@aws-sdk/client-s3-control 3.489.0 → 3.491.0

package/dist-cjs/S3ControlClient.js

@@ -5,14 +5,15 @@ const middleware_host_header_1 = require("@aws-sdk/middleware-host-header");
 const middleware_logger_1 = require("@aws-sdk/middleware-logger");
 const middleware_recursion_detection_1 = require("@aws-sdk/middleware-recursion-detection");
 const middleware_sdk_s3_control_1 = require("@aws-sdk/middleware-sdk-s3-control");
-const middleware_signing_1 = require("@aws-sdk/middleware-signing");
 const middleware_user_agent_1 = require("@aws-sdk/middleware-user-agent");
 const config_resolver_1 = require("@smithy/config-resolver");
+const core_1 = require("@smithy/core");
 const middleware_content_length_1 = require("@smithy/middleware-content-length");
 const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
 const middleware_retry_1 = require("@smithy/middleware-retry");
 const smithy_client_1 = require("@smithy/smithy-client");
 Object.defineProperty(exports, "__Client", { enumerable: true, get: function () { return smithy_client_1.Client; } });
+const httpAuthSchemeProvider_1 = require("./auth/httpAuthSchemeProvider");
 const EndpointParameters_1 = require("./endpoint/EndpointParameters");
 const runtimeConfig_1 = require("./runtimeConfig");
 const runtimeExtensions_1 = require("./runtimeExtensions");
@@ -24,9 +25,9 @@ class S3ControlClient extends smithy_client_1.Client {
         const _config_3 = (0, middleware_endpoint_1.resolveEndpointConfig)(_config_2);
         const _config_4 = (0, middleware_retry_1.resolveRetryConfig)(_config_3);
         const _config_5 = (0, middleware_host_header_1.resolveHostHeaderConfig)(_config_4);
-        const _config_6 = (0, middleware_signing_1.resolveAwsAuthConfig)(_config_5);
-        const _config_7 = (0, middleware_sdk_s3_control_1.resolveS3ControlConfig)(_config_6);
-        const _config_8 = (0, middleware_user_agent_1.resolveUserAgentConfig)(_config_7);
+        const _config_6 = (0, middleware_sdk_s3_control_1.resolveS3ControlConfig)(_config_5);
+        const _config_7 = (0, middleware_user_agent_1.resolveUserAgentConfig)(_config_6);
+        const _config_8 = (0, httpAuthSchemeProvider_1.resolveHttpAuthSchemeConfig)(_config_7);
         const _config_9 = (0, runtimeExtensions_1.resolveRuntimeExtensions)(_config_8, configuration?.extensions || []);
         super(_config_9);
         this.config = _config_9;
@@ -35,12 +36,24 @@ class S3ControlClient extends smithy_client_1.Client {
         this.middlewareStack.use((0, middleware_host_header_1.getHostHeaderPlugin)(this.config));
         this.middlewareStack.use((0, middleware_logger_1.getLoggerPlugin)(this.config));
         this.middlewareStack.use((0, middleware_recursion_detection_1.getRecursionDetectionPlugin)(this.config));
-        this.middlewareStack.use((0, middleware_signing_1.getAwsAuthPlugin)(this.config));
         this.middlewareStack.use((0, middleware_sdk_s3_control_1.getHostPrefixDeduplicationPlugin)(this.config));
         this.middlewareStack.use((0, middleware_user_agent_1.getUserAgentPlugin)(this.config));
+        this.middlewareStack.use((0, core_1.getHttpAuthSchemeEndpointRuleSetPlugin)(this.config, {
+            httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(),
+            identityProviderConfigProvider: this.getIdentityProviderConfigProvider(),
+        }));
+        this.middlewareStack.use((0, core_1.getHttpSigningPlugin)(this.config));
     }
     destroy() {
         super.destroy();
     }
+    getDefaultHttpAuthSchemeParametersProvider() {
+        return httpAuthSchemeProvider_1.defaultS3ControlHttpAuthSchemeParametersProvider;
+    }
+    getIdentityProviderConfigProvider() {
+        return async (config) => new core_1.DefaultIdentityProviderConfig({
+            "aws.auth#sigv4": config.credentials,
+        });
+    }
 }
 exports.S3ControlClient = S3ControlClient;

package/dist-cjs/auth/httpAuthExtensionConfiguration.js

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveHttpAuthRuntimeConfig = exports.getHttpAuthExtensionConfiguration = void 0;
+const getHttpAuthExtensionConfiguration = (runtimeConfig) => {
+    const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
+    let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
+    let _credentials = runtimeConfig.credentials;
+    return {
+        setHttpAuthScheme(httpAuthScheme) {
+            const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
+            if (index === -1) {
+                _httpAuthSchemes.push(httpAuthScheme);
+            }
+            else {
+                _httpAuthSchemes.splice(index, 1, httpAuthScheme);
+            }
+        },
+        httpAuthSchemes() {
+            return _httpAuthSchemes;
+        },
+        setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
+            _httpAuthSchemeProvider = httpAuthSchemeProvider;
+        },
+        httpAuthSchemeProvider() {
+            return _httpAuthSchemeProvider;
+        },
+        setCredentials(credentials) {
+            _credentials = credentials;
+        },
+        credentials() {
+            return _credentials;
+        },
+    };
+};
+exports.getHttpAuthExtensionConfiguration = getHttpAuthExtensionConfiguration;
+const resolveHttpAuthRuntimeConfig = (config) => {
+    return {
+        httpAuthSchemes: config.httpAuthSchemes(),
+        httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
+        credentials: config.credentials(),
+    };
+};
+exports.resolveHttpAuthRuntimeConfig = resolveHttpAuthRuntimeConfig;

package/dist-cjs/auth/httpAuthSchemeProvider.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveHttpAuthSchemeConfig = exports.defaultS3ControlHttpAuthSchemeProvider = exports.defaultS3ControlHttpAuthSchemeParametersProvider = void 0;
+const core_1 = require("@aws-sdk/core");
+const util_middleware_1 = require("@smithy/util-middleware");
+const defaultS3ControlHttpAuthSchemeParametersProvider = async (config, context, input) => {
+    return {
+        operation: (0, util_middleware_1.getSmithyContext)(context).operation,
+        region: (await (0, util_middleware_1.normalizeProvider)(config.region)()) ||
+            (() => {
+                throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
+            })(),
+    };
+};
+exports.defaultS3ControlHttpAuthSchemeParametersProvider = defaultS3ControlHttpAuthSchemeParametersProvider;
+function createAwsAuthSigv4HttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4",
+        signingProperties: {
+            name: "s3",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
+const defaultS3ControlHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        default: {
+            options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+        }
+    }
+    return options;
+};
+exports.defaultS3ControlHttpAuthSchemeProvider = defaultS3ControlHttpAuthSchemeProvider;
+const resolveHttpAuthSchemeConfig = (config) => {
+    const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config);
+    return {
+        ...config_0,
+    };
+};
+exports.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig;

