From 120c6ce3443f010a9f19766b7b7ec2ed9d457ad5 Mon Sep 17 00:00:00 2001 From: Aapo Talvensaari Date: Tue, 19 Sep 2023 17:50:49 +0300 Subject: [PATCH] release 1.3.5 (#88) --- README.md | 6 + docs/classes/AWS.html | 3 +- .../ChainableTemporaryCredentials.html | 3 +- docs/classes/CredentialProviderChain.html | 20 +- docs/classes/Credentials.html | 7 +- docs/classes/EC2MetadataCredentials.html | 3 +- docs/classes/EnvironmentCredentials.html | 5 +- docs/classes/RemoteCredentials.html | 3 +- docs/classes/SharedFileCredentials.html | 3 +- .../TokenFileWebIdentityCredentials.html | 3 +- docs/index.html | 2 +- docs/modules/resty.aws.config.html | 72 ++-- .../modules/resty.aws.service.rds.signer.html | 4 +- docs/modules/resty.aws.utils.html | 23 +- docs/topics/README.md.html | 322 ++++++++++-------- 15 files changed, 254 insertions(+), 225 deletions(-) diff --git a/README.md b/README.md index 9f6e2f3..76e05a7 100644 --- a/README.md +++ b/README.md @@ -169,6 +169,12 @@ Release process: 1. upload using: `VERSION=x.y.z APIKEY=abc... make upload` 1. test installing the rock from LuaRocks + +### 1.3.5 (19-Sep-2023) + +- fix: lazily initialize structures to avoid c-boundary errors on require + [87](https://github.com/Kong/lua-resty-aws/pull/87) + ### 1.3.4 (13-Sep-2023) - fix: remove more module-level uses of config.global diff --git a/docs/classes/AWS.html b/docs/classes/AWS.html index b0b9ba6..0e15605 100644 --- a/docs/classes/AWS.html +++ b/docs/classes/AWS.html @@ -67,7 +67,6 @@

Topics

Class AWS

AWS class.

-

@@ -151,7 +150,7 @@

Usage:

generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
diff --git a/docs/classes/ChainableTemporaryCredentials.html b/docs/classes/ChainableTemporaryCredentials.html index a6f0d1a..ab90509 100644 --- a/docs/classes/ChainableTemporaryCredentials.html +++ b/docs/classes/ChainableTemporaryCredentials.html @@ -67,7 +67,6 @@

Topics

Class ChainableTemporaryCredentials

ChainableTemporaryCredentials class.

-

@@ -147,7 +146,7 @@

Usage:

generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
diff --git a/docs/classes/CredentialProviderChain.html b/docs/classes/CredentialProviderChain.html index 9d441dd..244687c 100644 --- a/docs/classes/CredentialProviderChain.html +++ b/docs/classes/CredentialProviderChain.html @@ -67,7 +67,6 @@

Topics

Class CredentialProviderChain

CredentialProviderChain class.

-

@@ -91,19 +90,18 @@

Functions

aws:CredentialProviderChain (opt)
- -

Constructor, inherits from Credentials.

+

Constructor, inherits from Credentials.

The providers array defaults to the following list (in order, not all implemented):

    -
  1. EnvironmentCredentials; envPrefix = 'AWS'

  2. -
  3. EnvironmentCredentials; envPrefix = 'AMAZON'

  4. -
  5. SharedIniFileCredentials

  6. -
  7. RemoteCredentials

  8. -
  9. ProcessCredentials

  10. -
  11. TokenFileWebIdentityCredentials

  12. -
  13. EC2MetadataCredentials (only if AWS_EC2_METADATA_DISABLED hasn't been set to true)

  14. +
  15. EnvironmentCredentials; envPrefix = ‘AWS’

  16. +
  17. EnvironmentCredentials; envPrefix = ‘AMAZON’

  18. +
  19. SharedIniFileCredentials

  20. +
  21. RemoteCredentials

  22. +
  23. ProcessCredentials

  24. +
  25. TokenFileWebIdentityCredentials

  26. +
  27. EC2MetadataCredentials (only if AWS_EC2_METADATA_DISABLED hasn’t been set to true)

@@ -131,7 +129,7 @@

Parameters:

generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
diff --git a/docs/classes/Credentials.html b/docs/classes/Credentials.html index 5ef5b15..8ef2dd9 100644 --- a/docs/classes/Credentials.html +++ b/docs/classes/Credentials.html @@ -162,7 +162,7 @@

Methods

Gets credentials, refreshes if required. - Returns credentials, doesn't take a callback like AWS SDK.

