@aws-sdk/client-sts 3.296.0 → 3.297.0

package/dist-cjs/protocols/Aws_query.js

@@ -733,10 +733,7 @@ const serializeAws_querytagListType = (input, context) => {
     return entries;
 };
 const deserializeAws_queryAssumedRoleUser = (output, context) => {
-    const contents = {
-        AssumedRoleId: undefined,
-        Arn: undefined,
-    };
+    const contents = {};
     if (output["AssumedRoleId"] !== undefined) {
         contents.AssumedRoleId = (0, smithy_client_1.expectString)(output["AssumedRoleId"]);
     }
@@ -746,12 +743,7 @@ const deserializeAws_queryAssumedRoleUser = (output, context) => {
     return contents;
 };
 const deserializeAws_queryAssumeRoleResponse = (output, context) => {
-    const contents = {
-        Credentials: undefined,
-        AssumedRoleUser: undefined,
-        PackedPolicySize: undefined,
-        SourceIdentity: undefined,
-    };
+    const contents = {};
     if (output["Credentials"] !== undefined) {
         contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
     }
@@ -767,17 +759,7 @@ const deserializeAws_queryAssumeRoleResponse = (output, context) => {
     return contents;
 };
 const deserializeAws_queryAssumeRoleWithSAMLResponse = (output, context) => {
-    const contents = {
-        Credentials: undefined,
-        AssumedRoleUser: undefined,
-        PackedPolicySize: undefined,
-        Subject: undefined,
-        SubjectType: undefined,
-        Issuer: undefined,
-        Audience: undefined,
-        NameQualifier: undefined,
-        SourceIdentity: undefined,
-    };
+    const contents = {};
     if (output["Credentials"] !== undefined) {
         contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
     }
@@ -808,15 +790,7 @@ const deserializeAws_queryAssumeRoleWithSAMLResponse = (output, context) => {
     return contents;
 };
 const deserializeAws_queryAssumeRoleWithWebIdentityResponse = (output, context) => {
-    const contents = {
-        Credentials: undefined,
-        SubjectFromWebIdentityToken: undefined,
-        AssumedRoleUser: undefined,
-        PackedPolicySize: undefined,
-        Provider: undefined,
-        Audience: undefined,
-        SourceIdentity: undefined,
-    };
+    const contents = {};
     if (output["Credentials"] !== undefined) {
         contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
     }
@@ -841,12 +815,7 @@ const deserializeAws_queryAssumeRoleWithWebIdentityResponse = (output, context)
     return contents;
 };
 const deserializeAws_queryCredentials = (output, context) => {
-    const contents = {
-        AccessKeyId: undefined,
-        SecretAccessKey: undefined,
-        SessionToken: undefined,
-        Expiration: undefined,
-    };
+    const contents = {};
     if (output["AccessKeyId"] !== undefined) {
         contents.AccessKeyId = (0, smithy_client_1.expectString)(output["AccessKeyId"]);
     }
@@ -862,28 +831,21 @@ const deserializeAws_queryCredentials = (output, context) => {
     return contents;
 };
 const deserializeAws_queryDecodeAuthorizationMessageResponse = (output, context) => {
-    const contents = {
-        DecodedMessage: undefined,
-    };
+    const contents = {};
     if (output["DecodedMessage"] !== undefined) {
         contents.DecodedMessage = (0, smithy_client_1.expectString)(output["DecodedMessage"]);
     }
     return contents;
 };
 const deserializeAws_queryExpiredTokenException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = (0, smithy_client_1.expectString)(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryFederatedUser = (output, context) => {
-    const contents = {
-        FederatedUserId: undefined,
-        Arn: undefined,
-    };
+    const contents = {};
     if (output["FederatedUserId"] !== undefined) {
         contents.FederatedUserId = (0, smithy_client_1.expectString)(output["FederatedUserId"]);
     }
@@ -893,20 +855,14 @@ const deserializeAws_queryFederatedUser = (output, context) => {
     return contents;
 };
 const deserializeAws_queryGetAccessKeyInfoResponse = (output, context) => {
-    const contents = {
-        Account: undefined,
-    };
+    const contents = {};
     if (output["Account"] !== undefined) {
         contents.Account = (0, smithy_client_1.expectString)(output["Account"]);
     }
     return contents;
 };
 const deserializeAws_queryGetCallerIdentityResponse = (output, context) => {
-    const contents = {
-        UserId: undefined,
-        Account: undefined,
-        Arn: undefined,
-    };
+    const contents = {};
     if (output["UserId"] !== undefined) {
         contents.UserId = (0, smithy_client_1.expectString)(output["UserId"]);
     }
@@ -919,11 +875,7 @@ const deserializeAws_queryGetCallerIdentityResponse = (output, context) => {
     return contents;
 };
 const deserializeAws_queryGetFederationTokenResponse = (output, context) => {
-    const contents = {
-        Credentials: undefined,
-        FederatedUser: undefined,
-        PackedPolicySize: undefined,
-    };
+    const contents = {};
     if (output["Credentials"] !== undefined) {
         contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
     }
@@ -936,72 +888,56 @@ const deserializeAws_queryGetFederationTokenResponse = (output, context) => {
     return contents;
 };
 const deserializeAws_queryGetSessionTokenResponse = (output, context) => {
-    const contents = {
-        Credentials: undefined,
-    };
+    const contents = {};
     if (output["Credentials"] !== undefined) {
         contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
     }
     return contents;
 };
 const deserializeAws_queryIDPCommunicationErrorException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = (0, smithy_client_1.expectString)(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryIDPRejectedClaimException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = (0, smithy_client_1.expectString)(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryInvalidAuthorizationMessageException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = (0, smithy_client_1.expectString)(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryInvalidIdentityTokenException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = (0, smithy_client_1.expectString)(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryMalformedPolicyDocumentException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = (0, smithy_client_1.expectString)(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryPackedPolicyTooLargeException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = (0, smithy_client_1.expectString)(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryRegionDisabledException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = (0, smithy_client_1.expectString)(output["message"]);
     }

