aws-sdk 1.30.1 → 1.31.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +6 -3
- data/lib/aws/api_config/CloudFront-2013-11-11.yml +2886 -0
- data/lib/aws/api_config/CloudTrail-2013-11-01.yml +36 -0
- data/lib/aws/api_config/ElasticTranscoder-2012-09-25.yml +67 -446
- data/lib/aws/auto_scaling.rb +0 -1
- data/lib/aws/auto_scaling/client.rb +2 -0
- data/lib/aws/cloud_formation.rb +0 -1
- data/lib/aws/cloud_formation/client.rb +2 -0
- data/lib/aws/cloud_front.rb +0 -1
- data/lib/aws/cloud_front/client.rb +6 -6
- data/lib/aws/cloud_search.rb +0 -1
- data/lib/aws/cloud_search/client.rb +3 -0
- data/lib/aws/cloud_trail.rb +0 -1
- data/lib/aws/cloud_trail/client.rb +2 -0
- data/lib/aws/cloud_watch.rb +0 -1
- data/lib/aws/cloud_watch/client.rb +2 -0
- data/lib/aws/core.rb +8 -6
- data/lib/aws/core/client.rb +30 -4
- data/lib/aws/core/configuration.rb +1 -1
- data/lib/aws/core/http/request.rb +2 -1
- data/lib/aws/core/signers/base.rb +46 -0
- data/lib/aws/core/signers/cloud_front.rb +56 -0
- data/lib/aws/core/signers/s3.rb +159 -0
- data/lib/aws/core/signers/version_2.rb +72 -0
- data/lib/aws/core/signers/version_3.rb +86 -0
- data/lib/aws/core/signers/version_3_https.rb +61 -0
- data/lib/aws/core/signers/version_4.rb +228 -0
- data/lib/aws/core/signers/version_4/chunk_signed_stream.rb +191 -0
- data/lib/aws/data_pipeline.rb +0 -1
- data/lib/aws/data_pipeline/client.rb +3 -0
- data/lib/aws/direct_connect.rb +0 -1
- data/lib/aws/direct_connect/client.rb +3 -0
- data/lib/aws/dynamo_db.rb +0 -1
- data/lib/aws/dynamo_db/client.rb +2 -0
- data/lib/aws/ec2.rb +0 -1
- data/lib/aws/ec2/client.rb +21 -0
- data/lib/aws/elastic_beanstalk.rb +0 -1
- data/lib/aws/elastic_beanstalk/client.rb +3 -0
- data/lib/aws/elastic_transcoder.rb +0 -1
- data/lib/aws/elastic_transcoder/client.rb +2 -0
- data/lib/aws/elasticache.rb +0 -1
- data/lib/aws/elasticache/client.rb +2 -0
- data/lib/aws/elb.rb +0 -1
- data/lib/aws/elb/client.rb +2 -0
- data/lib/aws/emr.rb +0 -1
- data/lib/aws/emr/client.rb +2 -0
- data/lib/aws/glacier.rb +0 -1
- data/lib/aws/glacier/client.rb +2 -0
- data/lib/aws/iam.rb +0 -1
- data/lib/aws/iam/client.rb +2 -0
- data/lib/aws/import_export.rb +0 -1
- data/lib/aws/import_export/client.rb +2 -0
- data/lib/aws/kinesis.rb +0 -1
- data/lib/aws/kinesis/client.rb +2 -0
- data/lib/aws/ops_works.rb +0 -1
- data/lib/aws/ops_works/client.rb +2 -0
- data/lib/aws/rds.rb +0 -1
- data/lib/aws/rds/client.rb +2 -0
- data/lib/aws/redshift.rb +0 -1
- data/lib/aws/redshift/client.rb +2 -0
- data/lib/aws/route_53.rb +0 -1
- data/lib/aws/route_53/client.rb +2 -0
- data/lib/aws/s3.rb +1 -0
- data/lib/aws/s3/bucket_collection.rb +9 -7
- data/lib/aws/s3/client.rb +70 -9
- data/lib/aws/s3/config.rb +12 -0
- data/lib/aws/s3/object_collection.rb +4 -9
- data/lib/aws/s3/presign_v4.rb +127 -0
- data/lib/aws/s3/presigned_post.rb +1 -1
- data/lib/aws/s3/request.rb +0 -136
- data/lib/aws/s3/s3_object.rb +40 -19
- data/lib/aws/simple_db.rb +0 -1
- data/lib/aws/simple_db/client.rb +2 -0
- data/lib/aws/simple_email_service.rb +0 -1
- data/lib/aws/simple_email_service/client.rb +2 -0
- data/lib/aws/simple_workflow.rb +0 -1
- data/lib/aws/simple_workflow/client.rb +2 -0
- data/lib/aws/sns.rb +0 -1
- data/lib/aws/sns/client.rb +2 -0
