aws-sdk-core 2.1.36 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a8306d0a15d6533fc71e7c838e59380287d637aa
-  data.tar.gz: d6215f17b1b20b72ad4fea251f85d09734b0aa32
+  metadata.gz: b605693b7d8841a32c221c9df5309edabe21d871
+  data.tar.gz: cea7d573569b1db856062db462abdfe16b5193df
 SHA512:
-  metadata.gz: 30cc7f1ddbd29a1f458dc8e6e7853518639d32fced4e09f7ef9f9cb01fac54cd686dbc0a0527a100c516bbf844e448c68ccf60d055c2d80679f6aa86df9f26aa
-  data.tar.gz: a0bdc87f8144245242c77423eff94122b25f834ecdb1807a28b7950b6e6b457fc08b617d7b939ade7427bc1c3343549eb615286b3f2422b8a1d057d0a119c4b0
+  metadata.gz: 6892e6e21a5120d7c4a385295d98f16f69f7d44b18ad1880b368034eb3e328dd9103d48660dc488963c0d1cd4a7e57e993c2c114de17c35b90decf8a260ac7c5
+  data.tar.gz: dd29ab0659cffeca72ddfb216026e29ef7537c543c727a831b0255d54e707eb92ae1fa09405e27f70b1fb21a340aabd0978138c8fd11d145d05787768388f8ed

data/apis/ec2/2015-10-01/waiters-2.json

@@ -7,8 +7,9 @@
       "operation": "DescribeInstances",
       "acceptors": [
         {
-          "matcher": "status",
-          "expected": 200,
+          "matcher": "path",
+          "expected": true,
+          "argument": "length(Reservations[]) > `0`",
           "state": "success"
         },
         {

