aws-sdk 1.3.2 → 1.3.3
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/aws/api_config/{IAM-2010-07-15.yml → IAM-2010-05-08.yml} +56 -4
- data/lib/aws/api_config/SNS-2010-03-31.yml +90 -81
- data/lib/aws/core.rb +26 -11
- data/lib/aws/core/client.rb +12 -4
- data/lib/aws/core/collection.rb +5 -12
- data/lib/aws/core/collection/limitable.rb +10 -3
- data/lib/aws/core/collection/simple.rb +1 -0
- data/lib/aws/core/configuration.rb +2 -0
- data/lib/aws/core/configured_json_client_methods.rb +5 -2
- data/lib/aws/core/http/httparty_handler.rb +1 -1
- data/lib/aws/core/http/net_http_handler.rb +2 -1
- data/lib/aws/core/http/request.rb +27 -0
- data/lib/aws/core/json_client.rb +41 -0
- data/lib/aws/core/lazy_error_classes.rb +2 -0
- data/lib/aws/core/option_grammar.rb +1 -1
- data/lib/aws/core/resource.rb +12 -14
- data/lib/aws/core/session_signer.rb +0 -5
- data/lib/aws/core/xml_grammar.rb +12 -2
- data/lib/aws/dynamo_db.rb +4 -1
- data/lib/aws/dynamo_db/client.rb +4 -17
- data/lib/aws/dynamo_db/item_collection.rb +15 -0
- data/lib/aws/ec2/security_group.rb +2 -1
- data/lib/aws/ec2/security_group/ip_permission.rb +2 -3
- data/lib/aws/elb/listener.rb +2 -2
- data/lib/aws/iam.rb +17 -0
- data/lib/aws/iam/client.rb +9 -6
- data/lib/aws/iam/mfa_device.rb +4 -2
- data/lib/aws/iam/mfa_device_collection.rb +14 -3
- data/lib/aws/iam/user.rb +10 -0
- data/lib/aws/iam/virtual_mfa_device.rb +139 -0
- data/lib/aws/iam/virtual_mfa_device_collection.rb +73 -0
- data/lib/aws/record/abstract_base.rb +1 -0
- data/lib/aws/record/hash_model/attributes.rb +8 -8
- data/lib/aws/record/hash_model/finder_methods.rb +10 -15
- data/lib/aws/record/model.rb +1 -3
- data/lib/aws/record/model/finder_methods.rb +3 -3
- data/lib/aws/s3.rb +1 -0
- data/lib/aws/s3/bucket.rb +83 -16
- data/lib/aws/s3/bucket_lifecycle_configuration.rb +360 -0
- data/lib/aws/s3/client.rb +50 -0
- data/lib/aws/s3/client/xml.rb +10 -0
- data/lib/aws/s3/object_version.rb +5 -0
- data/lib/aws/s3/object_version_collection.rb +15 -1
- data/lib/aws/s3/request.rb +1 -1
- data/lib/aws/s3/s3_object.rb +56 -1
- data/lib/aws/sns.rb +1 -0
- data/lib/aws/sns/has_delivery_policy.rb +68 -0
- data/lib/aws/sns/subscription.rb +62 -14
- data/lib/aws/sns/subscription_collection.rb +1 -1
- data/lib/aws/sns/topic.rb +22 -4
- data/lib/aws/sts.rb +3 -2
- data/lib/net/http/connection_pool.rb +1 -1
- metadata +27 -25
- data/lib/aws/core/collection/batchable.rb +0 -133
@@ -190,7 +190,8 @@ module AWS
|
|
190
190
|
#
|
191
191
|
# If you use ELB to manage load balancers, then you need to add
|
192
192
|
# ingress permissions to the security groups they route traffic into.
|
193
|
-
# You can do this by passing the {LoadBalancer} into
|
193
|
+
# You can do this by passing the {ELB::LoadBalancer} into
|
194
|
+
# authorize_ingress:
|
194
195
|
#
|
195
196
|
# load_balancer = AWS::ELB.new.load_balancers['web-load-balancer']
|
196
197
|
#
|
@@ -92,7 +92,7 @@ module AWS
|
|
92
92
|
|
93
93
|
# @return [Boolean] Returns true if the other IpPermission matches
|
94
94
|
# this one.
|
95
|
-
def
|
95
|
+
def eql? other
|
96
96
|
other.is_a?(IpPermission) and
|
97
97
|
other.security_group == security_group and
|
98
98
|
other.protocol == protocol and
|
@@ -101,8 +101,7 @@ module AWS
|
|
101
101
|
other.groups == groups and
|
102
102
|
other.egress == egress?
