2b925377
6
+ metadata.gz: 2000eaec703020824d47772c672bc3465cc0a41b060455b7bec2dcdee009f44568c60417a378d5fd3d5981cd84767a1a5c46af7d78f0b211f43335e0a9e3d5ee
7
+ data.tar.gz: a5162ca9178f3333608650761ffa90e5dadace299da423ecbc7ce63bd16c45f513c563a44fcdc73bd0ffbd34bc96905a1184c1ee6f9b0b7d582e25630a475bee
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.54.2
1
+ 3.75.0
@@ -0,0 +1,101 @@
1
+ require 'set'
2
+ require 'securerandom'
3
+ require 'base64'
4
+
5
+ module Aws
6
+
7
+ # An auto-refreshing credential provider that works by assuming
8
+ # a role via {Aws::STS::Client#assume_role_with_web_identity}.
9
+ #
10
+ # role_credentials = Aws::AssumeRoleWebIdentityCredentials.new(
11
+ # client: Aws::STS::Client.new(...),
12
+ # role_arn: "linked::account::arn",
13
+ # web_identity_token_file: "/path/to/token/file",
14
+ # role_session_name: "session-name"
15
+ # ...
16
+ # )
17
+ # For full list of parameters accepted
18
+ # @see Aws::STS::Client#assume_role_with_web_identity
19
+ #
20
+ #
21
+ # If you omit `:client` option, a new {STS::Client} object will be
22
+ # constructed.
23
+ class AssumeRoleWebIdentityCredentials
24
+
25
+ include CredentialProvider
26
+ include RefreshingCredentials
27
+
28
+ # @option options [required, String] :role_arn the IAM role
29
+ # to be assumed
30
+ #
31
+ # @option options [required, String] :web_identity_token_file
32
+ # absolute path to the file on disk containing OIDC token
33
+ #
34
+ # @option options [String] :role_session_name the IAM session
35
+ # name used to distinguish session, when not provided, base64
36
+ # encoded UUID is generated as the session name
37
+ #
38
+ # @option options [STS::Client] :client
39
+ def initialize(options = {})
40
+ client_opts = {}
41
+ @assume_role_web_identity_params = {}
42
+ @token_file = options.delete(:web_identity_token_file)
43
+ options.each_pair do |key, value|
44
+ if self.class.assume_role_web_identity_options.include?(key)
45
+ @assume_role_web_identity_params[key] = value
46
+ else
47
+ client_opts[key] = value
48
+ end
49
+ end
50
+
51
+ unless @assume_role_web_identity_params[:role_session_name]
52
+ # not provided, generate encoded UUID as session name
53
+ @assume_role_web_identity_params[:role_session_name] = _session_name
54
+ end
55
+ @client = client_opts[:client] || STS::Client.new(client_opts.merge(credentials: false))
56
+ super
57
+ end
58
+
59
+ # @return [STS::Client]
60
+ attr_reader :client
61
+
62
+ private
63
+
64
+ def refresh
65
+ # read from token file everytime it refreshes
66
+ @assume_role_web_identity_params[:web_identity_token] = _token_from_file(@token_file)
67
+
68
+ c = @client.assume_role_with_web_identity(
69
+ @assume_role_web_identity_params).credentials
70
+ @credentials = Credentials.new(
71
+ c.access_key_id,
72
+ c.secret_access_key,
73
+ c.session_token
74
+ )
75
+ @expiration = c.expiration
76
+ end
77
+
78
+ def _token_from_file(path)
79
+ unless path && File.exist?(path)
80
+ raise Aws::Errors::MissingWebIdentityTokenFile.new
81
+ end
82
+ File.read(path)
83
+ end
84
+
85
+ def _session_name
86
+ Base64.strict_encode64(SecureRandom.uuid)
87
+ end
88
+
89
+ class << self
90
+
91
+ # @api private
92
+ def assume_role_web_identity_options
93
+ @arwio ||= begin
94
+ input = STS::Client.api.operation(:assume_role_with_web_identity).input
95
+ Set.new(input.shape.member_names)
96
+ end
97
+ end
98
+
99
+ end
100
+ end
101
+ end
@@ -6,8 +6,10 @@ module Aws
6
6
  # @api private
7
7
  class Publisher
8
8
  attr_reader :agent_port
9
+ attr_reader :agent_host
9
10
 
