aws-sdk-eksauth 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,478 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ require 'seahorse/client/plugins/content_length.rb'
11
+ require 'aws-sdk-core/plugins/credentials_configuration.rb'
12
+ require 'aws-sdk-core/plugins/logging.rb'
13
+ require 'aws-sdk-core/plugins/param_converter.rb'
14
+ require 'aws-sdk-core/plugins/param_validator.rb'
15
+ require 'aws-sdk-core/plugins/user_agent.rb'
16
+ require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
17
+ require 'aws-sdk-core/plugins/retry_errors.rb'
18
+ require 'aws-sdk-core/plugins/global_configuration.rb'
19
+ require 'aws-sdk-core/plugins/regional_endpoint.rb'
20
+ require 'aws-sdk-core/plugins/endpoint_discovery.rb'
21
+ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
22
+ require 'aws-sdk-core/plugins/response_paging.rb'
23
+ require 'aws-sdk-core/plugins/stub_responses.rb'
24
+ require 'aws-sdk-core/plugins/idempotency_token.rb'
25
+ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
26
+ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
+ require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
+ require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
+ require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/checksum_algorithm.rb'
31
+ require 'aws-sdk-core/plugins/request_compression.rb'
32
+ require 'aws-sdk-core/plugins/defaults_mode.rb'
33
+ require 'aws-sdk-core/plugins/recursion_detection.rb'
34
+ require 'aws-sdk-core/plugins/sign.rb'
35
+ require 'aws-sdk-core/plugins/protocols/rest_json.rb'
36
+
37
+ Aws::Plugins::GlobalConfiguration.add_identifier(:eksauth)
38
+
39
+ module Aws::EKSAuth
40
+ # An API client for EKSAuth. To construct a client, you need to configure a `:region` and `:credentials`.
41
+ #
42
+ # client = Aws::EKSAuth::Client.new(
43
+ # region: region_name,
44
+ # credentials: credentials,
45
+ # # ...
46
+ # )
47
+ #
48
+ # For details on configuring region and credentials see
49
+ # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
50
+ #
51
+ # See {#initialize} for a full list of supported configuration options.
52
+ class Client < Seahorse::Client::Base
53
+
54
+ include Aws::ClientStubs
55
+
56
+ @identifier = :eksauth
57
+
58
+ set_api(ClientApi::API)
59
+
60
+ add_plugin(Seahorse::Client::Plugins::ContentLength)
61
+ add_plugin(Aws::Plugins::CredentialsConfiguration)
62
+ add_plugin(Aws::Plugins::Logging)
63
+ add_plugin(Aws::Plugins::ParamConverter)
64
+ add_plugin(Aws::Plugins::ParamValidator)
65
+ add_plugin(Aws::Plugins::UserAgent)
66
+ add_plugin(Aws::Plugins::HelpfulSocketErrors)
67
+ add_plugin(Aws::Plugins::RetryErrors)
68
+ add_plugin(Aws::Plugins::GlobalConfiguration)
69
+ add_plugin(Aws::Plugins::RegionalEndpoint)
70
+ add_plugin(Aws::Plugins::EndpointDiscovery)
71
+ add_plugin(Aws::Plugins::EndpointPattern)
72
+ add_plugin(Aws::Plugins::ResponsePaging)
73
+ add_plugin(Aws::Plugins::StubResponses)
74
+ add_plugin(Aws::Plugins::IdempotencyToken)
75
+ add_plugin(Aws::Plugins::JsonvalueConverter)
76
+ add_plugin(Aws::Plugins::ClientMetricsPlugin)
77
+ add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
78
+ add_plugin(Aws::Plugins::TransferEncoding)
79
+ add_plugin(Aws::Plugins::HttpChecksum)
80
+ add_plugin(Aws::Plugins::ChecksumAlgorithm)
81
+ add_plugin(Aws::Plugins::RequestCompression)
82
+ add_plugin(Aws::Plugins::DefaultsMode)
83
+ add_plugin(Aws::Plugins::RecursionDetection)
84
+ add_plugin(Aws::Plugins::Sign)
85
+ add_plugin(Aws::Plugins::Protocols::RestJson)
86
+ add_plugin(Aws::EKSAuth::Plugins::Endpoints)
87
+
88
+ # @overload initialize(options)
89
+ # @param [Hash] options
90
+ # @option options [required, Aws::CredentialProvider] :credentials
91
+ # Your AWS credentials. This can be an instance of any one of the
92
+ # following classes:
93
+ #
94
+ # * `Aws::Credentials` - Used for configuring static, non-refreshing
95
+ # credentials.
