icehouse-right_aws 1.11.0 → 2.2.0

data/History.txt

@@ -4,7 +4,7 @@ Initial release.
 == 1.2.0 2007-09-12
 
 * r1718, todd, 2007-09-12 15:34:37
-  * # 458, Extensive documentation review, rework, and expansion.  Also added 
+  * # 458, Extensive documentation review, rework, and expansion.  Also added
     coverage analysis to the test suite using RCov.
 
 * r1690, todd, 2007-09-07 15:23:11
@@ -39,7 +39,7 @@ Initial release.
   * # 487, # 488, Consolidate a lot of code that was repeated in three places.
     Fix error handling path when using streaming GET interfaces with S3.
     Also add a stub for RightHttpConnection which allows more control over the
-    unit tests.  Expand the unit tests and coverage tests. 
+    unit tests.  Expand the unit tests and coverage tests.
 
 * r1755, todd, 2007-09-19 14:29:19
   * # 487, RDoc fixes after code consolidation
@@ -59,13 +59,13 @@ Initial release.
   * # 524, blocks added to ec2_describe_xxx to support aws_cache
 
 * r1924, konstantin, 2007-10-12 11:35:06
-  * # 536, user_data bug fix 
+  * # 536, user_data bug fix
 
 * r1929, tve,  2007-10-15 00:00:11
   * Fix libxml/rexml selection bug
 
 * r1938, konstantin, 2007-10-16 10:53:56
-  * instance type support is set to default 
+  * instance type support is set to default
 
 == 1.4.3 2007-10-25
 
@@ -82,11 +82,11 @@ Initial release.
 * r2001, konstantin, 2007-11-01 12:03:13  +0300
   * Fixed multiple permissions assignment on Grantee#grant/revoke
   * Fixed new grantee permissions set ingnore (Grantee#apply)
-  * S3::Grantee#exists? method added 
+  * S3::Grantee#exists? method added
 
 * r2109, konstantin, 2007-11-12 21:49:36  +0300
   * RightAwsBaseInterface: caching implemented.
-    (The Ec2 functions are being cached: describe_images, describe_instances, 
+    (The Ec2 functions are being cached: describe_images, describe_instances,
     describe_security_groups and describe_key_pairs)
 
 == 1.4.5 - 1.4.6
@@ -107,7 +107,7 @@ Initial release.
 == 1.5.0
 * r 2688, konstantin, 02-30-08 15:42:00  +0300
   * SDB support added.
-  * RightAws::S3::bucket and RightAws::S3::Bucket.create methods behaviour 
+  * RightAws::S3::bucket and RightAws::S3::Bucket.create methods behaviour
     changed: param +create+ is set to +false+ by default.
 
 == 1.6.0
@@ -151,7 +151,7 @@ Initial release.
 == 1.7.2
 
   Release Notes:
-  
+
   RightAws includes some new features, including:
   - Support in RightAws::S3 and RightAws::S3Interface for S3 key copy, move, and rename
   - Support for signature version 0 request authentication to EC2, SQS, and SDB
@@ -165,7 +165,7 @@ Initial release.
     We now reset the seek pointer of the streaming IO object to its initial position.
   - Removal of an accidental dependency on ActiveSupport in RightAws::S3Interface.get_link().
   - Monkey-patch of the Ruby File class on Windows platforms to correct a problem in lstat.
-    The lstat bug was causing failure of very large file uploads on Windows [ Contributed by Benjamin Allfree ] 
+    The lstat bug was causing failure of very large file uploads on Windows [ Contributed by Benjamin Allfree ]
   - Fixed parsing of the ETag field for S3 objects
 
 == 1.7.3
@@ -174,7 +174,7 @@ Initial release.
 
   - Removed the 1.7.2 monkey-patch of the Ruby File class on Windows.  This patch broke Rails 2.0.
     The patch is now included in the README for anyone to use at their own risk.
- 
+
 == 1.8.0
 
   Release Notes:
@@ -186,7 +186,7 @@ Initial release.
 
   Bug fixes include correction of RightAws::S3 copy's failure to url-encode
 the source key.
- 
+
 == 1.8.1
 
   Release Notes:
@@ -197,7 +197,7 @@ the source key.
     result sorting and attributes auto loading
   - RightAws::ActiveSdb::Base#find_all_by_ and find_by_ helpers improved to support
     :order, :auto_load, :limit and :next_token options
-  - RightAws::SdbInterface#delete_attributes bug fixed 
+  - RightAws::SdbInterface#delete_attributes bug fixed
   - SdbInterface allows specification of a string value to use for
     representing Ruby nil in SDB.
   - Sdb tests fixed and improved
@@ -215,7 +215,7 @@ the source key.
    - Ec::cancel_bundle_task
 
   - Full Amazon CloudFront support added with RightAws::AcfInterface
-  - Bug fixes to S3Interface::store_object_and_verify and 
+  - Bug fixes to S3Interface::store_object_and_verify and
     S3Interface::retrieve_object_and_verify (thanks to numerous user reports)
   - Updates to caching for Ec2::describe_images_by methods
   - Ec2 now has Ec2::last_request_id
@@ -228,7 +228,7 @@ the source key.
   - CloudFront: docs fixes
   - SDB: added: SQL-like query, select and query_with_attributes support
   - SDB: fixed no method error when searching for id that doesn't exist
-  
+
 === 1.11.0
 
