right_aws 2.0.0 → 2.1.0

data/History.txt

@@ -281,4 +281,25 @@ the source key.
         RightAws::Ec2#create_snapshot,
         RightAws::Ec2#try_create_snapshot
     - :created_time in:
-        RightAws::ElbInterface#describe_load_balancers
+        RightAws::ElbInterface#describe_load_balancers
+
+=== 2.1.0
+  Release Notes:
+  - Added:
+    - Route 53: API '2010-10-01'
+    - ACF: API '2010-11-01'
+    - EC2:
+      - API '2010-08-31'
+      - Port based group permissions support
+      - HPC Support
+      - Tags Suport
+      - ClientToken support added on instance launch
+    - RDS: API "2010-07-28"
+    - ELB: API '2010-07-01' (SSL support)
+    - IAM: API '2010-05-08' (AWS Identity and Access Management interface)
+    - 301 Redirect support added
+  - Removed:
+    - ActiveSupport dependency
+    - SDB: uuid gem dependency
+  - this gem requires right_http_connection 0bc3343232133bdb38c237d8285525d74495d3f5 or later
+  - "Raise On Timeout On Action" feature added to avoid duplicate resources creation if a timeout error occures and a retry is performed

data/Manifest.txt

@@ -2,9 +2,9 @@ History.txt
 Manifest.txt
 README.txt
 Rakefile
+lib/awsbase/support.rb
 lib/awsbase/benchmark_fix.rb
 lib/awsbase/right_awsbase.rb
-lib/awsbase/support.rb
 lib/ec2/right_ec2.rb
 lib/ec2/right_ec2_images.rb
 lib/ec2/right_ec2_instances.rb
@@ -14,6 +14,9 @@ lib/ec2/right_ec2_ebs.rb
 lib/ec2/right_ec2_reserved_instances.rb
 lib/ec2/right_ec2_vpc.rb
 lib/ec2/right_ec2_monitoring.rb
+lib/ec2/right_ec2_placement_groups.rb
+lib/ec2/right_ec2_windows_mobility.rb
+lib/ec2/right_ec2_tags.rb
 lib/right_aws.rb
 lib/s3/right_s3.rb
 lib/acw/right_acw_interface.rb
@@ -29,7 +32,14 @@ lib/sqs/right_sqs_interface.rb
 lib/acf/right_acf_interface.rb
 lib/acf/right_acf_streaming_interface.rb
 lib/acf/right_acf_origin_access_identities.rb
+lib/acf/right_acf_invalidations.rb
 lib/rds/right_rds_interface.rb
+lib/iam/right_iam_interface.rb
+lib/iam/right_iam_groups.rb
+lib/iam/right_iam_users.rb
+lib/iam/right_iam_access_keys.rb
+lib/iam/right_iam_mfa_devices.rb
+lib/route_53/right_route_53_interface.rb
 test/ec2/test_helper.rb
 test/ec2/test_right_ec2.rb
 test/http_connection.rb

data/README.txt

@@ -68,10 +68,6 @@ concurrent requests to AWS. The way this plays out in practice is:
 Note that due to limitations in the I/O of the Ruby interpreter you
 may not get the degree of parallelism you may expect with the multi-threaded setting.
 
-By default, EC2/S3/SQS/SDB/ACF interface instances are created in single-threaded mode.  Set
-"params[:multi_thread]" to "true" in the initialization arguments to use
-multithreaded mode.
-
 == GETTING STARTED:
 
 * For EC2 read RightAws::Ec2 and consult the Amazon EC2 API documentation at

data/Rakefile

@@ -1,45 +1,39 @@
 # -*- ruby -*-
 
 require 'rubygems'
-require 'hoe'
 require "rake/testtask"
 require 'rcov/rcovtask'
+require 'rake/gempackagetask'
+require 'rake/clean'
 $: << File.dirname(__FILE__)
-require 'lib/right_aws.rb'
-
 testglobs =     ["test/ts_right_aws.rb"]
 
-
-# Suppress Hoe's self-inclusion as a dependency for our Gem.  This also keeps
-# Rake & rubyforge out of the dependency list.  Users must manually install
-# these gems to run tests, etc.
-class Hoe
-  def extra_deps
-    @extra_deps.reject do |x|
-      Array(x).first == 'hoe'
-    end
-  end
+begin
+  require 'bundler'
+rescue LoadError => e
+  STDERR.puts("Bundler is not available, some rake tasks will not be defined: #{e.message}")
+else
+  Bundler::GemHelper.install_tasks
 end
 
