logstash-integration-aws 7.1.7-java → 7.2.0-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a8f9ae63dfee1103ddee32c8ab76ba8b340bae55a552013a8ac460c88a3325c7
-  data.tar.gz: 6d99db14db59800f5169b4a127d3ab0dca4b9f5cda9287acbb4902c2cb560ec0
+  metadata.gz: 9b93bdb01523611844275ebf3c0b45d3e2cf7cfa437f7320a4be3a7043ee099e
+  data.tar.gz: 045cbc4d15ec6f96f39e555fa1de4aba3a0939a1b0de65333e0b0b0a97d97870
 SHA512:
-  metadata.gz: 5e64bef3daf41ea9870cf7c3d3b9fc32aacda2e2d110fd02640e3340c9f5136cf5848b0675a048b5f15bec7a2a58e7be21b62707108d54a93938217753bb5894
-  data.tar.gz: 5995bc4f39a56d88b430dd64a201fce2764fc195586d35a1d042b16d90a4646ecb0524cf758d098d6712e8b8a8395e05a3f1bc1f5b978557d1791df375b2a586
+  metadata.gz: 858539c60b31389ad1e8804402e1c2c785fb8ba8e24a4791458df07c909974b3579ee4b09f6075c17c496db8d94f2ca59da71698dc51a3b8ad35a876dc0ec1b4
+  data.tar.gz: 2014dfe8a375604f37416d8f3f6320d506ca34b7bf19fb1a844d7609b3083ab89c2a1becd1ea7ea8485b282c5be7f1c6a5105689a5fae07a8c6d7f3aae8270b7

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 7.2.0
+  - Added an option `web_identity_token_file` to support IRSA (IAM Roles for Service Accounts) [#52](https://github.com/logstash-plugins/logstash-integration-aws/pull/52)
+  
+## 7.1.8
+  - adding all supported storage classes for s3 output [#49](https://github.com/logstash-plugins/logstash-integration-aws/pull/49)
+
 ## 7.1.7
   - Remove empty temporary dirs at plugin close [#46](https://github.com/logstash-plugins/logstash-integration-aws/pull/46)
 

data/VERSION

@@ -1 +1 @@
-7.1.7
+7.2.0

data/docs/input-cloudwatch.asciidoc

@@ -127,6 +127,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-statistics>> |<<array,array>>|No
 | <<plugins-{type}s-{plugin}-use_aws_bundled_ca>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-use_ssl>> |<<boolean,boolean>>|No
+| <<plugins-{type}s-{plugin}-web_identity_token_file>> |<<string,string>>|No
 |=======================================================================
 
 Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
@@ -323,6 +324,17 @@ require 'aws-sdk' will load v2 classes.
 Should we require (true) or disable (false) using SSL for communicating with the AWS API
 The AWS SDK for Ruby defaults to SSL so we preserve that
 
+[id="plugins-{type}s-{plugin}-web_identity_token_file"]
+===== `web_identity_token_file`
+
+* Value type is <<string,string>>
+
+Absolute path to the file on disk containing OIDC token for https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html[IRSA].
+Set the path to `"/var/run/secrets/eks.amazonaws.com/serviceaccount/token"` when using Amazon EKS.
+If specified, <<plugins-{type}s-{plugin}-role_arn>> must not be empty.
+
+For the details of setting up IAM roles and Kubernetes service accounts, check out https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html[userguide]
+
 
 [id="plugins-{type}s-{plugin}-common-options"]
 include::{include_path}/{type}.asciidoc[]

data/docs/input-s3.asciidoc

@@ -80,6 +80,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-temporary_directory>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-use_aws_bundled_ca>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-watch_for_new_files>> |<<boolean,boolean>>|No
+| <<plugins-{type}s-{plugin}-web_identity_token_file>> |<<string,string>>|No
 |=======================================================================
 
 Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
@@ -351,6 +352,17 @@ you can set this to `true`.
 Whether or not to watch for new files.
 Disabling this option causes the input to close itself after processing the files from a single listing.
 