package/dist-es/protocols/Aws_query.js

@@ -714,10 +714,7 @@ const serializeAws_querytagListType = (input, context) => {
     return entries;
 };
 const deserializeAws_queryAssumedRoleUser = (output, context) => {
-    const contents = {
-        AssumedRoleId: undefined,
-        Arn: undefined,
-    };
+    const contents = {};
     if (output["AssumedRoleId"] !== undefined) {
         contents.AssumedRoleId = __expectString(output["AssumedRoleId"]);
     }
@@ -727,12 +724,7 @@ const deserializeAws_queryAssumedRoleUser = (output, context) => {
     return contents;
 };
 const deserializeAws_queryAssumeRoleResponse = (output, context) => {
-    const contents = {
-        Credentials: undefined,
-        AssumedRoleUser: undefined,
-        PackedPolicySize: undefined,
-        SourceIdentity: undefined,
-    };
+    const contents = {};
     if (output["Credentials"] !== undefined) {
         contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
     }
@@ -748,17 +740,7 @@ const deserializeAws_queryAssumeRoleResponse = (output, context) => {
     return contents;
 };
 const deserializeAws_queryAssumeRoleWithSAMLResponse = (output, context) => {
-    const contents = {
-        Credentials: undefined,
-        AssumedRoleUser: undefined,
-        PackedPolicySize: undefined,
-        Subject: undefined,
-        SubjectType: undefined,
-        Issuer: undefined,
-        Audience: undefined,
-        NameQualifier: undefined,
-        SourceIdentity: undefined,
-    };
+    const contents = {};
     if (output["Credentials"] !== undefined) {
         contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
     }
@@ -789,15 +771,7 @@ const deserializeAws_queryAssumeRoleWithSAMLResponse = (output, context) => {
     return contents;
 };
 const deserializeAws_queryAssumeRoleWithWebIdentityResponse = (output, context) => {
-    const contents = {
-        Credentials: undefined,
-        SubjectFromWebIdentityToken: undefined,
-        AssumedRoleUser: undefined,
-        PackedPolicySize: undefined,
-        Provider: undefined,
-        Audience: undefined,
-        SourceIdentity: undefined,
-    };
+    const contents = {};
     if (output["Credentials"] !== undefined) {
         contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
     }
@@ -822,12 +796,7 @@ const deserializeAws_queryAssumeRoleWithWebIdentityResponse = (output, context)
     return contents;
 };
 const deserializeAws_queryCredentials = (output, context) => {
-    const contents = {
-        AccessKeyId: undefined,
-        SecretAccessKey: undefined,
-        SessionToken: undefined,
-        Expiration: undefined,
-    };
+    const contents = {};
     if (output["AccessKeyId"] !== undefined) {
         contents.AccessKeyId = __expectString(output["AccessKeyId"]);
     }
@@ -843,28 +812,21 @@ const deserializeAws_queryCredentials = (output, context) => {
     return contents;
 };
 const deserializeAws_queryDecodeAuthorizationMessageResponse = (output, context) => {
-    const contents = {
-        DecodedMessage: undefined,
-    };
+    const contents = {};
     if (output["DecodedMessage"] !== undefined) {
         contents.DecodedMessage = __expectString(output["DecodedMessage"]);
     }
     return contents;
 };
 const deserializeAws_queryExpiredTokenException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = __expectString(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryFederatedUser = (output, context) => {
-    const contents = {
-        FederatedUserId: undefined,
-        Arn: undefined,
-    };
+    const contents = {};
     if (output["FederatedUserId"] !== undefined) {
         contents.FederatedUserId = __expectString(output["FederatedUserId"]);
     }
@@ -874,20 +836,14 @@ const deserializeAws_queryFederatedUser = (output, context) => {
     return contents;
 };
 const deserializeAws_queryGetAccessKeyInfoResponse = (output, context) => {
-    const contents = {
-        Account: undefined,
-    };
+    const contents = {};
     if (output["Account"] !== undefined) {
         contents.Account = __expectString(output["Account"]);
     }
     return contents;
 };
 const deserializeAws_queryGetCallerIdentityResponse = (output, context) => {
-    const contents = {
-        UserId: undefined,
-        Account: undefined,
-        Arn: undefined,
-    };
+    const contents = {};
     if (output["UserId"] !== undefined) {
         contents.UserId = __expectString(output["UserId"]);
     }
@@ -900,11 +856,7 @@ const deserializeAws_queryGetCallerIdentityResponse = (output, context) => {
     return contents;
 };
 const deserializeAws_queryGetFederationTokenResponse = (output, context) => {
-    const contents = {
-        Credentials: undefined,
-        FederatedUser: undefined,
-        PackedPolicySize: undefined,
-    };
+    const contents = {};
     if (output["Credentials"] !== undefined) {
         contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
     }
@@ -917,72 +869,56 @@ const deserializeAws_queryGetFederationTokenResponse = (output, context) => {
     return contents;
 };
 const deserializeAws_queryGetSessionTokenResponse = (output, context) => {
-    const contents = {
-        Credentials: undefined,
-    };
+    const contents = {};
     if (output["Credentials"] !== undefined) {
         contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
     }
     return contents;
 };
 const deserializeAws_queryIDPCommunicationErrorException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = __expectString(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryIDPRejectedClaimException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = __expectString(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryInvalidAuthorizationMessageException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = __expectString(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryInvalidIdentityTokenException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = __expectString(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryMalformedPolicyDocumentException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = __expectString(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryPackedPolicyTooLargeException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = __expectString(output["message"]);
     }
     return contents;
 };
 const deserializeAws_queryRegionDisabledException = (output, context) => {
-    const contents = {
-        message: undefined,
-    };
+    const contents = {};
     if (output["message"] !== undefined) {
         contents.message = __expectString(output["message"]);
     }