   Release Notes:
@@ -236,4 +236,82 @@ the source key.
   - Boot from EBS support added
   - VPC support added
   - Latest EC2 API 2009-10-31 support added
-  - Some of bugs fixed
+  - Some of bugs fixed
+
+=== 2.0.0
+
+  Release Notes:
+  - Added:
+    - Ruby 1.9 support
+    - Ec2:
+      - SpotInstances support
+      - m2.xlarge instances
+      - GetPasswordData API call (see get_password_data_v2)
+      - SecurityGroups support for Eucalyptus clouds
+    - EBS:
+      - :delete_on_termination field for volumes
+    - SimpleDB:
+      - BatchPutAttributes support
+    - ActiveSDB:
+      - Dynamic attribute accessors
+      - "Columns" support
+      - Simple Type Casting support
+    - ELB:
+      - API '2009-11-25' support (stickiness policies)
+    - ACF:
+      - API '2010-03-01' support (origin access policy and streaming distributions)
+  - Bunch of small issues were fixed
+  - Time objects were replaced by Strings (as Amazon returns them) to make the gem more consistent:
+    - :last_modified_time in:
+        RightAws::AcfInterface#incrementally_list_distributions,
+        RightAws::AcfInterface#create_distribution_by_config,
+        RightAws::AcfInterface#get_distribution,
+        RightAws::AcfInterface#get_distribution_config
+    - :timestamp in:
+        RightAws::AcwInterface#get_metric_statistics
+    - :aws_created_at in:
+        RightAws::Ec2#create_volume,
+        RightAws::Ec2#describe_volumes
+    - :aws_attached_at in:
+        RightAws::Ec2#attach_volume,
+        RightAws::Ec2#detach_volume,
+        RightAws::Ec2#describe_volumes
+    - :aws_started_at in:
+        RightAws::Ec2#describe_snapshots,
+        RightAws::Ec2#create_snapshot,
+        RightAws::Ec2#try_create_snapshot
+    - :created_time in:
+        RightAws::ElbInterface#describe_load_balancers
+
+=== 2.1.0
+  Release Notes:
+  - Added:
+    - Route 53: API '2010-10-01'
+    - ACF: API '2010-11-01'
+    - EC2:
+      - API '2010-08-31'
+      - Port based group permissions support
+      - HPC Support
+      - Tags Suport
+      - ClientToken support added on instance launch
+    - RDS: API "2010-07-28"
+    - ELB: API '2010-07-01' (SSL support)
+    - IAM: API '2010-05-08' (AWS Identity and Access Management interface)
+    - 301 Redirect support added
+  - Removed:
+    - ActiveSupport dependency
+    - SDB: uuid gem dependency
+  - this gem requires right_http_connection 0bc3343232133bdb38c237d8285525d74495d3f5 or later
+  - "Raise On Timeout On Action" feature added to avoid duplicate resources creation if a timeout error occures and a retry is performed
+
+=== next
+  Release Notes:
+  - Fixed:
+    - EC2: ClientToken (launch_instances, run_instances) is not used for Eucalyptus clouds
+    - RDS:
+      - RDS: API 2011-04-01
+      - Make :instance_class param more consistent: :db_instance_class --> :instance_class
+      - Issue 53: regression in latest master version of right_rds_interface
+      - Issue 73: Can't get list of instances with RdsInterface
+    - EBS: Issue 54: regression in right_ec2_ebs.rb
+    - Add the port number with server name in the v2 signature string if it is not the RFC standard number (author: unakatsuo).

data/Manifest.txt

@@ -2,16 +2,21 @@ History.txt
 Manifest.txt
 README.txt
 Rakefile
+lib/awsbase/support.rb
 lib/awsbase/benchmark_fix.rb
 lib/awsbase/right_awsbase.rb
-lib/awsbase/support.rb
 lib/ec2/right_ec2.rb
 lib/ec2/right_ec2_images.rb
 lib/ec2/right_ec2_instances.rb
+lib/ec2/right_ec2_security_groups.rb
+lib/ec2/right_ec2_spot_instances.rb
 lib/ec2/right_ec2_ebs.rb
 lib/ec2/right_ec2_reserved_instances.rb
 lib/ec2/right_ec2_vpc.rb
 lib/ec2/right_ec2_monitoring.rb
+lib/ec2/right_ec2_placement_groups.rb
+lib/ec2/right_ec2_windows_mobility.rb
+lib/ec2/right_ec2_tags.rb
 lib/right_aws.rb
 lib/s3/right_s3.rb
 lib/acw/right_acw_interface.rb
@@ -25,7 +30,16 @@ lib/sqs/right_sqs_gen2.rb
 lib/sqs/right_sqs_gen2_interface.rb
 lib/sqs/right_sqs_interface.rb
 lib/acf/right_acf_interface.rb
+lib/acf/right_acf_streaming_interface.rb
+lib/acf/right_acf_origin_access_identities.rb
+lib/acf/right_acf_invalidations.rb
 lib/rds/right_rds_interface.rb
+lib/iam/right_iam_interface.rb
+lib/iam/right_iam_groups.rb
+lib/iam/right_iam_users.rb
+lib/iam/right_iam_access_keys.rb
+lib/iam/right_iam_mfa_devices.rb
+lib/route_53/right_route_53_interface.rb
 test/ec2/test_helper.rb
 test/ec2/test_right_ec2.rb
 test/http_connection.rb

data/README.txt

@@ -68,10 +68,6 @@ concurrent requests to AWS. The way this plays out in practice is:
 Note that due to limitations in the I/O of the Ruby interpreter you
 may not get the degree of parallelism you may expect with the multi-threaded setting.
 
