@cdklabs/cdk-construct-connect-datalake 0.0.4 → 0.0.6

package/node_modules/@aws-sdk/client-sts/dist-cjs/auth/httpAuthSchemeProvider.js

@@ -2,9 +2,25 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.resolveHttpAuthSchemeConfig = exports.resolveStsAuthConfig = exports.defaultSTSHttpAuthSchemeProvider = exports.defaultSTSHttpAuthSchemeParametersProvider = void 0;
 const httpAuthSchemes_1 = require("@aws-sdk/core/httpAuthSchemes");
+const signature_v4_multi_region_1 = require("@aws-sdk/signature-v4-multi-region");
+const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
 const util_middleware_1 = require("@smithy/util-middleware");
+const endpointResolver_1 = require("../endpoint/endpointResolver");
 const STSClient_1 = require("../STSClient");
-const defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
+const createEndpointRuleSetHttpAuthSchemeParametersProvider = (defaultHttpAuthSchemeParametersProvider) => async (config, context, input) => {
+    if (!input) {
+        throw new Error("Could not find `input` for `defaultEndpointRuleSetHttpAuthSchemeParametersProvider`");
+    }
+    const defaultParameters = await defaultHttpAuthSchemeParametersProvider(config, context, input);
+    const instructionsFn = (0, util_middleware_1.getSmithyContext)(context)?.commandInstance?.constructor
+        ?.getEndpointParameterInstructions;
+    if (!instructionsFn) {
+        throw new Error(`getEndpointParameterInstructions() is not defined on '${context.commandName}'`);
+    }
+    const endpointParameters = await (0, middleware_endpoint_1.resolveParams)(input, { getEndpointParameterInstructions: instructionsFn }, config);
+    return Object.assign(defaultParameters, endpointParameters);
+};
+const _defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
     return {
         operation: (0, util_middleware_1.getSmithyContext)(context).operation,
         region: await (0, util_middleware_1.normalizeProvider)(config.region)() || (() => {
@@ -12,7 +28,7 @@ const defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input
         })(),
     };
 };
-exports.defaultSTSHttpAuthSchemeParametersProvider = defaultSTSHttpAuthSchemeParametersProvider;
+exports.defaultSTSHttpAuthSchemeParametersProvider = createEndpointRuleSetHttpAuthSchemeParametersProvider(_defaultSTSHttpAuthSchemeParametersProvider);
 function createAwsAuthSigv4HttpAuthOption(authParameters) {
     return {
         schemeId: "aws.auth#sigv4",
@@ -28,33 +44,95 @@ function createAwsAuthSigv4HttpAuthOption(authParameters) {
         }),
     };
 }
+function createAwsAuthSigv4aHttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4a",
+        signingProperties: {
+            name: "sts",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
 function createSmithyApiNoAuthHttpAuthOption(authParameters) {
     return {
         schemeId: "smithy.api#noAuth",
     };
 }
-const defaultSTSHttpAuthSchemeProvider = (authParameters) => {
-    const options = [];
-    switch (authParameters.operation) {
-        case "AssumeRoleWithSAML":
-            {
-                options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
-                break;
+const createEndpointRuleSetHttpAuthSchemeProvider = (defaultEndpointResolver, defaultHttpAuthSchemeResolver, createHttpAuthOptionFunctions) => {
+    const endpointRuleSetHttpAuthSchemeProvider = (authParameters) => {
+        const endpoint = defaultEndpointResolver(authParameters);
+        const authSchemes = endpoint.properties?.authSchemes;
+        if (!authSchemes) {
+            return defaultHttpAuthSchemeResolver(authParameters);
+        }
+        const options = [];
+        for (const scheme of authSchemes) {
+            const { name: resolvedName, properties = {}, ...rest } = scheme;
+            const name = resolvedName.toLowerCase();
+            if (resolvedName !== name) {
+                console.warn(`HttpAuthScheme has been normalized with lowercasing: '${resolvedName}' to '${name}'`);
             }
-            ;
-        case "AssumeRoleWithWebIdentity":
-            {
-                options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
-                break;
+            let schemeId;
+            if (name === "sigv4a") {
+                schemeId = "aws.auth#sigv4a";
+                const sigv4Present = authSchemes.find((s) => {
+                    const name = s.name.toLowerCase();
+                    return name !== "sigv4a" && name.startsWith("sigv4");
+                });
+                if (signature_v4_multi_region_1.SignatureV4MultiRegion.sigv4aDependency() === "none" && sigv4Present) {
+                    continue;
+                }
             }
-            ;
+            else if (name.startsWith("sigv4")) {
+                schemeId = "aws.auth#sigv4";
+            }
+            else {
+                throw new Error(`Unknown HttpAuthScheme found in '@smithy.rules#endpointRuleSet': '${name}'`);
+            }
+            const createOption = createHttpAuthOptionFunctions[schemeId];
+            if (!createOption) {
+                throw new Error(`Could not find HttpAuthOption create function for '${schemeId}'`);
+            }
+            const option = createOption(authParameters);
+            option.schemeId = schemeId;
+            option.signingProperties = { ...(option.signingProperties || {}), ...rest, ...properties };
+            options.push(option);
+        }
+        return options;
+    };
+    return endpointRuleSetHttpAuthSchemeProvider;
+};
+const _defaultSTSHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        case "AssumeRoleWithSAML": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
+            break;
+        }
+        case "AssumeRoleWithWebIdentity": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
+            break;
+        }
         default: {
             options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
         }
     }
     return options;
 };
-exports.defaultSTSHttpAuthSchemeProvider = defaultSTSHttpAuthSchemeProvider;
+exports.defaultSTSHttpAuthSchemeProvider = createEndpointRuleSetHttpAuthSchemeProvider(endpointResolver_1.defaultEndpointResolver, _defaultSTSHttpAuthSchemeProvider, {
+    "aws.auth#sigv4": createAwsAuthSigv4HttpAuthOption,
+    "aws.auth#sigv4a": createAwsAuthSigv4aHttpAuthOption,
+    "smithy.api#noAuth": createSmithyApiNoAuthHttpAuthOption,
+});
 const resolveStsAuthConfig = (input) => Object.assign(input, {
     stsClientCtor: STSClient_1.STSClient,
 });
@@ -62,7 +140,8 @@ exports.resolveStsAuthConfig = resolveStsAuthConfig;
 const resolveHttpAuthSchemeConfig = (config) => {
     const config_0 = (0, exports.resolveStsAuthConfig)(config);
     const config_1 = (0, httpAuthSchemes_1.resolveAwsSdkSigV4Config)(config_0);
-    return Object.assign(config_1, {
+    const config_2 = (0, httpAuthSchemes_1.resolveAwsSdkSigV4AConfig)(config_1);
+    return Object.assign(config_2, {
         authSchemePreference: (0, util_middleware_1.normalizeProvider)(config.authSchemePreference ?? []),
     });
 };

