aws-sdk-core 3.63.0 → 3.67.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. data/lib/aws-sdk-core/credential_provider_chain.rb +12 -18
  4. data/lib/aws-sdk-core/instance_profile_credentials.rb +3 -2
  5. data/lib/aws-sdk-core/log/param_filter.rb +1 -1
  6. data/lib/aws-sdk-core/plugins/retry_errors.rb +5 -4
  7. data/lib/aws-sdk-core/shared_config.rb +15 -1
  8. data/lib/aws-sdk-sts.rb +1 -1
  9. data/lib/aws-sdk-sts/client.rb +1 -1
  10. data/lib/seahorse/client/handler_list_entry.rb +2 -2
  11. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 27997ac6193ccdf27b347b4c284934e578ba5a65
4
- data.tar.gz: 86bd4f6aa0804474ec023a02fce0fdf725f47cb6
3
+ metadata.gz: f7476f0150f3fc0e33b336899ac8637568a5ac85
4
+ data.tar.gz: cd8b9db12ca83c250a9f5eadc18e382ba1863782
5
5
  SHA512:
6
- metadata.gz: b82ccc68262770af243cad28d28f72590c1108730633f3b69466f3c5bbb6ced8c94672bcd1b4ecb0943a6e40fbc705b148d3d2b0a18d127a04a85e7eb189ff11
7
- data.tar.gz: ec5149be208c5d3983551824b70cbeb15c5c05e6d8fd9aa609f4d88362a040e787079475899f3ecf4a211675ff26e59c4e81692187d88849d88eb657e62f2451
6
+ metadata.gz: bf812425ac1e0adc27856f0056224795b7c95f18ed9f058c717ebc7e114ad6c642f6ac6ba96606c00e21cba22dbe98e7d93695490e56b70030b848d638b0ed9f
7
+ data.tar.gz: 5fa9f34fa1db02b7d9518541345a3881915ff138cddf0d0e9114483e9aece77be61e40ea3d07159b77905040340056bdbc48030ab8605844398262f19e3299a1
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.63.0
1
+ 3.67.0
data/lib/aws-sdk-core/credential_provider_chain.rb CHANGED
@@ -60,22 +60,20 @@ module Aws
60
60
  nil
61
61
  end
62
62
 
63
+ def determine_profile_name(options)
64
+ (options[:config] && options[:config].profile) || ENV['AWS_PROFILE'] || ENV['AWS_DEFAULT_PROFILE'] || 'default'
65
+ end
66
+
63
67
  def shared_credentials(options)
64
- if options[:config]
65
- SharedCredentials.new(profile_name: options[:config].profile)
66
- else
67
- SharedCredentials.new(
68
- profile_name: ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE'])
69
- end
68
+ profile_name = determine_profile_name(options)
69
+ SharedCredentials.new(profile_name: profile_name)
70
70
  rescue Errors::NoSuchProfileError
71
71
  nil
72
72
  end
73
73
 
74
74
  def process_credentials(options)
75
- profile_name = options[:config].profile if options[:config]
76
- profile_name ||= ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE']
77
-
78
75
  config = Aws.shared_config
76
+ profile_name = determine_profile_name(options)
79
77
  if config.config_enabled? && process_provider = config.credentials_process(profile_name)
80
78
  ProcessCredentials.new(process_provider)
81
79
  else
@@ -87,13 +85,7 @@ module Aws
87
85
 
88
86
  def assume_role_credentials(options)
89
87
  if Aws.shared_config.config_enabled?
90
- profile, region = nil, nil
91
- if options[:config]
92
- profile = options[:config].profile
93
- region = options[:config].region
94
- assume_role_with_profile(options[:config].profile, options[:config].region)
95
- end
96
- assume_role_with_profile(profile, region)
88
+ assume_role_with_profile(options)
97
89
  else
98
90
  nil
99
91
  end
@@ -123,9 +115,11 @@ module Aws
123
115
  end
124
116
  end
125
117
 
126
- def assume_role_with_profile(prof, region)
118
+ def assume_role_with_profile(options)
119
+ profile_name = determine_profile_name(options)
120
+ region = (options[:config] && options[:config].region)
127
121
  Aws.shared_config.assume_role_credentials_from_config(
128
- profile: prof,
122
+ profile: profile_name,
129
123
  region: region,
130
124
  chain_config: @config
131
125
  )
data/lib/aws-sdk-core/instance_profile_credentials.rb CHANGED
@@ -51,8 +51,9 @@ module Aws
51
51
  super
52
52
  end
53
53
 
54
- # @return [Integer] The number of times to retry failed attempts to
55
- # fetch credentials from the instance metadata service. Defaults to 0.
54
+ # @return [Integer] Number of times to retry when retrieving credentials
55
+ # from the instance metadata service. Defaults to 0 when resolving from
56
+ # the default credential chain ({Aws::CredentialProviderChain}).
56
57
  attr_reader :retries
57
58
 