+[id="plugins-{type}s-{plugin}-web_identity_token_file"]
+===== `web_identity_token_file`
+
+  * Value type is <<string,string>>
+
+Absolute path to the file on disk containing OIDC token for https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html[IRSA].
+Set the path to `"/var/run/secrets/eks.amazonaws.com/serviceaccount/token"` when using Amazon EKS.
+If specified, <<plugins-{type}s-{plugin}-role_arn>> must not be empty.
+
+For the details of setting up IAM roles and Kubernetes service accounts, check out https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html[userguide]
+
 [id="plugins-{type}s-{plugin}-common-options"]
 include::{include_path}/{type}.asciidoc[]
 

data/docs/input-sqs.asciidoc

@@ -103,6 +103,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-session_token>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-threads>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-use_aws_bundled_ca>> |<<boolean,boolean>>|No
+| <<plugins-{type}s-{plugin}-web_identity_token_file>> |<<string,string>>|No
 |=======================================================================
 
 Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
@@ -289,6 +290,17 @@ Use bundled CA certificates that ship with AWS SDK to verify SSL peer certificat
 For cases where the default certificates are unavailable, e.g. Windows,
 you can set this to `true`.
 
+[id="plugins-{type}s-{plugin}-web_identity_token_file"]
+===== `web_identity_token_file`
+
+* Value type is <<string,string>>
+
+Absolute path to the file on disk containing OIDC token for https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html[IRSA].
+Set the path to `"/var/run/secrets/eks.amazonaws.com/serviceaccount/token"` when using Amazon EKS.
+If specified, <<plugins-{type}s-{plugin}-role_arn>> must not be empty.
+
+For the details of setting up IAM roles and Kubernetes service accounts, check out https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html[userguide]
+
 
 [id="plugins-{type}s-{plugin}-common-options"]
 include::{include_path}/{type}.asciidoc[]

data/docs/output-cloudwatch.asciidoc

@@ -108,6 +108,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-unit>> |<<string,string>>, one of `["Seconds", "Microseconds", "Milliseconds", "Bytes", "Kilobytes", "Megabytes", "Gigabytes", "Terabytes", "Bits", "Kilobits", "Megabits", "Gigabits", "Terabits", "Percent", "Count", "Bytes/Second", "Kilobytes/Second", "Megabytes/Second", "Gigabytes/Second", "Terabytes/Second", "Bits/Second", "Kilobits/Second", "Megabits/Second", "Gigabits/Second", "Terabits/Second", "Count/Second", "None"]`|No
 | <<plugins-{type}s-{plugin}-use_aws_bundled_ca>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-value>> |<<string,string>>|No
+| <<plugins-{type}s-{plugin}-web_identity_token_file>> |<<string,string>>|No
 |=======================================================================
 
 Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
@@ -324,6 +325,16 @@ If provided, this must be a string which can be converted to a float, for exampl
     "1", "2.34", ".5", and "0.67"
 If you set this option you should probably set the `unit` option along with it
 
+[id="plugins-{type}s-{plugin}-web_identity_token_file"]
+===== `web_identity_token_file`
+
+* Value type is <<string,string>>
+
+Absolute path to the file on disk containing OIDC token for https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html[IRSA].
+Set the path to `"/var/run/secrets/eks.amazonaws.com/serviceaccount/token"` when using Amazon EKS.
+If specified, <<plugins-{type}s-{plugin}-role_arn>> must not be empty.
+
+For the details of setting up IAM roles and Kubernetes service accounts, check out https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html[userguide]
 
 
 [id="plugins-{type}s-{plugin}-common-options"]

data/docs/output-s3.asciidoc

@@ -107,7 +107,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-signature_version>> |<<string,string>>, one of `["v2", "v4"]`|No
 | <<plugins-{type}s-{plugin}-size_file>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-ssekms_key_id>> |<<string,string>>|No
-| <<plugins-{type}s-{plugin}-storage_class>> |<<string,string>>, one of `["STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA"]`|No
+| <<plugins-{type}s-{plugin}-storage_class>> |<<string,string>>, one of `["STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"]`|No
 | <<plugins-{type}s-{plugin}-temporary_directory>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-time_file>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-upload_multipart_threshold>> |<<number,number>>|No
@@ -115,6 +115,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-upload_workers_count>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-use_aws_bundled_ca>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-validate_credentials_on_root_bucket>> |<<boolean,boolean>>|No
+| <<plugins-{type}s-{plugin}-web_identity_token_file>> |<<string,string>>|No
 |=======================================================================
 
 Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
@@ -375,7 +376,7 @@ http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html
 [id="plugins-{type}s-{plugin}-storage_class"]
 ===== `storage_class` 
 