+ Returns credentials, doesn’t take a callback like AWS SDK.

When a refresh is executed, it will be done within a semaphore to prevent many simultaneous refreshes. @@ -232,17 +232,14 @@

Parameters:

  • accessKeyId -
  • secretAccessKey -
  • sessionToken -
  • expireTime (optional) number (unix epoch based), or string (valid rfc 3339) @@ -266,7 +263,7 @@

    Returns:

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
    diff --git a/docs/classes/EC2MetadataCredentials.html b/docs/classes/EC2MetadataCredentials.html index 4780c2b..e9f0bb0 100644 --- a/docs/classes/EC2MetadataCredentials.html +++ b/docs/classes/EC2MetadataCredentials.html @@ -67,7 +67,6 @@

    Topics

    Class EC2MetadataCredentials

    EC2MetadataCredentials class.

    -

    @@ -113,7 +112,7 @@

    Parameters:

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
    diff --git a/docs/classes/EnvironmentCredentials.html b/docs/classes/EnvironmentCredentials.html index b3150a6..403c3a2 100644 --- a/docs/classes/EnvironmentCredentials.html +++ b/docs/classes/EnvironmentCredentials.html @@ -67,7 +67,6 @@

    Topics

    Class EnvironmentCredentials

    EnvironmentCredentials class.

    -

    @@ -105,7 +104,7 @@

    Parameters:

  • opt options table, additional fields to the Credentials class:
    • envPrefix - prefix to use when looking for environment variables, defaults to "AWS". + prefix to use when looking for environment variables, defaults to “AWS”.
    @@ -122,7 +121,7 @@

    Parameters:

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
    diff --git a/docs/classes/RemoteCredentials.html b/docs/classes/RemoteCredentials.html index f99a42b..611e1ff 100644 --- a/docs/classes/RemoteCredentials.html +++ b/docs/classes/RemoteCredentials.html @@ -67,7 +67,6 @@

    Topics

    Class RemoteCredentials

    RemoteCredentials class.

    -

    @@ -113,7 +112,7 @@

    Parameters:

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
    diff --git a/docs/classes/SharedFileCredentials.html b/docs/classes/SharedFileCredentials.html index c744580..80c433a 100644 --- a/docs/classes/SharedFileCredentials.html +++ b/docs/classes/SharedFileCredentials.html @@ -67,7 +67,6 @@

    Topics

    Class SharedFileCredentials

    SharedFileCredentials class.

    -

    @@ -113,7 +112,7 @@

    Parameters:

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
    diff --git a/docs/classes/TokenFileWebIdentityCredentials.html b/docs/classes/TokenFileWebIdentityCredentials.html index 179b311..11fa851 100644 --- a/docs/classes/TokenFileWebIdentityCredentials.html +++ b/docs/classes/TokenFileWebIdentityCredentials.html @@ -67,7 +67,6 @@

    Topics

    Class TokenFileWebIdentityCredentials

    TokenFileWebIdentityCredentials class.

    -

    @@ -128,7 +127,7 @@

    Parameters:

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
    diff --git a/docs/index.html b/docs/index.html index a04a8a1..ebb6f05 100644 --- a/docs/index.html +++ b/docs/index.html @@ -126,7 +126,7 @@

    Topics

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
    diff --git a/docs/modules/resty.aws.config.html b/docs/modules/resty.aws.config.html index 06561ac..ffddda4 100644 --- a/docs/modules/resty.aws.config.html +++ b/docs/modules/resty.aws.config.html @@ -66,10 +66,7 @@

    Topics

    Module resty.aws.config

    Load AWS configuration.