package/dist-cjs/endpoint/ruleset.js

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ruleSet = void 0;
-const aC = "required", aD = "type", aE = "conditions", aF = "fn", aG = "argv", aH = "ref", aI = "assign", aJ = "authSchemes", aK = "disableDoubleEncoding", aL = "name", aM = "signingName", aN = "signingRegion", aO = "x-amz-account-id", aP = "x-amz-outpost-id";
-const a = false, b = true, c = "isSet", d = "stringEquals", e = "aws.partition", f = "error", g = "{Region}", h = "endpoint", i = "tree", j = "getAttr", k = "not", l = "isValidHostLabel", m = "{url#scheme}://{url#authority}{url#path}", n = "s3-outposts", o = "aws.parseArn", p = "accessPointArn", q = "resourceId[0]", r = "arnType", s = "service", t = "resourceId[1]", u = "outpostId", v = "arnPartition", w = "{accessPointArn#accountId}", x = "resourceId[2]", y = "outpostType", z = "resourceId[3]", A = "bucketArn", B = "{bucketArn#accountId}", C = { [aC]: false, [aD]: "String" }, D = { [aC]: true, "default": false, [aD]: "Boolean" }, E = { [aC]: false, [aD]: "Boolean" }, F = { [aH]: "Region" }, G = { [aF]: c, [aG]: [{ [aH]: "Endpoint" }] }, H = { [aF]: "parseURL", [aG]: [{ [aH]: "Endpoint" }], [aI]: "url" }, I = { [aF]: "booleanEquals", [aG]: [{ [aH]: "UseDualStack" }, true] }, J = { [aF]: "booleanEquals", [aG]: [{ [aH]: "UseFIPS" }, true] }, K = { [aJ]: [{ [aK]: true, [aL]: "sigv4", [aM]: "s3", [aN]: g }] }, L = {}, M = { [aH]: "OutpostId" }, N = { [aE]: [J, { [aF]: d, [aG]: [{ [aF]: j, [aG]: [{ [aH]: "partitionResult" }, "name"] }, "aws-cn"] }], [f]: "Partition does not support FIPS", [aD]: f }, O = { [aE]: [{ [aF]: c, [aG]: [{ [aH]: "RequiresAccountId" }] }, { [aF]: "booleanEquals", [aG]: [{ [aH]: "RequiresAccountId" }, true] }, { [aF]: k, [aG]: [{ [aF]: c, [aG]: [{ [aH]: "AccountId" }] }] }], [f]: "AccountId is required but not set", [aD]: f }, P = { [aF]: c, [aG]: [{ [aH]: "RequiresAccountId" }] }, Q = { [aF]: "booleanEquals", [aG]: [{ [aH]: "RequiresAccountId" }, true] }, R = { [aF]: c, [aG]: [{ [aH]: "AccountId" }] }, S = { [aH]: "AccountId" }, T = { [aE]: [R, { [aF]: k, [aG]: [{ [aF]: l, [aG]: [S, false] }] }], [f]: "AccountId must only contain a-z, A-Z, 0-9 and `-`.", [aD]: f }, U = { [aJ]: [{ [aK]: true, [aL]: "sigv4", [aM]: n, [aN]: g }] }, V = { [f]: "Invalid region: region was not a valid DNS name.", [aD]: f }, W = { [aH]: p }, X = { [aF]: k, [aG]: [{ [aF]: d, [aG]: [{ [aH]: r }, ""] }] }, Y = { [aF]: c, [aG]: [{ [aH]: "UseArnRegion" }] }, Z = { [aF]: "booleanEquals", [aG]: [{ [aH]: "UseArnRegion" }, false] }, aa = { [aF]: j, [aG]: [W, "region"] }, ab = { [aF]: j, [aG]: [W, "accountId"] }, ac = { [aH]: y }, ad = { [aJ]: [{ [aK]: true, [aL]: "sigv4", [aM]: n, [aN]: "{accessPointArn#region}" }] }, ae = { [aO]: [w], [aP]: ["{outpostId}"] }, af = { [f]: "Invalid ARN: Expected a 4-component resource", [aD]: f }, ag = { [f]: "Invalid ARN: missing account ID", [aD]: f }, ah = { [f]: "Client was configured for partition `{partitionResult#name}` but ARN has `{arnPartition#name}`", [aD]: f }, ai = { [f]: "Invalid ARN: The outpost Id must only contain a-z, A-Z, 0-9 and `-`., found: `{outpostId}`", [aD]: f }, aj = { [f]: "Invalid ARN: The Outpost Id was not set", [aD]: f }, ak = { [f]: "Invalid ARN: No ARN type specified", [aD]: f }, al = { [aH]: A }, am = { [aF]: j, [aG]: [al, "region"] }, an = { [aF]: j, [aG]: [al, "accountId"] }, ao = { [aJ]: [{ [aK]: true, [aL]: "sigv4", [aM]: n, [aN]: "{bucketArn#region}" }] }, ap = { [aO]: [B], [aP]: ["{outpostId}"] }, aq = { [aF]: "booleanEquals", [aG]: [{ [aH]: "UseDualStack" }, false] }, ar = { [aF]: "booleanEquals", [aG]: [{ [aH]: "UseFIPS" }, false] }, as = [F], at = [{ [aF]: e, [aG]: [F], [aI]: "partitionResult" }], au = [I], av = [J], aw = [{ [aF]: l, [aG]: [F, true] }], ax = [G, H], ay = [{ [aH]: "AccessPointName" }], az = [{ [aF]: l, [aG]: [{ [aH]: u }, false] }], aA = [{ [aF]: d, [aG]: [{ [aF]: j, [aG]: [{ [aH]: v }, "name"] }, { [aF]: j, [aG]: [{ [aH]: "partitionResult" }, "name"] }] }], aB = [{ [aH]: "Bucket" }];
-const _data = { version: "1.0", parameters: { Region: C, UseFIPS: D, UseDualStack: D, Endpoint: C, AccountId: C, RequiresAccountId: E, OutpostId: C, Bucket: C, AccessPointName: C, UseArnRegion: E }, rules: [{ [aE]: [{ [aF]: c, [aG]: as }], rules: [{ [aE]: [{ [aF]: d, [aG]: [F, "snow"] }, G, H], rules: [{ [aE]: at, rules: [{ [aE]: au, error: "S3 Snow does not support DualStack", [aD]: f }, { [aE]: av, error: "S3 Snow does not support FIPS", [aD]: f }, { endpoint: { url: "{url#scheme}://{url#authority}", properties: K, headers: L }, [aD]: h }], [aD]: i }], [aD]: i }, { [aE]: [{ [aF]: c, [aG]: [M] }], rules: [{ [aE]: at, rules: [N, O, T, { [aE]: [{ [aF]: k, [aG]: [{ [aF]: l, [aG]: [M, a] }] }], error: "OutpostId must only contain a-z, A-Z, 0-9 and `-`.", [aD]: f }, { [aE]: aw, rules: [{ [aE]: au, error: "Invalid configuration: Outposts do not support dual-stack", [aD]: f }, { [aE]: ax, endpoint: { url: m, properties: U, headers: L }, [aD]: h }, { [aE]: av, endpoint: { url: "https://s3-outposts-fips.{Region}.{partitionResult#dnsSuffix}", properties: U, headers: L }, [aD]: h }, { endpoint: { url: "https://s3-outposts.{Region}.{partitionResult#dnsSuffix}", properties: U, headers: L }, [aD]: h }], [aD]: i }, V], [aD]: i }], [aD]: i }, { [aE]: [{ [aF]: c, [aG]: ay }, { [aF]: o, [aG]: ay, [aI]: p }], rules: [{ [aE]: [{ [aF]: j, [aG]: [W, q], [aI]: r }, X], rules: [{ [aE]: [{ [aF]: d, [aG]: [{ [aF]: j, [aG]: [W, s] }, n] }], rules: [{ [aE]: au, error: "Invalid configuration: Outpost Access Points do not support dual-stack", [aD]: f }, { [aE]: [{ [aF]: j, [aG]: [W, t], [aI]: u }], rules: [{ [aE]: az, rules: [{ [aE]: [Y, Z, { [aF]: k, [aG]: [{ [aF]: d, [aG]: [aa, g] }] }], error: "Invalid configuration: region from ARN `{accessPointArn#region}` does not match client region `{Region}` and UseArnRegion is `false`", [aD]: f }, { [aE]: at, rules: [{ [aE]: [{ [aF]: e, [aG]: [aa], [aI]: v }], rules: [{ [aE]: aA, rules: [{ [aE]: [{ [aF]: l, [aG]: [aa, b] }], rules: [{ [aE]: [{ [aF]: k, [aG]: [{ [aF]: d, [aG]: [ab, ""] }] }], rules: [{ [aE]: [{ [aF]: l, [aG]: [ab, a] }], rules: [{ [aE]: [R, { [aF]: k, [aG]: [{ [aF]: d, [aG]: [S, w] }] }], error: "Invalid ARN: the accountId specified in the ARN (`{accessPointArn#accountId}`) does not match the parameter (`{AccountId}`)", [aD]: f }, { [aE]: [{ [aF]: j, [aG]: [W, x], [aI]: y }], rules: [{ [aE]: [{ [aF]: j, [aG]: [W, z], [aI]: "accessPointName" }], rules: [{ [aE]: [{ [aF]: d, [aG]: [ac, "accesspoint"] }], rules: [{ [aE]: av, endpoint: { url: "https://s3-outposts-fips.{accessPointArn#region}.{arnPartition#dnsSuffix}", properties: ad, headers: ae }, [aD]: h }, { [aE]: ax, endpoint: { url: m, properties: ad, headers: ae }, [aD]: h }, { endpoint: { url: "https://s3-outposts.{accessPointArn#region}.{arnPartition#dnsSuffix}", properties: ad, headers: ae }, [aD]: h }], [aD]: i }, { error: "Expected an outpost type `accesspoint`, found `{outpostType}`", [aD]: f }], [aD]: i }, { error: "Invalid ARN: expected an access point name", [aD]: f }], [aD]: i }, af], [aD]: i }, { error: "Invalid ARN: The account id may only contain a-z, A-Z, 0-9 and `-`. Found: `{accessPointArn#accountId}`", [aD]: f }], [aD]: i }, ag], [aD]: i }, { error: "Invalid region in ARN: `{accessPointArn#region}` (invalid DNS name)", [aD]: f }], [aD]: i }, ah], [aD]: i }], [aD]: i }], [aD]: i }, ai], [aD]: i }, aj], [aD]: i }], [aD]: i }, ak], [aD]: i }, { [aE]: [{ [aF]: c, [aG]: aB }, { [aF]: o, [aG]: aB, [aI]: A }], rules: [{ [aE]: [{ [aF]: j, [aG]: [al, q], [aI]: r }, X], rules: [{ [aE]: [{ [aF]: d, [aG]: [{ [aF]: j, [aG]: [al, s] }, n] }], rules: [{ [aE]: au, error: "Invalid configuration: Outpost buckets do not support dual-stack", [aD]: f }, { [aE]: [{ [aF]: j, [aG]: [al, t], [aI]: u }], rules: [{ [aE]: az, rules: [{ [aE]: [Y, Z, { [aF]: k, [aG]: [{ [aF]: d, [aG]: [am, g] }] }], error: "Invalid configuration: region from ARN `{bucketArn#region}` does not match client region `{Region}` and UseArnRegion is `false`", [aD]: f }, { [aE]: [{ [aF]: e, [aG]: [am], [aI]: v }], rules: [{ [aE]: at, rules: [{ [aE]: aA, rules: [{ [aE]: [{ [aF]: l, [aG]: [am, b] }], rules: [{ [aE]: [{ [aF]: k, [aG]: [{ [aF]: d, [aG]: [an, ""] }] }], rules: [{ [aE]: [{ [aF]: l, [aG]: [an, a] }], rules: [{ [aE]: [R, { [aF]: k, [aG]: [{ [aF]: d, [aG]: [S, B] }] }], error: "Invalid ARN: the accountId specified in the ARN (`{bucketArn#accountId}`) does not match the parameter (`{AccountId}`)", [aD]: f }, { [aE]: [{ [aF]: j, [aG]: [al, x], [aI]: y }], rules: [{ [aE]: [{ [aF]: j, [aG]: [al, z], [aI]: "bucketName" }], rules: [{ [aE]: [{ [aF]: d, [aG]: [ac, "bucket"] }], rules: [{ [aE]: av, endpoint: { url: "https://s3-outposts-fips.{bucketArn#region}.{arnPartition#dnsSuffix}", properties: ao, headers: ap }, [aD]: h }, { [aE]: ax, endpoint: { url: m, properties: ao, headers: ap }, [aD]: h }, { endpoint: { url: "https://s3-outposts.{bucketArn#region}.{arnPartition#dnsSuffix}", properties: ao, headers: ap }, [aD]: h }], [aD]: i }, { error: "Invalid ARN: Expected an outpost type `bucket`, found `{outpostType}`", [aD]: f }], [aD]: i }, { error: "Invalid ARN: expected a bucket name", [aD]: f }], [aD]: i }, af], [aD]: i }, { error: "Invalid ARN: The account id may only contain a-z, A-Z, 0-9 and `-`. Found: `{bucketArn#accountId}`", [aD]: f }], [aD]: i }, ag], [aD]: i }, { error: "Invalid region in ARN: `{bucketArn#region}` (invalid DNS name)", [aD]: f }], [aD]: i }, ah], [aD]: i }], [aD]: i }], [aD]: i }, ai], [aD]: i }, aj], [aD]: i }], [aD]: i }, ak], [aD]: i }, { [aE]: at, rules: [{ [aE]: aw, rules: [N, O, T, { [aE]: ax, rules: [{ [aE]: au, error: "Invalid Configuration: DualStack and custom endpoint are not supported", [aD]: f }, { [aE]: [P, Q, R], endpoint: { url: "{url#scheme}://{AccountId}.{url#authority}{url#path}", properties: K, headers: L }, [aD]: h }, { endpoint: { url: m, properties: K, headers: L }, [aD]: h }], [aD]: i }, { [aE]: [J, I, P, Q, R], endpoint: { url: "https://{AccountId}.s3-control-fips.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [J, I], endpoint: { url: "https://s3-control-fips.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [J, aq, P, Q, R], endpoint: { url: "https://{AccountId}.s3-control-fips.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [J, aq], endpoint: { url: "https://s3-control-fips.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [ar, I, P, Q, R], endpoint: { url: "https://{AccountId}.s3-control.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [ar, I], endpoint: { url: "https://s3-control.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [ar, aq, P, Q, R], endpoint: { url: "https://{AccountId}.s3-control.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [ar, aq], endpoint: { url: "https://s3-control.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }], [aD]: i }, V], [aD]: i }], [aD]: i }, { error: "Region must be set", [aD]: f }] };
+const aF = "required", aG = "type", aH = "conditions", aI = "fn", aJ = "argv", aK = "ref", aL = "assign", aM = "authSchemes", aN = "disableDoubleEncoding", aO = "name", aP = "signingName", aQ = "signingRegion", aR = "x-amz-account-id", aS = "x-amz-outpost-id";
+const a = false, b = true, c = "isSet", d = "stringEquals", e = "aws.partition", f = "error", g = "{Region}", h = "endpoint", i = "tree", j = "getAttr", k = "not", l = "isValidHostLabel", m = "Invalid Configuration: DualStack and custom endpoint are not supported", n = "{url#scheme}://{url#authority}{url#path}", o = "s3-outposts", p = "aws.parseArn", q = "accessPointArn", r = "resourceId[0]", s = "arnType", t = "service", u = "resourceId[1]", v = "outpostId", w = "arnPartition", x = "{accessPointArn#accountId}", y = "resourceId[2]", z = "outpostType", A = "resourceId[3]", B = "bucketArn", C = "{bucketArn#accountId}", D = { [aF]: false, [aG]: "String" }, E = { [aF]: true, "default": false, [aG]: "Boolean" }, F = { [aF]: false, [aG]: "Boolean" }, G = { [aK]: "Region" }, H = { [aI]: c, [aJ]: [{ [aK]: "Endpoint" }] }, I = { [aI]: "parseURL", [aJ]: [{ [aK]: "Endpoint" }], [aL]: "url" }, J = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "UseDualStack" }, true] }, K = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "UseFIPS" }, true] }, L = { [aM]: [{ [aN]: true, [aO]: "sigv4", [aP]: "s3", [aQ]: g }] }, M = {}, N = { [aK]: "OutpostId" }, O = { [aH]: [K, { [aI]: d, [aJ]: [{ [aI]: j, [aJ]: [{ [aK]: "partitionResult" }, "name"] }, "aws-cn"] }], [f]: "Partition does not support FIPS", [aG]: f }, P = { [aH]: [{ [aI]: c, [aJ]: [{ [aK]: "RequiresAccountId" }] }, { [aI]: "booleanEquals", [aJ]: [{ [aK]: "RequiresAccountId" }, true] }, { [aI]: k, [aJ]: [{ [aI]: c, [aJ]: [{ [aK]: "AccountId" }] }] }], [f]: "AccountId is required but not set", [aG]: f }, Q = { [aI]: c, [aJ]: [{ [aK]: "RequiresAccountId" }] }, R = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "RequiresAccountId" }, true] }, S = { [aI]: c, [aJ]: [{ [aK]: "AccountId" }] }, T = { [aK]: "AccountId" }, U = { [aH]: [S, { [aI]: k, [aJ]: [{ [aI]: l, [aJ]: [T, false] }] }], [f]: "AccountId must only contain a-z, A-Z, 0-9 and `-`.", [aG]: f }, V = { [aH]: [H, J], [f]: m, [aG]: f }, W = { [aM]: [{ [aN]: true, [aO]: "sigv4", [aP]: o, [aQ]: g }] }, X = { [f]: "Invalid region: region was not a valid DNS name.", [aG]: f }, Y = { [aK]: q }, Z = { [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [{ [aK]: s }, ""] }] }, aa = { [aI]: c, [aJ]: [{ [aK]: "UseArnRegion" }] }, ab = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "UseArnRegion" }, false] }, ac = { [aI]: j, [aJ]: [Y, "region"] }, ad = { [aI]: j, [aJ]: [Y, "accountId"] }, ae = { [aK]: z }, af = { [aM]: [{ [aN]: true, [aO]: "sigv4", [aP]: o, [aQ]: "{accessPointArn#region}" }] }, ag = { [aR]: [x], [aS]: ["{outpostId}"] }, ah = { [f]: "Invalid ARN: Expected a 4-component resource", [aG]: f }, ai = { [f]: "Invalid ARN: missing account ID", [aG]: f }, aj = { [f]: "Client was configured for partition `{partitionResult#name}` but ARN has `{arnPartition#name}`", [aG]: f }, ak = { [f]: "Invalid ARN: The outpost Id must only contain a-z, A-Z, 0-9 and `-`., found: `{outpostId}`", [aG]: f }, al = { [f]: "Invalid ARN: The Outpost Id was not set", [aG]: f }, am = { [f]: "Invalid ARN: No ARN type specified", [aG]: f }, an = { [aK]: B }, ao = { [aI]: j, [aJ]: [an, "region"] }, ap = { [aI]: j, [aJ]: [an, "accountId"] }, aq = { [aM]: [{ [aN]: true, [aO]: "sigv4", [aP]: o, [aQ]: "{bucketArn#region}" }] }, ar = { [aR]: [C], [aS]: ["{outpostId}"] }, as = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "UseDualStack" }, false] }, at = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "UseFIPS" }, false] }, au = [G], av = [{ [aI]: e, [aJ]: [G], [aL]: "partitionResult" }], aw = [J], ax = [K], ay = [{ [aI]: l, [aJ]: [G, true] }], az = [H, I], aA = [K, J], aB = [{ [aK]: "AccessPointName" }], aC = [{ [aI]: l, [aJ]: [{ [aK]: v }, false] }], aD = [{ [aI]: d, [aJ]: [{ [aI]: j, [aJ]: [{ [aK]: w }, "name"] }, { [aI]: j, [aJ]: [{ [aK]: "partitionResult" }, "name"] }] }], aE = [{ [aK]: "Bucket" }];
+const _data = { version: "1.0", parameters: { Region: D, UseFIPS: E, UseDualStack: E, Endpoint: D, AccountId: D, RequiresAccountId: F, OutpostId: D, Bucket: D, AccessPointName: D, UseArnRegion: F }, rules: [{ [aH]: [{ [aI]: c, [aJ]: au }], rules: [{ [aH]: [{ [aI]: d, [aJ]: [G, "snow"] }, H, I], rules: [{ [aH]: av, rules: [{ [aH]: aw, error: "S3 Snow does not support DualStack", [aG]: f }, { [aH]: ax, error: "S3 Snow does not support FIPS", [aG]: f }, { endpoint: { url: "{url#scheme}://{url#authority}", properties: L, headers: M }, [aG]: h }], [aG]: i }], [aG]: i }, { [aH]: [{ [aI]: c, [aJ]: [N] }], rules: [{ [aH]: av, rules: [O, P, U, { [aH]: [{ [aI]: k, [aJ]: [{ [aI]: l, [aJ]: [N, a] }] }], error: "OutpostId must only contain a-z, A-Z, 0-9 and `-`.", [aG]: f }, V, { [aH]: ay, rules: [{ [aH]: az, endpoint: { url: n, properties: W, headers: M }, [aG]: h }, { [aH]: aA, endpoint: { url: "https://s3-outposts-fips.{Region}.{partitionResult#dualStackDnsSuffix}", properties: W, headers: M }, [aG]: h }, { [aH]: ax, endpoint: { url: "https://s3-outposts-fips.{Region}.{partitionResult#dnsSuffix}", properties: W, headers: M }, [aG]: h }, { [aH]: aw, endpoint: { url: "https://s3-outposts.{Region}.{partitionResult#dualStackDnsSuffix}", properties: W, headers: M }, [aG]: h }, { endpoint: { url: "https://s3-outposts.{Region}.{partitionResult#dnsSuffix}", properties: W, headers: M }, [aG]: h }], [aG]: i }, X], [aG]: i }], [aG]: i }, { [aH]: [{ [aI]: c, [aJ]: aB }, { [aI]: p, [aJ]: aB, [aL]: q }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [Y, r], [aL]: s }, Z], rules: [{ [aH]: [{ [aI]: d, [aJ]: [{ [aI]: j, [aJ]: [Y, t] }, o] }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [Y, u], [aL]: v }], rules: [{ [aH]: aC, rules: [V, { [aH]: [aa, ab, { [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [ac, g] }] }], error: "Invalid configuration: region from ARN `{accessPointArn#region}` does not match client region `{Region}` and UseArnRegion is `false`", [aG]: f }, { [aH]: av, rules: [{ [aH]: [{ [aI]: e, [aJ]: [ac], [aL]: w }], rules: [{ [aH]: aD, rules: [{ [aH]: [{ [aI]: l, [aJ]: [ac, b] }], rules: [{ [aH]: [{ [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [ad, ""] }] }], rules: [{ [aH]: [{ [aI]: l, [aJ]: [ad, a] }], rules: [{ [aH]: [S, { [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [T, x] }] }], error: "Invalid ARN: the accountId specified in the ARN (`{accessPointArn#accountId}`) does not match the parameter (`{AccountId}`)", [aG]: f }, { [aH]: [{ [aI]: j, [aJ]: [Y, y], [aL]: z }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [Y, A], [aL]: "accessPointName" }], rules: [{ [aH]: [{ [aI]: d, [aJ]: [ae, "accesspoint"] }], rules: [{ [aH]: aA, endpoint: { url: "https://s3-outposts-fips.{accessPointArn#region}.{arnPartition#dualStackDnsSuffix}", properties: af, headers: ag }, [aG]: h }, { [aH]: ax, endpoint: { url: "https://s3-outposts-fips.{accessPointArn#region}.{arnPartition#dnsSuffix}", properties: af, headers: ag }, [aG]: h }, { [aH]: aw, endpoint: { url: "https://s3-outposts.{accessPointArn#region}.{arnPartition#dualStackDnsSuffix}", properties: af, headers: ag }, [aG]: h }, { [aH]: az, endpoint: { url: n, properties: af, headers: ag }, [aG]: h }, { endpoint: { url: "https://s3-outposts.{accessPointArn#region}.{arnPartition#dnsSuffix}", properties: af, headers: ag }, [aG]: h }], [aG]: i }, { error: "Expected an outpost type `accesspoint`, found `{outpostType}`", [aG]: f }], [aG]: i }, { error: "Invalid ARN: expected an access point name", [aG]: f }], [aG]: i }, ah], [aG]: i }, { error: "Invalid ARN: The account id may only contain a-z, A-Z, 0-9 and `-`. Found: `{accessPointArn#accountId}`", [aG]: f }], [aG]: i }, ai], [aG]: i }, { error: "Invalid region in ARN: `{accessPointArn#region}` (invalid DNS name)", [aG]: f }], [aG]: i }, aj], [aG]: i }], [aG]: i }], [aG]: i }, ak], [aG]: i }, al], [aG]: i }], [aG]: i }, am], [aG]: i }, { [aH]: [{ [aI]: c, [aJ]: aE }, { [aI]: p, [aJ]: aE, [aL]: B }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [an, r], [aL]: s }, Z], rules: [{ [aH]: [{ [aI]: d, [aJ]: [{ [aI]: j, [aJ]: [an, t] }, o] }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [an, u], [aL]: v }], rules: [{ [aH]: aC, rules: [V, { [aH]: [aa, ab, { [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [ao, g] }] }], error: "Invalid configuration: region from ARN `{bucketArn#region}` does not match client region `{Region}` and UseArnRegion is `false`", [aG]: f }, { [aH]: [{ [aI]: e, [aJ]: [ao], [aL]: w }], rules: [{ [aH]: av, rules: [{ [aH]: aD, rules: [{ [aH]: [{ [aI]: l, [aJ]: [ao, b] }], rules: [{ [aH]: [{ [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [ap, ""] }] }], rules: [{ [aH]: [{ [aI]: l, [aJ]: [ap, a] }], rules: [{ [aH]: [S, { [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [T, C] }] }], error: "Invalid ARN: the accountId specified in the ARN (`{bucketArn#accountId}`) does not match the parameter (`{AccountId}`)", [aG]: f }, { [aH]: [{ [aI]: j, [aJ]: [an, y], [aL]: z }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [an, A], [aL]: "bucketName" }], rules: [{ [aH]: [{ [aI]: d, [aJ]: [ae, "bucket"] }], rules: [{ [aH]: aA, endpoint: { url: "https://s3-outposts-fips.{bucketArn#region}.{arnPartition#dualStackDnsSuffix}", properties: aq, headers: ar }, [aG]: h }, { [aH]: ax, endpoint: { url: "https://s3-outposts-fips.{bucketArn#region}.{arnPartition#dnsSuffix}", properties: aq, headers: ar }, [aG]: h }, { [aH]: aw, endpoint: { url: "https://s3-outposts.{bucketArn#region}.{arnPartition#dualStackDnsSuffix}", properties: aq, headers: ar }, [aG]: h }, { [aH]: az, endpoint: { url: n, properties: aq, headers: ar }, [aG]: h }, { endpoint: { url: "https://s3-outposts.{bucketArn#region}.{arnPartition#dnsSuffix}", properties: aq, headers: ar }, [aG]: h }], [aG]: i }, { error: "Invalid ARN: Expected an outpost type `bucket`, found `{outpostType}`", [aG]: f }], [aG]: i }, { error: "Invalid ARN: expected a bucket name", [aG]: f }], [aG]: i }, ah], [aG]: i }, { error: "Invalid ARN: The account id may only contain a-z, A-Z, 0-9 and `-`. Found: `{bucketArn#accountId}`", [aG]: f }], [aG]: i }, ai], [aG]: i }, { error: "Invalid region in ARN: `{bucketArn#region}` (invalid DNS name)", [aG]: f }], [aG]: i }, aj], [aG]: i }], [aG]: i }], [aG]: i }, ak], [aG]: i }, al], [aG]: i }], [aG]: i }, am], [aG]: i }, { [aH]: av, rules: [{ [aH]: ay, rules: [O, P, U, { [aH]: az, rules: [{ [aH]: aw, error: m, [aG]: f }, { [aH]: [Q, R, S], endpoint: { url: "{url#scheme}://{AccountId}.{url#authority}{url#path}", properties: L, headers: M }, [aG]: h }, { endpoint: { url: n, properties: L, headers: M }, [aG]: h }], [aG]: i }, { [aH]: [K, J, Q, R, S], endpoint: { url: "https://{AccountId}.s3-control-fips.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: aA, endpoint: { url: "https://s3-control-fips.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [K, as, Q, R, S], endpoint: { url: "https://{AccountId}.s3-control-fips.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [K, as], endpoint: { url: "https://s3-control-fips.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [at, J, Q, R, S], endpoint: { url: "https://{AccountId}.s3-control.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [at, J], endpoint: { url: "https://s3-control.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [at, as, Q, R, S], endpoint: { url: "https://{AccountId}.s3-control.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [at, as], endpoint: { url: "https://s3-control.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }], [aG]: i }, X], [aG]: i }], [aG]: i }, { error: "Region must be set", [aG]: f }] };
 exports.ruleSet = _data;