- data/lib/aws/sqs.rb +0 -1
- data/lib/aws/sqs/client.rb +2 -0
- data/lib/aws/storage_gateway.rb +0 -1
- data/lib/aws/storage_gateway/client.rb +2 -0
- data/lib/aws/sts.rb +0 -1
- data/lib/aws/sts/client.rb +2 -0
- data/lib/aws/support.rb +0 -1
- data/lib/aws/support/client.rb +2 -0
- data/lib/aws/version.rb +1 -1
- metadata +12 -38
- data/lib/aws/auto_scaling/request.rb +0 -29
- data/lib/aws/cloud_formation/request.rb +0 -29
- data/lib/aws/cloud_front/request.rb +0 -30
- data/lib/aws/cloud_search/request.rb +0 -23
- data/lib/aws/cloud_trail/request.rb +0 -30
- data/lib/aws/cloud_watch/request.rb +0 -29
- data/lib/aws/core/signature/version_2.rb +0 -56
- data/lib/aws/core/signature/version_3.rb +0 -77
- data/lib/aws/core/signature/version_3_https.rb +0 -54
- data/lib/aws/core/signature/version_4.rb +0 -135
- data/lib/aws/core/signer.rb +0 -46
- data/lib/aws/data_pipeline/request.rb +0 -26
- data/lib/aws/direct_connect/request.rb +0 -27
- data/lib/aws/dynamo_db/request.rb +0 -26
- data/lib/aws/ec2/request.rb +0 -21
- data/lib/aws/elastic_beanstalk/request.rb +0 -29
- data/lib/aws/elastic_transcoder/request.rb +0 -30
- data/lib/aws/elasticache/request.rb +0 -23
- data/lib/aws/elb/request.rb +0 -29
- data/lib/aws/emr/request.rb +0 -28
- data/lib/aws/glacier/request.rb +0 -29
- data/lib/aws/iam/request.rb +0 -29
- data/lib/aws/import_export/request.rb +0 -23
- data/lib/aws/kinesis/request.rb +0 -26
- data/lib/aws/ops_works/request.rb +0 -27
- data/lib/aws/rds/request.rb +0 -29
- data/lib/aws/redshift/request.rb +0 -29
- data/lib/aws/route_53/request.rb +0 -23
- data/lib/aws/simple_db/request.rb +0 -23
- data/lib/aws/simple_email_service/request.rb +0 -27
- data/lib/aws/simple_workflow/request.rb +0 -28
- data/lib/aws/sns/request.rb +0 -29
- data/lib/aws/sqs/request.rb +0 -31
- data/lib/aws/storage_gateway/request.rb +0 -28
- data/lib/aws/sts/request.rb +0 -29
- data/lib/aws/support/request.rb +0 -27
|
@@ -0,0 +1,191 @@
|
|
|
1
|
+
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
2
|
+
#
|
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
|
4
|
+
# may not use this file except in compliance with the License. A copy of
|
|
5
|
+
# the License is located at
|
|
6
|
+
#
|
|
7
|
+
# http://aws.amazon.com/apache2.0/
|
|
8
|
+
#
|
|
9
|
+
# or in the "license" file accompanying this file. This file is
|
|
10
|
+
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
|
11
|
+
# ANY KIND, either express or implied. See the License for the specific
|
|
12
|
+
# language governing permissions and limitations under the License.
|
|
13
|
+
|
|
14
|
+
require 'stringio'
|
|
15
|
+
|
|
16
|
+
module AWS
|
|
17
|
+
module Core
|
|
18
|
+
module Signers
|
|
19
|
+
class Version4
|
|
20
|
+
class ChunkSignedStream
|
|
21
|
+
|
|
22
|
+
# @api private
|
|
23
|
+
DEFAULT_CHUNK_SIZE = 128 * 1024
|
|
24
|
+
|
|
25
|
+
# @api private
|
|
26
|
+
MAX_BUFFER_SIZE = 256 * 1024
|
|
27
|
+
|
|
28
|
+
# @api private
|
|
29
|
+
CHUNK_SIGNATURE_HEADER = ";chunk-signature="
|
|
30
|
+
|
|
31
|
+
# @api private
|
|
32
|
+
CHUNK_STRING_TO_SIGN_PREFIX = "AWS4-HMAC-SHA256-PAYLOAD"
|
|
33
|
+
|
|
34
|
+
# @api private
|
|
35
|
+
SIGNATURE_LENGTH = 64
|
|
36
|
+
|
|
37
|
+
# @api private
|
|
38
|
+
CLRF = "\r\n"
