fog-aws 3.14.0 → 3.33.0

data/lib/fog/aws/requests/storage/list_objects_v2.rb

@@ -0,0 +1,129 @@
+module Fog
+  module AWS
+    class Storage
+      class Real
+        require 'fog/aws/parsers/storage/list_objects_v2'
+
+        # List information about objects in an S3 bucket using ListObjectsV2
+        #
+        # @param bucket_name [String] name of bucket to list object keys from
+        # @param options [Hash] config arguments for list.  Defaults to {}.
+        # @option options delimiter [String] causes keys with the same string between the prefix
+        #     value and the first occurrence of delimiter to be rolled up
+        # @option options continuation-token [String] continuation token from a previous request
+        # @option options fetch-owner [Boolean] specifies whether to return owner information
+        # @option options max-keys [Integer] limits number of object keys returned
+        # @option options prefix [String] limits object keys to those beginning with its value
+        # @option options start-after [String] starts listing after this specified key
+        #
+        # @return [Excon::Response] response:
+        #   * body [Hash]:
+        #     * Delimiter [String] - Delimiter specified for query
+        #     * IsTruncated [Boolean] - Whether or not the listing is truncated
+        #     * ContinuationToken [String] - Token specified in the request
+        #     * NextContinuationToken [String] - Token to use in subsequent requests
+        #     * KeyCount [Integer] - Number of keys returned
+        #     * MaxKeys [Integer] - Maximum number of keys specified for query
+        #     * Name [String] - Name of the bucket
+        #     * Prefix [String] - Prefix specified for query
+        #     * StartAfter [String] - StartAfter specified in the request
+        #     * CommonPrefixes [Array] - Array of strings for common prefixes
+        #     * Contents [Array]:
+        #       * ETag [String] - Etag of object
+        #       * Key [String] - Name of object
+        #       * LastModified [String] - Timestamp of last modification of object
+        #       * Owner [Hash]:
+        #         * DisplayName [String] - Display name of object owner
+        #         * ID [String] - Id of object owner
+        #       * Size [Integer] - Size of object
+        #       * StorageClass [String] - Storage class of object
+        #
+        # @see https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html
+
+        def list_objects_v2(bucket_name, options = {})
+          unless bucket_name
+            raise ArgumentError.new('bucket_name is required')
+          end
+          
+          # Add list-type=2 to indicate ListObjectsV2
+          options = options.merge('list-type' => '2')
+          
+          request({
+            :expects  => 200,
+            :headers  => {},
+            :bucket_name => bucket_name,
+            :idempotent => true,
+            :method   => 'GET',
+            :parser   => Fog::Parsers::AWS::Storage::ListObjectsV2.new,
+            :query    => options
+          })
+        end
+      end
+
+      class Mock # :nodoc:all
+        def list_objects_v2(bucket_name, options = {})
+          prefix = options['prefix']
+          continuation_token = options['continuation-token']
+          delimiter = options['delimiter']
+          max_keys = options['max-keys']
+          start_after = options['start-after']
+          fetch_owner = options['fetch-owner']
+          common_prefixes = []
+
+          unless bucket_name
+            raise ArgumentError.new('bucket_name is required')
+          end
+          
+          response = Excon::Response.new
+          if bucket = self.data[:buckets][bucket_name]
+            contents = bucket[:objects].values.map(&:first).sort {|x,y| x['Key'] <=> y['Key']}.reject do |object|
+                (prefix    && object['Key'][0...prefix.length] != prefix) ||
+                (start_after && object['Key'] <= start_after) ||
+                (continuation_token && object['Key'] <= continuation_token) ||
+                (delimiter && object['Key'][(prefix ? prefix.length : 0)..-1].include?(delimiter) \
+                           && common_prefixes << object['Key'].sub(/^(#{prefix}[^#{delimiter}]+.).*/, '\1')) ||
+                object.key?(:delete_marker)
+              end.map do |object|
+                data = object.reject {|key, value| !['ETag', 'Key', 'StorageClass'].include?(key)}
+                data.merge!({
+                  'LastModified' => Time.parse(object['Last-Modified']),
+                  'Owner'        => fetch_owner ? bucket['Owner'] : nil,
+                  'Size'         => object['Content-Length'].to_i
+                })
+              data
+            end
+            
+            max_keys = max_keys || 1000
+            size = [max_keys, 1000].min
+            truncated_contents = contents[0...size]
+            next_token = truncated_contents.size != contents.size ? truncated_contents.last['Key'] : nil
+
+            response.status = 200
+            common_prefixes_uniq = common_prefixes.uniq
+            response.body = {
+              'CommonPrefixes'  => common_prefixes_uniq,
+              'Contents'        => truncated_contents,
+              'IsTruncated'     => truncated_contents.size != contents.size,
+              'ContinuationToken' => continuation_token,
+              'NextContinuationToken' => next_token,
+              'KeyCount'        => truncated_contents.size + common_prefixes_uniq.size,
+              'MaxKeys'         => max_keys,
+              'Name'            => bucket['Name'],
+              'Prefix'          => prefix,
+              'StartAfter'      => start_after
+            }
+            if max_keys && max_keys < response.body['Contents'].length
+                response.body['IsTruncated'] = true
+                response.body['Contents'] = response.body['Contents'][0...max_keys]
+                response.body['KeyCount'] = response.body['Contents'].size + response.body['CommonPrefixes'].size
+            end
+          else
+            response.status = 404
+            raise(Excon::Errors.status_error({:expects => 200}, response))
+          end
+          response
+        end
+      end
+    end
+  end
+end 