10
11
  def initialize(opts = {})
12
+ @agent_host = opts[:agent_host] || "127.0.0.1"
11
13
  @agent_port = opts[:agent_port]
12
14
  @mutex = Mutex.new
13
15
  end
@@ -18,6 +20,12 @@ module Aws
18
20
  end
19
21
  end
20
22
 
23
+ def agent_host=(value)
24
+ @mutex.synchronize do
25
+ @agent_host = value
26
+ end
27
+ end
28
+
21
29
  def publish(request_metrics)
22
30
  send_datagram(request_metrics.api_call.to_json)
23
31
  request_metrics.api_call_attempts.each do |attempt|
@@ -29,7 +37,7 @@ module Aws
29
37
  if @agent_port
30
38
  socket = UDPSocket.new
31
39
  begin
32
- socket.connect("127.0.0.1", @agent_port)
40
+ socket.connect(@agent_host, @agent_port)
33
41
  socket.send(msg, 0)
34
42
  rescue Errno::ECONNREFUSED
35
43
  # Drop on the floor
@@ -1,10 +1,6 @@
1
- require_relative 'deprecations'
2
-
3
1
  module Aws
4
2
  module CredentialProvider
5
3
 
6
- extend Deprecations
7
-
8
4
  # @return [Credentials]
9
5
  attr_reader :credentials
10
6
 
@@ -13,32 +9,5 @@ module Aws
13
9
  !!credentials && credentials.set?
14
10
  end
15
11
 
16
- # @deprecated Deprecated in 2.1.0. This method is subject to errors
17
- # from a race condition when called against refreshable credential
18
- # objects. Will be removed in 2.2.0.
19
- # @see #credentials
20
- def access_key_id
21
- credentials ? credentials.access_key_id : nil
22
- end
23
- deprecated(:access_key_id, use: '#credentials')
24
-
25
- # @deprecated Deprecated in 2.1.0. This method is subject to errors
26
- # from a race condition when called against refreshable credential
27
- # objects. Will be removed in 2.2.0.
28
- # @see #credentials
29
- def secret_access_key
30
- credentials ? credentials.secret_access_key : nil
31
- end
32
- deprecated(:secret_access_key, use: '#credentials')
33
-
34
- # @deprecated Deprecated in 2.1.0. This method is subject to errors
35
- # from a race condition when called against refreshable credential
36
- # objects. Will be removed in 2.2.0.
37
- # @see #credentials
38
- def session_token
39
- credentials ? credentials.session_token : nil
40
- end
41
- deprecated(:session_token, use: '#credentials')
42
-
43
12
  end
44
13
  end
@@ -21,6 +21,7 @@ module Aws
21
21
  [
22
22
  [:static_credentials, {}],
23
23
  [:env_credentials, {}],
24
+ [:assume_role_web_identity_credentials, {}],
24
25
  [:assume_role_credentials, {}],
25
26
  [:shared_credentials, {}],
26
27
  [:process_credentials, {}],
@@ -59,22 +60,20 @@ module Aws
59
60
  nil
60
61
  end
61
62
 
63
+ def determine_profile_name(options)
64
+ (options[:config] && options[:config].profile) || ENV['AWS_PROFILE'] || ENV['AWS_DEFAULT_PROFILE'] || 'default'
65
+ end
66
+
62
67
  def shared_credentials(options)
63
- if options[:config]
64
- SharedCredentials.new(profile_name: options[:config].profile)
65
- else
66
- SharedCredentials.new(
67
- profile_name: ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE'])
68
- end
68
+ profile_name = determine_profile_name(options)
69
+ SharedCredentials.new(profile_name: profile_name)
69
70
  rescue Errors::NoSuchProfileError
70
71
  nil
71
72
  end
72
73
 
73
74
  def process_credentials(options)
74
- profile_name = options[:config].profile if options[:config]
75
- profile_name ||= ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE']
76
-
77
75
  config = Aws.shared_config
76
+ profile_name = determine_profile_name(options)
78
77
  if config.config_enabled? && process_provider = config.credentials_process(profile_name)
79
78
  ProcessCredentials.new(process_provider)
80
79
  else
@@ -86,13 +85,23 @@ module Aws
86
85
 
