npm - @cdk8s/awscdk-resolver - Versions diffs - 0.0.108 → 0.0.109 - Mend

@cdk8s/awscdk-resolver 0.0.108 → 0.0.109

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (116) hide show

package/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/requestHelpers.js CHANGED Viewed

@@ -15,10 +15,11 @@ export function createGetRequest(url) {
         fragment: url.hash,
     });
 }
-export async function getCredentials(response) {
+export async function getCredentials(response, logger) {
     const contentType = response?.headers["content-type"] ?? response?.headers["Content-Type"] ?? "";
     if (!contentType.includes("json")) {
-        console.warn("HTTP credential provider response header content-type was not application/json. Observed: " + contentType + ".");
+        const warn = logger?.constructor?.name === "NoOpLogger" || !logger ? console.warn : logger.warn;
+        warn("HTTP credential provider response header content-type was not application/json. Observed: " + contentType + ".");
     }
     const stream = sdkStreamMixin(response.body);
     const str = await stream.transformToString();
@@ -29,7 +30,7 @@ export async function getCredentials(response) {
             typeof parsed.Token !== "string" ||
             typeof parsed.Expiration !== "string") {
             throw new CredentialsProviderError("HTTP credential provider response not of the required format, an object matching: " +
-                "{ AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }");
+                "{ AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }", { logger });
         }
         return {
             accessKeyId: parsed.AccessKeyId,
@@ -44,10 +45,10 @@ export async function getCredentials(response) {
             parsedBody = JSON.parse(str);
         }
         catch (e) { }
-        throw Object.assign(new CredentialsProviderError(`Server responded with status: ${response.statusCode}`), {
+        throw Object.assign(new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), {
             Code: parsedBody.Code,
             Message: parsedBody.Message,
         });
     }
-    throw new CredentialsProviderError(`Server responded with status: ${response.statusCode}`);
+    throw new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger });
 }

package/node_modules/@aws-sdk/credential-provider-http/dist-types/fromHttp/checkUrl.d.ts CHANGED Viewed

@@ -1,7 +1,9 @@
+import { Logger } from "@smithy/types";
 /**
  * @internal
  *
  * @param url - to be validated.
+ * @param logger - passed to CredentialsProviderError.
  * @throws if not acceptable to this provider.
  */
-export declare const checkUrl: (url: URL) => void;
+export declare const checkUrl: (url: URL, logger?: Logger) => void;

package/node_modules/@aws-sdk/credential-provider-http/dist-types/fromHttp/fromHttp.browser.d.ts CHANGED Viewed

@@ -3,4 +3,4 @@ import type { FromHttpOptions } from "./fromHttpTypes";
 /**
  * Creates a provider that gets credentials via HTTP request.
  */
-export declare const fromHttp: (options: FromHttpOptions) => AwsCredentialIdentityProvider;
+export declare const fromHttp: (options?: FromHttpOptions) => AwsCredentialIdentityProvider;

package/node_modules/@aws-sdk/credential-provider-http/dist-types/fromHttp/fromHttp.d.ts CHANGED Viewed

@@ -3,4 +3,4 @@ import type { FromHttpOptions } from "./fromHttpTypes";
 /**
  * Creates a provider that gets credentials via HTTP request.
  */
-export declare const fromHttp: (options: FromHttpOptions) => AwsCredentialIdentityProvider;
+export declare const fromHttp: (options?: FromHttpOptions) => AwsCredentialIdentityProvider;

package/node_modules/@aws-sdk/credential-provider-http/dist-types/fromHttp/requestHelpers.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { AwsCredentialIdentity } from "@aws-sdk/types";
 import { HttpRequest } from "@smithy/protocol-http";
-import { HttpResponse } from "@smithy/types";
+import { HttpResponse, Logger } from "@smithy/types";
 /**
  * @internal
  */
@@ -8,4 +8,4 @@ export declare function createGetRequest(url: URL): HttpRequest;
 /**
  * @internal
  */
-export declare function getCredentials(response: HttpResponse): Promise<AwsCredentialIdentity>;
+export declare function getCredentials(response: HttpResponse, logger?: Logger): Promise<AwsCredentialIdentity>;

package/node_modules/@aws-sdk/credential-provider-http/dist-types/ts3.4/fromHttp/checkUrl.d.ts CHANGED Viewed