-Hoe.new('right_aws', RightAws::VERSION::STRING) do |p|
-  p.rubyforge_name = 'rightaws'
-  p.author = 'RightScale, Inc.'
-  p.email = 'support@rightscale.com'
-  p.summary = 'Interface classes for the Amazon EC2, SQS, and S3 Web Services'
-  p.description = p.paragraphs_of('README.txt', 2..5).join("\n\n")
-  p.url = p.paragraphs_of('README.txt', 0).first.split(/\n/)[1..-1]
-  p.changes = p.paragraphs_of('History.txt', 0..1).join("\n\n")
-  p.remote_rdoc_dir = "/right_aws_gem_doc"
-  p.extra_deps = [['right_http_connection','>= 1.2.1']]
-  p.test_globs = testglobs 
+# == Gem == #
+
+gemtask = Rake::GemPackageTask.new(Gem::Specification.load("right_aws.gemspec")) do |package|
+  package.package_dir = ENV['PACKAGE_DIR'] || 'pkg'
+  package.need_zip = true
+  package.need_tar = true
 end
 
+directory gemtask.package_dir
+
+CLEAN.include(gemtask.package_dir)
+
 desc "Analyze code coverage of the unit tests."
 Rcov::RcovTask.new do |t|
   t.test_files = FileList[testglobs]
   #t.verbose = true     # uncomment to see the executed command
 end
- 
+
 desc "Test just the SQS interface"
 task :testsqs do
   require 'test/test_credentials'

data/lib/acf/right_acf_interface.rb

@@ -38,7 +38,7 @@ module RightAws
   #    [{:status             => "Deployed",
   #      :domain_name        => "d74zzrxmpmygb.6hops.net",
   #      :aws_id             => "E4U91HCJHGXVC",
-  #      :origin             => "my-bucket.s3.amazonaws.com",
+  #      :s3_origin          => {:dns_name=>"bucket-for-konstantin-00.s3.amazonaws.com"},
   #      :cnames             => ["x1.my-awesome-site.net", "x1.my-awesome-site.net"]
   #      :comment            => "My comments",
   #      :last_modified_time => "2008-09-10T17:00:04.000Z" }, ..., {...} ]
@@ -46,16 +46,17 @@ module RightAws
   #  distibution = list.first
   #
   #  info = acf.get_distribution(distibution[:aws_id]) #=>
-  #    {:enabled            => true,
-  #     :caller_reference   => "200809102100536497863003",
-  #     :e_tag              => "E39OHHU1ON65SI",
-  #     :status             => "Deployed",
-  #     :domain_name        => "d3dxv71tbbt6cd.6hops.net",
-  #     :cnames             => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
-  #     :aws_id             => "E2REJM3VUN5RSI",
-  #     :comment            => "Woo-Hoo!",
-  #     :origin             => "my-bucket.s3.amazonaws.com",
-  #     :last_modified_time => "2008-09-10T17:00:54.000Z" }
+  #    {:last_modified_time=>"2010-05-19T18:54:38.242Z",
+  #     :status=>"Deployed",
+  #     :domain_name=>"dpzl38cuix402.cloudfront.net",
+  #     :caller_reference=>"201005181943052207677116",
+  #     :e_tag=>"EJSXFGM5JL8ER",
+  #     :s3_origin=>
+  #      {:dns_name=>"bucket-for-konstantin-eu.s3.amazonaws.com",
+  #       :origin_access_identity=>
+  #        "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"},
+  #     :aws_id=>"E5P8HQ3ZAZIXD",
+  #     :enabled=>false}
   #
   #  config = acf.get_distribution_config(distibution[:aws_id]) #=>
   #    {:enabled          => true,
@@ -63,7 +64,7 @@ module RightAws
   #     :e_tag            => "E39OHHU1ON65SI",
   #     :cnames           => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
   #     :comment          => "Woo-Hoo!",
-  #     :origin           => "my-bucket.s3.amazonaws.com"}
+  #     :s3_origin        => {:dns_name => "my-bucket.s3.amazonaws.com"}}
   #
   #  config[:comment] = 'Olah-lah!'
   #  config[:enabled] = false
@@ -75,7 +76,7 @@ module RightAws
     
