Expand description
Rust wrapper for the aws-c-auth library. For testing purposes only.
For interacting with AWS services, use the aws-sdk-rust crate instead.
Structs
struct aws_atomic_var represents an atomic variable - a value which can hold an integer or pointer
that can be manipulated atomically. struct aws_atomic_vars should normally only be manipulated
with atomics methods defined in this header.
Represents a length-delimited binary string or buffer. If byte buffer points
to constant memory or memory that should otherwise not be freed by this
struct, set allocator to NULL and free function will be a no-op.
Represents a movable pointer within a larger binary string or buffer.
A (string) pair defining an identity provider and a valid login token sourced from it.
A baseclass for credentials providers. A credentials provider is an object that has an asynchronous
query function for retrieving AWS credentials.
Configuration options for a provider that functions as a caching decorator. Credentials sourced through this
provider will be cached within it until their expiration time. When the cached credentials expire, new
credentials will be fetched when next queried.
Configuration options for the default credentials provider chain.
Configuration options for a provider that queries, in order, a list of providers. This provider uses the
first set of credentials successfully queried. Providers are queried one at a time; a provider is not queried
until the preceding provider has failed to source credentials.
Configuration options needed to create a Cognito-based Credentials Provider
Configuration options for the delegate credentials provider.
Configuration options for a provider that returns credentials based on environment variable values
Configuration options for the provider that sources credentials from ec2 instance metadata
Configuration options for the process credentials provider
Configuration options for a provider that sources credentials from the aws profile and credentials files
(by default ~/.aws/profile and ~/.aws/credentials)
Configuration options for a provider that returns a fixed set of credentials
Configuration options for the STS credentials provider
Configuration options for the STS web identity provider
Configuration options for the X509 credentials provider
Options for exponential backoff retry strategy. el_group must be set, any other option, if set to 0 will signify
“use defaults”
Represents an element in the hash table. Various operations on the hash
table may provide pointers to elements stored within the hash table;
generally, calling code may alter value, but must not alter key (or any
information used to compute key’s hash code).
Metrics for logging and debugging purpose.
(Optional) Http proxy configuration for the http request that fetches credentials
AWS EC2 Metadata Client is used to retrieve AWS EC2 Instance Metadata info.
Configuration options when creating an imds client
Optional callback and user data to be invoked when an imds client has fully shut down
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-categories.html
Block of per-instance EC2-specific data
Options for aws_logger_init_standard().
Set
filename to open a file for logging and close it when the logger cleans up.
Set file to use a file that is already open, such as stderr or stdout.We separate the log level function from the log call itself so that we can do the filter check in the macros (see
below)
Signable is a generic interface for any kind of object that can be cryptographically signed.
A configuration structure for use in AWS-related signing. Currently covers sigv4 only, but is not required to.
All signing configuration structs must match this by having
the config_type member as the first member.
A structure for tracking all the signer-requested changes to a signable. Interpreting
these changes is signing-algorithm specific.
Hash table data structure. This module provides an automatically resizing
hash table implementation for general purpose use. The hash table stores a
mapping between void * keys and values; it is expected that in most cases,
these will point to a structure elsewhere in the heap, instead of inlining a
key or value into the hash table element itself.
Constants
Defaults to IMDS_PROTOCOL_V2. It can be set to either one and IMDS Client
will figure out (by looking at response code) which protocol an instance
is using. But a more clear setting will reduce unnecessary network request.
Defaults to IMDS_PROTOCOL_V2. It can be set to either one and IMDS Client
will figure out (by looking at response code) which protocol an instance
is using. But a more clear setting will reduce unnecessary network request.
Specifies acquire-release order; if this operation acts as a load, it acts as an
acquire operation; if it acts as a store, it acts as a release operation; if it’s
a load-store, it does both.
Specifies acquire ordering. No reads or writes on the current thread can be
reordered to happen before this operation. This is typically paired with a release
ordering; any writes that happened on the releasing operation will be visible
after the paired acquire operation.
No particular ordering constraints are guaranteed relative to other
operations at all; we merely ensure that the operation itself is atomic.
Specifies release order. No reads or writes can be reordered to come after this
operation. Typically paired with an acquire operation.
Specifies acquire-release order; if this operation acts as a load, it acts as an
acquire operation; if it acts as a store, it acts as a release operation; if it’s
a load-store, it does both.
Doesn’t count against any budgets. This could be something like a 401 challenge in Http.
This is a server error that isn’t explicitly throttling but is considered by the client
to be something that should be retried.
This is an error where the server explicitly told the client to back off, such as a 429 or 503 Http error.
This is a connection level error such as a socket timeout, socket connect error, tls negotiation timeout etc…
Typically these should never be applied for non-idempotent request types since in this scenario, it’s impossible
to know whether the operation had a side effect on the server.
