Merge branch 'release-1.29.52'

* release-1.29.52:
  Bumping version to 1.29.52
  Update changelog based on model updates
  CLI examples directconnect, ec2, iam, iot, lambda, sqs
  Add Swift support for CodeArtifact login command

.changes/1.29.52.json

@@ -0,0 +1,47 @@
+[
+  {
+    "category": "``appconfig``",
+    "description": "Enabling boto3 paginators for list APIs and adding documentation around ServiceQuotaExceededException errors",
+    "type": "api-change"
+  },
+  {
+    "category": "``apprunner``",
+    "description": "This release adds improvements for managing App Runner auto scaling configuration resources. New APIs: UpdateDefaultAutoScalingConfiguration and ListServicesForAutoScalingConfiguration. Updated API: DeleteAutoScalingConfiguration.",
+    "type": "api-change"
+  },
+  {
+    "category": "``codeartifact``",
+    "description": "Add support for the Swift package format.",
+    "type": "api-change"
+  },
+  {
+    "category": "``kinesisvideo``",
+    "description": "Updated DescribeMediaStorageConfiguration, StartEdgeConfigurationUpdate, ImageGenerationConfiguration$SamplingInterval, and UpdateMediaStorageConfiguration to match AWS Docs.",
+    "type": "api-change"
+  },
+  {
+    "category": "``logs``",
+    "description": "Add ClientToken to QueryDefinition CFN Handler in CWL",
+    "type": "api-change"
+  },
+  {
+    "category": "``s3``",
+    "description": "Fix an issue where the SDK can fail to unmarshall response due to NumberFormatException",
+    "type": "api-change"
+  },
+  {
+    "category": "``servicediscovery``",
+    "description": "Adds a new DiscoverInstancesRevision API and also adds InstanceRevision field to the DiscoverInstances API response.",
+    "type": "api-change"
+  },
+  {
+    "category": "``sso-oidc``",
+    "description": "Update FIPS endpoints in aws-us-gov.",
+    "type": "api-change"
+  },
+  {
+    "category": "``codeartifact login``",
+    "description": "Add Swift support for CodeArtifact login command",
+    "type": "enhancement"
+  }
+]

CHANGELOG.rst

@@ -2,6 +2,20 @@
 CHANGELOG
 =========
 
+1.29.52
+=======
+
+* api-change:``appconfig``: Enabling boto3 paginators for list APIs and adding documentation around ServiceQuotaExceededException errors
+* api-change:``apprunner``: This release adds improvements for managing App Runner auto scaling configuration resources. New APIs: UpdateDefaultAutoScalingConfiguration and ListServicesForAutoScalingConfiguration. Updated API: DeleteAutoScalingConfiguration.
+* api-change:``codeartifact``: Add support for the Swift package format.
+* api-change:``kinesisvideo``: Updated DescribeMediaStorageConfiguration, StartEdgeConfigurationUpdate, ImageGenerationConfiguration$SamplingInterval, and UpdateMediaStorageConfiguration to match AWS Docs.
+* api-change:``logs``: Add ClientToken to QueryDefinition CFN Handler in CWL
+* api-change:``s3``: Fix an issue where the SDK can fail to unmarshall response due to NumberFormatException
+* api-change:``servicediscovery``: Adds a new DiscoverInstancesRevision API and also adds InstanceRevision field to the DiscoverInstances API response.
+* api-change:``sso-oidc``: Update FIPS endpoints in aws-us-gov.
+* enhancement:``codeartifact login``: Add Swift support for CodeArtifact login command
+
+
 1.29.51
 =======
 

awscli/__init__.py

@@ -17,7 +17,7 @@
 """
 import os
 
-__version__ = '1.29.51'
+__version__ = '1.29.52'
 
 #
 # Get our data path to be added to botocore's search path

awscli/compat.py

@@ -57,6 +57,8 @@
 
 is_windows = sys.platform == 'win32'
 
+is_macos = sys.platform == 'darwin'
+
 
 if is_windows:
     default_pager = 'more'

awscli/customizations/codeartifact/login.py

@@ -10,7 +10,10 @@
 from dateutil.relativedelta import relativedelta
 from botocore.utils import parse_timestamp
 
-from awscli.compat import is_windows, urlparse, RawConfigParser, StringIO, get_stderr_encoding
+from awscli.compat import (
+    is_windows, urlparse, RawConfigParser, StringIO,
+    get_stderr_encoding, is_macos
+)
 from awscli.customizations import utils as cli_utils
 from awscli.customizations.commands import BasicCommand
 from awscli.customizations.utils import uni_print
@@ -115,6 +118,137 @@ def get_commands(cls, endpoint, auth_token, **kwargs):
         raise NotImplementedError('get_commands()')
 