package/dist-types/STS.d.ts

@@ -9,6 +9,7 @@ import { GetFederationTokenCommandInput, GetFederationTokenCommandOutput } from
 import { GetSessionTokenCommandInput, GetSessionTokenCommandOutput } from "./commands/GetSessionTokenCommand";
 import { STSClient } from "./STSClient";
 /**
+ * @public
  * <fullname>Security Token Service</fullname>
  *          <p>Security Token Service (STS) enables you to request temporary, limited-privilege
  *       credentials for Identity and Access Management (IAM) users or for users that you
@@ -17,6 +18,7 @@ import { STSClient } from "./STSClient";
  */
 export declare class STS extends STSClient {
     /**
+     * @public
      * <p>Returns a set of temporary security credentials that you can use to access Amazon Web Services
      *          resources. These temporary credentials consist of an access key ID, a secret access key,
      *          and a security token. Typically, you use <code>AssumeRole</code> within your account or for
@@ -96,7 +98,7 @@ export declare class STS extends STSClient {
      *          assume the role is denied. The condition in a trust policy that tests for MFA
      *          authentication might look like the following example.</p>
      *          <p>
-     *             <code>"Condition": {"Bool": {"aws:MultiFactorAuthPresent": true}}</code>
+     *             <code>"Condition": \{"Bool": \{"aws:MultiFactorAuthPresent": true\}\}</code>
      *          </p>
      *          <p>For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/MFAProtectedAPI.html">Configuring MFA-Protected API Access</a>
      *          in the <i>IAM User Guide</i> guide.</p>
@@ -110,6 +112,7 @@ export declare class STS extends STSClient {
     assumeRole(args: AssumeRoleCommandInput, cb: (err: any, data?: AssumeRoleCommandOutput) => void): void;
     assumeRole(args: AssumeRoleCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: AssumeRoleCommandOutput) => void): void;
     /**
+     * @public
      * <p>Returns a set of temporary security credentials for users who have been authenticated
      *          via a SAML authentication response. This operation provides a mechanism for tying an
      *          enterprise identity store or directory to role-based Amazon Web Services access without user-specific
@@ -244,6 +247,7 @@ export declare class STS extends STSClient {
     assumeRoleWithSAML(args: AssumeRoleWithSAMLCommandInput, cb: (err: any, data?: AssumeRoleWithSAMLCommandOutput) => void): void;
     assumeRoleWithSAML(args: AssumeRoleWithSAMLCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: AssumeRoleWithSAMLCommandOutput) => void): void;
     /**
+     * @public
      * <p>Returns a set of temporary security credentials for users who have been authenticated in
      *          a mobile or web application with a web identity provider. Example providers include the
      *          OAuth 2.0 providers Login with Amazon and Facebook, or any OpenID Connect-compatible
@@ -382,6 +386,7 @@ export declare class STS extends STSClient {
     assumeRoleWithWebIdentity(args: AssumeRoleWithWebIdentityCommandInput, cb: (err: any, data?: AssumeRoleWithWebIdentityCommandOutput) => void): void;
     assumeRoleWithWebIdentity(args: AssumeRoleWithWebIdentityCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: AssumeRoleWithWebIdentityCommandOutput) => void): void;
     /**
+     * @public
      * <p>Decodes additional information about the authorization status of a request from an
      *          encoded message returned in response to an Amazon Web Services request.</p>
      *          <p>For example, if a user is not authorized to perform an operation that he or she has
@@ -423,6 +428,7 @@ export declare class STS extends STSClient {
     decodeAuthorizationMessage(args: DecodeAuthorizationMessageCommandInput, cb: (err: any, data?: DecodeAuthorizationMessageCommandOutput) => void): void;
     decodeAuthorizationMessage(args: DecodeAuthorizationMessageCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DecodeAuthorizationMessageCommandOutput) => void): void;
     /**
+     * @public
      * <p>Returns the account identifier for the specified access key ID.</p>
      *          <p>Access keys consist of two parts: an access key ID (for example,
      *             <code>AKIAIOSFODNN7EXAMPLE</code>) and a secret access key (for example,
@@ -446,6 +452,7 @@ export declare class STS extends STSClient {
     getAccessKeyInfo(args: GetAccessKeyInfoCommandInput, cb: (err: any, data?: GetAccessKeyInfoCommandOutput) => void): void;
     getAccessKeyInfo(args: GetAccessKeyInfoCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetAccessKeyInfoCommandOutput) => void): void;
     /**
+     * @public
      * <p>Returns details about the IAM user or role whose credentials are used to call the
      *          operation.</p>
      *          <note>
@@ -461,6 +468,7 @@ export declare class STS extends STSClient {
     getCallerIdentity(args: GetCallerIdentityCommandInput, cb: (err: any, data?: GetCallerIdentityCommandOutput) => void): void;
     getCallerIdentity(args: GetCallerIdentityCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetCallerIdentityCommandOutput) => void): void;
     /**
+     * @public
      * <p>Returns a set of temporary security credentials (consisting of an access key ID, a
      *          secret access key, and a security token) for a federated user. A typical use is in a proxy
      *          application that gets temporary security credentials on behalf of distributed applications
@@ -553,6 +561,7 @@ export declare class STS extends STSClient {
     getFederationToken(args: GetFederationTokenCommandInput, cb: (err: any, data?: GetFederationTokenCommandOutput) => void): void;
     getFederationToken(args: GetFederationTokenCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetFederationTokenCommandOutput) => void): void;
     /**
+     * @public
      * <p>Returns a set of temporary credentials for an Amazon Web Services account or IAM user. The
      *          credentials consist of an access key ID, a secret access key, and a security token.
      *          Typically, you use <code>GetSessionToken</code> if you want to use MFA to protect