Compute a signature for an http request via it’s already-computed canonical request. Only the authorization
signature header is added to the signing result.
Compute a signature for an http request via it’s already-computed canonical request. Only the authorization
signature query param is added to the signing result.
Compute a signature for a payload chunk. The signable’s input stream should be the chunk data and the
signable should contain the most recent signature value (either the original http request or the most recent
chunk) in the “previous-signature” property.
Compute a signature for an event stream event. The signable’s input stream should be the event payload, the
signable should contain the most recent signature value (either the original http request or the most recent
event) in the “previous-signature” property as well as any event headers that should be signed with the
exception of “:date”
A signature for a full http request should be computed, with header updates applied to the signing result.
A signature for a full http request should be computed, with query param updates applied to the signing result.
Compute a signature for the trailing headers.
the signable should contain the most recent signature value (either the original http request or the most recent
chunk) in the “previous-signature” property.
Do not add a header
Add the “x-amz-content-sha256” header with the canonical request’s body value
Statics
Shortcuts for common HTTP request methods
Functions
Adds [num] arguments (expected to be of size_t), and returns the result in *r.
If the result overflows, returns AWS_OP_ERR; otherwise returns AWS_OP_SUCCESS.
Inexpensive (constant time) check of data-structure invariants.
Compare two arrays.
Return whether their contents are equivalent.
NULL may be passed as the array pointer if its length is declared to be 0.
Compare an array and a null-terminated string.
Returns true if their contents are equivalent.
The array should NOT contain a null-terminator, or the comparison will always return false.
NULL may be passed as the array pointer if its length is declared to be 0.
Perform a case-insensitive string comparison of an array and a null-terminated string.
Return whether their contents are equivalent.
The array should NOT contain a null-terminator, or the comparison will always return false.
NULL may be passed as the array pointer if its length is declared to be 0.
The “C” locale is used for comparing upper and lowercase letters.
Data is assumed to be ASCII text, UTF-8 will work fine too.
Perform a case-insensitive string comparison of two arrays.
Return whether their contents are equivalent.
NULL may be passed as the array pointer if its length is declared to be 0.
The “C” locale is used for comparing upper and lowercase letters.
Data is assumed to be ASCII text, UTF-8 will work fine too.
Copies the elements from from to to. If to is in static mode, it must at least be the same length as from. Any data
in to will be overwritten in this copy.
Ensures that the array list has enough capacity to store a value at the specified index. If there is not already
enough capacity, and the list is in dynamic mode, this function will attempt to allocate more memory, expanding the
list. In static mode, if ‘index’ is beyond the maximum index, AWS_ERROR_INVALID_INDEX will be raised.
If in dynamic mode, shrinks the allocated array size to the minimum amount necessary to store its elements.
Swap elements at the specified indices, which must be within the bounds of the array.
Clean up internal datastructures used by aws-c-auth.
Must not be called until application is done using functionality in aws-c-auth.
Initializes internal datastructures used by aws-c-auth.
Must be called before using any functionality in aws-c-auth.
Appends a sub-buffer to the specified buffer.
Copies from to to. If to is too small, AWS_ERROR_DEST_COPY_TOO_SMALL will be
returned. dest->len will contain the amount of data actually copied to dest.
Copy contents of cursor to buffer, then update cursor to reference the memory stored in the buffer.
If buffer is too small, AWS_ERROR_DEST_COPY_TOO_SMALL will be returned.
Copies a single byte into
to. If to is too small, the buffer will be grown appropriately and
the old contents copied over, before the byte is appended.Copies a single byte into
to. If to is too small, the buffer will be grown appropriately and
the old contents copied over, before the byte is appended.Copies from to to. If to is too small, the buffer will be grown appropriately and
the old contents copied to, before the new contents are appended.
Copies
from to to. If to is too small, the buffer will be grown appropriately and
the old contents copied over, before the new contents are appended.Appends ‘\0’ at the end of the buffer.
Copies from to to while converting bytes via the passed in lookup table.
If to is too small, AWS_ERROR_DEST_COPY_TOO_SMALL will be
returned. to->len will contain its original size plus the amount of data actually copied to to.
Concatenates a variable number of struct aws_byte_buf * into destination.
Number of args must be greater than 1. If dest is too small,
AWS_ERROR_DEST_COPY_TOO_SMALL will be returned. dest->len will contain the
amount of data actually copied to dest.
Equivalent to calling aws_byte_buf_secure_zero and then aws_byte_buf_clean_up
on the buffer.
Compare two aws_byte_buf structures.
Return whether their contents are equivalent.
Compare an aws_byte_buf and a null-terminated string.
