aws-sdk-core 3.90.0 → 3.93.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 48e9cc30981ca093ed5e512279083c45f59f879a
-  data.tar.gz: 8dd4d2ca90e11bdc5df94f34091a03e6dd06bf00
+  metadata.gz: 6de3598b56d0c65e9932b033550214b8a5b44662
+  data.tar.gz: 40464e5ac916ef50c8cbabbee35098b263477f74
 SHA512:
-  metadata.gz: aded2038fb2a36b8816f4f70d8342298a1dd1166272afe3c18f15cc8fd0e2f4368d6064f28f2009b401b0d9fbf9ecf827c77e87719839a538172613d422fab3d
-  data.tar.gz: fb9850aae375081eb31fddb3ea14df5c52d1cc73d2f86f2dd654fd1ff620f3e897bfe14e176afee48d13dfdae62d84e8fb968fa3fbe4d3b35849ee149908ed32
+  metadata.gz: baa1c13fbe13e94c280cf68ab4db3756f98402aa256afd89bd22925288d0b296eb16fe8d0bd7b649db3919306ddedab230ca54c2c2671042854def6e0b729b95
+  data.tar.gz: ff2b486eab0f8f1de1b762396311eb6e399d14d32fdf9e3b34268cb1a6ff5369fb7a1d94fdf41ee6b5cea339929b8a0d4669de6e93e8cc15e088284cc927a6ac

data/VERSION

@@ -1 +1 @@
-3.90.0
+3.93.0

data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb

@@ -25,6 +25,7 @@ module Aws
     include CredentialProvider
     include RefreshingCredentials
 
+    # @param [Hash] options
     # @option options [required, String] :role_arn the IAM role
     #   to be assumed
     #

data/lib/aws-sdk-core/binary/event_builder.rb

@@ -5,7 +5,7 @@ module Aws
 
       include Seahorse::Model::Shapes
 
-      # @param [Class] parser_class
+      # @param [Class] serializer_class
       # @param [Seahorse::Model::ShapeRef] rules (of eventstream member)
       def initialize(serializer_class, rules)
         @serializer_class = serializer_class
@@ -59,7 +59,7 @@ module Aws
             payload = _build_payload(streaming, m_ref, params[m_name])
           end
         end
-        
+
 
         event_ref.shape.members.each do |member_name, member_ref|
           if member_ref.eventheader && params[member_name]
@@ -69,7 +69,7 @@ module Aws
               value: header_value
             )
           elsif member_ref.eventpayload && params[member_name]
-            # explicit payload 
+            # explicit payload
             streaming, content_type = _content_type(member_ref.shape)
 
             es_headers[":content-type"] = Aws::EventStream::HeaderValue.new(
@@ -99,7 +99,7 @@ module Aws
             "Unsupport eventpayload shape: #{shape.name}")
         end
       end
-        
+
       def _header_value_type(shape, value)
         case shape
         when StringShape then "string"
@@ -107,9 +107,9 @@ module Aws
         when TimestampShape then "timestamp"
         when BlobShape then "bytes"
         when BooleanShape then !!value ? "bool_true" : "bool_false"
-        else 
+        else
           raise Aws::Errors::EventStreamBuilderError.new(
-            "Unsupported eventheader shape: #{shape.name}") 
+            "Unsupported eventheader shape: #{shape.name}")
         end
       end
 

data/lib/aws-sdk-core/client_stubs.rb

@@ -171,7 +171,6 @@ module Aws
     # @raise [RuntimeError] Raises a runtime error when called
     #   on a client that has not enabled response stubbing via
     #   `:stub_responses => true`.
-    #
     def stub_responses(operation_name, *stubs)
       if config.stub_responses
         apply_stubs(operation_name, stubs.flatten)
@@ -182,13 +181,15 @@ module Aws
       end
     end
 
