@aws-sdk/client-sts 3.289.0 → 3.290.0

package/dist-types/commands/AssumeRoleCommand.d.ts

@@ -116,6 +116,33 @@ export interface AssumeRoleCommandOutput extends AssumeRoleResponse, __MetadataB
  * @see {@link AssumeRoleCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
  *
+ * @throws {@link ExpiredTokenException} (client fault)
+ *  <p>The web identity token that was passed is expired or is not valid. Get a new identity
+ *             token from the identity provider and then retry the request.</p>
+ *
+ * @throws {@link MalformedPolicyDocumentException} (client fault)
+ *  <p>The request was rejected because the policy document was malformed. The error message
+ *             describes the specific error.</p>
+ *
+ * @throws {@link PackedPolicyTooLargeException} (client fault)
+ *  <p>The request was rejected because the total packed size of the session policies and
+ *             session tags combined was too large. An Amazon Web Services conversion compresses the session policy
+ *             document, session policy ARNs, and session tags into a packed binary format that has a
+ *             separate limit. The error message indicates by percentage how close the policies and
+ *             tags are to the upper size limit. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in
+ *             the <i>IAM User Guide</i>.</p>
+ *          <p>You could receive this error even though you meet other defined session policy and
+ *             session tag limits. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length">IAM and STS Entity
+ *                 Character Limits</a> in the <i>IAM User Guide</i>.</p>
+ *
+ * @throws {@link RegionDisabledException} (client fault)
+ *  <p>STS is not activated in the requested region for the account that is being asked to
+ *             generate credentials. The account administrator must use the IAM console to activate STS
+ *             in that region. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html">Activating and
+ *                 Deactivating Amazon Web Services STS in an Amazon Web Services Region</a> in the <i>IAM User
+ *                     Guide</i>.</p>
+ *
+ *
  * @example To assume a role
  * ```javascript
  * //

package/dist-types/commands/AssumeRoleWithSAMLCommand.d.ts

@@ -157,6 +157,43 @@ export interface AssumeRoleWithSAMLCommandOutput extends AssumeRoleWithSAMLRespo
  * @see {@link AssumeRoleWithSAMLCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
  *
+ * @throws {@link ExpiredTokenException} (client fault)
+ *  <p>The web identity token that was passed is expired or is not valid. Get a new identity
+ *             token from the identity provider and then retry the request.</p>
+ *
+ * @throws {@link IDPRejectedClaimException} (client fault)
+ *  <p>The identity provider (IdP) reported that authentication failed. This might be because
+ *             the claim is invalid.</p>
+ *          <p>If this error is returned for the <code>AssumeRoleWithWebIdentity</code> operation, it
+ *             can also mean that the claim has expired or has been explicitly revoked. </p>
+ *
+ * @throws {@link InvalidIdentityTokenException} (client fault)
+ *  <p>The web identity token that was passed could not be validated by Amazon Web Services. Get a new
+ *             identity token from the identity provider and then retry the request.</p>
+ *
+ * @throws {@link MalformedPolicyDocumentException} (client fault)
+ *  <p>The request was rejected because the policy document was malformed. The error message
+ *             describes the specific error.</p>
+ *
+ * @throws {@link PackedPolicyTooLargeException} (client fault)
+ *  <p>The request was rejected because the total packed size of the session policies and
+ *             session tags combined was too large. An Amazon Web Services conversion compresses the session policy
+ *             document, session policy ARNs, and session tags into a packed binary format that has a
+ *             separate limit. The error message indicates by percentage how close the policies and
+ *             tags are to the upper size limit. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in
+ *             the <i>IAM User Guide</i>.</p>
+ *          <p>You could receive this error even though you meet other defined session policy and
+ *             session tag limits. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length">IAM and STS Entity
+ *                 Character Limits</a> in the <i>IAM User Guide</i>.</p>
+ *
+ * @throws {@link RegionDisabledException} (client fault)
+ *  <p>STS is not activated in the requested region for the account that is being asked to
+ *             generate credentials. The account administrator must use the IAM console to activate STS
+ *             in that region. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html">Activating and
+ *                 Deactivating Amazon Web Services STS in an Amazon Web Services Region</a> in the <i>IAM User
+ *                     Guide</i>.</p>
+ *
+ *
  * @example To assume a role using a SAML assertion
  * ```javascript
  * //