58
59
  private
data/lib/aws-sdk-core/log/param_filter.rb CHANGED
@@ -11,7 +11,7 @@ module Aws
11
11
  #
12
12
  # @api private
13
13
  # begin
14
- SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :body, :bot_configuration, :bot_email, :cause, :client_id, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :db_password, :default_phone_number, :definition, :description, :display_name, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :feedback_token, :file, :first_name, :id, :id_token, :input, :input_text, :key_id, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_password, :message, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :proposed_password, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :share_notes, :shared_secret, :slots, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_email, :user_name, :username, :value, :values, :variables, :zip_file]
14
+ SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :block, :block_address, :body, :bot_configuration, :bot_email, :cause, :client_id, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :db_password, :default_phone_number, :definition, :description, :digest_tip_address, :display_name, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :feedback_token, :file, :first_name, :host_key, :id, :id_token, :input, :input_text, :ion_text, :key_id, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_password, :message, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :proof, :proposed_password, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :revision, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :share_notes, :shared_secret, :slots, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :zip_file]
15
15
  # end
16
16
 
17
17
  def initialize(options = {})
data/lib/aws-sdk-core/plugins/retry_errors.rb CHANGED
@@ -6,7 +6,7 @@ module Aws
6
6
  class RetryErrors < Seahorse::Client::Plugin
7
7
 
8
8
  EQUAL_JITTER = lambda { |delay| (delay / 2) + Kernel.rand(0..(delay/2))}
9
- FULL_JITTER= lambda { |delay| Kernel.rand(0..delay) }
9
+ FULL_JITTER = lambda { |delay| Kernel.rand(0..delay) }
10
10
  NO_JITTER = lambda { |delay| delay }
11
11
 
12
12
  JITTERS = {
@@ -73,6 +73,7 @@ A delay randomiser function used by the default backoff function. Some predefine
73
73
  'InvalidAccessKeyId', # s3
74
74
  'AuthFailure', # ec2
75
75
  'InvalidIdentityToken', # sts
76
+ 'ExpiredToken', # route53
76
77
  ])
77
78
 
78
79
  THROTTLING_ERRORS = Set.new([
@@ -94,8 +95,8 @@ A delay randomiser function used by the default backoff function. Some predefine
94
95
  ])
95
96
 
96
97
  NETWORKING_ERRORS = Set.new([
97
- 'RequestTimeout', # s3
98
- 'IDPCommunicationError', # sts
98
+ 'RequestTimeout', # s3
99
+ 'IDPCommunicationError', # sts
99
100
  ])
100
101
 
101
102
  def initialize(error, http_status_code)
@@ -144,7 +145,7 @@ A delay randomiser function used by the default backoff function. Some predefine
144
145
  false
145
146
  end
146
147
  end
147
-
148
+
148
149
  def retryable?(context)
149
150
  (expired_credentials? and refreshable_credentials?(context)) or
150
151
  throttling_error? or
data/lib/aws-sdk-core/shared_config.rb CHANGED
@@ -245,7 +245,7 @@ module Aws
245
245
  "provide only source_profile or credential_source, not both."
246
246
  )
247
247
  elsif opts[:source_profile]
248
- opts[:credentials] = credentials(profile: opts[:source_profile])
248
+ opts[:credentials] = resolve_source_profile(opts[:source_profile])
249
249
  if opts[:credentials]
250
250
  opts[:role_session_name] ||= prof_cfg["role_session_name"]
251
251
  opts[:role_session_name] ||= "default_session"
@@ -293,6 +293,20 @@ module Aws
293
293
  end
294
294
  end
295
295
 
296
+ def resolve_source_profile(src)
297
+ if (creds = credentials(profile: src))
298
+ creds # static credentials
299
+ elsif (provider = assume_role_web_identity_credentials_from_config(src))
300
+ if provider.credentials.set?
301
+ provider.credentials
302
+ else
303
+ nil
304
+ end
305
+ else
306
+ nil
307
+ end
308
+ end
309
+
296
310
  def credentials_from_source(credential_source, config)
297
311
  case credential_source
298
312
  when "Ec2InstanceMetadata"
data/lib/aws-sdk-sts.rb CHANGED
@@ -40,6 +40,6 @@ require_relative 'aws-sdk-sts/customizations'
40
40
  # @service
41
41
  module Aws::STS
42
42
 
43
- GEM_VERSION = '3.63.0'
43
+ GEM_VERSION = '3.67.0'
44
44
 
45
45
  end
data/lib/aws-sdk-sts/client.rb CHANGED
@@ -1808,7 +1808,7 @@ module Aws::STS
1808
1808
  params: params,
1809
1809
  config: config)
1810
1810
  context[:gem_name] = 'aws-sdk-core'
1811
- context[:gem_version] = '3.63.0'
1811
+ context[:gem_version] = '3.67.0'
1812
1812
  Seahorse::Client::Request.new(handlers, context)
1813
1813
  end
1814
1814
 
data/lib/seahorse/client/handler_list_entry.rb CHANGED
@@ -77,8 +77,8 @@ module Seahorse
77
77
  if options.key?(name)
78
78
  options[name]
79
79
  else
80
- msg = "invalid :priority `%s', must be between 0 and 99"
81
- raise ArgumentError, msg % priority.inspect
80
+ msg = "missing option: `%s'"
81
+ raise ArgumentError, msg % name.inspect
82
82
  end
83
83
  end
84
84
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.63.0
4
+ version: 3.67.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-08-15 00:00:00.000000000 Z
11
+ date: 2019-09-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jmespath