-By default, EC2/S3/SQS/SDB/ACF interface instances are created in single-threaded mode.  Set
-"params[:multi_thread]" to "true" in the initialization arguments to use
-multithreaded mode.
-
 == GETTING STARTED:
 
 * For EC2 read RightAws::Ec2 and consult the Amazon EC2 API documentation at

data/Rakefile

@@ -3,34 +3,37 @@
 require 'rubygems'
 require "rake/testtask"
 require 'rcov/rcovtask'
+require 'rake/gempackagetask'
+require 'rake/clean'
 $: << File.dirname(__FILE__)
-require 'lib/right_aws.rb'
-
 testglobs =     ["test/ts_right_aws.rb"]
 
 begin
-  require 'jeweler'
-  Jeweler::Tasks.new do |gem|
-    gem.name = "icehouse-right_aws"
-    gem.summary = "Interface classes for the Amazon EC2, SQS, and S3 Web Services"
-    gem.email = "support@rightscale.com"
-    gem.homepage = "http://github.com/icehouse/right_aws"
-    gem.authors = ["RightScale, Inc."]
-    gem.files =  Dir["[A-Z]*", "lib/**/*"]
-    
-    gem.add_dependency('right_http_connection',  '>= 1.2.1')
-  end
-  Jeweler::GemcutterTasks.new
-rescue LoadError
-  puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
+  require 'bundler'
+rescue LoadError => e
+  STDERR.puts("Bundler is not available, some rake tasks will not be defined: #{e.message}")
+else
+  Bundler::GemHelper.install_tasks :name => 'icehouse-right_aws'
+end
+
+# == Gem == #
+
+gemtask = Rake::GemPackageTask.new(Gem::Specification.load("icehouse-right_aws.gemspec")) do |package|
+  package.package_dir = ENV['PACKAGE_DIR'] || 'pkg'
+  package.need_zip = true
+  package.need_tar = true
 end
 
+directory gemtask.package_dir
+
+CLEAN.include(gemtask.package_dir)
+
 desc "Analyze code coverage of the unit tests."
 Rcov::RcovTask.new do |t|
   t.test_files = FileList[testglobs]
   #t.verbose = true     # uncomment to see the executed command
 end
- 
+
 desc "Test just the SQS interface"
 task :testsqs do
   require 'test/test_credentials'
@@ -98,4 +101,18 @@ task :testrds do
   require 'test/rds/test_right_rds.rb'
 end
 
+desc "Test Route 53 interface"
+task :testroute53 do
+  require 'test/test_credentials'
+  TestCredentials.get_credentials
+  require 'test/route_53/test_right_route_53'
+end
+
+desc "Test ELB interface"
+task :testelb do
+  require 'test/test_credentials'
+  TestCredentials.get_credentials
+  require 'test/elb/test_right_elb'
+end
+
 # vim: syntax=Ruby

data/lib/acf/right_acf_interface.rb

@@ -20,7 +20,6 @@
 # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
-
 module RightAws
 
   # = RightAws::AcfInterface -- RightScale Amazon's CloudFront interface
@@ -39,24 +38,25 @@ module RightAws
   #    [{:status             => "Deployed",
   #      :domain_name        => "d74zzrxmpmygb.6hops.net",
   #      :aws_id             => "E4U91HCJHGXVC",
-  #      :origin             => "my-bucket.s3.amazonaws.com",
+  #      :s3_origin          => {:dns_name=>"bucket-for-konstantin-00.s3.amazonaws.com"},
   #      :cnames             => ["x1.my-awesome-site.net", "x1.my-awesome-site.net"]
   #      :comment            => "My comments",
-  #      :last_modified_time => Wed Sep 10 17:00:04 UTC 2008 }, ..., {...} ]
+  #      :last_modified_time => "2008-09-10T17:00:04.000Z" }, ..., {...} ]
   #
   #  distibution = list.first
   #
   #  info = acf.get_distribution(distibution[:aws_id]) #=>
-  #    {:enabled            => true,
-  #     :caller_reference   => "200809102100536497863003",
-  #     :e_tag              => "E39OHHU1ON65SI",
-  #     :status             => "Deployed",
-  #     :domain_name        => "d3dxv71tbbt6cd.6hops.net",
-  #     :cnames             => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
-  #     :aws_id             => "E2REJM3VUN5RSI",
-  #     :comment            => "Woo-Hoo!",
-  #     :origin             => "my-bucket.s3.amazonaws.com",
-  #     :last_modified_time => Wed Sep 10 17:00:54 UTC 2008 }
+  #    {:last_modified_time=>"2010-05-19T18:54:38.242Z",
+  #     :status=>"Deployed",
+  #     :domain_name=>"dpzl38cuix402.cloudfront.net",
+  #     :caller_reference=>"201005181943052207677116",
+  #     :e_tag=>"EJSXFGM5JL8ER",
+  #     :s3_origin=>
+  #      {:dns_name=>"bucket-for-konstantin-eu.s3.amazonaws.com",
+  #       :origin_access_identity=>
+  #        "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"},
+  #     :aws_id=>"E5P8HQ3ZAZIXD",
+  #     :enabled=>false}
   #
   #  config = acf.get_distribution_config(distibution[:aws_id]) #=>
   #    {:enabled          => true,
@@ -64,7 +64,7 @@ module RightAws
   #     :e_tag            => "E39OHHU1ON65SI",
   #     :cnames           => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
   #     :comment          => "Woo-Hoo!",
-  #     :origin           => "my-bucket.s3.amazonaws.com"}
+  #     :s3_origin        => {:dns_name => "my-bucket.s3.amazonaws.com"}}
   #
   #  config[:comment] = 'Olah-lah!'
   #  config[:enabled] = false
@@ -76,7 +76,7 @@ module RightAws
     
