npm - @aws-sdk/client-sts - Versions diffs - 3.295.0 → 3.297.0 - Mend

@aws-sdk/client-sts 3.295.0 → 3.297.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist-cjs/protocols/Aws_query.js +19 -83
package/dist-es/protocols/Aws_query.js +19 -83
package/dist-types/STS.d.ts +10 -1
package/dist-types/STSClient.d.ts +24 -4
package/dist-types/commands/AssumeRoleCommand.d.ts +17 -1
package/dist-types/commands/AssumeRoleWithSAMLCommand.d.ts +16 -0
package/dist-types/commands/AssumeRoleWithWebIdentityCommand.d.ts +16 -0
package/dist-types/commands/DecodeAuthorizationMessageCommand.d.ts +16 -0
package/dist-types/commands/GetAccessKeyInfoCommand.d.ts +16 -0
package/dist-types/commands/GetCallerIdentityCommand.d.ts +16 -0
package/dist-types/commands/GetFederationTokenCommand.d.ts +16 -0
package/dist-types/commands/GetSessionTokenCommand.d.ts +16 -0
package/dist-types/models/STSServiceException.d.ts +2 -0
package/dist-types/models/models_0.d.ts +47 -0
package/package.json +29 -29

package/dist-types/commands/AssumeRoleWithSAMLCommand.d.ts CHANGED Viewed

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { AssumeRoleWithSAMLRequest, AssumeRoleWithSAMLResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link AssumeRoleWithSAMLCommand}.
  */
 export interface AssumeRoleWithSAMLCommandInput extends AssumeRoleWithSAMLRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link AssumeRoleWithSAMLCommand}.
  */
 export interface AssumeRoleWithSAMLCommandOutput extends AssumeRoleWithSAMLResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns a set of temporary security credentials for users who have been authenticated
  *          via a SAML authentication response. This operation provides a mechanism for tying an
  *          enterprise identity store or directory to role-based Amazon Web Services access without user-specific
@@ -153,6 +158,8 @@ export interface AssumeRoleWithSAMLCommandOutput extends AssumeRoleWithSAMLRespo
  * const response = await client.send(command);
  * ```
  *
+ * @param AssumeRoleWithSAMLCommandInput - {@link AssumeRoleWithSAMLCommandInput}
+ * @returns {@link AssumeRoleWithSAMLCommandOutput}
  * @see {@link AssumeRoleWithSAMLCommandInput} for command's `input` shape.
  * @see {@link AssumeRoleWithSAMLCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -232,11 +239,20 @@ export interface AssumeRoleWithSAMLCommandOutput extends AssumeRoleWithSAMLRespo
 export declare class AssumeRoleWithSAMLCommand extends $Command<AssumeRoleWithSAMLCommandInput, AssumeRoleWithSAMLCommandOutput, STSClientResolvedConfig> {
     readonly input: AssumeRoleWithSAMLCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: AssumeRoleWithSAMLCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<AssumeRoleWithSAMLCommandInput, AssumeRoleWithSAMLCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/AssumeRoleWithWebIdentityCommand.d.ts CHANGED Viewed

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { AssumeRoleWithWebIdentityRequest, AssumeRoleWithWebIdentityResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link AssumeRoleWithWebIdentityCommand}.
  */
 export interface AssumeRoleWithWebIdentityCommandInput extends AssumeRoleWithWebIdentityRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link AssumeRoleWithWebIdentityCommand}.
  */
 export interface AssumeRoleWithWebIdentityCommandOutput extends AssumeRoleWithWebIdentityResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns a set of temporary security credentials for users who have been authenticated in
  *          a mobile or web application with a web identity provider. Example providers include the
  *          OAuth 2.0 providers Login with Amazon and Facebook, or any OpenID Connect-compatible
@@ -157,6 +162,8 @@ export interface AssumeRoleWithWebIdentityCommandOutput extends AssumeRoleWithWe
  * const response = await client.send(command);
  * ```
  *
+ * @param AssumeRoleWithWebIdentityCommandInput - {@link AssumeRoleWithWebIdentityCommandInput}
+ * @returns {@link AssumeRoleWithWebIdentityCommandOutput}
  * @see {@link AssumeRoleWithWebIdentityCommandInput} for command's `input` shape.
  * @see {@link AssumeRoleWithWebIdentityCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -243,11 +250,20 @@ export interface AssumeRoleWithWebIdentityCommandOutput extends AssumeRoleWithWe
 export declare class AssumeRoleWithWebIdentityCommand extends $Command<AssumeRoleWithWebIdentityCommandInput, AssumeRoleWithWebIdentityCommandOutput, STSClientResolvedConfig> {
     readonly input: AssumeRoleWithWebIdentityCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: AssumeRoleWithWebIdentityCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<AssumeRoleWithWebIdentityCommandInput, AssumeRoleWithWebIdentityCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/DecodeAuthorizationMessageCommand.d.ts CHANGED Viewed

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { DecodeAuthorizationMessageRequest, DecodeAuthorizationMessageResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link DecodeAuthorizationMessageCommand}.
  */
 export interface DecodeAuthorizationMessageCommandInput extends DecodeAuthorizationMessageRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link DecodeAuthorizationMessageCommand}.
  */
 export interface DecodeAuthorizationMessageCommandOutput extends DecodeAuthorizationMessageResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Decodes additional information about the authorization status of a request from an
  *          encoded message returned in response to an Amazon Web Services request.</p>
  *          <p>For example, if a user is not authorized to perform an operation that he or she has
@@ -60,6 +65,8 @@ export interface DecodeAuthorizationMessageCommandOutput extends DecodeAuthoriza
  * const response = await client.send(command);
  * ```
  *
+ * @param DecodeAuthorizationMessageCommandInput - {@link DecodeAuthorizationMessageCommandInput}
+ * @returns {@link DecodeAuthorizationMessageCommandOutput}
  * @see {@link DecodeAuthorizationMessageCommandInput} for command's `input` shape.
  * @see {@link DecodeAuthorizationMessageCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -90,11 +97,20 @@ export interface DecodeAuthorizationMessageCommandOutput extends DecodeAuthoriza
 export declare class DecodeAuthorizationMessageCommand extends $Command<DecodeAuthorizationMessageCommandInput, DecodeAuthorizationMessageCommandOutput, STSClientResolvedConfig> {
     readonly input: DecodeAuthorizationMessageCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: DecodeAuthorizationMessageCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<DecodeAuthorizationMessageCommandInput, DecodeAuthorizationMessageCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/GetAccessKeyInfoCommand.d.ts CHANGED Viewed

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { GetAccessKeyInfoRequest, GetAccessKeyInfoResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link GetAccessKeyInfoCommand}.
  */
 export interface GetAccessKeyInfoCommandInput extends GetAccessKeyInfoRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link GetAccessKeyInfoCommand}.
  */
 export interface GetAccessKeyInfoCommandOutput extends GetAccessKeyInfoResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns the account identifier for the specified access key ID.</p>
  *          <p>Access keys consist of two parts: an access key ID (for example,
  *             <code>AKIAIOSFODNN7EXAMPLE</code>) and a secret access key (for example,
@@ -42,6 +47,8 @@ export interface GetAccessKeyInfoCommandOutput extends GetAccessKeyInfoResponse,
  * const response = await client.send(command);
  * ```
  *
+ * @param GetAccessKeyInfoCommandInput - {@link GetAccessKeyInfoCommandInput}
+ * @returns {@link GetAccessKeyInfoCommandOutput}
  * @see {@link GetAccessKeyInfoCommandInput} for command's `input` shape.
  * @see {@link GetAccessKeyInfoCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -51,11 +58,20 @@ export interface GetAccessKeyInfoCommandOutput extends GetAccessKeyInfoResponse,
 export declare class GetAccessKeyInfoCommand extends $Command<GetAccessKeyInfoCommandInput, GetAccessKeyInfoCommandOutput, STSClientResolvedConfig> {
     readonly input: GetAccessKeyInfoCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: GetAccessKeyInfoCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<GetAccessKeyInfoCommandInput, GetAccessKeyInfoCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/GetCallerIdentityCommand.d.ts CHANGED Viewed

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { GetCallerIdentityRequest, GetCallerIdentityResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link GetCallerIdentityCommand}.