package/dist-cjs/runtimeConfig.shared.js

@@ -1,10 +1,12 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getRuntimeConfig = void 0;
+const core_1 = require("@aws-sdk/core");
 const smithy_client_1 = require("@smithy/smithy-client");
 const url_parser_1 = require("@smithy/url-parser");
 const util_base64_1 = require("@smithy/util-base64");
 const util_utf8_1 = require("@smithy/util-utf8");
+const httpAuthSchemeProvider_1 = require("./auth/httpAuthSchemeProvider");
 const endpointResolver_1 = require("./endpoint/endpointResolver");
 const getRuntimeConfig = (config) => {
     return {
@@ -14,6 +16,14 @@ const getRuntimeConfig = (config) => {
         disableHostPrefix: config?.disableHostPrefix ?? false,
         endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver,
         extensions: config?.extensions ?? [],
+        httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultS3ControlHttpAuthSchemeProvider,
+        httpAuthSchemes: config?.httpAuthSchemes ?? [
+            {
+                schemeId: "aws.auth#sigv4",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
+                signer: new core_1.AwsSdkSigV4Signer(),
+            },
+        ],
         logger: config?.logger ?? new smithy_client_1.NoOpLogger(),
         serviceId: config?.serviceId ?? "S3 Control",
         signingEscapePath: config?.signingEscapePath ?? false,

package/dist-cjs/runtimeExtensions.js

@@ -4,12 +4,14 @@ exports.resolveRuntimeExtensions = void 0;
 const region_config_resolver_1 = require("@aws-sdk/region-config-resolver");
 const protocol_http_1 = require("@smithy/protocol-http");
 const smithy_client_1 = require("@smithy/smithy-client");
+const httpAuthExtensionConfiguration_1 = require("./auth/httpAuthExtensionConfiguration");
 const asPartial = (t) => t;
 const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
     const extensionConfiguration = {
         ...asPartial((0, region_config_resolver_1.getAwsRegionExtensionConfiguration)(runtimeConfig)),
         ...asPartial((0, smithy_client_1.getDefaultExtensionConfiguration)(runtimeConfig)),
         ...asPartial((0, protocol_http_1.getHttpHandlerExtensionConfiguration)(runtimeConfig)),
+        ...asPartial((0, httpAuthExtensionConfiguration_1.getHttpAuthExtensionConfiguration)(runtimeConfig)),
     };
     extensions.forEach((extension) => extension.configure(extensionConfiguration));
     return {
@@ -17,6 +19,7 @@ const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
         ...(0, region_config_resolver_1.resolveAwsRegionExtensionConfiguration)(extensionConfiguration),
         ...(0, smithy_client_1.resolveDefaultRuntimeConfig)(extensionConfiguration),
         ...(0, protocol_http_1.resolveHttpHandlerRuntimeConfig)(extensionConfiguration),
+        ...(0, httpAuthExtensionConfiguration_1.resolveHttpAuthRuntimeConfig)(extensionConfiguration),
     };
 };
 exports.resolveRuntimeExtensions = resolveRuntimeExtensions;