package/dist-types/STSClient.d.ts

@@ -16,15 +16,24 @@ import { GetCallerIdentityCommandInput, GetCallerIdentityCommandOutput } from ".
 import { GetFederationTokenCommandInput, GetFederationTokenCommandOutput } from "./commands/GetFederationTokenCommand";
 import { GetSessionTokenCommandInput, GetSessionTokenCommandOutput } from "./commands/GetSessionTokenCommand";
 import { ClientInputEndpointParameters, ClientResolvedEndpointParameters, EndpointParameters } from "./endpoint/EndpointParameters";
+/**
+ * @public
+ */
 export type ServiceInputTypes = AssumeRoleCommandInput | AssumeRoleWithSAMLCommandInput | AssumeRoleWithWebIdentityCommandInput | DecodeAuthorizationMessageCommandInput | GetAccessKeyInfoCommandInput | GetCallerIdentityCommandInput | GetFederationTokenCommandInput | GetSessionTokenCommandInput;
+/**
+ * @public
+ */
 export type ServiceOutputTypes = AssumeRoleCommandOutput | AssumeRoleWithSAMLCommandOutput | AssumeRoleWithWebIdentityCommandOutput | DecodeAuthorizationMessageCommandOutput | GetAccessKeyInfoCommandOutput | GetCallerIdentityCommandOutput | GetFederationTokenCommandOutput | GetSessionTokenCommandOutput;
+/**
+ * @public
+ */
 export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__HttpHandlerOptions>> {
     /**
      * The HTTP handler to use. Fetch in browser and Https in Nodejs.
      */
     requestHandler?: __HttpHandler;
     /**
-     * A constructor for a class implementing the {@link __Checksum} interface
+     * A constructor for a class implementing the {@link @aws-sdk/types#ChecksumConstructor} interface
      * that computes the SHA-256 HMAC or checksum of a string or binary buffer.
      * @internal
      */
@@ -114,23 +123,34 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__
      */
     logger?: __Logger;
     /**
-     * The {@link __DefaultsMode} that will be used to determine how certain default configuration options are resolved in the SDK.
+     * The {@link @aws-sdk/smithy-client#DefaultsMode} that will be used to determine how certain default configuration options are resolved in the SDK.
      */
     defaultsMode?: __DefaultsMode | __Provider<__DefaultsMode>;
 }
+/**
+ * @public
+ */
 type STSClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & ClientDefaults & RegionInputConfig & EndpointInputConfig<EndpointParameters> & RetryInputConfig & HostHeaderInputConfig & StsAuthInputConfig & UserAgentInputConfig & ClientInputEndpointParameters;
 /**
- * The configuration interface of STSClient class constructor that set the region, credentials and other options.
+ * @public
+ *
+ *  The configuration interface of STSClient class constructor that set the region, credentials and other options.
  */
 export interface STSClientConfig extends STSClientConfigType {
 }
+/**
+ * @public
+ */
 type STSClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & Required<ClientDefaults> & RegionResolvedConfig & EndpointResolvedConfig<EndpointParameters> & RetryResolvedConfig & HostHeaderResolvedConfig & StsAuthResolvedConfig & UserAgentResolvedConfig & ClientResolvedEndpointParameters;
 /**
- * The resolved configuration interface of STSClient class. This is resolved and normalized from the {@link STSClientConfig | constructor configuration interface}.
+ * @public
+ *
+ *  The resolved configuration interface of STSClient class. This is resolved and normalized from the {@link STSClientConfig | constructor configuration interface}.
  */
 export interface STSClientResolvedConfig extends STSClientResolvedConfigType {
 }
 /**
+ * @public
  * <fullname>Security Token Service</fullname>
  *          <p>Security Token Service (STS) enables you to request temporary, limited-privilege
  *       credentials for Identity and Access Management (IAM) users or for users that you

