RubyGems - aws-sdk-s3 - Versions diffs - 1.101.0 → 1.102.0 - Mend

aws-sdk-s3 1.101.0 → 1.102.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb +69 -0
data/lib/aws-sdk-s3/client.rb +6 -1
data/lib/aws-sdk-s3/plugins/arn.rb +51 -12
data/lib/aws-sdk-s3/plugins/s3_signer.rb +10 -1
data/lib/aws-sdk-s3/presigner.rb +6 -0
data/lib/aws-sdk-s3.rb +1 -1
metadata +5 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cb16906b304bc5fbb7a817b64b8cf5c8ac21e5110a8a90ee6b4e655f319e1ed1
-  data.tar.gz: c701e60dae96df66feac333d29b02d90636e72ca16a8a2ab209d6b982c113390
+  metadata.gz: 5e460144a4d67350a975bcb1b28dded53872af939cb512c74bc7c1e73ff1e616
+  data.tar.gz: cfd0bc9fb977e27ec33f3d497a1547e92808a13fd42b3e9b1ee7f6a73bec5771
 SHA512:
-  metadata.gz: da0d896232a0153aae1af5c870f78661a023f3ab1ebc606eee2ccb785a8243e1453d9824062725b59b37300388b1189fd3af9681e52c0545c56a7dcc2a220e61
-  data.tar.gz: 349f098c1a9f5d0a6039c5a3521db5d5c28c42b789607014d2341686b8972267d1a07eeb29a982041dccf59e1b1886f75a5edfab85ea9bb6661a22bed4fbf23f
+  metadata.gz: c58146b420fb36c1468743f06899a3ce195499a72966a1fe99ead757b4257da9c5cd29133977c371fdbd6fd9f4480b33807a0baae30deecee4fbb94de7f5a72e
+  data.tar.gz: 84bdb26904354cb178793d2f329bb428903a5765b76dff87e34e5030c1e132a41d1b22af39a37ae0df778d43b2da673fb92d18ab9a685bbe1ba9451b4b1f5096

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
+1.102.0 (2021-09-02)
+------------------
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
 1.101.0 (2021-09-01)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.~~101~~.0
1	+ 1.102.0

data/lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb ADDED Viewed

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+module Aws
+  module S3
+    # @api private
+    class MultiRegionAccessPointARN < Aws::ARN
+      def initialize(options)
+        super(options)
+        @type, @mrap_alias, @extra = @resource.split(/[:,\/]/)
+      end
+      attr_reader :mrap_alias
+      def support_dualstack?
+        false
+      end
+      def support_fips?
+        false
+      end
+      def validate_arn!
+        unless @service == 's3'
+          raise ArgumentError,
+                'Must provide a valid S3 multi-region access point ARN.'
+        end
+        if @account_id.empty?
+          raise ArgumentError,
+                'S3 multi-region access point ARNs must contain '\
+                'an account id.'
+        end
+        unless @region.empty?
+          raise ArgumentError,
+                'Multi-region access points must have an empty region.'
+        end
+        if @type != 'accesspoint'
+          raise ArgumentError, 'Invalid ARN, resource format is not correct'
+        end
+        if @mrap_alias.nil? || @mrap_alias.empty?
+          raise ArgumentError, 'Missing ARN multi-region access points alias.'
+        end
+        unless @mrap_alias.split('.').all? { |s| Seahorse::Util.host_label?(s) }
+          raise ArgumentError, "#{@mrap_alias} is not a valid "\
+                'multi region access point alias.'
+        end
+        if @extra
+          raise ArgumentError,
+                'ARN access point resource must be a single value.'
+        end
+      end
+      def host_url(region, fips = false, dualstack = false, custom_endpoint = nil)
+        if custom_endpoint
+          "#{@mrap_alias}.#{custom_endpoint}"
+        else
+          sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(@partition)
+          "#{@mrap_alias}.accesspoint.s3-global.#{sfx}"
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/client.rb CHANGED Viewed