package/dist-es/S3ControlClient.js

@@ -2,13 +2,14 @@ import { getHostHeaderPlugin, resolveHostHeaderConfig, } from "@aws-sdk/middlewa
 import { getLoggerPlugin } from "@aws-sdk/middleware-logger";
 import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection";
 import { getHostPrefixDeduplicationPlugin, resolveS3ControlConfig, } from "@aws-sdk/middleware-sdk-s3-control";
-import { getAwsAuthPlugin, resolveAwsAuthConfig, } from "@aws-sdk/middleware-signing";
 import { getUserAgentPlugin, resolveUserAgentConfig, } from "@aws-sdk/middleware-user-agent";
 import { resolveRegionConfig } from "@smithy/config-resolver";
+import { DefaultIdentityProviderConfig, getHttpAuthSchemeEndpointRuleSetPlugin, getHttpSigningPlugin, } from "@smithy/core";
 import { getContentLengthPlugin } from "@smithy/middleware-content-length";
 import { resolveEndpointConfig } from "@smithy/middleware-endpoint";
 import { getRetryPlugin, resolveRetryConfig } from "@smithy/middleware-retry";
 import { Client as __Client, } from "@smithy/smithy-client";
+import { defaultS3ControlHttpAuthSchemeParametersProvider, resolveHttpAuthSchemeConfig, } from "./auth/httpAuthSchemeProvider";
 import { resolveClientEndpointParameters, } from "./endpoint/EndpointParameters";
 import { getRuntimeConfig as __getRuntimeConfig } from "./runtimeConfig";
 import { resolveRuntimeExtensions } from "./runtimeExtensions";
@@ -21,9 +22,9 @@ export class S3ControlClient extends __Client {
         const _config_3 = resolveEndpointConfig(_config_2);
         const _config_4 = resolveRetryConfig(_config_3);
         const _config_5 = resolveHostHeaderConfig(_config_4);
-        const _config_6 = resolveAwsAuthConfig(_config_5);
-        const _config_7 = resolveS3ControlConfig(_config_6);
-        const _config_8 = resolveUserAgentConfig(_config_7);
+        const _config_6 = resolveS3ControlConfig(_config_5);
+        const _config_7 = resolveUserAgentConfig(_config_6);
+        const _config_8 = resolveHttpAuthSchemeConfig(_config_7);
         const _config_9 = resolveRuntimeExtensions(_config_8, configuration?.extensions || []);
         super(_config_9);
         this.config = _config_9;
@@ -32,11 +33,23 @@ export class S3ControlClient extends __Client {
         this.middlewareStack.use(getHostHeaderPlugin(this.config));
         this.middlewareStack.use(getLoggerPlugin(this.config));
         this.middlewareStack.use(getRecursionDetectionPlugin(this.config));
-        this.middlewareStack.use(getAwsAuthPlugin(this.config));
         this.middlewareStack.use(getHostPrefixDeduplicationPlugin(this.config));
         this.middlewareStack.use(getUserAgentPlugin(this.config));
+        this.middlewareStack.use(getHttpAuthSchemeEndpointRuleSetPlugin(this.config, {
+            httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(),
+            identityProviderConfigProvider: this.getIdentityProviderConfigProvider(),
+        }));
+        this.middlewareStack.use(getHttpSigningPlugin(this.config));
     }
     destroy() {
         super.destroy();
     }
+    getDefaultHttpAuthSchemeParametersProvider() {
+        return defaultS3ControlHttpAuthSchemeParametersProvider;
+    }
+    getIdentityProviderConfigProvider() {
+        return async (config) => new DefaultIdentityProviderConfig({
+            "aws.auth#sigv4": config.credentials,
+        });
+    }
 }

package/dist-es/auth/httpAuthExtensionConfiguration.js

@@ -0,0 +1,38 @@
+export const getHttpAuthExtensionConfiguration = (runtimeConfig) => {
+    const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
+    let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
+    let _credentials = runtimeConfig.credentials;
+    return {
+        setHttpAuthScheme(httpAuthScheme) {
+            const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
+            if (index === -1) {
+                _httpAuthSchemes.push(httpAuthScheme);
+            }
+            else {
+                _httpAuthSchemes.splice(index, 1, httpAuthScheme);
+            }
+        },
+        httpAuthSchemes() {
+            return _httpAuthSchemes;
+        },
+        setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
+            _httpAuthSchemeProvider = httpAuthSchemeProvider;
+        },
+        httpAuthSchemeProvider() {
+            return _httpAuthSchemeProvider;
+        },
+        setCredentials(credentials) {
+            _credentials = credentials;
+        },
+        credentials() {
+            return _credentials;
+        },
+    };
+};
+export const resolveHttpAuthRuntimeConfig = (config) => {
+    return {
+        httpAuthSchemes: config.httpAuthSchemes(),
+        httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
+        credentials: config.credentials(),
+    };
+};

package/dist-es/auth/httpAuthSchemeProvider.js

@@ -0,0 +1,41 @@
+import { resolveAwsSdkSigV4Config, } from "@aws-sdk/core";
+import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware";
+export const defaultS3ControlHttpAuthSchemeParametersProvider = async (config, context, input) => {
+    return {
+        operation: getSmithyContext(context).operation,
+        region: (await normalizeProvider(config.region)()) ||
+            (() => {
+                throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
+            })(),
+    };
+};
+function createAwsAuthSigv4HttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4",
+        signingProperties: {
+            name: "s3",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
+export const defaultS3ControlHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        default: {
+            options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+        }
+    }
+    return options;
+};
+export const resolveHttpAuthSchemeConfig = (config) => {
+    const config_0 = resolveAwsSdkSigV4Config(config);
+    return {
+        ...config_0,
+    };
+};