96
+ #
97
+ # * `Aws::SharedCredentials` - Used for loading static credentials from a
98
+ # shared file, such as `~/.aws/config`.
99
+ #
100
+ # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
101
+ #
102
+ # * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
103
+ # assume a role after providing credentials via the web.
104
+ #
105
+ # * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
106
+ # access token generated from `aws login`.
107
+ #
108
+ # * `Aws::ProcessCredentials` - Used for loading credentials from a
109
+ # process that outputs to stdout.
110
+ #
111
+ # * `Aws::InstanceProfileCredentials` - Used for loading credentials
112
+ # from an EC2 IMDS on an EC2 instance.
113
+ #
114
+ # * `Aws::ECSCredentials` - Used for loading credentials from
115
+ # instances running in ECS.
116
+ #
117
+ # * `Aws::CognitoIdentityCredentials` - Used for loading credentials
118
+ # from the Cognito Identity service.
119
+ #
120
+ # When `:credentials` are not configured directly, the following
121
+ # locations will be searched for credentials:
122
+ #
123
+ # * `Aws.config[:credentials]`
124
+ # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
125
+ # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
126
+ # * `~/.aws/credentials`
127
+ # * `~/.aws/config`
128
+ # * EC2/ECS IMDS instance profile - When used by default, the timeouts
129
+ # are very aggressive. Construct and pass an instance of
130
+ # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
131
+ # enable retries and extended timeouts. Instance profile credential
132
+ # fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
133
+ # to true.
134
+ #
135
+ # @option options [required, String] :region
136
+ # The AWS region to connect to. The configured `:region` is
137
+ # used to determine the service `:endpoint`. When not passed,
138
+ # a default `:region` is searched for in the following locations:
139
+ #
140
+ # * `Aws.config[:region]`
141
+ # * `ENV['AWS_REGION']`
142
+ # * `ENV['AMAZON_REGION']`
143
+ # * `ENV['AWS_DEFAULT_REGION']`
144
+ # * `~/.aws/credentials`
145
+ # * `~/.aws/config`
146
+ #
147
+ # @option options [String] :access_key_id
148
+ #
149
+ # @option options [Boolean] :active_endpoint_cache (false)
150
+ # When set to `true`, a thread polling for endpoints will be running in
151
+ # the background every 60 secs (default). Defaults to `false`.
152
+ #
153
+ # @option options [Boolean] :adaptive_retry_wait_to_fill (true)
154
+ # Used only in `adaptive` retry mode. When true, the request will sleep
155
+ # until there is sufficent client side capacity to retry the request.
156
+ # When false, the request will raise a `RetryCapacityNotAvailableError` and will
157
+ # not retry instead of sleeping.
158
+ #
159
+ # @option options [Boolean] :client_side_monitoring (false)
160
+ # When `true`, client-side metrics will be collected for all API requests from
161
+ # this client.
162
+ #
163
+ # @option options [String] :client_side_monitoring_client_id ("")
164
+ # Allows you to provide an identifier for this client which will be attached to
165
+ # all generated client side metrics. Defaults to an empty string.
166
+ #
167
+ # @option options [String] :client_side_monitoring_host ("127.0.0.1")
168
+ # Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
169
+ # side monitoring agent is running on, where client metrics will be published via UDP.
170
+ #
171
+ # @option options [Integer] :client_side_monitoring_port (31000)
172
+ # Required for publishing client metrics. The port that the client side monitoring
173
+ # agent is running on, where client metrics will be published via UDP.
174
+ #
175
+ # @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher)
176
+ # Allows you to provide a custom client-side monitoring publisher class. By default,
177
+ # will use the Client Side Monitoring Agent Publisher.
178
+ #
179
+ # @option options [Boolean] :convert_params (true)
180
+ # When `true`, an attempt is made to coerce request parameters into
181
+ # the required types.
182
+ #
183
+ # @option options [Boolean] :correct_clock_skew (true)
184
+ # Used only in `standard` and adaptive retry modes. Specifies whether to apply
185
+ # a clock skew correction and retry requests with skewed client clocks.
