Merge branch 'master' of github.com:aws/aws-sdk-ruby into feature/v4-…

…signer-whitelist-header

.gitignore

@@ -1,3 +1,4 @@
+.byebug_history
 /.bundle
 /.yardoc
 /*.gem

CHANGELOG.md

@@ -1,6 +1,100 @@
 Unreleased Changes
 ------------------
 
+2.4.4 (2016-07-28)
+------------------
+
+* Feature - Aws::APIGateway - Updated the API, and documentation for Amazon API Gateway.
+
+* Feature - Aws::CognitoIdentityProvider - Updated the API, and documentation for Amazon Cognito Identity Provider.
+
+* Feature - Aws::DirectoryService - Updated the API, and documentation for AWS Directory Service.
+
+* Feature - Aws::EC2 - Updated the API, and documentation for Amazon Elastic Compute Cloud.
+
+* Feature - Aws::SES - Updated the documentation for Amazon Simple Email Service.
+
+* Feature - Aws::ElasticsearchService - Updated the API, and documentation for Amazon Elasticsearch Service.
+
+* Feature - Aws::CloudWatch - Updated the documentation for Amazon CloudWatch.
+
+* Feature - Aws::STS - Updated the documentation for AWS Security Token Service.
+
+* Feature - Aws::CodeDeploy - Updated the waiters for AWS CodeDeploy.
+
+2.4.3 (2016-07-26)
+------------------
+
+* Feature - Aws::IoT - This update adds support for thing types. Thing types are entities that store a description of common features of Things that are of the same logical type.
+
+* Issue - Aws::AutoScaling - Resolved an issue with the `:group_in_service` waiter.
+
+  See related [GitHub issue #1252](https://github.com/aws/aws-sdk-ruby/issues/1252).
+
+* Issue - Aws::S3 - Resolved an issue with uploading unlinked Tempfile objects.
+
+  See related [GitHub issue #1232](https://github.com/aws/aws-sdk-ruby/issues/1232).
+
+  See related [GitHub pull request #1251](https://github.com/aws/aws-sdk-ruby/pull/1251).
+
+2.4.2 (2016-07-22)
+------------------
+
+* Issue - Aws::SharedConfig - Code wasn't properly respecting the
+  `AWS_SDK_LOAD_CONFIG` flag.
+
+2.4.1 (2016-07-21)
+------------------
+
+* Feature - Aws::ACM - Updated the API, and documentation for AWS Certificate Manager.
+
+* Feature - Aws::ApplicationAutoScaling - Updated the documentation for Application Auto Scaling.
+
+* Feature - Aws::CloudFormation - Updated the API, and documentation for AWS CloudFormation.
+
+* Feature - Aws::ConfigService - Updated the API, and documentation for AWS Config.
+
+* Feature - Aws::ElasticTranscoder - Updated the API, and documentation for Amazon Elastic Transcoder.
+
+* Issue - Aws::SSM - Added missing paginator configuration for `Aws::SSM::Client#describe_instance_information`.
+
+  See related [GitHub issue #1249](https://github.com/aws/aws-sdk-ruby/issues/1249).
+
+* Issue - Configuration - Resolved an that caused a missing `:region` configuration
+  operation to raise an unhelpful `NoMethodError`.
+
+  See related [GitHub issue #1237](https://github.com/aws/aws-sdk-ruby/issues/1237).
+
+* Issue - Networking Errors - Now providing helpful error messages when recieving
+  a SocketError that appears to be caused by an invalid `:region` or `:endpoint`
+  option.
+
+  See related [GitHub pull request #1246](https://github.com/aws/aws-sdk-ruby/pull/1246).
+
+2.4.0 (2016-07-19)
+------------------
+
+* Feature - Aws::SharedConfig - This change adds support for a selection of AWS
+  CLI configuration values that have potential uses within the AWS SDK for Ruby.
+  These features include "Assume Role" support in the default credential
+  provider chain using values from configuration, default region selection, and
+  loading configuration values from the `~/.aws/config` shared configuration
+  file. Since these features can change default behavior, you must opt-in to
+  these features by setting the `AWS_SDK_LOAD_CONFIG` environment variable.
+
+* Feature - Aws::DeviceFarm - Add support for managing remote access sessions.
+
+* Feature - Aws::SSM - Added notification support.
+
+2.3.22 (2016-07-13)
+------------------
+
+* Feature - Aws::ECS - This change allows users to configure an IAM Role ARN that containers can assume in their tasks.
+
+* Feature - Aws::DatabaseMigrationService - Updated the API, and documentation for AWS Database Migration Service.
+
+* Feature - Aws::RDS - Updated the API, and documentation for Amazon Relational Database Service.
+
 2.3.21 (2016-07-07)
 ------------------
 
