aws-sdk-core 3.65.0 → 3.68.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 63b7a7d7470e58f447a031339eecd074c787ee0b
-  data.tar.gz: e10c2a286357776ffd67f3fab9e5ae5607a30347
+  metadata.gz: 4084b2ed016d57967df6507569a39def528f732f
+  data.tar.gz: 247a1e43c7306083f4b91093f57403211e5ac37d
 SHA512:
-  metadata.gz: '0921c39c2eaa349cd88121775efab1391b19c51278a329eee6a0f43568e3eb070298737cf572e74f5e10058c487df7d839b7ae8be0994de5203f2ca8afefaf3c'
-  data.tar.gz: e6db8784a82121825706666728d178c649959313882a88f721155526519cde5a58e439ee6919bc73174f2badb6dfbcad03883013874188fc2be94aaaddeb9b48
+  metadata.gz: 6841d16d955cb43c9387539030c957acdc99ecc4251de2a2387e8adb99af4488c4e6837a0b2980aa3e5c75ea825cb4a461b4b101b65b1127d412f896756b530e
+  data.tar.gz: a39302708b5d1423b34a7ea641522560f5e61fa6f6443048c932f2b6fb91c7700e47597221a4a8cbc448e4ba56c139f64003b1bedf282c2101fa4f49b8b933a1

data/VERSION

@@ -1 +1 @@
-3.65.0
+3.68.1

data/lib/aws-sdk-core/credential_provider.rb

@@ -13,32 +13,29 @@ module Aws
       !!credentials && credentials.set?
     end
 
-    # @deprecated Deprecated in 2.1.0. This method is subject to errors
-    #   from a race condition when called against refreshable credential
-    #   objects. Will be removed in 2.2.0.
+    # @deprecated This method is subject to errors from a race condition when
+    # called against refreshable credential objects. This will be removed.
     # @see #credentials
     def access_key_id
       credentials ? credentials.access_key_id : nil
     end
-    deprecated(:access_key_id, use: '#credentials')
+    deprecated(:access_key_id, use: '#credentials', version: '3.75')
 
-    # @deprecated Deprecated in 2.1.0. This method is subject to errors
-    #   from a race condition when called against refreshable credential
-    #   objects. Will be removed in 2.2.0.
+    # @deprecated This method is subject to errors from a race condition when
+    # called against refreshable credential objects. This will be removed.
     # @see #credentials
     def secret_access_key
       credentials ? credentials.secret_access_key : nil
     end
-    deprecated(:secret_access_key, use: '#credentials')
+    deprecated(:secret_access_key, use: '#credentials', version: '3.75')
 
-    # @deprecated Deprecated in 2.1.0. This method is subject to errors
-    #   from a race condition when called against refreshable credential
-    #   objects. Will be removed in 2.2.0.
+    # @deprecated This method is subject to errors from a race condition when
+    # called against refreshable credential objects. This will be removed.
     # @see #credentials
     def session_token
       credentials ? credentials.session_token : nil
     end
-    deprecated(:session_token, use: '#credentials')
+    deprecated(:session_token, use: '#credentials', version: '3.75')
 
   end
 end

data/lib/aws-sdk-core/credential_provider_chain.rb

@@ -60,22 +60,20 @@ module Aws
       nil
     end
 
+    def determine_profile_name(options)
+      (options[:config] && options[:config].profile) || ENV['AWS_PROFILE'] || ENV['AWS_DEFAULT_PROFILE'] || 'default'
+    end
+
     def shared_credentials(options)
-      if options[:config]
-        SharedCredentials.new(profile_name: options[:config].profile)
-      else
-        SharedCredentials.new(
-          profile_name: ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE'])
-      end
+      profile_name = determine_profile_name(options)
+      SharedCredentials.new(profile_name: profile_name)
     rescue Errors::NoSuchProfileError
       nil
     end
 
     def process_credentials(options)
-      profile_name = options[:config].profile if options[:config]
-      profile_name ||= ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE']
-      
       config = Aws.shared_config
+      profile_name = determine_profile_name(options)
       if config.config_enabled? && process_provider = config.credentials_process(profile_name)
         ProcessCredentials.new(process_provider)
       else
@@ -87,13 +85,7 @@ module Aws
 
     def assume_role_credentials(options)
       if Aws.shared_config.config_enabled?
-        profile, region = nil, nil
-        if options[:config]
-          profile = options[:config].profile
-          region = options[:config].region
-          assume_role_with_profile(options[:config].profile, options[:config].region)
-        end
-        assume_role_with_profile(profile, region)
+        assume_role_with_profile(options)
       else
         nil
       end
@@ -123,9 +115,11 @@ module Aws
       end
     end
 