    -

    - - -

    This is based of Configuration and credential file settings +

    This is based of Configuration and credential file settings and Environment variables to configure the AWS CLI.

    NOTE: this configuration resembles the CLI configuration. It is NOT the input object @@ -77,69 +74,66 @@

    Module resty.aws.config

    Usage

    -

    Simply collect the global config table:

    - +

    Simply collect the global config table:

    -local config = require("resty.aws.config").global
    -print("AWS region: ", (config.region or "failed to detect"))
    +local config = require(“resty.aws.config”).global
    +print(“AWS region: ”, (config.region or “failed to detect”))
     
    - -

    Additional environment variables

    +

    Additional environment variables

    The following config file entries do not have an environment variable override in the AWS CLI, but this Lua module adds them as follows:

      -
    • AWS_CLI_TIMESTAMP_FORMAT will override cli_timestamp_format
    • -
    • AWS_DURATION_SECONDS will override duration_seconds
    • -
    • AWS_PARAMETER_VALIDATION will override parameter_validation
    • +
    • AWS_CLI_TIMESTAMP_FORMAT will override cli_timestamp_format
    • +
    • AWS_DURATION_SECONDS will override duration_seconds
    • +
    • AWS_PARAMETER_VALIDATION will override parameter_validation
    +

    Options processing and naming

    Some options are available in the config/credential files, some as environment variables, and some in both. The options are processed as follows:

      -
    • profiles will be honored (see environment variable AWS_PROFILE)

    • -
    • Numeric and boolean values will be converted to their equivalent Lua types

    • -
    • properties will have the name as used in the config file, for any property +

    • profiles will be honored (see environment variable AWS_PROFILE)

    • +
    • Numeric and boolean values will be converted to their equivalent Lua types

    • +
    • properties will have the name as used in the config file, for any property that is a valid config file entry but also has an environment variable override. -For example:

      - +For example:
      -export AWS_REGION="us-east-1"
      +export AWS_REGION=“us-east-1”
       
      - -

      will be available as config.global.region and config.global.AWS_REGION, +will be available as config.global.region and config.global.AWS_REGION, since in the config file the property is named region, whilst the environment variable is called AWS_REGION.

    • -
    • properties that only have environment variable settings (eg. AWS_SHARED_CREDENTIALS_FILE) +

    • properties that only have environment variable settings (eg. AWS_SHARED_CREDENTIALS_FILE) will be added to the config table by their all-caps name. -For example:

      - +For example:
      -export AWS_SHARED_CREDENTIALS_FILE="~/my_aws_config"
      +export AWS_SHARED_CREDENTIALS_FILE=“~/my_aws_config”
       
      - -

      will be available as config.global.AWS_SHARED_CREDENTIALS_FILE, since +will be available as config.global.AWS_SHARED_CREDENTIALS_FILE, since there is no config file property in this case.

    +

    Other system variables

    The following environment variables are also read (so only loading this config module in the init phase will suffice for most use cases):

      -
    • ECS_CONTAINER_METADATA_URI_V4
    • -
    • ECS_CONTAINER_METADATA_URI
    • -
    • AMAZON_ACCESS_KEY_ID
    • -
    • AMAZON_SECRET_ACCESS_KEY
    • -
    • AMAZON_SESSION_TOKEN
    • -
    • AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
    • -
    • AWS_CONTAINER_CREDENTIALS_FULL_URI
    • +
    • ECS_CONTAINER_METADATA_URI_V4
    • +
    • ECS_CONTAINER_METADATA_URI
    • +
    • AMAZON_ACCESS_KEY_ID
    • +
    • AMAZON_SECRET_ACCESS_KEY
    • +
    • AMAZON_SESSION_TOKEN
    • +
    • AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
    • +
    • AWS_CONTAINER_CREDENTIALS_FULL_URI
    +

    @@ -261,7 +255,7 @@

    Returns:

    loads a configuration file. The returned table is a hash table with options. If profiles are returned - then they will be sub-tables, with key "profile [profile-name]". + then they will be sub-tables, with key “profile [profile-name]”.