package/node_modules/@aws-sdk/client-sts/dist-cjs/runtimeConfig.js

@@ -43,6 +43,11 @@ const getRuntimeConfig = (config) => {
                 identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4") || (async (idProps) => await (0, credential_provider_node_1.defaultProvider)(idProps?.__config || {})()),
                 signer: new httpAuthSchemes_1.AwsSdkSigV4Signer(),
             },
+            {
+                schemeId: "aws.auth#sigv4a",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4a"),
+                signer: new httpAuthSchemes_1.AwsSdkSigV4ASigner(),
+            },
             {
                 schemeId: "smithy.api#noAuth",
                 identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
@@ -58,6 +63,7 @@ const getRuntimeConfig = (config) => {
                 default: async () => (await defaultConfigProvider()).retryMode || util_retry_1.DEFAULT_RETRY_MODE,
             }, config),
         sha256: config?.sha256 ?? hash_node_1.Hash.bind(null, "sha256"),
+        sigv4aSigningRegionSet: config?.sigv4aSigningRegionSet ?? (0, node_config_provider_1.loadConfig)(httpAuthSchemes_1.NODE_SIGV4A_CONFIG_OPTIONS, loaderConfig),
         streamCollector: config?.streamCollector ?? node_http_handler_1.streamCollector,
         useDualstackEndpoint: config?.useDualstackEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
         useFipsEndpoint: config?.useFipsEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, loaderConfig),

