npm - @cdk8s/awscdk-resolver - Versions diffs - 0.0.135 → 0.0.136 - Mend

@cdk8s/awscdk-resolver 0.0.135 → 0.0.136

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (170) hide show

package/node_modules/@aws-sdk/core/dist-types/submodules/account-id-endpoint/AccountIdEndpointModeConstants.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+export type AccountIdEndpointMode = "disabled" | "preferred" | "required";
+export declare const DEFAULT_ACCOUNT_ID_ENDPOINT_MODE = "preferred";
+export declare const ACCOUNT_ID_ENDPOINT_MODE_VALUES: AccountIdEndpointMode[];
+/**
+ * @internal
+ */
+export declare function validateAccountIdEndpointMode(value: any): value is AccountIdEndpointMode;

package/node_modules/@aws-sdk/core/dist-types/submodules/account-id-endpoint/NodeAccountIdEndpointModeConfigOptions.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import { LoadedConfigSelectors } from "@smithy/node-config-provider";
+import { AccountIdEndpointMode } from "./AccountIdEndpointModeConstants";
+/**
+ * @internal
+ */
+export declare const ENV_ACCOUNT_ID_ENDPOINT_MODE = "AWS_ACCOUNT_ID_ENDPOINT_MODE";
+/**
+ * @internal
+ */
+export declare const CONFIG_ACCOUNT_ID_ENDPOINT_MODE = "account_id_endpoint_mode";
+/**
+ * @internal
+ */
+export declare const NODE_ACCOUNT_ID_ENDPOINT_MODE_CONFIG_OPTIONS: LoadedConfigSelectors<AccountIdEndpointMode>;

package/node_modules/@aws-sdk/core/dist-types/submodules/account-id-endpoint/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export * from "./AccountIdEndpointModeConfigResolver";
+export * from "./AccountIdEndpointModeConstants";
+export * from "./NodeAccountIdEndpointModeConfigOptions";

package/node_modules/@aws-sdk/core/dist-types/ts3.4/submodules/account-id-endpoint/AccountIdEndpointModeConfigResolver.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import { Provider } from "@smithy/types";
+import { AccountIdEndpointMode } from "./AccountIdEndpointModeConstants";
+export interface AccountIdEndpointModeInputConfig {
+  accountIdEndpointMode?:
+    | AccountIdEndpointMode
+    | Provider<AccountIdEndpointMode>;
+}
+interface PreviouslyResolved {}
+export interface AccountIdEndpointModeResolvedConfig {
+  accountIdEndpointMode: Provider<AccountIdEndpointMode>;
+}
+export declare const resolveAccountIdEndpointModeConfig: <T>(
+  input: T & AccountIdEndpointModeInputConfig & PreviouslyResolved
+) => T & AccountIdEndpointModeResolvedConfig;
+export {};

package/node_modules/@aws-sdk/core/dist-types/ts3.4/submodules/account-id-endpoint/AccountIdEndpointModeConstants.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export type AccountIdEndpointMode = "disabled" | "preferred" | "required";
+export declare const DEFAULT_ACCOUNT_ID_ENDPOINT_MODE = "preferred";
+export declare const ACCOUNT_ID_ENDPOINT_MODE_VALUES: AccountIdEndpointMode[];
+export declare function validateAccountIdEndpointMode(
+  value: any
+): value is AccountIdEndpointMode;

package/node_modules/@aws-sdk/core/dist-types/ts3.4/submodules/account-id-endpoint/NodeAccountIdEndpointModeConfigOptions.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import { LoadedConfigSelectors } from "@smithy/node-config-provider";
+import { AccountIdEndpointMode } from "./AccountIdEndpointModeConstants";
+export declare const ENV_ACCOUNT_ID_ENDPOINT_MODE =
+  "AWS_ACCOUNT_ID_ENDPOINT_MODE";
+export declare const CONFIG_ACCOUNT_ID_ENDPOINT_MODE =
+  "account_id_endpoint_mode";
+export declare const NODE_ACCOUNT_ID_ENDPOINT_MODE_CONFIG_OPTIONS: LoadedConfigSelectors<AccountIdEndpointMode>;

package/node_modules/@aws-sdk/core/dist-types/ts3.4/submodules/account-id-endpoint/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export * from "./AccountIdEndpointModeConfigResolver";
+export * from "./AccountIdEndpointModeConstants";
+export * from "./NodeAccountIdEndpointModeConfigOptions";

package/node_modules/@aws-sdk/core/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/core",
-  "version": "3.614.0",
+  "version": "3.622.0",
   "description": "Core functions & classes shared by multiple AWS SDK clients",
   "scripts": {
     "build": "yarn lint && concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
@@ -46,6 +46,13 @@
       "require": "./dist-cjs/submodules/httpAuthSchemes/index.js",
       "types": "./dist-types/submodules/httpAuthSchemes/index.d.ts"
     },
+    "./account-id-endpoint": {
+      "module": "./dist-es/submodules/account-id-endpoint/index.js",
+      "node": "./dist-cjs/submodules/account-id-endpoint/index.js",
+      "import": "./dist-es/submodules/account-id-endpoint/index.js",
+      "require": "./dist-cjs/submodules/account-id-endpoint/index.js",
+      "types": "./dist-types/submodules/account-id-endpoint/index.d.ts"
+    },
     "./protocols": {
       "module": "./dist-es/submodules/protocols/index.js",
       "node": "./dist-cjs/submodules/protocols/index.js",
@@ -58,7 +65,8 @@
     "dist-*/**",
     "./client.js",
     "./httpAuthSchemes.js",
-    "./protocols.js"
+    "./protocols.js",
+    "./account-id-endpoint.js"
   ],
   "sideEffects": false,
   "author": {
@@ -67,12 +75,14 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@smithy/core": "^2.2.6",
-    "@smithy/protocol-http": "^4.0.3",
-    "@smithy/signature-v4": "^3.1.2",
-    "@smithy/smithy-client": "^3.1.7",
+    "@smithy/core": "^2.3.2",
+    "@smithy/node-config-provider": "^3.1.4",
+    "@smithy/protocol-http": "^4.1.0",
+    "@smithy/signature-v4": "^4.1.0",
+    "@smithy/smithy-client": "^3.1.12",
     "@smithy/types": "^3.3.0",
-    "fast-xml-parser": "4.2.5",
+    "@smithy/util-middleware": "^3.0.3",
+    "fast-xml-parser": "4.4.1",
     "tslib": "^2.6.2"
   },
   "devDependencies": {
@@ -92,7 +102,7 @@
       ]
     }
   },
-  "homepage": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core",
+  "homepage": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/core",
   "repository": {
     "type": "git",
     "url": "https://github.com/aws/aws-sdk-js-v3.git",

package/node_modules/@aws-sdk/credential-provider-env/dist-cjs/index.js CHANGED Viewed

@@ -21,6 +21,7 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/index.ts
 var src_exports = {};
 __export(src_exports, {
+  ENV_ACCOUNT_ID: () => ENV_ACCOUNT_ID,
   ENV_CREDENTIAL_SCOPE: () => ENV_CREDENTIAL_SCOPE,
   ENV_EXPIRATION: () => ENV_EXPIRATION,
   ENV_KEY: () => ENV_KEY,
@@ -37,6 +38,7 @@ var ENV_SECRET = "AWS_SECRET_ACCESS_KEY";
 var ENV_SESSION = "AWS_SESSION_TOKEN";
 var ENV_EXPIRATION = "AWS_CREDENTIAL_EXPIRATION";
 var ENV_CREDENTIAL_SCOPE = "AWS_CREDENTIAL_SCOPE";
+var ENV_ACCOUNT_ID = "AWS_ACCOUNT_ID";
 var fromEnv = /* @__PURE__ */ __name((init) => async () => {
   var _a;
   (_a = init == null ? void 0 : init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-env - fromEnv");
@@ -45,13 +47,15 @@ var fromEnv = /* @__PURE__ */ __name((init) => async () => {
   const sessionToken = process.env[ENV_SESSION];
   const expiry = process.env[ENV_EXPIRATION];
   const credentialScope = process.env[ENV_CREDENTIAL_SCOPE];
+  const accountId = process.env[ENV_ACCOUNT_ID];
   if (accessKeyId && secretAccessKey) {
     return {
       accessKeyId,
       secretAccessKey,
       ...sessionToken && { sessionToken },
       ...expiry && { expiration: new Date(expiry) },
-      ...credentialScope && { credentialScope }
+      ...credentialScope && { credentialScope },
+      ...accountId && { accountId }
     };
   }
   throw new import_property_provider.CredentialsProviderError("Unable to find environment variable credentials.", { logger: init == null ? void 0 : init.logger });
@@ -64,6 +68,7 @@ var fromEnv = /* @__PURE__ */ __name((init) => async () => {
   ENV_SESSION,
   ENV_EXPIRATION,
   ENV_CREDENTIAL_SCOPE,
+  ENV_ACCOUNT_ID,
   fromEnv
 });

package/node_modules/@aws-sdk/credential-provider-env/dist-es/fromEnv.js CHANGED Viewed

@@ -4,6 +4,7 @@ export const ENV_SECRET = "AWS_SECRET_ACCESS_KEY";
 export const ENV_SESSION = "AWS_SESSION_TOKEN";
 export const ENV_EXPIRATION = "AWS_CREDENTIAL_EXPIRATION";
 export const ENV_CREDENTIAL_SCOPE = "AWS_CREDENTIAL_SCOPE";
+export const ENV_ACCOUNT_ID = "AWS_ACCOUNT_ID";
 export const fromEnv = (init) => async () => {
     init?.logger?.debug("@aws-sdk/credential-provider-env - fromEnv");
     const accessKeyId = process.env[ENV_KEY];
@@ -11,6 +12,7 @@ export const fromEnv = (init) => async () => {
     const sessionToken = process.env[ENV_SESSION];
     const expiry = process.env[ENV_EXPIRATION];
     const credentialScope = process.env[ENV_CREDENTIAL_SCOPE];
+    const accountId = process.env[ENV_ACCOUNT_ID];
     if (accessKeyId && secretAccessKey) {
         return {
             accessKeyId,
@@ -18,6 +20,7 @@ export const fromEnv = (init) => async () => {
             ...(sessionToken && { sessionToken }),
             ...(expiry && { expiration: new Date(expiry) }),
             ...(credentialScope && { credentialScope }),
+            ...(accountId && { accountId }),
         };
     }
     throw new CredentialsProviderError("Unable to find environment variable credentials.", { logger: init?.logger });

package/node_modules/@aws-sdk/credential-provider-env/dist-types/fromEnv.d.ts CHANGED Viewed

@@ -22,6 +22,10 @@ export declare const ENV_EXPIRATION = "AWS_CREDENTIAL_EXPIRATION";
  * @internal
  */
 export declare const ENV_CREDENTIAL_SCOPE = "AWS_CREDENTIAL_SCOPE";
+/**
+ * @internal
+ */
+export declare const ENV_ACCOUNT_ID = "AWS_ACCOUNT_ID";
 /**
  * @internal
  *

package/node_modules/@aws-sdk/credential-provider-env/dist-types/ts3.4/fromEnv.d.ts CHANGED Viewed

@@ -6,6 +6,7 @@ export declare const ENV_SECRET = "AWS_SECRET_ACCESS_KEY";
 export declare const ENV_SESSION = "AWS_SESSION_TOKEN";
 export declare const ENV_EXPIRATION = "AWS_CREDENTIAL_EXPIRATION";
 export declare const ENV_CREDENTIAL_SCOPE = "AWS_CREDENTIAL_SCOPE";
+export declare const ENV_ACCOUNT_ID = "AWS_ACCOUNT_ID";
 export declare const fromEnv: (
   init?: FromEnvInit
 ) => AwsCredentialIdentityProvider;

package/node_modules/@aws-sdk/credential-provider-env/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-env",
-  "version": "3.609.0",
+  "version": "3.620.1",
   "description": "AWS credential provider that sources credentials from known environment variables",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",

package/node_modules/@aws-sdk/credential-provider-http/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-http",
-  "version": "3.614.0",
+  "version": "3.622.0",
   "description": "AWS credential provider for containers and HTTP sources",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",
@@ -27,13 +27,13 @@
   "license": "Apache-2.0",
   "dependencies": {
     "@aws-sdk/types": "3.609.0",
-    "@smithy/fetch-http-handler": "^3.2.1",
-    "@smithy/node-http-handler": "^3.1.2",
+    "@smithy/fetch-http-handler": "^3.2.4",
+    "@smithy/node-http-handler": "^3.1.4",
     "@smithy/property-provider": "^3.1.3",
-    "@smithy/protocol-http": "^4.0.3",
-    "@smithy/smithy-client": "^3.1.7",
+    "@smithy/protocol-http": "^4.1.0",
+    "@smithy/smithy-client": "^3.1.12",
     "@smithy/types": "^3.3.0",
-    "@smithy/util-stream": "^3.0.6",
+    "@smithy/util-stream": "^3.1.3",
     "tslib": "^2.6.2"
   },
   "devDependencies": {

package/node_modules/@aws-sdk/credential-provider-ini/dist-cjs/index.js CHANGED Viewed

@@ -180,7 +180,7 @@ var resolveSsoCredentials = /* @__PURE__ */ __name(async (profile, options = {})
 var isSsoProfile = /* @__PURE__ */ __name((arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string"), "isSsoProfile");
 // src/resolveStaticCredentials.ts
-var isStaticCredsProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.aws_access_key_id === "string" && typeof arg.aws_secret_access_key === "string" && ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1, "isStaticCredsProfile");
+var isStaticCredsProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.aws_access_key_id === "string" && typeof arg.aws_secret_access_key === "string" && ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1 && ["undefined", "string"].indexOf(typeof arg.aws_account_id) > -1, "isStaticCredsProfile");
 var resolveStaticCredentials = /* @__PURE__ */ __name((profile, options) => {
   var _a;
   (_a = options == null ? void 0 : options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials");
@@ -188,7 +188,8 @@ var resolveStaticCredentials = /* @__PURE__ */ __name((profile, options) => {
     accessKeyId: profile.aws_access_key_id,
     secretAccessKey: profile.aws_secret_access_key,
     sessionToken: profile.aws_session_token,
-    credentialScope: profile.aws_credential_scope
+    ...profile.aws_credential_scope && { credentialScope: profile.aws_credential_scope },
+    ...profile.aws_account_id && { accountId: profile.aws_account_id }
   });
 }, "resolveStaticCredentials");

package/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveStaticCredentials.js CHANGED Viewed

@@ -2,13 +2,15 @@ export const isStaticCredsProfile = (arg) => Boolean(arg) &&
     typeof arg === "object" &&
     typeof arg.aws_access_key_id === "string" &&
     typeof arg.aws_secret_access_key === "string" &&
-    ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1;
+    ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1 &&
+    ["undefined", "string"].indexOf(typeof arg.aws_account_id) > -1;
 export const resolveStaticCredentials = (profile, options) => {
     options?.logger?.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials");
     return Promise.resolve({
         accessKeyId: profile.aws_access_key_id,
         secretAccessKey: profile.aws_secret_access_key,
         sessionToken: profile.aws_session_token,
-        credentialScope: profile.aws_credential_scope,
+        ...(profile.aws_credential_scope && { credentialScope: profile.aws_credential_scope }),
+        ...(profile.aws_account_id && { accountId: profile.aws_account_id }),
     });
 };

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/resolveStaticCredentials.d.ts CHANGED Viewed

@@ -8,6 +8,7 @@ export interface StaticCredsProfile extends Profile {
     aws_secret_access_key: string;
     aws_session_token?: string;
     aws_credential_scope?: string;
+    aws_account_id?: string;
 }
 /**
  * @internal

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/ts3.4/resolveStaticCredentials.d.ts CHANGED Viewed

@@ -5,6 +5,7 @@ export interface StaticCredsProfile extends Profile {
   aws_secret_access_key: string;
   aws_session_token?: string;
   aws_credential_scope?: string;
+  aws_account_id?: string;
 }
 export declare const isStaticCredsProfile: (
   arg: any

package/node_modules/@aws-sdk/credential-provider-ini/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-ini",
-  "version": "3.614.0",
+  "version": "3.622.0",
   "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",
@@ -24,13 +24,13 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@aws-sdk/credential-provider-env": "3.609.0",
-    "@aws-sdk/credential-provider-http": "3.614.0",
-    "@aws-sdk/credential-provider-process": "3.614.0",
-    "@aws-sdk/credential-provider-sso": "3.614.0",
-    "@aws-sdk/credential-provider-web-identity": "3.609.0",
+    "@aws-sdk/credential-provider-env": "3.620.1",
+    "@aws-sdk/credential-provider-http": "3.622.0",
+    "@aws-sdk/credential-provider-process": "3.620.1",
+    "@aws-sdk/credential-provider-sso": "3.622.0",
+    "@aws-sdk/credential-provider-web-identity": "3.621.0",
     "@aws-sdk/types": "3.609.0",
-    "@smithy/credential-provider-imds": "^3.1.4",
+    "@smithy/credential-provider-imds": "^3.2.0",
     "@smithy/property-provider": "^3.1.3",
     "@smithy/shared-ini-file-loader": "^3.1.4",
     "@smithy/types": "^3.3.0",
@@ -45,7 +45,7 @@
     "typescript": "~4.9.5"
   },
   "peerDependencies": {
-    "@aws-sdk/client-sts": "^3.614.0"
+    "@aws-sdk/client-sts": "^3.622.0"
   },
   "types": "./dist-types/index.d.ts",
   "engines": {

package/node_modules/@aws-sdk/credential-provider-node/dist-cjs/index.js CHANGED Viewed

@@ -63,15 +63,39 @@ var remoteProvider = /* @__PURE__ */ __name(async (init) => {
 }, "remoteProvider");
 // src/defaultProvider.ts
+var multipleCredentialSourceWarningEmitted = false;
 var defaultProvider = /* @__PURE__ */ __name((init = {}) => (0, import_property_provider.memoize)(
   (0, import_property_provider.chain)(
-    ...init.profile || process.env[import_shared_ini_file_loader.ENV_PROFILE] ? [] : [
-      async () => {
-        var _a;
-        (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node - defaultProvider::fromEnv");
-        return (0, import_credential_provider_env.fromEnv)(init)();
+    async () => {
+      var _a, _b, _c, _d;
+      const profile = init.profile ?? process.env[import_shared_ini_file_loader.ENV_PROFILE];
+      if (profile) {
+        const envStaticCredentialsAreSet = process.env[import_credential_provider_env.ENV_KEY] && process.env[import_credential_provider_env.ENV_SECRET];
+        if (envStaticCredentialsAreSet) {
+          if (!multipleCredentialSourceWarningEmitted) {
+            const warnFn = ((_a = init.logger) == null ? void 0 : _a.warn) && ((_c = (_b = init.logger) == null ? void 0 : _b.constructor) == null ? void 0 : _c.name) !== "NoOpLogger" ? init.logger.warn : console.warn;
+            warnFn(
+              `@aws-sdk/credential-provider-node - defaultProvider::fromEnv WARNING:
+    Multiple credential sources detected:
+    Both AWS_PROFILE and the pair AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY static credentials are set.
+    This SDK will proceed with the AWS_PROFILE value.
+    However, a future version may change this behavior to prefer the ENV static credentials.
+    Please ensure that your environment only sets either the AWS_PROFILE or the
+    AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY pair.
+`
+            );
+            multipleCredentialSourceWarningEmitted = true;
+          }
+        }
+        throw new import_property_provider.CredentialsProviderError("AWS_PROFILE is set, skipping fromEnv provider.", {
+          logger: init.logger,
+          tryNextLink: true
+        });
       }
-    ],
+      (_d = init.logger) == null ? void 0 : _d.debug("@aws-sdk/credential-provider-node - defaultProvider::fromEnv");
+      return (0, import_credential_provider_env.fromEnv)(init)();
+    },
     async () => {
       var _a;
       (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node - defaultProvider::fromSSO");

package/node_modules/@aws-sdk/credential-provider-node/dist-es/defaultProvider.js CHANGED Viewed

@@ -1,15 +1,35 @@
-import { fromEnv } from "@aws-sdk/credential-provider-env";
+import { ENV_KEY, ENV_SECRET, fromEnv } from "@aws-sdk/credential-provider-env";
 import { chain, CredentialsProviderError, memoize } from "@smithy/property-provider";
 import { ENV_PROFILE } from "@smithy/shared-ini-file-loader";
 import { remoteProvider } from "./remoteProvider";
-export const defaultProvider = (init = {}) => memoize(chain(...(init.profile || process.env[ENV_PROFILE]
-    ? []
-    : [
-        async () => {
-            init.logger?.debug("@aws-sdk/credential-provider-node - defaultProvider::fromEnv");
-            return fromEnv(init)();
-        },
-    ]), async () => {
+let multipleCredentialSourceWarningEmitted = false;
+export const defaultProvider = (init = {}) => memoize(chain(async () => {
+    const profile = init.profile ?? process.env[ENV_PROFILE];
+    if (profile) {
+        const envStaticCredentialsAreSet = process.env[ENV_KEY] && process.env[ENV_SECRET];
+        if (envStaticCredentialsAreSet) {
+            if (!multipleCredentialSourceWarningEmitted) {
+                const warnFn = init.logger?.warn && init.logger?.constructor?.name !== "NoOpLogger" ? init.logger.warn : console.warn;
+                warnFn(`@aws-sdk/credential-provider-node - defaultProvider::fromEnv WARNING:
+    Multiple credential sources detected:
+    Both AWS_PROFILE and the pair AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY static credentials are set.
+    This SDK will proceed with the AWS_PROFILE value.
+    However, a future version may change this behavior to prefer the ENV static credentials.
+    Please ensure that your environment only sets either the AWS_PROFILE or the
+    AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY pair.
+`);
+                multipleCredentialSourceWarningEmitted = true;
+            }
+        }
+        throw new CredentialsProviderError("AWS_PROFILE is set, skipping fromEnv provider.", {
+            logger: init.logger,
+            tryNextLink: true,
+        });
+    }
+    init.logger?.debug("@aws-sdk/credential-provider-node - defaultProvider::fromEnv");
+    return fromEnv(init)();
+}, async () => {
     init.logger?.debug("@aws-sdk/credential-provider-node - defaultProvider::fromSSO");
     const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;
     if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) {

package/node_modules/@aws-sdk/credential-provider-node/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-node",
-  "version": "3.614.0",
+  "version": "3.622.0",
   "description": "AWS credential provider that sources credentials from a Node.JS environment. ",
   "engines": {
     "node": ">=16.0.0"
@@ -28,14 +28,14 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@aws-sdk/credential-provider-env": "3.609.0",
-    "@aws-sdk/credential-provider-http": "3.614.0",
-    "@aws-sdk/credential-provider-ini": "3.614.0",
-    "@aws-sdk/credential-provider-process": "3.614.0",
-    "@aws-sdk/credential-provider-sso": "3.614.0",
-    "@aws-sdk/credential-provider-web-identity": "3.609.0",
+    "@aws-sdk/credential-provider-env": "3.620.1",
+    "@aws-sdk/credential-provider-http": "3.622.0",
+    "@aws-sdk/credential-provider-ini": "3.622.0",
+    "@aws-sdk/credential-provider-process": "3.620.1",
+    "@aws-sdk/credential-provider-sso": "3.622.0",
+    "@aws-sdk/credential-provider-web-identity": "3.621.0",
     "@aws-sdk/types": "3.609.0",
-    "@smithy/credential-provider-imds": "^3.1.4",
+    "@smithy/credential-provider-imds": "^3.2.0",
     "@smithy/property-provider": "^3.1.3",
     "@smithy/shared-ini-file-loader": "^3.1.4",
     "@smithy/types": "^3.3.0",

package/node_modules/@aws-sdk/credential-provider-process/dist-cjs/index.js CHANGED Viewed

@@ -34,7 +34,8 @@ var import_child_process = require("child_process");
 var import_util = require("util");
 // src/getValidatedProcessCredentials.ts
-var getValidatedProcessCredentials = /* @__PURE__ */ __name((profileName, data) => {
+var getValidatedProcessCredentials = /* @__PURE__ */ __name((profileName, data, profiles) => {
+  var _a;
   if (data.Version !== 1) {
     throw Error(`Profile ${profileName} credential_process did not return Version 1.`);
   }
@@ -48,12 +49,17 @@ var getValidatedProcessCredentials = /* @__PURE__ */ __name((profileName, data)
       throw Error(`Profile ${profileName} credential_process returned expired credentials.`);
     }
   }
+  let accountId = data.AccountId;
+  if (!accountId && ((_a = profiles == null ? void 0 : profiles[profileName]) == null ? void 0 : _a.aws_account_id)) {
+    accountId = profiles[profileName].aws_account_id;
+  }
   return {
     accessKeyId: data.AccessKeyId,
     secretAccessKey: data.SecretAccessKey,
     ...data.SessionToken && { sessionToken: data.SessionToken },
     ...data.Expiration && { expiration: new Date(data.Expiration) },
-    ...data.CredentialScope && { credentialScope: data.CredentialScope }
+    ...data.CredentialScope && { credentialScope: data.CredentialScope },
+    ...accountId && { accountId }
   };
 }, "getValidatedProcessCredentials");
@@ -72,7 +78,7 @@ var resolveProcessCredentials = /* @__PURE__ */ __name(async (profileName, profi
         } catch {
           throw Error(`Profile ${profileName} credential_process returned invalid JSON.`);
         }
-        return getValidatedProcessCredentials(profileName, data);
+        return getValidatedProcessCredentials(profileName, data, profiles);
       } catch (error) {
         throw new import_property_provider.CredentialsProviderError(error.message, { logger });
       }

package/node_modules/@aws-sdk/credential-provider-process/dist-es/getValidatedProcessCredentials.js CHANGED Viewed

@@ -1,4 +1,4 @@
-export const getValidatedProcessCredentials = (profileName, data) => {
+export const getValidatedProcessCredentials = (profileName, data, profiles) => {
     if (data.Version !== 1) {
         throw Error(`Profile ${profileName} credential_process did not return Version 1.`);
     }
@@ -12,11 +12,16 @@ export const getValidatedProcessCredentials = (profileName, data) => {
             throw Error(`Profile ${profileName} credential_process returned expired credentials.`);
         }
     }
+    let accountId = data.AccountId;
+    if (!accountId && profiles?.[profileName]?.aws_account_id) {
+        accountId = profiles[profileName].aws_account_id;
+    }
     return {
         accessKeyId: data.AccessKeyId,
         secretAccessKey: data.SecretAccessKey,
         ...(data.SessionToken && { sessionToken: data.SessionToken }),
         ...(data.Expiration && { expiration: new Date(data.Expiration) }),
         ...(data.CredentialScope && { credentialScope: data.CredentialScope }),
+        ...(accountId && { accountId }),
     };
 };

package/node_modules/@aws-sdk/credential-provider-process/dist-es/resolveProcessCredentials.js CHANGED Viewed

@@ -17,7 +17,7 @@ export const resolveProcessCredentials = async (profileName, profiles, logger) =
                 catch {
                     throw Error(`Profile ${profileName} credential_process returned invalid JSON.`);
                 }
-                return getValidatedProcessCredentials(profileName, data);
+                return getValidatedProcessCredentials(profileName, data, profiles);
             }
             catch (error) {
                 throw new CredentialsProviderError(error.message, { logger });

package/node_modules/@aws-sdk/credential-provider-process/dist-types/ProcessCredentials.d.ts CHANGED Viewed

@@ -8,4 +8,5 @@ export type ProcessCredentials = {
     SessionToken?: string;
     Expiration?: number;
     CredentialScope?: string;
+    AccountId?: string;
 };

package/node_modules/@aws-sdk/credential-provider-process/dist-types/getValidatedProcessCredentials.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
-import { AwsCredentialIdentity } from "@smithy/types";
+import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types";
 import { ProcessCredentials } from "./ProcessCredentials";
 /**
  * @internal
  */
-export declare const getValidatedProcessCredentials: (profileName: string, data: ProcessCredentials) => AwsCredentialIdentity;
+export declare const getValidatedProcessCredentials: (profileName: string, data: ProcessCredentials, profiles: ParsedIniData) => AwsCredentialIdentity;

package/node_modules/@aws-sdk/credential-provider-process/dist-types/ts3.4/ProcessCredentials.d.ts CHANGED Viewed

@@ -5,4 +5,5 @@ export type ProcessCredentials = {
   SessionToken?: string;
   Expiration?: number;
   CredentialScope?: string;
+  AccountId?: string;
 };

package/node_modules/@aws-sdk/credential-provider-process/dist-types/ts3.4/getValidatedProcessCredentials.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
-import { AwsCredentialIdentity } from "@smithy/types";
+import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types";
 import { ProcessCredentials } from "./ProcessCredentials";
 export declare const getValidatedProcessCredentials: (
   profileName: string,
-  data: ProcessCredentials
+  data: ProcessCredentials,
+  profiles: ParsedIniData
 ) => AwsCredentialIdentity;

package/node_modules/@aws-sdk/credential-provider-process/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-process",
-  "version": "3.614.0",
+  "version": "3.620.1",
   "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",

package/node_modules/@aws-sdk/credential-provider-sso/dist-cjs/index.js CHANGED Viewed

@@ -120,14 +120,23 @@ var resolveSSOCredentials = /* @__PURE__ */ __name(async ({
       logger
     });
   }
-  const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope } = {} } = ssoResp;
+  const {
+    roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId } = {}
+  } = ssoResp;
   if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {
     throw new import_property_provider.CredentialsProviderError("SSO returns an invalid temporary credential.", {
       tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
       logger
     });
   }
-  return { accessKeyId, secretAccessKey, sessionToken, expiration: new Date(expiration), credentialScope };
+  return {
+    accessKeyId,
+    secretAccessKey,
+    sessionToken,
+    expiration: new Date(expiration),
+    ...credentialScope && { credentialScope },
+    ...accountId && { accountId }
+  };
 }, "resolveSSOCredentials");
 // src/validateSsoProfile.ts