    Parameters:

    @@ -273,7 +267,7 @@

    Parameters:

  • profile string the profile to retrieve from the configuration file. If - the profile doesn't exist, then it returns an empty table. Use "default" to get the default profile. + the profile doesn’t exist, then it returns an empty table. Use "default" to get the default profile. (optional)
  • @@ -319,7 +313,7 @@

    Returns:

    loads a credential file. The returned table is a hash table with options. If profiles are returned - then they will be sub-tables, with key "[profile-name]". + then they will be sub-tables, with key “[profile-name]”.

    Parameters:

    @@ -331,7 +325,7 @@

    Parameters:

  • profile string the profile to retrieve from the credentials file. If - the profile doesn't exist, then it returns an empty table. Use default to get the default profile. + the profile doesn’t exist, then it returns an empty table. Use default to get the default profile. (optional)
  • @@ -354,7 +348,7 @@

    Returns:

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
    diff --git a/docs/modules/resty.aws.service.rds.signer.html b/docs/modules/resty.aws.service.rds.signer.html index 053c2a5..8b415b9 100644 --- a/docs/modules/resty.aws.service.rds.signer.html +++ b/docs/modules/resty.aws.service.rds.signer.html @@ -128,7 +128,7 @@

    Parameters:

    Returns:

      - token, err - Returns the token to use as the password for the DB connection, or nil and error if an error occurs + token, err – Returns the token to use as the password for the DB connection, or nil and error if an error occurs
    @@ -191,7 +191,7 @@

    Usage:

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
    diff --git a/docs/modules/resty.aws.utils.html b/docs/modules/resty.aws.utils.html index c24ff86..a1cb1d6 100644 --- a/docs/modules/resty.aws.utils.html +++ b/docs/modules/resty.aws.utils.html @@ -101,15 +101,16 @@

    Functions

    It will try the following options (in order);

      -
    1. environment variable AWS_REGION
    2. -
    3. environment variable AWS_DEFAULT_REGION
    4. -
    5. ECS metadata V4 (parse region from "AvailabilityZone") if the environment - variable ECS_CONTAINER_METADATA_URI_V4 is available
    6. -
    7. ECS metadata V3 (parse region from "AvailabilityZone") if the environment - variable ECS_CONTAINER_METADATA_URI is available
    8. -
    9. IDMSv2 metadata (only if AWS_EC2_METADATA_DISABLED hasn't been set to true)
    10. +
    11. environment variable AWS_REGION
    12. +
    13. environment variable AWS_DEFAULT_REGION
    14. +
    15. ECS metadata V4 (parse region from “AvailabilityZone”) if the environment +variable ECS_CONTAINER_METADATA_URI_V4 is available
    16. +
    17. ECS metadata V3 (parse region from “AvailabilityZone”) if the environment +variable ECS_CONTAINER_METADATA_URI is available
    18. +
    19. IDMSv2 metadata (only if AWS_EC2_METADATA_DISABLED hasn’t been set to true)
    +

    The IDMSv2 call makes a call to an IP endpoint, and hence could timeout (timeout is 5 seconds) if called on anything not being an EC2 or EKS instance.

    @@ -141,10 +142,10 @@

    Returns:

    Parameters:

    • subpath - (optional) path to return data from (default "/metadata" for V2, nothing for V3+) + (optional) path to return data from (default “/metadata” for V2, nothing for V3+)
    • version - (optional) metadata version to get "V2", "V3", or "V4" (case insensitive, default "V4") + (optional) metadata version to get “V2”, “V3”, or “V4” (case insensitive, default “V4”)
    @@ -175,7 +176,7 @@

    Parameters:

    (optional) subpath to return data from, default /latest/meta-data/
  • version - (optional) version of IDMS to use, either "V1" or "V2" (case insensitive, default "V2") + (optional) version of IDMS to use, either “V1” or “V2” (case insensitive, default “V2”)
  • @@ -196,7 +197,7 @@

    Returns:

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16
    diff --git a/docs/topics/README.md.html b/docs/topics/README.md.html index 8c7f09c..6415c8c 100644 --- a/docs/topics/README.md.html +++ b/docs/topics/README.md.html @@ -73,11 +73,10 @@

    Classes

    - -

    lua-resty-aws

    - +

    lua-resty-aws

    +

    Overview

    AWS SDK for OpenResty. The SDK is generated from the original AWS JavaScript @@ -90,25 +89,28 @@

    Overview

    For a quick start on how to use this library checkout the examples of the AWS class.