package/node_modules/@aws-sdk/client-sts/dist-cjs/runtimeConfig.shared.js

@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.getRuntimeConfig = void 0;
 const httpAuthSchemes_1 = require("@aws-sdk/core/httpAuthSchemes");
 const protocols_1 = require("@aws-sdk/core/protocols");
+const signature_v4_multi_region_1 = require("@aws-sdk/signature-v4-multi-region");
 const core_1 = require("@smithy/core");
 const smithy_client_1 = require("@smithy/smithy-client");
 const url_parser_1 = require("@smithy/url-parser");
@@ -26,6 +27,11 @@ const getRuntimeConfig = (config) => {
                 identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
                 signer: new httpAuthSchemes_1.AwsSdkSigV4Signer(),
             },
+            {
+                schemeId: "aws.auth#sigv4a",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4a"),
+                signer: new httpAuthSchemes_1.AwsSdkSigV4ASigner(),
+            },
             {
                 schemeId: "smithy.api#noAuth",
                 identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
@@ -42,6 +48,7 @@ const getRuntimeConfig = (config) => {
             serviceTarget: "AWSSecurityTokenServiceV20110615",
         },
         serviceId: config?.serviceId ?? "STS",
+        signerConstructor: config?.signerConstructor ?? signature_v4_multi_region_1.SignatureV4MultiRegion,
         urlParser: config?.urlParser ?? url_parser_1.parseUrl,
         utf8Decoder: config?.utf8Decoder ?? util_utf8_1.fromUtf8,
         utf8Encoder: config?.utf8Encoder ?? util_utf8_1.toUtf8,

package/node_modules/@aws-sdk/client-sts/dist-es/STSClient.js

@@ -40,6 +40,7 @@ export class STSClient extends __Client {
             httpAuthSchemeParametersProvider: defaultSTSHttpAuthSchemeParametersProvider,
             identityProviderConfigProvider: async (config) => new DefaultIdentityProviderConfig({
                 "aws.auth#sigv4": config.credentials,
+                "aws.auth#sigv4a": config.credentials,
             }),
         }));
         this.middlewareStack.use(getHttpSigningPlugin(this.config));