package/dist-es/endpoint/ruleset.js

@@ -1,4 +1,4 @@
-const aC = "required", aD = "type", aE = "conditions", aF = "fn", aG = "argv", aH = "ref", aI = "assign", aJ = "authSchemes", aK = "disableDoubleEncoding", aL = "name", aM = "signingName", aN = "signingRegion", aO = "x-amz-account-id", aP = "x-amz-outpost-id";
-const a = false, b = true, c = "isSet", d = "stringEquals", e = "aws.partition", f = "error", g = "{Region}", h = "endpoint", i = "tree", j = "getAttr", k = "not", l = "isValidHostLabel", m = "{url#scheme}://{url#authority}{url#path}", n = "s3-outposts", o = "aws.parseArn", p = "accessPointArn", q = "resourceId[0]", r = "arnType", s = "service", t = "resourceId[1]", u = "outpostId", v = "arnPartition", w = "{accessPointArn#accountId}", x = "resourceId[2]", y = "outpostType", z = "resourceId[3]", A = "bucketArn", B = "{bucketArn#accountId}", C = { [aC]: false, [aD]: "String" }, D = { [aC]: true, "default": false, [aD]: "Boolean" }, E = { [aC]: false, [aD]: "Boolean" }, F = { [aH]: "Region" }, G = { [aF]: c, [aG]: [{ [aH]: "Endpoint" }] }, H = { [aF]: "parseURL", [aG]: [{ [aH]: "Endpoint" }], [aI]: "url" }, I = { [aF]: "booleanEquals", [aG]: [{ [aH]: "UseDualStack" }, true] }, J = { [aF]: "booleanEquals", [aG]: [{ [aH]: "UseFIPS" }, true] }, K = { [aJ]: [{ [aK]: true, [aL]: "sigv4", [aM]: "s3", [aN]: g }] }, L = {}, M = { [aH]: "OutpostId" }, N = { [aE]: [J, { [aF]: d, [aG]: [{ [aF]: j, [aG]: [{ [aH]: "partitionResult" }, "name"] }, "aws-cn"] }], [f]: "Partition does not support FIPS", [aD]: f }, O = { [aE]: [{ [aF]: c, [aG]: [{ [aH]: "RequiresAccountId" }] }, { [aF]: "booleanEquals", [aG]: [{ [aH]: "RequiresAccountId" }, true] }, { [aF]: k, [aG]: [{ [aF]: c, [aG]: [{ [aH]: "AccountId" }] }] }], [f]: "AccountId is required but not set", [aD]: f }, P = { [aF]: c, [aG]: [{ [aH]: "RequiresAccountId" }] }, Q = { [aF]: "booleanEquals", [aG]: [{ [aH]: "RequiresAccountId" }, true] }, R = { [aF]: c, [aG]: [{ [aH]: "AccountId" }] }, S = { [aH]: "AccountId" }, T = { [aE]: [R, { [aF]: k, [aG]: [{ [aF]: l, [aG]: [S, false] }] }], [f]: "AccountId must only contain a-z, A-Z, 0-9 and `-`.", [aD]: f }, U = { [aJ]: [{ [aK]: true, [aL]: "sigv4", [aM]: n, [aN]: g }] }, V = { [f]: "Invalid region: region was not a valid DNS name.", [aD]: f }, W = { [aH]: p }, X = { [aF]: k, [aG]: [{ [aF]: d, [aG]: [{ [aH]: r }, ""] }] }, Y = { [aF]: c, [aG]: [{ [aH]: "UseArnRegion" }] }, Z = { [aF]: "booleanEquals", [aG]: [{ [aH]: "UseArnRegion" }, false] }, aa = { [aF]: j, [aG]: [W, "region"] }, ab = { [aF]: j, [aG]: [W, "accountId"] }, ac = { [aH]: y }, ad = { [aJ]: [{ [aK]: true, [aL]: "sigv4", [aM]: n, [aN]: "{accessPointArn#region}" }] }, ae = { [aO]: [w], [aP]: ["{outpostId}"] }, af = { [f]: "Invalid ARN: Expected a 4-component resource", [aD]: f }, ag = { [f]: "Invalid ARN: missing account ID", [aD]: f }, ah = { [f]: "Client was configured for partition `{partitionResult#name}` but ARN has `{arnPartition#name}`", [aD]: f }, ai = { [f]: "Invalid ARN: The outpost Id must only contain a-z, A-Z, 0-9 and `-`., found: `{outpostId}`", [aD]: f }, aj = { [f]: "Invalid ARN: The Outpost Id was not set", [aD]: f }, ak = { [f]: "Invalid ARN: No ARN type specified", [aD]: f }, al = { [aH]: A }, am = { [aF]: j, [aG]: [al, "region"] }, an = { [aF]: j, [aG]: [al, "accountId"] }, ao = { [aJ]: [{ [aK]: true, [aL]: "sigv4", [aM]: n, [aN]: "{bucketArn#region}" }] }, ap = { [aO]: [B], [aP]: ["{outpostId}"] }, aq = { [aF]: "booleanEquals", [aG]: [{ [aH]: "UseDualStack" }, false] }, ar = { [aF]: "booleanEquals", [aG]: [{ [aH]: "UseFIPS" }, false] }, as = [F], at = [{ [aF]: e, [aG]: [F], [aI]: "partitionResult" }], au = [I], av = [J], aw = [{ [aF]: l, [aG]: [F, true] }], ax = [G, H], ay = [{ [aH]: "AccessPointName" }], az = [{ [aF]: l, [aG]: [{ [aH]: u }, false] }], aA = [{ [aF]: d, [aG]: [{ [aF]: j, [aG]: [{ [aH]: v }, "name"] }, { [aF]: j, [aG]: [{ [aH]: "partitionResult" }, "name"] }] }], aB = [{ [aH]: "Bucket" }];
-const _data = { version: "1.0", parameters: { Region: C, UseFIPS: D, UseDualStack: D, Endpoint: C, AccountId: C, RequiresAccountId: E, OutpostId: C, Bucket: C, AccessPointName: C, UseArnRegion: E }, rules: [{ [aE]: [{ [aF]: c, [aG]: as }], rules: [{ [aE]: [{ [aF]: d, [aG]: [F, "snow"] }, G, H], rules: [{ [aE]: at, rules: [{ [aE]: au, error: "S3 Snow does not support DualStack", [aD]: f }, { [aE]: av, error: "S3 Snow does not support FIPS", [aD]: f }, { endpoint: { url: "{url#scheme}://{url#authority}", properties: K, headers: L }, [aD]: h }], [aD]: i }], [aD]: i }, { [aE]: [{ [aF]: c, [aG]: [M] }], rules: [{ [aE]: at, rules: [N, O, T, { [aE]: [{ [aF]: k, [aG]: [{ [aF]: l, [aG]: [M, a] }] }], error: "OutpostId must only contain a-z, A-Z, 0-9 and `-`.", [aD]: f }, { [aE]: aw, rules: [{ [aE]: au, error: "Invalid configuration: Outposts do not support dual-stack", [aD]: f }, { [aE]: ax, endpoint: { url: m, properties: U, headers: L }, [aD]: h }, { [aE]: av, endpoint: { url: "https://s3-outposts-fips.{Region}.{partitionResult#dnsSuffix}", properties: U, headers: L }, [aD]: h }, { endpoint: { url: "https://s3-outposts.{Region}.{partitionResult#dnsSuffix}", properties: U, headers: L }, [aD]: h }], [aD]: i }, V], [aD]: i }], [aD]: i }, { [aE]: [{ [aF]: c, [aG]: ay }, { [aF]: o, [aG]: ay, [aI]: p }], rules: [{ [aE]: [{ [aF]: j, [aG]: [W, q], [aI]: r }, X], rules: [{ [aE]: [{ [aF]: d, [aG]: [{ [aF]: j, [aG]: [W, s] }, n] }], rules: [{ [aE]: au, error: "Invalid configuration: Outpost Access Points do not support dual-stack", [aD]: f }, { [aE]: [{ [aF]: j, [aG]: [W, t], [aI]: u }], rules: [{ [aE]: az, rules: [{ [aE]: [Y, Z, { [aF]: k, [aG]: [{ [aF]: d, [aG]: [aa, g] }] }], error: "Invalid configuration: region from ARN `{accessPointArn#region}` does not match client region `{Region}` and UseArnRegion is `false`", [aD]: f }, { [aE]: at, rules: [{ [aE]: [{ [aF]: e, [aG]: [aa], [aI]: v }], rules: [{ [aE]: aA, rules: [{ [aE]: [{ [aF]: l, [aG]: [aa, b] }], rules: [{ [aE]: [{ [aF]: k, [aG]: [{ [aF]: d, [aG]: [ab, ""] }] }], rules: [{ [aE]: [{ [aF]: l, [aG]: [ab, a] }], rules: [{ [aE]: [R, { [aF]: k, [aG]: [{ [aF]: d, [aG]: [S, w] }] }], error: "Invalid ARN: the accountId specified in the ARN (`{accessPointArn#accountId}`) does not match the parameter (`{AccountId}`)", [aD]: f }, { [aE]: [{ [aF]: j, [aG]: [W, x], [aI]: y }], rules: [{ [aE]: [{ [aF]: j, [aG]: [W, z], [aI]: "accessPointName" }], rules: [{ [aE]: [{ [aF]: d, [aG]: [ac, "accesspoint"] }], rules: [{ [aE]: av, endpoint: { url: "https://s3-outposts-fips.{accessPointArn#region}.{arnPartition#dnsSuffix}", properties: ad, headers: ae }, [aD]: h }, { [aE]: ax, endpoint: { url: m, properties: ad, headers: ae }, [aD]: h }, { endpoint: { url: "https://s3-outposts.{accessPointArn#region}.{arnPartition#dnsSuffix}", properties: ad, headers: ae }, [aD]: h }], [aD]: i }, { error: "Expected an outpost type `accesspoint`, found `{outpostType}`", [aD]: f }], [aD]: i }, { error: "Invalid ARN: expected an access point name", [aD]: f }], [aD]: i }, af], [aD]: i }, { error: "Invalid ARN: The account id may only contain a-z, A-Z, 0-9 and `-`. Found: `{accessPointArn#accountId}`", [aD]: f }], [aD]: i }, ag], [aD]: i }, { error: "Invalid region in ARN: `{accessPointArn#region}` (invalid DNS name)", [aD]: f }], [aD]: i }, ah], [aD]: i }], [aD]: i }], [aD]: i }, ai], [aD]: i }, aj], [aD]: i }], [aD]: i }, ak], [aD]: i }, { [aE]: [{ [aF]: c, [aG]: aB }, { [aF]: o, [aG]: aB, [aI]: A }], rules: [{ [aE]: [{ [aF]: j, [aG]: [al, q], [aI]: r }, X], rules: [{ [aE]: [{ [aF]: d, [aG]: [{ [aF]: j, [aG]: [al, s] }, n] }], rules: [{ [aE]: au, error: "Invalid configuration: Outpost buckets do not support dual-stack", [aD]: f }, { [aE]: [{ [aF]: j, [aG]: [al, t], [aI]: u }], rules: [{ [aE]: az, rules: [{ [aE]: [Y, Z, { [aF]: k, [aG]: [{ [aF]: d, [aG]: [am, g] }] }], error: "Invalid configuration: region from ARN `{bucketArn#region}` does not match client region `{Region}` and UseArnRegion is `false`", [aD]: f }, { [aE]: [{ [aF]: e, [aG]: [am], [aI]: v }], rules: [{ [aE]: at, rules: [{ [aE]: aA, rules: [{ [aE]: [{ [aF]: l, [aG]: [am, b] }], rules: [{ [aE]: [{ [aF]: k, [aG]: [{ [aF]: d, [aG]: [an, ""] }] }], rules: [{ [aE]: [{ [aF]: l, [aG]: [an, a] }], rules: [{ [aE]: [R, { [aF]: k, [aG]: [{ [aF]: d, [aG]: [S, B] }] }], error: "Invalid ARN: the accountId specified in the ARN (`{bucketArn#accountId}`) does not match the parameter (`{AccountId}`)", [aD]: f }, { [aE]: [{ [aF]: j, [aG]: [al, x], [aI]: y }], rules: [{ [aE]: [{ [aF]: j, [aG]: [al, z], [aI]: "bucketName" }], rules: [{ [aE]: [{ [aF]: d, [aG]: [ac, "bucket"] }], rules: [{ [aE]: av, endpoint: { url: "https://s3-outposts-fips.{bucketArn#region}.{arnPartition#dnsSuffix}", properties: ao, headers: ap }, [aD]: h }, { [aE]: ax, endpoint: { url: m, properties: ao, headers: ap }, [aD]: h }, { endpoint: { url: "https://s3-outposts.{bucketArn#region}.{arnPartition#dnsSuffix}", properties: ao, headers: ap }, [aD]: h }], [aD]: i }, { error: "Invalid ARN: Expected an outpost type `bucket`, found `{outpostType}`", [aD]: f }], [aD]: i }, { error: "Invalid ARN: expected a bucket name", [aD]: f }], [aD]: i }, af], [aD]: i }, { error: "Invalid ARN: The account id may only contain a-z, A-Z, 0-9 and `-`. Found: `{bucketArn#accountId}`", [aD]: f }], [aD]: i }, ag], [aD]: i }, { error: "Invalid region in ARN: `{bucketArn#region}` (invalid DNS name)", [aD]: f }], [aD]: i }, ah], [aD]: i }], [aD]: i }], [aD]: i }, ai], [aD]: i }, aj], [aD]: i }], [aD]: i }, ak], [aD]: i }, { [aE]: at, rules: [{ [aE]: aw, rules: [N, O, T, { [aE]: ax, rules: [{ [aE]: au, error: "Invalid Configuration: DualStack and custom endpoint are not supported", [aD]: f }, { [aE]: [P, Q, R], endpoint: { url: "{url#scheme}://{AccountId}.{url#authority}{url#path}", properties: K, headers: L }, [aD]: h }, { endpoint: { url: m, properties: K, headers: L }, [aD]: h }], [aD]: i }, { [aE]: [J, I, P, Q, R], endpoint: { url: "https://{AccountId}.s3-control-fips.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [J, I], endpoint: { url: "https://s3-control-fips.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [J, aq, P, Q, R], endpoint: { url: "https://{AccountId}.s3-control-fips.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [J, aq], endpoint: { url: "https://s3-control-fips.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [ar, I, P, Q, R], endpoint: { url: "https://{AccountId}.s3-control.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [ar, I], endpoint: { url: "https://s3-control.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [ar, aq, P, Q, R], endpoint: { url: "https://{AccountId}.s3-control.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }, { [aE]: [ar, aq], endpoint: { url: "https://s3-control.{Region}.{partitionResult#dnsSuffix}", properties: K, headers: L }, [aD]: h }], [aD]: i }, V], [aD]: i }], [aD]: i }, { error: "Region must be set", [aD]: f }] };
+const aF = "required", aG = "type", aH = "conditions", aI = "fn", aJ = "argv", aK = "ref", aL = "assign", aM = "authSchemes", aN = "disableDoubleEncoding", aO = "name", aP = "signingName", aQ = "signingRegion", aR = "x-amz-account-id", aS = "x-amz-outpost-id";
+const a = false, b = true, c = "isSet", d = "stringEquals", e = "aws.partition", f = "error", g = "{Region}", h = "endpoint", i = "tree", j = "getAttr", k = "not", l = "isValidHostLabel", m = "Invalid Configuration: DualStack and custom endpoint are not supported", n = "{url#scheme}://{url#authority}{url#path}", o = "s3-outposts", p = "aws.parseArn", q = "accessPointArn", r = "resourceId[0]", s = "arnType", t = "service", u = "resourceId[1]", v = "outpostId", w = "arnPartition", x = "{accessPointArn#accountId}", y = "resourceId[2]", z = "outpostType", A = "resourceId[3]", B = "bucketArn", C = "{bucketArn#accountId}", D = { [aF]: false, [aG]: "String" }, E = { [aF]: true, "default": false, [aG]: "Boolean" }, F = { [aF]: false, [aG]: "Boolean" }, G = { [aK]: "Region" }, H = { [aI]: c, [aJ]: [{ [aK]: "Endpoint" }] }, I = { [aI]: "parseURL", [aJ]: [{ [aK]: "Endpoint" }], [aL]: "url" }, J = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "UseDualStack" }, true] }, K = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "UseFIPS" }, true] }, L = { [aM]: [{ [aN]: true, [aO]: "sigv4", [aP]: "s3", [aQ]: g }] }, M = {}, N = { [aK]: "OutpostId" }, O = { [aH]: [K, { [aI]: d, [aJ]: [{ [aI]: j, [aJ]: [{ [aK]: "partitionResult" }, "name"] }, "aws-cn"] }], [f]: "Partition does not support FIPS", [aG]: f }, P = { [aH]: [{ [aI]: c, [aJ]: [{ [aK]: "RequiresAccountId" }] }, { [aI]: "booleanEquals", [aJ]: [{ [aK]: "RequiresAccountId" }, true] }, { [aI]: k, [aJ]: [{ [aI]: c, [aJ]: [{ [aK]: "AccountId" }] }] }], [f]: "AccountId is required but not set", [aG]: f }, Q = { [aI]: c, [aJ]: [{ [aK]: "RequiresAccountId" }] }, R = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "RequiresAccountId" }, true] }, S = { [aI]: c, [aJ]: [{ [aK]: "AccountId" }] }, T = { [aK]: "AccountId" }, U = { [aH]: [S, { [aI]: k, [aJ]: [{ [aI]: l, [aJ]: [T, false] }] }], [f]: "AccountId must only contain a-z, A-Z, 0-9 and `-`.", [aG]: f }, V = { [aH]: [H, J], [f]: m, [aG]: f }, W = { [aM]: [{ [aN]: true, [aO]: "sigv4", [aP]: o, [aQ]: g }] }, X = { [f]: "Invalid region: region was not a valid DNS name.", [aG]: f }, Y = { [aK]: q }, Z = { [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [{ [aK]: s }, ""] }] }, aa = { [aI]: c, [aJ]: [{ [aK]: "UseArnRegion" }] }, ab = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "UseArnRegion" }, false] }, ac = { [aI]: j, [aJ]: [Y, "region"] }, ad = { [aI]: j, [aJ]: [Y, "accountId"] }, ae = { [aK]: z }, af = { [aM]: [{ [aN]: true, [aO]: "sigv4", [aP]: o, [aQ]: "{accessPointArn#region}" }] }, ag = { [aR]: [x], [aS]: ["{outpostId}"] }, ah = { [f]: "Invalid ARN: Expected a 4-component resource", [aG]: f }, ai = { [f]: "Invalid ARN: missing account ID", [aG]: f }, aj = { [f]: "Client was configured for partition `{partitionResult#name}` but ARN has `{arnPartition#name}`", [aG]: f }, ak = { [f]: "Invalid ARN: The outpost Id must only contain a-z, A-Z, 0-9 and `-`., found: `{outpostId}`", [aG]: f }, al = { [f]: "Invalid ARN: The Outpost Id was not set", [aG]: f }, am = { [f]: "Invalid ARN: No ARN type specified", [aG]: f }, an = { [aK]: B }, ao = { [aI]: j, [aJ]: [an, "region"] }, ap = { [aI]: j, [aJ]: [an, "accountId"] }, aq = { [aM]: [{ [aN]: true, [aO]: "sigv4", [aP]: o, [aQ]: "{bucketArn#region}" }] }, ar = { [aR]: [C], [aS]: ["{outpostId}"] }, as = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "UseDualStack" }, false] }, at = { [aI]: "booleanEquals", [aJ]: [{ [aK]: "UseFIPS" }, false] }, au = [G], av = [{ [aI]: e, [aJ]: [G], [aL]: "partitionResult" }], aw = [J], ax = [K], ay = [{ [aI]: l, [aJ]: [G, true] }], az = [H, I], aA = [K, J], aB = [{ [aK]: "AccessPointName" }], aC = [{ [aI]: l, [aJ]: [{ [aK]: v }, false] }], aD = [{ [aI]: d, [aJ]: [{ [aI]: j, [aJ]: [{ [aK]: w }, "name"] }, { [aI]: j, [aJ]: [{ [aK]: "partitionResult" }, "name"] }] }], aE = [{ [aK]: "Bucket" }];
+const _data = { version: "1.0", parameters: { Region: D, UseFIPS: E, UseDualStack: E, Endpoint: D, AccountId: D, RequiresAccountId: F, OutpostId: D, Bucket: D, AccessPointName: D, UseArnRegion: F }, rules: [{ [aH]: [{ [aI]: c, [aJ]: au }], rules: [{ [aH]: [{ [aI]: d, [aJ]: [G, "snow"] }, H, I], rules: [{ [aH]: av, rules: [{ [aH]: aw, error: "S3 Snow does not support DualStack", [aG]: f }, { [aH]: ax, error: "S3 Snow does not support FIPS", [aG]: f }, { endpoint: { url: "{url#scheme}://{url#authority}", properties: L, headers: M }, [aG]: h }], [aG]: i }], [aG]: i }, { [aH]: [{ [aI]: c, [aJ]: [N] }], rules: [{ [aH]: av, rules: [O, P, U, { [aH]: [{ [aI]: k, [aJ]: [{ [aI]: l, [aJ]: [N, a] }] }], error: "OutpostId must only contain a-z, A-Z, 0-9 and `-`.", [aG]: f }, V, { [aH]: ay, rules: [{ [aH]: az, endpoint: { url: n, properties: W, headers: M }, [aG]: h }, { [aH]: aA, endpoint: { url: "https://s3-outposts-fips.{Region}.{partitionResult#dualStackDnsSuffix}", properties: W, headers: M }, [aG]: h }, { [aH]: ax, endpoint: { url: "https://s3-outposts-fips.{Region}.{partitionResult#dnsSuffix}", properties: W, headers: M }, [aG]: h }, { [aH]: aw, endpoint: { url: "https://s3-outposts.{Region}.{partitionResult#dualStackDnsSuffix}", properties: W, headers: M }, [aG]: h }, { endpoint: { url: "https://s3-outposts.{Region}.{partitionResult#dnsSuffix}", properties: W, headers: M }, [aG]: h }], [aG]: i }, X], [aG]: i }], [aG]: i }, { [aH]: [{ [aI]: c, [aJ]: aB }, { [aI]: p, [aJ]: aB, [aL]: q }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [Y, r], [aL]: s }, Z], rules: [{ [aH]: [{ [aI]: d, [aJ]: [{ [aI]: j, [aJ]: [Y, t] }, o] }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [Y, u], [aL]: v }], rules: [{ [aH]: aC, rules: [V, { [aH]: [aa, ab, { [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [ac, g] }] }], error: "Invalid configuration: region from ARN `{accessPointArn#region}` does not match client region `{Region}` and UseArnRegion is `false`", [aG]: f }, { [aH]: av, rules: [{ [aH]: [{ [aI]: e, [aJ]: [ac], [aL]: w }], rules: [{ [aH]: aD, rules: [{ [aH]: [{ [aI]: l, [aJ]: [ac, b] }], rules: [{ [aH]: [{ [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [ad, ""] }] }], rules: [{ [aH]: [{ [aI]: l, [aJ]: [ad, a] }], rules: [{ [aH]: [S, { [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [T, x] }] }], error: "Invalid ARN: the accountId specified in the ARN (`{accessPointArn#accountId}`) does not match the parameter (`{AccountId}`)", [aG]: f }, { [aH]: [{ [aI]: j, [aJ]: [Y, y], [aL]: z }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [Y, A], [aL]: "accessPointName" }], rules: [{ [aH]: [{ [aI]: d, [aJ]: [ae, "accesspoint"] }], rules: [{ [aH]: aA, endpoint: { url: "https://s3-outposts-fips.{accessPointArn#region}.{arnPartition#dualStackDnsSuffix}", properties: af, headers: ag }, [aG]: h }, { [aH]: ax, endpoint: { url: "https://s3-outposts-fips.{accessPointArn#region}.{arnPartition#dnsSuffix}", properties: af, headers: ag }, [aG]: h }, { [aH]: aw, endpoint: { url: "https://s3-outposts.{accessPointArn#region}.{arnPartition#dualStackDnsSuffix}", properties: af, headers: ag }, [aG]: h }, { [aH]: az, endpoint: { url: n, properties: af, headers: ag }, [aG]: h }, { endpoint: { url: "https://s3-outposts.{accessPointArn#region}.{arnPartition#dnsSuffix}", properties: af, headers: ag }, [aG]: h }], [aG]: i }, { error: "Expected an outpost type `accesspoint`, found `{outpostType}`", [aG]: f }], [aG]: i }, { error: "Invalid ARN: expected an access point name", [aG]: f }], [aG]: i }, ah], [aG]: i }, { error: "Invalid ARN: The account id may only contain a-z, A-Z, 0-9 and `-`. Found: `{accessPointArn#accountId}`", [aG]: f }], [aG]: i }, ai], [aG]: i }, { error: "Invalid region in ARN: `{accessPointArn#region}` (invalid DNS name)", [aG]: f }], [aG]: i }, aj], [aG]: i }], [aG]: i }], [aG]: i }, ak], [aG]: i }, al], [aG]: i }], [aG]: i }, am], [aG]: i }, { [aH]: [{ [aI]: c, [aJ]: aE }, { [aI]: p, [aJ]: aE, [aL]: B }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [an, r], [aL]: s }, Z], rules: [{ [aH]: [{ [aI]: d, [aJ]: [{ [aI]: j, [aJ]: [an, t] }, o] }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [an, u], [aL]: v }], rules: [{ [aH]: aC, rules: [V, { [aH]: [aa, ab, { [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [ao, g] }] }], error: "Invalid configuration: region from ARN `{bucketArn#region}` does not match client region `{Region}` and UseArnRegion is `false`", [aG]: f }, { [aH]: [{ [aI]: e, [aJ]: [ao], [aL]: w }], rules: [{ [aH]: av, rules: [{ [aH]: aD, rules: [{ [aH]: [{ [aI]: l, [aJ]: [ao, b] }], rules: [{ [aH]: [{ [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [ap, ""] }] }], rules: [{ [aH]: [{ [aI]: l, [aJ]: [ap, a] }], rules: [{ [aH]: [S, { [aI]: k, [aJ]: [{ [aI]: d, [aJ]: [T, C] }] }], error: "Invalid ARN: the accountId specified in the ARN (`{bucketArn#accountId}`) does not match the parameter (`{AccountId}`)", [aG]: f }, { [aH]: [{ [aI]: j, [aJ]: [an, y], [aL]: z }], rules: [{ [aH]: [{ [aI]: j, [aJ]: [an, A], [aL]: "bucketName" }], rules: [{ [aH]: [{ [aI]: d, [aJ]: [ae, "bucket"] }], rules: [{ [aH]: aA, endpoint: { url: "https://s3-outposts-fips.{bucketArn#region}.{arnPartition#dualStackDnsSuffix}", properties: aq, headers: ar }, [aG]: h }, { [aH]: ax, endpoint: { url: "https://s3-outposts-fips.{bucketArn#region}.{arnPartition#dnsSuffix}", properties: aq, headers: ar }, [aG]: h }, { [aH]: aw, endpoint: { url: "https://s3-outposts.{bucketArn#region}.{arnPartition#dualStackDnsSuffix}", properties: aq, headers: ar }, [aG]: h }, { [aH]: az, endpoint: { url: n, properties: aq, headers: ar }, [aG]: h }, { endpoint: { url: "https://s3-outposts.{bucketArn#region}.{arnPartition#dnsSuffix}", properties: aq, headers: ar }, [aG]: h }], [aG]: i }, { error: "Invalid ARN: Expected an outpost type `bucket`, found `{outpostType}`", [aG]: f }], [aG]: i }, { error: "Invalid ARN: expected a bucket name", [aG]: f }], [aG]: i }, ah], [aG]: i }, { error: "Invalid ARN: The account id may only contain a-z, A-Z, 0-9 and `-`. Found: `{bucketArn#accountId}`", [aG]: f }], [aG]: i }, ai], [aG]: i }, { error: "Invalid region in ARN: `{bucketArn#region}` (invalid DNS name)", [aG]: f }], [aG]: i }, aj], [aG]: i }], [aG]: i }], [aG]: i }, ak], [aG]: i }, al], [aG]: i }], [aG]: i }, am], [aG]: i }, { [aH]: av, rules: [{ [aH]: ay, rules: [O, P, U, { [aH]: az, rules: [{ [aH]: aw, error: m, [aG]: f }, { [aH]: [Q, R, S], endpoint: { url: "{url#scheme}://{AccountId}.{url#authority}{url#path}", properties: L, headers: M }, [aG]: h }, { endpoint: { url: n, properties: L, headers: M }, [aG]: h }], [aG]: i }, { [aH]: [K, J, Q, R, S], endpoint: { url: "https://{AccountId}.s3-control-fips.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: aA, endpoint: { url: "https://s3-control-fips.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [K, as, Q, R, S], endpoint: { url: "https://{AccountId}.s3-control-fips.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [K, as], endpoint: { url: "https://s3-control-fips.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [at, J, Q, R, S], endpoint: { url: "https://{AccountId}.s3-control.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [at, J], endpoint: { url: "https://s3-control.dualstack.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [at, as, Q, R, S], endpoint: { url: "https://{AccountId}.s3-control.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }, { [aH]: [at, as], endpoint: { url: "https://s3-control.{Region}.{partitionResult#dnsSuffix}", properties: L, headers: M }, [aG]: h }], [aG]: i }, X], [aG]: i }], [aG]: i }, { error: "Region must be set", [aG]: f }] };
 export const ruleSet = _data;