@@ -235,17 +329,6 @@ Unreleased Changes
 2.3.4 (2016-05-12)
 ------------------
 
-* Feature - Aws::CloudFront - Added support for signing CloudFront URLs.
-
-  ```ruby
-  signer = Aws::CloudFront::UrlSigner.new
-  signer.signed_url(url,
-    key_pair_id: "cf-keypair-id",
-    private_key_path: "./cf_private_key.pem"
-  )
-  #=> "http://..."
-  ```
-
 * Feature - Aws::ApplicationDiscoveryService - Added support for the new
   AWS Application Discovery Service.
 

FEATURE_REQUESTS.md

@@ -181,18 +181,6 @@ Adding a retry limit for instance profile credentials might be a possible soluti
 
 See [related GitHub issue #717](https://github.com/aws/aws-sdk-ruby/issues/717).
 
-### Add Region Enumeration
-
-Add the ability to programmatically determine what region a specific service is available in. Some useful interfaces include:
-
-* pass the service name; return a list of supported regions
-* pass a region; return a list of supported services.
-* pass service_name and region; return true/false if region supports that service
-
-This feature would be an interface for the information provided here http://docs.aws.amazon.com/general/latest/gr/rande.html#ct_region
-
-See [related GitHub issue #926](https://github.com/aws/aws-sdk-ruby/issues/926).
-
 ### Progress callbacks for Amazon S3 Object uploads
 
 To enable users to track file upload process, it would be helpful to support a progress callback for `Aws::S3::Object#upload_file`.
@@ -205,12 +193,6 @@ The `#predict` operation of `Aws::MachineLearning::Client` accepts a map of stri
 
 See [related GitHub issue #878](https://github.com/aws/aws-sdk-ruby/issues/878).
 
-### Support Assume Role Credentials from Shared Credentials File
-
-You can currently only configure an access key id, secret access key, and session token in the shared credentials file, `~/.aws/credentials`. It would be useful if you could also specify a role to assume similar to how the CLI supports.
-
-See [related GitHub issue #910](https://github.com/aws/aws-sdk-ruby/issues/910).
-
 ### Support Raw credential objects from AWS API responses in config
 
 See [related GitHub issue #1009](https://github.com/aws/aws-sdk-ruby/issues/1009).

Gemfile

@@ -32,7 +32,7 @@ group :test do
 end
 
 group :docs do
-  gem 'yard', :git => 'https://github.com/trevorrowe/yard.git', branch: 'frameless'
+  gem 'yard', '0.9.5'
   gem 'yard-sitemap', '~> 1.0'
   gem 'rdiscount'
   gem 'kramdown' # using this to fix poorly formatted HTML in API docs

README.md

@@ -8,13 +8,11 @@ This is version 2 of the `aws-sdk` gem.  **Version 1 can be found in the
 
 ## Links of Interest
 
-* [Documentation](http://docs.aws.amazon.com/sdkforruby/api/frames.html)
+* [Developer Guide](http://docs.aws.amazon.com/sdk-for-ruby/latest/DeveloperGuide/aws-ruby-sdk-about-ruby-sdk.html)
+* [API Docs](http://docs.aws.amazon.com/sdkforruby/api/frames.html)
 * [Change Log](https://github.com/aws/aws-sdk-ruby/blob/master/CHANGELOG.md)
 * [Upgrading Notes](https://github.com/aws/aws-sdk-ruby/blob/master/UPGRADING.md)
-* [Issues](https://github.com/aws/aws-sdk-ruby/issues)
-* [Feature Requests](https://github.com/aws/aws-sdk-ruby/blob/master/FEATURE_REQUESTS.md)
 * [Gitter Channel](https://gitter.im/aws/aws-sdk-ruby)
-* [License](http://aws.amazon.com/apache2.0/)
 
 ## NameError: uninitialized constant AWS
 
@@ -41,12 +39,15 @@ You need to configure `:credentials` and a `:region` to make API calls. It is re
 The SDK searches the following locations for credentials:
 
 * `ENV['AWS_ACCESS_KEY_ID']` and `ENV['AWS_SECRET_ACCESS_KEY']`
+* If `ENV['AWS_SDK_LOAD_CONFIG']` is set, the shared configuration files (`~/.aws/credentials` and `~/.aws/config`) will be checked for a `role_arn` and `source_profile`, which if present will be used to attempt to assume a role.
 * The shared credentials ini file at `~/.aws/credentials` ([more information](http://blogs.aws.amazon.com/security/post/Tx3D6U6WSFGOK2H/A-New-and-Standardized-Way-to-Manage-Credentials-in-the-AWS-SDKs))
-* From an instance profile when running on EC2
+    * If `ENV['AWS_SDK_LOAD_CONFIG']` is set, the shared configuration ini file at `~/.aws/config` will also be parsed for credentials.
+* From an instance profile when running on EC2, or from the ECS credential provider when running in an ECS container with that feature enabled.
 