|
|
39
|
+
|
|
40
|
+
# @param [IO] stream The original http request body stream.
|
|
41
|
+
# @param [Integer] stream_size Size of the original stream in bytes.
|
|
42
|
+
# This must be greater than 0.
|
|
43
|
+
# @param [String] key The derived sigv4 signing key.
|
|
44
|
+
# @param [String] key_path The scope of the derived key.
|
|
45
|
+
# @param [String] datetime The iso8601 formatted datetime.
|
|
46
|
+
# @param [String] signature The computed signature of the request headers.
|
|
47
|
+
# @return [IO] Returns an IO-like object.
|
|
48
|
+
def initialize stream, stream_size, key, key_path, datetime, signature
|
|
49
|
+
@stream = stream || StringIO.new('')
|
|
50
|
+
@size = self.class.signed_size(stream_size)
|
|
51
|
+
@key = key
|
|
52
|
+
@key_path = key_path
|
|
53
|
+
@datetime = datetime
|
|
54
|
+
@prev_chunk_signature = signature
|
|
55
|
+
reset
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
# @return [Integer] the size of the final (signed) stream
|
|
59
|
+
attr_reader :size
|
|
60
|
+
|
|
61
|
+
# @param [Integer] bytes (nil)
|
|
62
|
+
# @param [String] output_buffer (nil)
|
|
63
|
+
# @return [String,nil]
|
|
64
|
+
def read bytes = nil, output_buffer = nil
|
|
65
|
+
data = read_bytes(bytes || @size)
|
|
66
|
+
if output_buffer
|
|
67
|
+
output_buffer.replace(data || '')
|
|
68
|
+
else
|
|
69
|
+
(data.nil? and bytes.nil?) ? '' : data
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
# @return [Integer]
|
|
74
|
+
def rewind
|
|
75
|
+
@stream.rewind
|
|
76
|
+
reset
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
private
|
|
80
|
+
|
|
81
|
+
def reset
|
|
82
|
+
@buffer = ''
|
|
83
|
+
@more_chunks = true
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
# @param [Integer] num_bytes The maximum number of bytes to return.
|
|
87
|
+
# @return [String,nil] `nil` once the complete stream has been read
|
|
88
|
+
def read_bytes num_bytes
|
|
89
|
+
fill_buffer(num_bytes)
|
|
90
|
+
bytes = @buffer[0,num_bytes]
|
|
91
|
+
@buffer = @buffer[num_bytes..-1] || '' # flatten the buffer
|
|
92
|
+
bytes == '' ? nil : bytes
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
# Fills the internal buffer at least +num_bytes+ of data.
|
|
96
|
+
# @param [Integer] num_bytes
|
|
97
|
+
def fill_buffer num_bytes
|
|
98
|
+
while @buffer.bytesize < num_bytes && more_chunks?
|
|
99
|
+
@buffer << next_chunk
|
|
100
|
+
end
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
def more_chunks?
|
|
104
|
+
@more_chunks
|
|
105
|
+
end
|
|
106
|
+
|
|
107
|
+
def next_chunk
|
|
108
|
+
chunk = @stream.read(DEFAULT_CHUNK_SIZE)
|
|
109
|
+
if chunk.nil?
|
|
110
|
+
chunk = ''
|
|
111
|
+
@more_chunks = false
|
|
112
|
+
end
|
|
113
|
+
sign_chunk(chunk)