-    # Allows you to access all of the requests that the stubbed client has made
-    #
-    # @params [Boolean] exclude_presign Setting to true for filtering out not sent requests from
-    #                 generating presigned urls. Default to false.
-    # @return [Array] Returns an array of the api requests made, each request object contains the
-    #                 :operation_name, :params, and :context of the request. 
-    # @raise [NotImplementedError] Raises `NotImplementedError` when the client is not stubbed
+    # Allows you to access all of the requests that the stubbed client has made.
+    #
+    # @param [Hash] options The options for the api requests.
+    # @option options [Boolean] :exclude_presign (false) Set to true to filter
+    #   out unsent requests from generated presigned urls.
+    # @return [Array] Returns an array of the api requests made. Each request
+    #   object contains the :operation_name, :params, and :context.
+    # @raise [NotImplementedError] Raises `NotImplementedError` when the client
+    #   is not stubbed.
     def api_requests(options = {})
       if config.stub_responses
         if options[:exclude_presign]

data/lib/aws-sdk-core/credential_provider_chain.rb

@@ -28,7 +28,11 @@ module Aws
         [:assume_role_credentials, {}],
         [:shared_credentials, {}],
         [:process_credentials, {}],
-        [:instance_profile_credentials, {}]
+        [:instance_profile_credentials, {
+          retries: @config ? @config.instance_profile_credentials_retries : 0,
+          http_open_timeout: @config ? @config.instance_profile_credentials_timeout : 1,
+          http_read_timeout: @config ? @config.instance_profile_credentials_timeout : 1
+        }]
       ]
     end
 
@@ -44,7 +48,10 @@ module Aws
 
     def static_profile_assume_role_web_identity_credentials(options)
       if Aws.shared_config.config_enabled? && options[:config] && options[:config].profile
-        Aws.shared_config.assume_role_web_identity_credentials_from_config(options[:config].profile)
+        Aws.shared_config.assume_role_web_identity_credentials_from_config(
+          profile: options[:config].profile,
+          region: options[:config].region
+        )
       end
     end
 
@@ -113,15 +120,21 @@ module Aws
     end
 
     def assume_role_web_identity_credentials(options)
+      region = options[:config].region if options[:config]
       if (role_arn = ENV['AWS_ROLE_ARN']) && (token_file = ENV['AWS_WEB_IDENTITY_TOKEN_FILE'])
-        AssumeRoleWebIdentityCredentials.new(
+        cfg = {
           role_arn: role_arn,
           web_identity_token_file: token_file,
           role_session_name: ENV['AWS_ROLE_SESSION_NAME']
-        )
+        }
+        cfg[:region] = region if region
+        AssumeRoleWebIdentityCredentials.new(cfg)
       elsif Aws.shared_config.config_enabled?
         profile = options[:config].profile if options[:config]
-        Aws.shared_config.assume_role_web_identity_credentials_from_config(profile)
+        Aws.shared_config.assume_role_web_identity_credentials_from_config(
+          profile: profile,
+          region: region
+        )
       end
     end
 

data/lib/aws-sdk-core/errors.rb

@@ -36,6 +36,16 @@ module Aws
         attr_accessor :code
 
       end
+
+      # @api private undocumented
+      def retryable?
+        false
+      end
+
+      # @api private undocumented
+      def throttling?
+        false
+      end
     end
 
     # Raised when InstanceProfileCredentialsProvider or
@@ -255,6 +265,15 @@ Known AWS regions include (not specific to this service):
 
     end
 
+    # Raised when attempting to retry a request
+    # and no capacity is available to retry (See adaptive retry_mode)
+    class RetryCapacityNotAvailableError < RuntimeError
+      def initialize(*args)
+        msg = 'Insufficient client side capacity available to retry request.'
+        super(msg)
+      end
+    end
+
     # This module is mixed into another module, providing dynamic
     # error classes.  Error classes all inherit from {ServiceError}.
     #

data/lib/aws-sdk-core/json.rb

@@ -7,28 +7,24 @@ require_relative 'json/parser'
 module Aws
   # @api private
   module Json
-
     class ParseError < StandardError
-
       def initialize(error)
         @error = error
         super(error.message)
       end
 
