aws-sdk-core 3.98.0 → 3.99.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 900cd1a6cbe9b35c88cabe17a5722dc050118ae959fc95e314c9d6b37d50fa2f
-  data.tar.gz: 72ec66eb30d622b0b4fbdfa2a3d6c63e7b9a1667dd0d8a72ec2f7bece92212e6
+  metadata.gz: cf03bdc54ae7d2b3aaca392c246e2448afe60816e850b6f2389945be397a27f7
+  data.tar.gz: 0615a87c2daa9bc86e416d7403aedf6d934f5694dd1efda76d6821c0caa12ebd
 SHA512:
-  metadata.gz: 79c25a4a03c167df01e62959cd8613ff3f62a4cbca3a1d8202c4327ea0dbb1db7e797ae4c1b6ab3b35483179e00965c587d71f0e8c2414cd87016a02d66e2aa8
-  data.tar.gz: bb899f25cdc80a804e11b31881dba290cba5512c8ccd935135a52a93767d12cad8affa7700e91c2a3ef6955080a5071398220735ae8c9f16f36b9eb4c41654c6
+  metadata.gz: 8a9b4ba7e6cb3be4ab9fc0905a03162c5cc4b2d12509ebfb53eee3a0098f9f74ed0a5634df1f06f16a4101243c5c59c1e9aac2ed7d4f5ed90f1d068b30573856
+  data.tar.gz: f625151a68e124037dd2b0a42067a736b0562bebf975649721896d84460d4e830fad4a879d744ff45af39979f1fc75db5516ebc71b67150b412c8272afc90d01

data/VERSION

@@ -1 +1 @@
-3.98.0
+3.99.2

data/lib/aws-sdk-core/errors.rb

@@ -208,12 +208,40 @@ module Aws
     # Raised when a client is constructed and region is not specified.
     class MissingRegionError < ArgumentError
       def initialize(*args)
-        msg = 'missing region; use :region option or '\
-              "export region name to ENV['AWS_REGION']"
+        msg = 'No region was provided. Configure the `:region` option or '\
+          "export the region name to ENV['AWS_REGION']"
         super(msg)
       end
     end
 
+    # Raised when a client is contsructed and the region is not valid.
+    class InvalidRegionError < ArgumentError
+      def initialize(*args)
+        super(<<-MSG)
+Invalid `:region` option was provided.
+
+* Not every service is available in every region.
+
+* Never suffix region names with availability zones.
+  Use "us-east-1", not "us-east-1a"
+
+Known AWS regions include (not specific to this service):
+
+#{possible_regions}
+        MSG
+      end
+
+      private
+
+      def possible_regions
+        Aws.partitions.each_with_object([]) do |partition, region_names|
+          partition.regions.each do |region|
+            region_names << region.name
+          end
+        end.join("\n")
+      end
+    end
+
     # Raised when attempting to connect to an endpoint and a `SocketError`
     # is received from the HTTP client. This error is typically the result
     # of configuring an invalid `:region`.
@@ -226,7 +254,7 @@ module Aws
         super(<<-MSG)
 Encountered a `SocketError` while attempting to connect to:
 
-  #{endpoint.to_s}
+  #{endpoint}
 
 This is typically the result of an invalid `:region` option or a
 poorly formatted `:endpoint` option.
@@ -255,14 +283,12 @@ Known AWS regions include (not specific to this service):
       private
 
       def possible_regions
-        Aws.partitions.inject([]) do |region_names, partition|
+        Aws.partitions.each_with_object([]) do |partition, region_names|
           partition.regions.each do |region|
             region_names << region.name
           end
-          region_names
         end.join("\n")
       end
-
     end
 
     # Raised when attempting to retry a request

data/lib/aws-sdk-core/log/param_filter.rb

@@ -11,7 +11,7 @@ module Aws
       #
       # @api private
       # begin
-      SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :alexa_for_business_room_arn, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :block, :block_address, :block_data, :blocks, :body, :bot_configuration, :bot_email, :calling_name, :cause, :client_id, :client_request_token, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :custom_private_key, :db_password, :default_phone_number, :definition, :description, :destination_access_token, :digest_tip_address, :display_name, :domain_signing_private_key, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :external_meeting_id, :external_model_endpoint_data_blobs, :external_user_id, :fall_back_phone_number, :feedback_token, :file, :filter_expression, :first_name, :full_name, :host_key, :id, :id_token, :input, :input_text, :ion_text, :join_token, :key, :key_id, :key_material, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_name, :master_user_password, :meeting_host_id, :message, :metadata, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :private_key_plaintext, :proof, :proposed_password, :proxy_phone_number, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :resource_arn, :restore_metadata, :revision, :saml_assertion, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :session_token, :share_notes, :shared_secret, :slots, :sns_topic_arn, :source_access_token, :sqs_queue_arn, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :target_address, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_data, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :vpn_psk, :web_identity_token, :zip_file]
+      SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :alexa_for_business_room_arn, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :block, :block_address, :block_data, :blocks, :body, :bot_configuration, :bot_email, :calling_name, :cause, :client_id, :client_request_token, :client_secret, :comment, :configuration, :content, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :custom_private_key, :db_password, :default_phone_number, :definition, :description, :destination_access_token, :digest_tip_address, :display_name, :domain_signing_private_key, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :external_meeting_id, :external_model_endpoint_data_blobs, :external_user_id, :fall_back_phone_number, :feedback_token, :file, :filter_expression, :first_name, :full_name, :host_key, :id, :id_token, :input, :input_text, :ion_text, :join_token, :key, :key_id, :key_material, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_name, :master_user_password, :meeting_host_id, :message, :metadata, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :private_key_plaintext, :proof, :proposed_password, :proxy_phone_number, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :resource_arn, :restore_metadata, :revision, :saml_assertion, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :session_token, :share_notes, :shared_secret, :slots, :sns_topic_arn, :source_access_token, :sqs_queue_arn, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :target_address, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_data, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :vpn_psk, :web_identity_token, :zip_file]
       # end
 