data/apis/rds/2014-10-31/api-2.json

@@ -425,6 +425,15 @@
             "senderFault":true
           },
           "exception":true
+        },
+        {
+          "shape":"KMSKeyNotAccessibleFault",
+          "error":{
+            "code":"KMSKeyNotAccessibleFault",
+            "httpStatusCode":400,
+            "senderFault":true
+          },
+          "exception":true
         }
       ]
     },
@@ -1740,6 +1749,30 @@
         }
       ]
     },
+    "DescribeDBSnapshotAttributes":{
+      "name":"DescribeDBSnapshotAttributes",
+      "http":{
+        "method":"POST",
+        "requestUri":"/"
+      },
+      "input":{"shape":"DescribeDBSnapshotAttributesMessage"},
+      "output":{
+        "shape":"DescribeDBSnapshotAttributesResult",
+        "wrapper":true,
+        "resultWrapper":"DescribeDBSnapshotAttributesResult"
+      },
+      "errors":[
+        {
+          "shape":"DBSnapshotNotFoundFault",
+          "error":{
+            "code":"DBSnapshotNotFound",
+            "httpStatusCode":404,
+            "senderFault":true
+          },
+          "exception":true
+        }
+      ]
+    },
     "DescribeDBSnapshots":{
       "name":"DescribeDBSnapshots",
       "http":{
@@ -2400,6 +2433,48 @@
         }
       ]
     },
+    "ModifyDBSnapshotAttribute":{
+      "name":"ModifyDBSnapshotAttribute",
+      "http":{
+        "method":"POST",
+        "requestUri":"/"
+      },
+      "input":{"shape":"ModifyDBSnapshotAttributeMessage"},
+      "output":{
+        "shape":"ModifyDBSnapshotAttributeResult",
+        "wrapper":true,
+        "resultWrapper":"ModifyDBSnapshotAttributeResult"
+      },
+      "errors":[
+        {
+          "shape":"DBSnapshotNotFoundFault",
+          "error":{
+            "code":"DBSnapshotNotFound",
+            "httpStatusCode":404,
+            "senderFault":true
+          },
+          "exception":true
+        },
+        {
+          "shape":"InvalidDBSnapshotStateFault",
+          "error":{
+            "code":"InvalidDBSnapshotState",
+            "httpStatusCode":400,
+            "senderFault":true
+          },
+          "exception":true
+        },
+        {
+          "shape":"SharedSnapshotQuotaExceededFault",
+          "error":{
+            "code":"SharedSnapshotQuotaExceeded",
+            "httpStatusCode":400,
+            "senderFault":true
+          },
+          "exception":true
+        }
+      ]
+    },
     "ModifyDBSubnetGroup":{
       "name":"ModifyDBSubnetGroup",
       "http":{
@@ -2951,6 +3026,15 @@
             "senderFault":true
           },
           "exception":true
+        },
+        {
+          "shape":"KMSKeyNotAccessibleFault",
+          "error":{
+            "code":"KMSKeyNotAccessibleFault",
+            "httpStatusCode":400,
+            "senderFault":true
+          },
+          "exception":true
         }
       ]
     },
@@ -3101,6 +3185,15 @@
             "senderFault":true
           },
           "exception":true
+        },
+        {
+          "shape":"KMSKeyNotAccessibleFault",
+          "error":{
+            "code":"KMSKeyNotAccessibleFault",
+            "httpStatusCode":400,
+            "senderFault":true
+          },
+          "exception":true
         }
       ]
     },
@@ -3557,6 +3650,13 @@
         "OptInType":{"shape":"String"}
       }
     },
+    "AttributeValueList":{
+      "type":"list",
+      "member":{
+        "shape":"String",
+        "locationName":"AttributeValue"
+      }
+    },
     "AuthorizationAlreadyExistsFault":{
       "type":"structure",
       "members":{
@@ -3946,7 +4046,8 @@
         "PreferredBackupWindow":{"shape":"String"},
         "PreferredMaintenanceWindow":{"shape":"String"},
         "DBClusterMembers":{"shape":"DBClusterMemberList"},
-        "VpcSecurityGroups":{"shape":"VpcSecurityGroupMembershipList"}
+        "VpcSecurityGroups":{"shape":"VpcSecurityGroupMembershipList"},
+        "HostedZoneId":{"shape":"String"}
       },
       "wrapper":true
     },