       attr_reader :error
-
     end
 
     class << self
-
       def load(json)
         ENGINE.load(json, *ENGINE_LOAD_OPTIONS)
       rescue *ENGINE_ERRORS => e
-        raise ParseError.new(e)
+        raise ParseError, e
       end
 
       def load_file(path)
-        self.load(File.open(path, 'r', encoding: 'UTF-8') { |f| f.read })
+        load(File.open(path, 'r', encoding: 'UTF-8', &:read))
       end
 
       def dump(value)
@@ -39,7 +35,12 @@ module Aws
 
       def oj_engine
         require 'oj'
-        [Oj, [{mode: :compat, symbol_keys: false}], [{ mode: :compat }], oj_parse_error]
+        [
+          Oj,
+          [{ mode: :compat, symbol_keys: false }],
+          [{ mode: :compat }],
+          oj_parse_error
+        ]
       rescue LoadError
         false
       end
@@ -50,17 +51,15 @@ module Aws
 
       def oj_parse_error
         if Oj.const_defined?('ParseError')
-          [Oj::ParseError, EncodingError]
+          [Oj::ParseError, EncodingError, JSON::ParserError]
         else
           [SyntaxError]
         end
       end
-
     end
 
     # @api private
     ENGINE, ENGINE_LOAD_OPTIONS, ENGINE_DUMP_OPTIONS, ENGINE_ERRORS =
       oj_engine || json_engine
-
   end
 end

data/lib/aws-sdk-core/log/param_filter.rb

@@ -7,11 +7,11 @@ module Aws
 
       # A managed list of sensitive parameters that should be filtered from
       # logs. This is updated automatically as part of each release. See the
-      # `tasks/sensitive.rake` for more information.
+      # `tasks/update-sensitive-params.rake` for more information.
       #
       # @api private
       # begin
-      SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :alexa_for_business_room_arn, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :block, :block_address, :block_data, :blocks, :body, :bot_configuration, :bot_email, :calling_name, :cause, :client_id, :client_request_token, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :custom_private_key, :db_password, :default_phone_number, :definition, :description, :destination_access_token, :digest_tip_address, :display_name, :domain_signing_private_key, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :external_model_endpoint_data_blobs, :external_user_id, :feedback_token, :file, :first_name, :full_name, :host_key, :id, :id_token, :input, :input_text, :ion_text, :join_token, :key_id, :key_material, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_name, :master_user_password, :meeting_host_id, :message, :metadata, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :private_key_plaintext, :proof, :proposed_password, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :restore_metadata, :revision, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :session_token, :share_notes, :shared_secret, :slots, :sns_topic_arn, :source_access_token, :sqs_queue_arn, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :target_address, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_data, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :vpn_psk, :zip_file]
+      SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :alexa_for_business_room_arn, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :block, :block_address, :block_data, :blocks, :body, :bot_configuration, :bot_email, :calling_name, :cause, :client_id, :client_request_token, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :custom_private_key, :db_password, :default_phone_number, :definition, :description, :destination_access_token, :digest_tip_address, :display_name, :domain_signing_private_key, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :external_model_endpoint_data_blobs, :external_user_id, :fall_back_phone_number, :feedback_token, :file, :first_name, :full_name, :host_key, :id, :id_token, :input, :input_text, :ion_text, :join_token, :key_id, :key_material, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_name, :master_user_password, :meeting_host_id, :message, :metadata, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :private_key_plaintext, :proof, :proposed_password, :proxy_phone_number, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :restore_metadata, :revision, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :session_token, :share_notes, :shared_secret, :slots, :sns_topic_arn, :source_access_token, :sqs_queue_arn, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :target_address, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_data, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :vpn_psk, :zip_file]
       # end
 