87
86
  def assume_role_credentials(options)
88
87
  if Aws.shared_config.config_enabled?
89
- profile, region = nil, nil
90
- if options[:config]
91
- profile = options[:config].profile
92
- region = options[:config].region
93
- assume_role_with_profile(options[:config].profile, options[:config].region)
94
- end
95
- assume_role_with_profile(profile, region)
88
+ assume_role_with_profile(options)
89
+ else
90
+ nil
91
+ end
92
+ end
93
+
94
+ def assume_role_web_identity_credentials(options)
95
+ if (role_arn = ENV['AWS_ROLE_ARN']) &&
96
+ (token_file = ENV['AWS_WEB_IDENTITY_TOKEN_FILE'])
97
+ AssumeRoleWebIdentityCredentials.new(
98
+ role_arn: role_arn,
99
+ web_identity_token_file: token_file,
100
+ role_session_name: ENV['AWS_ROLE_SESSION_NAME']
101
+ )
102
+ elsif Aws.shared_config.config_enabled?
103
+ profile = options[:config].profile if options[:config]
104
+ Aws.shared_config.assume_role_web_identity_credentials_from_config(profile)
96
105
  else
97
106
  nil
98
107
  end
@@ -106,9 +115,11 @@ module Aws
106
115
  end
107
116
  end
108
117
 
109
- def assume_role_with_profile(prof, region)
118
+ def assume_role_with_profile(options)
119
+ profile_name = determine_profile_name(options)
120
+ region = (options[:config] && options[:config].region)
110
121
  Aws.shared_config.assume_role_credentials_from_config(
111
- profile: prof,
122
+ profile: profile_name,
112
123
  region: region,
113
124
  chain_config: @config
114
125
  )
@@ -35,33 +35,39 @@ module Aws
35
35
  # @api private
36
36
  module Deprecations
37
37
 
38
- # @param [Symbol] method_name The name of the deprecated method.
38
+ # @param [Symbol] method The name of the deprecated method.
39
39
  #
40
40
  # @option options [String] :message The warning message to issue
41
41
  # when the deprecated method is called.
42
42
  #
43
- # @option options [Symbol] :use The name of an use
44
- # method that should be used.
43
+ # @option options [String] :use The name of a method that should be used.
45
44
  #
46
- def deprecated(method_name, options = {})
45
+ # @option options [String] :version The version that will remove the
46
+ # deprecated method.
47
+ #
48
+ def deprecated(method, options = {})
47
49
 
48
50
  deprecation_msg = options[:message] || begin
49
- msg = "DEPRECATION WARNING: called deprecated method `#{method_name}' "
50
- msg << "of an #{self}"
51
- msg << ", use #{options[:use]} instead" if options[:use]
51
+ msg = "#################### DEPRECATION WARNING ####################\n"
52
+ msg << "Called deprecated method `#{method}` of #{self}."
53
+ msg << " Use `#{options[:use]}` instead.\n" if options[:use]
54
+ if options[:version]
55
+ msg << "Method `#{method}` will be removed in #{options[:version]}."
56
+ end
57
+ msg << "\n#############################################################"
52
58
  msg
53
59
  end
54
60
 
55
- alias_method(:"deprecated_#{method_name}", method_name)
61
+ alias_method(:"deprecated_#{method}", method)
56
62
 
57
63
  warned = false # we only want to issue this warning once
58
64
 
59
- define_method(method_name) do |*args,&block|
65
+ define_method(method) do |*args, &block|
60
66
  unless warned
61
67
  warned = true
62
68
  warn(deprecation_msg + "\n" + caller.join("\n"))
63
69
  end
64
- send("deprecated_#{method_name}", *args, &block)
70
+ send("deprecated_#{method}", *args, &block)
65
71
  end
66
72
  end
67
73
 
@@ -47,8 +47,8 @@ module Aws
47
47
  @mutex.synchronize do
48
48
  # delete the least recent used endpoint when cache is full
49
49
  unless @entries.size < @max_entries
50
- old_key, _ = @entries.shift
51
- self.delete_polling_thread(old_key)
50
+ old_key, = @entries.shift
51
+ delete_polling_thread(old_key)
52
52
  end
53
53
  # delete old value if exists
54
54
  @entries.delete(key)
@@ -60,10 +60,12 @@ module Aws
60
60
  # @param [String] key
61
61
  # @return [Boolean]
62
62
  def key?(key)
63
- if @entries.key?(key) && (@entries[key].nil? || @entries[key].expired?)
64
- self.delete(key)
63
+ @mutex.synchronize do
64
+ if @entries.key?(key) && (@entries[key].nil? || @entries[key].expired?)
65
+ @entries.delete(key)
66
+ end
67
+ @entries.key?(key)
65
68
  end
66
- @entries.key?(key)
67
69
  end
68
70
 