package/dist-es/runtimeConfig.shared.js

@@ -1,7 +1,9 @@
+import { AwsSdkSigV4Signer } from "@aws-sdk/core";
 import { NoOpLogger } from "@smithy/smithy-client";
 import { parseUrl } from "@smithy/url-parser";
 import { fromBase64, toBase64 } from "@smithy/util-base64";
 import { fromUtf8, toUtf8 } from "@smithy/util-utf8";
+import { defaultS3ControlHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider";
 import { defaultEndpointResolver } from "./endpoint/endpointResolver";
 export const getRuntimeConfig = (config) => {
     return {
@@ -11,6 +13,14 @@ export const getRuntimeConfig = (config) => {
         disableHostPrefix: config?.disableHostPrefix ?? false,
         endpointProvider: config?.endpointProvider ?? defaultEndpointResolver,
         extensions: config?.extensions ?? [],
+        httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultS3ControlHttpAuthSchemeProvider,
+        httpAuthSchemes: config?.httpAuthSchemes ?? [
+            {
+                schemeId: "aws.auth#sigv4",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
+                signer: new AwsSdkSigV4Signer(),
+            },
+        ],
         logger: config?.logger ?? new NoOpLogger(),
         serviceId: config?.serviceId ?? "S3 Control",
         signingEscapePath: config?.signingEscapePath ?? false,

package/dist-es/runtimeExtensions.js

@@ -1,12 +1,14 @@
 import { getAwsRegionExtensionConfiguration, resolveAwsRegionExtensionConfiguration, } from "@aws-sdk/region-config-resolver";
 import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http";
 import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client";
+import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration";
 const asPartial = (t) => t;
 export const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
     const extensionConfiguration = {
         ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)),
         ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)),
         ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)),
+        ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)),
     };
     extensions.forEach((extension) => extension.configure(extensionConfiguration));
     return {
@@ -14,5 +16,6 @@ export const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
         ...resolveAwsRegionExtensionConfiguration(extensionConfiguration),
         ...resolveDefaultRuntimeConfig(extensionConfiguration),
         ...resolveHttpHandlerRuntimeConfig(extensionConfiguration),
+        ...resolveHttpAuthRuntimeConfig(extensionConfiguration),
     };
 };

package/dist-types/S3ControlClient.d.ts

@@ -1,16 +1,15 @@
 /// <reference types="node" />
 import { HostHeaderInputConfig, HostHeaderResolvedConfig } from "@aws-sdk/middleware-host-header";
 import { S3ControlInputConfig, S3ControlResolvedConfig } from "@aws-sdk/middleware-sdk-s3-control";
-import { AwsAuthInputConfig, AwsAuthResolvedConfig } from "@aws-sdk/middleware-signing";
 import { UserAgentInputConfig, UserAgentResolvedConfig } from "@aws-sdk/middleware-user-agent";
-import { Credentials as __Credentials } from "@aws-sdk/types";
 import { RegionInputConfig, RegionResolvedConfig } from "@smithy/config-resolver";
 import { EndpointInputConfig, EndpointResolvedConfig } from "@smithy/middleware-endpoint";
 import { RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry";
 import { HttpHandler as __HttpHandler } from "@smithy/protocol-http";
 import { Client as __Client, DefaultsMode as __DefaultsMode, SmithyConfiguration as __SmithyConfiguration, SmithyResolvedConfiguration as __SmithyResolvedConfiguration } from "@smithy/smithy-client";
-import { BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, Decoder as __Decoder, Encoder as __Encoder, HashConstructor as __HashConstructor, HttpHandlerOptions as __HttpHandlerOptions, Logger as __Logger, Provider as __Provider, Provider, StreamCollector as __StreamCollector, StreamHasher as __StreamHasher, UrlParser as __UrlParser, UserAgent as __UserAgent } from "@smithy/types";
+import { AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, Decoder as __Decoder, Encoder as __Encoder, HashConstructor as __HashConstructor, HttpHandlerOptions as __HttpHandlerOptions, Logger as __Logger, Provider as __Provider, Provider, StreamCollector as __StreamCollector, StreamHasher as __StreamHasher, UrlParser as __UrlParser, UserAgent as __UserAgent } from "@smithy/types";
 import { Readable } from "stream";
+import { HttpAuthSchemeInputConfig, HttpAuthSchemeResolvedConfig } from "./auth/httpAuthSchemeProvider";
 import { AssociateAccessGrantsIdentityCenterCommandInput, AssociateAccessGrantsIdentityCenterCommandOutput } from "./commands/AssociateAccessGrantsIdentityCenterCommand";
 import { CreateAccessGrantCommandInput, CreateAccessGrantCommandOutput } from "./commands/CreateAccessGrantCommand";
 import { CreateAccessGrantsInstanceCommandInput, CreateAccessGrantsInstanceCommandOutput } from "./commands/CreateAccessGrantsInstanceCommand";
@@ -186,20 +185,21 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__
      * Enables FIPS compatible endpoints.
      */
     useFipsEndpoint?: boolean | __Provider<boolean>;
+    /**
+     * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header
+     * @internal
+     */
+    defaultUserAgentProvider?: Provider<__UserAgent>;
     /**
      * The AWS region to which this client will send requests
      */
     region?: string | __Provider<string>;
     /**
      * Default credentials provider; Not available in browser runtime.
+     * @deprecated
      * @internal
      */
-    credentialDefaultProvider?: (input: any) => __Provider<__Credentials>;
-    /**
-     * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header
-     * @internal
-     */
-    defaultUserAgentProvider?: Provider<__UserAgent>;
+    credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider;
     /**
      * Value for how many times a request will be made at most in case of retry.
      */
@@ -238,7 +238,7 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__
 /**
  * @public
  */
-export type S3ControlClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & ClientDefaults & RegionInputConfig & EndpointInputConfig<EndpointParameters> & RetryInputConfig & HostHeaderInputConfig & AwsAuthInputConfig & S3ControlInputConfig & UserAgentInputConfig & ClientInputEndpointParameters;
+export type S3ControlClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & ClientDefaults & RegionInputConfig & EndpointInputConfig<EndpointParameters> & RetryInputConfig & HostHeaderInputConfig & S3ControlInputConfig & UserAgentInputConfig & HttpAuthSchemeInputConfig & ClientInputEndpointParameters;
 /**
  * @public
  *
@@ -249,7 +249,7 @@ export interface S3ControlClientConfig extends S3ControlClientConfigType {
 /**
  * @public
  */
-export type S3ControlClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & Required<ClientDefaults> & RuntimeExtensionsConfig & RegionResolvedConfig & EndpointResolvedConfig<EndpointParameters> & RetryResolvedConfig & HostHeaderResolvedConfig & AwsAuthResolvedConfig & S3ControlResolvedConfig & UserAgentResolvedConfig & ClientResolvedEndpointParameters;
+export type S3ControlClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & Required<ClientDefaults> & RuntimeExtensionsConfig & RegionResolvedConfig & EndpointResolvedConfig<EndpointParameters> & RetryResolvedConfig & HostHeaderResolvedConfig & S3ControlResolvedConfig & UserAgentResolvedConfig & HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters;
 /**
  * @public
  *
@@ -273,4 +273,6 @@ export declare class S3ControlClient extends __Client<__HttpHandlerOptions, Serv
      * Otherwise, sockets might stay open for quite a long time before the server terminates them.
      */
     destroy(): void;
+    private getDefaultHttpAuthSchemeParametersProvider;
+    private getIdentityProviderConfigProvider;
 }