       def initialize(options = {})
@@ -31,7 +31,7 @@ module Aws
       def filter_hash(values)
         filtered = {}
         values.each_pair do |key, value|
-          filtered[key] = @filters.include?(key) ? '[FILTERED]' : filter(value)
+          filtered[key] = @filters.any? { |f| f.to_s.casecmp(key.to_s).zero? } ? '[FILTERED]' : filter(value)
         end
         filtered
       end

data/lib/aws-sdk-core/pageable_response.rb

@@ -1,32 +1,46 @@
 module Aws
 
-  # Decorates a {Seahorse::Client::Response} with paging methods:
+  # Decorates a {Seahorse::Client::Response} with paging convenience methods.
+  # Some AWS calls provide paged responses to limit the amount of data returned
+  # with each response.  To optimize for latency, some APIs may return an
+  # inconsistent number of responses per page.  You should rely on the values of
+  # the `next_page?` method or using enumerable methods such as `each`
+  # rather than the number of items returned to iterate through results.
+  # See below for examples.
   #
-  #     resp = s3.list_objects(params)
-  #     resp.last_page?
-  #     #=> false
+  # # Paged Responses Are Enumerable
+  # The simplest way to handle paged response data is to use the built-in
+  # enumerator in the response object, as shown in the following example.
   #
-  #     # sends a request to receive the next response page
-  #     resp = resp.next_page
-  #     resp.last_page?
-  #     #=> true
+  #     s3 = Aws::S3::Client.new
   #
-  #     resp.next_page
-  #     #=> raises PageableResponse::LastPageError
+  #     s3.list_objects(bucket:'aws-sdk').each do |response|
+  #       puts response.contents.map(&:key)
+  #     end
   #
-  # You can enumerate all response pages with a block
+  # This yields one response object per API call made, and enumerates objects
+  # in the named bucket. The SDK retrieves additional pages of data to
+  # complete the request.
   #
-  #     ec2.describe_instances(params).each do |page|
-  #       # yields once per page
-  #       page.reservations.each do |r|
-  #         # ...
-  #       end
-  #     end
+  # # Handling Paged Responses Manually
+  # To handle paging yourself, use the response’s `next_page?` method to verify
+  # there are more pages to retrieve, or use the last_page? method to verify
+  # there are no more pages to retrieve.
+  #
+  # If there are more pages, use the `next_page` method to retrieve the
+  # next page of results, as shown in the following example.
   #
-  # Or using {#next_page} and {#last_page?}:
+  #     s3 = Aws::S3::Client.new
   #
-  #     resp.last_page?
-  #     resp = resp.next_page until resp.last_page?
+  #     # Get the first page of data
+  #     response = s3.list_objects(bucket:'aws-sdk')
+  #
+  #     # Get additional pages
+  #     while response.next_page? do
+  #       response = response.next_page
+  #       # Use the response data here...
+  #       puts response.contents.map(&:key)
+  #     end
   #
   module PageableResponse
 

data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb

@@ -1,4 +1,5 @@
 require 'date'
+require_relative 'retries/error_inspector'
 
 module Aws
   module Plugins
@@ -141,7 +142,7 @@ all generated client side metrics. Defaults to an empty string.
             @handler.call(context)
           rescue StandardError => e
             # Handle SDK Exceptions
-            inspector = Aws::Plugins::RetryErrors::ErrorInspector.new(
+            inspector = Retries::ErrorInspector.new(
               e,
               context.http_response.status_code
             )

