aws-sdk 1.3.2 → 1.3.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/aws/api_config/{IAM-2010-07-15.yml → IAM-2010-05-08.yml} +56 -4
- data/lib/aws/api_config/SNS-2010-03-31.yml +90 -81
- data/lib/aws/core.rb +26 -11
- data/lib/aws/core/client.rb +12 -4
- data/lib/aws/core/collection.rb +5 -12
- data/lib/aws/core/collection/limitable.rb +10 -3
- data/lib/aws/core/collection/simple.rb +1 -0
- data/lib/aws/core/configuration.rb +2 -0
- data/lib/aws/core/configured_json_client_methods.rb +5 -2
- data/lib/aws/core/http/httparty_handler.rb +1 -1
- data/lib/aws/core/http/net_http_handler.rb +2 -1
- data/lib/aws/core/http/request.rb +27 -0
- data/lib/aws/core/json_client.rb +41 -0
- data/lib/aws/core/lazy_error_classes.rb +2 -0
- data/lib/aws/core/option_grammar.rb +1 -1
- data/lib/aws/core/resource.rb +12 -14
- data/lib/aws/core/session_signer.rb +0 -5
- data/lib/aws/core/xml_grammar.rb +12 -2
- data/lib/aws/dynamo_db.rb +4 -1
- data/lib/aws/dynamo_db/client.rb +4 -17
- data/lib/aws/dynamo_db/item_collection.rb +15 -0
- data/lib/aws/ec2/security_group.rb +2 -1
- data/lib/aws/ec2/security_group/ip_permission.rb +2 -3
- data/lib/aws/elb/listener.rb +2 -2
- data/lib/aws/iam.rb +17 -0
- data/lib/aws/iam/client.rb +9 -6
- data/lib/aws/iam/mfa_device.rb +4 -2
- data/lib/aws/iam/mfa_device_collection.rb +14 -3
- data/lib/aws/iam/user.rb +10 -0
- data/lib/aws/iam/virtual_mfa_device.rb +139 -0
- data/lib/aws/iam/virtual_mfa_device_collection.rb +73 -0
- data/lib/aws/record/abstract_base.rb +1 -0
- data/lib/aws/record/hash_model/attributes.rb +8 -8
- data/lib/aws/record/hash_model/finder_methods.rb +10 -15
- data/lib/aws/record/model.rb +1 -3
- data/lib/aws/record/model/finder_methods.rb +3 -3
- data/lib/aws/s3.rb +1 -0
- data/lib/aws/s3/bucket.rb +83 -16
- data/lib/aws/s3/bucket_lifecycle_configuration.rb +360 -0
- data/lib/aws/s3/client.rb +50 -0
- data/lib/aws/s3/client/xml.rb +10 -0
- data/lib/aws/s3/object_version.rb +5 -0
- data/lib/aws/s3/object_version_collection.rb +15 -1
- data/lib/aws/s3/request.rb +1 -1
- data/lib/aws/s3/s3_object.rb +56 -1
- data/lib/aws/sns.rb +1 -0
- data/lib/aws/sns/has_delivery_policy.rb +68 -0
- data/lib/aws/sns/subscription.rb +62 -14
- data/lib/aws/sns/subscription_collection.rb +1 -1
- data/lib/aws/sns/topic.rb +22 -4
- data/lib/aws/sts.rb +3 -2
- data/lib/net/http/connection_pool.rb +1 -1
- metadata +27 -25
- data/lib/aws/core/collection/batchable.rb +0 -133
@@ -190,7 +190,8 @@ module AWS
|
|
190
190
|
#
|
191
191
|
# If you use ELB to manage load balancers, then you need to add
|
192
192
|
# ingress permissions to the security groups they route traffic into.
|
193
|
-
# You can do this by passing the {LoadBalancer} into
|
193
|
+
# You can do this by passing the {ELB::LoadBalancer} into
|
194
|
+
# authorize_ingress:
|
194
195
|
#
|
195
196
|
# load_balancer = AWS::ELB.new.load_balancers['web-load-balancer']
|
196
197
|
#
|
@@ -92,7 +92,7 @@ module AWS
|
|
92
92
|
|
93
93
|
# @return [Boolean] Returns true if the other IpPermission matches
|
94
94
|
# this one.
|
95
|
-
def
|
95
|
+
def eql? other
|
96
96
|
other.is_a?(IpPermission) and
|
97
97
|
other.security_group == security_group and
|
98
98
|
other.protocol == protocol and
|
@@ -101,8 +101,7 @@ module AWS
|
|
101
101
|
other.groups == groups and
|
102
102
|
other.egress == egress?