@@ -1 +1,2 @@
-export declare const checkUrl: (url: URL) => void;
+import { Logger } from "@smithy/types";
+export declare const checkUrl: (url: URL, logger?: Logger) => void;

package/node_modules/@aws-sdk/credential-provider-http/dist-types/ts3.4/fromHttp/fromHttp.browser.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { AwsCredentialIdentityProvider } from "@smithy/types";
 import { FromHttpOptions } from "./fromHttpTypes";
 export declare const fromHttp: (
-  options: FromHttpOptions
+  options?: FromHttpOptions
 ) => AwsCredentialIdentityProvider;

package/node_modules/@aws-sdk/credential-provider-http/dist-types/ts3.4/fromHttp/fromHttp.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { AwsCredentialIdentityProvider } from "@smithy/types";
 import { FromHttpOptions } from "./fromHttpTypes";
 export declare const fromHttp: (
-  options: FromHttpOptions
+  options?: FromHttpOptions
 ) => AwsCredentialIdentityProvider;

package/node_modules/@aws-sdk/credential-provider-http/dist-types/ts3.4/fromHttp/requestHelpers.d.ts CHANGED Viewed

@@ -1,7 +1,8 @@
 import { AwsCredentialIdentity } from "@aws-sdk/types";
 import { HttpRequest } from "@smithy/protocol-http";
-import { HttpResponse } from "@smithy/types";
+import { HttpResponse, Logger } from "@smithy/types";
 export declare function createGetRequest(url: URL): HttpRequest;
 export declare function getCredentials(
-  response: HttpResponse
+  response: HttpResponse,
+  logger?: Logger
 ): Promise<AwsCredentialIdentity>;

package/node_modules/@aws-sdk/credential-provider-http/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-http",
-  "version": "3.582.0",
+  "version": "3.587.0",
   "description": "AWS credential provider for containers and HTTP sources",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",
@@ -29,9 +29,9 @@
     "@aws-sdk/types": "3.577.0",
     "@smithy/fetch-http-handler": "^3.0.1",
     "@smithy/node-http-handler": "^3.0.0",
-    "@smithy/property-provider": "^3.0.0",
+    "@smithy/property-provider": "^3.1.0",
     "@smithy/protocol-http": "^4.0.0",
-    "@smithy/smithy-client": "^3.0.1",
+    "@smithy/smithy-client": "^3.1.1",
     "@smithy/types": "^3.0.0",
     "@smithy/util-stream": "^3.0.1",
     "tslib": "^2.6.2"

package/node_modules/@aws-sdk/credential-provider-ini/dist-cjs/index.js CHANGED Viewed

@@ -47,28 +47,58 @@ var import_shared_ini_file_loader = require("@smithy/shared-ini-file-loader");
 // src/resolveCredentialSource.ts
 var import_property_provider = require("@smithy/property-provider");
-var resolveCredentialSource = /* @__PURE__ */ __name((credentialSource, profileName) => {
+var resolveCredentialSource = /* @__PURE__ */ __name((credentialSource, profileName, logger) => {
   const sourceProvidersMap = {
-    EcsContainer: (options) => Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds"))).then(({ fromContainerMetadata }) => fromContainerMetadata(options)),
-    Ec2InstanceMetadata: (options) => Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds"))).then(({ fromInstanceMetadata }) => fromInstanceMetadata(options)),
-    Environment: (options) => Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-env"))).then(({ fromEnv }) => fromEnv(options))
+    EcsContainer: async (options) => {
+      const { fromHttp } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-http")));
+      const { fromContainerMetadata } = await Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds")));
+      logger == null ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer");
+      return (0, import_property_provider.chain)(fromHttp(options ?? {}), fromContainerMetadata(options));
+    },
+    Ec2InstanceMetadata: async (options) => {
+      logger == null ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata");
+      const { fromInstanceMetadata } = await Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds")));
+      return fromInstanceMetadata(options);
+    },
+    Environment: async (options) => {
+      logger == null ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is Environment");
+      const { fromEnv } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-env")));
+      return fromEnv(options);
+    }
   };
   if (credentialSource in sourceProvidersMap) {
     return sourceProvidersMap[credentialSource];
   } else {
     throw new import_property_provider.CredentialsProviderError(
-      `Unsupported credential source in profile ${profileName}. Got ${credentialSource}, expected EcsContainer or Ec2InstanceMetadata or Environment.`
+      `Unsupported credential source in profile ${profileName}. Got ${credentialSource}, expected EcsContainer or Ec2InstanceMetadata or Environment.`,
+      { logger }
     );
   }
 }, "resolveCredentialSource");
 // src/resolveAssumeRoleCredentials.ts
-var isAssumeRoleProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.role_arn === "string" && ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 && ["undefined", "string"].indexOf(typeof arg.external_id) > -1 && ["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 && (isAssumeRoleWithSourceProfile(arg) || isAssumeRoleWithProviderProfile(arg)), "isAssumeRoleProfile");
-var isAssumeRoleWithSourceProfile = /* @__PURE__ */ __name((arg) => typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined", "isAssumeRoleWithSourceProfile");
-var isAssumeRoleWithProviderProfile = /* @__PURE__ */ __name((arg) => typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined", "isAssumeRoleWithProviderProfile");
-var resolveAssumeRoleCredentials = /* @__PURE__ */ __name(async (profileName, profiles, options, visitedProfiles = {}) => {
+var isAssumeRoleProfile = /* @__PURE__ */ __name((arg, { profile = "default", logger } = {}) => {
+  return Boolean(arg) && typeof arg === "object" && typeof arg.role_arn === "string" && ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 && ["undefined", "string"].indexOf(typeof arg.external_id) > -1 && ["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 && (isAssumeRoleWithSourceProfile(arg, { profile, logger }) || isCredentialSourceProfile(arg, { profile, logger }));
+}, "isAssumeRoleProfile");
+var isAssumeRoleWithSourceProfile = /* @__PURE__ */ __name((arg, { profile, logger }) => {
+  var _a;
+  const withSourceProfile = typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
+  if (withSourceProfile) {
+    (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `    ${profile} isAssumeRoleWithSourceProfile source_profile=${arg.source_profile}`);
+  }
+  return withSourceProfile;
+}, "isAssumeRoleWithSourceProfile");
+var isCredentialSourceProfile = /* @__PURE__ */ __name((arg, { profile, logger }) => {
   var _a;
-  (_a = options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini", "resolveAssumeRoleCredentials (STS)");
+  const withProviderProfile = typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
+  if (withProviderProfile) {
+    (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `    ${profile} isCredentialSourceProfile credential_source=${arg.credential_source}`);
+  }
+  return withProviderProfile;
+}, "isCredentialSourceProfile");
+var resolveAssumeRoleCredentials = /* @__PURE__ */ __name(async (profileName, profiles, options, visitedProfiles = {}) => {
+  var _a, _b;
+  (_a = options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)");
   const data = profiles[profileName];
   if (!options.roleAssumer) {
     const { getDefaultRoleAssumer } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/client-sts")));
@@ -85,13 +115,30 @@ var resolveAssumeRoleCredentials = /* @__PURE__ */ __name(async (profileName, pr
   if (source_profile && source_profile in visitedProfiles) {
     throw new import_property_provider.CredentialsProviderError(
       `Detected a cycle attempting to resolve credentials for profile ${(0, import_shared_ini_file_loader.getProfileName)(options)}. Profiles visited: ` + Object.keys(visitedProfiles).join(", "),
-      false
+      { logger: options.logger }
     );
   }
-  const sourceCredsProvider = source_profile ? resolveProfileData(source_profile, profiles, options, {
-    ...visitedProfiles,
-    [source_profile]: true
-  }) : (await resolveCredentialSource(data.credential_source, profileName)(options))();
+  (_b = options.logger) == null ? void 0 : _b.debug(
+    `@aws-sdk/credential-provider-ini - finding credential resolver using ${source_profile ? `source_profile=[${source_profile}]` : `profile=[${profileName}]`}`
+  );
+  const sourceCredsProvider = source_profile ? resolveProfileData(
+    source_profile,
+    {
+      ...profiles,
+      [source_profile]: {
+        ...profiles[source_profile],
+        // This assigns the role_arn of the "root" profile
+        // to the credential_source profile so this recursive call knows
+        // what role to assume.
+        role_arn: data.role_arn ?? profiles[source_profile].role_arn
+      }
+    },
+    options,
+    {
+      ...visitedProfiles,
+      [source_profile]: true
+    }
+  ) : (await resolveCredentialSource(data.credential_source, profileName, options.logger)(options))();
   const params = {
     RoleArn: data.role_arn,
     RoleSessionName: data.role_session_name || `aws-sdk-js-${Date.now()}`,
@@ -103,7 +150,7 @@ var resolveAssumeRoleCredentials = /* @__PURE__ */ __name(async (profileName, pr
     if (!options.mfaCodeProvider) {
       throw new import_property_provider.CredentialsProviderError(
         `Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`,
-        false
+        { logger: options.logger, tryNextLink: false }
       );
     }
     params.SerialNumber = mfa_serial;
@@ -136,7 +183,7 @@ var isSsoProfile = /* @__PURE__ */ __name((arg) => arg && (typeof arg.sso_start_
 var isStaticCredsProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.aws_access_key_id === "string" && typeof arg.aws_secret_access_key === "string" && ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1, "isStaticCredsProfile");
 var resolveStaticCredentials = /* @__PURE__ */ __name((profile, options) => {
   var _a;
-  (_a = options == null ? void 0 : options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini", "resolveStaticCredentials");
+  (_a = options == null ? void 0 : options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials");
   return Promise.resolve({
     accessKeyId: profile.aws_access_key_id,
     secretAccessKey: profile.aws_secret_access_key,
@@ -164,7 +211,7 @@ var resolveProfileData = /* @__PURE__ */ __name(async (profileName, profiles, op
   if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
     return resolveStaticCredentials(data, options);
   }
-  if (isAssumeRoleProfile(data)) {
+  if (isAssumeRoleProfile(data, { profile: profileName, logger: options.logger })) {
     return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles);
   }
   if (isStaticCredsProfile(data)) {
@@ -179,13 +226,16 @@ var resolveProfileData = /* @__PURE__ */ __name(async (profileName, profiles, op
   if (isSsoProfile(data)) {
     return await resolveSsoCredentials(profileName, options);
   }
-  throw new import_property_provider.CredentialsProviderError(`Profile ${profileName} could not be found or parsed in shared credentials file.`);
+  throw new import_property_provider.CredentialsProviderError(
+    `Could not resolve credentials using profile: [${profileName}] in configuration/credentials file(s).`,
+    { logger: options.logger }
+  );
 }, "resolveProfileData");
 // src/fromIni.ts
 var fromIni = /* @__PURE__ */ __name((init = {}) => async () => {
   var _a;
-  (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini", "fromIni");
+  (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini - fromIni");
   const profiles = await (0, import_shared_ini_file_loader.parseKnownFiles)(init);
   return resolveProfileData((0, import_shared_ini_file_loader.getProfileName)(init), profiles, init);
 }, "fromIni");

package/node_modules/@aws-sdk/credential-provider-ini/dist-es/fromIni.js CHANGED Viewed

@@ -1,7 +1,7 @@
 import { getProfileName, parseKnownFiles } from "@smithy/shared-ini-file-loader";
 import { resolveProfileData } from "./resolveProfileData";
 export const fromIni = (init = {}) => async () => {
-    init.logger?.debug("@aws-sdk/credential-provider-ini", "fromIni");
+    init.logger?.debug("@aws-sdk/credential-provider-ini - fromIni");
     const profiles = await parseKnownFiles(init);
     return resolveProfileData(getProfileName(init), profiles, init);
 };

package/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveAssumeRoleCredentials.js CHANGED Viewed

@@ -2,17 +2,31 @@ import { CredentialsProviderError } from "@smithy/property-provider";
 import { getProfileName } from "@smithy/shared-ini-file-loader";
 import { resolveCredentialSource } from "./resolveCredentialSource";
 import { resolveProfileData } from "./resolveProfileData";
-export const isAssumeRoleProfile = (arg) => Boolean(arg) &&
-    typeof arg === "object" &&
-    typeof arg.role_arn === "string" &&
-    ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 &&
-    ["undefined", "string"].indexOf(typeof arg.external_id) > -1 &&
-    ["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 &&
-    (isAssumeRoleWithSourceProfile(arg) || isAssumeRoleWithProviderProfile(arg));
-const isAssumeRoleWithSourceProfile = (arg) => typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
-const isAssumeRoleWithProviderProfile = (arg) => typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
+export const isAssumeRoleProfile = (arg, { profile = "default", logger } = {}) => {
+    return (Boolean(arg) &&
+        typeof arg === "object" &&
+        typeof arg.role_arn === "string" &&
+        ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 &&
+        ["undefined", "string"].indexOf(typeof arg.external_id) > -1 &&
+        ["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 &&
+        (isAssumeRoleWithSourceProfile(arg, { profile, logger }) || isCredentialSourceProfile(arg, { profile, logger })));
+};
+const isAssumeRoleWithSourceProfile = (arg, { profile, logger }) => {
+    const withSourceProfile = typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
+    if (withSourceProfile) {
+        logger?.debug?.(`    ${profile} isAssumeRoleWithSourceProfile source_profile=${arg.source_profile}`);
+    }
+    return withSourceProfile;
+};
+const isCredentialSourceProfile = (arg, { profile, logger }) => {
+    const withProviderProfile = typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
+    if (withProviderProfile) {
+        logger?.debug?.(`    ${profile} isCredentialSourceProfile credential_source=${arg.credential_source}`);
+    }
+    return withProviderProfile;
+};
 export const resolveAssumeRoleCredentials = async (profileName, profiles, options, visitedProfiles = {}) => {
-    options.logger?.debug("@aws-sdk/credential-provider-ini", "resolveAssumeRoleCredentials (STS)");
+    options.logger?.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)");
     const data = profiles[profileName];
     if (!options.roleAssumer) {
         const { getDefaultRoleAssumer } = await import("@aws-sdk/client-sts");
@@ -26,14 +40,21 @@ export const resolveAssumeRoleCredentials = async (profileName, profiles, option
     if (source_profile && source_profile in visitedProfiles) {
         throw new CredentialsProviderError(`Detected a cycle attempting to resolve credentials for profile` +
             ` ${getProfileName(options)}. Profiles visited: ` +
-            Object.keys(visitedProfiles).join(", "), false);
+            Object.keys(visitedProfiles).join(", "), { logger: options.logger });
     }
+    options.logger?.debug(`@aws-sdk/credential-provider-ini - finding credential resolver using ${source_profile ? `source_profile=[${source_profile}]` : `profile=[${profileName}]`}`);
     const sourceCredsProvider = source_profile
-        ? resolveProfileData(source_profile, profiles, options, {
+        ? resolveProfileData(source_profile, {
+            ...profiles,
+            [source_profile]: {
+                ...profiles[source_profile],
+                role_arn: data.role_arn ?? profiles[source_profile].role_arn,
+            },
+        }, options, {
             ...visitedProfiles,
             [source_profile]: true,
         })
-        : (await resolveCredentialSource(data.credential_source, profileName)(options))();
+        : (await resolveCredentialSource(data.credential_source, profileName, options.logger)(options))();
     const params = {
         RoleArn: data.role_arn,
         RoleSessionName: data.role_session_name || `aws-sdk-js-${Date.now()}`,
@@ -43,7 +64,7 @@ export const resolveAssumeRoleCredentials = async (profileName, profiles, option
     const { mfa_serial } = data;
     if (mfa_serial) {
         if (!options.mfaCodeProvider) {
-            throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, false);
+            throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, { logger: options.logger, tryNextLink: false });
         }
         params.SerialNumber = mfa_serial;
         params.TokenCode = await options.mfaCodeProvider(mfa_serial);

package/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveCredentialSource.js CHANGED Viewed

@@ -1,15 +1,28 @@
-import { CredentialsProviderError } from "@smithy/property-provider";
-export const resolveCredentialSource = (credentialSource, profileName) => {
+import { chain, CredentialsProviderError } from "@smithy/property-provider";
+export const resolveCredentialSource = (credentialSource, profileName, logger) => {
     const sourceProvidersMap = {
-        EcsContainer: (options) => import("@smithy/credential-provider-imds").then(({ fromContainerMetadata }) => fromContainerMetadata(options)),
-        Ec2InstanceMetadata: (options) => import("@smithy/credential-provider-imds").then(({ fromInstanceMetadata }) => fromInstanceMetadata(options)),
-        Environment: (options) => import("@aws-sdk/credential-provider-env").then(({ fromEnv }) => fromEnv(options)),
+        EcsContainer: async (options) => {
+            const { fromHttp } = await import("@aws-sdk/credential-provider-http");
+            const { fromContainerMetadata } = await import("@smithy/credential-provider-imds");
+            logger?.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer");
+            return chain(fromHttp(options ?? {}), fromContainerMetadata(options));
+        },
+        Ec2InstanceMetadata: async (options) => {
+            logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata");
+            const { fromInstanceMetadata } = await import("@smithy/credential-provider-imds");
+            return fromInstanceMetadata(options);
+        },
+        Environment: async (options) => {
+            logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Environment");
+            const { fromEnv } = await import("@aws-sdk/credential-provider-env");
+            return fromEnv(options);
+        },
     };
     if (credentialSource in sourceProvidersMap) {
         return sourceProvidersMap[credentialSource];
     }
     else {
         throw new CredentialsProviderError(`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, ` +
-            `expected EcsContainer or Ec2InstanceMetadata or Environment.`);
+            `expected EcsContainer or Ec2InstanceMetadata or Environment.`, { logger });
     }
 };

package/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveProfileData.js CHANGED Viewed

@@ -9,7 +9,7 @@ export const resolveProfileData = async (profileName, profiles, options, visited
     if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
         return resolveStaticCredentials(data, options);
     }
-    if (isAssumeRoleProfile(data)) {
+    if (isAssumeRoleProfile(data, { profile: profileName, logger: options.logger })) {
         return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles);
     }
     if (isStaticCredsProfile(data)) {
@@ -24,5 +24,5 @@ export const resolveProfileData = async (profileName, profiles, options, visited
     if (isSsoProfile(data)) {
         return await resolveSsoCredentials(profileName, options);
     }
-    throw new CredentialsProviderError(`Profile ${profileName} could not be found or parsed in shared credentials file.`);
+    throw new CredentialsProviderError(`Could not resolve credentials using profile: [${profileName}] in configuration/credentials file(s).`, { logger: options.logger });
 };

package/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveStaticCredentials.js CHANGED Viewed

@@ -4,7 +4,7 @@ export const isStaticCredsProfile = (arg) => Boolean(arg) &&
     typeof arg.aws_secret_access_key === "string" &&
     ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1;
 export const resolveStaticCredentials = (profile, options) => {
-    options?.logger?.debug("@aws-sdk/credential-provider-ini", "resolveStaticCredentials");
+    options?.logger?.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials");
     return Promise.resolve({
         accessKeyId: profile.aws_access_key_id,
         secretAccessKey: profile.aws_secret_access_key,

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/resolveAssumeRoleCredentials.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types";
+import { AwsCredentialIdentity, Logger, ParsedIniData } from "@smithy/types";
 import { FromIniInit } from "./fromIni";
 /**
  * @internal
@@ -37,7 +37,10 @@ export interface AssumeRoleParams {
 /**
  * @internal
  */
-export declare const isAssumeRoleProfile: (arg: any) => boolean;
+export declare const isAssumeRoleProfile: (arg: any, { profile, logger }?: {
+    profile?: string | undefined;
+    logger?: Logger | undefined;
+}) => boolean;
 /**
  * @internal
  */

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/resolveCredentialSource.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import type { CredentialProviderOptions } from "@aws-sdk/types";
-import { AwsCredentialIdentityProvider } from "@smithy/types";
+import { AwsCredentialIdentityProvider, Logger } from "@smithy/types";
 /**
  * @internal
  *
@@ -9,4 +9,4 @@ import { AwsCredentialIdentityProvider } from "@smithy/types";
  * fromIni() provider. The source credential needs to be refreshed every time
  * fromIni() is called.
  */
-export declare const resolveCredentialSource: (credentialSource: string, profileName: string) => (options?: CredentialProviderOptions) => Promise<AwsCredentialIdentityProvider>;
+export declare const resolveCredentialSource: (credentialSource: string, profileName: string, logger?: Logger) => (options?: CredentialProviderOptions) => Promise<AwsCredentialIdentityProvider>;

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/ts3.4/resolveAssumeRoleCredentials.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types";
+import { AwsCredentialIdentity, Logger, ParsedIniData } from "@smithy/types";
 import { FromIniInit } from "./fromIni";
 export interface AssumeRoleParams {
   RoleArn: string;
@@ -8,7 +8,16 @@ export interface AssumeRoleParams {
   TokenCode?: string;
   DurationSeconds?: number;
 }
-export declare const isAssumeRoleProfile: (arg: any) => boolean;
+export declare const isAssumeRoleProfile: (
+  arg: any,
+  {
+    profile,
+    logger,
+  }?: {
+    profile?: string | undefined;
+    logger?: Logger | undefined;
+  }
+) => boolean;
 export declare const resolveAssumeRoleCredentials: (
   profileName: string,
   profiles: ParsedIniData,

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/ts3.4/resolveCredentialSource.d.ts CHANGED Viewed

@@ -1,8 +1,9 @@
 import { CredentialProviderOptions } from "@aws-sdk/types";
-import { AwsCredentialIdentityProvider } from "@smithy/types";
+import { AwsCredentialIdentityProvider, Logger } from "@smithy/types";
 export declare const resolveCredentialSource: (
   credentialSource: string,
-  profileName: string
+  profileName: string,
+  logger?: Logger
 ) => (
   options?: CredentialProviderOptions
 ) => Promise<AwsCredentialIdentityProvider>;

package/node_modules/@aws-sdk/credential-provider-ini/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-ini",
-  "version": "3.583.0",
+  "version": "3.587.0",
   "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",
@@ -24,14 +24,15 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@aws-sdk/credential-provider-env": "3.577.0",
-    "@aws-sdk/credential-provider-process": "3.577.0",
-    "@aws-sdk/credential-provider-sso": "3.583.0",
-    "@aws-sdk/credential-provider-web-identity": "3.577.0",
+    "@aws-sdk/credential-provider-env": "3.587.0",
+    "@aws-sdk/credential-provider-http": "3.587.0",
+    "@aws-sdk/credential-provider-process": "3.587.0",
+    "@aws-sdk/credential-provider-sso": "3.587.0",
+    "@aws-sdk/credential-provider-web-identity": "3.587.0",
     "@aws-sdk/types": "3.577.0",
-    "@smithy/credential-provider-imds": "^3.0.0",
-    "@smithy/property-provider": "^3.0.0",
-    "@smithy/shared-ini-file-loader": "^3.0.0",
+    "@smithy/credential-provider-imds": "^3.1.0",
+    "@smithy/property-provider": "^3.1.0",
+    "@smithy/shared-ini-file-loader": "^3.1.0",
     "@smithy/types": "^3.0.0",
     "tslib": "^2.6.2"
   },
@@ -44,7 +45,7 @@
     "typescript": "~4.9.5"
   },
   "peerDependencies": {
-    "@aws-sdk/client-sts": "^3.583.0"
+    "@aws-sdk/client-sts": "^3.587.0"
   },
   "types": "./dist-types/index.d.ts",
   "engines": {