package/dist-types/commands/AssumeRoleCommand.d.ts

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { AssumeRoleRequest, AssumeRoleResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link AssumeRoleCommand}.
  */
 export interface AssumeRoleCommandInput extends AssumeRoleRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link AssumeRoleCommand}.
  */
 export interface AssumeRoleCommandOutput extends AssumeRoleResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns a set of temporary security credentials that you can use to access Amazon Web Services
  *          resources. These temporary credentials consist of an access key ID, a secret access key,
  *          and a security token. Typically, you use <code>AssumeRole</code> within your account or for
@@ -93,7 +98,7 @@ export interface AssumeRoleCommandOutput extends AssumeRoleResponse, __MetadataB
  *          assume the role is denied. The condition in a trust policy that tests for MFA
  *          authentication might look like the following example.</p>
  *          <p>
- *             <code>"Condition": {"Bool": {"aws:MultiFactorAuthPresent": true}}</code>
+ *             <code>"Condition": \{"Bool": \{"aws:MultiFactorAuthPresent": true\}\}</code>
  *          </p>
  *          <p>For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/MFAProtectedAPI.html">Configuring MFA-Protected API Access</a>
  *          in the <i>IAM User Guide</i> guide.</p>
@@ -112,6 +117,8 @@ export interface AssumeRoleCommandOutput extends AssumeRoleResponse, __MetadataB
  * const response = await client.send(command);
  * ```
  *
+ * @param AssumeRoleCommandInput - {@link AssumeRoleCommandInput}
+ * @returns {@link AssumeRoleCommandOutput}
  * @see {@link AssumeRoleCommandInput} for command's `input` shape.
  * @see {@link AssumeRoleCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -194,11 +201,20 @@ export interface AssumeRoleCommandOutput extends AssumeRoleResponse, __MetadataB
 export declare class AssumeRoleCommand extends $Command<AssumeRoleCommandInput, AssumeRoleCommandOutput, STSClientResolvedConfig> {
     readonly input: AssumeRoleCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: AssumeRoleCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<AssumeRoleCommandInput, AssumeRoleCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/AssumeRoleWithSAMLCommand.d.ts

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { AssumeRoleWithSAMLRequest, AssumeRoleWithSAMLResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link AssumeRoleWithSAMLCommand}.
  */
 export interface AssumeRoleWithSAMLCommandInput extends AssumeRoleWithSAMLRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link AssumeRoleWithSAMLCommand}.
  */
 export interface AssumeRoleWithSAMLCommandOutput extends AssumeRoleWithSAMLResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns a set of temporary security credentials for users who have been authenticated
  *          via a SAML authentication response. This operation provides a mechanism for tying an
  *          enterprise identity store or directory to role-based Amazon Web Services access without user-specific
@@ -153,6 +158,8 @@ export interface AssumeRoleWithSAMLCommandOutput extends AssumeRoleWithSAMLRespo
  * const response = await client.send(command);
  * ```
  *
+ * @param AssumeRoleWithSAMLCommandInput - {@link AssumeRoleWithSAMLCommandInput}
+ * @returns {@link AssumeRoleWithSAMLCommandOutput}
  * @see {@link AssumeRoleWithSAMLCommandInput} for command's `input` shape.
  * @see {@link AssumeRoleWithSAMLCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -232,11 +239,20 @@ export interface AssumeRoleWithSAMLCommandOutput extends AssumeRoleWithSAMLRespo
 export declare class AssumeRoleWithSAMLCommand extends $Command<AssumeRoleWithSAMLCommandInput, AssumeRoleWithSAMLCommandOutput, STSClientResolvedConfig> {
     readonly input: AssumeRoleWithSAMLCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: AssumeRoleWithSAMLCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<AssumeRoleWithSAMLCommandInput, AssumeRoleWithSAMLCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/AssumeRoleWithWebIdentityCommand.d.ts

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { AssumeRoleWithWebIdentityRequest, AssumeRoleWithWebIdentityResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link AssumeRoleWithWebIdentityCommand}.
  */
 export interface AssumeRoleWithWebIdentityCommandInput extends AssumeRoleWithWebIdentityRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link AssumeRoleWithWebIdentityCommand}.
  */
 export interface AssumeRoleWithWebIdentityCommandOutput extends AssumeRoleWithWebIdentityResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns a set of temporary security credentials for users who have been authenticated in
  *          a mobile or web application with a web identity provider. Example providers include the
  *          OAuth 2.0 providers Login with Amazon and Facebook, or any OpenID Connect-compatible
@@ -157,6 +162,8 @@ export interface AssumeRoleWithWebIdentityCommandOutput extends AssumeRoleWithWe
  * const response = await client.send(command);
  * ```
  *
+ * @param AssumeRoleWithWebIdentityCommandInput - {@link AssumeRoleWithWebIdentityCommandInput}
+ * @returns {@link AssumeRoleWithWebIdentityCommandOutput}
  * @see {@link AssumeRoleWithWebIdentityCommandInput} for command's `input` shape.
  * @see {@link AssumeRoleWithWebIdentityCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -243,11 +250,20 @@ export interface AssumeRoleWithWebIdentityCommandOutput extends AssumeRoleWithWe
 export declare class AssumeRoleWithWebIdentityCommand extends $Command<AssumeRoleWithWebIdentityCommandInput, AssumeRoleWithWebIdentityCommandOutput, STSClientResolvedConfig> {
     readonly input: AssumeRoleWithWebIdentityCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: AssumeRoleWithWebIdentityCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<AssumeRoleWithWebIdentityCommandInput, AssumeRoleWithWebIdentityCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/DecodeAuthorizationMessageCommand.d.ts

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { DecodeAuthorizationMessageRequest, DecodeAuthorizationMessageResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link DecodeAuthorizationMessageCommand}.
  */
 export interface DecodeAuthorizationMessageCommandInput extends DecodeAuthorizationMessageRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link DecodeAuthorizationMessageCommand}.
  */
 export interface DecodeAuthorizationMessageCommandOutput extends DecodeAuthorizationMessageResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Decodes additional information about the authorization status of a request from an
  *          encoded message returned in response to an Amazon Web Services request.</p>
  *          <p>For example, if a user is not authorized to perform an operation that he or she has
@@ -60,6 +65,8 @@ export interface DecodeAuthorizationMessageCommandOutput extends DecodeAuthoriza
  * const response = await client.send(command);
  * ```
  *
+ * @param DecodeAuthorizationMessageCommandInput - {@link DecodeAuthorizationMessageCommandInput}
+ * @returns {@link DecodeAuthorizationMessageCommandOutput}
  * @see {@link DecodeAuthorizationMessageCommandInput} for command's `input` shape.
  * @see {@link DecodeAuthorizationMessageCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -90,11 +97,20 @@ export interface DecodeAuthorizationMessageCommandOutput extends DecodeAuthoriza
 export declare class DecodeAuthorizationMessageCommand extends $Command<DecodeAuthorizationMessageCommandInput, DecodeAuthorizationMessageCommandOutput, STSClientResolvedConfig> {
     readonly input: DecodeAuthorizationMessageCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: DecodeAuthorizationMessageCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<DecodeAuthorizationMessageCommandInput, DecodeAuthorizationMessageCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/GetAccessKeyInfoCommand.d.ts