@@ -4481,6 +4582,29 @@
       },
       "exception":true
     },
+    "DBSnapshotAttribute":{
+      "type":"structure",
+      "members":{
+        "AttributeName":{"shape":"String"},
+        "AttributeValues":{"shape":"AttributeValueList"}
+      },
+      "wrapper":true
+    },
+    "DBSnapshotAttributeList":{
+      "type":"list",
+      "member":{
+        "shape":"DBSnapshotAttribute",
+        "locationName":"DBSnapshotAttribute"
+      }
+    },
+    "DBSnapshotAttributesResult":{
+      "type":"structure",
+      "members":{
+        "DBSnapshotIdentifier":{"shape":"String"},
+        "DBSnapshotAttributes":{"shape":"DBSnapshotAttributeList"}
+      },
+      "wrapper":true
+    },
     "DBSnapshotList":{
       "type":"list",
       "member":{
@@ -4822,6 +4946,12 @@
         "Marker":{"shape":"String"}
       }
     },
+    "DescribeDBSnapshotAttributesMessage":{
+      "type":"structure",
+      "members":{
+        "DBSnapshotIdentifier":{"shape":"String"}
+      }
+    },
     "DescribeDBSnapshotsMessage":{
       "type":"structure",
       "members":{
@@ -4830,7 +4960,9 @@
         "SnapshotType":{"shape":"String"},
         "Filters":{"shape":"FilterList"},
         "MaxRecords":{"shape":"IntegerOptional"},
-        "Marker":{"shape":"String"}
+        "Marker":{"shape":"String"},
+        "IncludeShared":{"shape":"Boolean"},
+        "IncludePublic":{"shape":"Boolean"}
       }
     },
     "DescribeDBSubnetGroupsMessage":{
@@ -5008,7 +5140,8 @@
       "type":"structure",
       "members":{
         "Address":{"shape":"String"},
-        "Port":{"shape":"Integer"}
+        "Port":{"shape":"Integer"},
+        "HostedZoneId":{"shape":"String"}
       }
     },
     "EngineDefaults":{
@@ -5435,7 +5568,8 @@
         "TdeCredentialArn":{"shape":"String"},
         "TdeCredentialPassword":{"shape":"String"},
         "CACertificateIdentifier":{"shape":"String"},
-        "CopyTagsToSnapshot":{"shape":"BooleanOptional"}
+        "CopyTagsToSnapshot":{"shape":"BooleanOptional"},
+        "PubliclyAccessible":{"shape":"BooleanOptional"}
       }
     },
     "ModifyDBParameterGroupMessage":{
@@ -5449,6 +5583,16 @@
         "Parameters":{"shape":"ParametersList"}
       }
     },
+    "ModifyDBSnapshotAttributeMessage":{
+      "type":"structure",
+      "required":["DBSnapshotIdentifier"],
+      "members":{
+        "DBSnapshotIdentifier":{"shape":"String"},
+        "AttributeName":{"shape":"String"},
+        "ValuesToAdd":{"shape":"AttributeValueList"},
+        "ValuesToRemove":{"shape":"AttributeValueList"}
+      }
+    },
     "ModifyDBSubnetGroupMessage":{
       "type":"structure",
       "required":[
@@ -6161,6 +6305,17 @@
       },
       "exception":true
     },
+    "SharedSnapshotQuotaExceededFault":{
+      "type":"structure",
+      "members":{
+      },
+      "error":{
+        "code":"SharedSnapshotQuotaExceeded",
+        "httpStatusCode":400,
+        "senderFault":true
+      },
+      "exception":true
+    },
     "SnapshotQuotaExceededFault":{
       "type":"structure",
       "members":{
@@ -6196,6 +6351,7 @@
         "db-instance",
         "db-parameter-group",
         "db-security-group",
+        "db-snapshot",
         "db-cluster",
         "db-cluster-snapshot"
       ]
@@ -6493,6 +6649,12 @@
         "EventSubscription":{"shape":"EventSubscription"}
       }
     },
+    "DescribeDBSnapshotAttributesResult":{
+      "type":"structure",
+      "members":{
+        "DBSnapshotAttributesResult":{"shape":"DBSnapshotAttributesResult"}
+      }
+    },
     "DescribeEngineDefaultClusterParametersResult":{
       "type":"structure",
       "members":{
@@ -6523,6 +6685,12 @@
         "DBInstance":{"shape":"DBInstance"}
       }
     },
+    "ModifyDBSnapshotAttributeResult":{
+      "type":"structure",
+      "members":{
+        "DBSnapshotAttributesResult":{"shape":"DBSnapshotAttributesResult"}
+      }
+    },
     "ModifyDBSubnetGroupResult":{
       "type":"structure",
       "members":{