@@ -327,6 +327,11 @@ module Aws::S3
     #       in the future.
     #
     #
+    #   @option options [Boolean] :s3_disable_multiregion_access_points (false)
+    #     When set to `false` this will option will raise errors when multi-region
+    #     access point ARNs are used.  Multi-region access points can potentially
+    #     result in cross region requests.
+    #
     #   @option options [String] :s3_us_east_1_regional_endpoint ("legacy")
     #     Pass in `regional` to enable the `us-east-1` regional endpoint.
     #     Defaults to `legacy` mode which uses the global endpoint.
@@ -14047,7 +14052,7 @@ module Aws::S3
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-s3'
-      context[:gem_version] = '1.101.0'
+      context[:gem_version] = '1.102.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-s3/plugins/arn.rb CHANGED Viewed

@@ -3,6 +3,7 @@
 require_relative '../arn/access_point_arn'
 require_relative '../arn/object_lambda_arn'
 require_relative '../arn/outpost_access_point_arn'
+require_relative '../arn/multi_region_access_point_arn'
 module Aws
   module S3
@@ -23,6 +24,18 @@ be made. Set to `false` to use the client's region instead.
           resolve_s3_use_arn_region(cfg)
         end
+        option(
+          :s3_disable_multiregion_access_points,
+          default: false,
+          doc_type: 'Boolean',
+          docstring: <<-DOCS) do |cfg|
+When set to `false` this will option will raise errors when multi-region
+access point ARNs are used.  Multi-region access points can potentially
+result in cross region requests.
+        DOCS
+          resolve_s3_disable_multiregion_access_points(cfg)
+        end
         # param validator is validate:50
         # endpoint is build:90 (populates the URI for the first time)
         # endpoint pattern is build:10
@@ -113,8 +126,14 @@ be made. Set to `false` to use the client's region instead.
             if !arn.support_dualstack? && context[:use_dualstack_endpoint]
               raise ArgumentError,
-                    'Cannot provide an Outpost Access Point ARN when '\
-                    '`:use_dualstack_endpoint` is set to true.'
+                    'Cannot provide an Outpost Access Point or Multi-region Access Point ARN'\
+                    ' when `:use_dualstack_endpoint` is set to true.'
+            end
+            if arn.region.empty? && context.config.s3_disable_multiregion_access_points
+              raise ArgumentError,
+                    'Cannot provide a Multi-region Access Point ARN with '\
+                    '`:s3_disable_multiregion_access_points` set to true'
             end
           end
         end
@@ -147,7 +166,9 @@ be made. Set to `false` to use the client's region instead.
           def resolve_arn_type!(arn)
             case arn.service
             when 's3'
-              Aws::S3::AccessPointARN.new(arn.to_h)
+              arn.region.empty? ?
+                Aws::S3::MultiRegionAccessPointARN.new(arn.to_h) :
+                Aws::S3::AccessPointARN.new(arn.to_h)
             when 's3-outposts'
               Aws::S3::OutpostAccessPointARN.new(arn.to_h)
             when 's3-object-lambda'
@@ -174,6 +195,21 @@ be made. Set to `false` to use the client's region instead.
             value
           end
+          def resolve_s3_disable_multiregion_access_points(cfg)
+            value = ENV['AWS_S3_DISABLE_MULTIREGION_ACCESS_POINTS'] ||
+              Aws.shared_config.s3_disable_multiregion_access_points(profile: cfg.profile) ||
+              'false'
+            value = Aws::Util.str_2_bool(value)
+            # Raise if provided value is not true or false
+            if value.nil?
+              raise ArgumentError,
+                    'Must provide either `true` or `false` for '\
+                    's3_use_arn_region profile option or for '\
+                    "ENV['AWS_S3_USE_ARN_REGION']"
+            end
+            value
+          end
           # Remove ARN from the path because we've already set the new host
           def url_path(path, arn)
             path = path.sub("/#{Seahorse::Util.uri_escape(arn.to_s)}", '')
@@ -208,16 +244,19 @@ be made. Set to `false` to use the client's region instead.
                 region = region.gsub('fips-', '').gsub('-fips', '')
               end
-              # Raise if the ARN and client regions are in different partitions
-              if use_arn_region &&
-                 !Aws::Partitions.partition(arn.partition).region?(region)
-                raise Aws::Errors::InvalidARNPartitionError
-              end
+              # use_arn_region does not apply to MRAP (global) arns
+              unless arn.region.empty?
+                # Raise if the ARN and client regions are in different partitions
+                if use_arn_region &&
+                   !Aws::Partitions.partition(arn.partition).region?(region)
+                  raise Aws::Errors::InvalidARNPartitionError
+                end
-              # Raise if regions mismatch
-              # Either when it's a fips client or not using the ARN region
-              if (!use_arn_region || fips) && region != arn.region
-                raise Aws::Errors::InvalidARNRegionError
+                # Raise if regions mismatch
+                # Either when it's a fips client or not using the ARN region
+                if (!use_arn_region || fips) && region != arn.region
+                  raise Aws::Errors::InvalidARNRegionError
+                end
               end
             end
           end

data/lib/aws-sdk-s3/plugins/s3_signer.rb CHANGED Viewed

@@ -74,9 +74,17 @@ module Aws
                 credentials: context.config.credentials
               )
             elsif (arn = context.metadata[:s3_arn])
+              if arn[:arn].is_a?(MultiRegionAccessPointARN)
+                signing_region = '*'
+                signing_algorithm = :sigv4a
+              else
+                signing_region = arn[:resolved_region]
+                signing_algorithm = :sigv4
+              end
               S3Signer.build_v4_signer(
                 service: arn[:arn].service,
-                region: arn[:resolved_region],
+                signing_algorithm: signing_algorithm,
+                region: signing_region,
                 credentials: context.config.credentials
               )
             elsif context.operation.name == 'WriteGetObjectResponse'
@@ -216,6 +224,7 @@ module Aws
               service: options[:service],
               region: options[:region],
               credentials_provider: options[:credentials],
+              signing_algorithm: options.fetch(:signing_algorithm, :sigv4),
               uri_escape_path: false,
               unsigned_headers: ['content-length', 'x-amzn-trace-id']
             )

data/lib/aws-sdk-s3/presigner.rb CHANGED Viewed

@@ -231,17 +231,23 @@ module Aws
           end
           http_req.endpoint.query = query.join('&') unless query.empty?
+          signing_algorithm = :sigv4
           # If it's an ARN, get the resolved region and service
           if (arn = context.metadata[:s3_arn])
             region = arn[:resolved_region]
             service = arn[:arn].service
+            region = arn[:arn].is_a?(MultiRegionAccessPointARN) ? '*': arn[:resolved_region]
+            signing_algorithm = arn[:arn].is_a?(MultiRegionAccessPointARN) ? :sigv4a : :sigv4
           end
           signer = Aws::Sigv4::Signer.new(
             service: service || 's3',
             region: region || context.config.region,
+            signing_algorithm: signing_algorithm,
             credentials_provider: context.config.credentials,
             unsigned_headers: unsigned_headers,
+            apply_checksum_header: false,
             uri_escape_path: false
           )

data/lib/aws-sdk-s3.rb CHANGED Viewed

@@ -69,6 +69,6 @@ require_relative 'aws-sdk-s3/event_streams'
 # @!group service
 module Aws::S3
-  GEM_VERSION = '1.101.0'
+  GEM_VERSION = '1.102.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-s3
 version: !ruby/object:Gem::Version
-  version: 1.101.0
+  version: 1.102.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-01 00:00:00.000000000 Z
+date: 2021-09-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-kms
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '1.4'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '1.4'
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
   requirement: !ruby/object:Gem::Requirement
@@ -71,6 +71,7 @@ files:
 - VERSION
 - lib/aws-sdk-s3.rb
 - lib/aws-sdk-s3/arn/access_point_arn.rb
+- lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb
 - lib/aws-sdk-s3/arn/object_lambda_arn.rb
 - lib/aws-sdk-s3/arn/outpost_access_point_arn.rb
 - lib/aws-sdk-s3/bucket.rb