aws-sdk-s3 1.87.0 → 1.88.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 11cd48be59fc8922aabfe4d29d601706183fc5d5ce0b1fb201ae2f59c6f281ab
-  data.tar.gz: 546d8a92a9a561d94d205908d52c005edb5a49d336751ee7954936f9449d7138
+  metadata.gz: 4c68fb2d0d86cd2d649a7468bfcb1a89719fd745029178d41169786363f08eec
+  data.tar.gz: 6e70d3ddc402afc02f834caaab226766baffa7b6deb461cc83eb5605392db326
 SHA512:
-  metadata.gz: 16a5af91aba1ce6e9b4f3d121cbc427e1534a2fb80edb553a7e5e62e5a937877174581ad169c4abd46dd3d32dfdf765d9161f7bc4c907b5f0cf158d44dbd81e3
-  data.tar.gz: 995720b6753b4add059e235f37dea7fe49dbe19038e495260023aa380bfe2544cdb9873dafab1a2c685d9eae3f1eeeacb290480ac149d6624f475ba584519c57
+  metadata.gz: 97726812bbc8722eaee50bcbbd39711f15b7d54c453240e024ddb4a1d761eb2806f5f80f17e42bdfa9771aaceb068f171ee79bf317a7c59375588f7bbb56db2e
+  data.tar.gz: f7312d5061b498e88504b99e7c0f153c2ca8dc7fce2e32e5745756f651561b40ccaedf6f8d0d1d1b1a4aed30bf58dbcb732c631c07271cf0f0e23b73f437b00a

data/lib/aws-sdk-s3.rb

@@ -69,6 +69,6 @@ require_relative 'aws-sdk-s3/event_streams'
 # @!group service
 module Aws::S3
 
-  GEM_VERSION = '1.87.0'
+  GEM_VERSION = '1.88.0'
 
 end

data/lib/aws-sdk-s3/arn/access_point_arn.rb

@@ -52,10 +52,14 @@ module Aws
         end
       end
 
-      def host_url(region, dualstack = false)
-        sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(region)
-        "#{@access_point_name}-#{@account_id}"\
-        ".s3-accesspoint#{'.dualstack' if dualstack}.#{region}.#{sfx}"
+      def host_url(region, dualstack = false, custom_endpoint = nil)
+        pfx = "#{@access_point_name}-#{@account_id}"
+        if custom_endpoint
+          "#{pfx}.#{custom_endpoint}"
+        else
+          sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(region)
+          "#{pfx}.s3-accesspoint#{'.dualstack' if dualstack}.#{region}.#{sfx}"
+        end
       end
     end
   end

data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb

@@ -62,9 +62,13 @@ module Aws
       end
 
       # Outpost ARNs currently do not support dualstack
-      def host_url(region, _dualstack = false)
-        "#{@access_point_name}-#{@account_id}.#{@outpost_id}"\
-        ".s3-outposts.#{region}.amazonaws.com"
+      def host_url(region, _dualstack = false, custom_endpoint = nil)
+        pfx = "#{@access_point_name}-#{@account_id}.#{@outpost_id}"
+        if custom_endpoint
+          "#{pfx}.#{custom_endpoint}"
+        else
+          "#{pfx}.s3-outposts.#{region}.amazonaws.com"
+        end
       end
     end
   end

data/lib/aws-sdk-s3/client.rb

@@ -13566,7 +13566,7 @@ module Aws::S3
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-s3'
-      context[:gem_version] = '1.87.0'
+      context[:gem_version] = '1.88.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-s3/encryptionV2/default_cipher_provider.rb

@@ -87,9 +87,9 @@ module Aws
                     ' kms+context.  Please configure the client with the' \
                     ' required kms_key_id'
               else
-              raise ArgumentError, 'Unsupported wrap-alg: ' \
-                "#{envelope['x-amz-wrap-alg']}"
-            end
+                raise ArgumentError, 'Unsupported wrap-alg: ' \
+                      "#{envelope['x-amz-wrap-alg']}"
+              end
             iv = decode64(envelope['x-amz-iv'])
             Utils.aes_decryption_cipher(:GCM, key, iv)
           end

data/lib/aws-sdk-s3/plugins/accelerate.rb

@@ -29,7 +29,7 @@ each bucket. [Go here for more information](http://docs.aws.amazon.com/AmazonS3/
             OptionHandler, step: :initialize, operations: operations
           )
           handlers.add(
-            AccelerateHandler, step: :build, priority: 0, operations: operations
+            AccelerateHandler, step: :build, priority: 11, operations: operations
           )
         end
 