package/node_modules/@aws-sdk/client-sts/dist-es/auth/httpAuthSchemeProvider.js

@@ -1,7 +1,23 @@
-import { resolveAwsSdkSigV4Config, } from "@aws-sdk/core/httpAuthSchemes";
+import { resolveAwsSdkSigV4AConfig, resolveAwsSdkSigV4Config, } from "@aws-sdk/core/httpAuthSchemes";
+import { SignatureV4MultiRegion } from "@aws-sdk/signature-v4-multi-region";
+import { resolveParams } from "@smithy/middleware-endpoint";
 import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware";
+import { defaultEndpointResolver } from "../endpoint/endpointResolver";
 import { STSClient } from "../STSClient";
-export const defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
+const createEndpointRuleSetHttpAuthSchemeParametersProvider = (defaultHttpAuthSchemeParametersProvider) => async (config, context, input) => {
+    if (!input) {
+        throw new Error("Could not find `input` for `defaultEndpointRuleSetHttpAuthSchemeParametersProvider`");
+    }
+    const defaultParameters = await defaultHttpAuthSchemeParametersProvider(config, context, input);
+    const instructionsFn = getSmithyContext(context)?.commandInstance?.constructor
+        ?.getEndpointParameterInstructions;
+    if (!instructionsFn) {
+        throw new Error(`getEndpointParameterInstructions() is not defined on '${context.commandName}'`);
+    }
+    const endpointParameters = await resolveParams(input, { getEndpointParameterInstructions: instructionsFn }, config);
+    return Object.assign(defaultParameters, endpointParameters);
+};
+const _defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
     return {
         operation: getSmithyContext(context).operation,
         region: await normalizeProvider(config.region)() || (() => {
@@ -9,6 +25,7 @@ export const defaultSTSHttpAuthSchemeParametersProvider = async (config, context
         })(),
     };
 };
+export const defaultSTSHttpAuthSchemeParametersProvider = createEndpointRuleSetHttpAuthSchemeParametersProvider(_defaultSTSHttpAuthSchemeParametersProvider);
 function createAwsAuthSigv4HttpAuthOption(authParameters) {
     return {
         schemeId: "aws.auth#sigv4",
@@ -24,39 +41,103 @@ function createAwsAuthSigv4HttpAuthOption(authParameters) {
         }),
     };
 }
+function createAwsAuthSigv4aHttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4a",
+        signingProperties: {
+            name: "sts",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
 function createSmithyApiNoAuthHttpAuthOption(authParameters) {
     return {
         schemeId: "smithy.api#noAuth",
     };
 }
-export const defaultSTSHttpAuthSchemeProvider = (authParameters) => {
-    const options = [];
-    switch (authParameters.operation) {
-        case "AssumeRoleWithSAML":
-            {
-                options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
-                break;
+const createEndpointRuleSetHttpAuthSchemeProvider = (defaultEndpointResolver, defaultHttpAuthSchemeResolver, createHttpAuthOptionFunctions) => {
+    const endpointRuleSetHttpAuthSchemeProvider = (authParameters) => {
+        const endpoint = defaultEndpointResolver(authParameters);
+        const authSchemes = endpoint.properties?.authSchemes;
+        if (!authSchemes) {
+            return defaultHttpAuthSchemeResolver(authParameters);
+        }
+        const options = [];
+        for (const scheme of authSchemes) {
+            const { name: resolvedName, properties = {}, ...rest } = scheme;
+            const name = resolvedName.toLowerCase();
+            if (resolvedName !== name) {
+                console.warn(`HttpAuthScheme has been normalized with lowercasing: '${resolvedName}' to '${name}'`);
             }
-            ;
-        case "AssumeRoleWithWebIdentity":
-            {
-                options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
-                break;
+            let schemeId;
+            if (name === "sigv4a") {
+                schemeId = "aws.auth#sigv4a";
+                const sigv4Present = authSchemes.find((s) => {
+                    const name = s.name.toLowerCase();
+                    return name !== "sigv4a" && name.startsWith("sigv4");
+                });
+                if (SignatureV4MultiRegion.sigv4aDependency() === "none" && sigv4Present) {
+                    continue;
+                }
             }
-            ;
+            else if (name.startsWith("sigv4")) {
+                schemeId = "aws.auth#sigv4";
+            }
+            else {
+                throw new Error(`Unknown HttpAuthScheme found in '@smithy.rules#endpointRuleSet': '${name}'`);
+            }
+            const createOption = createHttpAuthOptionFunctions[schemeId];
+            if (!createOption) {
+                throw new Error(`Could not find HttpAuthOption create function for '${schemeId}'`);
+            }
+            const option = createOption(authParameters);
+            option.schemeId = schemeId;
+            option.signingProperties = { ...(option.signingProperties || {}), ...rest, ...properties };
+            options.push(option);
+        }
+        return options;
+    };
+    return endpointRuleSetHttpAuthSchemeProvider;
+};
+const _defaultSTSHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        case "AssumeRoleWithSAML": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
+            break;
+        }
+        case "AssumeRoleWithWebIdentity": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
+            break;
+        }
         default: {
             options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
         }
     }
     return options;
 };
+export const defaultSTSHttpAuthSchemeProvider = createEndpointRuleSetHttpAuthSchemeProvider(defaultEndpointResolver, _defaultSTSHttpAuthSchemeProvider, {
+    "aws.auth#sigv4": createAwsAuthSigv4HttpAuthOption,
+    "aws.auth#sigv4a": createAwsAuthSigv4aHttpAuthOption,
+    "smithy.api#noAuth": createSmithyApiNoAuthHttpAuthOption,
+});
 export const resolveStsAuthConfig = (input) => Object.assign(input, {
     stsClientCtor: STSClient,
 });
 export const resolveHttpAuthSchemeConfig = (config) => {
     const config_0 = resolveStsAuthConfig(config);
     const config_1 = resolveAwsSdkSigV4Config(config_0);
-    return Object.assign(config_1, {
+    const config_2 = resolveAwsSdkSigV4AConfig(config_1);
+    return Object.assign(config_2, {
         authSchemePreference: normalizeProvider(config.authSchemePreference ?? []),
     });
 };