 The SDK searches the following locations for a region:
 
 * `ENV['AWS_REGION']`
+* If `ENV['AWS_SDK_LOAD_CONFIG']` is set, the shared configuration files (`~/.aws/credentials` and `~/.aws/config`) will also be checked for a region selection.
 
 **The region is used to construct an SSL endpoint**. If you need to connect to a non-standard endpoint, you may specify the `:endpoint` option.
 

UPGRADING.md

@@ -1,5 +1,43 @@
 # Upgrade Notes
 
+## `aws-sdk-core` - v2.5.0
+
+* Due to customer requests, and an analysis of the tradeoffs, we're changing the
+  shared configuration features from an opt-in feature to an opt-out feature.
+  With this version, the changes to default region support and to the default
+  credential provider chain are on by default, and the `AWS_SDK_LOAD_CONFIG`
+  environment variable will not be used for any purpose.
+
+  If you wish to opt-out of the new functionality for backwards compatibility
+  reasons, set the `AWS_SDK_CONFIG_OPT_OUT` environment variable to any value.
+  That will return shared configuration and credential provider chain behavior
+  to the behaviors present before version `2.4.0` of the SDK.
+
+## `aws-sdk-core` - v2.4.0
+
+* We are adding support for the shared configuration file used by the CLI,
+  `~/.aws/config`. This support provides new credential sources for the default
+  credential provider chain, and for default region selection. Since these
+  changes could technically be a breaking change to default (and commonly used)
+  behavior, there is a feature flag around this functionality.
+
+  To use these new features, you must set the `AWS_SDK_LOAD_CONFIG` environment
+  variable. If not set, the existing default behavior will continue.
+
+  Two other upgrading notes are worth keeping in mind for this release:
+
+  * Private interfaces regarding handling of configuration were changed for this
+    feature. Those interfaces were marked `@api private`, signifying that they
+    should not have been used outside the SDK for development. If you were
+    using those classes and functions, you may experience breakage from this
+    change.
+  * The INI Parser for the shared credential file does have a behavior change
+    that could break existing files. The old parser was insensitive to leading
+    whitespace, but maintaining that behavior can cause unexpected results. It
+    should have been whitespace sensitive all along. If you find behavior
+    changes after upgrading, remove leading whitespace from your shared
+    credential files.
+
 ## `aws-sdk-core` - v2.3.0
 
 * We have replaced the previous `endpoints.json` document that shipped with

VERSION

@@ -1 +1 @@
-2.3.21
+2.4.4

aws-sdk-core/apis/acm/2015-12-08/api-2.json

@@ -177,7 +177,8 @@
         "NotAfter":{"shape":"TStamp"},
         "KeyAlgorithm":{"shape":"KeyAlgorithm"},
         "SignatureAlgorithm":{"shape":"String"},
-        "InUseBy":{"shape":"InUseList"}
+        "InUseBy":{"shape":"InUseList"},
+        "FailureReason":{"shape":"FailureReason"}
       }
     },
     "CertificateStatus":{
@@ -230,7 +231,7 @@
     "DomainList":{
       "type":"list",
       "member":{"shape":"DomainNameString"},
-      "max":1000,
+      "max":100,
       "min":1
     },
     "DomainNameString":{
@@ -268,9 +269,19 @@
     "DomainValidationOptionList":{
       "type":"list",
       "member":{"shape":"DomainValidationOption"},
-      "max":1000,
+      "max":100,
       "min":1
     },
+    "FailureReason":{
+      "type":"string",
+      "enum":[
+        "NO_AVAILABLE_CONTACTS",
+        "ADDITIONAL_VERIFICATION_REQUIRED",
+        "DOMAIN_NOT_ALLOWED",
+        "INVALID_PUBLIC_DOMAIN",
+        "OTHER"
+      ]
+    },
     "GetCertificateRequest":{
       "type":"structure",
       "required":["CertificateArn"],

