fog-aws 3.13.0 → 3.21.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ab92d854133f8f95eaba87c66785ece83b06a57407d1bf627fe11c13d4e33f32
-  data.tar.gz: 39cfdea2adfae9a873d4530fba16913c68883fd523bd26aa3319e551de6b4292
+  metadata.gz: a70dcf9f73be47287b3b3b0180e9b8b43fd1743e67a6b56d8c44cc17e5e7e1f2
+  data.tar.gz: 0aa01c7969f747964e13d3404c4d35b91e7b12c77a0071c70dd21b144508014c
 SHA512:
-  metadata.gz: d32989087bd5bd8081a8a2b1247d1699314f5c2ea8e3be5ce2d7086c7a918b29468afd34f7ef279cc49d42c92f3907cadb82744cbf99a2828d117733ac1cea83
-  data.tar.gz: ae8d28913f81216fbfbbb6336794fde5809e5f779ec6ea812e064b0d2accc4d1acb199895a579901ad67f6e02a878ead320b8ec438029d7fba1b51f0f4ea416a
+  metadata.gz: 513c9d361abc77fba5540afccc11026788e6d1ee6df6f9134d8360d431db41dd50a395c476bdfba5c32d1ca2b35b4c81151aa1a82b0e8405976b49b7ac023582
+  data.tar.gz: 5cb4615882c96c20aeda02f9e68bbd10f2e1f9fc5fdfb9e3a916573f74cc45ca1df57fd9dc7c5b2231b2d258a4221ae5a75301341eb5013eb04f53936e6184fc