package/node_modules/@aws-sdk/client-sts/dist-es/runtimeConfig.js

@@ -1,6 +1,6 @@
 import packageInfo from "../package.json";
 import { emitWarningIfUnsupportedVersion as awsCheckVersion } from "@aws-sdk/core/client";
-import { AwsSdkSigV4Signer, NODE_AUTH_SCHEME_PREFERENCE_OPTIONS } from "@aws-sdk/core/httpAuthSchemes";
+import { AwsSdkSigV4ASigner, AwsSdkSigV4Signer, NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, NODE_SIGV4A_CONFIG_OPTIONS, } from "@aws-sdk/core/httpAuthSchemes";
 import { defaultProvider as credentialDefaultProvider } from "@aws-sdk/credential-provider-node";
 import { createDefaultUserAgentProvider, NODE_APP_ID_CONFIG_OPTIONS } from "@aws-sdk/util-user-agent-node";
 import { NODE_REGION_CONFIG_FILE_OPTIONS, NODE_REGION_CONFIG_OPTIONS, NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, } from "@smithy/config-resolver";
@@ -39,6 +39,11 @@ export const getRuntimeConfig = (config) => {
                 identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4") || (async (idProps) => await credentialDefaultProvider(idProps?.__config || {})()),
                 signer: new AwsSdkSigV4Signer(),
             },
+            {
+                schemeId: "aws.auth#sigv4a",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4a"),
+                signer: new AwsSdkSigV4ASigner(),
+            },
             {
                 schemeId: "smithy.api#noAuth",
                 identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
@@ -54,6 +59,7 @@ export const getRuntimeConfig = (config) => {
                 default: async () => (await defaultConfigProvider()).retryMode || DEFAULT_RETRY_MODE,
             }, config),
         sha256: config?.sha256 ?? Hash.bind(null, "sha256"),
+        sigv4aSigningRegionSet: config?.sigv4aSigningRegionSet ?? loadNodeConfig(NODE_SIGV4A_CONFIG_OPTIONS, loaderConfig),
         streamCollector: config?.streamCollector ?? streamCollector,
         useDualstackEndpoint: config?.useDualstackEndpoint ?? loadNodeConfig(NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
         useFipsEndpoint: config?.useFipsEndpoint ?? loadNodeConfig(NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, loaderConfig),

