aws-sdk-core 3.90.1 → 3.91.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/aws-sdk-core/credential_provider_chain.rb +5 -1
- data/lib/aws-sdk-core/errors.rb +19 -0
- data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb +2 -1
- data/lib/aws-sdk-core/plugins/retries/client_rate_limiter.rb +137 -0
- data/lib/aws-sdk-core/plugins/retries/clock_skew.rb +63 -0
- data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +142 -0
- data/lib/aws-sdk-core/plugins/retries/retry_quota.rb +57 -0
- data/lib/aws-sdk-core/plugins/retry_errors.rb +252 -112
- data/lib/aws-sdk-core/plugins/signature_v4.rb +13 -2
- data/lib/aws-sdk-core/plugins/stub_responses.rb +1 -0
- data/lib/aws-sdk-core/shared_config.rb +8 -4
- data/lib/aws-sdk-core/util.rb +4 -0
- data/lib/aws-sdk-sts.rb +7 -4
- data/lib/aws-sdk-sts/client.rb +61 -10
- data/lib/aws-sdk-sts/errors.rb +30 -8
- data/lib/aws-sdk-sts/resource.rb +7 -0
- data/lib/seahorse/client/response.rb +3 -5
- metadata +6 -2
@@ -42,7 +42,7 @@ module Aws
|
|
42
42
|
option(:unsigned_operations) do |cfg|
|
43
43
|
cfg.api.operation_names.inject([]) do |unsigned, operation_name|
|
44
44
|
if cfg.api.operation(operation_name)['authtype'] == 'none' ||
|
45
|
-
|
45
|
+
cfg.api.operation(operation_name)['authtype'] == 'custom'
|
46
46
|
# Unsign requests that has custom apigateway authorizer as well
|
47
47
|
unsigned << operation_name
|
48
48
|
else
|
@@ -107,6 +107,17 @@ module Aws
|
|
107
107
|
req.headers.delete('X-Amz-Security-Token')
|
108
108
|
req.headers.delete('X-Amz-Date')
|
109
109
|
|
110
|
+
if context.config.respond_to?(:clock_skew) &&
|
111
|
+
context.config.clock_skew &&
|
112
|
+
context.config.correct_clock_skew
|
113
|
+
|
114
|
+
endpoint = context.http_request.endpoint
|
115
|
+
skew = context.config.clock_skew.clock_correction(endpoint)
|
116
|
+
if skew.abs > 0
|
117
|
+
req.headers['X-Amz-Date'] = (Time.now.utc + skew).strftime("%Y%m%dT%H%M%SZ")
|
118
|
+
end
|
119
|
+
end
|
120
|
+
|
110
121
|
# compute the signature
|
111
122
|
begin
|
112
123
|
signature = signer.sign_request(
|
@@ -130,7 +141,7 @@ module Aws
|
|
130
141
|
# @api private
|
131
142
|
def apply_authtype(context)
|
132
143
|
if context.operation['authtype'].eql?('v4-unsigned-body') &&
|
133
|
-
|
144
|
+
context.http_request.endpoint.scheme.eql?('https')
|
134
145
|
context.http_request.headers['X-Amz-Content-Sha256'] = 'UNSIGNED-PAYLOAD'
|
135
146
|
end
|
136
147
|
context
|
@@ -34,6 +34,7 @@ requests are made, and retries are disabled.
|
|
34
34
|
if client.config.stub_responses
|
35
35
|
client.setup_stubbing
|
36
36
|
client.handlers.remove(RetryErrors::Handler)
|
37
|
+
client.handlers.remove(RetryErrors::LegacyHandler)
|
37
38
|
client.handlers.remove(ClientMetricsPlugin::Handler)
|
38
39
|
client.handlers.remove(ClientMetricsSendPlugin::LatencyHandler)
|
39
40
|
client.handlers.remove(ClientMetricsSendPlugin::AttemptHandler)
|
@@ -143,16 +143,20 @@ module Aws
|
|
143
143
|
end
|
144
144
|
|
145
145
|
config_reader(
|
146
|
+
:region,
|
146
147
|
:credential_process,
|
148
|
+
:endpoint_discovery_enabled,
|
149
|
+
:max_attempts,
|
150
|
+
:retry_mode,
|
151
|
+
:adaptive_retry_wait_to_fill,
|
152
|
+
:correct_clock_skew,
|
147
153
|
:csm_client_id,
|
148
154
|
:csm_enabled,
|
149
155
|
:csm_host,
|
150
156
|
:csm_port,
|
151
|
-
:
|
152
|
-
:region,
|
157
|
+
:sts_regional_endpoints,
|
153
158
|
:s3_use_arn_region,
|
154
|
-
:s3_us_east_1_regional_endpoint
|
155
|
-
:sts_regional_endpoints
|
159
|
+
:s3_us_east_1_regional_endpoint
|
156
160
|
)
|
157
161
|
|
158
162
|
private
|
data/lib/aws-sdk-core/util.rb
CHANGED
data/lib/aws-sdk-sts.rb
CHANGED
@@ -22,17 +22,20 @@ require_relative 'aws-sdk-sts/customizations'