data/CHANGELOG.md

@@ -1,6 +1,128 @@
 # Changelog
 
-## [v3.13.0](https://github.com/fog/fog-aws/tree/v3.12.0) (2022-02-12)
+## [v3.21.0](https://github.com/fog/fog-aws/tree/v3.21.0) (2023-09-29)
+
+[Full Changelog](https://github.com/fog/fog-aws/compare/v3.20.0...v3.21.0)
+
+**Closed issues:**
+
+- Fog::AWS::Storage default retry behaviour guarantees 6s delay for 4xx class responses [\#690](https://github.com/fog/fog-aws/issues/690)
+
+**Merged pull requests:**
+
+- Fog::AWS::Storage don't retry client errors [\#691]((https://github.com/fog/fog-aws/pull/691) ([rahim](https://github.com/rahim))
+
+## [v3.20.0](https://github.com/fog/fog-aws/tree/v3.20.0) (2023-09-27)
+
+[Full Changelog](https://github.com/fog/fog-aws/compare/v3.19.0...v3.20.0)
+
+**Closed issues:**
+
+- Fog::AWS::Storage::File x-amz-request-id and x-amz-id-2 header reflection [\#688](https://github.com/fog/fog-aws/issues/688)
+- When using IRSA on `Fog::Storage`, output `Unrecognized arguments: sts_endpoint` warning  [\#683](https://github.com/fog/fog-aws/issues/683)
+- Is it possible to add `DurationSeconds` in CredentialFetcher ? [\#682](https://github.com/fog/fog-aws/issues/682)
+
+**Merged pull requests:**
+
+- Fog::AWS::Storage::File - fix request id header reflection [\#689](https://github.com/fog/fog-aws/pull/689) ([rahim](https://github.com/rahim))
+- Bump actions/checkout from 3 to 4 [\#687](https://github.com/fog/fog-aws/pull/687) ([dependabot[bot]](https://github.com/apps/dependabot))
+- add c6a, c6i, c6id, m6a,m6i, m6id, and r6a, r6i, r6id support [\#686](https://github.com/fog/fog-aws/pull/686) ([ashivadi](https://github.com/ashivadi))
+- Align the parameters for `AssumeRoleWithWebIdentity` action [\#685](https://github.com/fog/fog-aws/pull/685) ([marshluca](https://github.com/marshluca))
+- Prevent `Unrecognized arguments: sts_endpoint` warning [\#684](https://github.com/fog/fog-aws/pull/684) ([nekomaho](https://github.com/nekomaho))
+- CI against Ruby 3.2 [\#681](https://github.com/fog/fog-aws/pull/681) ([y-yagi](https://github.com/y-yagi))
+- Change method sync\_clock\_url to use localstack set a different port [\#680](https://github.com/fog/fog-aws/pull/680) ([fabiodallazen](https://github.com/fabiodallazen))
+
+## [v3.19.0](https://github.com/fog/fog-aws/tree/v3.19.0) (2023-05-18)
+
+[Full Changelog](https://github.com/fog/fog-aws/compare/v3.18.0...v3.19.0)
+
+**Merged pull requests:**
+
+- gopalcoupa:add-me-central-1 [\#679](https://github.com/fog/fog-aws/pull/679)
+- Fix S3 Transfer Acceleration [\#676](https://github.com/fog/fog-aws/pull/676)
+- configure connection_options to improve s3 retry see https://github.com/fog/fog-aws/issues/674 [\#675](https://github.com/fog/fog-aws/pull/675)
+- s3: remove hardcoded host [\#673](https://github.com/fog/fog-aws/pull/673)
+- Bump actions/stale from 7 to 8 [\#671](https://github.com/fog/fog-aws/pull/671)
+
+## [v3.18.0](https://github.com/fog/fog-aws/tree/v3.18.0) (2023-02-16)
+
+[Full Changelog](https://github.com/fog/fog-aws/compare/v3.17.0...v3.18.0)
+
+**Merged pull requests:**
+
+- Only compute SSE-C headers when needed in multipart upload [\#669](https://github.com/fog/fog-aws/pull/669) ([stanhu](https://github.com/stanhu))
+
+## [v3.17.0](https://github.com/fog/fog-aws/tree/v3.17.0) (2023-02-09)
+
+[Full Changelog](https://github.com/fog/fog-aws/compare/v3.16.0...v3.17.0)
+
+**Merged pull requests:**
+
+- Support disabling of Content-MD5 for FIPS [\#668](https://github.com/fog/fog-aws/pull/668) ([stanhu](https://github.com/stanhu))
+
+## [v3.16.0](https://github.com/fog/fog-aws/tree/v3.16.0) (2023-01-26)
+
+[Full Changelog](https://github.com/fog/fog-aws/compare/v3.15.0...v3.16.0)
+
+**Closed issues:**
+
+- README lists incorrect usage of IAM auth [\#663](https://github.com/fog/fog-aws/issues/663)
+- How can i config to use s3 in localstack [\#657](https://github.com/fog/fog-aws/issues/657)
+- Fog::Storage::AWS::Files#each always iterates over entire collection [\#232](https://github.com/fog/fog-aws/issues/232)
+- superclass mismatch for class AWS [\#655](https://github.com/fog/fog-aws/issues/655)