package/node_modules/@aws-sdk/client-sts/dist-es/runtimeConfig.shared.js

@@ -1,5 +1,6 @@
-import { AwsSdkSigV4Signer } from "@aws-sdk/core/httpAuthSchemes";
+import { AwsSdkSigV4ASigner, AwsSdkSigV4Signer } from "@aws-sdk/core/httpAuthSchemes";
 import { AwsQueryProtocol } from "@aws-sdk/core/protocols";
+import { SignatureV4MultiRegion } from "@aws-sdk/signature-v4-multi-region";
 import { NoAuthSigner } from "@smithy/core";
 import { NoOpLogger } from "@smithy/smithy-client";
 import { parseUrl } from "@smithy/url-parser";
@@ -23,6 +24,11 @@ export const getRuntimeConfig = (config) => {
                 identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
                 signer: new AwsSdkSigV4Signer(),
             },
+            {
+                schemeId: "aws.auth#sigv4a",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4a"),
+                signer: new AwsSdkSigV4ASigner(),
+            },
             {
                 schemeId: "smithy.api#noAuth",
                 identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
@@ -39,6 +45,7 @@ export const getRuntimeConfig = (config) => {
             serviceTarget: "AWSSecurityTokenServiceV20110615",
         },
         serviceId: config?.serviceId ?? "STS",
+        signerConstructor: config?.signerConstructor ?? SignatureV4MultiRegion,
         urlParser: config?.urlParser ?? parseUrl,
         utf8Decoder: config?.utf8Decoder ?? fromUtf8,
         utf8Encoder: config?.utf8Encoder ?? toUtf8,

package/node_modules/@aws-sdk/client-sts/dist-types/auth/httpAuthSchemeProvider.d.ts

@@ -1,10 +1,17 @@
-import { AwsSdkSigV4AuthInputConfig, AwsSdkSigV4AuthResolvedConfig, AwsSdkSigV4PreviouslyResolved } from "@aws-sdk/core/httpAuthSchemes";
+import { AwsSdkSigV4AAuthInputConfig, AwsSdkSigV4AAuthResolvedConfig, AwsSdkSigV4APreviouslyResolved, AwsSdkSigV4AuthInputConfig, AwsSdkSigV4AuthResolvedConfig, AwsSdkSigV4PreviouslyResolved } from "@aws-sdk/core/httpAuthSchemes";
 import type { Client, HandlerExecutionContext, HttpAuthScheme, HttpAuthSchemeParameters, HttpAuthSchemeParametersProvider, HttpAuthSchemeProvider, Provider } from "@smithy/types";
-import { type STSClientResolvedConfig } from "../STSClient";
+import { EndpointParameters } from "../endpoint/EndpointParameters";
+import { STSClientResolvedConfig } from "../STSClient";
 /**
  * @internal
  */
-export interface STSHttpAuthSchemeParameters extends HttpAuthSchemeParameters {
+interface _STSHttpAuthSchemeParameters extends HttpAuthSchemeParameters {
+    region?: string;
+}
+/**
+ * @internal
+ */
+export interface STSHttpAuthSchemeParameters extends _STSHttpAuthSchemeParameters, EndpointParameters {
     region?: string;
 }
 /**
@@ -15,7 +22,7 @@ export interface STSHttpAuthSchemeParametersProvider extends HttpAuthSchemeParam
 /**
  * @internal
  */
-export declare const defaultSTSHttpAuthSchemeParametersProvider: (config: STSClientResolvedConfig, context: HandlerExecutionContext, input: object) => Promise<STSHttpAuthSchemeParameters>;
+export declare const defaultSTSHttpAuthSchemeParametersProvider: STSHttpAuthSchemeParametersProvider;
 /**
  * @internal
  */
@@ -38,7 +45,7 @@ export declare const resolveStsAuthConfig: <T>(input: T & StsAuthInputConfig) =>
 /**
  * @public
  */
-export interface HttpAuthSchemeInputConfig extends StsAuthInputConfig, AwsSdkSigV4AuthInputConfig {
+export interface HttpAuthSchemeInputConfig extends StsAuthInputConfig, AwsSdkSigV4AuthInputConfig, AwsSdkSigV4AAuthInputConfig {
     /**
      * A comma-separated list of case-sensitive auth scheme names.
      * An auth scheme name is a fully qualified auth scheme ID with the namespace prefix trimmed.
@@ -60,7 +67,7 @@ export interface HttpAuthSchemeInputConfig extends StsAuthInputConfig, AwsSdkSig
 /**
  * @internal
  */
-export interface HttpAuthSchemeResolvedConfig extends StsAuthResolvedConfig, AwsSdkSigV4AuthResolvedConfig {
+export interface HttpAuthSchemeResolvedConfig extends StsAuthResolvedConfig, AwsSdkSigV4AuthResolvedConfig, AwsSdkSigV4AAuthResolvedConfig {
     /**
      * A comma-separated list of case-sensitive auth scheme names.
      * An auth scheme name is a fully qualified auth scheme ID with the namespace prefix trimmed.
@@ -82,4 +89,5 @@ export interface HttpAuthSchemeResolvedConfig extends StsAuthResolvedConfig, Aws
 /**
  * @internal
  */
-export declare const resolveHttpAuthSchemeConfig: <T>(config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved) => T & HttpAuthSchemeResolvedConfig;
+export declare const resolveHttpAuthSchemeConfig: <T>(config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved & AwsSdkSigV4APreviouslyResolved) => T & HttpAuthSchemeResolvedConfig;
+export {};