     include RightAwsBaseInterface
 
-    API_VERSION      = "2010-03-01"
+    API_VERSION      = "2010-11-01"
     DEFAULT_HOST     = 'cloudfront.amazonaws.com'
     DEFAULT_PORT     = 443
     DEFAULT_PROTOCOL = 'https'
@@ -96,7 +97,6 @@ module RightAws
     # * <tt>:server</tt>: CloudFront service host, default: DEFAULT_HOST
     # * <tt>:port</tt>: CloudFront service port, default: DEFAULT_PORT
     # * <tt>:protocol</tt>: 'http' or 'https', default: DEFAULT_PROTOCOL
-    # * <tt>:multi_thread</tt>: true=HTTP connection per thread, false=per process
     # * <tt>:logger</tt>: for log messages, default: RAILS_DEFAULT_LOGGER else STDOUT
     #
     #  acf = RightAws::AcfInterface.new('1E3GDYEOGFJPIT7XXXXXX','hgTHt68JY07JKUY08ftHYtERkjgtfERn57XXXXXX',
@@ -121,8 +121,8 @@ module RightAws
     # Generates request hash for REST API.
     def generate_request(method, path, params={}, body=nil, headers={})  # :nodoc:
       # Params
-      params.delete_if{ |key, val| val.blank? }
-      unless params.blank?
+      params.delete_if{ |key, val| val.right_blank? }
+      unless params.right_blank?
         path += "?" + params.to_a.collect{ |key,val| "#{AwsUtils::amz_escape(key)}=#{AwsUtils::amz_escape(val.to_s)}" }.join("&")
       end
       # Headers
@@ -133,7 +133,7 @@ module RightAws
       headers['Authorization'] = "AWS #{@aws_access_key_id}:#{signature}"
       # Request
       path    = "#{@params[:service]}#{@params[:api_version]}/#{path}"
-      request = "Net::HTTP::#{method.capitalize}".constantize.new(path)
+      request = "Net::HTTP::#{method.capitalize}".right_constantize.new(path)
       request.body = body if body
       # Set request headers
       headers.each { |key, value| request[key.to_s] = value }
@@ -154,14 +154,6 @@ module RightAws
     #      Helpers:
     #-----------------------------------------------------------------
 
-    def self.escape(text) # :nodoc:
-      REXML::Text::normalize(text)
-    end
-
-    def self.unescape(text) # :nodoc:
-      REXML::Text::unnormalize(text)
-    end
-
     def generate_call_reference # :nodoc:
       result = Time.now.strftime('%Y%m%d%H%M%S')
       10.times{ result << rand(10).to_s }
@@ -175,31 +167,30 @@ module RightAws
     end
 