186
+ #
187
+ # @option options [String] :defaults_mode ("legacy")
188
+ # See {Aws::DefaultsModeConfiguration} for a list of the
189
+ # accepted modes and the configuration defaults that are included.
190
+ #
191
+ # @option options [Boolean] :disable_host_prefix_injection (false)
192
+ # Set to true to disable SDK automatically adding host prefix
193
+ # to default service endpoint when available.
194
+ #
195
+ # @option options [Boolean] :disable_request_compression (false)
196
+ # When set to 'true' the request body will not be compressed
197
+ # for supported operations.
198
+ #
199
+ # @option options [String] :endpoint
200
+ # The client endpoint is normally constructed from the `:region`
201
+ # option. You should only configure an `:endpoint` when connecting
202
+ # to test or custom endpoints. This should be a valid HTTP(S) URI.
203
+ #
204
+ # @option options [Integer] :endpoint_cache_max_entries (1000)
205
+ # Used for the maximum size limit of the LRU cache storing endpoints data
206
+ # for endpoint discovery enabled operations. Defaults to 1000.
207
+ #
208
+ # @option options [Integer] :endpoint_cache_max_threads (10)
209
+ # Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.
210
+ #
211
+ # @option options [Integer] :endpoint_cache_poll_interval (60)
212
+ # When :endpoint_discovery and :active_endpoint_cache is enabled,
213
+ # Use this option to config the time interval in seconds for making
214
+ # requests fetching endpoints information. Defaults to 60 sec.
215
+ #
216
+ # @option options [Boolean] :endpoint_discovery (false)
217
+ # When set to `true`, endpoint discovery will be enabled for operations when available.
218
+ #
219
+ # @option options [Boolean] :ignore_configured_endpoint_urls
220
+ # Setting to true disables use of endpoint URLs provided via environment
221
+ # variables and the shared configuration file.
222
+ #
223
+ # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
224
+ # The log formatter.
225
+ #
226
+ # @option options [Symbol] :log_level (:info)
227
+ # The log level to send messages to the `:logger` at.
228
+ #
229
+ # @option options [Logger] :logger
230
+ # The Logger instance to send log messages to. If this option
231
+ # is not set, logging will be disabled.
232
+ #
233
+ # @option options [Integer] :max_attempts (3)
234
+ # An integer representing the maximum number attempts that will be made for
235
+ # a single request, including the initial attempt. For example,
236
+ # setting this value to 5 will result in a request being retried up to
237
+ # 4 times. Used in `standard` and `adaptive` retry modes.
238
+ #
239
+ # @option options [String] :profile ("default")
240
+ # Used when loading credentials from the shared credentials file
241
+ # at HOME/.aws/credentials. When not specified, 'default' is used.
242
+ #
243
+ # @option options [Integer] :request_min_compression_size_bytes (10240)
244
+ # The minimum size in bytes that triggers compression for request
245
+ # bodies. The value must be non-negative integer value between 0
246
+ # and 10485780 bytes inclusive.
247
+ #
248
+ # @option options [Proc] :retry_backoff
249
+ # A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
250
+ # This option is only used in the `legacy` retry mode.
251
+ #
252
+ # @option options [Float] :retry_base_delay (0.3)
253
+ # The base delay in seconds used by the default backoff function. This option
254
+ # is only used in the `legacy` retry mode.
255
+ #
256
+ # @option options [Symbol] :retry_jitter (:none)
257
+ # A delay randomiser function used by the default backoff function.
258
+ # Some predefined functions can be referenced by name - :none, :equal, :full,
259
+ # otherwise a Proc that takes and returns a number. This option is only used
260
+ # in the `legacy` retry mode.
261
+ #
262
+ # @see https://www.awsarchitectureblog.com/2015/03/backoff.html
263
+ #
264
+ # @option options [Integer] :retry_limit (3)
265
+ # The maximum number of times to retry failed requests. Only
266
+ # ~ 500 level server errors and certain ~ 400 level client errors
267
+ # are retried. Generally, these are throttling errors, data
268
+ # checksum errors, networking errors, timeout errors, auth errors,
269
+ # endpoint discovery, and errors from expired credentials.
270
+ # This option is only used in the `legacy` retry mode.
271
+ #
272
+ # @option options [Integer] :retry_max_delay (0)
273
+ # The maximum number of seconds to delay between retries (0 for no limit)
274
+ # used by the default backoff function. This option is only used in the
275
+ # `legacy` retry mode.
