aws-sdk-core 3.64.0 → 3.68.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7d8d9070d0c4019acef91678da44a25fcfef50b4
4
- data.tar.gz: 00c90454905912a2c2838ce634ea28c74158daae
3
+ metadata.gz: 18f71473382cc66ef7fd9cd1ed94577fa4dbe75f
4
+ data.tar.gz: f37cf085eee73f4f766a5c80492690bdae5e1f6e
5
5
  SHA512:
6
- metadata.gz: 0436e9a0fbee055602e346f067993d92650b4f515374fe63853db68d1b7d87cfcd41e11f214c8a460c74b34e1cde82f0a810ed03ad5763a0d8045d6f9a9cf8b9
7
- data.tar.gz: 981b3a2e96fc5aaa1a13dd74a2a07c7af0b4286588137e1b065b1188d7dc0d0622840a16131ea5c19c8c316463e90117b40177525c1e7ebedb5efc8f12f5ad21
6
+ metadata.gz: 656dbc36316496f11445a6e5b6a47dcabbb20ea2604f9e9e9fb3ca379eaaba14eec5ef7ca90d5420533e2780282c9564e924abd3835dd099a779ed7a7f208ac9
7
+ data.tar.gz: 41a797745b6dd3b7fdbdf9a272b423a7361051d42470c9af93d7cc1dadb2d41d44f36fd2e6f09416a1710424c4a3065c15b766cbcbb7782d72cfd1c785463a4f
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.64.0
1
+ 3.68.0
@@ -60,22 +60,20 @@ module Aws
60
60
  nil
61
61
  end
62
62
 
63
+ def determine_profile_name(options)
64
+ (options[:config] && options[:config].profile) || ENV['AWS_PROFILE'] || ENV['AWS_DEFAULT_PROFILE'] || 'default'
65
+ end
66
+
63
67
  def shared_credentials(options)
64
- if options[:config]
65
- SharedCredentials.new(profile_name: options[:config].profile)
66
- else
67
- SharedCredentials.new(
68
- profile_name: ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE'])
69
- end
68
+ profile_name = determine_profile_name(options)
69
+ SharedCredentials.new(profile_name: profile_name)
70
70
  rescue Errors::NoSuchProfileError
71
71
  nil
72
72
  end
73
73
 
74
74
  def process_credentials(options)
75
- profile_name = options[:config].profile if options[:config]
76
- profile_name ||= ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE']
77
-
78
75
  config = Aws.shared_config
76
+ profile_name = determine_profile_name(options)
79
77
  if config.config_enabled? && process_provider = config.credentials_process(profile_name)
80
78
  ProcessCredentials.new(process_provider)
81
79
  else
@@ -87,13 +85,7 @@ module Aws
87
85
 
88
86
  def assume_role_credentials(options)
89
87
  if Aws.shared_config.config_enabled?
90
- profile, region = nil, nil
91
- if options[:config]
92
- profile = options[:config].profile
93
- region = options[:config].region
94
- assume_role_with_profile(options[:config].profile, options[:config].region)
95
- end
96
- assume_role_with_profile(profile, region)
88
+ assume_role_with_profile(options)
97
89
  else
98
90
  nil
99
91
  end
@@ -123,9 +115,11 @@ module Aws
123
115
  end
124
116
  end
125
117
 
126
- def assume_role_with_profile(prof, region)
118
+ def assume_role_with_profile(options)
119
+ profile_name = determine_profile_name(options)
120
+ region = (options[:config] && options[:config].region)
127
121
  Aws.shared_config.assume_role_credentials_from_config(
128
- profile: prof,
122
+ profile: profile_name,
129
123
  region: region,
130
124
  chain_config: @config
131
125
  )
@@ -51,8 +51,9 @@ module Aws
51
51
  super
52
52
  end
53
53
 
54
- # @return [Integer] The number of times to retry failed attempts to
55
- # fetch credentials from the instance metadata service. Defaults to 0.
54
+ # @return [Integer] Number of times to retry when retrieving credentials
55
+ # from the instance metadata service. Defaults to 0 when resolving from
56
+ # the default credential chain ({Aws::CredentialProviderChain}).
56
57
  attr_reader :retries
57
58
 
58
59
  private
@@ -11,7 +11,7 @@ module Aws
11
11
  #
12
12
  # @api private
13
13
  # begin
14
- SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :body, :bot_configuration, :bot_email, :cause, :client_id, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :db_password, :default_phone_number, :definition, :description, :display_name, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :feedback_token, :file, :first_name, :host_key, :id, :id_token, :input, :input_text, :key_id, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_password, :message, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :proposed_password, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :share_notes, :shared_secret, :slots, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :zip_file]
14
+ SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :block, :block_address, :body, :bot_configuration, :bot_email, :cause, :client_id, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :db_password, :default_phone_number, :definition, :description, :digest_tip_address, :display_name, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :feedback_token, :file, :first_name, :host_key, :id, :id_token, :input, :input_text, :ion_text, :key_id, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_password, :message, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :proof, :proposed_password, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :revision, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :share_notes, :shared_secret, :slots, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :zip_file]
15
15
  # end
16
16
 
17
17
  def initialize(options = {})
@@ -6,7 +6,7 @@ module Aws
6
6
  class RetryErrors < Seahorse::Client::Plugin
7
7
 
8
8
  EQUAL_JITTER = lambda { |delay| (delay / 2) + Kernel.rand(0..(delay/2))}
9
- FULL_JITTER= lambda { |delay| Kernel.rand(0..delay) }
9
+ FULL_JITTER = lambda { |delay| Kernel.rand(0..delay) }
10
10
  NO_JITTER = lambda { |delay| delay }
11
11
 