     def distribution_config_to_xml(config, xml_wrapper='DistributionConfig') # :nodoc:
-      cnames = ''
-      logging = ''
-      origin_access_identity = ''
-      trusted_signers = ''
+      cnames = logging = trusted_signers = s3_origin = custom_origin = default_root_object = ''
       # CNAMES
-      unless config[:cnames].blank?
+      unless config[:cnames].right_blank?
         Array(config[:cnames]).each { |cname| cnames += "  <CNAME>#{cname}</CNAME>\n" }
       end
       # Logging
-      unless config[:logging].blank?
+      unless config[:logging].right_blank?
         logging = "  <Logging>\n" +
                   "    <Bucket>#{config[:logging][:bucket]}</Bucket>\n" +
                   "    <Prefix>#{config[:logging][:prefix]}</Prefix>\n" +
                   "  </Logging>\n"
       end
-      # Origin Access Identity
-      unless config[:origin_access_identity].blank?
-        origin_access_identity = config[:origin_access_identity]
-        unless origin_access_identity[%r{^origin-access-identity}]
-          origin_access_identity = "origin-access-identity/cloudfront/#{origin_access_identity}"
-        end
-        origin_access_identity = "  <OriginAccessIdentity>#{origin_access_identity}</OriginAccessIdentity>\n"
+      unless config[:required_protocols].right_blank?
+        required_protocols = "  <RequiredProtocols>\n" +
+                             "    <Protocol>#{config[:required_protocols]}</Protocol>\n" +
+                             "  </RequiredProtocols>\n"
+      else required_protocols = ""
+      end
+      # Default Root Object
+      unless config[:default_root_object].right_blank?
+        default_root_object = "  <DefaultRootObject>#{config[:default_root_object]}</DefaultRootObject>\n" unless config[:default_root_object].right_blank?
       end
       # Trusted Signers
-      unless config[:trusted_signers].blank?
+      unless config[:trusted_signers].right_blank?
         trusted_signers = "  <TrustedSigners>\n"
         Array(config[:trusted_signers]).each do |trusted_signer|
           trusted_signers += if trusted_signer.to_s[/self/i]
@@ -210,18 +201,48 @@ module RightAws
         end
         trusted_signers += "  </TrustedSigners>\n"
       end
-
+      # S3Origin
+      unless config[:s3_origin].right_blank?
+        origin_access_identity = ''
+        # Origin Access Identity
+        unless config[:s3_origin][:origin_access_identity].right_blank?
+          origin_access_identity = config[:s3_origin][:origin_access_identity]
+          unless origin_access_identity[%r{^origin-access-identity}]
+            origin_access_identity = "origin-access-identity/cloudfront/#{origin_access_identity}"
+          end
+          origin_access_identity = "    <OriginAccessIdentity>#{origin_access_identity}</OriginAccessIdentity>\n"
+        end
+        s3_origin = "  <S3Origin>\n" +
+                    "    <DNSName>#{config[:s3_origin][:dns_name]}</DNSName>\n" +
+                    "#{origin_access_identity}" +
+                    "  </S3Origin>\n"
+      end
+      # Custom Origin
+      unless config[:custom_origin].right_blank?
+        http_port = https_port = origin_protocol_policy = ''
+        http_port              = "    <HTTPPort>#{config[:custom_origin][:http_port]}</HTTPPort>\n"                                      unless config[:custom_origin][:http_port].right_blank?
+        https_port             = "    <HTTPSPort>#{config[:custom_origin][:https_port]}</HTTPSPort>"                                     unless config[:custom_origin][:https_port].right_blank?
+        origin_protocol_policy = "    <OriginProtocolPolicy>#{config[:custom_origin][:origin_protocol_policy]}</OriginProtocolPolicy>\n" unless config[:custom_origin][:origin_protocol_policy].right_blank?
+        custom_origin = "  <CustomOrigin>\n" +
+                        "    <DNSName>#{config[:custom_origin][:dns_name]}</DNSName>\n" +
+                        "#{http_port}" +
+                        "#{https_port}" +
+                        "#{origin_protocol_policy}" +
+                        "  </CustomOrigin>\n"
+      end
       # XML
-      "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
+      "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"                                +
       "<#{xml_wrapper} xmlns=\"http://#{@params[:server]}/doc/#{API_VERSION}/\">\n" +
-      "  <Origin>#{config[:origin]}</Origin>\n" +
-      "  <CallerReference>#{config[:caller_reference]}</CallerReference>\n" +
-      "  <Comment>#{AcfInterface::escape(config[:comment].to_s)}</Comment>\n" +
+      "  <CallerReference>#{config[:caller_reference]}</CallerReference>\n"         +
+      "  <Comment>#{AwsUtils::xml_escape(config[:comment].to_s)}</Comment>\n"       +
       "  <Enabled>#{config[:enabled]}</Enabled>\n" +
-      cnames  +
-      logging +
-      origin_access_identity +
-      trusted_signers +
+      s3_origin           +
+      custom_origin       +
+      default_root_object +
+      cnames              +
+      logging             +
+      required_protocols  +
+      trusted_signers     +
       "</#{xml_wrapper}>"
     end
 