|
103
103
|
end
|
104
|
-
|
105
|
-
alias_method :eql?, :==
|
104
|
+
alias_method :==, :eql?
|
106
105
|
|
107
106
|
protected
|
108
107
|
def update_sg method
|
data/lib/aws/elb/listener.rb
CHANGED
@@ -170,12 +170,12 @@ module AWS
|
|
170
170
|
end
|
171
171
|
|
172
172
|
# @private
|
173
|
-
def
|
173
|
+
def eql? other
|
174
174
|
other.is_a?(Listener) and
|
175
175
|
other.load_balancer == load_balancer and
|
176
176
|
other.port == port
|
177
177
|
end
|
178
|
-
alias_method :eql
|
178
|
+
alias_method :==, :eql?
|
179
179
|
|
180
180
|
protected
|
181
181
|
def _description
|
data/lib/aws/iam.rb
CHANGED
@@ -161,6 +161,8 @@ module AWS
|
|
161
161
|
autoload :UserGroupCollection, 'user_group_collection'
|
162
162
|
autoload :UserPolicy, 'user_policy'
|
163
163
|
autoload :UserPolicyCollection, 'user_policy_collection'
|
164
|
+
autoload :VirtualMfaDeviceCollection, 'virtual_mfa_device_collection'
|
165
|
+
autoload :VirtualMfaDevice, 'virtual_mfa_device'
|
164
166
|
end
|
165
167
|
|
166
168
|
include Core::ServiceInterface
|
@@ -253,6 +255,21 @@ module AWS
|
|
253
255
|
ServerCertificateCollection.new(:config => config)
|
254
256
|
end
|
255
257
|
|
258
|
+
# Returns a collection that represents the virtual MFA devices
|
259
|
+
# that are not assigned to an IAM user.
|
260
|
+
#
|
261
|
+
# iam = AWS::IAM.new
|
262
|
+
# iam.virtual_mfa_devices.each do |cert|
|
263
|
+
# # ...
|
264
|
+
# end
|
265
|
+
#
|
266
|
+
# @return [VirtualMfaDeviceCollection] Returns a collection that
|
267
|
+
# represents the virtual MFA devices that are not assigned to an
|
268
|
+
# IAM user.
|
269
|
+
def virtual_mfa_devices
|
270
|
+
VirtualMfaDeviceCollection.new(:config => config)
|
271
|
+
end
|
272
|
+
|
256
273
|
# Sets the account alias for this AWS account.
|
257
274
|
# @param [String] account_alias
|
258
275
|
# @return [String] Returns the account alias passed.
|
data/lib/aws/iam/client.rb
CHANGED
@@ -28,12 +28,15 @@ module AWS
|
|
28
28
|
REQUEST_CLASS = IAM::Request
|
29
29
|
|
30
30
|
# @private
|
31
|
-
CACHEABLE_REQUESTS = Set[
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
31
|
+
CACHEABLE_REQUESTS = Set[
|
32
|
+
:list_groups,
|
33
|
+
:list_group_policies,
|
34
|
+
:list_groups_for_user,
|
35
|
+
:list_server_certificates,
|
36
|
+
:list_virtual_mfa_devices,
|
37
|
+
:get_group,
|
38
|
+
:get_group_policy
|
39
|
+
]
|
37
40
|
|
38
41
|
configure_client
|
39
42
|
|
data/lib/aws/iam/mfa_device.rb
CHANGED
@@ -31,8 +31,10 @@ module AWS
|
|
31
31
|
# @return [String] Returns the MFA device's serial number
|
32
32
|
attr_reader :serial_number
|
33
33
|
|
34
|
-
# Deactivates the MFA device and removes it from association
|
35
|
-
# user for which it was originally enabled.
|
34
|
+
# Deactivates the MFA device and removes it from association
|
35
|
+
# with the user for which it was originally enabled. You must
|
36
|
+
# call {MFADeviceCollection#enable} to enable the device again.
|
37
|
+
#
|
36
38
|
# @return [nil]
|
37
39
|
def deactivate
|
38
40
|
client.deactivate_mfa_device({
|
@@ -63,11 +63,16 @@ module AWS
|
|
63
63
|
MFADevice.new(user, serial_number)
|
64
64
|
end
|
65
65
|
|
66
|
-
#
|
66
|
+
# Deactivates all of the MFA devices in this collection.
|
67
|
+
# Virtual MFA devices in this collection will not be
|
68
|
+
# deleted. Instead they will be available in the
|
69
|
+
# {IAM#virtual_mfa_devices} collection so that they can either
|
70
|
+
# be deleted or enabled for different users.
|
71
|
+
#
|
67
72
|
# @return [nil]
|
68
73
|
def clear
|
69
74
|
each do |device|
|
70
|
-
device.