69
71
  # checking whether an polling thread exist for the key
@@ -84,7 +86,7 @@ module Aws
84
86
  # kill the old polling thread and remove it from pool
85
87
  # @param [String] key
86
88
  def delete_polling_thread(key)
87
- Thread.kill(@pool[key]) if self.threads_key?(key)
89
+ Thread.kill(@pool[key]) if threads_key?(key)
88
90
  @pool.delete(key)
89
91
  end
90
92
 
@@ -109,7 +111,7 @@ module Aws
109
111
  if _endpoint_operation_identifier(ctx)
110
112
  parts << ctx.operation_name
111
113
  ctx.operation.input.shape.members.inject(parts) do |p, (name, ref)|
112
- p << ctx.params[name] if ref["endpointdiscoveryid"]
114
+ p << ctx.params[name] if ref['endpointdiscoveryid']
113
115
  p
114
116
  end
115
117
  end
@@ -141,7 +143,7 @@ module Aws
141
143
  # build identifier params when available
142
144
  params[:operation] = ctx.operation.name
143
145
  ctx.operation.input.shape.members.inject(params) do |p, (name, ref)|
144
- if ref["endpointdiscoveryid"]
146
+ if ref['endpointdiscoveryid']
145
147
  p[:identifiers] ||= {}
146
148
  p[:identifiers][ref.location_name] = ctx.params[name]
147
149
  end
@@ -153,19 +155,20 @@ module Aws
153
155
  endpoint_operation_name = ctx.config.api.endpoint_operation
154
156
  ctx.client.send(endpoint_operation_name, params)
155
157
  rescue Aws::Errors::ServiceError
156
- nil
158
+ nil
157
159
  end
158
160
  end
159
161
 
160
162
  def _endpoint_operation_identifier(ctx)
161
163
  return @require_identifier unless @require_identifier.nil?
164
+
162
165
  operation_name = ctx.config.api.endpoint_operation
163
166
  operation = ctx.config.api.operation(operation_name)
164
167
  @require_identifier = operation.input.shape.members.any?
165
168
  end
166
169
 
167
170
  class Endpoint
168
-
171
+
169
172
  # default endpoint cache time, 1 minute
170
173
  CACHE_PERIOD = 1
171
174
 
@@ -175,7 +178,7 @@ module Aws
175
178
  @created_time = Time.now
176
179
  end
177
180
 
178
- # [String] valid URI address (with path)
181
+ # [String] valid URI address (with path)
179
182
  attr_reader :address
180
183
 
181
184
  def expired?
@@ -158,6 +158,18 @@ module Aws
158
158
  end
159
159
  end
160
160
 
161
+ # Raised when :web_identity_token_file parameter is not
162
+ # provided or the file doesn't exist when initializing
163
+ # AssumeRoleWebIdentityCredentials credential provider
164
+ class MissingWebIdentityTokenFile < RuntimeError
165
+ def initialize(*args)
166
+ msg = 'Missing :web_identity_token_file parameter or'\
167
+ ' invalid file path provided for'\
168
+ ' Aws::AssumeRoleWebIdentityCredentials provider'
169
+ super(msg)
170
+ end
171
+ end
172
+
161
173
  # Raised when a credentials provider process returns a JSON
162
174
  # payload with either invalid version number or malformed contents
163
175
  class InvalidProcessCredentialsPayload < RuntimeError; end
@@ -51,8 +51,9 @@ module Aws
51
51
  super
52
52
  end
53
53
 
54
- # @return [Integer] The number of times to retry failed attempts to
55
- # fetch credentials from the instance metadata service. Defaults to 0.
54
+ # @return [Integer] Number of times to retry when retrieving credentials
55
+ # from the instance metadata service. Defaults to 0 when resolving from
56
+ # the default credential chain ({Aws::CredentialProviderChain}).
56
57
  attr_reader :retries
57
58
 
58
59
  private
@@ -23,7 +23,7 @@ module Aws
23
23
 
24
24
  def load(json)
25
25
  ENGINE.load(json, *ENGINE_LOAD_OPTIONS)
26
- rescue ENGINE_ERROR => e
26
+ rescue *ENGINE_ERRORS => e
27
27
  raise ParseError.new(e)
28
28
  end
29
29
 