@@ -233,13 +254,13 @@ module RightAws
     # Returns an array of distributions or RightAws::AwsError exception.
     #
     #  acf.list_distributions #=>
-    #    [{:status             => "Deployed",
-    #      :domain_name        => "d74zzrxmpmygb.6hops.net",
-    #      :aws_id             => "E4U91HCJHGXVC",
-    #      :cnames             => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
-    #      :origin             => "my-bucket.s3.amazonaws.com",
-    #      :comment            => "My comments",
-    #      :last_modified_time => Wed Sep 10 17:00:04 UTC 2008 }, ..., {...} ]
+    #    [{:status=>"Deployed",
+    #      :domain_name=>"dgmde.6os.net",
+    #      :comment=>"ONE LINE OF COMMENT",
+    #      :last_modified_time=>"2009-06-16T16:10:02.210Z",
+    #      :s3_origin=>{:dns_name=>"example.s3.amazonaws.com"},
+    #      :aws_id=>"12Q05OOMFN7SYL",
+    #      :enabled=>true}, ... ]
     #
     def list_distributions
       result = []
@@ -259,7 +280,7 @@ module RightAws
     #      {:distributions=>
     #        [{:status=>"Deployed",
     #          :aws_id=>"E2Q0AOOMFNPSYL",
-    #          :origin=>"my-bucket.s3.amazonaws.com",
+    #          :s3_origin=>{:dns_name=>"example.s3.amazonaws.com"},
     #          :domain_name=>"d1s5gmdtmafnre.6hops.net",
     #          :comment=>"ONE LINE OF COMMENT",
     #          :last_modified_time=>"2008-10-22T19:31:23.000Z",
@@ -288,7 +309,7 @@ module RightAws
         link = generate_request('GET', 'distribution', opts)
         last_response = request_info(link,  AcfDistributionListParser.new(:logger => @logger))
         opts['Marker'] = last_response[:next_marker]
-        break unless block && block.call(last_response) && !last_response[:next_marker].blank?
+        break unless block && block.call(last_response) && !last_response[:next_marker].right_blank?
       end 
       last_response 
     end
@@ -296,51 +317,80 @@ module RightAws
     # Create a new distribution.
     # Returns the just created distribution or RightAws::AwsError exception.
     #
-    #  acf.create_distribution('my-bucket.s3.amazonaws.com', 'Woo-Hoo!', true, ['web1.my-awesome-site.net'], nil,
-    #                          { :prefix=>"log/", :bucket=>"my-logs.s3.amazonaws.com" } ) #=>
-    #    {:comment            => "Woo-Hoo!",
-    #     :enabled            => true,
-    #     :location           => "https://cloudfront.amazonaws.com/2008-06-30/distribution/E2REJM3VUN5RSI",
-    #     :status             => "InProgress",
-    #     :aws_id             => "E2REJM3VUN5RSI",
-    #     :domain_name        => "d3dxv71tbbt6cd.6hops.net",
-    #     :origin             => "my-bucket.s3.amazonaws.com",
-    #     :cnames             => ["web1.my-awesome-site.net"],
-    #     :logging            => { :prefix => "log/",
-    #                              :bucket => "my-logs.s3.amazonaws.com"},
-    #     :last_modified_time => "2008-10-22T19:31:23.000Z",
-    #     :caller_reference   => "200809102100536497863003"}
+    #  # S3 Origin
     #
-    def create_distribution(origin, comment='', enabled=true, cnames=[], caller_reference=nil, logging={})
-      config = { :origin  => origin,
-                 :comment => comment,
-                 :enabled => enabled,
-                 :cnames  => Array(cnames),