data/lib/fog/aws/requests/storage/list_parts.rb

@@ -21,7 +21,7 @@ module Fog
         #       * ID [String] Id of upload initiator
         #     * IsTruncated [Boolean] Whether or not the listing is truncated
         #     * Key [String] Key where multipart upload was initiated
-        #     * MaxParts [String] maximum number of replies alllowed in response
+        #     * MaxParts [String] maximum number of replies allowed in response
         #     * NextPartNumberMarker [String] last item in list, for further pagination
         #     * Part [Array]:
         #       * ETag [String] ETag of part

data/lib/fog/aws/requests/storage/post_object_restore.rb

@@ -6,7 +6,9 @@ module Fog
         #
         # @param bucket_name [String] Name of bucket containing object
         # @param object_name [String] Name of object to restore
-        # @option days [Integer] Number of days to restore object for. Defaults to 100000 (a very long time)
+        # @param options [Hash] Optional parameters
+        # @option options [Integer] :days Number of days to restore object for. Defaults to 100000 (a very long time)
+        # @option options [String] :tier Glacier retrieval tier. Can be 'Standard', 'Bulk', or 'Expedited'
         #
         # @return [Excon::Response] response:
         #   * status [Integer] 200 (OK) Object is previously restored
@@ -15,11 +17,24 @@ module Fog
         #
         # @see http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectPOSTrestore.html
         #
-        def post_object_restore(bucket_name, object_name, days = 100000)
+        def post_object_restore(bucket_name, object_name, options = {})
           raise ArgumentError.new('bucket_name is required') unless bucket_name
           raise ArgumentError.new('object_name is required') unless object_name
 
-          data = '<RestoreRequest xmlns="http://s3.amazonaws.com/doc/2006-3-01"><Days>' + days.to_s + '</Days></RestoreRequest>'
+          unless options.is_a?(Hash)
+            Fog::Logger.deprecation("post_object_restore with a bare days parameter is deprecated, use post_object_restore(bucket_name, object_name, :days => days) instead [light_black](#{caller.first})[/]")
+            options = { :days => options }
+          end
+
+          days = options[:days] || 100000
+          tier = options[:tier]
+
+          data = '<RestoreRequest xmlns="http://s3.amazonaws.com/doc/2006-03-01/">'
+          data += '<Days>' + days.to_s + '</Days>'
+          if tier
+            data += '<GlacierJobParameters><Tier>' + tier + '</Tier></GlacierJobParameters>'
+          end
+          data += '</RestoreRequest>'
 
           headers = {}
           headers['Content-MD5'] = Base64.encode64(OpenSSL::Digest::MD5.digest(data)).strip
@@ -39,7 +54,12 @@ module Fog
       end
 