|
103
103
|
end
|
104
|
-
|
105
|
-
alias_method :eql?, :==
|
104
|
+
alias_method :==, :eql?
|
106
105
|
|
107
106
|
protected
|
108
107
|
def update_sg method
|
data/lib/aws/elb/listener.rb
CHANGED
@@ -170,12 +170,12 @@ module AWS
|
|
170
170
|
end
|
171
171
|
|
172
172
|
# @private
|
173
|
-
def
|
173
|
+
def eql? other
|
174
174
|
other.is_a?(Listener) and
|
175
175
|
other.load_balancer == load_balancer and
|
176
176
|
other.port == port
|
177
177
|
end
|
178
|
-
alias_method :eql
|
178
|
+
alias_method :==, :eql?
|
179
179
|
|
180
180
|
protected
|
181
181
|
def _description
|
data/lib/aws/iam.rb
CHANGED
@@ -161,6 +161,8 @@ module AWS
|
|
161
161
|
autoload :UserGroupCollection, 'user_group_collection'
|
162
162
|
autoload :UserPolicy, 'user_policy'
|
163
163
|
autoload :UserPolicyCollection, 'user_policy_collection'
|
164
|
+
autoload :VirtualMfaDeviceCollection, 'virtual_mfa_device_collection'
|
165
|
+
autoload :VirtualMfaDevice, 'virtual_mfa_device'
|
164
166
|
end
|
165
167
|
|
166
168
|
include Core::ServiceInterface
|
@@ -253,6 +255,21 @@ module AWS
|
|
253
255
|
ServerCertificateCollection.new(:config => config)
|
254
256
|
end
|
255
257
|
|
258
|
+
# Returns a collection that represents the virtual MFA devices
|
259
|
+
# that are not assigned to an IAM user.
|
260
|
+
#
|
261
|
+
# iam = AWS::IAM.new
|
262
|
+
# iam.virtual_mfa_devices.each do |cert|
|
263
|
+
# # ...
|
264
|
+
# end
|
265
|
+
#
|
266
|
+
# @return [VirtualMfaDeviceCollection] Returns a collection that
|
267
|
+
# represents the virtual MFA devices that are not assigned to an
|
268
|
+
# IAM user.
|
269
|
+
def virtual_mfa_devices
|
270
|
+
VirtualMfaDeviceCollection.new(:config => config)
|
271
|
+
end
|
272
|
+
|
256
273
|
# Sets the account alias for this AWS account.
|
257
274
|
# @param [String] account_alias
|
258
275
|
# @return [String] Returns the account alias passed.
|
data/lib/aws/iam/client.rb
CHANGED
@@ -28,12 +28,15 @@ module AWS
|
|
28
28
|
REQUEST_CLASS = IAM::Request
|
29
29
|
|
30
30
|
# @private
|
31
|
-
CACHEABLE_REQUESTS = Set[
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
31
|
+
CACHEABLE_REQUESTS = Set[
|
32
|
+
:list_groups,
|
33
|
+
:list_group_policies,
|
34
|
+
:list_groups_for_user,
|
35
|
+
:list_server_certificates,
|
36
|
+
:list_virtual_mfa_devices,
|
37
|
+
:get_group,
|
38
|
+
:get_group_policy
|
39
|
+
]
|
37
40
|
|
38
41
|
configure_client
|
39
42
|
|
data/lib/aws/iam/mfa_device.rb
CHANGED
@@ -31,8 +31,10 @@ module AWS
|
|
31
31
|
# @return [String] Returns the MFA device's serial number
|
32
32
|
attr_reader :serial_number
|
33
33
|
|
34
|
-
# Deactivates the MFA device and removes it from association
|
35
|
-
# user for which it was originally enabled.
|
34
|
+
# Deactivates the MFA device and removes it from association
|
35
|
+
# with the user for which it was originally enabled. You must
|
36
|
+
# call {MFADeviceCollection#enable} to enable the device again.
|
37
|
+
#
|
36
38
|
# @return [nil]
|
37
39
|
def deactivate
|
38
40
|
client.deactivate_mfa_device({
|
@@ -63,11 +63,16 @@ module AWS
|
|
63
63
|
MFADevice.new(user, serial_number)
|
64
64
|
end
|
65
65
|
|
66
|
-
#
|
66
|
+
# Deactivates all of the MFA devices in this collection.
|
67
|
+
# Virtual MFA devices in this collection will not be
|
68
|
+
# deleted. Instead they will be available in the
|
69
|
+
# {IAM#virtual_mfa_devices} collection so that they can either
|
70
|
+
# be deleted or enabled for different users.
|
71
|
+
#
|
67
72
|
# @return [nil]
|
68
73
|
def clear
|
69
74
|
each do |device|
|
70
|
-
device.