+- Lambda IAM Role Not Working [\#650](https://github.com/fog/fog-aws/issues/650)
+
+**Merged pull requests:**
+
+- adding missing region ap-southeast-4 [\#665](https://github.com/fog/fog-aws/pull/665) ([emptyhammond](https://github.com/emptyhammond))
+o
+- adding missing region eu-south-2 [\#662](https://github.com/fog/fog-aws/pull/662) ([ivangool](https://github.com/ivangool))
+- Bump actions/dependency-review-action from 2 to 3 [\#659](https://github.com/fog/fog-aws/pull/659) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Update aws.rb [\#658](https://github.com/fog/fog-aws/pull/658) ([ivangool](https://github.com/ivangool))
+- Bump actions/stale from 5 to 6 [\#656](https://github.com/fog/fog-aws/pull/656) ([dependabot[bot]](https://github.com/apps/dependabot))
+
+## [v3.15.0](https://github.com/fog/fog-aws/tree/v3.15.0) (2022-09-12)
+
+[Full Changelog](https://github.com/fog/fog-aws/compare/v3.14.0...v3.15.0)
+
+**Closed issues:**
+
+- URI.decode is obsolete \(and not available in Ruby 3.0\) [\#653](https://github.com/fog/fog-aws/issues/653)
+- S3: File copy not working outside us-east-1 region [\#645](https://github.com/fog/fog-aws/issues/645)
+- Unable to list, update and remove RDS tags in AWS GovCloud Account regions. [\#644](https://github.com/fog/fog-aws/issues/644)
+- Documentation links broken / 404 [\#642](https://github.com/fog/fog-aws/issues/642)
+
+**Merged pull requests:**
+
+- Replace URI.decode as obsolete, and removed in Ruby 3.0 [\#654](https://github.com/fog/fog-aws/pull/654) ([kuahyeow](https://github.com/kuahyeow))
+- Fix typo in readme [\#652](https://github.com/fog/fog-aws/pull/652) ([geemus](https://github.com/geemus))
+- change sync\_clock to plain GET [\#651](https://github.com/fog/fog-aws/pull/651) ([duckworth](https://github.com/duckworth))
+- Update README file with download url example [\#649](https://github.com/fog/fog-aws/pull/649) ([lucasocon](https://github.com/lucasocon))
+- Bump actions/dependency-review-action from 1 to 2 [\#648](https://github.com/fog/fog-aws/pull/648) ([dependabot[bot]](https://github.com/apps/dependabot))
+- add x2gd and t4g instance flavours [\#647](https://github.com/fog/fog-aws/pull/647) ([mushyy](https://github.com/mushyy))
+- Fix a typo in CHANGELOG [\#646](https://github.com/fog/fog-aws/pull/646) ([y-yagi](https://github.com/y-yagi))
+
+## [v3.14.0](https://github.com/fog/fog-aws/tree/v3.14.0) (2022-05-09)
+
+[Full Changelog](https://github.com/fog/fog-aws/compare/v3.13.0...v3.14.0)
+
+**Closed issues:**
+
+- Add a special note to the documentation around the danger of using directory.get [\#633](https://github.com/fog/fog-aws/issues/633)
+
+**Merged pull requests:**
+
+- RDS tags issue in AWS GovCloud Account regions. [\#643](https://github.com/fog/fog-aws/pull/643) ([svavhal](https://github.com/svavhal))
+- Create codeql.yml [\#641](https://github.com/fog/fog-aws/pull/641) ([naveensrinivasan](https://github.com/naveensrinivasan))
+- chore\(deps\): Included dependency review [\#640](https://github.com/fog/fog-aws/pull/640) ([naveensrinivasan](https://github.com/naveensrinivasan))
+- Bump actions/stale from 4 to 5 [\#639](https://github.com/fog/fog-aws/pull/639) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Set permissions for GitHub actions [\#638](https://github.com/fog/fog-aws/pull/638) ([naveensrinivasan](https://github.com/naveensrinivasan))
+- Add option to control IAM credential refresh [\#637](https://github.com/fog/fog-aws/pull/637) ([gl-gh-hchouraria](https://github.com/gl-gh-hchouraria))
+- Add warning messages around directories.get [\#636](https://github.com/fog/fog-aws/pull/636) ([orrin-naylor-instacart](https://github.com/orrin-naylor-instacart))
+- Bump actions/checkout from 2.4.0 to 3 [\#632](https://github.com/fog/fog-aws/pull/632) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Add Ruby 3.1 to the CI matrix [\#631](https://github.com/fog/fog-aws/pull/631) ([petergoldstein](https://github.com/petergoldstein))
+
+## [v3.13.0](https://github.com/fog/fog-aws/tree/v3.13.0) (2022-02-13)
 