276
+ #
277
+ # @option options [String] :retry_mode ("legacy")
278
+ # Specifies which retry algorithm to use. Values are:
279
+ #
280
+ # * `legacy` - The pre-existing retry behavior. This is default value if
281
+ # no retry mode is provided.
282
+ #
283
+ # * `standard` - A standardized set of retry rules across the AWS SDKs.
284
+ # This includes support for retry quotas, which limit the number of
285
+ # unsuccessful retries a client can make.
286
+ #
287
+ # * `adaptive` - An experimental retry mode that includes all the
288
+ # functionality of `standard` mode along with automatic client side
289
+ # throttling. This is a provisional mode that may change behavior
290
+ # in the future.
291
+ #
292
+ #
293
+ # @option options [String] :sdk_ua_app_id
294
+ # A unique and opaque application ID that is appended to the
295
+ # User-Agent header as app/<sdk_ua_app_id>. It should have a
296
+ # maximum length of 50.
297
+ #
298
+ # @option options [String] :secret_access_key
299
+ #
300
+ # @option options [String] :session_token
301
+ #
302
+ # @option options [Boolean] :stub_responses (false)
303
+ # Causes the client to return stubbed responses. By default
304
+ # fake responses are generated and returned. You can specify
305
+ # the response data to return or errors to raise by calling
306
+ # {ClientStubs#stub_responses}. See {ClientStubs} for more information.
307
+ #
308
+ # ** Please note ** When response stubbing is enabled, no HTTP
309
+ # requests are made, and retries are disabled.
310
+ #
311
+ # @option options [Aws::TokenProvider] :token_provider
312
+ # A Bearer Token Provider. This can be an instance of any one of the
313
+ # following classes:
314
+ #
315
+ # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
316
+ # tokens.
317
+ #
318
+ # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
319
+ # access token generated from `aws login`.
320
+ #
321
+ # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
322
+ # will be used to search for tokens configured for your profile in shared configuration files.
323
+ #
324
+ # @option options [Boolean] :use_dualstack_endpoint
325
+ # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
326
+ # will be used if available.
327
+ #
328
+ # @option options [Boolean] :use_fips_endpoint
329
+ # When set to `true`, fips compatible endpoints will be used if available.
330
+ # When a `fips` region is used, the region is normalized and this config
331
+ # is set to `true`.
332
+ #
333
+ # @option options [Boolean] :validate_params (true)
334
+ # When `true`, request parameters are validated before
335
+ # sending the request.
336
+ #
337
+ # @option options [Aws::EKSAuth::EndpointProvider] :endpoint_provider
338
+ # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::EKSAuth::EndpointParameters`
339
+ #
340
+ # @option options [URI::HTTP,String] :http_proxy A proxy to send
341
+ # requests through. Formatted like 'http://proxy.com:123'.
342
+ #
343
+ # @option options [Float] :http_open_timeout (15) The number of
344
+ # seconds to wait when opening a HTTP session before raising a
345
+ # `Timeout::Error`.
346
+ #
347
+ # @option options [Float] :http_read_timeout (60) The default
348
+ # number of seconds to wait for response data. This value can
349
+ # safely be set per-request on the session.
350
+ #
351
+ # @option options [Float] :http_idle_timeout (5) The number of
352
+ # seconds a connection is allowed to sit idle before it is
353
+ # considered stale. Stale connections are closed and removed
354
+ # from the pool before making a request.
355
+ #
356
+ # @option options [Float] :http_continue_timeout (1) The number of
357
+ # seconds to wait for a 100-continue response before sending the
358
+ # request body. This option has no effect unless the request has
359
+ # "Expect" header set to "100-continue". Defaults to `nil` which
360
+ # disables this behaviour. This value can safely be set per
361
+ # request on the session.
362
+ #
363
+ # @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
364
+ # in seconds.
365
+ #
366
+ # @option options [Boolean] :http_wire_trace (false) When `true`,
367
+ # HTTP debug output will be sent to the `:logger`.
368
+ #
369
+ # @option options [Boolean] :ssl_verify_peer (true) When `true`,
370
+ # SSL peer certificates are verified when establishing a
371
+ # connection.
372
+ #
373
+ # @option options [String] :ssl_ca_bundle Full path to the SSL
374
+ # certificate authority bundle file that should be used when
375
+ # verifying peer certificates. If you do not pass
376
+ # `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
377
+ # will be used if available.