     include RightAwsBaseInterface
 
-    API_VERSION      = "2009-04-02"
+    API_VERSION      = "2010-11-01"
     DEFAULT_HOST     = 'cloudfront.amazonaws.com'
     DEFAULT_PORT     = 443
     DEFAULT_PROTOCOL = 'https'
@@ -97,7 +97,6 @@ module RightAws
     # * <tt>:server</tt>: CloudFront service host, default: DEFAULT_HOST
     # * <tt>:port</tt>: CloudFront service port, default: DEFAULT_PORT
     # * <tt>:protocol</tt>: 'http' or 'https', default: DEFAULT_PROTOCOL
-    # * <tt>:multi_thread</tt>: true=HTTP connection per thread, false=per process
     # * <tt>:logger</tt>: for log messages, default: RAILS_DEFAULT_LOGGER else STDOUT
     #
     #  acf = RightAws::AcfInterface.new('1E3GDYEOGFJPIT7XXXXXX','hgTHt68JY07JKUY08ftHYtERkjgtfERn57XXXXXX',
@@ -122,8 +121,8 @@ module RightAws
     # Generates request hash for REST API.
     def generate_request(method, path, params={}, body=nil, headers={})  # :nodoc:
       # Params
-      params.delete_if{ |key, val| val.blank? }
-      unless params.blank?
+      params.delete_if{ |key, val| val.right_blank? }
+      unless params.right_blank?
         path += "?" + params.to_a.collect{ |key,val| "#{AwsUtils::amz_escape(key)}=#{AwsUtils::amz_escape(val.to_s)}" }.join("&")
       end
       # Headers
@@ -134,7 +133,7 @@ module RightAws
       headers['Authorization'] = "AWS #{@aws_access_key_id}:#{signature}"
       # Request
       path    = "#{@params[:service]}#{@params[:api_version]}/#{path}"
-      request = "Net::HTTP::#{method.capitalize}".constantize.new(path)
+      request = "Net::HTTP::#{method.capitalize}".right_constantize.new(path)
       request.body = body if body
       # Set request headers
       headers.each { |key, value| request[key.to_s] = value }
@@ -155,14 +154,6 @@ module RightAws
     #      Helpers:
     #-----------------------------------------------------------------
 
-    def self.escape(text) # :nodoc:
-      REXML::Text::normalize(text)
-    end
-
-    def self.unescape(text) # :nodoc:
-      REXML::Text::unnormalize(text)
-    end
-
     def generate_call_reference # :nodoc:
       result = Time.now.strftime('%Y%m%d%H%M%S')
       10.times{ result << rand(10).to_s }
@@ -175,29 +166,84 @@ module RightAws
       hash
     end
 
