&>ac@sdZddlZddlZddlmZmZmZejeZ dZ iid6Z de fdYZ de fd YZdS( sResolves regions and endpoints. This module implements endpoint resolution, including resolving endpoints for a given service and region and resolving the available endpoints for a service in a specific AWS partition. iN(t NoRegionErrortUnknownRegionErrortEndpointVariantErrors{service}.{region}.{dnsSuffix}t endpointstBaseEndpointResolvercBs2eZdZddZdZdedZRS(s3Resolves regions and endpoints. Must be subclassed.cCs tdS(s7Resolves an endpoint for a service and region combination. :type service_name: string :param service_name: Name of the service to resolve an endpoint for (e.g., s3) :type region_name: string :param region_name: Region/endpoint name to resolve (e.g., us-east-1) if no region is provided, the first found partition-wide endpoint will be used if available. :rtype: dict :return: Returns a dict containing the following keys: - partition: (string, required) Resolved partition name - endpointName: (string, required) Resolved endpoint name - hostname: (string, required) Hostname to use for this endpoint - sslCommonName: (string) sslCommonName to use for this endpoint. - credentialScope: (dict) Signature version 4 credential scope - region: (string) region name override when signing. - service: (string) service name override when signing. - signatureVersions: (list) A list of possible signature versions, including s3, v4, v2, and s3v4 - protocols: (list) A list of supported protocols (e.g., http, https) - ...: Other keys may be included as well based on the metadata N(tNotImplementedError(tselft service_namet region_name((s1/usr/lib/fence-agents/bundled/botocore/regions.pytconstruct_endpoint!scCs tdS(sLists the partitions available to the endpoint resolver. :return: Returns a list of partition names (e.g., ["aws", "aws-cn"]). N(R(R((s1/usr/lib/fence-agents/bundled/botocore/regions.pytget_available_partitions>stawscCs tdS(sLists the endpoint names of a particular partition. :type service_name: string :param service_name: Name of a service to list endpoint for (e.g., s3) :type partition_name: string :param partition_name: Name of the partition to limit endpoints to. (e.g., aws for the public AWS endpoints, aws-cn for AWS China endpoints, aws-us-gov for AWS GovCloud (US) Endpoints, etc. :type allow_non_regional: bool :param allow_non_regional: Set to True to include endpoints that are not regional endpoints (e.g., s3-external-1, fips-us-gov-west-1, etc). :return: Returns a list of endpoint names (e.g., ["us-east-1"]). N(R(RRtpartition_nametallow_non_regional((s1/usr/lib/fence-agents/bundled/botocore/regions.pytget_available_endpointsEsN(t__name__t __module__t__doc__tNoneR R tFalseR(((s1/usr/lib/fence-agents/bundled/botocore/regions.pyRs   tEndpointResolvercBseZdZddgZdZddZdZdeddZ ddZ ddeed Z d Z ed Z d Zd ZdZdZdZdZdZRS(s7Resolves endpoints based on partition endpoint metadatasaws-isos aws-iso-bcCs(d|krtdn||_dS(sA :param endpoint_data: A dict of partition data. t partitionss%Missing "partitions" in endpoint dataN(t ValueErrort_endpoint_data(Rt endpoint_data((s1/usr/lib/fence-agents/bundled/botocore/regions.pyt__init___s R cCsWxP|jdD]A}|d|kr*qn|d}||krFqn||dSWdS(NRt partitiontservicesR(R(RRR RR((s1/usr/lib/fence-agents/bundled/botocore/regions.pytget_service_endpoints_datags  cCs3g}x&|jdD]}|j|dqW|S(NRR(Rtappend(RtresultR((s1/usr/lib/fence-agents/bundled/botocore/regions.pyR psc Csg}x|jdD]}|d|kr0qn|d}||krLqn||d}xu|D]m} | |dk} |r| r|j|| |} | r|j| qqa|s| ra|j| qaqaWqW|S(NRRRRtregions(Rt_retrieve_variant_dataR( RRR R tendpoint_variant_tagsRRRtservice_endpointst endpoint_nametis_regional_endpointt variant_data((s1/usr/lib/fence-agents/bundled/botocore/regions.pyRvs&      cCsuxn|jdD]_}|d|kr|rb|j|jd|}|rjd|krj|dSqm|dSqqWdS(NRRtdefaultst dnsSuffix(RR tgetR(RR R!Rtvariant((s1/usr/lib/fence-agents/bundled/botocore/regions.pytget_partition_dns_suffixs c Cs|dkr'|r'|dkr'd}n|dk rd}x.|jdD]}|d|krG|}qGqGW|dk r|j|||||t}|SdSxY|jdD]J}|r|d|jkrqn|j|||||}|r|SqWdS(Nts3s us-east-1RR(RRt_endpoint_for_partitiontTruet!_UNSUPPORTED_DUALSTACK_PARTITIONS( RRRR tuse_dualstack_endpointtuse_fips_endpointtvalid_partitionRR((s1/usr/lib/fence-agents/bundled/botocore/regions.pyR s0         cCsKx/|jdD] }|j||r|dSqWtd|dddS(NRRRt error_msgs,No partition found for provided region_name.(Rt _region_matchR(RRR((s1/usr/lib/fence-agents/bundled/botocore/regions.pytget_partition_for_regions  c Cso|d}|rD||jkrDd|}tddgd|n|dj|t} |dkrd| kr| d}qtni|d6|d6| d 6|d 6|d 6|d 6} || d kr|j| S|j||s|rk| jd} | jdt} | rK| rKt j d||| | | d <|j| St j d|||j| SdS(NRs@Dualstack endpoints are currently not supported for %s partitionttagst dualstackR2RtpartitionEndpointRt service_dataR#R/R0RtisRegionalizeds'Using partition endpoint for %s, %s: %ss*Creating a regex based endpoint for %s, %s( R.RR(tDEFAULT_SERVICE_DATARRt_resolveR3R-tLOGtdebug( RRRRR/R0tforce_partitionR R2R8tresolve_kwargstpartition_endpointtis_regionalized((s1/usr/lib/fence-agents/bundled/botocore/regions.pyR,s@                cCs>||dkrtSd|kr:tj|dj|StS(NRt regionRegex(R-tretcompiletmatchR(RRR((s1/usr/lib/fence-agents/bundled/botocore/regions.pyR3s  cCsS|jdg}x:|D]2}t|dt|kr|j}|SqWdS(NtvariantsR5(R(tsettcopy(RRR5RFR)R((s1/usr/lib/fence-agents/bundled/botocore/regions.pyR s   cCs6g}|r|jdn|r2|jdn|S(NR6tfips(R(RR/R0R5((s1/usr/lib/fence-agents/bundled/botocore/regions.pyt_create_tag_lists cCsOi}xB|||gD]1}|j||}|r|j||qqW|S(N(R t _merge_keys(RR5Rtservice_defaultstpartition_defaultsRRFR)((s1/usr/lib/fence-agents/bundled/botocore/regions.pyt_resolve_variant s  c Cs|jdij|i}|jdrAtjd|n|jdi}|jdi} |j||} | r|j| ||| } | ikrd||f} td| d| qn|} d| kr|d| ds   ;