 [Full Changelog](https://github.com/fog/fog-aws/compare/v3.12.0...v3.13.0)
 
@@ -692,7 +814,6 @@
 
 - How to setup private files with CloudFront? [\#275](https://github.com/fog/fog-aws/issues/275)
 - Feature: Custom Managed Policies [\#272](https://github.com/fog/fog-aws/issues/272)
-- Question: which aws-sdk version is used [\#270](https://github.com/fog/fog-aws/issues/270)
 - Support an IAM list\_attached\_role\_policies method [\#191](https://github.com/fog/fog-aws/issues/191)
 
 **Merged pull requests:**

data/README.md

@@ -98,6 +98,7 @@ file = directory.files.create(key: 'user/1/Gemfile', body: File.open('Gemfile'),
 directory = s3.directories.get('gaudi-portal-dev', prefix: 'user/1/')
 directory.files
 ```
+**Warning!** `s3.directories.get` retrieves and caches meta data for the first 10,000 objects in the bucket, which can be very expensive. When possible use `s3.directories.new`.
 
 #### Generating a URL for a file:
 
@@ -105,6 +106,62 @@ directory.files
 directory.files.new(key: 'user/1/Gemfile').url(Time.now + 60)
 ```
 
+##### Generate download URL
+You should pass an option argument that contains the `query` key with `response-content-disposition` inside indicating that is an attachment and the filename to be used when downloaded.
+
+```ruby
+options = {
+  query: {
+    'response-content-disposition' => "attachment; filename=#{key}"
+  }
+}
+
+directory.files.new(key: 'user/1/Gemfile').url(Time.now + 60, options)
+```
+
+
+##### Controlling credential refresh time with IAM authentication
+
+When using IAM authentication with
+[temporary security credentials](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html),
+generated S3 pre-signed URLs
+[only last as long as the temporary credential](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html).
+
+Generating the URLs in the following manner will return a URL
+that will not last as long as its requested expiration time if
+the remainder of the authentication token lifetime was shorter.
+
+```ruby
+s3 = Fog::Storage.new(provider: 'AWS', use_iam_profile: true)
+directory = s3.directories.get('gaudi-portal-dev', prefix: 'user/1/')
+
+directory.files.new(key: 'user/1/Gemfile').url(Time.now + 60)
+```
+
+By default the temporary credentials in use are refreshed only within the last
+15 seconds of its expiration time. The URL requested with 60 seconds lifetime
+using the above example will only remain valid for 15 seconds in the worst case.
+
+The problem can be avoided by refreshing the token early and often,
+by setting configuration `aws_credentials_refresh_threshold_seconds` (default: 15)
+which controls the time when the refresh must occur. It is expressed in seconds
+before the temporary credential's expiration time.
+
+The following example can ensure pre-signed URLs last as long as 60 seconds
+by automatically refreshing the credentials when its remainder lifetime
+is lower than 60 seconds:
+
+```ruby
+s3 = Fog::Storage.new(
+  provider: 'AWS',
+  use_iam_profile: true,
+  aws_credentials_refresh_threshold_seconds: 60
+)
+directory = s3.directories.get('gaudi-portal-dev', prefix: 'user/1/')
+
+directory.files.new(key: 'user/1/Gemfile').url(Time.now + 60)
+```
+
 #### Copying a file
 
 ```ruby

data/lib/fog/aws/auto_scaling.rb

@@ -8,7 +8,7 @@ module Fog
       class ValidationError < Fog::Errors::Error; end
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :host, :path, :port, :scheme, :persistent, :region, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :host, :path, :port, :scheme, :persistent, :region, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/auto_scaling'
       request :attach_load_balancers

data/lib/fog/aws/beanstalk.rb

@@ -6,7 +6,7 @@ module Fog
       class InvalidParameterError < Fog::Errors::Error; end
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/beanstalk'
 

data/lib/fog/aws/cdn.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :host, :path, :port, :scheme, :version, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :host, :path, :port, :scheme, :version, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :region, :sts_endpoint
 
       model_path 'fog/aws/models/cdn'
       model       :distribution

data/lib/fog/aws/cloud_formation.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :host, :path, :port, :scheme, :persistent, :region, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :host, :path, :port, :scheme, :persistent, :region, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/cloud_formation'
       request :cancel_update_stack

data/lib/fog/aws/cloud_watch.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/cloud_watch'
 

data/lib/fog/aws/compute.rb

@@ -6,7 +6,7 @@ module Fog
       class RequestLimitExceeded < Fog::Errors::Error; end
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :endpoint, :region, :host, :path, :port, :scheme, :persistent, :aws_session_token, :use_iam_profile, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :version, :retry_request_limit_exceeded, :retry_jitter_magnitude
+      recognizes :endpoint, :region, :host, :path, :port, :scheme, :persistent, :aws_session_token, :use_iam_profile, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :version, :retry_request_limit_exceeded, :retry_jitter_magnitude, :sts_endpoint
 
       secrets    :aws_secret_access_key, :hmac, :aws_session_token
 

data/lib/fog/aws/credential_fetcher.rb