|
|
22
22
|
# methods each accept a hash of request parameters and return a response
|
23
23
|
# structure.
|
24
24
|
#
|
25
|
+
# sts = Aws::STS::Client.new
|
26
|
+
# resp = sts.assume_role(params)
|
27
|
+
#
|
25
28
|
# See {Client} for more information.
|
26
29
|
#
|
27
30
|
# # Errors
|
28
31
|
#
|
29
|
-
# Errors returned from AWS Security Token Service
|
30
|
-
# extend {Errors::ServiceError}.
|
32
|
+
# Errors returned from AWS Security Token Service are defined in the
|
33
|
+
# {Errors} module and all extend {Errors::ServiceError}.
|
31
34
|
#
|
32
35
|
# begin
|
33
36
|
# # do stuff
|
34
37
|
# rescue Aws::STS::Errors::ServiceError
|
35
|
-
# # rescues all
|
38
|
+
# # rescues all AWS Security Token Service API errors
|
36
39
|
# end
|
37
40
|
#
|
38
41
|
# See {Errors} for more information.
|
@@ -40,6 +43,6 @@ require_relative 'aws-sdk-sts/customizations'
|
|
40
43
|
# @service
|
41
44
|
module Aws::STS
|
42
45
|
|
43
|
-
GEM_VERSION = '3.
|
46
|
+
GEM_VERSION = '3.91.0'
|
44
47
|
|
45
48
|
end
|
data/lib/aws-sdk-sts/client.rb
CHANGED
@@ -31,6 +31,18 @@ require 'aws-sdk-sts/plugins/sts_regional_endpoints.rb'
|
|
31
31
|
Aws::Plugins::GlobalConfiguration.add_identifier(:sts)