    -
    +

    +

    Status

    Not everything has been implemented, and testing is hard since it requires access to AWS resources and not just regular CI.

    -
    +

    +

    Example

    See the example in the documentation.

    -
    +

    +

    Usage IMPORTANT!!

    attempt to yield across C-call boundary error

    @@ -116,7 +118,7 @@

    attempt to yield across C-call boundary error

    This typically happens when initializing from within a require call. See Global settings below on how to initialize properly.

    -
    +

    TLS and certificate failures

    @@ -125,7 +127,7 @@

    TLS and certificate failures

    directive. However; the compatibility module used, lua-resty-luasocket, cannot automatically read that setting, hence you have to set it manually, see the docs.

    -
    +

    Global settings

    @@ -135,7 +137,6 @@

    Global settings

    configuration from environment variables, the resty.aws.config module must be required on the top-level of the module using this library:

    -
     local aws_config = require("resty.aws.config")
     
    @@ -147,7 +148,7 @@

    Global settings

    it on the module level unless to avoid startup delays in non-AWS environment, caused by the requests to the metadata service timing out.

    -
    +

    EC2 metadata

    @@ -158,22 +159,20 @@

    EC2 metadata

             export AWS_EC2_METADATA_DISABLED=true
     
    - - -
    +

    +

    Installation

    Installation is easiest using LuaRocks:

    -
     luarocks install lua-resty-aws
     
    -

    To install from the git repo:

    +

    To install from the git repo:

     git clone https://github.com/Kong/lua-resty-aws.git
    @@ -181,27 +180,29 @@ 

    Installation

    make install
    -
    + +

    +

    Development

    To update the SDK version being used edit the version tag in update_api_files.sh and then run:

    -
     make dev
     
    +

    Make sure to run make dev to pull in the generated files. Documentation can be generated using ldoc by running:

    -
     make docs
     
    +

    Note that distribution is a little more complex than desired. This is because the repo does not contain all the json files pulled in from the JS sdk. This in turn means that luarocks upload cannot build a rock from the repo (because it is @@ -213,52 +214,57 @@

    Development

    See the detailed release instructions at History.

    -
    +

    +

    Testing

    Tests are executed using Busted and LuaCheck:

    -
     busted
     luacheck .
     
    -

    or run

    +

    or run

     make test
     
    -
    + +

    +

    To do

      -
    • Implement the request/response objects (more AWS like, currently Lua modules)
    • -
    • Implement additional signatures (only V4 currently)
    • -
    • Implement retries from the global config
    • -
    • Additional tests for other services
    • +
    • Implement the request/response objects (more AWS like, currently Lua modules)
    • +
    • Implement additional signatures (only V4 currently)
    • +
    • Implement retries from the global config
    • +
    • Additional tests for other services
    -
    + +

    +

    Copyright and license

    -

    Copyright: (c) 2020-2023 Kong, Inc.

    +

    Copyright: © 2020-2023 Kong, Inc.

    Author: Thijs Schreijer

    License: Apache 2.0

    -
    +

    +

    History

    Versioning is strictly based on Semantic Versioning

    @@ -266,238 +272,272 @@

    History

    Release process:

      -
    1. create a release branch VERSION=x.y.z && git checkout main && git pull && git checkout -b release/$VERSION
    2. -
    3. update the changelog below
    4. -
    5. run make clean && make dev && make test && make docs
    6. -
    7. commit as release x.y.z
    8. -
    9. push the branch, create a PR and get it merged.
    10. -
    11. tag the release commit with the version VERSION=x.y.z && git checkout main && git pull && git tag $VERSION
    12. -
    13. push the tag
    14. -
    15. run VERSION=x.y.z make pack
    16. -
    17. test the created .rock file VERSION=x.y.z && luarocks install lua-resty-aws-$VERSION-1.src.rock
    18. -
    19. upload using: VERSION=x.y.z APIKEY=abc... make upload
    20. -
    21. test installing the rock from LuaRocks
    22. +
    23. create a release branch VERSION=x.y.z && git checkout main && git pull && git checkout -b release/$VERSION
    24. +
    25. update the changelog below
    26. +
    27. run make clean && make dev && make test && make docs
    28. +
    29. commit as release x.y.z
    30. +
    31. push the branch, create a PR and get it merged.
    32. +
    33. tag the release commit with the version VERSION=x.y.z && git checkout main && git pull && git tag $VERSION
    34. +
    35. push the tag
    36. +
    37. run VERSION=x.y.z make pack
    38. +
    39. test the created .rock file VERSION=x.y.z && luarocks install lua-resty-aws-$VERSION-1.src.rock
    40. +
    41. upload using: VERSION=x.y.z APIKEY=abc… make upload
    42. +
    43. test installing the rock from LuaRocks
    + +

    1.3.5 (19-Sep-2023)

    + +
      +
    • fix: lazily initialize structures to avoid c-boundary errors on require +87
    • +
    + +

    1.3.4 (13-Sep-2023)

      -
    • fix: remove more module-level uses of config.global - 83
    • +
    • fix: remove more module-level uses of config.global +83
    +

    1.3.3 (13-Sep-2023)

      -
    • fix: don't invoke region detection code on the module toplevel and advise against trying to. - 81
    • +
    • fix: don’t invoke region detection code on the module toplevel and advise against trying to. +81
    +

    1.3.2 (13-Sep-2023)

      -
    • fix: unsigned request should support network related config option - 79
    • +
    • fix: unsigned request should support network related config option +79
    +

    1.3.1 (17-Aug-2023)

      -
    • fix: fix v4 signing request should correctly canonicalized query table as well - 76
    • +
    • fix: fix v4 signing request should correctly canonicalized query table as well +76
    +

    1.3.0 (15-Aug-2023)

      -
    • fix: fix AWSCONTAINERCREDENTIALSFULLURI parsing. - #65
    • -
    • feat: support configure timeout on service request. - #67
    • -
    • feat: support configure keepalive idle time on service request connection. - #67
    • -
    • feat: support configure ssl verify on service request. - #67
    • -
    • feat: add http/https proxy support for service request - #69
    • -
    • fix: fix proxy-related global config var name to lowercase. - #70
    • -
    • feat: EC2 metadata credential provider support IMDSv2 - #71
    • +
    • fix: fix AWS_CONTAINER_CREDENTIALS_FULL_URI parsing. +#65
    • +
    • feat: support configure timeout on service request. +#67
    • +
    • feat: support configure keepalive idle time on service request connection. +#67
    • +
    • feat: support configure ssl verify on service request. +#67
    • +
    • feat: add http/https proxy support for service request +#69
    • +
    • fix: fix proxy-related global config var name to lowercase. +#70
    • +
    • feat: EC2 metadata credential provider support IMDSv2 +#71
    +

    1.2.3 (20-Jul-2023)

      -
    • fix: fix assumeRole function name on STS. - #59
    • -
    • fix: fix STS regional endpoint injection in build_request - #62
    • -
    • fix: replace deprecated pl.xml with luaexpat; fix STS assume role logic. - #61
    • +
    • fix: fix assumeRole function name on STS. +#59
    • +
    • fix: fix STS regional endpoint injection in build_request +#62
    • +
    • fix: replace deprecated pl.xml with luaexpat; fix STS assume role logic. +#61
    +

    1.2.2 (2-May-2023)

      -
    • fix: add the SharedFileCredentials into rockspec so it can be packed and used correctly. - #53
    • -
    • fix: the field idempotencyToken should be allowed and remain unvalidated as an opaque string. - #52
    • +
    • fix: add the SharedFileCredentials into rockspec so it can be packed and used correctly. +#53
    • +
    • fix: the field idempotencyToken should be allowed and remain unvalidated as an opaque string. +#52
    +