aws-sdk-core/apis/acm/2015-12-08/docs-2.json

@@ -137,6 +137,12 @@
         "RequestCertificateRequest$DomainValidationOptions": "<p>The base validation domain that will act as the suffix of the email addresses that are used to send the emails. This must be the same as the <code>Domain</code> value or a superdomain of the <code>Domain</code> value. For example, if you requested a certificate for <code>test.example.com</code> and specify <b>DomainValidationOptions</b> of <code>example.com</code>, ACM sends email to the domain registrant, technical contact, and administrative contact in WHOIS and the following five addresses:</p> <ul> <li> <p>[email protected]</p> </li> <li> <p>[email protected]</p> </li> <li> <p>[email protected]</p> </li> <li> <p>[email protected]</p> </li> <li> <p>[email protected]</p> </li> </ul>"
       }
     },
+    "FailureReason": {
+      "base": null,
+      "refs": {
+        "CertificateDetail$FailureReason": "<p>The reason the certificate request failed. This value exists only when the structure's <code>Status</code> is <code>FAILED</code>. For more information, see <a href=\"http://docs.aws.amazon.com/acm/latest/userguide/troubleshooting.html#troubleshooting-failed\">Certificate Request Failed</a> in the <i>AWS Certificate Manager User Guide</i>.</p>"
+      }
+    },
     "GetCertificateRequest": {
       "base": null,
       "refs": {

aws-sdk-core/apis/apigateway/2015-07-09/api-2.json

@@ -277,7 +277,8 @@
       "errors":[
         {"shape":"UnauthorizedException"},
         {"shape":"NotFoundException"},
-        {"shape":"TooManyRequestsException"}
+        {"shape":"TooManyRequestsException"},
+        {"shape":"BadRequestException"}
       ]
     },
     "DeleteMethod":{
@@ -305,7 +306,8 @@
       "errors":[
         {"shape":"UnauthorizedException"},
         {"shape":"NotFoundException"},
-        {"shape":"TooManyRequestsException"}
+        {"shape":"TooManyRequestsException"},
+        {"shape":"BadRequestException"}
       ]
     },
     "DeleteModel":{
@@ -918,7 +920,8 @@
         {"shape":"LimitExceededException"},
         {"shape":"NotFoundException"},
         {"shape":"BadRequestException"},
-        {"shape":"TooManyRequestsException"}
+        {"shape":"TooManyRequestsException"},
+        {"shape":"ConflictException"}
       ]
     },
     "TestInvokeAuthorizer":{
@@ -1226,6 +1229,7 @@
         "id":{"shape":"String"},
         "name":{"shape":"String"},
         "type":{"shape":"AuthorizerType"},
+        "providerARNs":{"shape":"ListOfARNs"},
         "authType":{"shape":"String"},
         "authorizerUri":{"shape":"String"},
         "authorizerCredentials":{"shape":"String"},
@@ -1236,7 +1240,10 @@
     },
     "AuthorizerType":{
       "type":"string",
-      "enum":["TOKEN"]
+      "enum":[
+        "TOKEN",
+        "COGNITO_USER_POOLS"
+      ]
     },
     "Authorizers":{
       "type":"structure",
@@ -1342,7 +1349,6 @@
         "restApiId",
         "name",
         "type",
-        "authorizerUri",
         "identitySource"
       ],
       "members":{
@@ -1353,6 +1359,7 @@
         },
         "name":{"shape":"String"},
         "type":{"shape":"AuthorizerType"},
+        "providerARNs":{"shape":"ListOfARNs"},
         "authType":{"shape":"String"},
         "authorizerUri":{"shape":"String"},
         "authorizerCredentials":{"shape":"String"},
@@ -2461,6 +2468,10 @@
       "error":{"httpStatusCode":429},
       "exception":true
     },
+    "ListOfARNs":{
+      "type":"list",
+      "member":{"shape":"ProviderARN"}
+    },
     "ListOfApiKey":{
       "type":"list",
       "member":{"shape":"ApiKey"}
@@ -2646,6 +2657,7 @@
       "key":{"shape":"String"},
       "value":{"shape":"MapOfMethodSnapshot"}
     },
+    "ProviderARN":{"type":"string"},
     "PutIntegrationRequest":{
       "type":"structure",
       "required":[
@@ -2962,7 +2974,8 @@
         "latency":{"shape":"Long"},
         "principalId":{"shape":"String"},
         "policy":{"shape":"String"},
-        "authorization":{"shape":"MapOfStringToList"}
+        "authorization":{"shape":"MapOfStringToList"},
+        "claims":{"shape":"MapOfStringToString"}
       }
     },
     "TestInvokeMethodRequest":{