Returns true if their contents are equivalent.
The buffer should NOT contain a null-terminator, or the comparison will always return false.
Perform a case-insensitive string comparison of an aws_byte_buf and a null-terminated string.
Return whether their contents are equivalent.
The buffer should NOT contain a null-terminator, or the comparison will always return false.
The “C” locale is used for comparing upper and lowercase letters.
Data is assumed to be ASCII text, UTF-8 will work fine too.
Perform a case-insensitive string comparison of two aws_byte_buf structures.
Return whether their contents are equivalent.
The “C” locale is used for comparing upper and lowercase letters.
Data is assumed to be ASCII text, UTF-8 will work fine too.
For creating a byte buffer from a null-terminated string literal.
Init buffer with contents of multiple cursors, and update cursors to reference the memory stored in the buffer.
Each cursor arg must be an
struct aws_byte_cursor *. NULL must be passed as the final arg.
NOTE: Do not append/grow/resize buffers initialized this way, or the cursors will end up referencing invalid memory.
Returns AWS_OP_SUCCESS in case of success.
AWS_OP_ERR is returned if memory can’t be allocated or the total cursor length exceeds SIZE_MAX.Initializes an aws_byte_buf structure base on another valid one.
Requires: *src and *allocator are valid objects.
Ensures: *dest is a valid aws_byte_buf with a new backing array dest->buffer
which is a copy of the elements from src->buffer.
Copies src buffer into dest and sets the correct len and capacity.
A new memory zone is allocated for dest->buffer. When dest is no longer needed it will have to be cleaned-up using
aws_byte_buf_clean_up(dest).
Dest capacity and len will be equal to the src len. Allocator of the dest will be identical with parameter allocator.
If src buffer is null the dest will have a null buffer with a len and a capacity of 0
Returns AWS_OP_SUCCESS in case of success or AWS_OP_ERR when memory can’t be allocated.
Reads ‘filename’ into ‘out_buf’. If successful, ‘out_buf’ is allocated and filled with the data;
It is your responsibility to call ‘aws_byte_buf_clean_up()’ on it. Otherwise, ‘out_buf’ remains
unused. In the very unfortunate case where some API needs to treat out_buf as a c_string, a null terminator
is appended, but is not included as part of the length field.
Evaluates the set of properties that define the shape of all valid aws_byte_buf structures.
It is also a cheap check, in the sense it run in constant time (i.e., no loops or recursion).
Attempts to increase the capacity of a buffer to the requested capacity
Convenience function that attempts to increase the capacity of a buffer relative to the current
length.
Resets the len of the buffer to 0, but does not free the memory. The buffer can then be reused.
Optionally zeroes the contents, if the “zero_contents” flag is true.
Sets all bytes of buffer to zero and resets len to zero.
Write specified number of bytes from array to byte buffer.
Writes a 16-bit integer in network byte order (big endian) to buffer.
Writes low 24-bits (3 bytes) of an unsigned integer in network byte order (big endian) to buffer.
Ex: If x is 0x00AABBCC then {0xAA, 0xBB, 0xCC} is written to buffer.
Writes a 32-bit integer in network byte order (big endian) to buffer.
Writes a 64-bit integer in network byte order (big endian) to buffer.
Writes a 32-bit float in network byte order (big endian) to buffer.
Writes a 64-bit float in network byte order (big endian) to buffer.
Copies all bytes from buffer to buffer.
Copies all bytes from buffer to buffer.
Without increasing buf’s capacity, write as much as possible from advancing_cursor into buf.
Copies one byte to buffer.
Writes one byte repeatedly to buffer (like memset)
Tests if the given aws_byte_cursor has at least len bytes remaining. If so,
*buf is advanced by len bytes (incrementing ->ptr and decrementing ->len),
and an aws_byte_cursor referring to the first len bytes of the original *buf
is returned. Otherwise, an aws_byte_cursor with ->ptr = NULL, ->len = 0 is
returned.
Behaves identically to aws_byte_cursor_advance, but avoids speculative
execution potentially reading out-of-bounds pointers (by returning an
empty ptr in such speculated paths).
Lexical (byte value) comparison of two byte cursors
Lexical (byte value) comparison of two byte cursors where the raw values are sent through a lookup table first
Compare two aws_byte_cursor structures.
Return whether their contents are equivalent.
Compare an aws_byte_cursor and an aws_byte_buf.
Return whether their contents are equivalent.
Perform a case-insensitive string comparison of an aws_byte_cursor and an aws_byte_buf.
Return whether their contents are equivalent.
The “C” locale is used for comparing upper and lowercase letters.
Data is assumed to be ASCII text, UTF-8 will work fine too.
Compare an aws_byte_cursor and a null-terminated string.