-    def config_to_xml(config) # :nodoc:
-      cnames = ''
-      unless config[:cnames].blank?
-        config[:cnames].to_a.each { |cname| cnames += "  <CNAME>#{cname}</CNAME>\n" }
+    def distribution_config_to_xml(config, xml_wrapper='DistributionConfig') # :nodoc:
+      cnames = logging = trusted_signers = s3_origin = custom_origin = default_root_object = ''
+      # CNAMES
+      unless config[:cnames].right_blank?
+        Array(config[:cnames]).each { |cname| cnames += "  <CNAME>#{cname}</CNAME>\n" }
       end
-      # logging
-      logging = ''
-      unless config[:logging].blank?
+      # Logging
+      unless config[:logging].right_blank?
         logging = "  <Logging>\n" +
                   "    <Bucket>#{config[:logging][:bucket]}</Bucket>\n" +
                   "    <Prefix>#{config[:logging][:prefix]}</Prefix>\n" +
                   "  </Logging>\n"
       end
-      # xml
-      "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
-      "<DistributionConfig xmlns=\"http://#{@params[:server]}/doc/#{API_VERSION}/\">\n" +
-      "  <Origin>#{config[:origin]}</Origin>\n" +
-      "  <CallerReference>#{config[:caller_reference]}</CallerReference>\n" +
-      "  <Comment>#{AcfInterface::escape(config[:comment].to_s)}</Comment>\n" +
+      unless config[:required_protocols].right_blank?
+        required_protocols = "  <RequiredProtocols>\n" +
+                             "    <Protocol>#{config[:required_protocols]}</Protocol>\n" +
+                             "  </RequiredProtocols>\n"
+      else required_protocols = ""
+      end
+      # Default Root Object
+      unless config[:default_root_object].right_blank?
+        default_root_object = "  <DefaultRootObject>#{config[:default_root_object]}</DefaultRootObject>\n" unless config[:default_root_object].right_blank?
+      end
+      # Trusted Signers
+      unless config[:trusted_signers].right_blank?
+        trusted_signers = "  <TrustedSigners>\n"
+        Array(config[:trusted_signers]).each do |trusted_signer|
+          trusted_signers += if trusted_signer.to_s[/self/i]
+                               "    <Self/>\n"
+                             else
+                               "    <AwsAccountNumber>#{trusted_signer}</AwsAccountNumber>\n"
+                             end
+        end
+        trusted_signers += "  </TrustedSigners>\n"
+      end
+      # S3Origin
+      unless config[:s3_origin].right_blank?
+        origin_access_identity = ''
+        # Origin Access Identity
+        unless config[:s3_origin][:origin_access_identity].right_blank?
+          origin_access_identity = config[:s3_origin][:origin_access_identity]
+          unless origin_access_identity[%r{^origin-access-identity}]
+            origin_access_identity = "origin-access-identity/cloudfront/#{origin_access_identity}"
+          end
+          origin_access_identity = "    <OriginAccessIdentity>#{origin_access_identity}</OriginAccessIdentity>\n"
+        end
+        s3_origin = "  <S3Origin>\n" +
+                    "    <DNSName>#{config[:s3_origin][:dns_name]}</DNSName>\n" +
+                    "#{origin_access_identity}" +
+                    "  </S3Origin>\n"
+      end
+      # Custom Origin
+      unless config[:custom_origin].right_blank?
+        http_port = https_port = origin_protocol_policy = ''
+        http_port              = "    <HTTPPort>#{config[:custom_origin][:http_port]}</HTTPPort>\n"                                      unless config[:custom_origin][:http_port].right_blank?
+        https_port             = "    <HTTPSPort>#{config[:custom_origin][:https_port]}</HTTPSPort>"                                     unless config[:custom_origin][:https_port].right_blank?
+        origin_protocol_policy = "    <OriginProtocolPolicy>#{config[:custom_origin][:origin_protocol_policy]}</OriginProtocolPolicy>\n" unless config[:custom_origin][:origin_protocol_policy].right_blank?
+        custom_origin = "  <CustomOrigin>\n" +
+                        "    <DNSName>#{config[:custom_origin][:dns_name]}</DNSName>\n" +
+                        "#{http_port}" +
+                        "#{https_port}" +
+                        "#{origin_protocol_policy}" +
+                        "  </CustomOrigin>\n"
+      end
+      # XML
+      "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"                                +
+      "<#{xml_wrapper} xmlns=\"http://#{@params[:server]}/doc/#{API_VERSION}/\">\n" +
+      "  <CallerReference>#{config[:caller_reference]}</CallerReference>\n"         +
+      "  <Comment>#{AwsUtils::xml_escape(config[:comment].to_s)}</Comment>\n"       +
       "  <Enabled>#{config[:enabled]}</Enabled>\n" +
-      cnames  +
-      logging +
-      "</DistributionConfig>"
+      s3_origin           +
+      custom_origin       +
+      default_root_object +
+      cnames              +
+      logging             +
+      required_protocols  +
+      trusted_signers     +
+      "</#{xml_wrapper}>"
     end
 