    1.2.1 (24-Apr-2023)

      -
    • fix: fix the rds signer cannot be used in init phase. - #50
    • +
    • fix: fix the rds signer cannot be used in init phase. +#50
    +

    1.2.0 (1-Mar-2023)

      -
    • IMPORTANT-IMPORTANT-IMPORTANT feat: enable TLS name verification. This might - break if your CA store is not the default system one. See usage notes. - #47
    • -
    • fix: STS regional endpoints woudl re-inject the region on every authentication - (after a token expired), causing bad hostnames to be used - #45
    • -
    • Feat: add RDS.Signer to generate tokens for RDS DB access - #44
    • +
    • IMPORTANT-IMPORTANT-IMPORTANT feat: enable TLS name verification. This might +break if your CA store is not the default system one. See usage notes. +#47
    • +
    • fix: STS regional endpoints woudl re-inject the region on every authentication +(after a token expired), causing bad hostnames to be used +#45
    • +
    • Feat: add RDS.Signer to generate tokens for RDS DB access +#44
    +

    1.1.2 (7-Dec-2022)

      -
    • fix: auto detection scheme and default to tls #42
    • +
    • fix: auto detection scheme and default to tls #42
    +

    1.1.1 (21-Nov-2022)

      -
    • fix: port is repeated when port is not standard #39
    • +
    • fix: port is repeated when port is not standard #39
    +

    1.1.0 (18-Nov-2022)

      -
    • fix: template handling of query string #36
    • -
    • fix: blob param should be in raw body #36
    • -
    • feat: support for credential from file #36
    • -
    • fix: escaping for param in uri #36
    • -
    • fix: handling raw body conflict with body param #36
    • -
    • fix: crash when no type check designated #36
    • -
    • fix: support for "headers" location in API template #36
    • -
    • fix: support new API format (bucket in host) for S3 #36
    • +
    • fix: template handling of query string #36
    • +
    • fix: blob param should be in raw body #36
    • +
    • feat: support for credential from file #36
    • +
    • fix: escaping for param in uri #36
    • +
    • fix: handling raw body conflict with body param #36
    • +
    • fix: crash when no type check designated #36
    • +
    • fix: support for “headers” location in API template #36
    • +
    • fix: support new API format (bucket in host) for S3 #36
    +

    1.0.1 (20-Oct-2022)

      -
    • fix: for some method incorrect URL is generates because of incorrect handling of "+" in URL template - #34
    • +
    • fix: for some method incorrect URL is generates because of incorrect handling of “+” in URL template + #34
    +

    1.0.0 (13-Oct-2022)

      -
    • fix: latest doesn't indicate the most recent service version - #28
    • +
    • fix: latest doesn’t indicate the most recent service version + #28
    +

    0.5.5 (26-Sep-2022)

      -
    • fix: variable names for ECS Conatiner Metatdata were missing an '_' - #26
    • +
    • fix: variable names for ECS Conatiner Metatdata were missing an ‘_’ +#26
    +

    0.5.4 (19-Aug-2022)

      -
    • chore: remove error message when no region is found - during config initialization #24
    • +
    • chore: remove error message when no region is found +during config initialization #24
    +

    0.5.3 (19-Aug-2022)

      -
    • feat: lazy load API modules - #23
    • +
    • feat: lazy load API modules +#23
    +

    0.5.2 (12-Jul-2022)

      -
    • fix: relax validation to not validate some generic metadata fields. Encountered - while trying to use Lambda #21
    • -
    • fix: better error handling when credential providers fail to load - #22
    • +
    • fix: relax validation to not validate some generic metadata fields. Encountered +while trying to use Lambda #21
    • +
    • fix: better error handling when credential providers fail to load +#22
    +

    0.5.1 (01-Jun-2022)

      -
    • feat: socket compatibility; overriding luasocket use in phases now returns - the existing setting
    • +
    • feat: socket compatibility; overriding luasocket use in phases now returns +the existing setting
    +

    0.5.0 (01-Jun-2022)

      -
    • feat: enable use of regional STS endpoints

    • -
    • deps: bumped the lua-resty-http - dependency to 0.16 to disable the warnings and use the better connection building logic.