package/dist-types/auth/httpAuthExtensionConfiguration.d.ts

@@ -0,0 +1,29 @@
+import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types";
+import { S3ControlHttpAuthSchemeProvider } from "./httpAuthSchemeProvider";
+/**
+ * @internal
+ */
+export interface HttpAuthExtensionConfiguration {
+    setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void;
+    httpAuthSchemes(): HttpAuthScheme[];
+    setHttpAuthSchemeProvider(httpAuthSchemeProvider: S3ControlHttpAuthSchemeProvider): void;
+    httpAuthSchemeProvider(): S3ControlHttpAuthSchemeProvider;
+    setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void;
+    credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined;
+}
+/**
+ * @internal
+ */
+export type HttpAuthRuntimeConfig = Partial<{
+    httpAuthSchemes: HttpAuthScheme[];
+    httpAuthSchemeProvider: S3ControlHttpAuthSchemeProvider;
+    credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider;
+}>;
+/**
+ * @internal
+ */
+export declare const getHttpAuthExtensionConfiguration: (runtimeConfig: HttpAuthRuntimeConfig) => HttpAuthExtensionConfiguration;
+/**
+ * @internal
+ */
+export declare const resolveHttpAuthRuntimeConfig: (config: HttpAuthExtensionConfiguration) => HttpAuthRuntimeConfig;

package/dist-types/auth/httpAuthSchemeProvider.d.ts

@@ -0,0 +1,61 @@
+import { AwsSdkSigV4AuthInputConfig, AwsSdkSigV4AuthResolvedConfig, AwsSdkSigV4PreviouslyResolved } from "@aws-sdk/core";
+import { HandlerExecutionContext, HttpAuthScheme, HttpAuthSchemeParameters, HttpAuthSchemeParametersProvider, HttpAuthSchemeProvider } from "@smithy/types";
+import { S3ControlClientResolvedConfig } from "../S3ControlClient";
+/**
+ * @internal
+ */
+export interface S3ControlHttpAuthSchemeParameters extends HttpAuthSchemeParameters {
+    region?: string;
+}
+/**
+ * @internal
+ */
+export interface S3ControlHttpAuthSchemeParametersProvider extends HttpAuthSchemeParametersProvider<S3ControlClientResolvedConfig, HandlerExecutionContext, S3ControlHttpAuthSchemeParameters, object> {
+}
+/**
+ * @internal
+ */
+export declare const defaultS3ControlHttpAuthSchemeParametersProvider: (config: S3ControlClientResolvedConfig, context: HandlerExecutionContext, input: object) => Promise<S3ControlHttpAuthSchemeParameters>;
+/**
+ * @internal
+ */
+export interface S3ControlHttpAuthSchemeProvider extends HttpAuthSchemeProvider<S3ControlHttpAuthSchemeParameters> {
+}
+/**
+ * @internal
+ */
+export declare const defaultS3ControlHttpAuthSchemeProvider: S3ControlHttpAuthSchemeProvider;
+/**
+ * @internal
+ */
+export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig {
+    /**
+     * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme.
+     * @internal
+     */
+    httpAuthSchemes?: HttpAuthScheme[];
+    /**
+     * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use.
+     * @internal
+     */
+    httpAuthSchemeProvider?: S3ControlHttpAuthSchemeProvider;
+}
+/**
+ * @internal
+ */
+export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig {
+    /**
+     * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme.
+     * @internal
+     */
+    readonly httpAuthSchemes: HttpAuthScheme[];
+    /**
+     * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use.
+     * @internal
+     */
+    readonly httpAuthSchemeProvider: S3ControlHttpAuthSchemeProvider;
+}
+/**
+ * @internal
+ */
+export declare const resolveHttpAuthSchemeConfig: <T>(config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved) => T & HttpAuthSchemeResolvedConfig;

package/dist-types/extensionConfiguration.d.ts

@@ -1,8 +1,9 @@
 import { AwsRegionExtensionConfiguration } from "@aws-sdk/types";
 import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http";
 import { DefaultExtensionConfiguration } from "@smithy/types";
+import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration";
 /**
  * @internal
  */
-export interface S3ControlExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, AwsRegionExtensionConfiguration {
+export interface S3ControlExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, AwsRegionExtensionConfiguration, HttpAuthExtensionConfiguration {
 }

package/dist-types/runtimeConfig.browser.d.ts

@@ -8,7 +8,7 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
     runtime: string;
     defaultsMode: import("@smithy/types").Provider<import("@smithy/smithy-client").ResolvedDefaultsMode>;
     bodyLengthChecker: import("@smithy/types").BodyLengthCalculator;
-    credentialDefaultProvider: (input: any) => import("@smithy/types").Provider<import("@aws-sdk/types").Credentials>;
+    credentialDefaultProvider: (input: any) => import("@smithy/types").AwsCredentialIdentityProvider;
     defaultUserAgentProvider: import("@smithy/types").Provider<import("@smithy/types").UserAgent>;
     maxAttempts: number | import("@smithy/types").Provider<number>;
     md5: import("@smithy/types").HashConstructor;
@@ -39,12 +39,14 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean | undefined;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2 | undefined;
-    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").Provider<import("@smithy/types").AwsCredentialIdentity> | undefined;
+    useArnRegion?: boolean | import("@smithy/types").Provider<boolean> | undefined;
+    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[];
+    httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").S3ControlHttpAuthSchemeProvider;
+    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").AwsCredentialIdentityProvider | undefined;
     signer?: import("@smithy/types").RequestSigner | ((authScheme?: import("@smithy/types").AuthScheme | undefined) => Promise<import("@smithy/types").RequestSigner>) | undefined;
     signingEscapePath: boolean;
     systemClockOffset?: number | undefined;
     signingRegion?: string | undefined;
     signerConstructor?: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | undefined;
-    useArnRegion?: boolean | import("@smithy/types").Provider<boolean> | undefined;
-    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };

package/dist-types/runtimeConfig.d.ts

@@ -8,7 +8,7 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
     runtime: string;
     defaultsMode: import("@smithy/types").Provider<import("@smithy/smithy-client").ResolvedDefaultsMode>;
     bodyLengthChecker: import("@smithy/types").BodyLengthCalculator;
-    credentialDefaultProvider: (input: any) => import("@smithy/types").Provider<import("@aws-sdk/types").Credentials>;
+    credentialDefaultProvider: (input: any) => import("@smithy/types").AwsCredentialIdentityProvider;
     defaultUserAgentProvider: import("@smithy/types").Provider<import("@smithy/types").UserAgent>;
     maxAttempts: number | import("@smithy/types").Provider<number>;
     md5: import("@smithy/types").HashConstructor;
@@ -39,12 +39,14 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean | undefined;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2 | undefined;
-    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").Provider<import("@smithy/types").AwsCredentialIdentity> | undefined;
+    useArnRegion?: boolean | import("@smithy/types").Provider<boolean> | undefined;
+    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[];
+    httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").S3ControlHttpAuthSchemeProvider;
+    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").AwsCredentialIdentityProvider | undefined;
     signer?: import("@smithy/types").RequestSigner | ((authScheme?: import("@smithy/types").AuthScheme | undefined) => Promise<import("@smithy/types").RequestSigner>) | undefined;
     signingEscapePath: boolean;
     systemClockOffset?: number | undefined;
     signingRegion?: string | undefined;
     signerConstructor?: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | undefined;
-    useArnRegion?: boolean | import("@smithy/types").Provider<boolean> | undefined;
-    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };

package/dist-types/runtimeConfig.native.d.ts

@@ -22,9 +22,9 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
     serviceId: string;
     useDualstackEndpoint: boolean | import("@smithy/types").Provider<boolean>;
     useFipsEndpoint: boolean | import("@smithy/types").Provider<boolean>;
-    region: string | import("@smithy/types").Provider<any>;
-    credentialDefaultProvider: (input: any) => import("@smithy/types").Provider<import("@aws-sdk/types").Credentials>;
     defaultUserAgentProvider: import("@smithy/types").Provider<import("@smithy/types").UserAgent>;
+    region: string | import("@smithy/types").Provider<any>;
+    credentialDefaultProvider: (input: any) => import("@smithy/types").AwsCredentialIdentityProvider;
     maxAttempts: number | import("@smithy/types").Provider<number>;
     retryMode: string | import("@smithy/types").Provider<string>;
     logger: import("@smithy/types").Logger;
@@ -38,12 +38,14 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean | undefined;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2 | undefined;
-    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").Provider<import("@smithy/types").AwsCredentialIdentity> | undefined;
+    useArnRegion?: boolean | import("@smithy/types").Provider<boolean> | undefined;
+    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[];
+    httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").S3ControlHttpAuthSchemeProvider;
+    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").AwsCredentialIdentityProvider | undefined;
     signer?: import("@smithy/types").RequestSigner | ((authScheme?: import("@smithy/types").AuthScheme | undefined) => Promise<import("@smithy/types").RequestSigner>) | undefined;
     signingEscapePath: boolean;
     systemClockOffset?: number | undefined;
     signingRegion?: string | undefined;
     signerConstructor?: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | undefined;
-    useArnRegion?: boolean | import("@smithy/types").Provider<boolean> | undefined;
-    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };

package/dist-types/runtimeConfig.shared.d.ts

@@ -11,6 +11,8 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
         logger?: import("@smithy/types").Logger | undefined;
     }) => import("@smithy/types").EndpointV2;
     extensions: import("./runtimeExtensions").RuntimeExtension[];
+    httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").S3ControlHttpAuthSchemeProvider;
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[];
     logger: import("@smithy/types").Logger;
     serviceId: string;
     signingEscapePath: boolean;