Returns true if their contents are equivalent.
The cursor should NOT contain a null-terminator, or the comparison will always return false.
Perform a case-insensitive string comparison of an aws_byte_cursor and a null-terminated string.
Return whether their contents are equivalent.
The cursor should NOT contain a null-terminator, or the comparison will always return false.
The “C” locale is used for comparing upper and lowercase letters.
Data is assumed to be ASCII text, UTF-8 will work fine too.
Perform a case-insensitive string comparison of two aws_byte_cursor structures.
Return whether their contents are equivalent.
The “C” locale is used for comparing upper and lowercase letters.
Data is assumed to be ASCII text, UTF-8 will work fine too.
Search for an exact byte match inside a cursor. The first match will be returned. Returns AWS_OP_SUCCESS
on successful match and first_find will be set to the offset in input_str, and length will be the remaining length
from input_str past the returned offset. If the match was not found, AWS_OP_ERR will be returned and
AWS_ERROR_STRING_MATCH_NOT_FOUND will be raised.
Evaluates the set of properties that define the shape of all valid aws_byte_cursor structures.
It is also a cheap check, in the sense it runs in constant time (i.e., no loops or recursion).
Shrinks a byte cursor from the left for as long as the supplied predicate is true
No copies, no buffer allocations. Iterates over input_str, and returns the
next substring between split_on instances relative to previous substr.
Behaves similar to strtok with substr being used as state for next split.
Reads specified length of data from byte cursor and copies it to the
destination array.
Reads as many bytes from cursor as size of buffer, and copies them to buffer.
Reads a 16-bit value in network byte order from cur, and places it in host
byte order into var.
Reads an unsigned 24-bit value (3 bytes) in network byte order from cur,
and places it in host byte order into 32-bit var.
Ex: if cur’s next 3 bytes are {0xAA, 0xBB, 0xCC}, then var becomes 0x00AABBCC.
Reads a 32-bit value in network byte order from cur, and places it in host
byte order into var.
Reads a 64-bit value in network byte order from cur, and places it in host
byte order into var.
Reads a 32-bit value in network byte order from cur, and places it in host
byte order into var.
Reads a 64-bit value in network byte order from cur, and places it in host
byte order into var.
Reads 2 hex characters from ASCII/UTF-8 text to produce an 8-bit number.
Accepts both lowercase ‘a’-‘f’ and uppercase ‘A’-‘F’.
For example: “0F” produces 15.
Reads a single byte from cursor, placing it in *var.
Shrinks a byte cursor from the right for as long as the supplied predicate is true
Returns true if the byte cursor’s range of bytes all satisfy the predicate
No copies, no buffer allocations. Fills in output with a list of
aws_byte_cursor instances where buffer is an offset into the input_str and
len is the length of that string in the original buffer.
No copies, no buffer allocations. Fills in output with a list of aws_byte_cursor instances where buffer is
an offset into the input_str and len is the length of that string in the original buffer. N is the max number of
splits, if this value is zero, it will add all splits to the output.
Return true if the input starts with the prefix (exact byte comparison).
Return true if the input starts with the prefix (case-insensitive).
The “C” locale is used for comparing upper and lowercase letters.
Data is assumed to be ASCII text, UTF-8 will work fine too.
Shrinks a byte cursor from both sides for as long as the supplied predicate is true
Read entire cursor as ASCII/UTF-8 unsigned base-10 number.
Stricter than strtoull(), which allows whitespace and inputs that start with “0x”
Read entire cursor as ASCII/UTF-8 unsigned base-16 number with NO “0x” prefix.
Shuts down the internal datastructures used by aws-c-common.
Initializes internal datastructures used by aws-c-common.
Must be called before using any functionality in aws-c-common.
Add a reference to some credentials
Get the AWS access key id from a set of credentials
Get the elliptic curve key associated with this set of credentials
@param credentials credentials to get the the elliptic curve key for
@return the elliptic curve key associated with the credentials, or NULL if no key is associated with
these credentials
Get the expiration timepoint (in seconds since epoch) associated with a set of credentials
Get the AWS secret access key from a set of credentials
Get the AWS session token from a set of credentials
If credentials are anonymous, then the signing process is skipped.
Creates a new set of aws credentials
Creates a new set of aws anonymous credentials.
Use Anonymous credentials, when you want to skip the signing process.
Creates a set of AWS credentials that includes an ECC key pair. These credentials do not have a value for
the secret access key; the ecc key takes over that field’s role in sigv4a signing.
Creates a new set of AWS credentials
Creates a simple anonymous credentials provider
Creates a provider that functions as a caching decorating of another provider.