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { GetAccessKeyInfoRequest, GetAccessKeyInfoResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link GetAccessKeyInfoCommand}.
  */
 export interface GetAccessKeyInfoCommandInput extends GetAccessKeyInfoRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link GetAccessKeyInfoCommand}.
  */
 export interface GetAccessKeyInfoCommandOutput extends GetAccessKeyInfoResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns the account identifier for the specified access key ID.</p>
  *          <p>Access keys consist of two parts: an access key ID (for example,
  *             <code>AKIAIOSFODNN7EXAMPLE</code>) and a secret access key (for example,
@@ -42,6 +47,8 @@ export interface GetAccessKeyInfoCommandOutput extends GetAccessKeyInfoResponse,
  * const response = await client.send(command);
  * ```
  *
+ * @param GetAccessKeyInfoCommandInput - {@link GetAccessKeyInfoCommandInput}
+ * @returns {@link GetAccessKeyInfoCommandOutput}
  * @see {@link GetAccessKeyInfoCommandInput} for command's `input` shape.
  * @see {@link GetAccessKeyInfoCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -51,11 +58,20 @@ export interface GetAccessKeyInfoCommandOutput extends GetAccessKeyInfoResponse,
 export declare class GetAccessKeyInfoCommand extends $Command<GetAccessKeyInfoCommandInput, GetAccessKeyInfoCommandOutput, STSClientResolvedConfig> {
     readonly input: GetAccessKeyInfoCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: GetAccessKeyInfoCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<GetAccessKeyInfoCommandInput, GetAccessKeyInfoCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/GetCallerIdentityCommand.d.ts

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { GetCallerIdentityRequest, GetCallerIdentityResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link GetCallerIdentityCommand}.
  */
 export interface GetCallerIdentityCommandInput extends GetCallerIdentityRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link GetCallerIdentityCommand}.
  */
 export interface GetCallerIdentityCommandOutput extends GetCallerIdentityResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns details about the IAM user or role whose credentials are used to call the
  *          operation.</p>
  *          <note>
@@ -34,6 +39,8 @@ export interface GetCallerIdentityCommandOutput extends GetCallerIdentityRespons
  * const response = await client.send(command);
  * ```
  *
+ * @param GetCallerIdentityCommandInput - {@link GetCallerIdentityCommandInput}
+ * @returns {@link GetCallerIdentityCommandOutput}
  * @see {@link GetCallerIdentityCommandInput} for command's `input` shape.
  * @see {@link GetCallerIdentityCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -91,11 +98,20 @@ export interface GetCallerIdentityCommandOutput extends GetCallerIdentityRespons
 export declare class GetCallerIdentityCommand extends $Command<GetCallerIdentityCommandInput, GetCallerIdentityCommandOutput, STSClientResolvedConfig> {
     readonly input: GetCallerIdentityCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: GetCallerIdentityCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<GetCallerIdentityCommandInput, GetCallerIdentityCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/GetFederationTokenCommand.d.ts