378
+ #
379
+ # @option options [String] :ssl_ca_directory Full path of the
380
+ # directory that contains the unbundled SSL certificate
381
+ # authority files for verifying peer certificates. If you do
382
+ # not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
383
+ # system default will be used if available.
384
+ #
385
+ def initialize(*args)
386
+ super
387
+ end
388
+
389
+ # @!group API Operations
390
+
391
+ # The Amazon EKS Auth API and the `AssumeRoleForPodIdentity` action are
392
+ # only used by the EKS Pod Identity Agent.
393
+ #
394
+ # We recommend that applications use the Amazon Web Services SDKs to
395
+ # connect to Amazon Web Services services; if credentials from an EKS
396
+ # Pod Identity association are available in the pod, the latest versions
397
+ # of the SDKs use them automatically.
398
+ #
399
+ # @option params [required, String] :cluster_name
400
+ # The name of the cluster for the request.
401
+ #
402
+ # @option params [required, String] :token
403
+ # The token of the Kubernetes service account for the pod.
404
+ #
405
+ # @return [Types::AssumeRoleForPodIdentityResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
406
+ #
407
+ # * {Types::AssumeRoleForPodIdentityResponse#subject #subject} => Types::Subject
408
+ # * {Types::AssumeRoleForPodIdentityResponse#audience #audience} => String
409
+ # * {Types::AssumeRoleForPodIdentityResponse#pod_identity_association #pod_identity_association} => Types::PodIdentityAssociation
410
+ # * {Types::AssumeRoleForPodIdentityResponse#assumed_role_user #assumed_role_user} => Types::AssumedRoleUser
411
+ # * {Types::AssumeRoleForPodIdentityResponse#credentials #credentials} => Types::Credentials
412
+ #
413
+ # @example Request syntax with placeholder values
414
+ #
415
+ # resp = client.assume_role_for_pod_identity({
416
+ # cluster_name: "ClusterName", # required
417
+ # token: "JwtToken", # required
418
+ # })
419
+ #
420
+ # @example Response structure
421
+ #
422
+ # resp.subject.namespace #=> String
423
+ # resp.subject.service_account #=> String
424
+ # resp.audience #=> String
425
+ # resp.pod_identity_association.association_arn #=> String
426
+ # resp.pod_identity_association.association_id #=> String
427
+ # resp.assumed_role_user.arn #=> String
428
+ # resp.assumed_role_user.assume_role_id #=> String
429
+ # resp.credentials.session_token #=> String
430
+ # resp.credentials.secret_access_key #=> String
431
+ # resp.credentials.access_key_id #=> String
432
+ # resp.credentials.expiration #=> Time
433
+ #
434
+ # @see http://docs.aws.amazon.com/goto/WebAPI/eks-auth-2023-11-26/AssumeRoleForPodIdentity AWS API Documentation
435
+ #
436
+ # @overload assume_role_for_pod_identity(params = {})
437
+ # @param [Hash] params ({})
438
+ def assume_role_for_pod_identity(params = {}, options = {})
439
+ req = build_request(:assume_role_for_pod_identity, params)
440
+ req.send_request(options)
441
+ end
442
+
443
+ # @!endgroup
444
+
445
+ # @param params ({})
446
+ # @api private
447
+ def build_request(operation_name, params = {})
448
+ handlers = @handlers.for(operation_name)
449
+ context = Seahorse::Client::RequestContext.new(
450
+ operation_name: operation_name,
451
+ operation: config.api.operation(operation_name),
452
+ client: self,
453
+ params: params,
454
+ config: config)
455
+ context[:gem_name] = 'aws-sdk-eksauth'
456
+ context[:gem_version] = '1.0.0'
457
+ Seahorse::Client::Request.new(handlers, context)
458
+ end
459
+
460
+ # @api private
461
+ # @deprecated
462
+ def waiter_names
463
+ []
464
+ end
465
+
466
+ class << self
467
+
468
+ # @api private
469
+ attr_reader :identifier
470
+
471
+ # @api private
472
+ def errors_module
473
+ Errors
474
+ end
475
+
476
+ end
477
+ end
478
+ end
@@ -0,0 +1,129 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ module Aws::EKSAuth
11
+ # @api private
12
+ module ClientApi
13
+
14
+ include Seahorse::Model
15
+
16
+ AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException')
17
+ AssumeRoleForPodIdentityRequest = Shapes::StructureShape.new(name: 'AssumeRoleForPodIdentityRequest')