Creates a provider that sources credentials from an ordered sequence of providers, with the overall result
being from the first provider to return a valid set of credentials
Creates the default provider chain used by most AWS SDKs.
Creates a provider that sources credentials from the Cognito-Identity service via an
invocation of the GetCredentialsForIdentity API call.
Creates a cognito-based provider that has a caching layer wrapped around it
Create a credentials provider depends on provided vtable to fetch the credentials.
Creates a provider that sources credentials from the ecs role credentials service
Creates a provider that returns credentials sourced from the environment variables:
Creates a provider that sources credentials from the ec2 instance metadata service
Creates a provider that sources credentials from key-value profiles loaded from the aws credentials
file (“~/.aws/credentials” by default) and the aws config file (“~/.aws/config” by
default)
Creates a simple provider that just returns a fixed set of credentials
Creates a provider that assumes an IAM role via. STS AssumeRole() API. This provider will fetch new credentials
upon each call to aws_credentials_provider_get_credentials().
Creates a provider that sources credentials from STS using AssumeRoleWithWebIdentity
Creates a provider that sources credentials from IoT Core
Release a reference to a credentials provider
Remove a reference to some credentials
returns the difference of a and b (a - b) in seconds.
Initializes dt to be the time represented in milliseconds since unix epoch.
Initializes dt to be the time represented in seconds.millis since unix epoch.
Initializes dt to be the time represented by date_str in format ‘fmt’. Returns AWS_OP_SUCCESS if the
string was successfully parsed, returns AWS_OP_ERR if parsing failed.
aws_date_time_init variant that takes a byte_cursor rather than a byte_buf
Initializes dt to be the current system time.
Copies the current time as a formatted short date string in local time into output_buf. If buffer is too small, it
will return AWS_OP_ERR. A good size suggestion is AWS_DATE_TIME_STR_MAX_LEN bytes. AWS_DATE_FORMAT_AUTO_DETECT is not
allowed.
Copies the current time as a formatted date string in local time into output_buf. If buffer is too small, it will
return AWS_OP_ERR. A good size suggestion is AWS_DATE_TIME_STR_MAX_LEN bytes. AWS_DATE_FORMAT_AUTO_DETECT is not
allowed.
Copies the current time as a formatted short date string in utc time into output_buf. If buffer is too small, it will
return AWS_OP_ERR. A good size suggestion is AWS_DATE_TIME_STR_MAX_LEN bytes. AWS_DATE_FORMAT_AUTO_DETECT is not
allowed.
Copies the current time as a formatted date string in utc time into output_buf. If buffer is too small, it will
return AWS_OP_ERR. A good size suggestion is AWS_DATE_TIME_STR_MAX_LEN bytes. AWS_DATE_FORMAT_AUTO_DETECT is not
allowed.
Returns an instance of system default thread options.
Derives an ecc key pair (based on the nist P256 curve) from the access key id and secret access key components
of a set of AWS credentials using an internal key derivation specification. Used to perform sigv4a signing in
the hybrid mode based on AWS credentials.
Case-insensitive hash function for array containing ASCII or UTF-8 text.
Convenience hash function for struct aws_byte_cursor.
Hash is same as used on the string bytes by aws_hash_c_string.
Case-insensitive hash function for aws_byte_cursors stored in an aws_hash_table.
For case-sensitive hashing, use aws_hash_byte_cursor_ptr().
Convenience hash function for NULL-terminated C-strings
Convenience eq callback for NULL-terminated C-strings
Convenience destroy callback for AWS strings
Convenience eq callback for AWS strings
Returns an iterator to be used for iterating through a hash table.
Iterator will already point to the first element of the table it finds,
which can be accessed as iter.element.
Deletes the element currently pointed-to by the hash iterator.
After calling this method, the element member of the iterator
should not be accessed until the next call to aws_hash_iter_next.
Returns true if iterator is done iterating through table, false otherwise.
If this is true, the iterator will not include an element of the table.
Given a pointer to a hash_iter, checks that it is well-formed, with all data-structure invariants.
Updates iterator so that it points to next element of hash table.
Convenience hash function which hashes the pointer value directly,
without dereferencing. This can be used in cases where pointer identity
is desired, or where a uintptr_t is encoded into a const void *.
Convenience hash function for struct aws_strings.
Hash is same as used on the string bytes by aws_hash_c_string.
Deletes every element from map and frees all associated memory.
destroy_fn will be called for each element. aws_hash_table_init
must be called before reusing the hash table.
Removes every element from the hash map. destroy_fn will be called for
each element.
Attempts to locate an element at key. If no such element was found,
creates a new element, with value initialized to NULL. In either case, a
pointer to the element is placed in *p_elem.
Compares two hash tables for equality. Both hash tables must have equivalent
key comparators; values will be compared using the comparator passed into this
function. The key hash function does not need to be equivalent between the
two hash tables.