  */
 export interface GetCallerIdentityCommandInput extends GetCallerIdentityRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link GetCallerIdentityCommand}.
  */
 export interface GetCallerIdentityCommandOutput extends GetCallerIdentityResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns details about the IAM user or role whose credentials are used to call the
  *          operation.</p>
  *          <note>
@@ -34,6 +39,8 @@ export interface GetCallerIdentityCommandOutput extends GetCallerIdentityRespons
  * const response = await client.send(command);
  * ```
  *
+ * @param GetCallerIdentityCommandInput - {@link GetCallerIdentityCommandInput}
+ * @returns {@link GetCallerIdentityCommandOutput}
  * @see {@link GetCallerIdentityCommandInput} for command's `input` shape.
  * @see {@link GetCallerIdentityCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -91,11 +98,20 @@ export interface GetCallerIdentityCommandOutput extends GetCallerIdentityRespons
 export declare class GetCallerIdentityCommand extends $Command<GetCallerIdentityCommandInput, GetCallerIdentityCommandOutput, STSClientResolvedConfig> {
     readonly input: GetCallerIdentityCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: GetCallerIdentityCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<GetCallerIdentityCommandInput, GetCallerIdentityCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/GetFederationTokenCommand.d.ts CHANGED Viewed

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { GetFederationTokenRequest, GetFederationTokenResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link GetFederationTokenCommand}.
  */
 export interface GetFederationTokenCommandInput extends GetFederationTokenRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link GetFederationTokenCommand}.
  */
 export interface GetFederationTokenCommandOutput extends GetFederationTokenResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns a set of temporary security credentials (consisting of an access key ID, a
  *          secret access key, and a security token) for a federated user. A typical use is in a proxy
  *          application that gets temporary security credentials on behalf of distributed applications
@@ -111,6 +116,8 @@ export interface GetFederationTokenCommandOutput extends GetFederationTokenRespo
  * const response = await client.send(command);
  * ```
  *
+ * @param GetFederationTokenCommandInput - {@link GetFederationTokenCommandInput}
+ * @returns {@link GetFederationTokenCommandOutput}
  * @see {@link GetFederationTokenCommandInput} for command's `input` shape.
  * @see {@link GetFederationTokenCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -180,11 +187,20 @@ export interface GetFederationTokenCommandOutput extends GetFederationTokenRespo
 export declare class GetFederationTokenCommand extends $Command<GetFederationTokenCommandInput, GetFederationTokenCommandOutput, STSClientResolvedConfig> {
     readonly input: GetFederationTokenCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: GetFederationTokenCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<GetFederationTokenCommandInput, GetFederationTokenCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/GetSessionTokenCommand.d.ts CHANGED Viewed

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { GetSessionTokenRequest, GetSessionTokenResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link GetSessionTokenCommand}.
  */
 export interface GetSessionTokenCommandInput extends GetSessionTokenRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link GetSessionTokenCommand}.
  */
 export interface GetSessionTokenCommandOutput extends GetSessionTokenResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns a set of temporary credentials for an Amazon Web Services account or IAM user. The
  *          credentials consist of an access key ID, a secret access key, and a security token.
  *          Typically, you use <code>GetSessionToken</code> if you want to use MFA to protect
@@ -83,6 +88,8 @@ export interface GetSessionTokenCommandOutput extends GetSessionTokenResponse, _
  * const response = await client.send(command);
  * ```
  *
+ * @param GetSessionTokenCommandInput - {@link GetSessionTokenCommandInput}
+ * @returns {@link GetSessionTokenCommandOutput}
  * @see {@link GetSessionTokenCommandInput} for command's `input` shape.
  * @see {@link GetSessionTokenCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -122,11 +129,20 @@ export interface GetSessionTokenCommandOutput extends GetSessionTokenResponse, _
 export declare class GetSessionTokenCommand extends $Command<GetSessionTokenCommandInput, GetSessionTokenCommandOutput, STSClientResolvedConfig> {
     readonly input: GetSessionTokenCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: GetSessionTokenCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<GetSessionTokenCommandInput, GetSessionTokenCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/models/STSServiceException.d.ts CHANGED Viewed

@@ -1,5 +1,7 @@
 import { ServiceException as __ServiceException, ServiceExceptionOptions as __ServiceExceptionOptions } from "@aws-sdk/smithy-client";
 /**
+ * @public
+ *
  * Base exception class for all service exceptions from STS service.