18
+ AssumeRoleForPodIdentityResponse = Shapes::StructureShape.new(name: 'AssumeRoleForPodIdentityResponse')
19
+ AssumedRoleUser = Shapes::StructureShape.new(name: 'AssumedRoleUser')
20
+ ClusterName = Shapes::StringShape.new(name: 'ClusterName')
21
+ Credentials = Shapes::StructureShape.new(name: 'Credentials')
22
+ ExpiredTokenException = Shapes::StructureShape.new(name: 'ExpiredTokenException')
23
+ InternalServerException = Shapes::StructureShape.new(name: 'InternalServerException')
24
+ InvalidParameterException = Shapes::StructureShape.new(name: 'InvalidParameterException')
25
+ InvalidRequestException = Shapes::StructureShape.new(name: 'InvalidRequestException')
26
+ InvalidTokenException = Shapes::StructureShape.new(name: 'InvalidTokenException')
27
+ JwtToken = Shapes::StringShape.new(name: 'JwtToken')
28
+ PodIdentityAssociation = Shapes::StructureShape.new(name: 'PodIdentityAssociation')
29
+ ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
30
+ ServiceUnavailableException = Shapes::StructureShape.new(name: 'ServiceUnavailableException')
31
+ String = Shapes::StringShape.new(name: 'String')
32
+ Subject = Shapes::StructureShape.new(name: 'Subject')
33
+ ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
34
+ Timestamp = Shapes::TimestampShape.new(name: 'Timestamp')
35
+
36
+ AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
37
+ AccessDeniedException.struct_class = Types::AccessDeniedException
38
+
39
+ AssumeRoleForPodIdentityRequest.add_member(:cluster_name, Shapes::ShapeRef.new(shape: ClusterName, required: true, location: "uri", location_name: "clusterName"))
40
+ AssumeRoleForPodIdentityRequest.add_member(:token, Shapes::ShapeRef.new(shape: JwtToken, required: true, location_name: "token"))
41
+ AssumeRoleForPodIdentityRequest.struct_class = Types::AssumeRoleForPodIdentityRequest
42
+
43
+ AssumeRoleForPodIdentityResponse.add_member(:subject, Shapes::ShapeRef.new(shape: Subject, required: true, location_name: "subject"))
44
+ AssumeRoleForPodIdentityResponse.add_member(:audience, Shapes::ShapeRef.new(shape: String, required: true, location_name: "audience"))
45
+ AssumeRoleForPodIdentityResponse.add_member(:pod_identity_association, Shapes::ShapeRef.new(shape: PodIdentityAssociation, required: true, location_name: "podIdentityAssociation"))
46
+ AssumeRoleForPodIdentityResponse.add_member(:assumed_role_user, Shapes::ShapeRef.new(shape: AssumedRoleUser, required: true, location_name: "assumedRoleUser"))
47
+ AssumeRoleForPodIdentityResponse.add_member(:credentials, Shapes::ShapeRef.new(shape: Credentials, required: true, location_name: "credentials"))
48
+ AssumeRoleForPodIdentityResponse.struct_class = Types::AssumeRoleForPodIdentityResponse
49
+
50
+ AssumedRoleUser.add_member(:arn, Shapes::ShapeRef.new(shape: String, required: true, location_name: "arn"))
51
+ AssumedRoleUser.add_member(:assume_role_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "assumeRoleId"))
52
+ AssumedRoleUser.struct_class = Types::AssumedRoleUser
53
+
54
+ Credentials.add_member(:session_token, Shapes::ShapeRef.new(shape: String, required: true, location_name: "sessionToken"))
55
+ Credentials.add_member(:secret_access_key, Shapes::ShapeRef.new(shape: String, required: true, location_name: "secretAccessKey"))
56
+ Credentials.add_member(:access_key_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "accessKeyId"))
57
+ Credentials.add_member(:expiration, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "expiration"))
58
+ Credentials.struct_class = Types::Credentials
59
+
60
+ ExpiredTokenException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
61
+ ExpiredTokenException.struct_class = Types::ExpiredTokenException
62
+
63
+ InternalServerException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
64
+ InternalServerException.struct_class = Types::InternalServerException
65
+
66
+ InvalidParameterException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
67
+ InvalidParameterException.struct_class = Types::InvalidParameterException
68
+
69
