@cdk8s/awscdk-resolver 0.0.232 → 0.0.234

package/node_modules/@aws-sdk/client-sts/dist-types/commands/GetCallerIdentityCommand.d.ts

@@ -1,128 +0,0 @@
-import { Command as $Command } from "@smithy/smithy-client";
-import { MetadataBearer as __MetadataBearer } from "@smithy/types";
-import { GetCallerIdentityRequest, GetCallerIdentityResponse } from "../models/models_0";
-import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
-/**
- * @public
- */
-export type { __MetadataBearer };
-export { $Command };
-/**
- * @public
- *
- * The input for {@link GetCallerIdentityCommand}.
- */
-export interface GetCallerIdentityCommandInput extends GetCallerIdentityRequest {
-}
-/**
- * @public
- *
- * The output of {@link GetCallerIdentityCommand}.
- */
-export interface GetCallerIdentityCommandOutput extends GetCallerIdentityResponse, __MetadataBearer {
-}
-declare const GetCallerIdentityCommand_base: {
-    new (input: GetCallerIdentityCommandInput): import("@smithy/smithy-client").CommandImpl<GetCallerIdentityCommandInput, GetCallerIdentityCommandOutput, STSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
-    new (...[input]: [] | [GetCallerIdentityCommandInput]): import("@smithy/smithy-client").CommandImpl<GetCallerIdentityCommandInput, GetCallerIdentityCommandOutput, STSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
-    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
-};
-/**
- * <p>Returns details about the IAM user or role whose credentials are used to
- *          call the operation.</p>
- *          <note>
- *             <p>No permissions are required to perform this operation. If an administrator attaches a
- *             policy to your identity that explicitly denies access to the
- *                <code>sts:GetCallerIdentity</code> action, you can still perform this operation.
- *             Permissions are not required because the same information is returned when access is
- *             denied. To view an example response, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa">I Am Not Authorized to Perform: iam:DeleteVirtualMFADevice</a> in the
- *                <i>IAM User Guide</i>.</p>
- *          </note>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { STSClient, GetCallerIdentityCommand } from "@aws-sdk/client-sts"; // ES Modules import
- * // const { STSClient, GetCallerIdentityCommand } = require("@aws-sdk/client-sts"); // CommonJS import
- * const client = new STSClient(config);
- * const input = {};
- * const command = new GetCallerIdentityCommand(input);
- * const response = await client.send(command);
- * // { // GetCallerIdentityResponse
- * //   UserId: "STRING_VALUE",
- * //   Account: "STRING_VALUE",
- * //   Arn: "STRING_VALUE",
- * // };
- *
- * ```
- *
- * @param GetCallerIdentityCommandInput - {@link GetCallerIdentityCommandInput}
- * @returns {@link GetCallerIdentityCommandOutput}
- * @see {@link GetCallerIdentityCommandInput} for command's `input` shape.
- * @see {@link GetCallerIdentityCommandOutput} for command's `response` shape.
- * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
- *
- * @throws {@link STSServiceException}
- * <p>Base exception class for all service exceptions from STS service.</p>
- *
- * @public
- * @example To get details about a calling IAM user
- * ```javascript
- * // This example shows a request and response made with the credentials for a user named Alice in the AWS account 123456789012.
- * const input = {};
- * const command = new GetCallerIdentityCommand(input);
- * const response = await client.send(command);
- * /* response ==
- * {
- *   "Account": "123456789012",
- *   "Arn": "arn:aws:iam::123456789012:user/Alice",
- *   "UserId": "AKIAI44QH8DHBEXAMPLE"
- * }
- * *\/
- * // example id: to-get-details-about-a-calling-iam-user-1480540050376
- * ```
- *
- * @example To get details about a calling user federated with AssumeRole
- * ```javascript
- * // This example shows a request and response made with temporary credentials created by AssumeRole. The name of the assumed role is my-role-name, and the RoleSessionName is set to my-role-session-name.
- * const input = {};
- * const command = new GetCallerIdentityCommand(input);
- * const response = await client.send(command);
- * /* response ==
- * {
- *   "Account": "123456789012",
- *   "Arn": "arn:aws:sts::123456789012:assumed-role/my-role-name/my-role-session-name",
- *   "UserId": "AKIAI44QH8DHBEXAMPLE:my-role-session-name"
- * }
- * *\/
- * // example id: to-get-details-about-a-calling-user-federated-with-assumerole-1480540158545
- * ```
- *
- * @example To get details about a calling user federated with GetFederationToken
- * ```javascript
- * // This example shows a request and response made with temporary credentials created by using GetFederationToken. The Name parameter is set to my-federated-user-name.
- * const input = {};
- * const command = new GetCallerIdentityCommand(input);
- * const response = await client.send(command);
- * /* response ==
- * {
- *   "Account": "123456789012",
- *   "Arn": "arn:aws:sts::123456789012:federated-user/my-federated-user-name",
- *   "UserId": "123456789012:my-federated-user-name"
- * }
- * *\/
- * // example id: to-get-details-about-a-calling-user-federated-with-getfederationtoken-1480540231316
- * ```
- *
- */
-export declare class GetCallerIdentityCommand extends GetCallerIdentityCommand_base {
-    /** @internal type navigation helper, not in runtime. */
-    protected static __types: {
-        api: {
-            input: {};
-            output: GetCallerIdentityResponse;
-        };
-        sdk: {
-            input: GetCallerIdentityCommandInput;
-            output: GetCallerIdentityCommandOutput;
-        };
-    };
-}

package/node_modules/@aws-sdk/client-sts/dist-types/commands/GetFederationTokenCommand.d.ts

@@ -1,242 +0,0 @@
-import { Command as $Command } from "@smithy/smithy-client";
-import { MetadataBearer as __MetadataBearer } from "@smithy/types";
-import { GetFederationTokenRequest, GetFederationTokenResponse } from "../models/models_0";
-import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
-/**
- * @public
- */
-export type { __MetadataBearer };
-export { $Command };
-/**
- * @public
- *
- * The input for {@link GetFederationTokenCommand}.
- */
-export interface GetFederationTokenCommandInput extends GetFederationTokenRequest {
-}
-/**
- * @public
- *
- * The output of {@link GetFederationTokenCommand}.
- */
-export interface GetFederationTokenCommandOutput extends GetFederationTokenResponse, __MetadataBearer {
-}
-declare const GetFederationTokenCommand_base: {
-    new (input: GetFederationTokenCommandInput): import("@smithy/smithy-client").CommandImpl<GetFederationTokenCommandInput, GetFederationTokenCommandOutput, STSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
-    new (__0_0: GetFederationTokenCommandInput): import("@smithy/smithy-client").CommandImpl<GetFederationTokenCommandInput, GetFederationTokenCommandOutput, STSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
-    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
-};
-/**
- * <p>Returns a set of temporary security credentials (consisting of an access key ID, a
- *          secret access key, and a security token) for a user. A typical use is in a proxy
- *          application that gets temporary security credentials on behalf of distributed applications
- *          inside a corporate network.</p>
- *          <p>You must call the <code>GetFederationToken</code> operation using the long-term security
- *          credentials of an IAM user. As a result, this call is appropriate in
- *          contexts where those credentials can be safeguarded, usually in a server-based application.
- *          For a comparison of <code>GetFederationToken</code> with the other API operations that
- *          produce temporary credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting Temporary Security
- *             Credentials</a> and <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html">Compare STS
- *             credentials</a> in the <i>IAM User Guide</i>.</p>
- *          <p>Although it is possible to call <code>GetFederationToken</code> using the security
- *          credentials of an Amazon Web Services account root user rather than an IAM user that you
- *          create for the purpose of a proxy application, we do not recommend it. For more
- *          information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials">Safeguard your root user credentials and don't use them for everyday tasks</a> in the
- *             <i>IAM User Guide</i>. </p>
- *          <note>
- *             <p>You can create a mobile-based or browser-based app that can authenticate users using
- *             a web identity provider like Login with Amazon, Facebook, Google, or an OpenID
- *             Connect-compatible identity provider. In this case, we recommend that you use <a href="http://aws.amazon.com/cognito/">Amazon Cognito</a> or
- *                <code>AssumeRoleWithWebIdentity</code>. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity">Federation Through a Web-based Identity Provider</a> in the
- *                <i>IAM User Guide</i>.</p>
- *          </note>
- *          <p>
- *             <b>Session duration</b>
- *          </p>
- *          <p>The temporary credentials are valid for the specified duration, from 900 seconds (15
- *          minutes) up to a maximum of 129,600 seconds (36 hours). The default session duration is
- *          43,200 seconds (12 hours). Temporary credentials obtained by using the root user
- *          credentials have a maximum duration of 3,600 seconds (1 hour).</p>
- *          <p>
- *             <b>Permissions</b>
- *          </p>
- *          <p>You can use the temporary credentials created by <code>GetFederationToken</code> in any
- *          Amazon Web Services service with the following exceptions:</p>
- *          <ul>
- *             <li>
- *                <p>You cannot call any IAM operations using the CLI or the Amazon Web Services API. This
- *                limitation does not apply to console sessions.</p>
- *             </li>
- *             <li>
- *                <p>You cannot call any STS operations except <code>GetCallerIdentity</code>.</p>
- *             </li>
- *          </ul>
- *          <p>You can use temporary credentials for single sign-on (SSO) to the console.</p>
- *          <p>You must pass an inline or managed <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session policy</a> to
- *          this operation. You can pass a single JSON policy document to use as an inline session
- *          policy. You can also specify up to 10 managed policy Amazon Resource Names (ARNs) to use as
- *          managed session policies. The plaintext that you use for both inline and managed session
- *          policies can't exceed 2,048 characters.</p>
- *          <p>Though the session policy parameters are optional, if you do not pass a policy, then the
- *          resulting federated user session has no permissions. When you pass session policies, the
- *          session permissions are the intersection of the IAM user policies and the
- *          session policies that you pass. This gives you a way to further restrict the permissions
- *          for a federated user. You cannot use session policies to grant more permissions than those
- *          that are defined in the permissions policy of the IAM user. For more
- *          information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session Policies</a> in
- *          the <i>IAM User Guide</i>. For information about using
- *             <code>GetFederationToken</code> to create temporary security credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken">GetFederationToken—Federation Through a Custom Identity Broker</a>. </p>
- *          <p>You can use the credentials to access a resource that has a resource-based policy. If
- *          that policy specifically references the federated user session in the
- *             <code>Principal</code> element of the policy, the session has the permissions allowed by
- *          the policy. These permissions are granted in addition to the permissions granted by the
- *          session policies.</p>
- *          <p>
- *             <b>Tags</b>
- *          </p>
- *          <p>(Optional) You can pass tag key-value pairs to your session. These are called session
- *          tags. For more information about session tags, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in the
- *             <i>IAM User Guide</i>.</p>
- *          <note>
- *             <p>You can create a mobile-based or browser-based app that can authenticate users using
- *             a web identity provider like Login with Amazon, Facebook, Google, or an OpenID
- *             Connect-compatible identity provider. In this case, we recommend that you use <a href="http://aws.amazon.com/cognito/">Amazon Cognito</a> or
- *                <code>AssumeRoleWithWebIdentity</code>. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity">Federation Through a Web-based Identity Provider</a> in the
- *                <i>IAM User Guide</i>.</p>
- *          </note>
- *          <p>An administrator must grant you the permissions necessary to pass session tags. The
- *          administrator can also create granular permissions to allow you to pass only specific
- *          session tags. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html">Tutorial: Using Tags
- *             for Attribute-Based Access Control</a> in the
- *          <i>IAM User Guide</i>.</p>
- *          <p>Tag key–value pairs are not case sensitive, but case is preserved. This means that you
- *          cannot have separate <code>Department</code> and <code>department</code> tag keys. Assume
- *          that the user that you are federating has the
- *             <code>Department</code>=<code>Marketing</code> tag and you pass the
- *             <code>department</code>=<code>engineering</code> session tag. <code>Department</code>
- *          and <code>department</code> are not saved as separate tags, and the session tag passed in
- *          the request takes precedence over the user tag.</p>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { STSClient, GetFederationTokenCommand } from "@aws-sdk/client-sts"; // ES Modules import
- * // const { STSClient, GetFederationTokenCommand } = require("@aws-sdk/client-sts"); // CommonJS import
- * const client = new STSClient(config);
- * const input = { // GetFederationTokenRequest
- *   Name: "STRING_VALUE", // required
- *   Policy: "STRING_VALUE",
- *   PolicyArns: [ // policyDescriptorListType
- *     { // PolicyDescriptorType
- *       arn: "STRING_VALUE",
- *     },
- *   ],
- *   DurationSeconds: Number("int"),
- *   Tags: [ // tagListType
- *     { // Tag
- *       Key: "STRING_VALUE", // required
- *       Value: "STRING_VALUE", // required
- *     },
- *   ],
- * };
- * const command = new GetFederationTokenCommand(input);
- * const response = await client.send(command);
- * // { // GetFederationTokenResponse
- * //   Credentials: { // Credentials
- * //     AccessKeyId: "STRING_VALUE", // required
- * //     SecretAccessKey: "STRING_VALUE", // required
- * //     SessionToken: "STRING_VALUE", // required
- * //     Expiration: new Date("TIMESTAMP"), // required
- * //   },
- * //   FederatedUser: { // FederatedUser
- * //     FederatedUserId: "STRING_VALUE", // required
- * //     Arn: "STRING_VALUE", // required
- * //   },
- * //   PackedPolicySize: Number("int"),
- * // };
- *
- * ```
- *
- * @param GetFederationTokenCommandInput - {@link GetFederationTokenCommandInput}
- * @returns {@link GetFederationTokenCommandOutput}
- * @see {@link GetFederationTokenCommandInput} for command's `input` shape.
- * @see {@link GetFederationTokenCommandOutput} for command's `response` shape.
- * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
- *
- * @throws {@link MalformedPolicyDocumentException} (client fault)
- *  <p>The request was rejected because the policy document was malformed. The error message
- *             describes the specific error.</p>
- *
- * @throws {@link PackedPolicyTooLargeException} (client fault)
- *  <p>The request was rejected because the total packed size of the session policies and
- *             session tags combined was too large. An Amazon Web Services conversion compresses the session policy
- *             document, session policy ARNs, and session tags into a packed binary format that has a
- *             separate limit. The error message indicates by percentage how close the policies and
- *             tags are to the upper size limit. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in
- *             the <i>IAM User Guide</i>.</p>
- *          <p>You could receive this error even though you meet other defined session policy and
- *             session tag limits. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length">IAM and STS Entity Character Limits</a> in the <i>IAM User
- *                 Guide</i>.</p>
- *
- * @throws {@link RegionDisabledException} (client fault)
- *  <p>STS is not activated in the requested region for the account that is being asked to
- *             generate credentials. The account administrator must use the IAM console to activate
- *             STS in that region. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html">Activating and
- *                 Deactivating STS in an Amazon Web Services Region</a> in the <i>IAM User
- *                 Guide</i>.</p>
- *
- * @throws {@link STSServiceException}
- * <p>Base exception class for all service exceptions from STS service.</p>
- *
- * @public
- * @example To get temporary credentials for a role by using GetFederationToken
- * ```javascript
- * //
- * const input = {
- *   "DurationSeconds": 3600,
- *   "Name": "testFedUserSession",
- *   "Policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Stmt1\",\"Effect\":\"Allow\",\"Action\":\"s3:ListAllMyBuckets\",\"Resource\":\"*\"}]}",
- *   "Tags": [
- *     {
- *       "Key": "Project",
- *       "Value": "Pegasus"
- *     },
- *     {
- *       "Key": "Cost-Center",
- *       "Value": "98765"
- *     }
- *   ]
- * };
- * const command = new GetFederationTokenCommand(input);
- * const response = await client.send(command);
- * /* response ==
- * {
- *   "Credentials": {
- *     "AccessKeyId": "AKIAIOSFODNN7EXAMPLE",
- *     "Expiration": "2011-07-15T23:28:33.359Z",
- *     "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY",
- *     "SessionToken": "AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQWLWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGdQrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz+scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA=="
- *   },
- *   "FederatedUser": {
- *     "Arn": "arn:aws:sts::123456789012:federated-user/Bob",
- *     "FederatedUserId": "123456789012:Bob"
- *   },
- *   "PackedPolicySize": 8
- * }
- * *\/
- * // example id: to-get-temporary-credentials-for-a-role-by-using-getfederationtoken-1480540749900
- * ```
- *
- */
-export declare class GetFederationTokenCommand extends GetFederationTokenCommand_base {
-    /** @internal type navigation helper, not in runtime. */
-    protected static __types: {
-        api: {
-            input: GetFederationTokenRequest;
-            output: GetFederationTokenResponse;
-        };
-        sdk: {
-            input: GetFederationTokenCommandInput;
-            output: GetFederationTokenCommandOutput;
-        };
-    };
-}

package/node_modules/@aws-sdk/client-sts/dist-types/commands/GetSessionTokenCommand.d.ts

@@ -1,166 +0,0 @@
-import { Command as $Command } from "@smithy/smithy-client";
-import { MetadataBearer as __MetadataBearer } from "@smithy/types";
-import { GetSessionTokenRequest, GetSessionTokenResponse } from "../models/models_0";
-import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient";
-/**
- * @public
- */
-export type { __MetadataBearer };
-export { $Command };
-/**
- * @public
- *
- * The input for {@link GetSessionTokenCommand}.
- */
-export interface GetSessionTokenCommandInput extends GetSessionTokenRequest {
-}
-/**
- * @public
- *
- * The output of {@link GetSessionTokenCommand}.
- */
-export interface GetSessionTokenCommandOutput extends GetSessionTokenResponse, __MetadataBearer {
-}
-declare const GetSessionTokenCommand_base: {
-    new (input: GetSessionTokenCommandInput): import("@smithy/smithy-client").CommandImpl<GetSessionTokenCommandInput, GetSessionTokenCommandOutput, STSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
-    new (...[input]: [] | [GetSessionTokenCommandInput]): import("@smithy/smithy-client").CommandImpl<GetSessionTokenCommandInput, GetSessionTokenCommandOutput, STSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
-    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
-};
-/**
- * <p>Returns a set of temporary credentials for an Amazon Web Services account or IAM user.
- *          The credentials consist of an access key ID, a secret access key, and a security token.
- *          Typically, you use <code>GetSessionToken</code> if you want to use MFA to protect
- *          programmatic calls to specific Amazon Web Services API operations like Amazon EC2
- *          <code>StopInstances</code>.</p>
- *          <p>MFA-enabled IAM users must call <code>GetSessionToken</code> and submit
- *          an MFA code that is associated with their MFA device. Using the temporary security
- *          credentials that the call returns, IAM users can then make programmatic
- *          calls to API operations that require MFA authentication. An incorrect MFA code causes the
- *          API to return an access denied error. For a comparison of <code>GetSessionToken</code> with
- *          the other API operations that produce temporary credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting
- *             Temporary Security Credentials</a> and <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html">Compare STS
- *             credentials</a> in the <i>IAM User Guide</i>.</p>
- *          <note>
- *             <p>No permissions are required for users to perform this operation. The purpose of the
- *                <code>sts:GetSessionToken</code> operation is to authenticate the user using MFA. You
- *             cannot use policies to control authentication operations. For more information, see
- *                <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getsessiontoken.html">Permissions for GetSessionToken</a> in the
- *             <i>IAM User Guide</i>.</p>
- *          </note>
- *          <p>
- *             <b>Session Duration</b>
- *          </p>
- *          <p>The <code>GetSessionToken</code> operation must be called by using the long-term Amazon Web Services
- *          security credentials of an IAM user. Credentials that are created by IAM users are valid for the duration that you specify. This duration can range
- *          from 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours), with a default
- *          of 43,200 seconds (12 hours). Credentials based on account credentials can range from 900
- *          seconds (15 minutes) up to 3,600 seconds (1 hour), with a default of 1 hour. </p>
- *          <p>
- *             <b>Permissions</b>
- *          </p>
- *          <p>The temporary security credentials created by <code>GetSessionToken</code> can be used
- *          to make API calls to any Amazon Web Services service with the following exceptions:</p>
- *          <ul>
- *             <li>
- *                <p>You cannot call any IAM API operations unless MFA authentication information is
- *                included in the request.</p>
- *             </li>
- *             <li>
- *                <p>You cannot call any STS API <i>except</i>
- *                   <code>AssumeRole</code> or <code>GetCallerIdentity</code>.</p>
- *             </li>
- *          </ul>
- *          <p>The credentials that <code>GetSessionToken</code> returns are based on permissions
- *          associated with the IAM user whose credentials were used to call the
- *          operation. The temporary credentials have the same permissions as the IAM user.</p>
- *          <note>
- *             <p>Although it is possible to call <code>GetSessionToken</code> using the security
- *             credentials of an Amazon Web Services account root user rather than an IAM user, we do
- *             not recommend it. If <code>GetSessionToken</code> is called using root user
- *             credentials, the temporary credentials have root user permissions. For more
- *             information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials">Safeguard your root user credentials and don't use them for everyday tasks</a> in the
- *                <i>IAM User Guide</i>
- *             </p>
- *          </note>
- *          <p>For more information about using <code>GetSessionToken</code> to create temporary
- *          credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken">Temporary
- *             Credentials for Users in Untrusted Environments</a> in the
- *             <i>IAM User Guide</i>. </p>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { STSClient, GetSessionTokenCommand } from "@aws-sdk/client-sts"; // ES Modules import
- * // const { STSClient, GetSessionTokenCommand } = require("@aws-sdk/client-sts"); // CommonJS import
- * const client = new STSClient(config);
- * const input = { // GetSessionTokenRequest
- *   DurationSeconds: Number("int"),
- *   SerialNumber: "STRING_VALUE",
- *   TokenCode: "STRING_VALUE",
- * };
- * const command = new GetSessionTokenCommand(input);
- * const response = await client.send(command);
- * // { // GetSessionTokenResponse
- * //   Credentials: { // Credentials
- * //     AccessKeyId: "STRING_VALUE", // required
- * //     SecretAccessKey: "STRING_VALUE", // required
- * //     SessionToken: "STRING_VALUE", // required
- * //     Expiration: new Date("TIMESTAMP"), // required
- * //   },
- * // };
- *
- * ```
- *
- * @param GetSessionTokenCommandInput - {@link GetSessionTokenCommandInput}
- * @returns {@link GetSessionTokenCommandOutput}
- * @see {@link GetSessionTokenCommandInput} for command's `input` shape.
- * @see {@link GetSessionTokenCommandOutput} for command's `response` shape.
- * @see {@link STSClientResolvedConfig | config} for STSClient's `config` shape.
- *
- * @throws {@link RegionDisabledException} (client fault)
- *  <p>STS is not activated in the requested region for the account that is being asked to
- *             generate credentials. The account administrator must use the IAM console to activate
- *             STS in that region. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html">Activating and
- *                 Deactivating STS in an Amazon Web Services Region</a> in the <i>IAM User
- *                 Guide</i>.</p>
- *
- * @throws {@link STSServiceException}
- * <p>Base exception class for all service exceptions from STS service.</p>
- *
- * @public
- * @example To get temporary credentials for an IAM user or an AWS account
- * ```javascript
- * //
- * const input = {
- *   "DurationSeconds": 3600,
- *   "SerialNumber": "YourMFASerialNumber",
- *   "TokenCode": "123456"
- * };
- * const command = new GetSessionTokenCommand(input);
- * const response = await client.send(command);
- * /* response ==
- * {
- *   "Credentials": {
- *     "AccessKeyId": "AKIAIOSFODNN7EXAMPLE",
- *     "Expiration": "2011-07-11T19:55:29.611Z",
- *     "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY",
- *     "SessionToken": "AQoEXAMPLEH4aoAH0gNCAPyJxz4BlCFFxWNE1OPTgk5TthT+FvwqnKwRcOIfrRh3c/LTo6UDdyJwOOvEVPvLXCrrrUtdnniCEXAMPLE/IvU1dYUg2RVAJBanLiHb4IgRmpRV3zrkuWJOgQs8IZZaIv2BXIa2R4OlgkBN9bkUDNCJiBeb/AXlzBBko7b15fjrBs2+cTQtpZ3CYWFXG8C5zqx37wnOE49mRl/+OtkIKGO7fAE"
- *   }
- * }
- * *\/
- * // example id: to-get-temporary-credentials-for-an-iam-user-or-an-aws-account-1480540814038
- * ```
- *
- */
-export declare class GetSessionTokenCommand extends GetSessionTokenCommand_base {
-    /** @internal type navigation helper, not in runtime. */
-    protected static __types: {
-        api: {
-            input: GetSessionTokenRequest;
-            output: GetSessionTokenResponse;
-        };
-        sdk: {
-            input: GetSessionTokenCommandInput;
-            output: GetSessionTokenCommandOutput;
-        };
-    };
-}

package/node_modules/@aws-sdk/client-sts/dist-types/commands/index.d.ts

@@ -1,9 +0,0 @@
-export * from "./AssumeRoleCommand";
-export * from "./AssumeRoleWithSAMLCommand";
-export * from "./AssumeRoleWithWebIdentityCommand";
-export * from "./AssumeRootCommand";
-export * from "./DecodeAuthorizationMessageCommand";
-export * from "./GetAccessKeyInfoCommand";
-export * from "./GetCallerIdentityCommand";
-export * from "./GetFederationTokenCommand";
-export * from "./GetSessionTokenCommand";

package/node_modules/@aws-sdk/client-sts/dist-types/protocols/Aws_query.d.ts

@@ -1,83 +0,0 @@
-import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@smithy/protocol-http";
-import { SerdeContext as __SerdeContext } from "@smithy/types";
-import { AssumeRoleCommandInput, AssumeRoleCommandOutput } from "../commands/AssumeRoleCommand";
-import { AssumeRoleWithSAMLCommandInput, AssumeRoleWithSAMLCommandOutput } from "../commands/AssumeRoleWithSAMLCommand";
-import { AssumeRoleWithWebIdentityCommandInput, AssumeRoleWithWebIdentityCommandOutput } from "../commands/AssumeRoleWithWebIdentityCommand";
-import { AssumeRootCommandInput, AssumeRootCommandOutput } from "../commands/AssumeRootCommand";
-import { DecodeAuthorizationMessageCommandInput, DecodeAuthorizationMessageCommandOutput } from "../commands/DecodeAuthorizationMessageCommand";
-import { GetAccessKeyInfoCommandInput, GetAccessKeyInfoCommandOutput } from "../commands/GetAccessKeyInfoCommand";
-import { GetCallerIdentityCommandInput, GetCallerIdentityCommandOutput } from "../commands/GetCallerIdentityCommand";
-import { GetFederationTokenCommandInput, GetFederationTokenCommandOutput } from "../commands/GetFederationTokenCommand";
-import { GetSessionTokenCommandInput, GetSessionTokenCommandOutput } from "../commands/GetSessionTokenCommand";
-/**
- * serializeAws_queryAssumeRoleCommand
- */
-export declare const se_AssumeRoleCommand: (input: AssumeRoleCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
-/**
- * serializeAws_queryAssumeRoleWithSAMLCommand
- */
-export declare const se_AssumeRoleWithSAMLCommand: (input: AssumeRoleWithSAMLCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
-/**
- * serializeAws_queryAssumeRoleWithWebIdentityCommand
- */
-export declare const se_AssumeRoleWithWebIdentityCommand: (input: AssumeRoleWithWebIdentityCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
-/**
- * serializeAws_queryAssumeRootCommand
- */
-export declare const se_AssumeRootCommand: (input: AssumeRootCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
-/**
- * serializeAws_queryDecodeAuthorizationMessageCommand
- */
-export declare const se_DecodeAuthorizationMessageCommand: (input: DecodeAuthorizationMessageCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
-/**
- * serializeAws_queryGetAccessKeyInfoCommand
- */
-export declare const se_GetAccessKeyInfoCommand: (input: GetAccessKeyInfoCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
-/**
- * serializeAws_queryGetCallerIdentityCommand
- */
-export declare const se_GetCallerIdentityCommand: (input: GetCallerIdentityCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
-/**
- * serializeAws_queryGetFederationTokenCommand
- */
-export declare const se_GetFederationTokenCommand: (input: GetFederationTokenCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
-/**
- * serializeAws_queryGetSessionTokenCommand
- */
-export declare const se_GetSessionTokenCommand: (input: GetSessionTokenCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
-/**
- * deserializeAws_queryAssumeRoleCommand
- */
-export declare const de_AssumeRoleCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<AssumeRoleCommandOutput>;
-/**
- * deserializeAws_queryAssumeRoleWithSAMLCommand
- */
-export declare const de_AssumeRoleWithSAMLCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<AssumeRoleWithSAMLCommandOutput>;
-/**
- * deserializeAws_queryAssumeRoleWithWebIdentityCommand
- */
-export declare const de_AssumeRoleWithWebIdentityCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<AssumeRoleWithWebIdentityCommandOutput>;
-/**
- * deserializeAws_queryAssumeRootCommand
- */
-export declare const de_AssumeRootCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<AssumeRootCommandOutput>;
-/**
- * deserializeAws_queryDecodeAuthorizationMessageCommand
- */
-export declare const de_DecodeAuthorizationMessageCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DecodeAuthorizationMessageCommandOutput>;
-/**
- * deserializeAws_queryGetAccessKeyInfoCommand
- */
-export declare const de_GetAccessKeyInfoCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<GetAccessKeyInfoCommandOutput>;
-/**
- * deserializeAws_queryGetCallerIdentityCommand
- */
-export declare const de_GetCallerIdentityCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<GetCallerIdentityCommandOutput>;
-/**
- * deserializeAws_queryGetFederationTokenCommand
- */
-export declare const de_GetFederationTokenCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<GetFederationTokenCommandOutput>;
-/**
- * deserializeAws_queryGetSessionTokenCommand
- */
-export declare const de_GetSessionTokenCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<GetSessionTokenCommandOutput>;