|
75
|
+
device.deactivate
|
71
76
|
end
|
72
77
|
nil
|
73
78
|
end
|
@@ -104,7 +109,13 @@ module AWS
|
|
104
109
|
def each_item response, &block
|
105
110
|
response.mfa_devices.each do |item|
|
106
111
|
|
107
|
-
|
112
|
+
if item.serial_number =~ /^arn:/
|
113
|
+
mfa_device = VirtualMfaDevice.new_from(:list_mfa_devices, item,
|
114
|
+
item.serial_number,
|
115
|
+
:config => config)
|
116
|
+
else
|
117
|
+
mfa_device = MFADevice.new(user, item.serial_number)
|
118
|
+
end
|
108
119
|
|
109
120
|
yield(mfa_device)
|
110
121
|
|
data/lib/aws/iam/user.rb
CHANGED
@@ -58,6 +58,16 @@ module AWS
|
|
58
58
|
# In order to delete a user you must first remove it from all of its
|
59
59
|
# groups and delete all of its signing certificates. Once this is done:
|
60
60
|
#
|
61
|
+
# @attr [String] user_name
|
62
|
+
#
|
63
|
+
# @attr [String] path
|
64
|
+
#
|
65
|
+
# @attr_reader [String] id
|
66
|
+
#
|
67
|
+
# @attr_reader [DateTime] create_date
|
68
|
+
#
|
69
|
+
# @attr_reader [String] arn
|
70
|
+
#
|
61
71
|
class User < Resource
|
62
72
|
|
63
73
|
prefix_update_attributes
|
@@ -0,0 +1,139 @@
|
|
1
|
+
# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
+
# may not use this file except in compliance with the License. A copy of
|
5
|
+
# the License is located at
|
6
|
+
#
|
7
|
+
# http://aws.amazon.com/apache2.0/
|
8
|
+
#
|
9
|
+
# or in the "license" file accompanying this file. This file is
|
10
|
+
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
+
# ANY KIND, either express or implied. See the License for the specific
|
12
|
+
# language governing permissions and limitations under the License.
|
13
|
+
|
14
|
+
require 'base64'
|
15
|
+
|
16
|
+
module AWS
|
17
|
+
class IAM
|
18
|
+
|
19
|
+
# @attr_reader [String] base_32_string_seed The Base32 seed defined as
|
20
|
+
# specified in RFC3548. Only accessible on newly created
|
21
|
+
# devices. This value is Base64-encoded.
|
22
|
+
#
|
23
|
+
# @attr_reader [Blob] qr_code_png A QR code PNG image that encodes
|
24
|
+
# otpauth://totp/$virtualMFADeviceName@$AccountName? secret=$Base32String
|
25
|
+
# where $virtualMFADeviceName is one of the create call arguments,
|
26
|
+
# AccountName is the user name if set (accountId otherwise), and
|
27
|
+
# Base32String is the seed in Base32 format. Only accessible on newly
|
28
|
+
# created devices. This value is Base64-encoded.
|
29
|
+
#
|
30
|
+
# @attr_reader [DateTime] enable_date When this device was enabled.
|
31
|
+
# Returns nil if this device has not been enabled.
|
32
|
+
#
|
33
|
+
class VirtualMfaDevice < Resource
|
34
|
+
|
35
|
+
# @private
|
36
|
+
def initialize serial_number, options = {}
|
37
|
+
@serial_number = serial_number
|
38
|
+
super
|
39
|
+
end
|
40
|
+
|
41
|
+
# @return [String] Returns the virtual MFA device serial number (ARN).
|
42
|
+
attr_reader :serial_number
|
43
|
+
|
44
|
+
alias_method :arn, :serial_number
|
45
|
+
|
46
|
+
attribute :base_32_string_seed, :static => true
|
47
|
+
|
48
|
+
attribute :qr_code_png, :static => true
|
49
|
+
|
50
|
+
attribute :enable_date, :static => true
|
51
|
+
|
52
|
+
attribute :user_details, :as => :user
|
53
|
+
|
54
|
+
protected :user_details
|
55
|
+
|
56
|
+
# @return [User,nil] Returns the user this device was enabled
|
57
|
+
# for, or nil if this device has not been enabled.
|
58
|
+
def user
|
59
|
+
if details = user_details
|
60
|
+
User.new(details.user_name, :config => config)