-    def assume_role_with_profile(prof, region)
+    def assume_role_with_profile(options)
+      profile_name = determine_profile_name(options)
+      region = (options[:config] && options[:config].region)
       Aws.shared_config.assume_role_credentials_from_config(
-        profile: prof,
+        profile: profile_name,
         region: region,
         chain_config: @config
       )

data/lib/aws-sdk-core/deprecations.rb

@@ -35,33 +35,39 @@ module Aws
   # @api private
   module Deprecations
 
-    # @param [Symbol] method_name The name of the deprecated method.
+    # @param [Symbol] method The name of the deprecated method.
     #
     # @option options [String] :message The warning message to issue
     #   when the deprecated method is called.
     #
-    # @option options [Symbol] :use The name of an use
-    #   method that should be used.
+    # @option options [String] :use The name of a method that should be used.
     #
-    def deprecated(method_name, options = {})
+    # @option options [String] :version The version that will remove the
+    #   deprecated method.
+    #
+    def deprecated(method, options = {})
 
       deprecation_msg = options[:message] || begin
-        msg = "DEPRECATION WARNING: called deprecated method `#{method_name}' "
-        msg << "of an #{self}"
-        msg << ", use #{options[:use]} instead" if options[:use]
+        msg = "#################### DEPRECATION WARNING ####################\n"
+        msg << "Called deprecated method `#{method}` of #{self}."
+        msg << " Use `#{options[:use]}` instead.\n" if options[:use]
+        if options[:version]
+          msg << "Method `#{method}` will be removed in #{options[:version]}."
+        end
+        msg << "\n#############################################################"
         msg
       end
 
-      alias_method(:"deprecated_#{method_name}", method_name)
+      alias_method(:"deprecated_#{method}", method)
 
       warned = false # we only want to issue this warning once
 
-      define_method(method_name) do |*args,&block|
+      define_method(method) do |*args, &block|
         unless warned
           warned = true
           warn(deprecation_msg + "\n" + caller.join("\n"))
         end
-        send("deprecated_#{method_name}", *args, &block)
+        send("deprecated_#{method}", *args, &block)
       end
     end
 

data/lib/aws-sdk-core/instance_profile_credentials.rb

@@ -51,8 +51,9 @@ module Aws
       super
     end
 
-    # @return [Integer] The number of times to retry failed attempts to
-    #   fetch credentials from the instance metadata service. Defaults to 0.
+    # @return [Integer] Number of times to retry when retrieving credentials
+    #   from the instance metadata service. Defaults to 0 when resolving from
+    #   the default credential chain ({Aws::CredentialProviderChain}).
     attr_reader :retries
 
     private

data/lib/aws-sdk-core/log/param_filter.rb

@@ -11,7 +11,7 @@ module Aws
       #
       # @api private
       # begin
-      SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :body, :bot_configuration, :bot_email, :cause, :client_id, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :db_password, :default_phone_number, :definition, :description, :display_name, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :feedback_token, :file, :first_name, :host_key, :id, :id_token, :input, :input_text, :key_id, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_password, :message, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :proposed_password, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :share_notes, :shared_secret, :slots, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :zip_file]
+      SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :block, :block_address, :body, :bot_configuration, :bot_email, :cause, :client_id, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :db_password, :default_phone_number, :definition, :description, :digest_tip_address, :display_name, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :feedback_token, :file, :first_name, :host_key, :id, :id_token, :input, :input_text, :ion_text, :key_id, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_password, :message, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :proof, :proposed_password, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :revision, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :share_notes, :shared_secret, :slots, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :zip_file]
       # end
 
       def initialize(options = {})

data/lib/aws-sdk-core/param_validator.rb

@@ -141,8 +141,8 @@ module Aws
           errors << expected_got(context, "true or false", value)
         end
       when BlobShape
-        unless io_like?(value) or value.is_a?(String)
-          errors << expected_got(context, "a String or IO object", value)
+        unless value.is_a?(String) || io_like?(value)
+          errors << expected_got(context, "a String or File object", value)
         end
       else
         raise "unhandled shape type: #{ref.shape.class.name}"
@@ -166,9 +166,8 @@ module Aws
     end
 
     def io_like?(value)
-      value.respond_to?(:read) &&
-      value.respond_to?(:rewind) &&
-      value.respond_to?(:size)
+      value.respond_to?(:read) && value.respond_to?(:rewind) &&
+        value.respond_to?(:size)
     end
 
     def error_messages(errors)

data/lib/aws-sdk-core/plugins/retry_errors.rb

@@ -6,7 +6,7 @@ module Aws
     class RetryErrors < Seahorse::Client::Plugin
 
       EQUAL_JITTER = lambda { |delay| (delay / 2) + Kernel.rand(0..(delay/2))}
-      FULL_JITTER= lambda { |delay| Kernel.rand(0..delay) }
+      FULL_JITTER = lambda { |delay| Kernel.rand(0..delay) }
       NO_JITTER = lambda { |delay| delay }
 