  */
 export declare class STSServiceException extends __ServiceException {

package/dist-types/models/models_0.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import { ExceptionOptionType as __ExceptionOptionType } from "@aws-sdk/smithy-client";
 import { STSServiceException as __BaseException } from "./STSServiceException";
 /**
+ * @public
  * <p>The identifiers for the temporary security credentials that the operation
  *          returns.</p>
  */
@@ -18,6 +19,7 @@ export interface AssumedRoleUser {
     Arn: string | undefined;
 }
 /**
+ * @public
  * <p>A reference to the IAM managed policy that is passed as a session policy for a role
  *          session or a federated user session.</p>
  */
@@ -30,6 +32,7 @@ export interface PolicyDescriptorType {
     arn?: string;
 }
 /**
+ * @public
  * <p>You can pass custom key-value pair attributes when you assume a role or federate a user.
  *          These are called session tags. You can then use the session tags to control access to
  *          resources. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Tagging Amazon Web Services STS Sessions</a> in the
@@ -51,6 +54,9 @@ export interface Tag {
      */
     Value: string | undefined;
 }
+/**
+ * @public
+ */
 export interface AssumeRoleRequest {
     /**
      * <p>The Amazon Resource Name (ARN) of the role to assume.</p>
@@ -242,6 +248,7 @@ export interface AssumeRoleRequest {
     SourceIdentity?: string;
 }
 /**
+ * @public
  * <p>Amazon Web Services credentials for API authentication.</p>
  */
 export interface Credentials {
@@ -264,6 +271,7 @@ export interface Credentials {
     Expiration: Date | undefined;
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>AssumeRole</a> request, including
  *       temporary Amazon Web Services credentials that can be used to make Amazon Web Services requests. </p>
  */
@@ -309,6 +317,7 @@ export interface AssumeRoleResponse {
     SourceIdentity?: string;
 }
 /**
+ * @public
  * <p>The web identity token that was passed is expired or is not valid. Get a new identity
  *             token from the identity provider and then retry the request.</p>
  */
@@ -321,6 +330,7 @@ export declare class ExpiredTokenException extends __BaseException {
     constructor(opts: __ExceptionOptionType<ExpiredTokenException, __BaseException>);
 }
 /**
+ * @public
  * <p>The request was rejected because the policy document was malformed. The error message
  *             describes the specific error.</p>
  */
@@ -333,6 +343,7 @@ export declare class MalformedPolicyDocumentException extends __BaseException {
     constructor(opts: __ExceptionOptionType<MalformedPolicyDocumentException, __BaseException>);
 }
 /**
+ * @public
  * <p>The request was rejected because the total packed size of the session policies and
  *             session tags combined was too large. An Amazon Web Services conversion compresses the session policy
  *             document, session policy ARNs, and session tags into a packed binary format that has a
@@ -352,6 +363,7 @@ export declare class PackedPolicyTooLargeException extends __BaseException {
     constructor(opts: __ExceptionOptionType<PackedPolicyTooLargeException, __BaseException>);
 }
 /**
+ * @public
  * <p>STS is not activated in the requested region for the account that is being asked to
  *             generate credentials. The account administrator must use the IAM console to activate STS
  *             in that region. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html">Activating and
@@ -366,6 +378,9 @@ export declare class RegionDisabledException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<RegionDisabledException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface AssumeRoleWithSAMLRequest {
     /**
      * <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
@@ -456,6 +471,7 @@ export interface AssumeRoleWithSAMLRequest {
     DurationSeconds?: number;
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>AssumeRoleWithSAML</a> request,
  *       including temporary Amazon Web Services credentials that can be used to make Amazon Web Services requests. </p>
  */
@@ -546,6 +562,7 @@ export interface AssumeRoleWithSAMLResponse {
     SourceIdentity?: string;
 }
 /**
+ * @public
  * <p>The identity provider (IdP) reported that authentication failed. This might be because
  *             the claim is invalid.</p>
  *          <p>If this error is returned for the <code>AssumeRoleWithWebIdentity</code> operation, it
@@ -560,6 +577,7 @@ export declare class IDPRejectedClaimException extends __BaseException {