Attempts to locate an element at key. If the element is found, a
pointer to the value is placed in *p_elem; if it is not found,
*pElem is set to NULL. Either way, AWS_OP_SUCCESS is returned.
Iterates through every element in the map and invokes the callback on
that item. Iteration is performed in an arbitrary, implementation-defined
order, and is not guaranteed to be consistent across invocations.
Returns the current number of entries in the table.
Initializes a hash map with initial capacity for ‘size’ elements
without resizing. Uses hash_fn to compute the hash of each element.
equals_fn to compute equality of two keys. Whenever an element is
removed without being returned, destroy_key_fn is run on the pointer
to the key and destroy_value_fn is run on the pointer to the value.
Either or both may be NULL if a callback is not desired in this case.
Best-effort check of hash_table_state data-structure invariants
Moves the hash table in ‘from’ to ‘to’. After this move, ‘from’ will
be identical to the state of the original ‘to’ hash table, and ‘to’
will be in the same state as if it had been passed to aws_hash_table_clean_up
(that is, it will have no memory allocated, and it will be safe to
either discard it or call aws_hash_table_clean_up again).
Inserts a new element at key, with the given value. If another element
exists at that key, the old element will be overwritten; both old key and
value objects will be destroyed.
Removes element at key. Always returns AWS_OP_SUCCESS.
Removes element already known (typically by find()).
Safely swaps two hash tables. Note that we swap the entirety of the hash
table, including which allocator is associated.
Fetch the current manager metrics from connection manager.
Clean up internal datastructures used by aws-c-http.
Must not be called until application is done using functionality in aws-c-http.
Initializes internal datastructures used by aws-c-http.
Must be called before using any functionality in aws-c-http.
Returns the description of common status codes.
Ex: 404 -> “Not Found”
An empty string is returned if the status code is not recognized.
Increments the ref count on the client
Gets the ami id of the ec2 instance from the instance metadata document
Gets the ami launch index of the ec2 instance from the instance metadata document
Gets the ami manifest path of the ec2 instance from the instance metadata document
Gets the list of ancestor ami ids of the ec2 instance from the instance metadata document
Gets the attached iam role of the ec2 instance from the instance metadata document
Gets the availability zone of the ec2 instance from the instance metadata document
Gets the list of block device mappings of the ec2 instance from the instance metadata document
Gets temporary credentials based on the attached iam role of the ec2 instance
Gets the iam profile information of the ec2 instance from the instance metadata document
Gets the instance-action of the ec2 instance from the instance metadata document
Gets the instance id of the ec2 instance from the instance metadata document
Gets the instance information data block of the ec2 instance from the instance metadata document
Gets the signature of the ec2 instance from the instance metadata document
Gets the instance type of the ec2 instance from the instance metadata document
Gets the mac address of the ec2 instance from the instance metadata document
Gets the private ip address of the ec2 instance from the instance metadata document
Gets the product codes of the ec2 instance from the instance metadata document
Gets the public key of the ec2 instance from the instance metadata document
Gets the ramdisk id of the ec2 instance from the instance metadata document
Gets the reservation id of the ec2 instance from the instance metadata document
Queries a generic resource (string) from the ec2 instance metadata document
Gets the list of the security groups of the ec2 instance from the instance metadata document
Gets the user data of the ec2 instance from the instance metadata document
Creates a new imds client
Decrements the ref count on the client
Shuts down the internal datastructures used by aws-c-io.
Initializes internal datastructures used by aws-c-io.
Must be called before using any functionality in aws-c-io.
Like isalnum(), but ignores C locale.
Returns true if ch has the value of ASCII/UTF-8: ‘a’-‘z’, ‘A’-‘Z’, or ‘0’-‘9’.
Like isalpha(), but ignores C locale.
Returns true if ch has the value of ASCII/UTF-8: ‘a’-‘z’ or ‘A’-‘Z’.
Like isdigit().
Returns true if ch has the value of ASCII/UTF-8: ‘0’-‘9’.
Like isspace(), but ignores C locale.
Return true if ch has the value of ASCII/UTF-8: space (0x20), form feed (0x0C),
line feed (0x0A), carriage return (0x0D), horizontal tab (0x09), or vertical tab (0x0B).
Like isxdigit().
Returns true if ch has the value of ASCII/UTF-8: ‘0’-‘9’, ‘a’-‘f’, or ‘A’-‘F’.
Converts a log level to a c-string constant. Intended primarily to support building log lines that
include the level in them, i.e.
Get subject name from log subject.
Cleans up all resources used by the logger; simply invokes the clean_up v-function
Gets the aws logger used globally across the process.