       JITTERS = {
@@ -73,6 +73,7 @@ A delay randomiser function used by the default backoff function. Some predefine
           'InvalidAccessKeyId',          # s3
           'AuthFailure',                 # ec2
           'InvalidIdentityToken',        # sts
+          'ExpiredToken',                # route53
         ])
 
         THROTTLING_ERRORS = Set.new([
@@ -94,8 +95,8 @@ A delay randomiser function used by the default backoff function. Some predefine
         ])
 
         NETWORKING_ERRORS = Set.new([
-          'RequestTimeout', # s3
-          'IDPCommunicationError', # sts
+          'RequestTimeout',         # s3
+          'IDPCommunicationError',  # sts
         ])
 
         def initialize(error, http_status_code)
@@ -144,7 +145,7 @@ A delay randomiser function used by the default backoff function. Some predefine
             false
           end
         end
-          
+
         def retryable?(context)
           (expired_credentials? and refreshable_credentials?(context)) or
             throttling_error? or

data/lib/aws-sdk-core/process_credentials.rb

@@ -5,7 +5,7 @@ module Aws
   # A credential provider that executes a given process and attempts
   # to read its stdout to recieve a JSON payload containing the credentials
   #
-  # Automatically handles refreshing credentials if an Expiration time is 
+  # Automatically handles refreshing credentials if an Expiration time is
   # provided in the credentials payload
   #
   #     credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc').credentials
@@ -23,11 +23,11 @@ module Aws
     # external process to be used as a credential provider.
     #
     # @param [String] process Invocation string for process
-    # credentials provider. 
+    # credentials provider.
     def initialize(process)
       @process = process
       @credentials = credentials_from_process(@process)
-      
+
       super
     end
 

data/lib/aws-sdk-core/shared_config.rb

@@ -99,12 +99,10 @@ module Aws
     def credentials(opts = {})
       p = opts[:profile] || @profile_name
       validate_profile_exists(p) if credentials_present?
-      if credentials = credentials_from_shared(p, opts)
+      if (credentials = credentials_from_shared(p, opts))
         credentials
-      elsif credentials = credentials_from_config(p, opts)
+      elsif (credentials = credentials_from_config(p, opts))
         credentials
-      else
-        nil
       end
     end
 
@@ -228,6 +226,7 @@ module Aws
     end
 
     private
+
     def credentials_present?
       (@parsed_credentials && !@parsed_credentials.empty?) ||
         (@parsed_config && !@parsed_config.empty?)
@@ -293,17 +292,17 @@ module Aws
       end
     end
 
-    def resolve_source_profile(src)
-      if (creds = credentials(profile: src))
+    def resolve_source_profile(profile)
+      if (creds = credentials(profile: profile))
         creds # static credentials
-      elsif (provider = assume_role_web_identity_credentials_from_config(src))
+      elsif (provider = assume_role_web_identity_credentials_from_config(profile))
+        if provider.credentials.set?
+          provider.credentials
+        end
+      elsif (provider = assume_role_process_credentials_from_config(profile))
         if provider.credentials.set?
           provider.credentials
-        else
-          nil
         end
-      else
-        nil
       end
     end
 
@@ -324,6 +323,11 @@ module Aws
       end
     end
 
+    def assume_role_process_credentials_from_config(profile)
+      credential_process = credentials_process(profile)
+      ProcessCredentials.new(credential_process) if credential_process
+    end
+
     def credentials_from_shared(profile, opts)
       if @parsed_credentials && prof_config = @parsed_credentials[profile]
         credentials_from_profile(prof_config)

data/lib/aws-sdk-sts.rb

@@ -40,6 +40,6 @@ require_relative 'aws-sdk-sts/customizations'
 # @service
 module Aws::STS
 
-  GEM_VERSION = '3.65.0'
+  GEM_VERSION = '3.68.1'
 
 end

data/lib/aws-sdk-sts/client.rb

@@ -1808,7 +1808,7 @@ module Aws::STS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.65.0'
+      context[:gem_version] = '3.68.1'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/seahorse/client/handler_list_entry.rb

@@ -77,8 +77,8 @@ module Seahorse
         if options.key?(name)
           options[name]
         else
-          msg = "invalid :priority `%s', must be between 0 and 99"
-          raise ArgumentError, msg % priority.inspect
+          msg = "missing option: `%s'"
+          raise ArgumentError, msg % name.inspect
         end
       end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-core
 version: !ruby/object:Gem::Version
-  version: 3.65.0
+  version: 3.68.1
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-08-27 00:00:00.000000000 Z
+date: 2019-10-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jmespath