@@ -40,8 +40,11 @@ each bucket. [Go here for more information](http://docs.aws.amazon.com/AmazonS3/
             if context.params.is_a?(Hash)
               accelerate = context.params.delete(:use_accelerate_endpoint)
             end
-            if accelerate.nil?
-              accelerate = context.config.use_accelerate_endpoint
+            accelerate = context.config.use_accelerate_endpoint if accelerate.nil?
+            # Raise if :endpoint and dualstack are both provided
+            if accelerate && !context.config.regional_endpoint
+              raise ArgumentError,
+                    'Cannot use both :use_accelerate_endpoint and :endpoint'
             end
             context[:use_accelerate_endpoint] = accelerate
             @handler.call(context)
@@ -51,7 +54,7 @@ each bucket. [Go here for more information](http://docs.aws.amazon.com/AmazonS3/
         # @api private
         class AccelerateHandler < Seahorse::Client::Handler
           def call(context)
-            if context[:use_accelerate_endpoint]
+            if context.config.regional_endpoint && context[:use_accelerate_endpoint]
               dualstack = !!context[:use_dualstack_endpoint]
               use_accelerate_endpoint(context, dualstack)
             end

data/lib/aws-sdk-s3/plugins/arn.rb

@@ -22,11 +22,35 @@ be made. Set to `false` to use the client's region instead.
           resolve_s3_use_arn_region(cfg)
         end
 
+        # param validator is validate:50 (required to add account_id from arn)
+        # endpoint is build:90 (populates the URI for the first time)
+        # endpoint pattern is build:10 (prefix account id to host)
         def add_handlers(handlers, _config)
-          handlers.add(Handler)
+          handlers.add(ARNHandler, step: :validate, priority: 75)
+          handlers.add(UrlHandler)
         end
 
-        class Handler < Seahorse::Client::Handler
+        # After extracting out any ARN input, resolve a new URL with it.
+        class UrlHandler < Seahorse::Client::Handler
+          def call(context)
+            if context.metadata[:s3_arn]
+              ARN.resolve_url!(
+                context.http_request.endpoint,
+                context.metadata[:s3_arn][:arn],
+                context.metadata[:s3_arn][:resolved_region],
+                context.metadata[:s3_arn][:dualstack],
+                # if regional_endpoint is false, a custom endpoint was provided
+                # in this case, we want to prefix the endpoint using the ARN
+                !context.config.regional_endpoint
+              )
+            end
+            @handler.call(context)
+          end
+        end
+
+        # This plugin will extract out any ARN input and set context for other
+        # plugins to use without having to translate the ARN again.
+        class ARNHandler < Seahorse::Client::Handler
           def call(context)
             bucket_member = _bucket_member(context.operation.input.shape)
             if bucket_member && (bucket = context.params[bucket_member])
@@ -38,12 +62,11 @@ be made. Set to `false` to use the client's region instead.
               if arn
                 validate_config!(context, arn)
 
-                ARN.resolve_url!(
-                  context.http_request.endpoint,
-                  arn,
-                  resolved_region,
-                  extract_dualstack_config!(context)
-                )
+                context.metadata[:s3_arn] = {
+                  arn: arn,
+                  resolved_region: resolved_region,
+                  dualstack: extract_dualstack_config!(context)
+                }
               end
             end
             @handler.call(context)
@@ -66,28 +89,22 @@ be made. Set to `false` to use the client's region instead.
           end
 
           def validate_config!(context, arn)
-            unless context.config.regional_endpoint
-              raise ArgumentError,
-                    'Cannot provide both an Access Point ARN and setting '\
-                    ':endpoint.'
-            end
-
             if context.config.force_path_style
               raise ArgumentError,
-                    'Cannot provide both an Access Point ARN and setting '\
-                    ':force_path_style to true.'
+                    'Cannot provide an Access Point ARN when '\
+                    '`:force_path_style` is set to true.'
             end
 
             if context.config.use_accelerate_endpoint
               raise ArgumentError,
-                    'Cannot provide both an Access Point ARN and setting '\
-                    ':use_accelerate_endpoint to true.'
+                    'Cannot provide an Access Point ARN when '\
+                    '`:use_accelerate_endpoint` is set to true.'
             end
 
             if !arn.support_dualstack? && context[:use_dualstack_endpoint]
               raise ArgumentError,
-                    'Cannot provide both an Outpost Access Point ARN and '\
-                    'setting :use_dualstack_endpoint to true.'
+                    'Cannot provide an Outpost Access Point ARN when '\
+                    '`:use_dualstack_endpoint` is set to true.'
             end
           end
         end
@@ -116,8 +133,9 @@ be made. Set to `false` to use the client's region instead.
           end
 