       def initialize(options = {})

data/lib/aws-sdk-core/plugins/http_checksum.rb

@@ -0,0 +1,55 @@
+require 'openssl'
+
+module Aws
+  module Plugins
+    # @api private
+    class HttpChecksum < Seahorse::Client::Plugin
+      # @api private
+      class Handler < Seahorse::Client::Handler
+        CHUNK_SIZE = 1 * 1024 * 1024 # one MB
+
+        def call(context)
+          if context.operation.http_checksum_required
+            body = context.http_request.body
+            context.http_request.headers['Content-Md5'] ||= md5(body)
+          end
+          @handler.call(context)
+        end
+
+        private
+
+        # @param [File, Tempfile, IO#read, String] value
+        # @return [String<MD5>]
+        def md5(value)
+          if (value.is_a?(File) || value.is_a?(Tempfile)) &&
+             !value.path.nil? && File.exist?(value.path)
+            OpenSSL::Digest::MD5.file(value).base64digest
+          elsif value.respond_to?(:read)
+            md5 = OpenSSL::Digest::MD5.new
+            update_in_chunks(md5, value)
+            md5.base64digest
+          else
+            OpenSSL::Digest::MD5.digest(value).base64digest
+          end
+        end
+
+        def update_in_chunks(digest, io)
+          loop do
+            chunk = io.read(CHUNK_SIZE)
+            break unless chunk
+            digest.update(chunk)
+          end
+          io.rewind
+        end
+
+      end
+
+      def add_handlers(handlers, _config)
+        # priority set low to ensure checksum is computed AFTER the request is
+        # built but before it is signed
+        handlers.add(Handler, priority: 10, step: :build)
+      end
+
+    end
+  end
+end

data/lib/aws-sdk-core/plugins/regional_endpoint.rb

@@ -2,10 +2,6 @@ module Aws
   module Plugins
     # @api private
     class RegionalEndpoint < Seahorse::Client::Plugin
-
-      # raised when region is not configured
-      MISSING_REGION = 'missing required configuration option :region'
-
       option(:profile)
 
       option(:region,
@@ -31,13 +27,19 @@ a default `:region` is searched for in the following locations:
       option(:endpoint, doc_type: String, docstring: <<-DOCS) do |cfg|
 The client endpoint is normally constructed from the `:region`
 option. You should only configure an `:endpoint` when connecting
-to test endpoints. This should be a valid HTTP(S) URI.
+to test or custom endpoints. This should be a valid HTTP(S) URI.
         DOCS
         endpoint_prefix = cfg.api.metadata['endpointPrefix']
         if cfg.region && endpoint_prefix
           if cfg.respond_to?(:sts_regional_endpoints)
             sts_regional = cfg.sts_regional_endpoints
           end
+
+          # check region is a valid RFC host label
+          unless cfg.region =~ /^(?![0-9]+$)(?!-)[a-zA-Z0-9-]{,63}(?<!-)$/
+            raise Errors::InvalidRegionError
+          end
+
           Aws::Partitions::EndpointProvider.resolve(
             cfg.region,
             endpoint_prefix,
@@ -47,21 +49,22 @@ to test endpoints. This should be a valid HTTP(S) URI.
       end
 
       def after_initialize(client)
-        if client.config.region.nil? or client.config.region == ''
+        if client.config.region.nil? || client.config.region == ''
           raise Errors::MissingRegionError
         end
       end
 
-      private
+      class << self
+        private
 
-      def self.resolve_region(cfg)
-        keys = %w(AWS_REGION AMAZON_REGION AWS_DEFAULT_REGION)
-        env_region = ENV.values_at(*keys).compact.first
-        env_region = nil if env_region == ''
-        cfg_region = Aws.shared_config.region(profile: cfg.profile)
-        env_region || cfg_region
+        def resolve_region(cfg)
+          keys = %w[AWS_REGION AMAZON_REGION AWS_DEFAULT_REGION]
+          env_region = ENV.values_at(*keys).compact.first
+          env_region = nil if env_region == ''
+          cfg_region = Aws.shared_config.region(profile: cfg.profile)
+          env_region || cfg_region
+        end
       end
-
     end
   end
 end

data/lib/aws-sdk-sts.rb

@@ -43,6 +43,6 @@ require_relative 'aws-sdk-sts/customizations'
 # @service
 module Aws::STS
 