package/dist-types/commands/AssumeRoleWithWebIdentityCommand.d.ts

@@ -161,6 +161,50 @@ export interface AssumeRoleWithWebIdentityCommandOutput extends AssumeRoleWithWe
  * @see {@link AssumeRoleWithWebIdentityCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
  *
+ * @throws {@link ExpiredTokenException} (client fault)
+ *  <p>The web identity token that was passed is expired or is not valid. Get a new identity
+ *             token from the identity provider and then retry the request.</p>
+ *
+ * @throws {@link IDPCommunicationErrorException} (client fault)
+ *  <p>The request could not be fulfilled because the identity provider (IDP) that
+ *             was asked to verify the incoming identity token could not be reached. This is often a
+ *             transient error caused by network conditions. Retry the request a limited number of
+ *             times so that you don't exceed the request rate. If the error persists, the
+ *             identity provider might be down or not responding.</p>
+ *
+ * @throws {@link IDPRejectedClaimException} (client fault)
+ *  <p>The identity provider (IdP) reported that authentication failed. This might be because
+ *             the claim is invalid.</p>
+ *          <p>If this error is returned for the <code>AssumeRoleWithWebIdentity</code> operation, it
+ *             can also mean that the claim has expired or has been explicitly revoked. </p>
+ *
+ * @throws {@link InvalidIdentityTokenException} (client fault)
+ *  <p>The web identity token that was passed could not be validated by Amazon Web Services. Get a new
+ *             identity token from the identity provider and then retry the request.</p>
+ *
+ * @throws {@link MalformedPolicyDocumentException} (client fault)
+ *  <p>The request was rejected because the policy document was malformed. The error message
+ *             describes the specific error.</p>
+ *
+ * @throws {@link PackedPolicyTooLargeException} (client fault)
+ *  <p>The request was rejected because the total packed size of the session policies and
+ *             session tags combined was too large. An Amazon Web Services conversion compresses the session policy
+ *             document, session policy ARNs, and session tags into a packed binary format that has a
+ *             separate limit. The error message indicates by percentage how close the policies and
+ *             tags are to the upper size limit. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in
+ *             the <i>IAM User Guide</i>.</p>
+ *          <p>You could receive this error even though you meet other defined session policy and
+ *             session tag limits. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length">IAM and STS Entity
+ *                 Character Limits</a> in the <i>IAM User Guide</i>.</p>
+ *
+ * @throws {@link RegionDisabledException} (client fault)
+ *  <p>STS is not activated in the requested region for the account that is being asked to
+ *             generate credentials. The account administrator must use the IAM console to activate STS
+ *             in that region. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html">Activating and
+ *                 Deactivating Amazon Web Services STS in an Amazon Web Services Region</a> in the <i>IAM User
+ *                     Guide</i>.</p>
+ *
+ *
  * @example To assume a role as an OpenID Connect-federated user
  * ```javascript
  * //

package/dist-types/commands/DecodeAuthorizationMessageCommand.d.ts

@@ -64,6 +64,12 @@ export interface DecodeAuthorizationMessageCommandOutput extends DecodeAuthoriza
  * @see {@link DecodeAuthorizationMessageCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
  *
+ * @throws {@link InvalidAuthorizationMessageException} (client fault)
+ *  <p>The error returned if the message passed to <code>DecodeAuthorizationMessage</code>
+ *             was invalid. This can happen if the token contains invalid characters, such as
+ *             linebreaks. </p>
+ *
+ *
  * @example To decode information about an authorization status of a request
  * ```javascript
  * //

package/dist-types/commands/GetAccessKeyInfoCommand.d.ts

@@ -46,6 +46,7 @@ export interface GetAccessKeyInfoCommandOutput extends GetAccessKeyInfoResponse,
  * @see {@link GetAccessKeyInfoCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
  *
+ *
  */
 export declare class GetAccessKeyInfoCommand extends $Command<GetAccessKeyInfoCommandInput, GetAccessKeyInfoCommandOutput, STSClientResolvedConfig> {
     readonly input: GetAccessKeyInfoCommandInput;

package/dist-types/commands/GetCallerIdentityCommand.d.ts

@@ -38,6 +38,7 @@ export interface GetCallerIdentityCommandOutput extends GetCallerIdentityRespons
  * @see {@link GetCallerIdentityCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
  *
+ *
  * @example To get details about a calling IAM user
  * ```javascript
  * // This example shows a request and response made with the credentials for a user named Alice in the AWS account 123456789012.

package/dist-types/commands/GetFederationTokenCommand.d.ts

@@ -115,6 +115,29 @@ export interface GetFederationTokenCommandOutput extends GetFederationTokenRespo
  * @see {@link GetFederationTokenCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
  *
+ * @throws {@link MalformedPolicyDocumentException} (client fault)
+ *  <p>The request was rejected because the policy document was malformed. The error message
+ *             describes the specific error.</p>
+ *
+ * @throws {@link PackedPolicyTooLargeException} (client fault)
+ *  <p>The request was rejected because the total packed size of the session policies and
+ *             session tags combined was too large. An Amazon Web Services conversion compresses the session policy
+ *             document, session policy ARNs, and session tags into a packed binary format that has a
+ *             separate limit. The error message indicates by percentage how close the policies and
+ *             tags are to the upper size limit. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in
+ *             the <i>IAM User Guide</i>.</p>
+ *          <p>You could receive this error even though you meet other defined session policy and
+ *             session tag limits. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length">IAM and STS Entity
+ *                 Character Limits</a> in the <i>IAM User Guide</i>.</p>
+ *
+ * @throws {@link RegionDisabledException} (client fault)
+ *  <p>STS is not activated in the requested region for the account that is being asked to
+ *             generate credentials. The account administrator must use the IAM console to activate STS
+ *             in that region. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html">Activating and
+ *                 Deactivating Amazon Web Services STS in an Amazon Web Services Region</a> in the <i>IAM User
+ *                     Guide</i>.</p>
+ *
+ *
  * @example To get temporary credentials for a role by using GetFederationToken
  * ```javascript
  * //