@@ -45,21 +45,21 @@ module Aws
45
45
  end
46
46
 
47
47
  def json_engine
48
- [JSON, [], [], JSON::ParserError]
48
+ [JSON, [], [], [JSON::ParserError]]
49
49
  end
50
50
 
51
51
  def oj_parse_error
52
52
  if Oj.const_defined?('ParseError')
53
- Oj::ParseError
53
+ [Oj::ParseError, EncodingError]
54
54
  else
55
- SyntaxError
55
+ [SyntaxError]
56
56
  end
57
57
  end
58
58
 
59
59
  end
60
60
 
61
61
  # @api private
62
- ENGINE, ENGINE_LOAD_OPTIONS, ENGINE_DUMP_OPTIONS, ENGINE_ERROR =
62
+ ENGINE, ENGINE_LOAD_OPTIONS, ENGINE_DUMP_OPTIONS, ENGINE_ERRORS =
63
63
  oj_engine || json_engine
64
64
 
65
65
  end
@@ -11,7 +11,7 @@ module Aws
11
11
  #
12
12
  # @api private
13
13
  # begin
14
- SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :body, :bot_configuration, :bot_email, :cause, :client_id, :client_secret, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :db_password, :default_phone_number, :definition, :description, :display_name, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :feedback_token, :file, :first_name, :id, :id_token, :input, :input_text, :key_id, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_password, :message, :name, :new_password, :next_password, :notes, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :proposed_password, :public_key, :qr_code_png, :query, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :share_notes, :shared_secret, :slots, :sse_customer_key, :ssekms_key_id, :status_message, :tag_key_list, :tags, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :upload_credentials, :upload_url, :user_email, :user_name, :username, :value, :values, :variables, :zip_file]
14
+ SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :block, :block_address, :body, :bot_configuration, :bot_email, :calling_name, :cause, :client_id, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :custom_private_key, :db_password, :default_phone_number, :definition, :description, :digest_tip_address, :display_name, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :feedback_token, :file, :first_name, :host_key, :id, :id_token, :input, :input_text, :ion_text, :key_id, :key_material, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_password, :message, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :proof, :proposed_password, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :revision, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :share_notes, :shared_secret, :slots, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :target_address, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_data, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :vpn_psk, :zip_file]
15
15
  # end
16
16
 
17
17
  def initialize(options = {})
@@ -141,8 +141,8 @@ module Aws
141
141
  errors << expected_got(context, "true or false", value)
142
142
  end
143
143
  when BlobShape
144
- unless io_like?(value) or value.is_a?(String)
145
- errors << expected_got(context, "a String or IO object", value)
144
+ unless value.is_a?(String) || io_like?(value)
145
+ errors << expected_got(context, "a String or File object", value)
146
146
  end
147
147
  else
148
148
  raise "unhandled shape type: #{ref.shape.class.name}"
@@ -166,9 +166,8 @@ module Aws
166
166
  end
167
167
 
168
168
  def io_like?(value)
169
- value.respond_to?(:read) &&
170
- value.respond_to?(:rewind) &&
171
- value.respond_to?(:size)
169
+ value.respond_to?(:read) && value.respond_to?(:rewind) &&
170
+ value.respond_to?(:size)
172
171
  end
173
172
 
174
173
  def error_messages(errors)
@@ -24,6 +24,16 @@ agent is running on, where client metrics will be published via UDP.
24
24
  resolve_client_side_monitoring_port(cfg)
25
25
  end
26
26
 
27
+ option(:client_side_monitoring_host,
28
+ default: "127.0.0.1",
29
+ doc_type: String,
30
+ docstring: <<-DOCS) do |cfg|
31
+ Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
32
+ side monitoring agent is running on, where client metrics will be published via UDP.
33
+ DOCS
34
+ resolve_client_side_monitoring_host(cfg)
35
+ end
36
+
27
37
  option(:client_side_monitoring_publisher,
28
38
  default: ClientSideMonitoring::Publisher,
29
39
  doc_type: Aws::ClientSideMonitoring::Publisher,
@@ -49,6 +59,7 @@ all generated client side metrics. Defaults to an empty string.
49
59
  handlers.add(Handler, step: :initialize)
50
60
  publisher = config.client_side_monitoring_publisher
51
61
  publisher.agent_port = config.client_side_monitoring_port
62
+ publisher.agent_host = config.client_side_monitoring_host
52
63
  end
53
64
  end
54
65
 