-                 :caller_reference => caller_reference }
-      config[:logging] = logging unless logging.blank?
-      create_distribution_by_config(config)
-    end
-
-    def create_distribution_by_config(config)
+    #  config =  { :comment   => "kd: delete me please",
+    #              :s3_origin => { :dns_name               => "devs-us-east.s3.amazonaws.com",
+    #                              :origin_access_identity => "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"},
+    #              :enabled   => true,
+    #              :logging   => { :prefix => "kd/log/",
+    #                              :bucket => "devs-us-west.s3.amazonaws.com"}}
+    #  acf.create_distribution(config) #=>
+    #    { :status=>"InProgress",
+    #      :enabled=>true,
+    #      :caller_reference=>"201012071910051044304704",
+    #      :logging=>{:prefix=>"kd/log/", :bucket=>"devs-us-west.s3.amazonaws.com"},
+    #      :e_tag=>"ESCTG5WJCFWJK",
+    #      :location=> "https://cloudfront.amazonaws.com/2010-11-01/distribution/E3KUBANZ7N1B2",
+    #      :comment=>"kd: delete me please",
+    #      :domain_name=>"d3stykk6upgs20.cloudfront.net",
+    #      :aws_id=>"E3KUBANZ7N1B2",
+    #      :s3_origin=>
+    #        {:origin_access_identity=>"origin-access-identity/cloudfront/E3JPJZ80ZBX24G",
+    #         :dns_name=>"devs-us-east.s3.amazonaws.com"},
+    #      :last_modified_time=>"2010-12-07T16:10:07.087Z",
+    #      :in_progress_invalidation_batches=>0}
+    #
+    #  # Custom Origin
+    #
+    #    custom_config = { :comment       => "kd: delete me please",
+    #                      :custom_origin => { :dns_name  => "custom_origin.my-site.com",
+    #                                          :http_port => 80,
+    #                                          :https_port => 443,
+    #                                          :origin_protocol_policy => 'match-viewer' },
+    #                      :enabled       => true,
+    #                      :logging       => { :prefix => "kd/log/",
+    #                                          :bucket => "my-bucket.s3.amazonaws.com"}} #=>
+    #    { :last_modified_time=>"2010-12-08T14:23:43.522Z",
+    #      :status=>"InProgress",
+    #      :custom_origin=>
+    #        {:http_port=>"80",
+    #        :https_port=>"443",
+    #        :origin_protocol_policy=>"match-viewer",
+    #        :dns_name=>"custom_origin.my-site.com"},
+    #      :enabled=>true,
+    #      :caller_reference=>"201012081723428499167245",
+    #      :in_progress_invalidation_batches=>0,
+    #      :e_tag=>"E1ZCJ8N5E52KO6",
+    #      :location=>
+    #        "https://cloudfront.amazonaws.com/2010-11-01/distribution/EK0AJ4RMNIF2P",
+    #      :logging=>{:prefix=>"kd/log/", :bucket=>"my-bucket.s3.amazonaws.com"},
+    #      :domain_name=>"do36k7s2wxklg.cloudfront.net",
+    #      :comment=>"kd: delete me please",
+    #      :aws_id=>"EK0AJ4RMNIF2P"}
+    #
+    def create_distribution(config)
       config[:caller_reference] ||= generate_call_reference
       link = generate_request('POST', 'distribution', {}, distribution_config_to_xml(config))
       merge_headers(request_info(link, AcfDistributionListParser.new(:logger => @logger))[:distributions].first)
     end
+    alias_method :create_distribution_by_config, :create_distribution
 