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
# Given a chunk of the original stream, this method returns a signed
|
|
117
|
+
# chunk with the prefixed header.
|
|
118
|
+
# @param [String] chunk
|
|
119
|
+
# @return [String]
|
|
120
|
+
def sign_chunk chunk
|
|
121
|
+
[
|
|
122
|
+
chunk.bytesize.to_s(16),
|
|
123
|
+
CHUNK_SIGNATURE_HEADER,
|
|
124
|
+
next_chunk_signature(chunk),
|
|
125
|
+
CLRF,
|
|
126
|
+
chunk,
|
|
127
|
+
CLRF,
|
|
128
|
+
].join
|
|
129
|
+
end
|
|
130
|
+
|
|
131
|
+
# @param [String] chunk
|
|
132
|
+
# @return [String]
|
|
133
|
+
def next_chunk_signature chunk
|
|
134
|
+
string_to_sign = [
|
|
135
|
+
"AWS4-HMAC-SHA256-PAYLOAD",
|
|
136
|
+
@datetime,
|
|
137
|
+
@key_path,
|
|
138
|
+
@prev_chunk_signature,
|
|
139
|
+
hash(''),
|
|
140
|
+
hash(chunk),
|
|
141
|
+
].join("\n")
|
|
142
|
+
signature = sign(string_to_sign)
|
|
143
|
+
@prev_chunk_signature = signature
|
|
144
|
+
signature
|
|
145
|
+
end
|
|
146
|
+
|
|
147
|
+
def sign value
|
|
148
|
+
@digest ||= OpenSSL::Digest::Digest.new('sha256')
|
|
149
|
+
OpenSSL::HMAC.hexdigest(@digest, @key, value)
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
def hash value
|
|
153
|
+
Digest::SHA256.new.update(value).hexdigest
|
|
154
|
+
end
|
|
155
|
+
|
|
156
|
+
class << self
|
|
157
|
+
|
|
158
|
+
# Computes the final size of a chunked signed stream.
|
|
159
|
+
# @param [Integer] size Size of the original, unsigned stream.
|
|
160
|
+
# @return [Integer]
|
|
161
|
+
def signed_size size
|
|
162
|
+
full_sized_chunks = size / DEFAULT_CHUNK_SIZE
|
|
163
|
+
trailing_bytes = size % DEFAULT_CHUNK_SIZE
|
|
164
|
+
length = 0
|
|
165
|
+
length += full_sized_chunks * header_length(DEFAULT_CHUNK_SIZE)
|
|
166
|
+
length += trailing_bytes > 0 ? header_length(trailing_bytes) : 0
|
|
167
|
+
length += header_length(0)
|
|
168
|
+
length
|
|
169
|
+
end
|
|
170
|
+
|
|
171
|
+
private
|
|
172
|
+
|
|
173
|
+
# Computes the size of a header that prefixes a chunk. The size
|
|
174
|
+
# appears in the header as a string.
|
|
175
|
+
# @param [Integer] size
|
|
176
|
+
# @return [Integer]
|
|
177
|
+
def header_length size
|
|
178
|
+
size.to_s(16).length +
|
|
179
|
+
CHUNK_SIGNATURE_HEADER.length +
|
|
180
|
+
SIGNATURE_LENGTH +
|
|
181
|
+
CLRF.length +
|
|
182
|
+
size +
|
|
183
|
+
CLRF.length
|
|
184
|
+
end
|
|
185
|
+
|
|
186
|
+
end
|
|
187
|
+
end
|
|
188
|
+
end
|
|
189
|
+
end
|
|
190
|
+
end
|
|
191
|
+
end
|
data/lib/aws/data_pipeline.rb
CHANGED
data/lib/aws/direct_connect.rb
CHANGED
data/lib/aws/dynamo_db.rb
CHANGED
|
@@ -115,7 +115,6 @@ module AWS
|
|
|
115
115
|
autoload :ItemCollection, 'aws/dynamo_db/item_collection'
|
|
116
116
|
autoload :Keys, 'aws/dynamo_db/keys'
|
|
117
117
|
autoload :PrimaryKeyElement, 'aws/dynamo_db/primary_key_element'
|
|
118
|
-
autoload :Request, 'aws/dynamo_db/request'
|
|
119
118
|
autoload :Resource, 'aws/dynamo_db/resource'
|
|
120
119
|
autoload :Table, 'aws/dynamo_db/table'
|
|
121
120
|
autoload :TableCollection, 'aws/dynamo_db/table_collection'
|
data/lib/aws/dynamo_db/client.rb
CHANGED
data/lib/aws/ec2.rb
CHANGED
|
@@ -258,7 +258,6 @@ module AWS
|
|
|
258
258
|
autoload :PermissionCollection, 'aws/ec2/permission_collection'
|
|
259
259
|
autoload :Region, 'aws/ec2/region'
|
|
260
260
|
autoload :RegionCollection, 'aws/ec2/region_collection'
|
|
261
|
-