package/dist-types/commands/GetSessionTokenCommand.d.ts

@@ -87,6 +87,14 @@ export interface GetSessionTokenCommandOutput extends GetSessionTokenResponse, _
  * @see {@link GetSessionTokenCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
  *
+ * @throws {@link RegionDisabledException} (client fault)
+ *  <p>STS is not activated in the requested region for the account that is being asked to
+ *             generate credentials. The account administrator must use the IAM console to activate STS
+ *             in that region. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html">Activating and
+ *                 Deactivating Amazon Web Services STS in an Amazon Web Services Region</a> in the <i>IAM User
+ *                     Guide</i>.</p>
+ *
+ *
  * @example To get temporary credentials for an IAM user or an AWS account
  * ```javascript
  * //

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-sts",
   "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native",
-  "version": "3.289.0",
+  "version": "3.290.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -22,37 +22,37 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "3.0.0",
     "@aws-crypto/sha256-js": "3.0.0",
-    "@aws-sdk/config-resolver": "3.289.0",
-    "@aws-sdk/credential-provider-node": "3.289.0",
-    "@aws-sdk/fetch-http-handler": "3.289.0",
-    "@aws-sdk/hash-node": "3.289.0",
-    "@aws-sdk/invalid-dependency": "3.289.0",
-    "@aws-sdk/middleware-content-length": "3.289.0",
-    "@aws-sdk/middleware-endpoint": "3.289.0",
-    "@aws-sdk/middleware-host-header": "3.289.0",
-    "@aws-sdk/middleware-logger": "3.289.0",
-    "@aws-sdk/middleware-recursion-detection": "3.289.0",
-    "@aws-sdk/middleware-retry": "3.289.0",
-    "@aws-sdk/middleware-sdk-sts": "3.289.0",
-    "@aws-sdk/middleware-serde": "3.289.0",
-    "@aws-sdk/middleware-signing": "3.289.0",
-    "@aws-sdk/middleware-stack": "3.289.0",
-    "@aws-sdk/middleware-user-agent": "3.289.0",
-    "@aws-sdk/node-config-provider": "3.289.0",
-    "@aws-sdk/node-http-handler": "3.289.0",
-    "@aws-sdk/protocol-http": "3.289.0",
-    "@aws-sdk/smithy-client": "3.289.0",
-    "@aws-sdk/types": "3.289.0",
-    "@aws-sdk/url-parser": "3.289.0",
+    "@aws-sdk/config-resolver": "3.290.0",
+    "@aws-sdk/credential-provider-node": "3.290.0",
+    "@aws-sdk/fetch-http-handler": "3.290.0",
+    "@aws-sdk/hash-node": "3.290.0",
+    "@aws-sdk/invalid-dependency": "3.290.0",
+    "@aws-sdk/middleware-content-length": "3.290.0",
+    "@aws-sdk/middleware-endpoint": "3.290.0",
+    "@aws-sdk/middleware-host-header": "3.290.0",
+    "@aws-sdk/middleware-logger": "3.290.0",
+    "@aws-sdk/middleware-recursion-detection": "3.290.0",
+    "@aws-sdk/middleware-retry": "3.290.0",
+    "@aws-sdk/middleware-sdk-sts": "3.290.0",
+    "@aws-sdk/middleware-serde": "3.290.0",
+    "@aws-sdk/middleware-signing": "3.290.0",
+    "@aws-sdk/middleware-stack": "3.290.0",
+    "@aws-sdk/middleware-user-agent": "3.290.0",
+    "@aws-sdk/node-config-provider": "3.290.0",
+    "@aws-sdk/node-http-handler": "3.290.0",
+    "@aws-sdk/protocol-http": "3.290.0",
+    "@aws-sdk/smithy-client": "3.290.0",
+    "@aws-sdk/types": "3.290.0",
+    "@aws-sdk/url-parser": "3.290.0",
     "@aws-sdk/util-base64": "3.208.0",
     "@aws-sdk/util-body-length-browser": "3.188.0",
     "@aws-sdk/util-body-length-node": "3.208.0",
-    "@aws-sdk/util-defaults-mode-browser": "3.289.0",
-    "@aws-sdk/util-defaults-mode-node": "3.289.0",
-    "@aws-sdk/util-endpoints": "3.289.0",
-    "@aws-sdk/util-retry": "3.289.0",
-    "@aws-sdk/util-user-agent-browser": "3.289.0",
-    "@aws-sdk/util-user-agent-node": "3.289.0",
+    "@aws-sdk/util-defaults-mode-browser": "3.290.0",
+    "@aws-sdk/util-defaults-mode-node": "3.290.0",
+    "@aws-sdk/util-endpoints": "3.290.0",
+    "@aws-sdk/util-retry": "3.290.0",
+    "@aws-sdk/util-user-agent-browser": "3.290.0",
+    "@aws-sdk/util-user-agent-node": "3.290.0",
     "@aws-sdk/util-utf8": "3.254.0",
     "fast-xml-parser": "4.1.2",
     "tslib": "^2.3.1"