@aws-sdk/client-sts 3.507.0 → 3.511.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist-cjs/index.js +43 -17
  2. package/dist-es/defaultStsRoleAssumers.js +17 -15
  3. package/dist-types/defaultRoleAssumers.d.ts +4 -4
  4. package/dist-types/defaultStsRoleAssumers.d.ts +11 -3
  5. package/dist-types/ts3.4/defaultRoleAssumers.d.ts +4 -7
  6. package/dist-types/ts3.4/defaultStsRoleAssumers.d.ts +11 -3
  7. package/package.json +12 -12
package/dist-cjs/index.js CHANGED
@@ -1334,34 +1334,54 @@ var STS = _STS;
1334
1334
  // src/index.ts
1335
1335
  var import_EndpointParameters9 = require("./endpoint/EndpointParameters");
1336
1336
  var import_runtimeExtensions = require("././runtimeExtensions");
1337
- var import_util_endpoints = require("@aws-sdk/util-endpoints");
1337
+
1338
1338
 
1339
1339
  // src/defaultStsRoleAssumers.ts
1340
+ var import_util_endpoints = require("@aws-sdk/util-endpoints");
1340
1341
  var ASSUME_ROLE_DEFAULT_REGION = "us-east-1";
1341
- var decorateDefaultRegion = /* @__PURE__ */ __name((region) => {
1342
- if (typeof region !== "function") {
1343
- return region === void 0 ? ASSUME_ROLE_DEFAULT_REGION : region;
1344
- }
1345
- return async () => {
1346
- try {
1347
- return await region();
1348
- } catch (e) {
1349
- return ASSUME_ROLE_DEFAULT_REGION;
1350
- }
1351
- };
1352
- }, "decorateDefaultRegion");
1342
+ var resolveRegion = /* @__PURE__ */ __name(async (_region, _parentRegion, credentialProviderLogger) => {
1343
+ var _a2, _b;
1344
+ const region = typeof _region === "function" ? await _region() : _region;
1345
+ const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion;
1346
+ if (!parentRegion || (0, import_util_endpoints.partition)(parentRegion).name === "aws") {
1347
+ (_a2 = credentialProviderLogger == null ? void 0 : credentialProviderLogger.debug) == null ? void 0 : _a2.call(
1348
+ credentialProviderLogger,
1349
+ "@aws-sdk/client-sts::resolveRegion",
1350
+ "accepting first of:",
1351
+ `${region} (provider)`,
1352
+ `${ASSUME_ROLE_DEFAULT_REGION} (STS default)`
1353
+ );
1354
+ return region ?? ASSUME_ROLE_DEFAULT_REGION;
1355
+ } else {
1356
+ (_b = credentialProviderLogger == null ? void 0 : credentialProviderLogger.debug) == null ? void 0 : _b.call(
1357
+ credentialProviderLogger,
1358
+ "@aws-sdk/client-sts::resolveRegion",
1359
+ "accepting first of:",
1360
+ `${region} (provider)`,
1361
+ `${parentRegion} (parent client)`,
1362
+ `${ASSUME_ROLE_DEFAULT_REGION} (STS default)`
1363
+ );
1364
+ return region ?? parentRegion ?? ASSUME_ROLE_DEFAULT_REGION;
1365
+ }
1366
+ }, "resolveRegion");
1353
1367
  var getDefaultRoleAssumer = /* @__PURE__ */ __name((stsOptions, stsClientCtor) => {
1354
1368
  let stsClient;
1355
1369
  let closureSourceCreds;
1356
1370
  return async (sourceCreds, params) => {
1371
+ var _a2;
1357
1372
  closureSourceCreds = sourceCreds;
1358
1373
  if (!stsClient) {
1359
- const { logger, region, requestHandler } = stsOptions;
1374
+ const { logger, region, requestHandler, credentialProviderLogger } = stsOptions;
1375
+ const resolvedRegion = await resolveRegion(
1376
+ region,
1377
+ (_a2 = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _a2.region,
1378
+ credentialProviderLogger
1379
+ );
1360
1380
  stsClient = new stsClientCtor({
1361
1381
  logger,
1362
1382
  // A hack to make sts client uses the credential in current closure.