-  * Value can be any of: `STANDARD`, `REDUCED_REDUNDANCY`, `STANDARD_IA`, `ONEZONE_IA`
+  * Value can be any of: `STANDARD`, `REDUCED_REDUNDANCY`, `STANDARD_IA`, `ONEZONE_IA`, `INTELLIGENT_TIERING`, `GLACIER`, `DEEP_ARCHIVE`, `OUTPOSTS`, `GLACIER_IR`, `SNOW`, `EXPRESS_ONEZONE`
   * Default value is `"STANDARD"`
 
 Specifies what S3 storage class to use when uploading the file.
@@ -447,6 +448,18 @@ full access to write logs.
 In some circumstances, you need more granular permissions on the subfolder. This
 allows you to disable the check at startup.
 
+[id="plugins-{type}s-{plugin}-web_identity_token_file"]
+===== `web_identity_token_file`
+
+* Value type is <<string,string>>
+
+Absolute path to the file on disk containing OIDC token for https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html[IRSA].
+Set the path to `"/var/run/secrets/eks.amazonaws.com/serviceaccount/token"` when using Amazon EKS.
+If specified, <<plugins-{type}s-{plugin}-role_arn>> must not be empty.
+
+For the details of setting up IAM roles and Kubernetes service accounts, check out https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html[https://docs.aws.amazon.com/eks/latest/userguide/pod-configuration.html[userguide]
+
+
 [id="plugins-{type}s-{plugin}-common-options"]
 include::{include_path}/{type}.asciidoc[]
 

data/docs/output-sns.asciidoc

@@ -66,6 +66,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-secret_access_key>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-session_token>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-use_aws_bundled_ca>> |<<boolean,boolean>>|No
+| <<plugins-{type}s-{plugin}-web_identity_token_file>> |<<string,string>>|No
 |=======================================================================
 
 Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
@@ -169,6 +170,17 @@ Use bundled CA certificates that ship with AWS SDK to verify SSL peer certificat
 For cases where the default certificates are unavailable, e.g. Windows,
 you can set this to `true`.
 
+[id="plugins-{type}s-{plugin}-web_identity_token_file"]
+===== `web_identity_token_file`
+
+* Value type is <<string,string>>
+
+Absolute path to the file on disk containing OIDC token for https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html[IRSA].
+Set the path to `"/var/run/secrets/eks.amazonaws.com/serviceaccount/token"` when using Amazon EKS.
+If specified, <<plugins-{type}s-{plugin}-role_arn>> must not be empty.
+
+For the details of setting up IAM roles and Kubernetes service accounts, check out https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html[userguide]
+
 
 [id="plugins-{type}s-{plugin}-common-options"]
 include::{include_path}/{type}.asciidoc[]

data/docs/output-sqs.asciidoc

@@ -98,6 +98,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-secret_access_key>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-session_token>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-use_aws_bundled_ca>> |<<boolean,boolean>>|No
+| <<plugins-{type}s-{plugin}-web_identity_token_file>> |<<string,string>>|No
 |=======================================================================
 
 Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
@@ -245,6 +246,18 @@ Use bundled CA certificates that ship with AWS SDK to verify SSL peer certificat
 For cases where the default certificates are unavailable, e.g. Windows,
 you can set this to `true`.
 
+[id="plugins-{type}s-{plugin}-web_identity_token_file"]
+===== `web_identity_token_file`
+
+* Value type is <<string,string>>
+
+Absolute path to the file on disk containing OIDC token for https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html[IRSA].
+Set the path to `"/var/run/secrets/eks.amazonaws.com/serviceaccount/token"` when using Amazon EKS.
+If specified, <<plugins-{type}s-{plugin}-role_arn>> must not be empty.
+
+For the details of setting up IAM roles and Kubernetes service accounts, check out https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html[userguide]
+
+
 [id="plugins-{type}s-{plugin}-common-options"]
 include::{include_path}/{type}.asciidoc[]
 

data/lib/logstash/outputs/s3.rb

@@ -142,7 +142,7 @@ class LogStash::Outputs::S3 < LogStash::Outputs::Base
   # More information about the different storage classes can be found:
   # http://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
   # Defaults to STANDARD.
-  config :storage_class, :validate => ["STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA"], :default => "STANDARD"
+  config :storage_class, :validate => ["STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"], :default => "STANDARD"
 