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { GetFederationTokenRequest, GetFederationTokenResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link GetFederationTokenCommand}.
  */
 export interface GetFederationTokenCommandInput extends GetFederationTokenRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link GetFederationTokenCommand}.
  */
 export interface GetFederationTokenCommandOutput extends GetFederationTokenResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns a set of temporary security credentials (consisting of an access key ID, a
  *          secret access key, and a security token) for a federated user. A typical use is in a proxy
  *          application that gets temporary security credentials on behalf of distributed applications
@@ -111,6 +116,8 @@ export interface GetFederationTokenCommandOutput extends GetFederationTokenRespo
  * const response = await client.send(command);
  * ```
  *
+ * @param GetFederationTokenCommandInput - {@link GetFederationTokenCommandInput}
+ * @returns {@link GetFederationTokenCommandOutput}
  * @see {@link GetFederationTokenCommandInput} for command's `input` shape.
  * @see {@link GetFederationTokenCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -180,11 +187,20 @@ export interface GetFederationTokenCommandOutput extends GetFederationTokenRespo
 export declare class GetFederationTokenCommand extends $Command<GetFederationTokenCommandInput, GetFederationTokenCommandOutput, STSClientResolvedConfig> {
     readonly input: GetFederationTokenCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: GetFederationTokenCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<GetFederationTokenCommandInput, GetFederationTokenCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/commands/GetSessionTokenCommand.d.ts

@@ -4,16 +4,21 @@ import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as
 import { GetSessionTokenRequest, GetSessionTokenResponse } from "../models/models_0";
 import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
 /**
+ * @public
+ *
  * The input for {@link GetSessionTokenCommand}.
  */
 export interface GetSessionTokenCommandInput extends GetSessionTokenRequest {
 }
 /**
+ * @public
+ *
  * The output of {@link GetSessionTokenCommand}.
  */
 export interface GetSessionTokenCommandOutput extends GetSessionTokenResponse, __MetadataBearer {
 }
 /**
+ * @public
  * <p>Returns a set of temporary credentials for an Amazon Web Services account or IAM user. The
  *          credentials consist of an access key ID, a secret access key, and a security token.
  *          Typically, you use <code>GetSessionToken</code> if you want to use MFA to protect
@@ -83,6 +88,8 @@ export interface GetSessionTokenCommandOutput extends GetSessionTokenResponse, _
  * const response = await client.send(command);
  * ```
  *
+ * @param GetSessionTokenCommandInput - {@link GetSessionTokenCommandInput}
+ * @returns {@link GetSessionTokenCommandOutput}
  * @see {@link GetSessionTokenCommandInput} for command's `input` shape.
  * @see {@link GetSessionTokenCommandOutput} for command's `response` shape.
  * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
@@ -122,11 +129,20 @@ export interface GetSessionTokenCommandOutput extends GetSessionTokenResponse, _
 export declare class GetSessionTokenCommand extends $Command<GetSessionTokenCommandInput, GetSessionTokenCommandOutput, STSClientResolvedConfig> {
     readonly input: GetSessionTokenCommandInput;
     static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
     constructor(input: GetSessionTokenCommandInput);
     /**
      * @internal
      */
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: STSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<GetSessionTokenCommandInput, GetSessionTokenCommandOutput>;
+    /**
+     * @internal
+     */
     private serialize;
+    /**
+     * @internal
+     */
     private deserialize;
 }

package/dist-types/models/STSServiceException.d.ts

@@ -1,5 +1,7 @@
 import { ServiceException as __ServiceException, ServiceExceptionOptions as __ServiceExceptionOptions } from "@aws-sdk/smithy-client";
 /**
+ * @public
+ *
  * Base exception class for all service exceptions from STS service.
  */
 export declare class STSServiceException extends __ServiceException {