|
32
32
|
|
33
33
|
module Aws::STS
|
34
|
+
# An API client for STS. To construct a client, you need to configure a `:region` and `:credentials`.
|
35
|
+
#
|
36
|
+
# client = Aws::STS::Client.new(
|
37
|
+
# region: region_name,
|
38
|
+
# credentials: credentials,
|
39
|
+
# # ...
|
40
|
+
# )
|
41
|
+
#
|
42
|
+
# For details on configuring region and credentials see
|
43
|
+
# the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
|
44
|
+
#
|
45
|
+
# See {#initialize} for a full list of supported configuration options.
|
34
46
|
class Client < Seahorse::Client::Base
|
35
47
|
|
36
48
|
include Aws::ClientStubs
|
@@ -110,6 +122,12 @@ module Aws::STS
|
|
110
122
|
# When set to `true`, a thread polling for endpoints will be running in
|
111
123
|
# the background every 60 secs (default). Defaults to `false`.
|
112
124
|
#
|
125
|
+
# @option options [Boolean] :adaptive_retry_wait_to_fill (true)
|
126
|
+
# Used only in `adaptive` retry mode. When true, the request will sleep
|
127
|
+
# until there is sufficent client side capacity to retry the request.
|
128
|
+
# When false, the request will raise a `RetryCapacityNotAvailableError` and will
|
129
|
+
# not retry instead of sleeping.
|
130
|
+
#
|
113
131
|
# @option options [Boolean] :client_side_monitoring (false)
|
114
132
|
# When `true`, client-side metrics will be collected for all API requests from
|
115
133
|
# this client.
|
@@ -134,6 +152,10 @@ module Aws::STS
|
|
134
152
|
# When `true`, an attempt is made to coerce request parameters into
|
135
153
|
# the required types.
|
136
154
|
#
|
155
|
+
# @option options [Boolean] :correct_clock_skew (true)
|
156
|
+
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
157
|
+
# a clock skew correction and retry requests with skewed client clocks.
|
158
|
+
#
|
137
159
|
# @option options [Boolean] :disable_host_prefix_injection (false)
|
138
160
|
# Set to true to disable SDK automatically adding host prefix
|
139
161
|
# to default service endpoint when available.
|
@@ -168,15 +190,29 @@ module Aws::STS
|
|
168
190
|
# The Logger instance to send log messages to. If this option
|
169
191
|
# is not set, logging will be disabled.
|
170
192
|
#
|
193
|
+
# @option options [Integer] :max_attempts (3)
|
194
|
+
# An integer representing the maximum number attempts that will be made for
|
195
|
+
# a single request, including the initial attempt. For example,
|
196
|
+
# setting this value to 5 will result in a request being retried up to
|
197
|
+
# 4 times. Used in `standard` and `adaptive` retry modes.
|
198
|
+
#
|
171
199
|
# @option options [String] :profile ("default")
|
172
200
|
# Used when loading credentials from the shared credentials file
|
173
201
|
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
174
202
|
#
|
203
|
+
# @option options [Proc] :retry_backoff
|
204
|
+
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
205
|
+
# This option is only used in the `legacy` retry mode.
|
206
|
+
#
|
175
207
|
# @option options [Float] :retry_base_delay (0.3)
|
176
|
-
# The base delay in seconds used by the default backoff function.
|
208
|
+
# The base delay in seconds used by the default backoff function. This option
|
209
|
+
# is only used in the `legacy` retry mode.
|
177
210
|
#
|
178
211
|
# @option options [Symbol] :retry_jitter (:none)
|
179
|
-
# A delay randomiser function used by the default backoff function.
|
212
|
+
# A delay randomiser function used by the default backoff function.
|
213
|
+
# Some predefined functions can be referenced by name - :none, :equal, :full,
|
214
|
+
# otherwise a Proc that takes and returns a number. This option is only used
|
215
|
+
# in the `legacy` retry mode.
|
180
216
|
#
|
181
217
|
# @see https://www.awsarchitectureblog.com/2015/03/backoff.html
|
182
218
|
#
|
@@ -184,11 +220,26 @@ module Aws::STS
|
|
184
220
|
# The maximum number of times to retry failed requests. Only
|
185
221
|
# ~ 500 level server errors and certain ~ 400 level client errors
|
186
222
|
# are retried. Generally, these are throttling errors, data
|
187
|
-
# checksum errors, networking errors, timeout errors
|
188
|
-
# errors from expired credentials.
|
223
|
+
# checksum errors, networking errors, timeout errors, auth errors,
|
224
|
+
# endpoint discovery, and errors from expired credentials.
|
225
|
+
# This option is only used in the `legacy` retry mode.
|