autoload :Request, 'aws/ec2/request'
|
|
262
261
|
autoload :ReservedInstances, 'aws/ec2/reserved_instances'
|
|
263
262
|
autoload :ReservedInstancesCollection, 'aws/ec2/reserved_instances_collection'
|
|
264
263
|
autoload :ReservedInstancesOffering, 'aws/ec2/reserved_instances_offering'
|
data/lib/aws/ec2/client.rb
CHANGED
|
@@ -19,6 +19,14 @@ module AWS
|
|
|
19
19
|
|
|
20
20
|
API_VERSION = '2013-10-15'
|
|
21
21
|
|
|
22
|
+
def sign_request request
|
|
23
|
+
if @region =~ /^cn-/
|
|
24
|
+
v4_signer.sign_request(request)
|
|
25
|
+
else
|
|
26
|
+
v2_signer.sign_request(request)
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
|
|
22
30
|
# @api private
|
|
23
31
|
CACHEABLE_REQUESTS = Set[
|
|
24
32
|
:describe_addresses,
|
|
@@ -58,6 +66,19 @@ module AWS
|
|
|
58
66
|
:describe_network_interface_attribute,
|
|
59
67
|
]
|
|
60
68
|
|
|
69
|
+
protected
|
|
70
|
+
|
|
71
|
+
# @return [Core::Signers::Version2]
|
|
72
|
+
def v2_signer
|
|
73
|
+
@v2_signer ||= Core::Signers::Version2.new(credential_provider)
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
# @return [Core::Signers::Version4]
|
|
77
|
+
def v4_signer
|
|
78
|
+
@v4_signer ||=
|
|
79
|
+
Core::Signers::Version4.new(credential_provider, 'ec2', @region)
|
|
80
|
+
end
|
|
81
|
+
|
|
61
82
|
end
|
|
62
83
|
|
|
63
84
|
class Client::V20130815 < Client
|
data/lib/aws/elasticache.rb
CHANGED
data/lib/aws/elb.rb
CHANGED
|
@@ -50,7 +50,6 @@ module AWS
|
|
|
50
50
|
autoload :LoadBalancerCollection, 'aws/elb/load_balancer_collection'
|
|
51
51
|
autoload :LoadBalancerPolicy, 'aws/elb/load_balancer_policy'
|
|
52
52
|
autoload :LoadBalancerPolicyCollection, 'aws/elb/load_balancer_policy_collection'
|
|
53
|
-
autoload :Request, 'aws/elb/request'
|
|
54
53
|
|
|
55
54
|
include Core::ServiceInterface
|
|
56
55
|
|
data/lib/aws/elb/client.rb
CHANGED
data/lib/aws/emr.rb
CHANGED
|
@@ -71,7 +71,6 @@ module AWS
|
|
|
71
71
|
autoload :InstanceGroupCollection, 'aws/emr/instance_group_collection'
|
|
72
72
|
autoload :JobFlow, 'aws/emr/job_flow'
|
|
73
73
|
autoload :JobFlowCollection, 'aws/emr/job_flow_collection'
|
|
74
|
-
autoload :Request, 'aws/emr/request'
|
|
75
74
|
|
|
76
75
|
include Core::ServiceInterface
|
|
77
76
|
|
data/lib/aws/emr/client.rb
CHANGED
data/lib/aws/glacier.rb
CHANGED
|
@@ -51,7 +51,6 @@ module AWS
|
|
|
51
51
|
autoload :ArchiveCollection, 'aws/glacier/archive_collection'
|
|
52
52
|
autoload :Client, 'aws/glacier/client'
|
|
53
53
|
autoload :Errors, 'aws/glacier/errors'
|
|
54
|
-
autoload :Request, 'aws/glacier/request'
|
|
55
54
|
autoload :Resource, 'aws/glacier/resource'
|
|
56
55
|
autoload :Vault, 'aws/glacier/vault'
|
|
57
56
|
autoload :VaultCollection, 'aws/glacier/vault_collection'
|
data/lib/aws/glacier/client.rb
CHANGED
data/lib/aws/iam.rb
CHANGED
|
@@ -151,7 +151,6 @@ module AWS
|
|
|
151
151
|
autoload :MFADeviceCollection, 'aws/iam/mfa_device_collection'
|
|
152
152
|
autoload :Policy, 'aws/iam/policy'
|
|
153
153
|
autoload :PolicyCollection, 'aws/iam/policy_collection'
|
|
154
|
-
autoload :Request, 'aws/iam/request'
|
|
155
154
|
autoload :Resource, 'aws/iam/resource'
|
|
156
155
|
autoload :ServerCertificate, 'aws/iam/server_certificate'
|
|
157
156
|
autoload :ServerCertificateCollection, 'aws/iam/server_certificate_collection'
|
data/lib/aws/iam/client.rb
CHANGED
data/lib/aws/import_export.rb
CHANGED