     #-----------------------------------------------------------------
@@ -208,13 +254,13 @@ module RightAws
     # Returns an array of distributions or RightAws::AwsError exception.
     #
     #  acf.list_distributions #=>
-    #    [{:status             => "Deployed",
-    #      :domain_name        => "d74zzrxmpmygb.6hops.net",
-    #      :aws_id             => "E4U91HCJHGXVC",
-    #      :cnames             => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
-    #      :origin             => "my-bucket.s3.amazonaws.com",
-    #      :comment            => "My comments",
-    #      :last_modified_time => Wed Sep 10 17:00:04 UTC 2008 }, ..., {...} ]
+    #    [{:status=>"Deployed",
+    #      :domain_name=>"dgmde.6os.net",
+    #      :comment=>"ONE LINE OF COMMENT",
+    #      :last_modified_time=>"2009-06-16T16:10:02.210Z",
+    #      :s3_origin=>{:dns_name=>"example.s3.amazonaws.com"},
+    #      :aws_id=>"12Q05OOMFN7SYL",
+    #      :enabled=>true}, ... ]
     #
     def list_distributions
       result = []
@@ -234,11 +280,10 @@ module RightAws
     #      {:distributions=>
     #        [{:status=>"Deployed",
     #          :aws_id=>"E2Q0AOOMFNPSYL",
-    #          :logging=>{},
-    #          :origin=>"my-bucket.s3.amazonaws.com",
+    #          :s3_origin=>{:dns_name=>"example.s3.amazonaws.com"},
     #          :domain_name=>"d1s5gmdtmafnre.6hops.net",
     #          :comment=>"ONE LINE OF COMMENT",
-    #          :last_modified_time=>Wed Oct 22 19:31:23 UTC 2008,
+    #          :last_modified_time=>"2008-10-22T19:31:23.000Z",
     #          :enabled=>true,
     #          :cnames=>[]}],
     #       :is_truncated=>true,
@@ -252,7 +297,7 @@ module RightAws
     #   # list distributions by 10
     #   incrementally_list_distributions(:max_items => 10) do |response|
     #     puts response.inspect # a list of 10 distributions
-    #     false # return false if the listing should be broken otherwise use true
+    #     true # return false if the listing should be broken otherwise use true
     #   end
     #
     def incrementally_list_distributions(params={}, &block)
@@ -264,7 +309,7 @@ module RightAws
         link = generate_request('GET', 'distribution', opts)
         last_response = request_info(link,  AcfDistributionListParser.new(:logger => @logger))
         opts['Marker'] = last_response[:next_marker]
-        break unless block && block.call(last_response) && !last_response[:next_marker].blank?
+        break unless block && block.call(last_response) && !last_response[:next_marker].right_blank?
       end 
       last_response 
     end
@@ -272,51 +317,101 @@ module RightAws
     # Create a new distribution.
     # Returns the just created distribution or RightAws::AwsError exception.
     #
-    #  acf.create_distribution('my-bucket.s3.amazonaws.com', 'Woo-Hoo!', true, ['web1.my-awesome-site.net'],
-    #                          { :prefix=>"log/", :bucket=>"my-logs.s3.amazonaws.com" } ) #=>
-    #    {:comment            => "Woo-Hoo!",
-    #     :enabled            => true,
-    #     :location           => "https://cloudfront.amazonaws.com/2008-06-30/distribution/E2REJM3VUN5RSI",
-    #     :status             => "InProgress",
-    #     :aws_id             => "E2REJM3VUN5RSI",
-    #     :domain_name        => "d3dxv71tbbt6cd.6hops.net",
-    #     :origin             => "my-bucket.s3.amazonaws.com",
-    #     :cnames             => ["web1.my-awesome-site.net"],
-    #     :logging            => { :prefix => "log/",
-    #                              :bucket => "my-logs.s3.amazonaws.com"},
-    #     :last_modified_time => Wed Sep 10 17:00:54 UTC 2008,
-    #     :caller_reference   => "200809102100536497863003"}
+    #  # S3 Origin
     #
-    def create_distribution(origin, comment='', enabled=true, cnames=[], caller_reference=nil, logging={})
-      config = { :origin  => origin,
-                 :comment => comment,
-                 :enabled => enabled,
-                 :cnames  => cnames.to_a,
-                 :caller_reference => caller_reference }
-      config[:logging] = logging unless logging.blank?
-      create_distribution_by_config(config)
-    end
-
-    def create_distribution_by_config(config)
+    #  config =  { :comment   => "kd: delete me please",
+    #              :s3_origin => { :dns_name               => "devs-us-east.s3.amazonaws.com",
+    #                              :origin_access_identity => "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"},
+    #              :enabled   => true,
+    #              :logging   => { :prefix => "kd/log/",
+    #                              :bucket => "devs-us-west.s3.amazonaws.com"}}
+    #  acf.create_distribution(config) #=>
+    #    { :status=>"InProgress",
+    #      :enabled=>true,
+    #      :caller_reference=>"201012071910051044304704",
+    #      :logging=>{:prefix=>"kd/log/", :bucket=>"devs-us-west.s3.amazonaws.com"},
+    #      :e_tag=>"ESCTG5WJCFWJK",
+    #      :location=> "https://cloudfront.amazonaws.com/2010-11-01/distribution/E3KUBANZ7N1B2",
+    #      :comment=>"kd: delete me please",
+    #      :domain_name=>"d3stykk6upgs20.cloudfront.net",
+    #      :aws_id=>"E3KUBANZ7N1B2",
+    #      :s3_origin=>
+    #        {:origin_access_identity=>"origin-access-identity/cloudfront/E3JPJZ80ZBX24G",
+    #         :dns_name=>"devs-us-east.s3.amazonaws.com"},
+    #      :last_modified_time=>"2010-12-07T16:10:07.087Z",
+    #      :in_progress_invalidation_batches=>0}
+    #
+    #  # Custom Origin
+    #
+    #    custom_config = { :comment       => "kd: delete me please",
+    #                      :custom_origin => { :dns_name  => "custom_origin.my-site.com",
+    #                                          :http_port => 80,
+    #                                          :https_port => 443,
+    #                                          :origin_protocol_policy => 'match-viewer' },
+    #                      :enabled       => true,
+    #                      :logging       => { :prefix => "kd/log/",
+    #                                          :bucket => "my-bucket.s3.amazonaws.com"}} #=>
+    #    { :last_modified_time=>"2010-12-08T14:23:43.522Z",
+    #      :status=>"InProgress",
+    #      :custom_origin=>
+    #        {:http_port=>"80",
+    #        :https_port=>"443",
+    #        :origin_protocol_policy=>"match-viewer",
+    #        :dns_name=>"custom_origin.my-site.com"},
+    #      :enabled=>true,
+    #      :caller_reference=>"201012081723428499167245",
+    #      :in_progress_invalidation_batches=>0,
+    #      :e_tag=>"E1ZCJ8N5E52KO6",
+    #      :location=>
+    #        "https://cloudfront.amazonaws.com/2010-11-01/distribution/EK0AJ4RMNIF2P",
+    #      :logging=>{:prefix=>"kd/log/", :bucket=>"my-bucket.s3.amazonaws.com"},
+    #      :domain_name=>"do36k7s2wxklg.cloudfront.net",
+    #      :comment=>"kd: delete me please",
+    #      :aws_id=>"EK0AJ4RMNIF2P"}
+    #
+    def create_distribution(config)
       config[:caller_reference] ||= generate_call_reference
-      link = generate_request('POST', 'distribution', {}, config_to_xml(config))
+      link = generate_request('POST', 'distribution', {}, distribution_config_to_xml(config))
       merge_headers(request_info(link, AcfDistributionListParser.new(:logger => @logger))[:distributions].first)
     end
+    alias_method :create_distribution_by_config, :create_distribution
 