   # Set the directory where logstash will store the tmp files before sending it to S3
   # default to the current OS temporary directory in linux /tmp/logstash

data/lib/logstash/plugin_mixins/aws_config/generic.rb

@@ -57,5 +57,11 @@ module LogStash::PluginMixins::AwsConfig::Generic
     # you can use the bundled ca certificate provided by AWS SDK
     # by setting `use_aws_bundled_ca` to true
     config :use_aws_bundled_ca, :validate => :boolean, :default => false
+
+    # Absolute path to the file on disk containing OIDC token for IRSA
+    # In AWS EKS, this should be set to "/var/run/secrets/eks.amazonaws.com/serviceaccount/token",
+    # the default location where EKS projects the token.
+    # `role_arn` must be configured when `web_identity_token_file` is used
+    config :web_identity_token_file, :validate => :string
   end
 end

data/lib/logstash/plugin_mixins/aws_config/v2.rb

@@ -2,9 +2,18 @@
 require "logstash/plugin_mixins/aws_config/generic"
 
 module LogStash::PluginMixins::AwsConfig::V2
+  module RegisterInterceptor
+    # check aws config before plugin.register()
+    def register
+      check_aws_generic_config!
+      super
+    end
+  end
+
   def self.included(base)
     base.extend(self)
     base.send(:include, LogStash::PluginMixins::AwsConfig::Generic)
+    base.prepend(RegisterInterceptor)
   end
 
   public
@@ -67,19 +76,24 @@ module LogStash::PluginMixins::AwsConfig::V2
   alias credentials aws_credentials
 
   def assume_role(opts = {})
-    unless opts.key?(:credentials)
-      credentials = aws_credentials
-      opts[:credentials] = credentials if credentials
-    end
+    creds = aws_credentials
+    opts[:credentials] = creds if creds
 
     # for a regional endpoint :region is always required by AWS
     opts[:region] = @region
 
-    Aws::AssumeRoleCredentials.new(
-        :client => Aws::STS::Client.new(opts),
-        :role_arn => @role_arn,
-        :role_session_name => @role_session_name
-    )
+    role_credentials_opts = {
+      client: Aws::STS::Client.new(opts),
+      role_arn: @role_arn,
+      role_session_name: @role_session_name
+    }
+
+    if @web_identity_token_file
+      role_credentials_opts[:web_identity_token_file] = @web_identity_token_file
+      Aws::AssumeRoleWebIdentityCredentials.new(role_credentials_opts)
+    else
+      Aws::AssumeRoleCredentials.new(role_credentials_opts)
+    end
   end
 
   def symbolize_keys_and_cast_true_false(hash)
@@ -97,4 +111,7 @@ module LogStash::PluginMixins::AwsConfig::V2
     end
   end
 
+  def check_aws_generic_config!
+    raise LogStash::ConfigurationError, "`role_arn` must be set when using `web_identity_token_file`" if @web_identity_token_file && (@role_arn.nil? || @role_arn.empty?)
+  end
 end

data/lib/logstash-integration-aws_jars.rb

@@ -1,4 +1,4 @@
 # AUTOGENERATED BY THE GRADLE SCRIPT. DO NOT EDIT.
 
 require 'jar_dependencies'
-require_jar('org.logstash.plugins.integration.aws', 'logstash-integration-aws', '7.1.7')
+require_jar('org.logstash.plugins.integration.aws', 'logstash-integration-aws', '7.2.0')

data/spec/outputs/s3_spec.rb

@@ -122,7 +122,7 @@ describe LogStash::Outputs::S3 do
 
     describe "Storage Class" do
       context "when configured" do
-        ["STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA"].each do |storage_class|
+        ["STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"].each do |storage_class|
           it "should return the configured storage class: #{storage_class}" do
             s3 = described_class.new(options.merge({ "storage_class" => storage_class }))
             expect(s3.upload_options).to include(:storage_class => storage_class)
@@ -211,7 +211,7 @@ describe LogStash::Outputs::S3 do
     context 'us-east-1' do
       let(:region) { 'us-east-1' }
       it "sets endpoint" do
-        expect( subject.send(:bucket_resource).client.config.endpoint.to_s ).to eql 'https://s3.us-east-1.amazonaws.com'
+        expect( subject.send(:bucket_resource).client.config.endpoint.to_s ).to eql 'https://s3.amazonaws.com'
       end
     end
 

data/spec/plugin_mixin/aws_config_spec.rb

@@ -6,6 +6,7 @@ require 'timecop'
 class DummyInputAwsConfigV2 < LogStash::Inputs::Base
   include LogStash::PluginMixins::AwsConfig::V2
 