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
# Enables the MFA device and associates it with the specified user.
|
65
|
+
# When enabled, the MFA device is required for every subsequent login
|
66
|
+
# by the user name associated with the device.
|
67
|
+
# @param [User,String] user The user (or user name string) you want
|
68
|
+
# to enable this device for.
|
69
|
+
# @param [String] code1 An authentication code emitted by the device.
|
70
|
+
# @param [String] code2 A subsequent authentication code emitted by
|
71
|
+
# the device.
|
72
|
+
def enable user, code1, code2
|
73
|
+
|
74
|
+
user_name = user.is_a?(User) ? user.name : user
|
75
|
+
|
76
|
+
client.enable_mfa_device(
|
77
|
+
:user_name => user_name,
|
78
|
+
:serial_number => serial_number,
|
79
|
+
:authentication_code_1 => format_auth_code(code1),
|
80
|
+
:authentication_code_2 => format_auth_code(code2))
|
81
|
+
|
82
|
+
nil
|
83
|
+
|
84
|
+
end
|
85
|
+
|
86
|
+
# @return [Boolean] Returns true if this device has been enabled
|
87
|
+
# for a user.
|
88
|
+
def enabled?
|
89
|
+
!!enable_date
|
90
|
+
end
|
91
|
+
|
92
|
+
# Deactivates the MFA device and removes it from association with
|
93
|
+
# the user for which it was originally enabled.
|
94
|
+
# @return [nil]
|
95
|
+
def deactivate
|
96
|
+
client_opts = {}
|
97
|
+
client_opts[:user_name] = user.name
|
98
|
+
client_opts[:serial_number] = serial_number
|
99
|
+
client.deactivate_mfa_device(client_opts)
|
100
|
+
nil
|
101
|
+
end
|
102
|
+
alias_method :disable, :deactivate
|
103
|
+
|
104
|
+
# Deletes this virtual MFA device.
|
105
|
+
# @return [nil]
|
106
|
+
def delete
|
107
|
+
client.delete_virtual_mfa_device(resource_options)
|
108
|
+
nil
|
109
|
+
end
|
110
|
+
|
111
|
+
populates_from :create_virtual_mfa_device do |resp|
|
112
|
+
if resp.virtual_mfa_device.serial_number == serial_number
|
113
|
+
resp.virtual_mfa_device
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
populates_from :list_virtual_mfa_devices do |resp|
|
118
|
+
resp.virtual_mfa_devices.find { |d| d.serial_number == serial_number }
|
119
|
+
end
|
120
|
+
|
121
|
+
protected
|
122
|
+
def format_auth_code(code)
|
123
|
+
sprintf("%06d", code)
|
124
|
+
end
|
125
|
+
|
126
|
+
protected
|
127
|
+
def get_resource attr_name
|
128
|
+
client.list_virtual_mfa_devices
|
129
|
+
end
|
130
|
+
|
131
|
+
protected
|
132
|
+
def resource_identifiers
|
133
|
+
[[:serial_number, serial_number]]