     # Get a distribution's information.
     # Returns a distribution's information or RightAws::AwsError exception.
     #
     #  acf.get_distribution('E2REJM3VUN5RSI') #=>
-    #    {:enabled            => true,
-    #     :caller_reference   => "200809102100536497863003",
-    #     :e_tag              => "E39OHHU1ON65SI",
-    #     :status             => "Deployed",
-    #     :domain_name        => "d3dxv71tbbt6cd.6hops.net",
-    #     :cnames             => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
-    #     :aws_id             => "E2REJM3VUN5RSI",
-    #     :comment            => "Woo-Hoo!",
-    #     :origin             => "my-bucket.s3.amazonaws.com",
-    #     :last_modified_time => Wed Sep 10 17:00:54 UTC 2008 }
+    #    {:last_modified_time=>"2010-05-19T18:54:38.242Z",
+    #     :status=>"Deployed",
+    #     :domain_name=>"dpzl38cuix402.cloudfront.net",
+    #     :caller_reference=>"201005181943052207677116",
+    #     :e_tag=>"EJSXFGM5JL8ER",
+    #     :s3_origin=>
+    #      {:dns_name=>"bucket-for-konstantin-eu.s3.amazonaws.com",
+    #       :origin_access_identity=>
+    #        "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"},
+    #     :aws_id=>"E5P8HQ3ZAZIXD",
+    #     :enabled=>false}
+    #
+    #  acf.get_distribution('E2FNSBHNVVF11E') #=>
+    #    {:e_tag=>"E1Q2DJEPTQOLJD",
+    #     :status=>"InProgress",
+    #     :last_modified_time=>"2010-04-17T17:24:25.000Z",
+    #     :cnames=>["web1.my-awesome-site.net", "web2.my-awesome-site.net"],
+    #     :aws_id=>"E2FNSBHNVVF11E",
+    #     :logging=>{:prefix=>"xlog/", :bucket=>"my-bucket.s3.amazonaws.com"},
+    #     :enabled=>true,
+    #     :active_trusted_signers=>
+    #      [{:aws_account_number=>"120288270000",
+    #        :key_pair_ids=>["APKAJTD5OHNDX0000000", "APKAIK74BJWCL0000000"]},
+    #       {:aws_account_number=>"self"},
+    #       {:aws_account_number=>"648772220000"}],
+    #     :caller_reference=>"201004171154450740700072",
+    #     :domain_name=>"d1f6lpevremt5m.cloudfront.net",
+    #     :s3_origin=>
+    #      {:dns_name=>"bucket-for-konstantin-eu.s3.amazonaws.com",
+    #       :origin_access_identity=>
+    #        "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"},
+    #     :trusted_signers=>["self", "648772220000", "120288270000"]}
     #
     def get_distribution(aws_id)
       link = generate_request('GET', "distribution/#{aws_id}")
@@ -327,12 +422,24 @@ module RightAws
     # Returns a distribution's configuration or RightAws::AwsError exception.
     #
     #  acf.get_distribution_config('E2REJM3VUN5RSI') #=>
-    #    {:enabled          => true,
-    #     :caller_reference => "200809102100536497863003",
-    #     :e_tag            => "E39OHHU1ON65SI",
-    #     :cnames           => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
-    #     :comment          => "Woo-Hoo!",
-    #     :origin           => "my-bucket.s3.amazonaws.com"}
+    #    {:caller_reference=>"201005181943052207677116",
+    #     :e_tag=>"EJSXFGM5JL8ER",
+    #     :s3_origin=>
+    #      {:dns_name=>"bucket-for-konstantin-eu.s3.amazonaws.com",
+    #       :origin_access_identity=>
+    #        "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"},
+    #     :enabled=>false}
+    #
+    #  acf.get_distribution_config('E2FNSBHNVVF11E') #=>
+    #    {:e_tag=>"E1Q2DJEPTQOLJD",
+    #     :logging=>{:prefix=>"xlog/", :bucket=>"my-bucket.s3.amazonaws.com"},
+    #     :enabled=>true,
+    #     :caller_reference=>"201004171154450740700072",
+    #     :trusted_signers=>["self", "648772220000", "120288270000"],
+    #     :s3_origin=>
+    #      {:dns_name=>"bucket-for-konstantin-eu.s3.amazonaws.com",
+    #       :origin_access_identity=>
+    #        "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"}}
     #
     def get_distribution_config(aws_id)
       link = generate_request('GET', "distribution/#{aws_id}/config")
@@ -340,7 +447,6 @@ module RightAws
     end
 