 
+class SwiftLogin(BaseLogin):
+
+    DEFAULT_NETRC_FMT = \
+        u'machine {hostname} login token password {auth_token}'
+
+    NETRC_REGEX_FMT = \
+        r'(?P<entry_start>\bmachine\s+{escaped_hostname}\s+login\s+\S+\s+password\s+)' \
+        r'(?P<token>\S+)'
+
+    def login(self, dry_run=False):
+        scope = self.get_scope(
+            self.namespace
+        )
+        commands = self.get_commands(
+            self.repository_endpoint, self.auth_token, scope=scope
+        )
+
+        if not is_macos:
+            hostname = urlparse.urlparse(self.repository_endpoint).hostname
+            new_entry = self.DEFAULT_NETRC_FMT.format(
+                hostname=hostname,
+                auth_token=self.auth_token
+            )
+            if dry_run:
+                self._display_new_netrc_entry(new_entry, self.get_netrc_path())
+            else:
+                self._update_netrc_entry(hostname, new_entry, self.get_netrc_path())
+
+        self._run_commands('swift', commands, dry_run)
+
+    def _display_new_netrc_entry(self, new_entry, netrc_path):
+        sys.stdout.write('Dryrun mode is enabled, not writing to netrc.')
+        sys.stdout.write(os.linesep)
+        sys.stdout.write(
+            f'The following line would have been written to {netrc_path}:'
+        )
+        sys.stdout.write(os.linesep)
+        sys.stdout.write(os.linesep)
+        sys.stdout.write(new_entry)
+        sys.stdout.write(os.linesep)
+        sys.stdout.write(os.linesep)
+        sys.stdout.write('And would have run the following commands:')
+        sys.stdout.write(os.linesep)
+        sys.stdout.write(os.linesep)
+
+    def _update_netrc_entry(self, hostname, new_entry, netrc_path):
+        pattern = re.compile(
+            self.NETRC_REGEX_FMT.format(escaped_hostname=re.escape(hostname)),
+            re.M
+        )
+        if not os.path.isfile(netrc_path):
+            self._create_netrc_file(netrc_path, new_entry)
+        else:
+            with open(netrc_path, 'r') as f:
+                contents = f.read()
+            escaped_auth_token = self.auth_token.replace('\\', r'\\')
+            new_contents = re.sub(
+                pattern,
+                rf"\g<entry_start>{escaped_auth_token}",
+                contents
+            )
+
+            if new_contents == contents:
+                new_contents = self._append_netrc_entry(new_contents, new_entry)
+
+            with open(netrc_path, 'w') as f:
+                f.write(new_contents)
+
+    def _create_netrc_file(self, netrc_path, new_entry):
+        dirname = os.path.split(netrc_path)[0]
+        if not os.path.isdir(dirname):
+            os.makedirs(dirname)
+        with os.fdopen(os.open(netrc_path,
+                               os.O_WRONLY | os.O_CREAT, 0o600), 'w') as f:
+            f.write(new_entry + '\n')
+
+    def _append_netrc_entry(self, contents, new_entry):
+        if contents.endswith('\n'):
+            return contents + new_entry + '\n'
+        else:
+            return contents + '\n' + new_entry + '\n'
+
+    @classmethod
+    def get_netrc_path(cls):
+        return os.path.join(os.path.expanduser("~"), ".netrc")
+
+    @classmethod
+    def get_scope(cls, namespace):
+        # Regex for valid scope name
+        valid_scope_name = re.compile(
+            r'\A[a-zA-Z0-9](?:[a-zA-Z0-9]|-(?=[a-zA-Z0-9])){0,38}\Z'
+        )
+
+        if namespace is None:
+            return namespace
+
+        if not valid_scope_name.match(namespace):
+            raise ValueError(
+                'Invalid scope name, scope must contain URL-safe '
+                'characters, no leading dots or underscores and no '
+                'more than 39 characters'
+            )
+
+        return namespace
+
+    @classmethod
+    def get_commands(cls, endpoint, auth_token, **kwargs):
+        commands = []
+        scope = kwargs.get('scope')
+
+        # Set up the codeartifact repository as the swift registry.
+        set_registry_command = [
+            'swift', 'package-registry', 'set', endpoint
+        ]
+        if scope is not None:
+            set_registry_command.extend(['--scope', scope])
+        commands.append(set_registry_command)
+
+        # Authenticate against the repository.
+        # We will write token to .netrc for Linux and Windows
+        # MacOS will store the token from command line option to Keychain
+        login_registry_command = [
+            'swift', 'package-registry', 'login', f'{endpoint}login'
+        ]
+        if is_macos:
+            login_registry_command.extend(['--token', auth_token])
+        commands.append(login_registry_command)
+
+        return commands
+
+
 class NuGetBaseLogin(BaseLogin):
     _NUGET_INDEX_URL_FMT = '{endpoint}v3/index.json'
 