       class Mock # :nodoc:all
-        def post_object_restore(bucket_name, object_name, days = 100000)
+        def post_object_restore(bucket_name, object_name, options = {})
+          unless options.is_a?(Hash)
+            Fog::Logger.deprecation("post_object_restore with a bare days parameter is deprecated, use post_object_restore(bucket_name, object_name, :days => days) instead [light_black](#{caller.first})[/]")
+            options = { :days => options }
+          end
+          
           response = get_object(bucket_name, object_name)
           response.body = nil
           response

data/lib/fog/aws/requests/storage/put_bucket.rb

@@ -61,10 +61,6 @@ DATA
           end
           if !self.data[:buckets][bucket_name]
             self.data[:buckets][bucket_name] = bucket
-          elsif self.region != 'us-east-1'
-            response.status = 409
-            Fog::Logger.warning "Your region '#{self.region}' does not match the default region 'us-east-1'"
-            raise(Excon::Errors.status_error({:expects => 201}, response))
           end
           response
         end

data/lib/fog/aws/requests/storage/put_bucket_lifecycle.rb

@@ -47,7 +47,7 @@ module Fog
                       if rule['NoncurrentVersionExpiration']['NoncurrentDays']
                         NoncurrentVersionExpiration { NoncurrentDays rule['NoncurrentVersionExpiration']['NoncurrentDays'] }
                       elsif rule['NoncurrentVersionExpiration']['Date']
-                        NoncurrentVersoinExpiration {
+                        NoncurrentVersionExpiration {
                           if Date rule['NoncurrentVersionExpiration']['Date'].is_a?(Time)
                             rule['NoncurrentVersionExpiration']['Date'].utc.iso8601
                           else

data/lib/fog/aws/requests/storage/put_bucket_notification.rb

@@ -5,7 +5,7 @@ module Fog
         # Change notification configuration for an S3 bucket
         #
         # @param bucket_name [String] name of bucket to set notification configuration for
-        # * notications [Hash]:
+        # * notifications [Hash]:
         #   * Topics [Array] SNS topic configurations for the notification
         #     * ID [String] Unique identifier for the configuration
         #     * Topic [String] Amazon SNS topic ARN to which Amazon S3 will publish a message when it detects events of specified type

data/lib/fog/aws/requests/storage/put_object.rb

@@ -16,7 +16,7 @@ module Fog
         # @option options Content-Type [String] Standard MIME type describing contents (defaults to MIME::Types.of.first)
         # @option options Expires [String] Cache expiry
         # @option options x-amz-acl [String] Permissions, must be in ['private', 'public-read', 'public-read-write', 'authenticated-read']
-        # @option options x-amz-storage-class [String] Default is 'STANDARD', set to 'REDUCED_REDUNDANCY' for non-critical, reproducable data
+        # @option options x-amz-storage-class [String] Default is 'STANDARD', set to 'REDUCED_REDUNDANCY' for non-critical, reproducible data
         # @option options x-amz-meta-#{name} Headers to be returned with object, note total size of request without body must be less than 8 KB. Each name, value pair must conform to US-ASCII.
         # @option options x-amz-server-side-encryption [String] Sets HTTP header for server-side encryption. Set to 'AES256' for SSE-S3 and SSE-C. Set to 'aws:kms' for SSE-KMS
         # @option options x-amz-server-side​-encryption​-customer-algorithm [String] Algorithm to use to when encrypting the object for SSE-C.

data/lib/fog/aws/requests/storage/sync_clock.rb

@@ -6,12 +6,20 @@ module Fog
         #
         def sync_clock
           response = begin
-            get_service
+            Excon.get(sync_clock_url)
           rescue Excon::Errors::HTTPStatusError => error
             error.response
           end
           Fog::Time.now = Time.parse(response.headers['Date'])
         end
+
+        private
+
+        def sync_clock_url
+          host = @acceleration ? region_to_host(@region) : @host
+
+          "#{@scheme}://#{host}:#{@port}"
+        end
       end # Real
 
       class Mock # :nodoc:all

data/lib/fog/aws/requests/storage/upload_part_copy.rb

@@ -35,7 +35,7 @@ module Fog
         # @option options [Time] x-amz-copy_source-if-modified_since Copies object it it has been modified since this time
         # @option options [String] x-amz-copy_source-if-none-match Copies object if its etag does not match this value
         # @option options [Time] x-amz-copy_source-if-unmodified-since Copies object it it has not been modified since this time
-        # @option options [Time] x-amz-copy-source-range Specifes the range of bytes to copy from the source object
+        # @option options [Time] x-amz-copy-source-range Specifies the range of bytes to copy from the source object
         #
         # @return [Excon::Response]
         #   * body [Hash]:

data/lib/fog/aws/ses.rb

@@ -7,7 +7,7 @@ module Fog
       class MessageRejected < Fog::Errors::Error; end
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/ses'
       request :delete_verified_email_address
@@ -48,18 +48,21 @@ module Fog
         def initialize(options={})
 
           @use_iam_profile = options[:use_iam_profile]
-          setup_credentials(options)
 
           @instrumentor       = options[:instrumentor]
           @instrumentor_name  = options[:instrumentor_name] || 'fog.aws.ses'
           @connection_options     = options[:connection_options] || {}
           options[:region] ||= 'us-east-1'
+          @region = options[:region]
+
           @host = options[:host] || "email.#{options[:region]}.amazonaws.com"
           @path       = options[:path]        || '/'
           @persistent = options[:persistent]  || false
           @port       = options[:port]        || 443
           @scheme     = options[:scheme]      || 'https'
           @connection = Fog::XML::Connection.new("#{@scheme}://#{@host}:#{@port}#{@path}", @persistent, @connection_options)
+
+          setup_credentials(options)
         end
 
         def reload
@@ -74,7 +77,7 @@ module Fog
           @aws_session_token     = options[:aws_session_token]
           @aws_credentials_expire_at = options[:aws_credentials_expire_at]
 
-          @hmac = Fog::HMAC.new('sha256', @aws_secret_access_key)
+          @signer = Fog::AWS::SignatureV4.new(@aws_access_key_id, @aws_secret_access_key, @region, 'ses')
         end
 
         def request(params)
@@ -87,20 +90,20 @@ module Fog
             'Content-Type'  => 'application/x-www-form-urlencoded',
             'Date'          => Fog::Time.now.to_date_header,
           }
-          headers['x-amz-security-token'] = @aws_session_token if @aws_session_token
-          #AWS3-HTTPS AWSAccessKeyId=<Your AWS Access Key ID>, Algorithm=HmacSHA256, Signature=<Signature>
-          headers['X-Amzn-Authorization'] = 'AWS3-HTTPS '
-          headers['X-Amzn-Authorization'] << 'AWSAccessKeyId=' << @aws_access_key_id
-          headers['X-Amzn-Authorization'] << ', Algorithm=HmacSHA256'
-          headers['X-Amzn-Authorization'] << ', Signature=' << Base64.encode64(@hmac.sign(headers['Date'])).chomp!
-
-          body = ''
-          for key in params.keys.sort
-            unless (value = params[key]).nil?
-              body << "#{key}=#{CGI.escape(value.to_s).gsub(/\+/, '%20')}&"
-            end
-          end
-          body.chop! # remove trailing '&'
+
+          body, headers = AWS.signed_params_v4(
+            params,
+            { 'Content-Type' => 'application/x-www-form-urlencoded' },
+            {
+              :method             => 'POST',
+              :aws_session_token  => @aws_session_token,
+              :signer             => @signer,
+              :host               => @host,
+              :path               => @path,
+              :port               => @port,
+              :version            => '2010-12-01'
+            }
+          )
 
           if @instrumentor
             @instrumentor.instrument("#{@instrumentor_name}.request", params) do

data/lib/fog/aws/signaturev4.rb

@@ -106,7 +106,7 @@ DATA
       end
 
       def canonical_headers(headers)
-        canonical_headers = ''
+        canonical_headers = +''
 
         for key in headers.keys.sort_by {|k| k.to_s.downcase}
           canonical_headers << "#{key.to_s.downcase}:#{headers[key].to_s.strip}\n"

data/lib/fog/aws/simpledb.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :host, :nil_string, :path, :port, :scheme, :persistent, :region, :aws_session_token, :use_iam_profile, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :host, :nil_string, :path, :port, :scheme, :persistent, :region, :aws_session_token, :use_iam_profile, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/simpledb'
       request :batch_put_attributes