1363
1383
  credentialDefaultProvider: () => async () => closureSourceCreds,
1364
- region: decorateDefaultRegion(region || stsOptions.region),
1384
+ region: resolvedRegion,
1365
1385
  ...requestHandler ? { requestHandler } : {}
1366
1386
  });
1367
1387
  }
@@ -1382,11 +1402,17 @@ var getDefaultRoleAssumer = /* @__PURE__ */ __name((stsOptions, stsClientCtor) =
1382
1402
  var getDefaultRoleAssumerWithWebIdentity = /* @__PURE__ */ __name((stsOptions, stsClientCtor) => {
1383
1403
  let stsClient;
1384
1404
  return async (params) => {
1405
+ var _a2;
1385
1406
  if (!stsClient) {
1386
- const { logger, region, requestHandler } = stsOptions;
1407
+ const { logger, region, requestHandler, credentialProviderLogger } = stsOptions;
1408
+ const resolvedRegion = await resolveRegion(
1409
+ region,
1410
+ (_a2 = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _a2.region,
1411
+ credentialProviderLogger
1412
+ );
1387
1413
  stsClient = new stsClientCtor({
1388
1414
  logger,
1389
- region: decorateDefaultRegion(region || stsOptions.region),
1415
+ region: resolvedRegion,
1390
1416
  ...requestHandler ? { requestHandler } : {}
1391
1417
  });
1392
1418
  }
package/dist-es/defaultStsRoleAssumers.js CHANGED
@@ -1,18 +1,18 @@
1
+ import { partition } from "@aws-sdk/util-endpoints";
1
2
  import { AssumeRoleCommand } from "./commands/AssumeRoleCommand";
2
3
  import { AssumeRoleWithWebIdentityCommand, } from "./commands/AssumeRoleWithWebIdentityCommand";
3
4
  const ASSUME_ROLE_DEFAULT_REGION = "us-east-1";
4
- const decorateDefaultRegion = (region) => {
5
- if (typeof region !== "function") {
6
- return region === undefined ? ASSUME_ROLE_DEFAULT_REGION : region;
5
+ const resolveRegion = async (_region, _parentRegion, credentialProviderLogger) => {
6
+ const region = typeof _region === "function" ? await _region() : _region;
7
+ const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion;
8
+ if (!parentRegion || partition(parentRegion).name === "aws") {
9
+ credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (provider)`, `${ASSUME_ROLE_DEFAULT_REGION} (STS default)`);
10
+ return region ?? ASSUME_ROLE_DEFAULT_REGION;
11
+ }
12
+ else {
13
+ credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (provider)`, `${parentRegion} (parent client)`, `${ASSUME_ROLE_DEFAULT_REGION} (STS default)`);
14
+ return region ?? parentRegion ?? ASSUME_ROLE_DEFAULT_REGION;
7
15
  }
8
- return async () => {
9
- try {
10
- return await region();
11
- }
12
- catch (e) {
13
- return ASSUME_ROLE_DEFAULT_REGION;
14
- }
15
- };
16
16
  };
17
17
  export const getDefaultRoleAssumer = (stsOptions, stsClientCtor) => {
18
18
  let stsClient;
@@ -20,11 +20,12 @@ export const getDefaultRoleAssumer = (stsOptions, stsClientCtor) => {
20
20
  return async (sourceCreds, params) => {
21
21
  closureSourceCreds = sourceCreds;
22
22
  if (!stsClient) {
23
- const { logger, region, requestHandler } = stsOptions;
23
+ const { logger, region, requestHandler, credentialProviderLogger } = stsOptions;
24
+ const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger);
24
25
  stsClient = new stsClientCtor({
25
26
  logger,
26
27
  credentialDefaultProvider: () => async () => closureSourceCreds,
27
- region: decorateDefaultRegion(region || stsOptions.region),
28
+ region: resolvedRegion,
28
29
  ...(requestHandler ? { requestHandler } : {}),
29
30
  });
30
31
  }
@@ -45,10 +46,11 @@ export const getDefaultRoleAssumerWithWebIdentity = (stsOptions, stsClientCtor)