package/dist-types/ts3.4/S3ControlClient.d.ts

@@ -6,15 +6,10 @@ import {
   S3ControlInputConfig,
   S3ControlResolvedConfig,
 } from "@aws-sdk/middleware-sdk-s3-control";
-import {
-  AwsAuthInputConfig,
-  AwsAuthResolvedConfig,
-} from "@aws-sdk/middleware-signing";
 import {
   UserAgentInputConfig,
   UserAgentResolvedConfig,
 } from "@aws-sdk/middleware-user-agent";
-import { Credentials as __Credentials } from "@aws-sdk/types";
 import {
   RegionInputConfig,
   RegionResolvedConfig,
@@ -35,6 +30,7 @@ import {
   SmithyResolvedConfiguration as __SmithyResolvedConfiguration,
 } from "@smithy/smithy-client";
 import {
+  AwsCredentialIdentityProvider,
   BodyLengthCalculator as __BodyLengthCalculator,
   CheckOptionalClientConfig as __CheckOptionalClientConfig,
   ChecksumConstructor as __ChecksumConstructor,
@@ -51,6 +47,10 @@ import {
   UserAgent as __UserAgent,
 } from "@smithy/types";
 import { Readable } from "stream";
+import {
+  HttpAuthSchemeInputConfig,
+  HttpAuthSchemeResolvedConfig,
+} from "./auth/httpAuthSchemeProvider";
 import {
   AssociateAccessGrantsIdentityCenterCommandInput,
   AssociateAccessGrantsIdentityCenterCommandOutput,
@@ -628,9 +628,9 @@ export interface ClientDefaults
   serviceId?: string;
   useDualstackEndpoint?: boolean | __Provider<boolean>;
   useFipsEndpoint?: boolean | __Provider<boolean>;
-  region?: string | __Provider<string>;
-  credentialDefaultProvider?: (input: any) => __Provider<__Credentials>;
   defaultUserAgentProvider?: Provider<__UserAgent>;
+  region?: string | __Provider<string>;
+  credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider;
   maxAttempts?: number | __Provider<number>;
   retryMode?: string | __Provider<string>;
   logger?: __Logger;
@@ -647,9 +647,9 @@ export type S3ControlClientConfigType = Partial<
   EndpointInputConfig<EndpointParameters> &
   RetryInputConfig &
   HostHeaderInputConfig &
-  AwsAuthInputConfig &
   S3ControlInputConfig &
   UserAgentInputConfig &
+  HttpAuthSchemeInputConfig &
   ClientInputEndpointParameters;
 export interface S3ControlClientConfig extends S3ControlClientConfigType {}
 export type S3ControlClientResolvedConfigType =
@@ -660,9 +660,9 @@ export type S3ControlClientResolvedConfigType =
     EndpointResolvedConfig<EndpointParameters> &
     RetryResolvedConfig &
     HostHeaderResolvedConfig &
-    AwsAuthResolvedConfig &
     S3ControlResolvedConfig &
     UserAgentResolvedConfig &
+    HttpAuthSchemeResolvedConfig &
     ClientResolvedEndpointParameters;
 export interface S3ControlClientResolvedConfig
   extends S3ControlClientResolvedConfigType {}
@@ -677,4 +677,6 @@ export declare class S3ControlClient extends __Client<
     ...[configuration]: __CheckOptionalClientConfig<S3ControlClientConfig>
   );
   destroy(): void;
+  private getDefaultHttpAuthSchemeParametersProvider;
+  private getIdentityProviderConfigProvider;
 }

package/dist-types/ts3.4/auth/httpAuthExtensionConfiguration.d.ts

@@ -0,0 +1,32 @@
+import {
+  AwsCredentialIdentity,
+  AwsCredentialIdentityProvider,
+  HttpAuthScheme,
+} from "@smithy/types";
+import { S3ControlHttpAuthSchemeProvider } from "./httpAuthSchemeProvider";
+export interface HttpAuthExtensionConfiguration {
+  setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void;
+  httpAuthSchemes(): HttpAuthScheme[];
+  setHttpAuthSchemeProvider(
+    httpAuthSchemeProvider: S3ControlHttpAuthSchemeProvider
+  ): void;
+  httpAuthSchemeProvider(): S3ControlHttpAuthSchemeProvider;
+  setCredentials(
+    credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider
+  ): void;
+  credentials():
+    | AwsCredentialIdentity
+    | AwsCredentialIdentityProvider
+    | undefined;
+}
+export type HttpAuthRuntimeConfig = Partial<{
+  httpAuthSchemes: HttpAuthScheme[];
+  httpAuthSchemeProvider: S3ControlHttpAuthSchemeProvider;
+  credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider;
+}>;
+export declare const getHttpAuthExtensionConfiguration: (
+  runtimeConfig: HttpAuthRuntimeConfig
+) => HttpAuthExtensionConfiguration;
+export declare const resolveHttpAuthRuntimeConfig: (
+  config: HttpAuthExtensionConfiguration
+) => HttpAuthRuntimeConfig;

package/dist-types/ts3.4/auth/httpAuthSchemeProvider.d.ts

@@ -0,0 +1,44 @@
+import {
+  AwsSdkSigV4AuthInputConfig,
+  AwsSdkSigV4AuthResolvedConfig,
+  AwsSdkSigV4PreviouslyResolved,
+} from "@aws-sdk/core";
+import {
+  HandlerExecutionContext,
+  HttpAuthScheme,
+  HttpAuthSchemeParameters,
+  HttpAuthSchemeParametersProvider,
+  HttpAuthSchemeProvider,
+} from "@smithy/types";
+import { S3ControlClientResolvedConfig } from "../S3ControlClient";
+export interface S3ControlHttpAuthSchemeParameters
+  extends HttpAuthSchemeParameters {
+  region?: string;
+}
+export interface S3ControlHttpAuthSchemeParametersProvider
+  extends HttpAuthSchemeParametersProvider<
+    S3ControlClientResolvedConfig,
+    HandlerExecutionContext,
+    S3ControlHttpAuthSchemeParameters,
+    object
+  > {}
+export declare const defaultS3ControlHttpAuthSchemeParametersProvider: (
+  config: S3ControlClientResolvedConfig,
+  context: HandlerExecutionContext,
+  input: object
+) => Promise<S3ControlHttpAuthSchemeParameters>;
+export interface S3ControlHttpAuthSchemeProvider
+  extends HttpAuthSchemeProvider<S3ControlHttpAuthSchemeParameters> {}
+export declare const defaultS3ControlHttpAuthSchemeProvider: S3ControlHttpAuthSchemeProvider;
+export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig {
+  httpAuthSchemes?: HttpAuthScheme[];
+  httpAuthSchemeProvider?: S3ControlHttpAuthSchemeProvider;
+}
+export interface HttpAuthSchemeResolvedConfig
+  extends AwsSdkSigV4AuthResolvedConfig {
+  readonly httpAuthSchemes: HttpAuthScheme[];
+  readonly httpAuthSchemeProvider: S3ControlHttpAuthSchemeProvider;
+}
+export declare const resolveHttpAuthSchemeConfig: <T>(
+  config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved
+) => T & HttpAuthSchemeResolvedConfig;

package/dist-types/ts3.4/extensionConfiguration.d.ts

@@ -1,7 +1,9 @@
 import { AwsRegionExtensionConfiguration } from "@aws-sdk/types";
 import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http";
 import { DefaultExtensionConfiguration } from "@smithy/types";
+import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration";
 export interface S3ControlExtensionConfiguration
   extends HttpHandlerExtensionConfiguration,
     DefaultExtensionConfiguration,
-    AwsRegionExtensionConfiguration {}
+    AwsRegionExtensionConfiguration,
+    HttpAuthExtensionConfiguration {}

package/dist-types/ts3.4/runtimeConfig.browser.d.ts

@@ -8,7 +8,7 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
   bodyLengthChecker: import("@smithy/types").BodyLengthCalculator;
   credentialDefaultProvider: (
     input: any
-  ) => import("@smithy/types").Provider<import("@aws-sdk/types").Credentials>;
+  ) => import("@smithy/types").AwsCredentialIdentityProvider;
   defaultUserAgentProvider: import("@smithy/types").Provider<
     import("@smithy/types").UserAgent
   >;
@@ -76,11 +76,16 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
     | import("@smithy/types").RetryStrategy
     | import("@smithy/types").RetryStrategyV2
     | undefined;
+  useArnRegion?:
+    | boolean
+    | import("@smithy/types").Provider<boolean>
+    | undefined;
+  customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+  httpAuthSchemes: import("@smithy/types").HttpAuthScheme[];
+  httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").S3ControlHttpAuthSchemeProvider;
   credentials?:
     | import("@smithy/types").AwsCredentialIdentity
-    | import("@smithy/types").Provider<
-        import("@smithy/types").AwsCredentialIdentity
-      >
+    | import("@smithy/types").AwsCredentialIdentityProvider
     | undefined;
   signer?:
     | import("@smithy/types").RequestSigner
@@ -97,9 +102,4 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
           import("@smithy/signature-v4").SignatureV4CryptoInit
       ) => import("@smithy/types").RequestSigner)
     | undefined;
-  useArnRegion?:
-    | boolean
-    | import("@smithy/types").Provider<boolean>
-    | undefined;
-  customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };

package/dist-types/ts3.4/runtimeConfig.d.ts

@@ -8,7 +8,7 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
   bodyLengthChecker: import("@smithy/types").BodyLengthCalculator;
   credentialDefaultProvider: (
     input: any
-  ) => import("@smithy/types").Provider<import("@aws-sdk/types").Credentials>;
+  ) => import("@smithy/types").AwsCredentialIdentityProvider;
   defaultUserAgentProvider: import("@smithy/types").Provider<
     import("@smithy/types").UserAgent
   >;
@@ -76,11 +76,16 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
     | import("@smithy/types").RetryStrategy
     | import("@smithy/types").RetryStrategyV2
     | undefined;
+  useArnRegion?:
+    | boolean
+    | import("@smithy/types").Provider<boolean>
+    | undefined;
+  customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+  httpAuthSchemes: import("@smithy/types").HttpAuthScheme[];
+  httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").S3ControlHttpAuthSchemeProvider;
   credentials?:
     | import("@smithy/types").AwsCredentialIdentity
-    | import("@smithy/types").Provider<
-        import("@smithy/types").AwsCredentialIdentity
-      >
+    | import("@smithy/types").AwsCredentialIdentityProvider
     | undefined;
   signer?:
     | import("@smithy/types").RequestSigner
@@ -97,9 +102,4 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
           import("@smithy/signature-v4").SignatureV4CryptoInit
       ) => import("@smithy/types").RequestSigner)
     | undefined;
-  useArnRegion?:
-    | boolean
-    | import("@smithy/types").Provider<boolean>
-    | undefined;
-  customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };

package/dist-types/ts3.4/runtimeConfig.native.d.ts

@@ -29,13 +29,13 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
   serviceId: string;
   useDualstackEndpoint: boolean | import("@smithy/types").Provider<boolean>;
   useFipsEndpoint: boolean | import("@smithy/types").Provider<boolean>;
-  region: string | import("@smithy/types").Provider<any>;
-  credentialDefaultProvider: (
-    input: any
-  ) => import("@smithy/types").Provider<import("@aws-sdk/types").Credentials>;
   defaultUserAgentProvider: import("@smithy/types").Provider<
     import("@smithy/types").UserAgent
   >;
+  region: string | import("@smithy/types").Provider<any>;
+  credentialDefaultProvider: (
+    input: any
+  ) => import("@smithy/types").AwsCredentialIdentityProvider;
   maxAttempts: number | import("@smithy/types").Provider<number>;
   retryMode: string | import("@smithy/types").Provider<string>;
   logger: import("@smithy/types").Logger;
@@ -67,11 +67,16 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
     | import("@smithy/types").RetryStrategy
     | import("@smithy/types").RetryStrategyV2
     | undefined;
+  useArnRegion?:
+    | boolean
+    | import("@smithy/types").Provider<boolean>
+    | undefined;
+  customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+  httpAuthSchemes: import("@smithy/types").HttpAuthScheme[];
+  httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").S3ControlHttpAuthSchemeProvider;
   credentials?:
     | import("@smithy/types").AwsCredentialIdentity
-    | import("@smithy/types").Provider<
-        import("@smithy/types").AwsCredentialIdentity
-      >
+    | import("@smithy/types").AwsCredentialIdentityProvider
     | undefined;
   signer?:
     | import("@smithy/types").RequestSigner
@@ -88,9 +93,4 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
           import("@smithy/signature-v4").SignatureV4CryptoInit
       ) => import("@smithy/types").RequestSigner)
     | undefined;
-  useArnRegion?:
-    | boolean
-    | import("@smithy/types").Provider<boolean>
-    | undefined;
-  customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };

package/dist-types/ts3.4/runtimeConfig.shared.d.ts

@@ -11,6 +11,8 @@ export declare const getRuntimeConfig: (config: S3ControlClientConfig) => {
     }
   ) => import("@smithy/types").EndpointV2;
   extensions: import("./runtimeExtensions").RuntimeExtension[];
+  httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").S3ControlHttpAuthSchemeProvider;
+  httpAuthSchemes: import("@smithy/types").HttpAuthScheme[];
   logger: import("@smithy/types").Logger;
   serviceId: string;
   signingEscapePath: boolean;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-s3-control",
   "description": "AWS SDK for JavaScript S3 Control Client for Node.js, Browser and React Native",
-  "version": "3.489.0",
+  "version": "3.491.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -22,14 +22,13 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "3.0.0",
     "@aws-crypto/sha256-js": "3.0.0",
-    "@aws-sdk/client-sts": "3.489.0",
-    "@aws-sdk/core": "3.485.0",
-    "@aws-sdk/credential-provider-node": "3.489.0",
+    "@aws-sdk/client-sts": "3.490.0",
+    "@aws-sdk/core": "3.490.0",
+    "@aws-sdk/credential-provider-node": "3.490.0",
     "@aws-sdk/middleware-host-header": "3.489.0",
     "@aws-sdk/middleware-logger": "3.489.0",
     "@aws-sdk/middleware-recursion-detection": "3.489.0",
     "@aws-sdk/middleware-sdk-s3-control": "3.489.0",
-    "@aws-sdk/middleware-signing": "3.489.0",
     "@aws-sdk/middleware-user-agent": "3.489.0",
     "@aws-sdk/region-config-resolver": "3.489.0",
     "@aws-sdk/types": "3.489.0",
@@ -63,6 +62,7 @@
     "@smithy/util-defaults-mode-browser": "^2.0.24",
     "@smithy/util-defaults-mode-node": "^2.0.32",
     "@smithy/util-endpoints": "^1.0.8",
+    "@smithy/util-middleware": "^2.0.9",
     "@smithy/util-retry": "^2.0.9",
     "@smithy/util-utf8": "^2.0.2",
     "fast-xml-parser": "4.2.5",