data/lib/aws-sdk-core/assume_role_credentials.rb

@@ -5,13 +5,13 @@ module Aws
   # An auto-refreshing credential provider that works by assuming
   # a role via {Aws::STS::Client#assume_role}.
   #
-  #    role_credentials = Aws::AssumeRoleCredentials.new(
-  #      client: Aws::STS::Client.new(...),
-  #      role_arn: "linked::account::arn",
-  #      role_session_name: "session-name"
-  #    )
+  #     role_credentials = Aws::AssumeRoleCredentials.new(
+  #       client: Aws::STS::Client.new(...),
+  #       role_arn: "linked::account::arn",
+  #       role_session_name: "session-name"
+  #     )
   #
-  #    ec2 = Aws::EC2::Client.new(credentials: role_credentials)
+  #     ec2 = Aws::EC2::Client.new(credentials: role_credentials)
   #
   # If you omit `:client` option, a new {STS::Client} object will be
   # constructed.

data/lib/aws-sdk-core/plugins/s3_request_signer.rb

@@ -6,29 +6,18 @@ module Aws
     # @api private
     class S3RequestSigner < Seahorse::Client::Plugin
 
-      class SigningHandler < RequestSigner::Handler
+      option(:signature_version, 'v4')
 
-        # List of regions that support older S3 signature versions.
-        # All new regions only support signature version 4.
-        V2_REGIONS = Set.new(%w(
-          us-east-1
-          us-west-1
-          us-west-2
-          ap-northeast-1
-          ap-southeast-1
-          ap-southeast-2
-          sa-east-1
-          eu-west-1
-          us-gov-west-1
-        ))
+      class SigningHandler < RequestSigner::Handler
 
         def call(context)
           require_credentials(context)
-          version = signature_version(context)
-          case version
-          when /v4/ then apply_v4_signature(context)
-          when /s3/ then apply_v2_signature(context)
-          else raise "unsupported signature version #{version.inspect}"
+          case context.config.signature_version
+          when 'v4' then apply_v4_signature(context)
+          when 's3' then apply_s3_legacy_signature(context)
+          else
+            raise "unsupported signature version #{version.inspect}, valid"\
+              " options: 'v4' (default), 's3'"
           end
           @handler.call(context)
         end
@@ -42,59 +31,10 @@ module Aws
           ).sign(context.http_request)
         end
 
-        def apply_v2_signature(context)
+        def apply_s3_legacy_signature(context)
           Signers::S3.sign(context)
         end
 
-        def signature_version(context)
-          context[:cached_signature_version] ||
-          context.config.signature_version ||
-          version_by_region(context)
-        end
-
-        def version_by_region(context)
-          if classic_endpoint?(context)
-            classic_sigv(context)
-          else
-            regional_sigv(context)
-          end
-        end
-
-        def classic_endpoint?(context)
-          context.config.region == 'us-east-1'
-        end
-
-        # When accessing the classic endpoint, s3.amazonaws.com, we don't know
-        # the region name. This makes creating a version 4 signature difficult.
-        # Choose v4 only if using KMS encryptions, which requires v4.
-        def classic_sigv(context)
-          if kms_encrypted?(context)
-            :v4
-          else
-            :s3
-          end
-        end
-
-        def regional_sigv(context)
-          # Drop back to older S3 signature version when uploading objects for
-          # better performance. This optimization may be removed at some point
-          # in favor of always using signature version 4.
-          if V2_REGIONS.include?(context.config.region)
-            uploading_file?(context) && !kms_encrypted?(context) ? :s3 : :v4
-          else
-            :v4
-          end
-        end
-
-        def kms_encrypted?(context)
-          context.params[:server_side_encryption] == 'aws:kms'
-        end
-
-        def uploading_file?(context)
-          [:put_object, :upload_part].include?(context.operation_name) &&
-            context.http_request.body.size > 0
-        end
-
       end
 
       # Abstract base class for the other two handlers
@@ -105,7 +45,7 @@ module Aws
         def new_hostname(context, region)
           bucket = context.params[:bucket]
           if region == 'us-east-1'
-            "#{bucket}.s3-external-1.amazonaws.com"
+            "#{bucket}.s3.amazonaws.com"
           else
             bucket + '.' + URI.parse(EndpointProvider.resolve(region, 's3')).host
           end
@@ -137,13 +77,11 @@ module Aws
 
       end
 
-      # This handler detects when a request fails because signature version 4
-      # is required but not used. It follows up by making a request to
-      # determine the correct region, then finally a version 4 signed
-      # request against the regional endpoint.
-      class BucketSigningErrorHandler < Handler
-
-        SIGV4_MSG = /(Please use AWS4-HMAC-SHA256|AWS Signature Version 4)/
+      # This handler detects when a request fails because of a mismatched bucket
+      # region. It follows up by making a request to determine the correct
+      # region, then finally a version 4 signed request against the correct
+      # regional endpoint.
+      class BucketRegionErrorHandler < Handler
 
         def call(context)
           response = @handler.call(context)
@@ -153,52 +91,34 @@ module Aws
         private
 
         def handle_region_errors(response)
-          if sigv4_required_error?(response)
-            detect_region_and_retry(response)
-          elsif wrong_sigv4_region?(response)
-            extract_body_region_and_retry(response.context)
+          if wrong_sigv4_region?(response)
+            get_region_and_retry(response.context)
           else
             response
           end
         end
 