     # Get a distribution's information.
     # Returns a distribution's information or RightAws::AwsError exception.
     #
     #  acf.get_distribution('E2REJM3VUN5RSI') #=>
-    #    {:enabled            => true,
-    #     :caller_reference   => "200809102100536497863003",
-    #     :e_tag              => "E39OHHU1ON65SI",
-    #     :status             => "Deployed",
-    #     :domain_name        => "d3dxv71tbbt6cd.6hops.net",
-    #     :cnames             => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
-    #     :aws_id             => "E2REJM3VUN5RSI",
-    #     :comment            => "Woo-Hoo!",
-    #     :origin             => "my-bucket.s3.amazonaws.com",
-    #     :last_modified_time => "2008-09-10T17:00:54.000Z" }
+    #    {:last_modified_time=>"2010-05-19T18:54:38.242Z",
+    #     :status=>"Deployed",
+    #     :domain_name=>"dpzl38cuix402.cloudfront.net",
+    #     :caller_reference=>"201005181943052207677116",
+    #     :e_tag=>"EJSXFGM5JL8ER",
+    #     :s3_origin=>
+    #      {:dns_name=>"bucket-for-konstantin-eu.s3.amazonaws.com",
+    #       :origin_access_identity=>
+    #        "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"},
+    #     :aws_id=>"E5P8HQ3ZAZIXD",
+    #     :enabled=>false}
     #
     #  acf.get_distribution('E2FNSBHNVVF11E') #=>
     #    {:e_tag=>"E1Q2DJEPTQOLJD",
@@ -357,9 +407,11 @@ module RightAws
     #       {:aws_account_number=>"648772220000"}],
     #     :caller_reference=>"201004171154450740700072",
     #     :domain_name=>"d1f6lpevremt5m.cloudfront.net",
-    #     :origin_access_identity=>"origin-access-identity/cloudfront/E3JPJZ80ZBX24G",
-    #     :trusted_signers=>["self", "648772220000", "120288270000"],
-    #     :origin=>"my-bucket.s3.amazonaws.com"}
+    #     :s3_origin=>
+    #      {:dns_name=>"bucket-for-konstantin-eu.s3.amazonaws.com",
+    #       :origin_access_identity=>
+    #        "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"},
+    #     :trusted_signers=>["self", "648772220000", "120288270000"]}
     #
     def get_distribution(aws_id)
       link = generate_request('GET', "distribution/#{aws_id}")
@@ -370,21 +422,24 @@ module RightAws
     # Returns a distribution's configuration or RightAws::AwsError exception.
     #
     #  acf.get_distribution_config('E2REJM3VUN5RSI') #=>
-    #    {:enabled          => true,
-    #     :caller_reference => "200809102100536497863003",
-    #     :e_tag            => "E39OHHU1ON65SI",
-    #     :cnames           => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
-    #     :comment          => "Woo-Hoo!",
-    #     :origin           => "my-bucket.s3.amazonaws.com"}
+    #    {:caller_reference=>"201005181943052207677116",
+    #     :e_tag=>"EJSXFGM5JL8ER",
+    #     :s3_origin=>
+    #      {:dns_name=>"bucket-for-konstantin-eu.s3.amazonaws.com",
+    #       :origin_access_identity=>
+    #        "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"},
+    #     :enabled=>false}
     #
     #  acf.get_distribution_config('E2FNSBHNVVF11E') #=>
     #    {:e_tag=>"E1Q2DJEPTQOLJD",
     #     :logging=>{:prefix=>"xlog/", :bucket=>"my-bucket.s3.amazonaws.com"},
     #     :enabled=>true,
     #     :caller_reference=>"201004171154450740700072",
-    #     :origin_access_identity=>"origin-access-identity/cloudfront/E3JPJZ80ZBX24G",
     #     :trusted_signers=>["self", "648772220000", "120288270000"],
-    #     :origin=>"my-bucket.s3.amazonaws.com"}
+    #     :s3_origin=>
+    #      {:dns_name=>"bucket-for-konstantin-eu.s3.amazonaws.com",
+    #       :origin_access_identity=>
+    #        "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"}}
     #
     def get_distribution_config(aws_id)
       link = generate_request('GET', "distribution/#{aws_id}/config")
@@ -392,7 +447,6 @@ module RightAws
     end
 