+ InvalidRequestException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
70
+ InvalidRequestException.struct_class = Types::InvalidRequestException
71
+
72
+ InvalidTokenException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
73
+ InvalidTokenException.struct_class = Types::InvalidTokenException
74
+
75
+ PodIdentityAssociation.add_member(:association_arn, Shapes::ShapeRef.new(shape: String, required: true, location_name: "associationArn"))
76
+ PodIdentityAssociation.add_member(:association_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "associationId"))
77
+ PodIdentityAssociation.struct_class = Types::PodIdentityAssociation
78
+
79
+ ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
80
+ ResourceNotFoundException.struct_class = Types::ResourceNotFoundException
81
+
82
+ ServiceUnavailableException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
83
+ ServiceUnavailableException.struct_class = Types::ServiceUnavailableException
84
+
85
+ Subject.add_member(:namespace, Shapes::ShapeRef.new(shape: String, required: true, location_name: "namespace"))
86
+ Subject.add_member(:service_account, Shapes::ShapeRef.new(shape: String, required: true, location_name: "serviceAccount"))
87
+ Subject.struct_class = Types::Subject
88
+
89
+ ThrottlingException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
90
+ ThrottlingException.struct_class = Types::ThrottlingException
91
+
92
+
93
+ # @api private
94
+ API = Seahorse::Model::Api.new.tap do |api|
95
+
96
+ api.version = "2023-11-26"
97
+
98
+ api.metadata = {
99
+ "apiVersion" => "2023-11-26",
100
+ "endpointPrefix" => "eks-auth",
101
+ "jsonVersion" => "1.1",
102
+ "protocol" => "rest-json",
103
+ "serviceFullName" => "Amazon EKS Auth",
104
+ "serviceId" => "EKS Auth",
105
+ "signatureVersion" => "v4",
106
+ "signingName" => "eks-auth",
107
+ "uid" => "eks-auth-2023-11-26",
108
+ }
109
+
110
+ api.add_operation(:assume_role_for_pod_identity, Seahorse::Model::Operation.new.tap do |o|
111
+ o.name = "AssumeRoleForPodIdentity"
112
+ o.http_method = "POST"
113
+ o.http_request_uri = "/clusters/{clusterName}/assume-role-for-pod-identity"
114
+ o.input = Shapes::ShapeRef.new(shape: AssumeRoleForPodIdentityRequest)
115
+ o.output = Shapes::ShapeRef.new(shape: AssumeRoleForPodIdentityResponse)
116
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
117
+ o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
118
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
119
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
120
+ o.errors << Shapes::ShapeRef.new(shape: InvalidTokenException)
121
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
122
+ o.errors << Shapes::ShapeRef.new(shape: ExpiredTokenException)
123
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
124
+ o.errors << Shapes::ShapeRef.new(shape: ServiceUnavailableException)
125
+ end)
126
+ end
127
+
128
+ end
129
+ end
File without changes
@@ -0,0 +1,54 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ module Aws::EKSAuth
11
+ # Endpoint parameters used to influence endpoints per request.
12
+ #
13
+ # @!attribute region
14
+ # The AWS region used to dispatch the request.
15
+ #
16
+ # @return [String]
17
+ #
18
+ # @!attribute use_fips
19
+ # When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.
20
+ #
21
+ # @return [Boolean]
22
+ #
23
+ # @!attribute endpoint
24
+ # Override the endpoint used to send this request
25
+ #
26
+ # @return [String]
27
+ #
28
+ EndpointParameters = Struct.new(
29
+ :region,
30
+ :use_fips,
31
+ :endpoint,
32
+ ) do
33
+ include Aws::Structure
34
+
35
+ # @api private
36
+ class << self
37
+ PARAM_MAP = {
38
+ 'Region' => :region,
39
+ 'UseFIPS' => :use_fips,
40
+ 'Endpoint' => :endpoint,
41
+ }.freeze
42
+ end
43
+
44
+ def initialize(options = {})
45
+ self[:region] = options[:region]
46
+ self[:use_fips] = options[:use_fips]
47
+ self[:use_fips] = false if self[:use_fips].nil?
48
+ if self[:use_fips].nil?
49
+ raise ArgumentError, "Missing required EndpointParameter: :use_fips"
50
+ end
51
+ self[:endpoint] = options[:endpoint]
52
+ end
53
+ end
54
+ end