189
226
|
#
|
190
227
|
# @option options [Integer] :retry_max_delay (0)
|
191
|
-
# The maximum number of seconds to delay between retries (0 for no limit)
|
228
|
+
# The maximum number of seconds to delay between retries (0 for no limit)
|
229
|
+
# used by the default backoff function. This option is only used in the
|
230
|
+
# `legacy` retry mode.
|
231
|
+
#
|
232
|
+
# @option options [String] :retry_mode ("legacy")
|
233
|
+
# Specifies which retry algorithm to use. Values are:
|
234
|
+
# * `legacy` - The pre-existing retry behavior. This is default value if
|
235
|
+
# no retry mode is provided.
|
236
|
+
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
237
|
+
# This includes support for retry quotas, which limit the number of
|
238
|
+
# unsuccessful retries a client can make.
|
239
|
+
# * `adaptive` - An experimental retry mode that includes all the
|
240
|
+
# functionality of `standard` mode along with automatic client side
|
241
|
+
# throttling. This is a provisional mode that may change behavior
|
242
|
+
# in the future.
|
192
243
|
#
|
193
244
|
# @option options [String] :secret_access_key
|
194
245
|
#
|
@@ -216,16 +267,16 @@ module Aws::STS
|
|
216
267
|
# requests through. Formatted like 'http://proxy.com:123'.
|
217
268
|
#
|
218
269
|
# @option options [Float] :http_open_timeout (15) The number of
|
219
|
-
# seconds to wait when opening a HTTP session before
|
270
|
+
# seconds to wait when opening a HTTP session before raising a
|
220
271
|
# `Timeout::Error`.
|
221
272
|
#
|
222
273
|
# @option options [Integer] :http_read_timeout (60) The default
|
223
274
|
# number of seconds to wait for response data. This value can
|
224
275
|
# safely be set
|
225
|
-
# per-request on the session
|
276
|
+
# per-request on the session yielded by {#session_for}.
|
226
277
|
#
|
227
278
|
# @option options [Float] :http_idle_timeout (5) The number of
|
228
|
-
# seconds a connection is allowed to sit
|
279
|
+
# seconds a connection is allowed to sit idle before it is
|
229
280
|
# considered stale. Stale connections are closed and removed
|
230
281
|
# from the pool before making a request.
|
231
282
|
#
|
@@ -234,7 +285,7 @@ module Aws::STS
|
|
234
285
|
# request body. This option has no effect unless the request has
|
235
286
|
# "Expect" header set to "100-continue". Defaults to `nil` which
|
236
287
|
# disables this behaviour. This value can safely be set per
|
237
|
-
# request on the session
|
288
|
+
# request on the session yielded by {#session_for}.
|
238
289
|
#
|
239
290
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
240
291
|
# HTTP debug output will be sent to the `:logger`.
|
@@ -2131,7 +2182,7 @@ module Aws::STS
|
|
2131
2182
|
params: params,
|
2132
2183
|
config: config)
|
2133
2184
|
context[:gem_name] = 'aws-sdk-core'
|
2134
|
-
context[:gem_version] = '3.
|
2185
|
+
context[:gem_version] = '3.91.0'
|
2135
2186
|
Seahorse::Client::Request.new(handlers, context)
|
2136
2187
|
end
|
2137
2188
|
|
data/lib/aws-sdk-sts/errors.rb
CHANGED
@@ -6,6 +6,36 @@
|
|
6
6
|
# WARNING ABOUT GENERATED CODE
|
7
7
|
|
8
8
|
module Aws::STS
|
9
|
+
|
10
|
+
# When STS returns an error response, the Ruby SDK constructs and raises an error.
|
11
|
+
# These errors all extend Aws::STS::Errors::ServiceError < {Aws::Errors::ServiceError}
|
12
|
+
#
|
13
|
+
# You can rescue all STS errors using ServiceError:
|
14
|
+
#
|
15
|
+
# begin
|
16
|
+
# # do stuff
|
17
|
+
# rescue Aws::STS::Errors::ServiceError
|
18
|
+
# # rescues all STS API errors
|
19
|
+
# end
|
20
|
+
#
|
21
|
+
#
|
22
|
+
# ## Request Context
|
23
|
+
# ServiceError objects have a {Aws::Errors::ServiceError#context #context} method that returns
|
24
|
+
# information about the request that generated the error.
|
25
|
+
# See {Seahorse::Client::RequestContext} for more information.
|
26
|
+
#
|
27
|
+
# ## Error Classes
|
28
|
+
# * {ExpiredTokenException}
|
29
|
+
# * {IDPCommunicationErrorException}
|
30
|
+
# * {IDPRejectedClaimException}
|
31
|
+
# * {InvalidAuthorizationMessageException}
|
32
|
+
# * {InvalidIdentityTokenException}
|
33
|
+
# * {MalformedPolicyDocumentException}
|
34
|
+
# * {PackedPolicyTooLargeException}
|
35
|
+
# * {RegionDisabledException}
|
36
|
+
#
|
37
|
+
# Additionally, error classes are dynamically generated for service errors based on the error code
|
38
|
+