@@ -511,6 +645,11 @@ class CodeArtifactLogin(BasicCommand):
     '''Log in to the idiomatic tool for the requested package format.'''
 
     TOOL_MAP = {
+        'swift': {
+            'package_format': 'swift',
+            'login_cls': SwiftLogin,
+            'namespace_support': True,
+        },
         'nuget': {
             'package_format': 'nuget',
             'login_cls': NuGetLogin,

awscli/examples/directconnect/create-transit-virtual-interface.rst

@@ -1,57 +1,57 @@
-**To create a transit virtual interface**
-
-The following ``create-transit-virtual-interface`` example creates a transit virtual interface for the specified connection. ::
-
-    ws directconnect create-transit-virtual-interface \
-        --connection-id dxlag-fEXAMPLE \
-        --new-transit-virtual-interface "virtualInterfaceName=Example Transit Virtual Interface,vlan=126,asn=65110,mtu=1500,authKey=0xzxgA9YoW9h58u8SvEXAMPLE,amazonAddress=192.168.1.1/30,customerAddress=192.168.1.2/30,addressFamily=ipv4,directConnectGatewayId=8384da05-13ce-4a91-aada-5a1baEXAMPLE,tags=[{key=Tag,value=Example}]"
-
-Output::
-
-    {
-        "virtualInterface": {
-            "ownerAccount": "1111222233333",
-            "virtualInterfaceId": "dxvif-fEXAMPLE",
-            "location": "loc1",
-            "connectionId": "dxlag-fEXAMPLE",
-            "virtualInterfaceType": "transit",
-            "virtualInterfaceName": "Example Transit Virtual Interface",
-            "vlan": 126,
-            "asn": 65110,
-            "amazonSideAsn": 4200000000,
-            "authKey": "0xzxgA9YoW9h58u8SEXAMPLE",
-            "amazonAddress": "192.168.1.1/30",
-            "customerAddress": "192.168.1.2/30",
-            "addressFamily": "ipv4",
-            "virtualInterfaceState": "pending",
-            "customerRouterConfig": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<logical_connection id=\"dxvif-fEXAMPLE\">\n  <vlan>126</vlan>\n  <customer_address>192.168.1.2/30</customer_address>\n  <amazon_address>192.168.1.1/30</amazon_address>\n  <bgp_asn>65110</bgp_asn>\n  <bgp_auth_key>0xzxgA9YoW9h58u8SvOmXRTw</bgp_auth_key>\n  <amazon_bgp_asn>4200000000</amazon_bgp_asn>\n  <connection_type>transit</connection_type>\n</logical_connection>\n",
-            "mtu": 1500,
-            "jumboFrameCapable": true,
-            "virtualGatewayId": "",
-            "directConnectGatewayId": "8384da05-13ce-4a91-aada-5a1baEXAMPLE",
-            "routeFilterPrefixes": [],
-            "bgpPeers": [
-                {
-                    "bgpPeerId": "dxpeer-EXAMPLE",
-                    "asn": 65110,
-                    "authKey": "0xzxgA9YoW9h58u8SEXAMPLE",
-                    "addressFamily": "ipv4",
-                    "amazonAddress": "192.168.1.1/30",
-                    "customerAddress": "192.168.1.2/30",
-                    "bgpPeerState": "pending",
-                    "bgpStatus": "down",
-                    "awsDeviceV2": "loc1-26wz6vEXAMPLE"
-                }
-            ],
-            "region": "sa-east-1",
-            "awsDeviceV2": "loc1-26wz6vEXAMPLE",
-            "tags": [
-                {
-                    "key": "Tag",
-                    "value": "Example"
-                }
-            ]
-        }
-    }
-
-For more information, see `Creating a Transit Virtual Interface to the Direct Connect Gateway <https://docs.aws.amazon.com/directconnect/latest/UserGuide/create-vif.html#create-transit-vif>`__ in the *AWS Direct Connect User Guide*.
+**To create a transit virtual interface**
+
+The following ``create-transit-virtual-interface`` example creates a transit virtual interface for the specified connection. ::
+
+    aws directconnect create-transit-virtual-interface \
+        --connection-id dxlag-fEXAMPLE \