45
46
  let stsClient;
46
47
  return async (params) => {
47
48
  if (!stsClient) {
48
- const { logger, region, requestHandler } = stsOptions;
49
+ const { logger, region, requestHandler, credentialProviderLogger } = stsOptions;
50
+ const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger);
49
51
  stsClient = new stsClientCtor({
50
52
  logger,
51
- region: decorateDefaultRegion(region || stsOptions.region),
53
+ region: resolvedRegion,
52
54
  ...(requestHandler ? { requestHandler } : {}),
53
55
  });
54
56
  }
package/dist-types/defaultRoleAssumers.d.ts CHANGED
@@ -1,14 +1,14 @@
1
1
  import { Pluggable } from "@smithy/types";
2
- import { DefaultCredentialProvider, RoleAssumer, RoleAssumerWithWebIdentity } from "./defaultStsRoleAssumers";
3
- import { ServiceInputTypes, ServiceOutputTypes, STSClientConfig } from "./STSClient";
2
+ import { DefaultCredentialProvider, RoleAssumer, RoleAssumerWithWebIdentity, STSRoleAssumerOptions } from "./defaultStsRoleAssumers";
3
+ import { ServiceInputTypes, ServiceOutputTypes } from "./STSClient";
4
4
  /**
5
5
  * The default role assumer that used by credential providers when sts:AssumeRole API is needed.
6
6
  */
7
- export declare const getDefaultRoleAssumer: (stsOptions?: Pick<STSClientConfig, "logger" | "region" | "requestHandler">, stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]) => RoleAssumer;
7
+ export declare const getDefaultRoleAssumer: (stsOptions?: STSRoleAssumerOptions, stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]) => RoleAssumer;
8
8
  /**
9
9
  * The default role assumer that used by credential providers when sts:AssumeRoleWithWebIdentity API is needed.
10
10
  */
11
- export declare const getDefaultRoleAssumerWithWebIdentity: (stsOptions?: Pick<STSClientConfig, "logger" | "region" | "requestHandler">, stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]) => RoleAssumerWithWebIdentity;
11
+ export declare const getDefaultRoleAssumerWithWebIdentity: (stsOptions?: STSRoleAssumerOptions, stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]) => RoleAssumerWithWebIdentity;
12
12
  /**
13
13
  * The default credential providers depend STS client to assume role with desired API: sts:assumeRole,
14
14
  * sts:assumeRoleWithWebIdentity, etc. This function decorates the default credential provider with role assumers which
package/dist-types/defaultStsRoleAssumers.d.ts CHANGED
@@ -1,7 +1,15 @@
1
- import { AwsCredentialIdentity, Provider } from "@smithy/types";
1
+ import type { CredentialProviderOptions } from "@aws-sdk/types";
2
+ import { AwsCredentialIdentity, Logger, Provider } from "@smithy/types";
2
3
  import { AssumeRoleCommandInput } from "./commands/AssumeRoleCommand";
3
4
  import { AssumeRoleWithWebIdentityCommandInput } from "./commands/AssumeRoleWithWebIdentityCommand";
4
5
  import type { STSClient, STSClientConfig } from "./STSClient";
6
+ /**
7
+ * @public
8
+ */
9
+ export type STSRoleAssumerOptions = Pick<STSClientConfig, "logger" | "region" | "requestHandler"> & {
10
+ credentialProviderLogger?: Logger;
11
+ parentClientConfig?: CredentialProviderOptions["parentClientConfig"];
12
+ };
5
13
  /**
6
14
  * @internal
7
15
  */
@@ -10,7 +18,7 @@ export type RoleAssumer = (sourceCreds: AwsCredentialIdentity, params: AssumeRol
10
18
  * The default role assumer that used by credential providers when sts:AssumeRole API is needed.