-        def sigv4_required_error?(resp)
-          resp.context.http_response.status_code == 400 &&
-          resp.context.http_response.body_contents.match(SIGV4_MSG) &&
-          resp.context.http_response.body.respond_to?(:truncate)
-        end
-
-        def wrong_sigv4_region?(resp)
-          resp.context.http_response.status_code == 400 &&
-          resp.context.http_response.body_contents.match(/<Region>.+?<\/Region>/)
-        end
-
-        def extract_body_region_and_retry(context)
+        def get_region_and_retry(context)
           actual_region = region_from_body(context)
-          updgrade_to_v4(context, actual_region)
+          if actual_region.nil? || actual_region == ""
+            raise "Couldn't get region from body: #{context.body}"
+          end
+          update_bucket_cache(context, actual_region)
           log_warning(context, actual_region)
+          update_region_header(context, actual_region)
           @handler.call(context)
         end
 
-        def region_from_body(context)
-          context.http_response.body_contents.match(/<Region>(.+?)<\/Region>/)[1]
+        def update_bucket_cache(context, actual_region)
+          S3::BUCKET_REGIONS[context.params[:bucket]] = actual_region
         end
 
-        def detect_region_and_retry(resp)
-          context = resp.context
-          updgrade_to_v4(context, 'us-east-1')
-          resp = @handler.call(context)
-          if resp.successful?
-            resp
-          else
-            actual_region = region_from_location_header(context)
-            updgrade_to_v4(context, actual_region)
-            log_warning(context, actual_region)
-            @handler.call(context)
-          end
+        def wrong_sigv4_region?(resp)
+          resp.context.http_response.status_code == 400 &&
+            resp.context.http_response.body_contents.match(/<Region>.+?<\/Region>/)
         end
 
-        def updgrade_to_v4(context, region)
+        def update_region_header(context, region)
           context.http_response.body.truncate(0)
           context.http_request.headers.delete('authorization')
           context.http_request.headers.delete('x-amz-security-token')
@@ -207,13 +127,11 @@ module Aws
           signer.sign(context.http_request)
         end
 
-        def region_from_location_header(context)
-          location = context.http_response.headers['location']
-          location.match(/s3[.-](.+?)\.amazonaws\.com/)[1]
+        def region_from_body(context)
+          context.http_response.body_contents.match(/<Region>(.+?)<\/Region>/)[1]
         end
 
         def log_warning(context, actual_region)
-          S3::BUCKET_REGIONS[context.params[:bucket]] = actual_region
           msg = "S3 client configured for #{context.config.region.inspect} " +
             "but the bucket #{context.params[:bucket].inspect} is in " +
             "#{actual_region.inspect}; Please configure the proper region " +
@@ -234,7 +152,7 @@ module Aws
       handler(SigningHandler, step: :sign)
 
       # AFTER signing
-      handle(BucketSigningErrorHandler, step: :sign, priority: 40)
+      handle(BucketRegionErrorHandler, step: :sign, priority: 40)
 
     end
   end

data/lib/aws-sdk-core/version.rb

@@ -1,3 +1,3 @@
 module Aws
-  VERSION = '2.1.36'
+  VERSION = '2.2.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-core
 version: !ruby/object:Gem::Version
-  version: 2.1.36
+  version: 2.2.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-11-10 00:00:00.000000000 Z
+date: 2015-11-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jmespath