Gets the aws logger used globally across the process if the logging level is at least the inputted level.
Sets the aws logger used globally across the process. Not thread-safe. Must only be called once.
Sets the current logging level for the logger. Loggers are not require to support this.
@param logger logger to set the log level for
@param level new log level for the logger
@return AWS_OP_SUCCESS if the level was successfully set, AWS_OP_ERR otherwise
Returns lookup table to go from ASCII/UTF-8 hex character to a number (0-15).
Non-hex characters map to 255.
Valid examples:
‘0’ -> 0
‘F’ -> 15
‘f’ -> 15
Invalid examples:
’ ’ -> 255
‘Z’ -> 255
‘\0’ -> 255
Returns a lookup table for bytes that is the identity transformation with the exception
of uppercase ascii characters getting replaced with lowercase characters. Used in
caseless comparisons.
Returns at least
size of memory ready for usage. In versions v0.6.8 and prior, this function was allowed to return
NULL. In later versions, if allocator->mem_acquire() returns NULL, this function will assert and exit. To handle
conditions where OOM is not a fatal error, allocator->mem_acquire() is responsible for finding/reclaiming/running a
GC etc…before returning.Allocates many chunks of bytes into a single block. Expects to be called with alternating void ** (dest), size_t
(size). The first void ** will be set to the root of the allocation. Alignment is assumed to be sizeof(intmax_t).
Allocates a block of memory for an array of num elements, each of them size bytes long, and initializes all its bits
to zero. In versions v0.6.8 and prior, this function was allowed to return NULL.
In later versions, if allocator->mem_calloc() returns NULL, this function will assert and exit. To handle
conditions where OOM is not a fatal error, allocator->mem_calloc() is responsible for finding/reclaiming/running a
GC etc…before returning.
Attempts to adjust the size of the pointed-to memory buffer from oldsize to
newsize. The pointer (*ptr) may be changed if the memory needs to be
reallocated.
Releases ptr back to whatever allocated it.
Nothing happens if ptr is NULL.
Equality function which compares pointer equality.
TODO: this needs to be a private function (wait till we have the cmake story
better before moving it though). It should be external for the purpose of
other libs we own, but customers should not be able to hit it without going
out of their way to do so.
Connects log subject strings with log subject integer values
Acquire a reference count on retry_strategy.
Attempts to acquire a retry token for use with retries. On success, on_acquired will be invoked when a token is
available, or an error will be returned if the timeout expires. partition_id identifies operations that should be
grouped together. This allows for more sophisticated strategies such as AIMD and circuit breaker patterns. Pass NULL
to use the global partition.
Creates a retry strategy using exponential backoff. This strategy does not perform any bookkeeping on error types and
success. There is no circuit breaker functionality in here. See the comments above for
aws_exponential_backoff_retry_options.
This is a retry implementation that cuts off traffic if it’s
detected that an endpoint partition is having availability
problems. This is necessary to keep from making outages worse
by scheduling work that’s unlikely to succeed yet increases
load on an already ailing system.
Releases a reference count on retry_strategy.
Schedules a retry based on the backoff and token based strategies. retry_ready is invoked when the retry is either
ready for execution or if it has been canceled due to application shutdown.
Increments reference count for token. This should be called any time you seat the token to a pointer you own.
Records a successful retry. This is used for making future decisions to open up token buckets, AIMD breakers etc…
some strategies such as exponential backoff will ignore this, but you should always call it after a successful
operation or your system will never recover during an outage.
Releases the reference count for token. This should always be invoked after either calling
aws_retry_strategy_schedule_retry() and failing, or after calling aws_retry_token_record_success().
Securely zeroes a memory buffer. This function will attempt to ensure that
the compiler will not optimize away this zeroing operation.
(Asynchronous) entry point to sign something (a request, a chunk, an event) with an AWS signing process.
Depending on the configuration, the signing process may or may not complete synchronously.
Cleans up and frees all resources associated with a signable instance
Retrieves the signable’s message payload as a stream.
Retrieves a property (key-value pair) from a signable. Global property name constants are
included below.
Retrieves a named property list (list of key-value pairs) from a signable. Global property list name
constants are included below.
Creates a signable that represents a pre-computed canonical request from an http request
@param allocator memory allocator use to create the signable
@param canonical_request text of the canonical request
@return the new signable object, or NULL if failure
Creates a signable that represents a unit of chunked encoding within an http request.
Creates a signable wrapper around an http request.
Creates a signable wrapper around a set of headers.
Returns a c-string that describes the supplied signing algorithm
Adds a key-value pair to a named property list. If the named list does not yet exist, it will be created as
an empty list before the pair is added. No uniqueness checks are made against existing pairs.