11
19
  * @internal
12
20
  */
13
- export declare const getDefaultRoleAssumer: (stsOptions: Pick<STSClientConfig, "logger" | "region" | "requestHandler">, stsClientCtor: new (options: STSClientConfig) => STSClient) => RoleAssumer;
21
+ export declare const getDefaultRoleAssumer: (stsOptions: STSRoleAssumerOptions, stsClientCtor: new (options: STSClientConfig) => STSClient) => RoleAssumer;
14
22
  /**
15
23
  * @internal
16
24
  */
@@ -19,7 +27,7 @@ export type RoleAssumerWithWebIdentity = (params: AssumeRoleWithWebIdentityComma
19
27
  * The default role assumer that used by credential providers when sts:AssumeRoleWithWebIdentity API is needed.
20
28
  * @internal
21
29
  */
22
- export declare const getDefaultRoleAssumerWithWebIdentity: (stsOptions: Pick<STSClientConfig, "logger" | "region" | "requestHandler">, stsClientCtor: new (options: STSClientConfig) => STSClient) => RoleAssumerWithWebIdentity;
30
+ export declare const getDefaultRoleAssumerWithWebIdentity: (stsOptions: STSRoleAssumerOptions, stsClientCtor: new (options: STSClientConfig) => STSClient) => RoleAssumerWithWebIdentity;
23
31
  /**
24
32
  * @internal
25
33
  */
package/dist-types/ts3.4/defaultRoleAssumers.d.ts CHANGED
@@ -3,18 +3,15 @@ import {
3
3
  DefaultCredentialProvider,
4
4
  RoleAssumer,
5
5
  RoleAssumerWithWebIdentity,
6
+ STSRoleAssumerOptions,
6
7
  } from "./defaultStsRoleAssumers";
7
- import {
8
- ServiceInputTypes,
9
- ServiceOutputTypes,
10
- STSClientConfig,
11
- } from "./STSClient";
8
+ import { ServiceInputTypes, ServiceOutputTypes } from "./STSClient";
12
9
  export declare const getDefaultRoleAssumer: (
13
- stsOptions?: Pick<STSClientConfig, "logger" | "region" | "requestHandler">,
10
+ stsOptions?: STSRoleAssumerOptions,
14
11
  stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]
15
12
  ) => RoleAssumer;
16
13
  export declare const getDefaultRoleAssumerWithWebIdentity: (
17
- stsOptions?: Pick<STSClientConfig, "logger" | "region" | "requestHandler">,
14
+ stsOptions?: STSRoleAssumerOptions,
18
15
  stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]
19
16
  ) => RoleAssumerWithWebIdentity;
20
17
  export declare const decorateDefaultCredentialProvider: (
package/dist-types/ts3.4/defaultStsRoleAssumers.d.ts CHANGED
@@ -1,20 +1,28 @@
1
- import { AwsCredentialIdentity, Provider } from "@smithy/types";
1
+ import { CredentialProviderOptions } from "@aws-sdk/types";
2
+ import { AwsCredentialIdentity, Logger, Provider } from "@smithy/types";
2
3
  import { AssumeRoleCommandInput } from "./commands/AssumeRoleCommand";
3
4
  import { AssumeRoleWithWebIdentityCommandInput } from "./commands/AssumeRoleWithWebIdentityCommand";
4
5
  import { STSClient, STSClientConfig } from "./STSClient";
6
+ export type STSRoleAssumerOptions = Pick<
7
+ STSClientConfig,
8
+ "logger" | "region" | "requestHandler"
9
+ > & {
10