|
134
|
+
end
|
135
|
+
|
136
|
+
end
|
137
|
+
|
138
|
+
end
|
139
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
+
# may not use this file except in compliance with the License. A copy of
|
5
|
+
# the License is located at
|
6
|
+
#
|
7
|
+
# http://aws.amazon.com/apache2.0/
|
8
|
+
#
|
9
|
+
# or in the "license" file accompanying this file. This file is
|
10
|
+
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
+
# ANY KIND, either express or implied. See the License for the specific
|
12
|
+
# language governing permissions and limitations under the License.
|
13
|
+
|
14
|
+
module AWS
|
15
|
+
class IAM
|
16
|
+
|
17
|
+
class VirtualMfaDeviceCollection
|
18
|
+
|
19
|
+
include Collection
|
20
|
+
|
21
|
+
# Creates a new virtual MFA device for the AWS account.
|
22
|
+
# After creating the virtual MFA, you can enable the device to an
|
23
|
+
# IAM user.
|
24
|
+
#
|
25
|
+
# @param [String] name The name of the virtual MFA device. Name and path
|
26
|
+
# together uniquely identify a virtual MFA device.
|
27
|
+
# @param [Hash] options
|
28
|
+
# @option [String] :path The path for the virtual MFA device.
|
29
|
+
# @return [VirtualMfaDevice]
|
30
|
+
def create name, options = {}
|
31
|
+
|
32
|
+
client_opts = options.dup
|
33
|
+
client_opts[:virtual_mfa_device_name] = name
|
34
|
+
resp = client.create_virtual_mfa_device(client_opts)
|
35
|
+
|
36
|
+
VirtualMfaDevice.new_from(
|
37
|
+
:create_virtual_mfa_device,
|
38
|
+
resp.virtual_mfa_device,
|
39
|
+
resp.virtual_mfa_device.serial_number,
|
40
|
+
:config => config)
|
41
|
+
|
42
|
+
end
|
43
|
+
|
44
|
+
# Returns a virtual MFA device with the given serial number.
|
45
|
+
# @param [String] serial_number The serial number (ARN) of a virtual
|
46
|
+
# MFA device.
|
47
|
+
# @return [VirtualMfaDevice]
|
48
|
+
def [] serial_number
|
49
|
+
VirtualMfaDevice.new(serial_number, :config => config)
|
50
|
+
end
|
51
|
+
|
52
|
+
protected
|
53
|
+
def request_method; :list_virtual_mfa_devices; end
|
54
|
+
|
55
|
+
protected
|
56
|
+
def next_token_key; :marker; end
|
57
|
+
|
58
|
+
protected
|
59
|
+
def limit_key; :max_items; end
|
60
|
+
|
61
|
+
protected
|
62
|
+
def each_item(response)
|
63
|
+
response.virtual_mfa_devices.each do |d|
|
64
|
+
device = VirtualMfaDevice.new_from(
|
65
|
+
:list_mfa_devices, d, d.serial_number, :config => config)
|
66
|
+
yield(device)
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
end
|
71
|
+
|
72
|
+
end
|
73
|
+
end
|
@@ -22,7 +22,7 @@ module AWS
|
|
22
22
|
#
|
23
23
|
# @example A standard string attribute
|
24
24
|
#
|
25
|
-
# class Recipe < AWS::Record::
|
25
|
+
# class Recipe < AWS::Record::HashModel
|
26
26
|
# string_attr :name
|
27
27
|
# end
|
28
28
|
#
|
@@ -31,7 +31,7 @@ module AWS
|
|
31
31
|
#
|
32
32
|
# @example A string attribute with +:set+ set to true
|
33
33
|
#
|
34
|
-
# class Recipe < AWS::Record::
|
34
|
+
# class Recipe < AWS::Record::HashModel
|
35
35
|
# string_attr :tags, :set => true
|
36
36
|
# end
|
37
37
|
#
|
@@ -48,7 +48,7 @@ module AWS
|
|
48
48
|
|
49
49
|
# Adds an integer attribute to this class.
|
50
50
|
#
|
51
|
-
# class Recipe < AWS::Record::
|
51
|
+
# class Recipe < AWS::Record::HashModel
|
52
52
|
# integer_attr :servings
|
53
53
|
# end
|
54
54
|
#
|
@@ -65,7 +65,7 @@ module AWS
|
|
65
65
|
|
66
66
|
# Adds a float attribute to this class.
|
67
67
|
#
|
68
|
-
# class Listing < AWS::Record::
|
68
|
+
# class Listing < AWS::Record::HashModel
|
69
69
|
# float_attr :score
|
70
70
|
# end
|
71
71
|
#
|
@@ -84,7 +84,7 @@ module AWS
|
|
84
84
|
#
|
85
85
|
# @example
|
86
86
|
#
|
87
|
-
# class Book < AWS::Record::
|
87
|
+
# class Book < AWS::Record::HashModel
|
88
88
|
# boolean_attr :read
|
89
89
|
# end
|
90
90
|
#
|
@@ -112,7 +112,7 @@ module AWS
|
|
112
112
|
#
|
113
113
|
# @example A standard datetime attribute
|
114
114
|
#
|
115
|
-
# class Recipe < AWS::Record::
|
115
|
+
# class Recipe < AWS::Record::HashModel
|
116
116
|
# datetime_attr :invented
|
117
117
|
# end
|
118
118
|
#
|
@@ -137,7 +137,7 @@ module AWS
|
|
137
137
|
#
|
138
138
|
# @example A standard date attribute
|
139
139
|
#
|
140
|
-
# class Person < AWS::Record::
|
140
|
+
# class Person < AWS::Record::HashModel
|
141
141
|
# date_attr :birthdate
|
142
142
|
# end
|
143
143
|
#
|
@@ -161,7 +161,7 @@ module AWS
|
|
161
161
|
#
|
162
162
|
# @example
|
163
163
|
#
|
164
|
-
# class Recipe < AWS::Record::
|
164
|
+
# class Recipe < AWS::Record::HashModel
|
165
165
|
# timestamps
|
166
166
|
# end
|
167
167
|
#
|