@@ -40,6 +40,7 @@ module Fog
                   :RoleArn => options[:role_arn] || ENV.fetch("AWS_ROLE_ARN"),
                   :RoleSessionName => options[:role_session_name] || ENV["AWS_ROLE_SESSION_NAME"] || "fog-aws-#{SecureRandom.hex}",
                   :WebIdentityToken => File.read(options[:aws_web_identity_token_file] || ENV.fetch("AWS_WEB_IDENTITY_TOKEN_FILE")),
+                  :DurationSeconds => options[:duration] || 3600,
                   :Version => "2011-06-15",
                 }
 
@@ -123,10 +124,17 @@ module Fog
 
         private
 
+        # When defined, 'aws_credentials_refresh_threshold_seconds' controls
+        # when the credential needs to be refreshed, expressed in seconds before
+        # the current credential's expiration time
+        def credentials_refresh_threshold
+          @aws_credentials_refresh_threshold_seconds || 15
+        end
+
         def credentials_expired?
           @use_iam_profile &&
             (!@aws_credentials_expire_at ||
-             (@aws_credentials_expire_at && Fog::Time.now > @aws_credentials_expire_at - 15)) #new credentials become available from around 5 minutes before expiration time
+             (@aws_credentials_expire_at && Fog::Time.now > @aws_credentials_expire_at - credentials_refresh_threshold)) #new credentials become available from around 5 minutes before expiration time
         end
 
         def refresh_credentials

data/lib/fog/aws/data_pipeline.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/data_pipeline'
       request :activate_pipeline

data/lib/fog/aws/dns.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :host, :path, :port, :scheme, :version, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :host, :path, :port, :scheme, :version, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :region, :sts_endpoint
 
       model_path 'fog/aws/models/dns'
       model       :record

data/lib/fog/aws/dynamodb.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :aws_session_token, :host, :path, :port, :scheme, :persistent, :region, :use_iam_profile, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :aws_session_token, :host, :path, :port, :scheme, :persistent, :region, :use_iam_profile, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/dynamodb'
       request :batch_get_item

data/lib/fog/aws/ecs.rb

@@ -3,7 +3,7 @@ module Fog
     class ECS < Fog::Service
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :version, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :version, :instrumentor, :instrumentor_name,:sts_endpoint
 
       request_path 'fog/aws/requests/ecs'
       request :list_clusters

data/lib/fog/aws/elasticache.rb

@@ -8,7 +8,7 @@ module Fog
       class AuthorizationAlreadyExists < Fog::Errors::Error; end
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/elasticache'
 

data/lib/fog/aws/elb.rb

@@ -14,7 +14,7 @@ module Fog
       class ValidationError             < Fog::Errors::Error; end
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :version, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :version, :instrumentor, :instrumentor_name,:sts_endpoint
 
       request_path 'fog/aws/requests/elb'
       request :configure_health_check

data/lib/fog/aws/elbv2.rb

@@ -2,7 +2,7 @@ module Fog
   module AWS
     class ELBV2 < ELB
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :version, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :version, :instrumentor, :instrumentor_name,:sts_endpoint
 
       request_path 'fog/aws/requests/elbv2'
       request :add_tags

data/lib/fog/aws/emr.rb

@@ -6,7 +6,7 @@ module Fog
       class IdentifierTaken < Fog::Errors::Error; end
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/emr'
 

data/lib/fog/aws/glacier.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/glacier'
 

data/lib/fog/aws/iam.rb

@@ -10,7 +10,7 @@ module Fog
       class ValidationError < Fog::AWS::IAM::Error; end
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :host, :path, :port, :scheme, :persistent, :instrumentor, :instrumentor_name, :aws_session_token, :use_iam_profile, :aws_credentials_expire_at, :region
+      recognizes :host, :path, :port, :scheme, :persistent, :instrumentor, :instrumentor_name, :aws_session_token, :use_iam_profile, :aws_credentials_expire_at, :region, :sts_endpoint
 
       request_path 'fog/aws/requests/iam'
       request :add_user_to_group

data/lib/fog/aws/kinesis.rb

@@ -12,7 +12,7 @@ module Fog
       class ProvisionedThroughputExceeded < Fog::Errors::Error; end
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/kinesis'
 

data/lib/fog/aws/kms.rb

@@ -14,7 +14,7 @@ module Fog
       NotFoundException                = Class.new(Fog::Errors::Error)
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :instrumentor, :instrumentor_name, :aws_credentials_expire_at, :sts_endpoint
 
       request_path 'fog/aws/requests/kms'
       request :list_keys

data/lib/fog/aws/lambda.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :host, :path, :port, :scheme, :persistent, :region, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :version, :instrumentor, :instrumentor_name
+      recognizes :host, :path, :port, :scheme, :persistent, :region, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :version, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/lambda'
       request :create_function