    • -
    • fix: added sock:settimeouts to the socket compatibility layer.

    • -
    • feat: implement a config object based on AWS CLI configuration.

    • -
    • for most use cases it will now suffice to load the config in the init phase

      +
    • feat: enable use of regional STS endpoints
    • +
    • deps: bumped the lua-resty-http +dependency to 0.16 to disable the warnings and use the better connection building logic.
    • +
    • fix: added sock:settimeouts to the socket compatibility layer.
    • +
    • feat: implement a config object based on AWS CLI configuration. +
        +
      • for most use cases it will now suffice to load the config in the init phase
         since it caches al predefined environment variables.
        -
        -
      • -
      • BREAKING: getting EC2 credentials will now honor AWSEC2METADATA_DISABLED.

        - +
      • +
      • BREAKING: getting EC2 credentials will now honor AWS_EC2_METADATA_DISABLED.
         Behaviour might change, but is expected to be very rare.
        -
        -
      • -
      • BREAKING: The TokenFileWebIdentityCredentials

        - +
      • +
      • BREAKING: The TokenFileWebIdentityCredentials
         will honor the role_session_name setting (file or env) as default name.
         Behaviour might change, but is expected to be very rare.
        -
        +
      • +
      +
    • +
    + + +

    0.4.0 (06-Dec-2021)

    -

    0.4.0 (06-Dec-2021)

    -
  • feat: added TokenFileWebIdentityCredentials. This adds default IAM credentials - to be picked up on EKS. The default AWS instance creates a CredentialProviderChain - which includes TokenFileWebIdentity. So on EKS it will now pick up container - based credentials instead of falling back to the underlying (more coarse) EC2 - credentials.

  • -
  • fix: for 'query' type calls, add target action and version, which are required

  • -
  • fix: allow for unsigned requests for services requiring that (STS)

  • -
  • fix: do not validate patterns as regexes are incompatible

  • +
      +
    • feat: added TokenFileWebIdentityCredentials. This adds default IAM credentials +to be picked up on EKS. The default AWS instance creates a CredentialProviderChain +which includes TokenFileWebIdentity. So on EKS it will now pick up container +based credentials instead of falling back to the underlying (more coarse) EC2 +credentials.
    • +
    • fix: for ‘query’ type calls, add target action and version, which are required
    • +
    • fix: allow for unsigned requests for services requiring that (STS)
    • +
    • fix: do not validate patterns as regexes are incompatible
    +

    0.3 (02-Sep-2021)

      -
    • feat: capability to fetch metadata for ECS tasks (EC2 & Fargate), versions 2, 3, and 4
    • -
    • feat: capability to fetch IMDS metadata (EC2 & EKS), versions 1, and 2
    • -
    • feat: automatic region detection, check the docs for details (utils module)
    • -
    • fix: EC2MetadataCredentials no longer reuses the http-client to prevent issues - with the underlying compatibility layer.
    • +
    • feat: capability to fetch metadata for ECS tasks (EC2 & Fargate), versions 2, 3, and 4
    • +
    • feat: capability to fetch IMDS metadata (EC2 & EKS), versions 1, and 2
    • +
    • feat: automatic region detection, check the docs for details (utils module)
    • +
    • fix: EC2MetadataCredentials no longer reuses the http-client to prevent issues +with the underlying compatibility layer.
    +

    0.2 (05-Aug-2021)

      -
    • fix: rockspec, add Penlight dependency
    • -
    • fix: add proper json Content-Type header from meta-data
    • -
    • fix: use proper signingName for the signature
    • +
    • fix: rockspec, add Penlight dependency
    • +
    • fix: add proper json Content-Type header from meta-data
    • +
    • fix: use proper signingName for the signature
    +

    0.1 (03-Feb-2021) Initial released version

    @@ -505,7 +545,7 @@

    0.1 (03-Feb-2021) Initial released version

    generated by LDoc 1.5.0 -Last updated 2023-09-13 14:33:34 +Last updated 2023-09-19 17:44:16