|
75
|
+
device.deactivate
|
71
76
|
end
|
72
77
|
nil
|
73
78
|
end
|
@@ -104,7 +109,13 @@ module AWS
|
|
104
109
|
def each_item response, &block
|
105
110
|
response.mfa_devices.each do |item|
|
106
111
|
|
107
|
-
|
112
|
+
if item.serial_number =~ /^arn:/
|
113
|
+
mfa_device = VirtualMfaDevice.new_from(:list_mfa_devices, item,
|
114
|
+
item.serial_number,
|
115
|
+
:config => config)
|
116
|
+
else
|
117
|
+
mfa_device = MFADevice.new(user, item.serial_number)
|
118
|
+
end
|
108
119
|
|
109
120
|
yield(mfa_device)
|
110
121
|
|
data/lib/aws/iam/user.rb
CHANGED
@@ -58,6 +58,16 @@ module AWS
|
|
58
58
|
# In order to delete a user you must first remove it from all of its
|
59
59
|
# groups and delete all of its signing certificates. Once this is done:
|
60
60
|
#
|
61
|
+
# @attr [String] user_name
|
62
|
+
#
|
63
|
+
# @attr [String] path
|
64
|
+
#
|
65
|
+
# @attr_reader [String] id
|
66
|
+
#
|
67
|
+
# @attr_reader [DateTime] create_date
|
68
|
+
#
|
69
|
+
# @attr_reader [String] arn
|
70
|
+
#
|
61
71
|
class User < Resource
|
62
72
|
|
63
73
|
prefix_update_attributes
|
@@ -0,0 +1,139 @@
|
|
1
|
+
# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
+
# may not use this file except in compliance with the License. A copy of
|
5
|
+
# the License is located at
|
6
|
+
#
|
7
|
+
# http://aws.amazon.com/apache2.0/
|
8
|
+
#
|
9
|
+
# or in the "license" file accompanying this file. This file is
|
10
|
+
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
+
# ANY KIND, either express or implied. See the License for the specific
|
12
|
+
# language governing permissions and limitations under the License.
|
13
|
+
|
14
|
+
require 'base64'
|
15
|
+
|
16
|
+
module AWS
|
17
|
+
class IAM
|
18
|
+
|
19
|
+
# @attr_reader [String] base_32_string_seed The Base32 seed defined as
|
20
|
+
# specified in RFC3548. Only accessible on newly created
|
21
|
+
# devices. This value is Base64-encoded.
|
22
|
+
#
|
23
|
+
# @attr_reader [Blob] qr_code_png A QR code PNG image that encodes
|
24
|
+
# otpauth://totp/$virtualMFADeviceName@$AccountName? secret=$Base32String
|
25
|
+
# where $virtualMFADeviceName is one of the create call arguments,
|
26
|
+
# AccountName is the user name if set (accountId otherwise), and
|
27
|
+
# Base32String is the seed in Base32 format. Only accessible on newly
|
28
|
+
# created devices. This value is Base64-encoded.
|
29
|
+
#
|
30
|
+
# @attr_reader [DateTime] enable_date When this device was enabled.
|
31
|
+
# Returns nil if this device has not been enabled.
|
32
|
+
#
|
33
|
+
class VirtualMfaDevice < Resource
|
34
|
+
|
35
|
+
# @private
|
36
|
+
def initialize serial_number, options = {}
|
37
|
+
@serial_number = serial_number
|
38
|
+
super
|
39
|
+
end
|
40
|
+
|
41
|
+
# @return [String] Returns the virtual MFA device serial number (ARN).
|
42
|
+
attr_reader :serial_number
|
43
|
+
|
44
|
+
alias_method :arn, :serial_number
|
45
|
+
|
46
|
+
attribute :base_32_string_seed, :static => true
|
47
|
+
|
48
|
+
attribute :qr_code_png, :static => true
|
49
|
+
|
50
|
+
attribute :enable_date, :static => true
|
51
|
+
|
52
|
+
attribute :user_details, :as => :user
|
53
|
+
|
54
|
+
protected :user_details
|
55
|
+
|
56
|
+
# @return [User,nil] Returns the user this device was enabled
|
57
|
+
# for, or nil if this device has not been enabled.
|
58
|
+
def user
|
59
|
+
if details = user_details
|
60
|
+
User.new(details.user_name, :config => config)