-  GEM_VERSION = '3.98.0'
+  GEM_VERSION = '3.99.2'
 
 end

data/lib/aws-sdk-sts/client.rb

@@ -24,6 +24,7 @@ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
 require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
+require 'aws-sdk-core/plugins/http_checksum.rb'
 require 'aws-sdk-core/plugins/signature_v4.rb'
 require 'aws-sdk-core/plugins/protocols/query.rb'
 require 'aws-sdk-sts/plugins/sts_regional_endpoints.rb'
@@ -70,6 +71,7 @@ module Aws::STS
     add_plugin(Aws::Plugins::ClientMetricsPlugin)
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
+    add_plugin(Aws::Plugins::HttpChecksum)
     add_plugin(Aws::Plugins::SignatureV4)
     add_plugin(Aws::Plugins::Protocols::Query)
     add_plugin(Aws::STS::Plugins::STSRegionalEndpoints)
@@ -163,7 +165,7 @@ module Aws::STS
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
-    #     to test endpoints. This should be a valid HTTP(S) URI.
+    #     to test or custom endpoints. This should be a valid HTTP(S) URI.
     #
     #   @option options [Integer] :endpoint_cache_max_entries (1000)
     #     Used for the maximum size limit of the LRU cache storing endpoints data
@@ -2185,7 +2187,7 @@ module Aws::STS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.98.0'
+      context[:gem_version] = '3.99.2'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/seahorse/client/block_io.rb

@@ -11,6 +11,7 @@ module Seahorse
       # @return [Integer]
       def write(chunk)
         @block.call(chunk)
+      ensure
         chunk.bytesize.tap { |chunk_size| @size += chunk_size }
       end
 

data/lib/seahorse/client/plugins/endpoint.rb

@@ -9,8 +9,8 @@ module Seahorse
 Normally you should not configure the `:endpoint` option
 directly. This is normally constructed from the `:region`
 option. Configuring `:endpoint` is normally reserved for
-connecting to test endpoints. The endpoint should be a URI
-formatted like:
+connecting to test or custom endpoints. The endpoint should
+be a URI formatted like:
 
     'http://example.com'
     'https://example.com'

data/lib/seahorse/client/plugins/response_target.rb

@@ -28,7 +28,13 @@ module Seahorse
           def add_event_listeners(context, target)
             handler = self
             context.http_response.on_headers(200..299) do
-              context.http_response.body = handler.send(:io, target)
+              # In a fresh response body will be a StringIO
+              # However, when a request is retried we may have
+              # an existing ManagedFile or BlockIO and those
+              # should be reused.
+              if context.http_response.body.is_a? StringIO
+                context.http_response.body = handler.send(:io, target)
+              end
             end
 
             context.http_response.on_success(200..299) do
@@ -40,15 +46,18 @@ module Seahorse
 
             context.http_response.on_error do
               body = context.http_response.body
-              File.unlink(body) if ManagedFile === body
+
+              # When using response_target of file we do not want to write
+              # error messages to the file.  So set the body to a new StringIO
+              if body.is_a? ManagedFile
+                File.unlink(body)
+                context.http_response.body = StringIO.new
+              end
+
               # Aws::S3::Encryption::DecryptHandler (with lower priority)
               # has callbacks registered after ResponseTarget::Handler,
               # where http_response.body is an IODecrypter
-              # and has error callbacks handling for it.
-              # Thus avoid early remove of IODecrypter at ResponseTarget::Handler
-              unless context.http_response.body.respond_to?(:io)
-                context.http_response.body = StringIO.new
-              end
+              # and has error callbacks handling for it so no action is required here
             end
           end
 

data/lib/seahorse/model/operation.rb

@@ -20,6 +20,9 @@ module Seahorse
       # @return [String]
       attr_accessor :http_request_uri
 
+      # @return [Boolean]
+      attr_accessor :http_checksum_required
+
       # @return [Boolean]
       attr_accessor :deprecated
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-core
 version: !ruby/object:Gem::Version
-  version: 3.98.0
+  version: 3.99.2
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-05 00:00:00.000000000 Z
+date: 2020-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jmespath
@@ -141,6 +141,7 @@ files:
 - lib/aws-sdk-core/plugins/event_stream_configuration.rb
 - lib/aws-sdk-core/plugins/global_configuration.rb
 - lib/aws-sdk-core/plugins/helpful_socket_errors.rb
+- lib/aws-sdk-core/plugins/http_checksum.rb
 - lib/aws-sdk-core/plugins/idempotency_token.rb
 - lib/aws-sdk-core/plugins/invocation_id.rb
 - lib/aws-sdk-core/plugins/jsonvalue_converter.rb