+  def register; end
   def aws_service_endpoint(region)
     { :dummy_input_aws_config_region => "#{region}.awswebservice.local" }
   end
@@ -13,6 +14,7 @@ end
 
 class DummyInputAwsConfigV2NoRegionMethod < LogStash::Inputs::Base
   include LogStash::PluginMixins::AwsConfig::V2
+  def register; end
 end
 
 describe LogStash::PluginMixins::AwsConfig::V2 do
@@ -87,6 +89,7 @@ describe LogStash::PluginMixins::AwsConfig::V2 do
               new_temp_credentials
             end
           }
+          allow_any_instance_of(Aws::AssumeRoleCredentials).to receive(:parse_account_id).with(any_args).and_return(nil)
         end
 
         it 'supports passing role_arn' do
@@ -233,4 +236,24 @@ describe LogStash::PluginMixins::AwsConfig::V2 do
     end
   end
 
+  describe "validate config" do
+    context "setup IRSA" do
+      let(:settings) { {"web_identity_token_file" => "/path/to/token_file"} }
+
+      context "web_identity_token_file and role_arn are set" do
+        let(:settings) { super().merge("role_arn" => 'arn:aws:iam::111122223333:role/a-role',) }
+
+        it "passes validation" do
+          expect{ DummyInputAwsConfigV2.new(settings).register }.to_not raise_error
+        end
+      end
+
+      context "only web_identity_token_file is set" do
+        it "fails validation" do
+          expect{ DummyInputAwsConfigV2.new(settings).register }.to raise_error(LogStash::ConfigurationError, /`role_arn` must be set/)
+        end
+      end
+    end
+  end
+
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-integration-aws
 version: !ruby/object:Gem::Version
-  version: 7.1.7
+  version: 7.2.0
 platform: java
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-07-02 00:00:00.000000000 Z
+date: 2025-02-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -20,8 +20,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2.99'
   name: logstash-core-plugin-api
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -37,8 +37,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: concurrent-ruby
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -51,8 +51,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: logstash-codec-json
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -65,8 +65,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: logstash-codec-plain
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -79,8 +79,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 3.0.9
   name: rufus-scheduler
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -93,8 +93,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.0.22
   name: stud
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -107,8 +107,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: rexml
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -121,8 +121,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3'
   name: aws-sdk-core
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -135,8 +135,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: aws-sdk-s3
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -149,8 +149,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: aws-sdk-sqs
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -163,8 +163,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: aws-sdk-sns
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -177,8 +177,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: aws-sdk-cloudwatch
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -191,8 +191,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: aws-sdk-cloudfront
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -205,8 +205,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: aws-sdk-resourcegroups
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -219,8 +219,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: logstash-codec-json_lines
-  prerelease: false
   type: :development
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -233,8 +233,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: logstash-codec-multiline
-  prerelease: false
   type: :development
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -247,8 +247,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: logstash-codec-json
-  prerelease: false
   type: :development
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -261,8 +261,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: logstash-codec-line
-  prerelease: false
   type: :development
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -275,8 +275,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: logstash-devutils
-  prerelease: false
   type: :development
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -289,8 +289,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: logstash-input-generator
-  prerelease: false
   type: :development
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -303,8 +303,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: timecop
-  prerelease: false
   type: :development
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -408,7 +408,7 @@ files:
 - spec/spec_helper.rb
 - spec/support/helpers.rb
 - spec/unit/outputs/sqs_spec.rb
-- vendor/jar-dependencies/org/logstash/plugins/integration/aws/logstash-integration-aws/7.1.7/logstash-integration-aws-7.1.7.jar
+- vendor/jar-dependencies/org/logstash/plugins/integration/aws/logstash-integration-aws/7.2.0/logstash-integration-aws-7.2.0.jar
 homepage: http://www.elastic.co/guide/en/logstash/current/index.html
 licenses:
 - Apache-2.0
@@ -432,7 +432,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.33
+rubygems_version: 3.3.26
 signing_key:
 specification_version: 4
 summary: Collection of Logstash plugins that integrate with AWS