           # @api private
-          def resolve_url!(url, arn, region, dualstack = false)
-            url.host = arn.host_url(region, dualstack)
+          def resolve_url!(url, arn, region, dualstack = false, has_custom_endpoint = false)
+            custom_endpoint = url.host if has_custom_endpoint
+            url.host = arn.host_url(region, dualstack, custom_endpoint)
             url.path = url_path(url.path, arn)
             url
           end
@@ -132,9 +150,9 @@ be made. Set to `false` to use the client's region instead.
             # Raise if provided value is not true or false
             if value.nil?
               raise ArgumentError,
-                    'Must provide either `true` or `false` for '\
-                    's3_use_arn_region profile option or for '\
-                    "ENV['AWS_S3_USE_ARN_REGION']"
+                    'Must provide either `true` or `false` for the '\
+                    '`s3_use_arn_region` profile option or for '\
+                    "ENV['AWS_S3_USE_ARN_REGION']."
             end
             value
           end
@@ -163,7 +181,7 @@ be made. Set to `false` to use the client's region instead.
               if !fips && !use_arn_region && region.include?('fips')
                 raise ArgumentError,
                       'FIPS client regions are not supported for this type of '\
-                      'ARN without s3_use_arn_region.'
+                      'ARN without `:s3_use_arn_region`.'
               end
 
               # if it's a fips region, attempt to normalize it

data/lib/aws-sdk-s3/plugins/dualstack.rb

@@ -16,16 +16,22 @@ for all operations.
 
         def add_handlers(handlers, config)
           handlers.add(OptionHandler, step: :initialize)
-          handlers.add(DualstackHandler, step: :build, priority: 0)
+          handlers.add(DualstackHandler, step: :build, priority: 11)
         end
 
         # @api private
         class OptionHandler < Seahorse::Client::Handler
           def call(context)
+            # Support client configuration and per-operation configuration
             if context.params.is_a?(Hash)
               dualstack = context.params.delete(:use_dualstack_endpoint)
             end
             dualstack = context.config.use_dualstack_endpoint if dualstack.nil?
+            # Raise if :endpoint and dualstack are both provided
+            if dualstack && !context.config.regional_endpoint
+              raise ArgumentError,
+                    'Cannot use both :use_dualstack_endpoint and :endpoint'
+            end
             context[:use_dualstack_endpoint] = dualstack
             @handler.call(context)
           end
@@ -34,7 +40,9 @@ for all operations.
         # @api private
         class DualstackHandler < Seahorse::Client::Handler
           def call(context)
-            apply_dualstack_endpoint(context) if use_dualstack_endpoint?(context)
+            if context.config.regional_endpoint && use_dualstack_endpoint?(context)
+              apply_dualstack_endpoint(context)
+            end
             @handler.call(context)
           end
 
@@ -42,7 +50,6 @@ for all operations.
           def apply_dualstack_endpoint(context)
             bucket_name = context.params[:bucket]
             region = context.config.region
-            context.config.force_path_style
             dns_suffix = Aws::Partitions::EndpointProvider.dns_suffix_for(region)
 
             if use_bucket_dns?(bucket_name, context)

data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb

@@ -30,8 +30,7 @@ region. Defaults to `legacy` mode using global endpoint.
             if context.config.s3_us_east_1_regional_endpoint == 'legacy'
               host = context.http_request.endpoint.host
               # if it's an ARN, don't touch the endpoint at all
-              # TODO this should use context.metadata[:s3_arn] later
-              unless host.include?('.s3-outposts.') || host.include?('.s3-accesspoint.')
+              unless context.metadata[:s3_arn]
                 legacy_host = IADRegionalEndpoint.legacy_host(host)
                 context.http_request.endpoint.host = legacy_host
               end