     # Set a distribution's configuration 
-    # (the :origin and the :caller_reference cannot be changed).
     # Returns +true+ on success or RightAws::AwsError exception.
     #
     #  config = acf.get_distribution_config('E2REJM3VUN5RSI') #=>
@@ -349,13 +455,20 @@ module RightAws
     #     :e_tag            => "E39OHHU1ON65SI",
     #     :cnames           => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
     #     :comment          => "Woo-Hoo!",
-    #     :origin           => "my-bucket.s3.amazonaws.com"}
-    #  config[:comment] = 'Olah-lah!'
-    #  config[:enabled] = false
+    #     :s3_origin        => { :dns_name => "my-bucket.s3.amazonaws.com"}}
+    #
+    #  config[:comment]                = 'Olah-lah!'
+    #  config[:enabled]                = false
+    #  config[:s3_origin][:origin_access_identity] = "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"
+    #  # or just
+    #  # config[:s3_origin][:origin_access_identity] = "E3JPJZ80ZBX24G"
+    #  config[:trusted_signers]        = ['self', '648772220000', '120288270000']
+    #  config[:logging]                = { :bucket => 'my-bucket.s3.amazonaws.com', :prefix => 'xlog/' }
+    #  
     #  acf.set_distribution_config('E2REJM3VUN5RSI', config) #=> true
     #
     def set_distribution_config(aws_id, config)
-      link = generate_request('PUT', "distribution/#{aws_id}/config", {}, config_to_xml(config),
+      link = generate_request('PUT', "distribution/#{aws_id}/config", {}, distribution_config_to_xml(config),
                                      'If-Match' => config[:e_tag])
       request_info(link, RightHttp2xxParser.new(:logger => @logger))
     end
@@ -380,32 +493,55 @@ module RightAws
         @result = { :distributions => [] }
       end
       def tagstart(name, attributes)
-        if name == 'DistributionSummary' || name == 'Distribution' ||
-          (name == 'DistributionConfig' && @xmlpath.blank?)
-          @distribution = { :cnames  => [], :logging => {} }
+        case full_tag_name
+        when %r{/Signer$}
+          @active_signer = {}
+        when %r{(Streaming)?DistributionSummary$},
+             %r{^(Streaming)?Distribution$},
+             %r{^(Streaming)?DistributionConfig$}
+          @distribution = { }
+        when %r{/S3Origin$}     then @distribution[:s3_origin] = {}
+        when %r{/CustomOrigin$} then @distribution[:custom_origin] = {}
         end
       end
       def tagend(name)
         case name
-          when 'Marker'      then @result[:marker]       = @text
-          when 'NextMarker'  then @result[:next_marker]  = @text
-          when 'MaxItems'    then @result[:max_items]    = @text.to_i
-          when 'IsTruncated' then @result[:is_truncated] = @text == 'true' ? true : false
-          when 'Id'               then @distribution[:aws_id]             = @text
-          when 'Status'           then @distribution[:status]             = @text
-          when 'LastModifiedTime' then @distribution[:last_modified_time] = Time.parse(@text)
-          when 'DomainName'       then @distribution[:domain_name]        = @text
-          when 'Origin'           then @distribution[:origin]             = @text
-          when 'Comment'          then @distribution[:comment]            = AcfInterface::unescape(@text)
-          when 'CallerReference'  then @distribution[:caller_reference]   = @text
-          when 'CNAME'            then @distribution[:cnames]            << @text
-          when 'Enabled'          then @distribution[:enabled]            = @text == 'true' ? true : false
-          when 'Bucket'           then @distribution[:logging][:bucket]   = @text
-          when 'Prefix'           then @distribution[:logging][:prefix]   = @text
-        end
-        if name == 'DistributionSummary' || name == 'Distribution' ||
-          (name == 'DistributionConfig' && @xmlpath.blank?)
-          @result[:distributions] << @distribution
+        when 'Marker'           then @result[:marker]       = @text
+        when 'NextMarker'       then @result[:next_marker]  = @text
+        when 'MaxItems'         then @result[:max_items]    = @text.to_i
+        when 'IsTruncated'      then @result[:is_truncated] = (@text == 'true')
+        when 'Id'               then @distribution[:aws_id]                    = @text
+        when 'Status'           then @distribution[:status]                    = @text
+        when 'LastModifiedTime' then @distribution[:last_modified_time]        = @text
+        when 'DomainName'       then @distribution[:domain_name]               = @text
+        when 'Comment'          then @distribution[:comment]                   = AwsUtils::xml_unescape(@text)
+        when 'CallerReference'  then @distribution[:caller_reference]          = @text
+        when 'CNAME'            then (@distribution[:cnames] ||= [])          << @text
+        when 'Enabled'          then @distribution[:enabled]                   = (@text == 'true')
+        when 'Bucket'           then (@distribution[:logging] ||= {})[:bucket] = @text
+        when 'Prefix'           then (@distribution[:logging] ||= {})[:prefix] = @text
+        when 'Protocol'         then (@distribution[:required_protocols] ||= {})[:protocol]        = @text
+        when 'InProgressInvalidationBatches' then @distribution[:in_progress_invalidation_batches] = @text.to_i
+        when 'DefaultRootObject'             then @distribution[:default_root_object]              = @text
+        else
+          case full_tag_name
+          when %r{/S3Origin/DNSName$}                  then @distribution[:s3_origin][:dns_name]                   = @text
+          when %r{/S3Origin/OriginAccessIdentity$}     then @distribution[:s3_origin][:origin_access_identity]     = @text
+          when %r{/CustomOrigin/DNSName$}              then @distribution[:custom_origin][:dns_name]               = @text
+          when %r{/CustomOrigin/HTTPPort}              then @distribution[:custom_origin][:http_port]              = @text
+          when %r{/CustomOrigin/HTTPSPort$}            then @distribution[:custom_origin][:https_port]             = @text
+          when %r{/CustomOrigin/OriginProtocolPolicy$} then @distribution[:custom_origin][:origin_protocol_policy] = @text
+          when %r{/TrustedSigners/Self$}               then (@distribution[:trusted_signers] ||= [])              << 'self'
+          when %r{/TrustedSigners/AwsAccountNumber$}   then (@distribution[:trusted_signers] ||= [])              << @text
+          when %r{/Signer/Self$}                       then @active_signer[:aws_account_number]                    = 'self'
+          when %r{/Signer/AwsAccountNumber$}           then @active_signer[:aws_account_number]                    = @text
+          when %r{/Signer/KeyPairId$}                  then (@active_signer[:key_pair_ids] ||= [])                << @text
+          when %r{/Signer$}                            then (@distribution[:active_trusted_signers] ||= [])       << @active_signer
+          when %r{(Streaming)?DistributionSummary$},
+               %r{^(Streaming)?Distribution$},
+               %r{^(Streaming)?DistributionConfig$}
+            @result[:distributions] << @distribution
+          end
         end
       end
     end