     constructor(opts: __ExceptionOptionType<IDPRejectedClaimException, __BaseException>);
 }
 /**
+ * @public
  * <p>The web identity token that was passed could not be validated by Amazon Web Services. Get a new
  *             identity token from the identity provider and then retry the request.</p>
  */
@@ -571,6 +589,9 @@ export declare class InvalidIdentityTokenException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<InvalidIdentityTokenException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface AssumeRoleWithWebIdentityRequest {
     /**
      * <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
@@ -674,6 +695,7 @@ export interface AssumeRoleWithWebIdentityRequest {
     DurationSeconds?: number;
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>AssumeRoleWithWebIdentity</a>
  *       request, including temporary Amazon Web Services credentials that can be used to make Amazon Web Services requests. </p>
  */
@@ -745,6 +767,7 @@ export interface AssumeRoleWithWebIdentityResponse {
     SourceIdentity?: string;
 }
 /**
+ * @public
  * <p>The request could not be fulfilled because the identity provider (IDP) that
  *             was asked to verify the incoming identity token could not be reached. This is often a
  *             transient error caused by network conditions. Retry the request a limited number of
@@ -759,6 +782,9 @@ export declare class IDPCommunicationErrorException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<IDPCommunicationErrorException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface DecodeAuthorizationMessageRequest {
     /**
      * <p>The encoded message that was returned with the response.</p>
@@ -766,6 +792,7 @@ export interface DecodeAuthorizationMessageRequest {
     EncodedMessage: string | undefined;
 }
 /**
+ * @public
  * <p>A document that contains additional information about the authorization status of a
  *       request from an encoded message that is returned in response to an Amazon Web Services request.</p>
  */
@@ -776,6 +803,7 @@ export interface DecodeAuthorizationMessageResponse {
     DecodedMessage?: string;
 }
 /**
+ * @public
  * <p>The error returned if the message passed to <code>DecodeAuthorizationMessage</code>
  *             was invalid. This can happen if the token contains invalid characters, such as
  *             linebreaks. </p>
@@ -788,6 +816,9 @@ export declare class InvalidAuthorizationMessageException extends __BaseExceptio
      */
     constructor(opts: __ExceptionOptionType<InvalidAuthorizationMessageException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface GetAccessKeyInfoRequest {
     /**
      * <p>The identifier of an access key.</p>
@@ -796,15 +827,22 @@ export interface GetAccessKeyInfoRequest {
      */
     AccessKeyId: string | undefined;
 }
+/**
+ * @public
+ */
 export interface GetAccessKeyInfoResponse {
     /**
      * <p>The number used to identify the Amazon Web Services account.</p>
      */
     Account?: string;
 }
+/**
+ * @public
+ */
 export interface GetCallerIdentityRequest {
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>GetCallerIdentity</a> request,
  *          including information about the entity making the request.</p>
  */
@@ -826,6 +864,9 @@ export interface GetCallerIdentityResponse {
      */
     Arn?: string;
 }
+/**
+ * @public
+ */
 export interface GetFederationTokenRequest {
     /**
      * <p>The name of the federated user. The name is used as an identifier for the temporary
@@ -938,6 +979,7 @@ export interface GetFederationTokenRequest {
     Tags?: Tag[];
 }
 /**
+ * @public
  * <p>Identifiers for the federated user that is associated with the credentials.</p>
  */
 export interface FederatedUser {
@@ -954,6 +996,7 @@ export interface FederatedUser {
     Arn: string | undefined;
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>GetFederationToken</a> request,
  *       including temporary Amazon Web Services credentials that can be used to make Amazon Web Services requests. </p>
  */
@@ -981,6 +1024,9 @@ export interface GetFederationTokenResponse {
      */
     PackedPolicySize?: number;
 }
+/**
+ * @public
+ */
 export interface GetSessionTokenRequest {
     /**
      * <p>The duration, in seconds, that the credentials should remain valid. Acceptable durations
@@ -1015,6 +1061,7 @@ export interface GetSessionTokenRequest {
     TokenCode?: string;
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>GetSessionToken</a> request,
  *       including temporary Amazon Web Services credentials that can be used to make Amazon Web Services requests. </p>
  */