package/dist-types/models/models_0.d.ts

@@ -1,6 +1,7 @@
 import { ExceptionOptionType as __ExceptionOptionType } from "@aws-sdk/smithy-client";
 import { STSServiceException as __BaseException } from "./STSServiceException";
 /**
+ * @public
  * <p>The identifiers for the temporary security credentials that the operation
  *          returns.</p>
  */
@@ -18,6 +19,7 @@ export interface AssumedRoleUser {
     Arn: string | undefined;
 }
 /**
+ * @public
  * <p>A reference to the IAM managed policy that is passed as a session policy for a role
  *          session or a federated user session.</p>
  */
@@ -30,6 +32,7 @@ export interface PolicyDescriptorType {
     arn?: string;
 }
 /**
+ * @public
  * <p>You can pass custom key-value pair attributes when you assume a role or federate a user.
  *          These are called session tags. You can then use the session tags to control access to
  *          resources. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Tagging Amazon Web Services STS Sessions</a> in the
@@ -51,6 +54,9 @@ export interface Tag {
      */
     Value: string | undefined;
 }
+/**
+ * @public
+ */
 export interface AssumeRoleRequest {
     /**
      * <p>The Amazon Resource Name (ARN) of the role to assume.</p>
@@ -242,6 +248,7 @@ export interface AssumeRoleRequest {
     SourceIdentity?: string;
 }
 /**
+ * @public
  * <p>Amazon Web Services credentials for API authentication.</p>
  */
 export interface Credentials {
@@ -264,6 +271,7 @@ export interface Credentials {
     Expiration: Date | undefined;
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>AssumeRole</a> request, including
  *       temporary Amazon Web Services credentials that can be used to make Amazon Web Services requests. </p>
  */
@@ -309,6 +317,7 @@ export interface AssumeRoleResponse {
     SourceIdentity?: string;
 }
 /**
+ * @public
  * <p>The web identity token that was passed is expired or is not valid. Get a new identity
  *             token from the identity provider and then retry the request.</p>
  */
@@ -321,6 +330,7 @@ export declare class ExpiredTokenException extends __BaseException {
     constructor(opts: __ExceptionOptionType<ExpiredTokenException, __BaseException>);
 }
 /**
+ * @public
  * <p>The request was rejected because the policy document was malformed. The error message
  *             describes the specific error.</p>
  */
@@ -333,6 +343,7 @@ export declare class MalformedPolicyDocumentException extends __BaseException {
     constructor(opts: __ExceptionOptionType<MalformedPolicyDocumentException, __BaseException>);
 }
 /**
+ * @public
  * <p>The request was rejected because the total packed size of the session policies and
  *             session tags combined was too large. An Amazon Web Services conversion compresses the session policy
  *             document, session policy ARNs, and session tags into a packed binary format that has a
@@ -352,6 +363,7 @@ export declare class PackedPolicyTooLargeException extends __BaseException {
     constructor(opts: __ExceptionOptionType<PackedPolicyTooLargeException, __BaseException>);
 }
 /**
+ * @public
  * <p>STS is not activated in the requested region for the account that is being asked to
  *             generate credentials. The account administrator must use the IAM console to activate STS
  *             in that region. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html">Activating and
@@ -366,6 +378,9 @@ export declare class RegionDisabledException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<RegionDisabledException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface AssumeRoleWithSAMLRequest {
     /**
      * <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
@@ -456,6 +471,7 @@ export interface AssumeRoleWithSAMLRequest {
     DurationSeconds?: number;
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>AssumeRoleWithSAML</a> request,
  *       including temporary Amazon Web Services credentials that can be used to make Amazon Web Services requests. </p>
  */
@@ -546,6 +562,7 @@ export interface AssumeRoleWithSAMLResponse {
     SourceIdentity?: string;
 }
 /**
+ * @public
  * <p>The identity provider (IdP) reported that authentication failed. This might be because
  *             the claim is invalid.</p>
  *          <p>If this error is returned for the <code>AssumeRoleWithWebIdentity</code> operation, it
@@ -560,6 +577,7 @@ export declare class IDPRejectedClaimException extends __BaseException {
     constructor(opts: __ExceptionOptionType<IDPRejectedClaimException, __BaseException>);
 }
 /**
+ * @public
  * <p>The web identity token that was passed could not be validated by Amazon Web Services. Get a new
  *             identity token from the identity provider and then retry the request.</p>
  */
@@ -571,6 +589,9 @@ export declare class InvalidIdentityTokenException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<InvalidIdentityTokenException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface AssumeRoleWithWebIdentityRequest {
     /**
      * <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
@@ -674,6 +695,7 @@ export interface AssumeRoleWithWebIdentityRequest {
     DurationSeconds?: number;
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>AssumeRoleWithWebIdentity</a>
  *       request, including temporary Amazon Web Services credentials that can be used to make Amazon Web Services requests. </p>
  */
@@ -745,6 +767,7 @@ export interface AssumeRoleWithWebIdentityResponse {
     SourceIdentity?: string;
 }
 /**
+ * @public
  * <p>The request could not be fulfilled because the identity provider (IDP) that
  *             was asked to verify the incoming identity token could not be reached. This is often a
  *             transient error caused by network conditions. Retry the request a limited number of
@@ -759,6 +782,9 @@ export declare class IDPCommunicationErrorException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<IDPCommunicationErrorException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface DecodeAuthorizationMessageRequest {
     /**
      * <p>The encoded message that was returned with the response.</p>
@@ -766,6 +792,7 @@ export interface DecodeAuthorizationMessageRequest {
     EncodedMessage: string | undefined;
 }
 /**
+ * @public
  * <p>A document that contains additional information about the authorization status of a
  *       request from an encoded message that is returned in response to an Amazon Web Services request.</p>
  */
@@ -776,6 +803,7 @@ export interface DecodeAuthorizationMessageResponse {
     DecodedMessage?: string;
 }
 /**
+ * @public
  * <p>The error returned if the message passed to <code>DecodeAuthorizationMessage</code>
  *             was invalid. This can happen if the token contains invalid characters, such as
  *             linebreaks. </p>
@@ -788,6 +816,9 @@ export declare class InvalidAuthorizationMessageException extends __BaseExceptio
      */
     constructor(opts: __ExceptionOptionType<InvalidAuthorizationMessageException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface GetAccessKeyInfoRequest {
     /**
      * <p>The identifier of an access key.</p>
@@ -796,15 +827,22 @@ export interface GetAccessKeyInfoRequest {
      */
     AccessKeyId: string | undefined;
 }
+/**
+ * @public
+ */
 export interface GetAccessKeyInfoResponse {
     /**
      * <p>The number used to identify the Amazon Web Services account.</p>
      */
     Account?: string;
 }
+/**
+ * @public
+ */
 export interface GetCallerIdentityRequest {
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>GetCallerIdentity</a> request,
  *          including information about the entity making the request.</p>
  */
@@ -826,6 +864,9 @@ export interface GetCallerIdentityResponse {
      */
     Arn?: string;
 }
+/**
+ * @public
+ */
 export interface GetFederationTokenRequest {
     /**
      * <p>The name of the federated user. The name is used as an identifier for the temporary
@@ -938,6 +979,7 @@ export interface GetFederationTokenRequest {
     Tags?: Tag[];
 }
 /**
+ * @public
  * <p>Identifiers for the federated user that is associated with the credentials.</p>
  */
 export interface FederatedUser {
@@ -954,6 +996,7 @@ export interface FederatedUser {
     Arn: string | undefined;
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>GetFederationToken</a> request,
  *       including temporary Amazon Web Services credentials that can be used to make Amazon Web Services requests. </p>
  */
@@ -981,6 +1024,9 @@ export interface GetFederationTokenResponse {
      */
     PackedPolicySize?: number;
 }
+/**
+ * @public
+ */
 export interface GetSessionTokenRequest {
     /**
      * <p>The duration, in seconds, that the credentials should remain valid. Acceptable durations
@@ -1015,6 +1061,7 @@ export interface GetSessionTokenRequest {
     TokenCode?: string;
 }
 /**
+ * @public
  * <p>Contains the response to a successful <a>GetSessionToken</a> request,
  *       including temporary Amazon Web Services credentials that can be used to make Amazon Web Services requests. </p>
  */

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-sts",
   "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native",
-  "version": "3.296.0",
+  "version": "3.297.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -23,7 +23,7 @@
     "@aws-crypto/sha256-browser": "3.0.0",
     "@aws-crypto/sha256-js": "3.0.0",
     "@aws-sdk/config-resolver": "3.296.0",
-    "@aws-sdk/credential-provider-node": "3.296.0",
+    "@aws-sdk/credential-provider-node": "3.297.0",
     "@aws-sdk/fetch-http-handler": "3.296.0",
     "@aws-sdk/hash-node": "3.296.0",
     "@aws-sdk/invalid-dependency": "3.296.0",