+ credentialProviderLogger?: Logger;
11
+ parentClientConfig?: CredentialProviderOptions["parentClientConfig"];
12
+ };
5
13
  export type RoleAssumer = (
6
14
  sourceCreds: AwsCredentialIdentity,
7
15
  params: AssumeRoleCommandInput
8
16
  ) => Promise<AwsCredentialIdentity>;
9
17
  export declare const getDefaultRoleAssumer: (
10
- stsOptions: Pick<STSClientConfig, "logger" | "region" | "requestHandler">,
18
+ stsOptions: STSRoleAssumerOptions,
11
19
  stsClientCtor: new (options: STSClientConfig) => STSClient
12
20
  ) => RoleAssumer;
13
21
  export type RoleAssumerWithWebIdentity = (
14
22
  params: AssumeRoleWithWebIdentityCommandInput
15
23
  ) => Promise<AwsCredentialIdentity>;
16
24
  export declare const getDefaultRoleAssumerWithWebIdentity: (
17
- stsOptions: Pick<STSClientConfig, "logger" | "region" | "requestHandler">,
25
+ stsOptions: STSRoleAssumerOptions,
18
26
  stsClientCtor: new (options: STSClientConfig) => STSClient
19
27
  ) => RoleAssumerWithWebIdentity;
20
28
  export type DefaultCredentialProvider = (
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@aws-sdk/client-sts",
3
3
  "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native",
4
- "version": "3.507.0",
4
+ "version": "3.511.0",
5
5
  "scripts": {
6
6
  "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
7
7
  "build:cjs": "node ../../scripts/compilation/inline client-sts",
@@ -22,16 +22,16 @@
22
22
  "dependencies": {
23
23
  "@aws-crypto/sha256-browser": "3.0.0",
24
24
  "@aws-crypto/sha256-js": "3.0.0",
25
- "@aws-sdk/core": "3.496.0",
26
- "@aws-sdk/middleware-host-header": "3.502.0",
27
- "@aws-sdk/middleware-logger": "3.502.0",
28
- "@aws-sdk/middleware-recursion-detection": "3.502.0",
29
- "@aws-sdk/middleware-user-agent": "3.502.0",
30
- "@aws-sdk/region-config-resolver": "3.502.0",
31
- "@aws-sdk/types": "3.502.0",
32
- "@aws-sdk/util-endpoints": "3.502.0",
33
- "@aws-sdk/util-user-agent-browser": "3.502.0",
34
- "@aws-sdk/util-user-agent-node": "3.502.0",
25
+ "@aws-sdk/core": "3.511.0",
26
+ "@aws-sdk/middleware-host-header": "3.511.0",
27
+ "@aws-sdk/middleware-logger": "3.511.0",
28
+ "@aws-sdk/middleware-recursion-detection": "3.511.0",
29
+ "@aws-sdk/middleware-user-agent": "3.511.0",
30
+ "@aws-sdk/region-config-resolver": "3.511.0",
31
+ "@aws-sdk/types": "3.511.0",
32
+ "@aws-sdk/util-endpoints": "3.511.0",
33
+ "@aws-sdk/util-user-agent-browser": "3.511.0",
34
+ "@aws-sdk/util-user-agent-node": "3.511.0",
35
35
  "@smithy/config-resolver": "^2.1.1",
36
36
  "@smithy/core": "^1.3.1",
37
37
  "@smithy/fetch-http-handler": "^2.4.1",
@@ -88,7 +88,7 @@
88
88
  },
89
89
  "license": "Apache-2.0",
90
90
  "peerDependencies": {
91
- "@aws-sdk/credential-provider-node": "^3.507.0"
91
+ "@aws-sdk/credential-provider-node": "^3.511.0"
92
92
  },
93
93
  "browser": {
94
94
  "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.browser"