@@ -70,6 +81,19 @@ all generated client side metrics. Defaults to an empty string.
70
81
  end
71
82
  end
72
83
 
84
+ def self.resolve_client_side_monitoring_host(cfg)
85
+ env_source = ENV["AWS_CSM_HOST"]
86
+ env_source = nil if env_source == ""
87
+ cfg_source = Aws.shared_config.csm_host(profile: cfg.profile)
88
+ if env_source
89
+ env_source
90
+ elsif cfg_source
91
+ cfg_source
92
+ else
93
+ "127.0.0.1"
94
+ end
95
+ end
96
+
73
97
  def self.resolve_client_side_monitoring(cfg)
74
98
  env_source = ENV["AWS_CSM_ENABLED"]
75
99
  env_source = nil if env_source == ""
@@ -35,7 +35,9 @@ to test endpoints. This should be avalid HTTP(S) URI.
35
35
  DOCS
36
36
  endpoint_prefix = cfg.api.metadata['endpointPrefix']
37
37
  if cfg.region && endpoint_prefix
38
- Aws::Partitions::EndpointProvider.resolve(cfg.region, endpoint_prefix)
38
+ sts_regional = cfg.respond_to?(:sts_regional_endpoints) ? cfg.sts_regional_endpoints : nil
39
+ Aws::Partitions::EndpointProvider.resolve(
40
+ cfg.region, endpoint_prefix, sts_regional)
39
41
  end
40
42
  end
41
43
 
@@ -6,7 +6,7 @@ module Aws
6
6
  class RetryErrors < Seahorse::Client::Plugin
7
7
 
8
8
  EQUAL_JITTER = lambda { |delay| (delay / 2) + Kernel.rand(0..(delay/2))}
9
- FULL_JITTER= lambda { |delay| Kernel.rand(0..delay) }
9
+ FULL_JITTER = lambda { |delay| Kernel.rand(0..delay) }
10
10
  NO_JITTER = lambda { |delay| delay }
11
11
 
12
12
  JITTERS = {
@@ -72,6 +72,8 @@ A delay randomiser function used by the default backoff function. Some predefine
72
72
  'UnrecognizedClientException', # json services
73
73
  'InvalidAccessKeyId', # s3
74
74
  'AuthFailure', # ec2
75
+ 'InvalidIdentityToken', # sts
76
+ 'ExpiredToken', # route53
75
77
  ])
76
78
 
77
79
  THROTTLING_ERRORS = Set.new([
@@ -93,7 +95,8 @@ A delay randomiser function used by the default backoff function. Some predefine
93
95
  ])
94
96
 
95
97
  NETWORKING_ERRORS = Set.new([
96
- 'RequestTimeout', # s3
98
+ 'RequestTimeout', # s3
99
+ 'IDPCommunicationError', # sts
97
100
  ])
98
101
 
99
102
  def initialize(error, http_status_code)
@@ -116,6 +119,7 @@ A delay randomiser function used by the default backoff function. Some predefine
116
119
 
117
120
  def networking?
118
121
  @error.is_a?(Seahorse::Client::NetworkingError) ||
122
+ @error.is_a?(Errors::NoSuchEndpointError) ||
119
123
  NETWORKING_ERRORS.include?(@name)
120
124
  end
121
125
 
@@ -141,7 +145,7 @@ A delay randomiser function used by the default backoff function. Some predefine
141
145
  false
142
146
  end
143
147
  end
144
-
148
+
145
149
  def retryable?(context)
146
150
  (expired_credentials? and refreshable_credentials?(context)) or
147
151
  throttling_error? or
@@ -5,7 +5,7 @@ module Aws
5
5
  # A credential provider that executes a given process and attempts
6
6
  # to read its stdout to recieve a JSON payload containing the credentials
7
7
  #
8
- # Automatically handles refreshing credentials if an Expiration time is
8
+ # Automatically handles refreshing credentials if an Expiration time is
9
9
  # provided in the credentials payload
10
10
  #
11
11
  # credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc').credentials
@@ -23,11 +23,11 @@ module Aws
23
23
  # external process to be used as a credential provider.
24
24
  #
25
25
  # @param [String] process Invocation string for process
26
- # credentials provider.
26
+ # credentials provider.
27
27
  def initialize(process)
28
28
  @process = process
29
29
  @credentials = credentials_from_process(@process)
30
-
30
+
31
31
  super
32
32
  end
33
33