12
12
  JITTERS = {
@@ -73,6 +73,7 @@ A delay randomiser function used by the default backoff function. Some predefine
73
73
  'InvalidAccessKeyId', # s3
74
74
  'AuthFailure', # ec2
75
75
  'InvalidIdentityToken', # sts
76
+ 'ExpiredToken', # route53
76
77
  ])
77
78
 
78
79
  THROTTLING_ERRORS = Set.new([
@@ -94,8 +95,8 @@ A delay randomiser function used by the default backoff function. Some predefine
94
95
  ])
95
96
 
96
97
  NETWORKING_ERRORS = Set.new([
97
- 'RequestTimeout', # s3
98
- 'IDPCommunicationError', # sts
98
+ 'RequestTimeout', # s3
99
+ 'IDPCommunicationError', # sts
99
100
  ])
100
101
 
101
102
  def initialize(error, http_status_code)
@@ -144,7 +145,7 @@ A delay randomiser function used by the default backoff function. Some predefine
144
145
  false
145
146
  end
146
147
  end
147
-
148
+
148
149
  def retryable?(context)
149
150
  (expired_credentials? and refreshable_credentials?(context)) or
150
151
  throttling_error? or
@@ -5,7 +5,7 @@ module Aws
5
5
  # A credential provider that executes a given process and attempts
6
6
  # to read its stdout to recieve a JSON payload containing the credentials
7
7
  #
8
- # Automatically handles refreshing credentials if an Expiration time is
8
+ # Automatically handles refreshing credentials if an Expiration time is
9
9
  # provided in the credentials payload
10
10
  #
11
11
  # credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc').credentials
@@ -23,11 +23,11 @@ module Aws
23
23
  # external process to be used as a credential provider.
24
24
  #
25
25
  # @param [String] process Invocation string for process
26
- # credentials provider.
26
+ # credentials provider.
27
27
  def initialize(process)
28
28
  @process = process
29
29
  @credentials = credentials_from_process(@process)
30
-
30
+
31
31
  super
32
32
  end
33
33
 
@@ -99,12 +99,10 @@ module Aws
99
99
  def credentials(opts = {})
100
100
  p = opts[:profile] || @profile_name
101
101
  validate_profile_exists(p) if credentials_present?
102
- if credentials = credentials_from_shared(p, opts)
102
+ if (credentials = credentials_from_shared(p, opts))
103
103
  credentials
104
- elsif credentials = credentials_from_config(p, opts)
104
+ elsif (credentials = credentials_from_config(p, opts))
105
105
  credentials
106
- else
107
- nil
108
106
  end
109
107
  end
110
108
 
@@ -228,6 +226,7 @@ module Aws
228
226
  end
229
227
 
230
228
  private
229
+
231
230
  def credentials_present?
232
231
  (@parsed_credentials && !@parsed_credentials.empty?) ||
233
232
  (@parsed_config && !@parsed_config.empty?)
@@ -245,7 +244,7 @@ module Aws
245
244
  "provide only source_profile or credential_source, not both."
246
245
  )
247
246
  elsif opts[:source_profile]
248
- opts[:credentials] = credentials(profile: opts[:source_profile])
247
+ opts[:credentials] = resolve_source_profile(opts[:source_profile])
249
248
  if opts[:credentials]
250
249
  opts[:role_session_name] ||= prof_cfg["role_session_name"]
251
250
  opts[:role_session_name] ||= "default_session"
@@ -293,6 +292,20 @@ module Aws
293
292
  end
294
293
  end
295
294
 
295
+ def resolve_source_profile(profile)
296
+ if (creds = credentials(profile: profile))
297
+ creds # static credentials
298
+ elsif (provider = assume_role_web_identity_credentials_from_config(profile))
299
+ if provider.credentials.set?
300
+ provider.credentials
301
+ end
302
+ elsif (provider = assume_role_process_credentials_from_config(profile))
303
+ if provider.credentials.set?
304
+ provider.credentials
305
+ end
306
+ end
307
+ end
308
+
296
309
  def credentials_from_source(credential_source, config)
297
310
  case credential_source
298
311
  when "Ec2InstanceMetadata"
@@ -310,6 +323,11 @@ module Aws
310
323
  end
311
324
  end
312
325
 
326
+ def assume_role_process_credentials_from_config(profile)
327
+ credential_process = credentials_process(profile)
328
+ ProcessCredentials.new(credential_process) if credential_process
329
+ end
330
+
313
331
  def credentials_from_shared(profile, opts)
314
332
  if @parsed_credentials && prof_config = @parsed_credentials[profile]
315
333
  credentials_from_profile(prof_config)
@@ -40,6 +40,6 @@ require_relative 'aws-sdk-sts/customizations'
40
40
  # @service
41
41
  module Aws::STS
42
42
 
43
- GEM_VERSION = '3.64.0'
43
+ GEM_VERSION = '3.68.0'
44
44
 
45
45
  end
@@ -1808,7 +1808,7 @@ module Aws::STS
1808
1808
  params: params,
1809
1809
  config: config)
1810
1810
  context[:gem_name] = 'aws-sdk-core'
1811
- context[:gem_version] = '3.64.0'
1811
+ context[:gem_version] = '3.68.0'
1812
1812
  Seahorse::Client::Request.new(handlers, context)
1813
1813
  end
1814
1814
 
@@ -77,8 +77,8 @@ module Seahorse
77
77
  if options.key?(name)
78
78
  options[name]
79
79
  else
80
- msg = "invalid :priority `%s', must be between 0 and 99"
81
- raise ArgumentError, msg % priority.inspect
80
+ msg = "missing option: `%s'"
81
+ raise ArgumentError, msg % name.inspect
82
82
  end
83
83
  end
84
84
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.64.0
4
+ version: 3.68.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-08-20 00:00:00.000000000 Z
11
+ date: 2019-09-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jmespath