data/lib/fog/aws/sns.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :host, :path, :port, :scheme, :persistent, :region, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :host, :path, :port, :scheme, :persistent, :region, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/sns'
       request :add_permission

data/lib/fog/aws/sqs.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :region, :host, :path, :port, :scheme, :persistent, :aws_session_token, :use_iam_profile, :aws_credentials_expire_at, :instrumentor, :instrumentor_name
+      recognizes :region, :host, :path, :port, :scheme, :persistent, :aws_session_token, :use_iam_profile, :aws_credentials_expire_at, :instrumentor, :instrumentor_name, :sts_endpoint
 
       request_path 'fog/aws/requests/sqs'
       request :change_message_visibility

data/lib/fog/aws/storage.rb

@@ -7,6 +7,8 @@ module Fog
 
       DEFAULT_REGION = 'us-east-1'
       ACCELERATION_HOST = 's3-accelerate.amazonaws.com'
+      AWS_FIPS_REGIONS = %w(us-east-1 us-east-2 us-west-1 us-west-2 us-gov-east-1 us-gov-west-1 ca-central-1 ca-west-1).freeze
+      AWS_GOVCLOUD_REGIONS = %w(us-gov-east-1 us-gov-west-1).freeze
 
       DEFAULT_SCHEME = 'https'
       DEFAULT_SCHEME_PORT = {
@@ -14,14 +16,22 @@ module Fog
         'https' => 443
       }
 
+      DEFAULT_CONNECTION_OPTIONS = {
+        retry_limit: 5,
+        retry_interval: 1
+      }
+
       MIN_MULTIPART_CHUNK_SIZE = 5242880
       MAX_SINGLE_PUT_SIZE = 5368709120
 
       VALID_QUERY_KEYS = %w[
         acl
+        continuation-token
         cors
         delete
+        fetch-owner
         lifecycle
+        list-type
         location
         logging
         notification
@@ -35,6 +45,7 @@ module Fog
         response-content-type
         response-expires
         restore
+        start-after
         tagging
         torrent
         uploadId
@@ -46,7 +57,7 @@ module Fog
       ]
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :endpoint, :region, :host, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :path_style, :acceleration, :instrumentor, :instrumentor_name, :aws_signature_version, :enable_signature_v4_streaming, :virtual_host, :cname, :max_put_chunk_size, :max_copy_chunk_size, :aws_credentials_refresh_threshold_seconds
+      recognizes :endpoint, :region, :host, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at, :path_style, :acceleration, :instrumentor, :instrumentor_name, :aws_signature_version, :enable_signature_v4_streaming, :virtual_host, :cname, :max_put_chunk_size, :max_copy_chunk_size, :aws_credentials_refresh_threshold_seconds, :disable_content_md5_validation, :sts_endpoint
 
       secrets    :aws_secret_access_key, :hmac
 
@@ -95,6 +106,7 @@ module Fog
       request :head_object_url
       request :initiate_multipart_upload
       request :list_multipart_uploads
+      request :list_objects_v2
       request :list_parts
       request :post_object_hidden_fields
       request :post_object_restore
@@ -119,6 +131,7 @@ module Fog
 
       module Utils
         attr_accessor :region
+        attr_accessor :disable_content_md5_validation
 
         # Amazon S3 limits max chunk size that can be uploaded/copied in a single request to 5GB.
         # Other S3-compatible storages (like, Ceph) do not have such limit.
@@ -252,13 +265,17 @@ module Fog
         end
 
         def region_to_host(region=nil)
-          case region.to_s
-          when DEFAULT_REGION, ''
-            's3.amazonaws.com'
-          when %r{\Acn-.*}
-            "s3.#{region}.amazonaws.com.cn"
+          if ENV['AWS_USE_FIPS_ENDPOINT'] == 'true' && AWS_FIPS_REGIONS.include?(region)
+            "s3-fips.#{region}.amazonaws.com" # https://aws.amazon.com/compliance/fips/
           else
-            "s3.#{region}.amazonaws.com"
+            case region.to_s
+            when DEFAULT_REGION, ''
+              's3.amazonaws.com'
+            when %r{\Acn-.*}
+              "s3.#{region}.amazonaws.com.cn"
+            else
+              "s3.#{region}.amazonaws.com"
+            end
           end
         end
 