+        --new-transit-virtual-interface "virtualInterfaceName=Example Transit Virtual Interface,vlan=126,asn=65110,mtu=1500,authKey=0xzxgA9YoW9h58u8SvEXAMPLE,amazonAddress=192.168.1.1/30,customerAddress=192.168.1.2/30,addressFamily=ipv4,directConnectGatewayId=8384da05-13ce-4a91-aada-5a1baEXAMPLE,tags=[{key=Tag,value=Example}]"
+
+Output::
+
+    {
+        "virtualInterface": {
+            "ownerAccount": "1111222233333",
+            "virtualInterfaceId": "dxvif-fEXAMPLE",
+            "location": "loc1",
+            "connectionId": "dxlag-fEXAMPLE",
+            "virtualInterfaceType": "transit",
+            "virtualInterfaceName": "Example Transit Virtual Interface",
+            "vlan": 126,
+            "asn": 65110,
+            "amazonSideAsn": 4200000000,
+            "authKey": "0xzxgA9YoW9h58u8SEXAMPLE",
+            "amazonAddress": "192.168.1.1/30",
+            "customerAddress": "192.168.1.2/30",
+            "addressFamily": "ipv4",
+            "virtualInterfaceState": "pending",
+            "customerRouterConfig": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<logical_connection id=\"dxvif-fEXAMPLE\">\n  <vlan>126</vlan>\n  <customer_address>192.168.1.2/30</customer_address>\n  <amazon_address>192.168.1.1/30</amazon_address>\n  <bgp_asn>65110</bgp_asn>\n  <bgp_auth_key>0xzxgA9YoW9h58u8SvOmXRTw</bgp_auth_key>\n  <amazon_bgp_asn>4200000000</amazon_bgp_asn>\n  <connection_type>transit</connection_type>\n</logical_connection>\n",
+            "mtu": 1500,
+            "jumboFrameCapable": true,
+            "virtualGatewayId": "",
+            "directConnectGatewayId": "8384da05-13ce-4a91-aada-5a1baEXAMPLE",
+            "routeFilterPrefixes": [],
+            "bgpPeers": [
+                {
+                    "bgpPeerId": "dxpeer-EXAMPLE",
+                    "asn": 65110,
+                    "authKey": "0xzxgA9YoW9h58u8SEXAMPLE",
+                    "addressFamily": "ipv4",
+                    "amazonAddress": "192.168.1.1/30",
+                    "customerAddress": "192.168.1.2/30",
+                    "bgpPeerState": "pending",
+                    "bgpStatus": "down",
+                    "awsDeviceV2": "loc1-26wz6vEXAMPLE"
+                }
+            ],
+            "region": "sa-east-1",
+            "awsDeviceV2": "loc1-26wz6vEXAMPLE",
+            "tags": [
+                {
+                    "key": "Tag",
+                    "value": "Example"
+                }
+            ]
+        }
+    }
+
+For more information, see `Creating a Transit Virtual Interface to the Direct Connect Gateway <https://docs.aws.amazon.com/directconnect/latest/UserGuide/create-vif.html#create-transit-vif>`__ in the *AWS Direct Connect User Guide*.

awscli/examples/ec2/assign-private-nat-gateway-address.rst

@@ -0,0 +1,27 @@
+**To assign private IP addresses to your private NAT gateway**
+
+The following ``assign-private-nat-gateway-address`` example assigns two private IP addresses to the specified private NAT gateway. ::
+
+    aws ec2 assign-private-nat-gateway-address \
+        --nat-gateway-id nat-1234567890abcdef0 \
+        --private-ip-address-count 2
+
+Output::
+
+    {
+        "NatGatewayId": "nat-1234567890abcdef0",
+        "NatGatewayAddresses": [
+            {
+                "NetworkInterfaceId": "eni-0065a61b324d1897a",
+                "IsPrimary": false,
+                "Status": "assigning"
+            },
+            {
+                "NetworkInterfaceId": "eni-0065a61b324d1897a",
+                "IsPrimary": false,
+                "Status": "assigning"
+            }
+        ]
+    }
+
+For more information, see `NAT gateways <https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html>`__ in the *Amazon VPC User Guide*.