data/lib/aws-sdk-core/plugins/retries/client_rate_limiter.rb

@@ -0,0 +1,137 @@
+module Aws
+  module Plugins
+    module Retries
+      # @api private
+      # Used only in 'adaptive' retry mode
+      class ClientRateLimiter
+        MIN_CAPACITY = 1
+        MIN_FILL_RATE = 0.5
+        SMOOTH = 0.8
+        # How much to scale back after a throttling response
+        BETA = 0.7
+        # Controls how aggressively we scale up after being throttled
+        SCALE_CONSTANT = 0.4
+
+        def initialize
+          @mutex                = Mutex.new
+          @fill_rate            = nil
+          @max_capacity         = nil
+          @current_capacity     = 0
+          @last_timestamp       = nil
+          @enabled              = false
+          @measured_tx_rate     = 0
+          @last_tx_rate_bucket  = Aws::Util.monotonic_seconds
+          @request_count        = 0
+          @last_max_rate        = 0
+          @last_throttle_time   = Aws::Util.monotonic_seconds
+          @calculated_rate      = nil
+        end
+
+        def token_bucket_acquire(amount, wait_to_fill = true)
+          # Client side throttling is not enabled until we see a
+          # throttling error
+          return unless @enabled
+
+          @mutex.synchronize do
+            token_bucket_refill
+
+            # Next see if we have enough capacity for the requested amount
+            while @current_capacity < amount
+              raise Aws::Errors::RetryCapacityNotAvailableError unless wait_to_fill
+              @mutex.sleep((amount - @current_capacity) / @fill_rate)
+              token_bucket_refill
+            end
+            @current_capacity -= amount
+          end
+        end
+
+        def update_sending_rate(is_throttling_error)
+          @mutex.synchronize do
+            update_measured_rate
+
+            if is_throttling_error
+              rate_to_use = if @enabled
+                              [@measured_tx_rate, @fill_rate].min
+                            else
+                              @measured_tx_rate
+                            end
+
+              # The fill_rate is from the token bucket
+              @last_max_rate = rate_to_use
+              calculate_time_window
+              @last_throttle_time = Aws::Util.monotonic_seconds
+              @calculated_rate = cubic_throttle(rate_to_use)
+              enable_token_bucket
+            else
+              calculate_time_window
+              @calculated_rate = cubic_success(Aws::Util.monotonic_seconds)
+            end
+
+            new_rate = [@calculated_rate, 2 * @measured_tx_rate].min
+            token_bucket_update_rate(new_rate)
+          end
+        end
+
+        private
+
+        def token_bucket_refill
+          timestamp = Aws::Util.monotonic_seconds
+          unless @last_timestamp
+            @last_timestamp = timestamp
+            return
+          end
+
+          fill_amount = (timestamp - @last_timestamp) * @fill_rate
+          @current_capacity = [
+            @max_capacity, @current_capacity + fill_amount
+          ].min
+
+          @last_timestamp = timestamp
+        end
+
+        def token_bucket_update_rate(new_rps)
+          # Refill based on our current rate before we update to the
+          # new fill rate
+          token_bucket_refill
+          @fill_rate = [new_rps, MIN_FILL_RATE].max
+          @max_capacity = [new_rps, MIN_CAPACITY].max
+          # When we scale down we can't have a current capacity that exceeds our
+          # max_capacity.
+          @current_capacity = [@current_capacity, @max_capacity].min
+        end
+
+        def enable_token_bucket
+          @enabled = true
+        end
+
+        def update_measured_rate
+          t = Aws::Util.monotonic_seconds
+          time_bucket = (t * 2).floor / 2.0
+          @request_count += 1
+          if time_bucket > @last_tx_rate_bucket
+            current_rate = @request_count / (time_bucket - @last_tx_rate_bucket)
+            @measured_tx_rate = (current_rate * SMOOTH) +
+              (@measured_tx_rate * (1 - SMOOTH))
+            @request_count = 0
+            @last_tx_rate_bucket = time_bucket
+          end
+        end
+
+        def calculate_time_window
+          # This is broken out into a separate calculation because it only
+          # gets updated when @last_max_rate changes so it can be cached.
+          @time_window = ((@last_max_rate * (1 - BETA)) / SCALE_CONSTANT)**(1.0 / 3)
+        end
+
+        def cubic_success(timestamp)
+          dt = timestamp - @last_throttle_time
+          (SCALE_CONSTANT * ((dt - @time_window)**3)) + @last_max_rate
+        end
+
+        def cubic_throttle(rate_to_use)
+          rate_to_use * BETA
+        end
+      end
+    end
+  end
+end