@@ -486,6 +503,8 @@ module Fog
           init_max_put_chunk_size!(options)
           init_max_copy_chunk_size!(options)
 
+          @disable_content_md5_validation = options[:disable_content_md5_validation] || false
+
           @signature_version = options.fetch(:aws_signature_version, 4)
           validate_signature_version!
           setup_credentials(options)
@@ -543,17 +562,20 @@ module Fog
           @use_iam_profile = options[:use_iam_profile]
           @instrumentor       = options[:instrumentor]
           @instrumentor_name  = options[:instrumentor_name] || 'fog.aws.storage'
-          @connection_options     = options[:connection_options] || {}
+          @connection_options =
+            DEFAULT_CONNECTION_OPTIONS.merge(options[:connection_options] || {})
           @persistent = options.fetch(:persistent, false)
           @acceleration = options.fetch(:acceleration, false)
           @signature_version = options.fetch(:aws_signature_version, 4)
-          @enable_signature_v4_streaming = options.fetch(:enable_signature_v4_streaming, true)
+          @enable_signature_v4_streaming = options.fetch(:enable_signature_v4_streaming, false)
           validate_signature_version!
           @path_style = options[:path_style]  || false
 
           init_max_put_chunk_size!(options)
           init_max_copy_chunk_size!(options)
 
+          @disable_content_md5_validation = options[:disable_content_md5_validation] || false
+
           @region = options[:region] || DEFAULT_REGION
 
           if @endpoint = options[:endpoint]
@@ -567,6 +589,13 @@ module Fog
             @port       = options[:port]        || DEFAULT_SCHEME_PORT[@scheme]
           end
 
+          # GovCloud doesn't support S3 Transfer Acceleration https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/govcloud-s3.html
+          # S3 Transfer Acceleration doesn't support FIPS endpoints.  When both fog_aws_accelerate=true and AWS_USE_FIPS_ENDPOINT=true, don't use Accelerate.
+          if @acceleration && (AWS_GOVCLOUD_REGIONS.include?(@region) || ENV['AWS_USE_FIPS_ENDPOINT'] == 'true')
+            Fog::Logger.warning("fog: S3 Transfer Acceleration is not available in GovCloud regions or when AWS_USE_FIPS_ENDPOINT=true. Disabling acceleration.")
+            @acceleration = false
+          end
+
           @host = ACCELERATION_HOST if @acceleration
           setup_credentials(options)
         end

data/lib/fog/aws/support.rb

@@ -4,7 +4,7 @@ module Fog
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :host, :path, :port, :scheme, :instrumentor, :instrumentor_name, :region, :persistent, :aws_session_token
+      recognizes :host, :path, :port, :scheme, :instrumentor, :instrumentor_name, :region, :persistent, :aws_session_token, :aws_credentials_expire_at, :sts_endpoint
 
       model_path 'fog/aws/models/support'
       request_path 'fog/aws/requests/support'

data/lib/fog/aws/version.rb

@@ -1,5 +1,5 @@
 module Fog
   module AWS
-    VERSION = "3.14.0"
+    VERSION = '3.33.0'.freeze
   end
 end

data/lib/fog/aws.rb

@@ -1,3 +1,4 @@
+require 'base64'
 require 'fog/core'
 require 'fog/xml'
 require 'fog/json'
@@ -224,14 +225,16 @@ module Fog
         'ap-east-1',
         'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3',
         'ap-south-1',
-        'ap-southeast-1', 'ap-southeast-2',
+        'ap-southeast-1', 'ap-southeast-2', 'ap-southeast-3', 'ap-southeast-4',
         'ca-central-1',
+        'ca-west-1',
         'cn-north-1',
         'cn-northwest-1',
         'eu-central-1',
         'eu-north-1',
-        'eu-west-1', 'eu-west-2', 'eu-west-3', 'eu-south-1',
-        'me-south-1',
+        'eu-west-1', 'eu-west-2', 'eu-west-3', 'eu-south-1', 'eu-south-2',
+        'il-central-1',
+        'me-south-1', 'me-central-1',
         'us-east-1', 'us-east-2',
         'us-west-1', 'us-west-2',
         'sa-east-1',