# if they are not defined above.
|
9
39
|
module Errors
|
10
40
|
|
11
41
|
extend Aws::Errors::DynamicErrors
|
@@ -23,7 +53,6 @@ module Aws::STS
|
|
23
53
|
def message
|
24
54
|
@message || @data[:message]
|
25
55
|
end
|
26
|
-
|
27
56
|
end
|
28
57
|
|
29
58
|
class IDPCommunicationErrorException < ServiceError
|
@@ -39,7 +68,6 @@ module Aws::STS
|
|
39
68
|
def message
|
40
69
|
@message || @data[:message]
|
41
70
|
end
|
42
|
-
|
43
71
|
end
|
44
72
|
|
45
73
|
class IDPRejectedClaimException < ServiceError
|
@@ -55,7 +83,6 @@ module Aws::STS
|
|
55
83
|
def message
|
56
84
|
@message || @data[:message]
|
57
85
|
end
|
58
|
-
|
59
86
|
end
|
60
87
|
|
61
88
|
class InvalidAuthorizationMessageException < ServiceError
|
@@ -71,7 +98,6 @@ module Aws::STS
|
|
71
98
|
def message
|
72
99
|
@message || @data[:message]
|
73
100
|
end
|
74
|
-
|
75
101
|
end
|
76
102
|
|
77
103
|
class InvalidIdentityTokenException < ServiceError
|
@@ -87,7 +113,6 @@ module Aws::STS
|
|
87
113
|
def message
|
88
114
|
@message || @data[:message]
|
89
115
|
end
|
90
|
-
|
91
116
|
end
|
92
117
|
|
93
118
|
class MalformedPolicyDocumentException < ServiceError
|
@@ -103,7 +128,6 @@ module Aws::STS
|
|
103
128
|
def message
|
104
129
|
@message || @data[:message]
|
105
130
|
end
|
106
|
-
|
107
131
|
end
|
108
132
|
|
109
133
|
class PackedPolicyTooLargeException < ServiceError
|
@@ -119,7 +143,6 @@ module Aws::STS
|
|
119
143
|
def message
|
120
144
|
@message || @data[:message]
|
121
145
|
end
|
122
|
-
|
123
146
|
end
|
124
147
|
|
125
148
|
class RegionDisabledException < ServiceError
|
@@ -135,7 +158,6 @@ module Aws::STS
|
|
135
158
|
def message
|
136
159
|
@message || @data[:message]
|
137
160
|
end
|
138
|
-
|
139
161
|
end
|
140
162
|
|
141
163
|
end
|
data/lib/aws-sdk-sts/resource.rb
CHANGED
@@ -6,6 +6,13 @@
|
|
6
6
|
# WARNING ABOUT GENERATED CODE
|
7
7
|
|
8
8
|
module Aws::STS
|
9
|
+
# This class provides a resource oriented interface for STS.
|
10
|
+
# To create a resource object:
|
11
|
+
# resource = Aws::STS::Resource.new(region: 'us-west-2')
|
12
|
+
# You can supply a client object with custom configuration that will be used for all resource operations.
|
13
|
+
# If you do not pass +:client+, a default client will be constructed.
|
14
|
+
# client = Aws::STS::Client.new(region: 'us-west-2')
|
15
|
+
# resource = Aws::STS::Resource.new(client: client)
|
9
16
|
class Resource
|
10
17
|
|
11
18
|
# @param options ({})
|
@@ -3,7 +3,6 @@ require 'delegate'
|
|
3
3
|
module Seahorse
|
4
4
|
module Client
|
5
5
|
class Response < Delegator
|
6
|
-
|
7
6
|
# @option options [RequestContext] :context (nil)
|
8
7
|
# @option options [Integer] :status_code (nil)
|
9
8
|
# @option options [Http::Headers] :headers (Http::Headers.new)
|
@@ -39,10 +38,10 @@ module Seahorse
|
|
39
38
|
# witin the given range.
|
40
39
|
#
|
41
40
|
# @return [self]
|
42
|
-
def on(range, &
|
41
|
+
def on(range, &_block)
|
43
42
|
response = self
|
44
43
|
@context.http_response.on_success(range) do
|
45
|
-
|
44
|
+
yield response
|
46
45
|
end
|
47
46
|
self
|
48
47
|
end
|
@@ -56,7 +55,7 @@ module Seahorse
|
|
56
55
|
# @return [Boolean] Returns `true` if the response is complete with
|
57
56
|
# a ~ 200 level http status code.
|
58
57
|
def successful?
|
59
|
-
(200..299).
|
58
|
+
(200..299).cover?(@context.http_response.status_code) && @error.nil?
|
60
59
|
end
|
61
60
|
|
62
61
|
# @api private
|
@@ -76,7 +75,6 @@ module Seahorse
|
|
76
75
|
def __setobj__(obj)
|
77
76
|
@data = obj
|
78
77
|
end
|
79
|
-
|
80
78
|
end
|
81
79
|
end
|
82
80
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.91.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-03-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jmespath
|
@@ -155,6 +155,10 @@ files:
|
|
155
155
|
- lib/aws-sdk-core/plugins/protocols/rest_xml.rb
|
156
156
|
- lib/aws-sdk-core/plugins/regional_endpoint.rb
|
157
157
|
- lib/aws-sdk-core/plugins/response_paging.rb
|
158
|
+
- lib/aws-sdk-core/plugins/retries/client_rate_limiter.rb
|
159
|
+
- lib/aws-sdk-core/plugins/retries/clock_skew.rb
|
160
|
+
- lib/aws-sdk-core/plugins/retries/error_inspector.rb
|
161
|
+
- lib/aws-sdk-core/plugins/retries/retry_quota.rb
|
158
162
|
- lib/aws-sdk-core/plugins/retry_errors.rb
|
159
163
|
- lib/aws-sdk-core/plugins/signature_v2.rb
|
160
164
|
- lib/aws-sdk-core/plugins/signature_v4.rb
|