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
# Enables the MFA device and associates it with the specified user.
|
65
|
+
# When enabled, the MFA device is required for every subsequent login
|
66
|
+
# by the user name associated with the device.
|
67
|
+
# @param [User,String] user The user (or user name string) you want
|
68
|
+
# to enable this device for.
|
69
|
+
# @param [String] code1 An authentication code emitted by the device.
|
70
|
+
# @param [String] code2 A subsequent authentication code emitted by
|
71
|
+
# the device.
|
72
|
+
def enable user, code1, code2
|
73
|
+
|
74
|
+
user_name = user.is_a?(User) ? user.name : user
|
75
|
+
|
76
|
+
client.enable_mfa_device(
|
77
|
+
:user_name => user_name,
|
78
|
+
:serial_number => serial_number,
|
79
|
+
:authentication_code_1 => format_auth_code(code1),
|
80
|
+
:authentication_code_2 => format_auth_code(code2))
|
81
|
+
|
82
|
+
nil
|
83
|
+
|
84
|
+
end
|
85
|
+
|
86
|
+
# @return [Boolean] Returns true if this device has been enabled
|
87
|
+
# for a user.
|
88
|
+
def enabled?
|
89
|
+
!!enable_date
|
90
|
+
end
|
91
|
+
|
92
|
+
# Deactivates the MFA device and removes it from association with
|
93
|
+
# the user for which it was originally enabled.
|
94
|
+
# @return [nil]
|
95
|
+
def deactivate
|
96
|
+
client_opts = {}
|
97
|
+
client_opts[:user_name] = user.name
|
98
|
+
client_opts[:serial_number] = serial_number
|
99
|
+
client.deactivate_mfa_device(client_opts)
|
100
|
+
nil
|
101
|
+
end
|
102
|
+
alias_method :disable, :deactivate
|
103
|
+
|
104
|
+
# Deletes this virtual MFA device.
|
105
|
+
# @return [nil]
|
106
|
+
def delete
|
107
|
+
client.delete_virtual_mfa_device(resource_options)
|
108
|
+
nil
|
109
|
+
end
|
110
|
+
|
111
|
+
populates_from :create_virtual_mfa_device do |resp|
|
112
|
+
if resp.virtual_mfa_device.serial_number == serial_number
|
113
|
+
resp.virtual_mfa_device
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
populates_from :list_virtual_mfa_devices do |resp|
|
118
|
+
resp.virtual_mfa_devices.find { |d| d.serial_number == serial_number }
|
119
|
+
end
|
120
|
+
|
121
|
+
protected
|
122
|
+
def format_auth_code(code)
|
123
|
+
sprintf("%06d", code)
|
124
|
+
end
|
125
|
+
|
126
|
+
protected
|
127
|
+
def get_resource attr_name
|
128
|
+
client.list_virtual_mfa_devices
|
129
|
+
end
|
130
|
+
|
131
|
+
protected
|
132
|
+
def resource_identifiers
|
133
|
+
[[:serial_number, serial_number]]