data/lib/aws-sdk-s3/plugins/s3_signer.rb

@@ -73,22 +73,14 @@ module Aws
                 region: context[:cached_sigv4_region],
                 credentials: context.config.credentials
               )
-            else
-              resolved_region, arn = ARN.resolve_arn!(
-                context.params[:bucket],
-                context.config.sigv4_signer.region,
-                context.config.s3_use_arn_region
+            elsif (arn = context.metadata[:s3_arn])
+              S3Signer.build_v4_signer(
+                service: arn[:arn].service,
+                region: arn[:resolved_region],
+                credentials: context.config.credentials
               )
-
-              if arn
-                S3Signer.build_v4_signer(
-                  service: arn.service,
-                  region: resolved_region,
-                  credentials: context.config.credentials
-                )
-              else
-                context.config.sigv4_signer
-              end
+            else
+              context.config.sigv4_signer
             end
           end
         end
@@ -173,10 +165,14 @@ module Aws
               context, actual_region
             )
             context.metadata[:redirect_region] = actual_region
+            # if it's an ARN, use the service in the ARN
+            if (arn = context.metadata[:s3_arn])
+              service = arn[:arn].service
+            end
             Aws::Plugins::SignatureV4.apply_signature(
               context: context,
               signer: S3Signer.build_v4_signer(
-                service: 's3',
+                service: service || 's3',
                 region: actual_region,
                 credentials: context.config.credentials
               )
@@ -219,20 +215,16 @@ module Aws
             )
           end
 
+          # Check to see if the bucket is actually an ARN
+          # Otherwise it will retry with the ARN as the bucket name.
           def new_hostname(context, region)
-            # Check to see if the bucket is actually an ARN and resolve it
-            # Otherwise it will retry with the ARN as the bucket name.
-            resolved_region, arn = ARN.resolve_arn!(
-              context.params[:bucket],
-              region,
-              context.config.s3_use_arn_region
-            )
             uri = URI.parse(
-              Aws::Partitions::EndpointProvider.resolve(resolved_region, 's3')
+              Aws::Partitions::EndpointProvider.resolve(region, 's3')
             )
 
-            if arn
-              ARN.resolve_url!(uri, arn).host
+            if (arn = context.metadata[:s3_arn])
+              # Retry with the response region and not the ARN resolved one
+              ARN.resolve_url!(uri, arn[:arn], region).host
             else
               "#{context.params[:bucket]}.#{uri.host}"
             end

data/lib/aws-sdk-s3/presigner.rb

@@ -196,8 +196,6 @@ module Aws
         req.handlers.remove(Aws::S3::Plugins::S3Signer::V4Handler)
         req.handlers.remove(Seahorse::Client::Plugins::ContentLength::Handler)
 
-        signer = build_signer(req.context, unsigned_headers)
-
         req.handle(step: :send) do |context|
           if scheme != http_req.endpoint.scheme
             endpoint = http_req.endpoint.dup
@@ -222,6 +220,20 @@ module Aws
           end
           http_req.endpoint.query = query.join('&') unless query.empty?
 
+          # If it's an ARN, get the resolved region and service
+          if (arn = context.metadata[:s3_arn])
+            region = arn[:resolved_region]
+            service = arn[:arn].service
+          end
+
+          signer = Aws::Sigv4::Signer.new(
+            service: service || 's3',
+            region: region || context.config.region,
+            credentials_provider: context.config.credentials,
+            unsigned_headers: unsigned_headers,
+            uri_escape_path: false
+          )
+
           url = signer.presign_url(
             http_method: http_req.http_method,
             url: http_req.endpoint,
@@ -239,29 +251,6 @@ module Aws
         # Return the headers
         x_amz_headers
       end
-
-      def build_signer(context, unsigned_headers)
-        signer_opts = {
-          service: 's3',
-          region: context.config.region,
-          credentials_provider: context.config.credentials,
-          unsigned_headers: unsigned_headers,
-          uri_escape_path: false
-        }
-
-        resolved_region, arn = Aws::S3::Plugins::ARN.resolve_arn!(
-          context.params[:bucket],
-          context.config.sigv4_signer.region,
-          context.config.s3_use_arn_region
-        )
-
-        if arn
-          signer_opts[:region] = resolved_region
-          signer_opts[:service] = arn.service
-        end
-
-        Aws::Sigv4::Signer.new(signer_opts)
-      end
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-s3
 version: !ruby/object:Gem::Version
-  version: 1.87.0
+  version: 1.88.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-21 00:00:00.000000000 Z
+date: 2021-02-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-kms
@@ -47,7 +47,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.109.0
+        version: 3.112.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -57,7 +57,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.109.0
+        version: 3.112.0
 description: Official AWS Ruby gem for Amazon Simple Storage Service (Amazon S3).
   This gem is part of the AWS SDK for Ruby.
 email: