npm - @cdk8s/awscdk-resolver - Versions diffs - 0.0.53 → 0.0.55 - Mend

@cdk8s/awscdk-resolver 0.0.53 → 0.0.55

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (237) hide show

package/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveStaticCredentials.js CHANGED Viewed

@@ -3,9 +3,12 @@ export const isStaticCredsProfile = (arg) => Boolean(arg) &&
     typeof arg.aws_access_key_id === "string" &&
     typeof arg.aws_secret_access_key === "string" &&
     ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1;
-export const resolveStaticCredentials = (profile) => Promise.resolve({
-    accessKeyId: profile.aws_access_key_id,
-    secretAccessKey: profile.aws_secret_access_key,
-    sessionToken: profile.aws_session_token,
-    credentialScope: profile.aws_credential_scope,
-});
+export const resolveStaticCredentials = (profile, options) => {
+    options?.logger?.debug("@aws-sdk/credential-provider-ini", "resolveStaticCredentials");
+    return Promise.resolve({
+        accessKeyId: profile.aws_access_key_id,
+        secretAccessKey: profile.aws_secret_access_key,
+        sessionToken: profile.aws_session_token,
+        credentialScope: profile.aws_credential_scope,
+    });
+};

package/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveWebIdentityCredentials.js CHANGED Viewed

@@ -1,12 +1,11 @@
-import { fromTokenFile } from "@aws-sdk/credential-provider-web-identity";
 export const isWebIdentityProfile = (arg) => Boolean(arg) &&
     typeof arg === "object" &&
     typeof arg.web_identity_token_file === "string" &&
     typeof arg.role_arn === "string" &&
     ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1;
-export const resolveWebIdentityCredentials = async (profile, options) => fromTokenFile({
+export const resolveWebIdentityCredentials = async (profile, options) => import("@aws-sdk/credential-provider-web-identity").then(({ fromTokenFile }) => fromTokenFile({
     webIdentityTokenFile: profile.web_identity_token_file,
     roleArn: profile.role_arn,
     roleSessionName: profile.role_session_name,
     roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,
-})();
+})());

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/fromIni.d.ts CHANGED Viewed

@@ -1,11 +1,13 @@
-import { AssumeRoleWithWebIdentityParams } from "@aws-sdk/credential-provider-web-identity";
+import type { AssumeRoleWithWebIdentityParams } from "@aws-sdk/credential-provider-web-identity";
+import type { CredentialProviderOptions } from "@aws-sdk/types";
 import { SourceProfileInit } from "@smithy/shared-ini-file-loader";
-import { AwsCredentialIdentity, AwsCredentialIdentityProvider } from "@smithy/types";
+import type { AwsCredentialIdentity, AwsCredentialIdentityProvider, Pluggable } from "@smithy/types";
+import type { STSClientConfig } from "./loadSts";
 import { AssumeRoleParams } from "./resolveAssumeRoleCredentials";
 /**
- * @internal
+ * @public
  */
-export interface FromIniInit extends SourceProfileInit {
+export interface FromIniInit extends SourceProfileInit, CredentialProviderOptions {
     /**
      * A function that returns a promise fulfilled with an MFA token code for
      * the provided MFA Serial code. If a profile requires an MFA code and
@@ -31,6 +33,8 @@ export interface FromIniInit extends SourceProfileInit {
      * @param params
      */
     roleAssumerWithWebIdentity?: (params: AssumeRoleWithWebIdentityParams) => Promise<AwsCredentialIdentity>;
+    clientConfig?: STSClientConfig;
+    clientPlugins?: Pluggable<any, any>[];
 }
 /**
  * @internal

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/loadSts.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { getDefaultRoleAssumer } from "@aws-sdk/client-sts";
+export { getDefaultRoleAssumer };
+export type { STSClientConfig } from "@aws-sdk/client-sts";

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/resolveAssumeRoleCredentials.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { ParsedIniData } from "@smithy/types";
+import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types";
 import { FromIniInit } from "./fromIni";
 /**
  * @internal
@@ -41,4 +41,4 @@ export declare const isAssumeRoleProfile: (arg: any) => boolean;
 /**
  * @internal
  */
-export declare const resolveAssumeRoleCredentials: (profileName: string, profiles: ParsedIniData, options: FromIniInit, visitedProfiles?: Record<string, true>) => Promise<import("@smithy/types").AwsCredentialIdentity>;
+export declare const resolveAssumeRoleCredentials: (profileName: string, profiles: ParsedIniData, options: FromIniInit, visitedProfiles?: Record<string, true>) => Promise<AwsCredentialIdentity>;

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/resolveCredentialSource.d.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+import type { CredentialProviderOptions } from "@aws-sdk/types";
 import { AwsCredentialIdentityProvider } from "@smithy/types";
 /**
  * @internal
@@ -8,4 +9,4 @@ import { AwsCredentialIdentityProvider } from "@smithy/types";
  * fromIni() provider. The source credential needs to be refreshed every time
  * fromIni() is called.
  */
-export declare const resolveCredentialSource: (credentialSource: string, profileName: string) => AwsCredentialIdentityProvider;
+export declare const resolveCredentialSource: (credentialSource: string, profileName: string) => (options?: CredentialProviderOptions) => Promise<AwsCredentialIdentityProvider>;

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/resolveProcessCredentials.d.ts CHANGED Viewed

@@ -1,5 +1,4 @@
-import { Credentials } from "@aws-sdk/types";
-import { Profile } from "@smithy/types";
+import { Credentials, Profile } from "@aws-sdk/types";
 import { FromIniInit } from "./fromIni";
 /**
  * @internal

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/resolveProfileData.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types";
+import type { AwsCredentialIdentity, ParsedIniData } from "@smithy/types";
 import { FromIniInit } from "./fromIni";
 /**
  * @internal

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/resolveSsoCredentials.d.ts CHANGED Viewed

@@ -1,9 +1,11 @@
-import { SsoProfile } from "@aws-sdk/credential-provider-sso";
+import type { SsoProfile } from "@aws-sdk/credential-provider-sso";
+import type { Profile } from "@smithy/types";
 /**
  * @internal
  */
-export { isSsoProfile } from "@aws-sdk/credential-provider-sso";
+export declare const resolveSsoCredentials: (data: Partial<SsoProfile>) => Promise<import("@smithy/types").AwsCredentialIdentity>;
 /**
  * @internal
+ * duplicated from \@aws-sdk/credential-provider-sso to defer import.
  */
-export declare const resolveSsoCredentials: (data: Partial<SsoProfile>) => Promise<import("@smithy/types").AwsCredentialIdentity>;
+export declare const isSsoProfile: (arg: Profile) => arg is Partial<SsoProfile>;

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/resolveStaticCredentials.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 import { AwsCredentialIdentity, Profile } from "@smithy/types";
+import { FromIniInit } from "./fromIni";
 /**
  * @internal
  */
@@ -15,4 +16,4 @@ export declare const isStaticCredsProfile: (arg: any) => arg is StaticCredsProfi
 /**
  * @internal
  */
-export declare const resolveStaticCredentials: (profile: StaticCredsProfile) => Promise<AwsCredentialIdentity>;
+export declare const resolveStaticCredentials: (profile: StaticCredsProfile, options?: FromIniInit) => Promise<AwsCredentialIdentity>;

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/ts3.4/fromIni.d.ts CHANGED Viewed

@@ -1,11 +1,16 @@
 import { AssumeRoleWithWebIdentityParams } from "@aws-sdk/credential-provider-web-identity";
+import { CredentialProviderOptions } from "@aws-sdk/types";
 import { SourceProfileInit } from "@smithy/shared-ini-file-loader";
 import {
   AwsCredentialIdentity,
   AwsCredentialIdentityProvider,
+  Pluggable,
 } from "@smithy/types";
+import { STSClientConfig } from "./loadSts";
 import { AssumeRoleParams } from "./resolveAssumeRoleCredentials";
-export interface FromIniInit extends SourceProfileInit {
+export interface FromIniInit
+  extends SourceProfileInit,
+    CredentialProviderOptions {
   mfaCodeProvider?: (mfaSerial: string) => Promise<string>;
   roleAssumer?: (
     sourceCreds: AwsCredentialIdentity,
@@ -14,6 +19,8 @@ export interface FromIniInit extends SourceProfileInit {
   roleAssumerWithWebIdentity?: (
     params: AssumeRoleWithWebIdentityParams
   ) => Promise<AwsCredentialIdentity>;
+  clientConfig?: STSClientConfig;
+  clientPlugins?: Pluggable<any, any>[];
 }
 export declare const fromIni: (
   init?: FromIniInit

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/ts3.4/loadSts.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { getDefaultRoleAssumer } from "@aws-sdk/client-sts";
+export { getDefaultRoleAssumer };
+export { STSClientConfig } from "@aws-sdk/client-sts";

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/ts3.4/resolveAssumeRoleCredentials.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { ParsedIniData } from "@smithy/types";
+import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types";
 import { FromIniInit } from "./fromIni";
 export interface AssumeRoleParams {
   RoleArn: string;
@@ -14,4 +14,4 @@ export declare const resolveAssumeRoleCredentials: (
   profiles: ParsedIniData,
   options: FromIniInit,
   visitedProfiles?: Record<string, true>
-) => Promise<import("@smithy/types").AwsCredentialIdentity>;
+) => Promise<AwsCredentialIdentity>;

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/ts3.4/resolveCredentialSource.d.ts CHANGED Viewed

@@ -1,5 +1,8 @@
+import { CredentialProviderOptions } from "@aws-sdk/types";
 import { AwsCredentialIdentityProvider } from "@smithy/types";
 export declare const resolveCredentialSource: (
   credentialSource: string,
   profileName: string
-) => AwsCredentialIdentityProvider;
+) => (
+  options?: CredentialProviderOptions
+) => Promise<AwsCredentialIdentityProvider>;

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/ts3.4/resolveProcessCredentials.d.ts CHANGED Viewed

@@ -1,5 +1,4 @@
-import { Credentials } from "@aws-sdk/types";
-import { Profile } from "@smithy/types";
+import { Credentials, Profile } from "@aws-sdk/types";
 import { FromIniInit } from "./fromIni";
 export interface ProcessProfile extends Profile {
   credential_process: string;

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/ts3.4/resolveSsoCredentials.d.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import { SsoProfile } from "@aws-sdk/credential-provider-sso";
-export { isSsoProfile } from "@aws-sdk/credential-provider-sso";
+import { Profile } from "@smithy/types";
 export declare const resolveSsoCredentials: (
   data: Partial<SsoProfile>
 ) => Promise<import("@smithy/types").AwsCredentialIdentity>;
+export declare const isSsoProfile: (arg: Profile) => arg is Partial<SsoProfile>;

package/node_modules/@aws-sdk/credential-provider-ini/dist-types/ts3.4/resolveStaticCredentials.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 import { AwsCredentialIdentity, Profile } from "@smithy/types";
+import { FromIniInit } from "./fromIni";
 export interface StaticCredsProfile extends Profile {
   aws_access_key_id: string;
   aws_secret_access_key: string;
@@ -9,5 +10,6 @@ export declare const isStaticCredsProfile: (
   arg: any
 ) => arg is StaticCredsProfile;
 export declare const resolveStaticCredentials: (
-  profile: StaticCredsProfile
+  profile: StaticCredsProfile,
+  options?: FromIniInit
 ) => Promise<AwsCredentialIdentity>;

package/node_modules/@aws-sdk/credential-provider-ini/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-ini",
-  "version": "3.496.0",
+  "version": "3.502.0",
   "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",
@@ -24,11 +24,12 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@aws-sdk/credential-provider-env": "3.496.0",
-    "@aws-sdk/credential-provider-process": "3.496.0",
-    "@aws-sdk/credential-provider-sso": "3.496.0",
-    "@aws-sdk/credential-provider-web-identity": "3.496.0",
-    "@aws-sdk/types": "3.496.0",
+    "@aws-sdk/client-sts": "3.502.0",
+    "@aws-sdk/credential-provider-env": "3.502.0",
+    "@aws-sdk/credential-provider-process": "3.502.0",
+    "@aws-sdk/credential-provider-sso": "3.502.0",
+    "@aws-sdk/credential-provider-web-identity": "3.502.0",
+    "@aws-sdk/types": "3.502.0",
     "@smithy/credential-provider-imds": "^2.2.1",
     "@smithy/property-provider": "^2.1.1",
     "@smithy/shared-ini-file-loader": "^2.3.1",

package/node_modules/@aws-sdk/credential-provider-node/dist-cjs/index.js CHANGED Viewed

@@ -1,6 +1,8 @@
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
 var __export = (target, all) => {
@@ -15,59 +17,108 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 // src/index.ts
 var src_exports = {};
 __export(src_exports, {
+  credentialsTreatedAsExpired: () => credentialsTreatedAsExpired,
+  credentialsWillNeedRefresh: () => credentialsWillNeedRefresh,
   defaultProvider: () => defaultProvider
 });
 module.exports = __toCommonJS(src_exports);
 // src/defaultProvider.ts
-var import_credential_provider_env = require("@aws-sdk/credential-provider-env");
-var import_credential_provider_ini = require("@aws-sdk/credential-provider-ini");
-var import_credential_provider_process = require("@aws-sdk/credential-provider-process");
-var import_credential_provider_sso = require("@aws-sdk/credential-provider-sso");
-var import_credential_provider_web_identity = require("@aws-sdk/credential-provider-web-identity");
 var import_shared_ini_file_loader = require("@smithy/shared-ini-file-loader");
 // src/remoteProvider.ts
-var import_credential_provider_imds = require("@smithy/credential-provider-imds");
 var import_property_provider = require("@smithy/property-provider");
 var ENV_IMDS_DISABLED = "AWS_EC2_METADATA_DISABLED";
-var remoteProvider = /* @__PURE__ */ __name((init) => {
-  if (process.env[import_credential_provider_imds.ENV_CMDS_RELATIVE_URI] || process.env[import_credential_provider_imds.ENV_CMDS_FULL_URI]) {
-    return (0, import_credential_provider_imds.fromContainerMetadata)(init);
+var remoteProvider = /* @__PURE__ */ __name(async (init) => {
+  var _a, _b;
+  const { ENV_CMDS_FULL_URI, ENV_CMDS_RELATIVE_URI, fromContainerMetadata, fromInstanceMetadata } = await Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds")));
+  if (process.env[ENV_CMDS_RELATIVE_URI] || process.env[ENV_CMDS_FULL_URI]) {
+    (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node", "remoteProvider::fromContainerMetadata");
+    return fromContainerMetadata(init);
   }
   if (process.env[ENV_IMDS_DISABLED]) {
     return async () => {
       throw new import_property_provider.CredentialsProviderError("EC2 Instance Metadata Service access disabled");
     };
   }
-  return (0, import_credential_provider_imds.fromInstanceMetadata)(init);
+  (_b = init.logger) == null ? void 0 : _b.debug("@aws-sdk/credential-provider-node", "remoteProvider::fromInstanceMetadata");
+  return fromInstanceMetadata(init);
 }, "remoteProvider");
 // src/defaultProvider.ts
 var defaultProvider = /* @__PURE__ */ __name((init = {}) => (0, import_property_provider.memoize)(
   (0, import_property_provider.chain)(
-    ...init.profile || process.env[import_shared_ini_file_loader.ENV_PROFILE] ? [] : [(0, import_credential_provider_env.fromEnv)()],
-    (0, import_credential_provider_sso.fromSSO)(init),
-    (0, import_credential_provider_ini.fromIni)(init),
-    (0, import_credential_provider_process.fromProcess)(init),
-    (0, import_credential_provider_web_identity.fromTokenFile)(init),
-    remoteProvider(init),
+    ...init.profile || process.env[import_shared_ini_file_loader.ENV_PROFILE] ? [] : [
+      async () => {
+        var _a;
+        (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node", "defaultProvider::fromEnv");
+        const { fromEnv } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-env")));
+        return fromEnv(init)();
+      }
+    ],
+    async () => {
+      var _a;
+      (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node", "defaultProvider::fromSSO");
+      const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName } = init;
+      if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
+        throw new import_property_provider.CredentialsProviderError(
+          "Skipping SSO provider in default chain (inputs do not include SSO fields)."
+        );
+      }
+      const { fromSSO } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-sso")));
+      return fromSSO(init)();
+    },
+    async () => {
+      var _a;
+      (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node", "defaultProvider::fromIni");
+      const { fromIni } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-ini")));
+      return fromIni(init)();
+    },
+    async () => {
+      var _a;
+      (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node", "defaultProvider::fromProcess");
+      const { fromProcess } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-process")));
+      return fromProcess(init)();
+    },
+    async () => {
+      var _a;
+      (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node", "defaultProvider::fromTokenFile");
+      const { fromTokenFile } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-web-identity")));
+      return fromTokenFile(init)();
+    },
+    async () => {
+      var _a;
+      (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node", "defaultProvider::remoteProvider");
+      return (await remoteProvider(init))();
+    },
     async () => {
       throw new import_property_provider.CredentialsProviderError("Could not load credentials from any providers", false);
     }
   ),
-  (credentials) => credentials.expiration !== void 0 && credentials.expiration.getTime() - Date.now() < 3e5,
-  (credentials) => credentials.expiration !== void 0
+  credentialsTreatedAsExpired,
+  credentialsWillNeedRefresh
 ), "defaultProvider");
+var credentialsWillNeedRefresh = /* @__PURE__ */ __name((credentials) => (credentials == null ? void 0 : credentials.expiration) !== void 0, "credentialsWillNeedRefresh");
+var credentialsTreatedAsExpired = /* @__PURE__ */ __name((credentials) => (credentials == null ? void 0 : credentials.expiration) !== void 0 && credentials.expiration.getTime() - Date.now() < 3e5, "credentialsTreatedAsExpired");
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
-  defaultProvider
+  defaultProvider,
+  credentialsWillNeedRefresh,
+  credentialsTreatedAsExpired
 });

package/node_modules/@aws-sdk/credential-provider-node/dist-es/defaultProvider.js CHANGED Viewed

@@ -1,11 +1,39 @@
-import { fromEnv } from "@aws-sdk/credential-provider-env";
-import { fromIni } from "@aws-sdk/credential-provider-ini";
-import { fromProcess } from "@aws-sdk/credential-provider-process";
-import { fromSSO } from "@aws-sdk/credential-provider-sso";
-import { fromTokenFile } from "@aws-sdk/credential-provider-web-identity";
 import { chain, CredentialsProviderError, memoize } from "@smithy/property-provider";
 import { ENV_PROFILE } from "@smithy/shared-ini-file-loader";
 import { remoteProvider } from "./remoteProvider";
-export const defaultProvider = (init = {}) => memoize(chain(...(init.profile || process.env[ENV_PROFILE] ? [] : [fromEnv()]), fromSSO(init), fromIni(init), fromProcess(init), fromTokenFile(init), remoteProvider(init), async () => {
+export const defaultProvider = (init = {}) => memoize(chain(...(init.profile || process.env[ENV_PROFILE]
+    ? []
+    : [
+        async () => {
+            init.logger?.debug("@aws-sdk/credential-provider-node", "defaultProvider::fromEnv");
+            const { fromEnv } = await import("@aws-sdk/credential-provider-env");
+            return fromEnv(init)();
+        },
+    ]), async () => {
+    init.logger?.debug("@aws-sdk/credential-provider-node", "defaultProvider::fromSSO");
+    const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName } = init;
+    if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
+        throw new CredentialsProviderError("Skipping SSO provider in default chain (inputs do not include SSO fields).");
+    }
+    const { fromSSO } = await import("@aws-sdk/credential-provider-sso");
+    return fromSSO(init)();
+}, async () => {
+    init.logger?.debug("@aws-sdk/credential-provider-node", "defaultProvider::fromIni");
+    const { fromIni } = await import("@aws-sdk/credential-provider-ini");
+    return fromIni(init)();
+}, async () => {
+    init.logger?.debug("@aws-sdk/credential-provider-node", "defaultProvider::fromProcess");
+    const { fromProcess } = await import("@aws-sdk/credential-provider-process");
+    return fromProcess(init)();
+}, async () => {
+    init.logger?.debug("@aws-sdk/credential-provider-node", "defaultProvider::fromTokenFile");
+    const { fromTokenFile } = await import("@aws-sdk/credential-provider-web-identity");
+    return fromTokenFile(init)();
+}, async () => {
+    init.logger?.debug("@aws-sdk/credential-provider-node", "defaultProvider::remoteProvider");
+    return (await remoteProvider(init))();
+}, async () => {
     throw new CredentialsProviderError("Could not load credentials from any providers", false);
-}), (credentials) => credentials.expiration !== undefined && credentials.expiration.getTime() - Date.now() < 300000, (credentials) => credentials.expiration !== undefined);
+}), credentialsTreatedAsExpired, credentialsWillNeedRefresh);
+export const credentialsWillNeedRefresh = (credentials) => credentials?.expiration !== undefined;
+export const credentialsTreatedAsExpired = (credentials) => credentials?.expiration !== undefined && credentials.expiration.getTime() - Date.now() < 300000;

package/node_modules/@aws-sdk/credential-provider-node/dist-es/remoteProvider.js CHANGED Viewed

@@ -1,8 +1,9 @@
-import { ENV_CMDS_FULL_URI, ENV_CMDS_RELATIVE_URI, fromContainerMetadata, fromInstanceMetadata, } from "@smithy/credential-provider-imds";
 import { CredentialsProviderError } from "@smithy/property-provider";
 export const ENV_IMDS_DISABLED = "AWS_EC2_METADATA_DISABLED";
-export const remoteProvider = (init) => {
+export const remoteProvider = async (init) => {
+    const { ENV_CMDS_FULL_URI, ENV_CMDS_RELATIVE_URI, fromContainerMetadata, fromInstanceMetadata } = await import("@smithy/credential-provider-imds");
     if (process.env[ENV_CMDS_RELATIVE_URI] || process.env[ENV_CMDS_FULL_URI]) {
+        init.logger?.debug("@aws-sdk/credential-provider-node", "remoteProvider::fromContainerMetadata");
         return fromContainerMetadata(init);
     }
     if (process.env[ENV_IMDS_DISABLED]) {
@@ -10,5 +11,6 @@ export const remoteProvider = (init) => {
             throw new CredentialsProviderError("EC2 Instance Metadata Service access disabled");
         };
     }
+    init.logger?.debug("@aws-sdk/credential-provider-node", "remoteProvider::fromInstanceMetadata");
     return fromInstanceMetadata(init);
 };

package/node_modules/@aws-sdk/credential-provider-node/dist-types/defaultProvider.d.ts CHANGED Viewed

@@ -1,10 +1,13 @@
-import { FromIniInit } from "@aws-sdk/credential-provider-ini";
-import { FromProcessInit } from "@aws-sdk/credential-provider-process";
-import { FromSSOInit } from "@aws-sdk/credential-provider-sso";
-import { FromTokenFileInit } from "@aws-sdk/credential-provider-web-identity";
-import { RemoteProviderInit } from "@smithy/credential-provider-imds";
+import type { FromIniInit } from "@aws-sdk/credential-provider-ini";
+import type { FromProcessInit } from "@aws-sdk/credential-provider-process";
+import type { FromSSOInit, SsoCredentialsParameters } from "@aws-sdk/credential-provider-sso";
+import type { FromTokenFileInit } from "@aws-sdk/credential-provider-web-identity";
+import type { RemoteProviderInit } from "@smithy/credential-provider-imds";
 import { AwsCredentialIdentity, MemoizedProvider } from "@smithy/types";
-export type DefaultProviderInit = FromIniInit & RemoteProviderInit & FromProcessInit & FromSSOInit & FromTokenFileInit;
+/**
+ * @public
+ */
+export type DefaultProviderInit = FromIniInit & RemoteProviderInit & FromProcessInit & (FromSSOInit & Partial<SsoCredentialsParameters>) & FromTokenFileInit;
 /**
  * Creates a credential provider that will attempt to find credentials from the
  * following sources (listed in order of precedence):
@@ -24,19 +27,31 @@ export type DefaultProviderInit = FromIniInit & RemoteProviderInit & FromProcess
  * @param init                  Configuration that is passed to each individual
  *                              provider
  *
- * @see {@link fromEnv}                 The function used to source credentials from
- *                              environment variables
- * @see {@link fromSSO}                 The function used to source credentials from
- *                              resolved SSO token cache
- * @see {@link fromTokenFile}           The function used to source credentials from
- *                              token file
- * @see {@link fromIni}                The function used to source credentials from INI
- *                              files
- * @see {@link fromProcess}             The function used to sources credentials from
- *                              credential_process in INI files
+ * @see {@link fromEnv}         The function used to source credentials from
+ *                              environment variables.
+ * @see {@link fromSSO}         The function used to source credentials from
+ *                              resolved SSO token cache.
+ * @see {@link fromTokenFile}   The function used to source credentials from
+ *                              token file.
+ * @see {@link fromIni}         The function used to source credentials from INI
+ *                              files.
+ * @see {@link fromProcess}     The function used to sources credentials from
+ *                              credential_process in INI files.
  * @see {@link fromInstanceMetadata}    The function used to source credentials from the
- *                              EC2 Instance Metadata Service
+ *                                      EC2 Instance Metadata Service.
  * @see {@link fromContainerMetadata}   The function used to source credentials from the
- *                              ECS Container Metadata Service
+ *                                      ECS Container Metadata Service.
  */
 export declare const defaultProvider: (init?: DefaultProviderInit) => MemoizedProvider<AwsCredentialIdentity>;
+/**
+ * @internal
+ *
+ * @returns credentials have expiration.
+ */
+export declare const credentialsWillNeedRefresh: (credentials: AwsCredentialIdentity) => boolean;
+/**
+ * @internal
+ *
+ * @returns credentials with less than 5 minutes left.
+ */
+export declare const credentialsTreatedAsExpired: (credentials: AwsCredentialIdentity) => boolean;

package/node_modules/@aws-sdk/credential-provider-node/dist-types/remoteProvider.d.ts CHANGED Viewed

@@ -1,4 +1,7 @@
-import { RemoteProviderInit } from "@smithy/credential-provider-imds";
-import { AwsCredentialIdentityProvider } from "@smithy/types";
+import type { RemoteProviderInit } from "@smithy/credential-provider-imds";
+import type { AwsCredentialIdentityProvider } from "@smithy/types";
 export declare const ENV_IMDS_DISABLED = "AWS_EC2_METADATA_DISABLED";
-export declare const remoteProvider: (init: RemoteProviderInit) => AwsCredentialIdentityProvider;
+/**
+ * @internal
+ */
+export declare const remoteProvider: (init: RemoteProviderInit) => Promise<AwsCredentialIdentityProvider>;

package/node_modules/@aws-sdk/credential-provider-node/dist-types/ts3.4/defaultProvider.d.ts CHANGED Viewed

@@ -1,14 +1,23 @@
 import { FromIniInit } from "@aws-sdk/credential-provider-ini";
 import { FromProcessInit } from "@aws-sdk/credential-provider-process";
-import { FromSSOInit } from "@aws-sdk/credential-provider-sso";
+import {
+  FromSSOInit,
+  SsoCredentialsParameters,
+} from "@aws-sdk/credential-provider-sso";
 import { FromTokenFileInit } from "@aws-sdk/credential-provider-web-identity";
 import { RemoteProviderInit } from "@smithy/credential-provider-imds";
 import { AwsCredentialIdentity, MemoizedProvider } from "@smithy/types";
 export type DefaultProviderInit = FromIniInit &
   RemoteProviderInit &
   FromProcessInit &
-  FromSSOInit &
+  (FromSSOInit & Partial<SsoCredentialsParameters>) &
   FromTokenFileInit;
 export declare const defaultProvider: (
   init?: DefaultProviderInit
 ) => MemoizedProvider<AwsCredentialIdentity>;
+export declare const credentialsWillNeedRefresh: (
+  credentials: AwsCredentialIdentity
+) => boolean;
+export declare const credentialsTreatedAsExpired: (
+  credentials: AwsCredentialIdentity
+) => boolean;

package/node_modules/@aws-sdk/credential-provider-node/dist-types/ts3.4/remoteProvider.d.ts CHANGED Viewed

@@ -3,4 +3,4 @@ import { AwsCredentialIdentityProvider } from "@smithy/types";
 export declare const ENV_IMDS_DISABLED = "AWS_EC2_METADATA_DISABLED";
 export declare const remoteProvider: (
   init: RemoteProviderInit
-) => AwsCredentialIdentityProvider;
+) => Promise<AwsCredentialIdentityProvider>;

package/node_modules/@aws-sdk/credential-provider-node/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-node",
-  "version": "3.496.0",
+  "version": "3.502.0",
   "description": "AWS credential provider that sources credentials from a Node.JS environment. ",
   "engines": {
     "node": ">=14.0.0"
@@ -27,12 +27,12 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@aws-sdk/credential-provider-env": "3.496.0",
-    "@aws-sdk/credential-provider-ini": "3.496.0",
-    "@aws-sdk/credential-provider-process": "3.496.0",
-    "@aws-sdk/credential-provider-sso": "3.496.0",
-    "@aws-sdk/credential-provider-web-identity": "3.496.0",
-    "@aws-sdk/types": "3.496.0",
+    "@aws-sdk/credential-provider-env": "3.502.0",
+    "@aws-sdk/credential-provider-ini": "3.502.0",
+    "@aws-sdk/credential-provider-process": "3.502.0",
+    "@aws-sdk/credential-provider-sso": "3.502.0",
+    "@aws-sdk/credential-provider-web-identity": "3.502.0",
+    "@aws-sdk/types": "3.502.0",
     "@smithy/credential-provider-imds": "^2.2.1",
     "@smithy/property-provider": "^2.1.1",
     "@smithy/shared-ini-file-loader": "^2.3.1",

package/node_modules/@aws-sdk/credential-provider-process/dist-cjs/index.js CHANGED Viewed

@@ -85,6 +85,8 @@ var resolveProcessCredentials = /* @__PURE__ */ __name(async (profileName, profi
 // src/fromProcess.ts
 var fromProcess = /* @__PURE__ */ __name((init = {}) => async () => {
+  var _a;
+  (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-process", "fromProcess");
   const profiles = await (0, import_shared_ini_file_loader.parseKnownFiles)(init);
   return resolveProcessCredentials((0, import_shared_ini_file_loader.getProfileName)(init), profiles);
 }, "fromProcess");

package/node_modules/@aws-sdk/credential-provider-process/dist-es/fromProcess.js CHANGED Viewed

@@ -1,6 +1,7 @@
 import { getProfileName, parseKnownFiles } from "@smithy/shared-ini-file-loader";
 import { resolveProcessCredentials } from "./resolveProcessCredentials";
 export const fromProcess = (init = {}) => async () => {
+    init.logger?.debug("@aws-sdk/credential-provider-process", "fromProcess");
     const profiles = await parseKnownFiles(init);
     return resolveProcessCredentials(getProfileName(init), profiles);
 };

package/node_modules/@aws-sdk/credential-provider-process/dist-types/fromProcess.d.ts CHANGED Viewed

@@ -1,9 +1,10 @@
+import type { CredentialProviderOptions } from "@aws-sdk/types";
 import { SourceProfileInit } from "@smithy/shared-ini-file-loader";
 import { AwsCredentialIdentityProvider } from "@smithy/types";
 /**
  * @internal
  */
-export interface FromProcessInit extends SourceProfileInit {
+export interface FromProcessInit extends SourceProfileInit, CredentialProviderOptions {
 }
 /**
  * @internal