     # Set a distribution's configuration 
-    # (the :origin and the :caller_reference cannot be changed).
     # Returns +true+ on success or RightAws::AwsError exception.
     #
     #  config = acf.get_distribution_config('E2REJM3VUN5RSI') #=>
@@ -401,13 +455,13 @@ module RightAws
     #     :e_tag            => "E39OHHU1ON65SI",
     #     :cnames           => ["web1.my-awesome-site.net", "web2.my-awesome-site.net"]
     #     :comment          => "Woo-Hoo!",
-    #     :origin           => "my-bucket.s3.amazonaws.com"}
+    #     :s3_origin        => { :dns_name => "my-bucket.s3.amazonaws.com"}}
     #
     #  config[:comment]                = 'Olah-lah!'
     #  config[:enabled]                = false
-    #  config[:origin_access_identity] = "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"
+    #  config[:s3_origin][:origin_access_identity] = "origin-access-identity/cloudfront/E3JPJZ80ZBX24G"
     #  # or just
-    #  # config[:origin_access_identity] = "E3JPJZ80ZBX24G"
+    #  # config[:s3_origin][:origin_access_identity] = "E3JPJZ80ZBX24G"
     #  config[:trusted_signers]        = ['self', '648772220000', '120288270000']
     #  config[:logging]                = { :bucket => 'my-bucket.s3.amazonaws.com', :prefix => 'xlog/' }
     #  
@@ -446,38 +500,48 @@ module RightAws
              %r{^(Streaming)?Distribution$},
              %r{^(Streaming)?DistributionConfig$}
           @distribution = { }
+        when %r{/S3Origin$}     then @distribution[:s3_origin] = {}
+        when %r{/CustomOrigin$} then @distribution[:custom_origin] = {}
         end
       end
       def tagend(name)
         case name
-          when 'Marker'      then @result[:marker]       = @text
-          when 'NextMarker'  then @result[:next_marker]  = @text
-          when 'MaxItems'    then @result[:max_items]    = @text.to_i
-          when 'IsTruncated' then @result[:is_truncated] = (@text == 'true')
-          when 'Id'               then @distribution[:aws_id]             = @text
-          when 'Status'           then @distribution[:status]             = @text
-          when 'LastModifiedTime' then @distribution[:last_modified_time] = @text
-          when 'DomainName'       then @distribution[:domain_name]        = @text
-          when 'Origin'           then @distribution[:origin]             = @text
-          when 'Comment'          then @distribution[:comment]            = AcfInterface::unescape(@text)
-          when 'CallerReference'  then @distribution[:caller_reference]   = @text
-          when 'CNAME'            then (@distribution[:cnames] ||= [])   << @text
-          when 'Enabled'          then @distribution[:enabled]            = (@text == 'true')
-          when 'Bucket'           then (@distribution[:logging] ||= {})[:bucket] = @text
-          when 'Prefix'           then (@distribution[:logging] ||= {})[:prefix] = @text
-          when 'OriginAccessIdentity' then @distribution[:origin_access_identity] = @text
-        end
-        case full_tag_name
-        when %r{/TrustedSigners/Self$}             then (@distribution[:trusted_signers] ||= []) << 'self'
-        when %r{/TrustedSigners/AwsAccountNumber$} then (@distribution[:trusted_signers] ||= []) << @text
-        when %r{/Signer/Self$}                     then @active_signer[:aws_account_number] = 'self'
-        when %r{/Signer/AwsAccountNumber$}         then @active_signer[:aws_account_number] = @text
-        when %r{/Signer/KeyPairId$}                then (@active_signer[:key_pair_ids] ||= []) << @text
-        when %r{/Signer$}                          then (@distribution[:active_trusted_signers] ||= []) << @active_signer
-        when %r{(Streaming)?DistributionSummary$},
-             %r{^(Streaming)?Distribution$},
-             %r{^(Streaming)?DistributionConfig$}
-          @result[:distributions] << @distribution
+        when 'Marker'           then @result[:marker]       = @text
+        when 'NextMarker'       then @result[:next_marker]  = @text
+        when 'MaxItems'         then @result[:max_items]    = @text.to_i
+        when 'IsTruncated'      then @result[:is_truncated] = (@text == 'true')
+        when 'Id'               then @distribution[:aws_id]                    = @text
+        when 'Status'           then @distribution[:status]                    = @text
+        when 'LastModifiedTime' then @distribution[:last_modified_time]        = @text
+        when 'DomainName'       then @distribution[:domain_name]               = @text
+        when 'Comment'          then @distribution[:comment]                   = AwsUtils::xml_unescape(@text)
+        when 'CallerReference'  then @distribution[:caller_reference]          = @text
+        when 'CNAME'            then (@distribution[:cnames] ||= [])          << @text
+        when 'Enabled'          then @distribution[:enabled]                   = (@text == 'true')
+        when 'Bucket'           then (@distribution[:logging] ||= {})[:bucket] = @text
+        when 'Prefix'           then (@distribution[:logging] ||= {})[:prefix] = @text
+        when 'Protocol'         then (@distribution[:required_protocols] ||= {})[:protocol]        = @text
+        when 'InProgressInvalidationBatches' then @distribution[:in_progress_invalidation_batches] = @text.to_i
+        when 'DefaultRootObject'             then @distribution[:default_root_object]              = @text
+        else
+          case full_tag_name
+          when %r{/S3Origin/DNSName$}                  then @distribution[:s3_origin][:dns_name]                   = @text
+          when %r{/S3Origin/OriginAccessIdentity$}     then @distribution[:s3_origin][:origin_access_identity]     = @text
+          when %r{/CustomOrigin/DNSName$}              then @distribution[:custom_origin][:dns_name]               = @text
+          when %r{/CustomOrigin/HTTPPort}              then @distribution[:custom_origin][:http_port]              = @text
+          when %r{/CustomOrigin/HTTPSPort$}            then @distribution[:custom_origin][:https_port]             = @text
+          when %r{/CustomOrigin/OriginProtocolPolicy$} then @distribution[:custom_origin][:origin_protocol_policy] = @text
+          when %r{/TrustedSigners/Self$}               then (@distribution[:trusted_signers] ||= [])              << 'self'
+          when %r{/TrustedSigners/AwsAccountNumber$}   then (@distribution[:trusted_signers] ||= [])              << @text
+          when %r{/Signer/Self$}                       then @active_signer[:aws_account_number]                    = 'self'
+          when %r{/Signer/AwsAccountNumber$}           then @active_signer[:aws_account_number]                    = @text
+          when %r{/Signer/KeyPairId$}                  then (@active_signer[:key_pair_ids] ||= [])                << @text
+          when %r{/Signer$}                            then (@distribution[:active_trusted_signers] ||= [])       << @active_signer
+          when %r{(Streaming)?DistributionSummary$},
+               %r{^(Streaming)?Distribution$},
+               %r{^(Streaming)?DistributionConfig$}
+            @result[:distributions] << @distribution
+          end
         end
       end
     end