Clean up all resources held by the signing result
Gets the value of a property on a signing result
Gets a named property list on the signing result. If the list does not exist, *out_list will be set to null
Looks for a property within a named property list on the signing result. If the list does not exist, or the property
does not exist within the list, *out_value will be set to NULL.
Initialize a signing result to its starting state
Sets the value of a property on a signing result
Converts a c-string constant to a log level value. Uses case-insensitive comparison
and simply iterates all possibilities until a match or nothing remains. If no match
is found, AWS_OP_ERR is returned.
Cleans up the thread handle. Don’t call this on a managed thread. If you wish to join the thread, you must join
before calling this function.
Adds a callback to the chain to be called when the current thread joins.
Callbacks are called from the current thread, in the reverse order they
were added, after the thread function returns.
If not called from within an aws_thread, has no effect.
Sleeps the current thread by nanos.
Returns the thread id of the calling thread.
Decrements the count of unjoined threads in the managed thread system. Used by managed threads and
event loop threads. Additional usage requires the user to join corresponding threads themselves and
correctly increment/decrement even in the face of launch/join errors.
Gets the detach state of the thread. For example, is it safe to call join on
this thread? Has it been detached()?
Gets the id of thread
Converts an aws_thread_id_t to a c-string. For portability, aws_thread_id_t
must not be printed directly. Intended primarily to support building log
lines that include the thread id in them. The parameter
buffer must
point-to a char buffer of length bufsz == AWS_THREAD_ID_T_REPR_BUFSZ. The
thread id representation is returned in buffer.Increments the count of unjoined threads in the managed thread system. Used by managed threads and
event loop threads. Additional usage requires the user to join corresponding threads themselves and
correctly increment/decrement even in the face of launch/join errors.
Initializes a new platform specific thread object struct (not the os-level
thread itself).
Joins the calling thread to a thread instance. Returns when thread is
finished. Calling this from the associated OS thread will cause a deadlock.
Blocking call that waits for all managed threads to complete their join call. This can only be called
from the main thread or a non-managed thread.
Creates an OS level thread and associates it with func. context will be passed to func when it is executed.
options will be applied to the thread if they are applicable for the platform.
Overrides how long, in nanoseconds, that aws_thread_join_all_managed will wait for threads to complete.
A value of zero will result in an unbounded wait.
Compare thread ids.
Convert a c library io error into an aws error.
Removes any padding added to the end of a sigv4a signature. Signature must be hex-encoded.
@param signature signature to remove padding from
@return cursor that ranges over only the valid hex encoding of the sigv4a signature
Disconnects log subject strings with log subject integer values
Checks a signing configuration for invalid settings combinations.
Another helper function to check a computed sigv4a signature.
Test-only API used for cross-library signing verification tests
Type Definitions
Prototype for a comparator function for sorting elements.
Auth-specific error codes
Auth-specific logging subjects
Signature for function argument to trim APIs
Jitter mode for exponential backoff.
Prototype for a hash table key or value destructor function pointer.
Prototype for a hash table equality check function pointer.
Prototype for a key hashing function pointer.
Controls what log calls pass through the logger and what log calls get filtered out.
If a log level has a value of X, then all log calls using a level <= X will appear, while
those using a value > X will not occur.
Log subject is a way of designating the topic of logging.
@deprecated Use int64_t instead for offsets in public APIs.
Invoked after a successful call to aws_retry_strategy_schedule_retry(). This function will always be invoked if and
only if aws_retry_strategy_schedule_retry() returns AWS_OP_SUCCESS. It will never be invoked synchronously from
aws_retry_strategy_schedule_retry(). After attempting the operation, either call aws_retry_strategy_schedule_retry()
with an aws_retry_error_type or call aws_retry_token_record_success() and then release the token via.
aws_retry_token_release().
Invoked upon the acquisition, or failure to acquire a retry token. This function will always be invoked if and only
if aws_retry_strategy_acquire_retry_token() returns AWS_OP_SUCCESS. It will never be invoked synchronously from
aws_retry_strategy_acquire_retry_token(). Token will always be NULL if error_code is non-zero, and vice-versa. If
token is non-null, it will have a reference count of 1, and you must call aws_retry_token_release() on it later. See
the comments for aws_retry_strategy_on_retry_ready_fn for more info.
What sort of signature should be computed from the signable?
Controls if signing adds a header containing the canonical request’s body value
What version of the AWS signing process should we use.
Gets called by the signing function when the signing is complete.
A primitive RTTI indicator for signing configuration structs
Specifies the join strategy used on an aws_thread, which in turn controls whether or not a thread participates
in the managed thread system. The managed thread system provides logic to guarantee a join on all participating
threads at the cost of laziness (the user cannot control when joins happen).