|
134
|
+
end
|
135
|
+
|
136
|
+
end
|
137
|
+
|
138
|
+
end
|
139
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
+
# may not use this file except in compliance with the License. A copy of
|
5
|
+
# the License is located at
|
6
|
+
#
|
7
|
+
# http://aws.amazon.com/apache2.0/
|
8
|
+
#
|
9
|
+
# or in the "license" file accompanying this file. This file is
|
10
|
+
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
+
# ANY KIND, either express or implied. See the License for the specific
|
12
|
+
# language governing permissions and limitations under the License.
|
13
|
+
|
14
|
+
module AWS
|
15
|
+
class IAM
|
16
|
+
|
17
|
+
class VirtualMfaDeviceCollection
|
18
|
+
|
19
|
+
include Collection
|
20
|
+
|
21
|
+
# Creates a new virtual MFA device for the AWS account.
|
22
|
+
# After creating the virtual MFA, you can enable the device to an
|
23
|
+
# IAM user.
|
24
|
+
#
|
25
|
+
# @param [String] name The name of the virtual MFA device. Name and path
|
26
|
+
# together uniquely identify a virtual MFA device.
|
27
|
+
# @param [Hash] options
|
28
|
+
# @option [String] :path The path for the virtual MFA device.
|
29
|
+
# @return [VirtualMfaDevice]
|
30
|
+
def create name, options = {}
|
31
|
+
|
32
|
+
client_opts = options.dup
|
33
|
+
client_opts[:virtual_mfa_device_name] = name
|
34
|
+
resp = client.create_virtual_mfa_device(client_opts)
|
35
|
+
|
36
|
+
VirtualMfaDevice.new_from(
|
37
|
+
:create_virtual_mfa_device,
|
38
|
+
resp.virtual_mfa_device,
|
39
|
+
resp.virtual_mfa_device.serial_number,
|
40
|
+
:config => config)
|
41
|
+
|
42
|
+
end
|
43
|
+
|
44
|
+
# Returns a virtual MFA device with the given serial number.
|
45
|
+
# @param [String] serial_number The serial number (ARN) of a virtual
|
46
|
+
# MFA device.
|
47
|
+
# @return [VirtualMfaDevice]
|
48
|
+
def [] serial_number
|
49
|
+
VirtualMfaDevice.new(serial_number, :config => config)
|
50
|
+
end
|
51
|
+
|
52
|
+
protected
|
53
|
+
def request_method; :list_virtual_mfa_devices; end
|
54
|
+
|
55
|
+
protected
|
56
|
+
def next_token_key; :marker; end
|
57
|
+
|
58
|
+
protected
|
59
|
+
def limit_key; :max_items; end
|
60
|
+
|
61
|
+
protected
|
62
|
+
def each_item(response)
|
63
|
+
response.virtual_mfa_devices.each do |d|
|
64
|
+
device = VirtualMfaDevice.new_from(
|
65
|
+
:list_mfa_devices, d, d.serial_number, :config => config)
|
66
|
+
yield(device)
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
end
|
71
|
+
|
72
|
+
end
|
73
|
+
end
|
@@ -22,7 +22,7 @@ module AWS
|
|
22
22
|
#
|
23
23
|
# @example A standard string attribute
|
24
24
|
#
|
25
|
-
# class Recipe < AWS::Record::
|
25
|
+
# class Recipe < AWS::Record::HashModel
|
26
26
|
# string_attr :name
|
27
27
|
# end
|
28
28
|
#
|
@@ -31,7 +31,7 @@ module AWS
|
|
31
31
|
#
|
32
32
|
# @example A string attribute with +:set+ set to true
|
33
33
|
#
|
34
|
-
# class Recipe < AWS::Record::
|
34
|
+
# class Recipe < AWS::Record::HashModel
|
35
35
|
# string_attr :tags, :set => true
|
36
36
|
# end
|
37
37
|
#
|
@@ -48,7 +48,7 @@ module AWS
|
|
48
48
|
|
49
49
|
# Adds an integer attribute to this class.
|
50
50
|
#
|
51
|
-
# class Recipe < AWS::Record::
|
51
|
+
# class Recipe < AWS::Record::HashModel
|
52
52
|
# integer_attr :servings
|
53
53
|
# end
|
54
54
|
#
|
@@ -65,7 +65,7 @@ module AWS
|
|
65
65
|
|
66
66
|
# Adds a float attribute to this class.
|
67
67
|
#
|
68
|
-
# class Listing < AWS::Record::
|
68
|
+
# class Listing < AWS::Record::HashModel
|
69
69
|
# float_attr :score
|
70
70
|
# end
|
71
71
|
#
|
@@ -84,7 +84,7 @@ module AWS
|
|
84
84
|
#
|
85
85
|
# @example
|
86
86
|
#
|
87
|
-
# class Book < AWS::Record::
|
87
|
+
# class Book < AWS::Record::HashModel
|
88
88
|
# boolean_attr :read
|
89
89
|
# end
|
90
90
|
#
|
@@ -112,7 +112,7 @@ module AWS
|
|
112
112
|
#
|
113
113
|
# @example A standard datetime attribute
|
114
114
|
#
|
115
|
-
# class Recipe < AWS::Record::
|
115
|
+
# class Recipe < AWS::Record::HashModel
|
116
116
|
# datetime_attr :invented
|
117
117
|
# end
|
118
118
|
#
|
@@ -137,7 +137,7 @@ module AWS
|
|
137
137
|
#
|
138
138
|
# @example A standard date attribute
|
139
139
|
#
|
140
|
-
# class Person < AWS::Record::
|
140
|
+
# class Person < AWS::Record::HashModel
|
141
141
|
# date_attr :birthdate
|
142
142
|
# end
|
143
143
|
#
|
@@ -161,7 +161,7 @@ module AWS
|
|
161
161
|
#
|
162
162
|
# @example
|
163
163
|
#
|
164
|
-
# class Recipe < AWS::Record::
|
164
|
+
# class Recipe < AWS::Record::HashModel
|
165
165
|
# timestamps
|
166
166
|
# end
|
167
167
|
#
|