package/node_modules/@aws-sdk/client-sts/dist-types/runtimeConfig.browser.d.ts

@@ -38,7 +38,7 @@ export declare const getRuntimeConfig: (config: STSClientConfig) => {
     userAgentAppId?: string | undefined | import("@smithy/types").Provider<string | undefined>;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2;
     endpoint?: ((string | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2>) & (string | import("@smithy/types").Provider<string> | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2>)) | undefined;
-    endpointProvider: (params: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
+    endpointProvider: (endpointParams: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
         logger?: import("@smithy/types").Logger;
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean;
@@ -59,6 +59,7 @@ export declare const getRuntimeConfig: (config: STSClientConfig) => {
     signingEscapePath?: boolean;
     systemClockOffset?: number;
     signingRegion?: string;
-    signerConstructor?: new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner;
+    signerConstructor: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | typeof import("@aws-sdk/signature-v4-multi-region").SignatureV4MultiRegion;
+    sigv4aSigningRegionSet?: string[] | undefined | import("@smithy/types").Provider<string[] | undefined>;
     useGlobalEndpoint?: boolean | undefined | import("@smithy/types").Provider<boolean | undefined>;
 };

package/node_modules/@aws-sdk/client-sts/dist-types/runtimeConfig.d.ts

@@ -1,3 +1,4 @@
+import { AwsSdkSigV4ASigner } from "@aws-sdk/core/httpAuthSchemes";
 import { NoAuthSigner } from "@smithy/core";
 import { NodeHttpHandler as RequestHandler } from "@smithy/node-http-handler";
 import type { IdentityProviderConfig } from "@smithy/types";
@@ -12,16 +13,21 @@ export declare const getRuntimeConfig: (config: STSClientConfig) => {
     bodyLengthChecker: import("@smithy/types").BodyLengthCalculator;
     credentialDefaultProvider: ((input: any) => import("@smithy/types").AwsCredentialIdentityProvider) | ((init?: import("@aws-sdk/credential-provider-node").DefaultProviderInit) => import("@aws-sdk/credential-provider-node/dist-types/runtime/memoize-chain").MemoizedRuntimeConfigAwsCredentialIdentityProvider);
     defaultUserAgentProvider: (config?: import("@aws-sdk/util-user-agent-node").PreviouslyResolved) => Promise<import("@smithy/types").UserAgent>;
-    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[] | {
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[] | ({
+        schemeId: string;
+        identityProvider: (ipc: IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | undefined;
+        signer: AwsSdkSigV4ASigner;
+    } | {
         schemeId: string;
         identityProvider: (ipc: IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | (() => Promise<{}>);
         signer: NoAuthSigner;
-    }[];
+    })[];
     maxAttempts: number | import("@smithy/types").Provider<number>;
     region: string | import("@smithy/types").Provider<string>;
     requestHandler: RequestHandler | import("@smithy/protocol-http").HttpHandler<any>;
     retryMode: string | import("@smithy/types").Provider<string>;
     sha256: import("@smithy/types").HashConstructor;
+    sigv4aSigningRegionSet: string[] | import("@smithy/types").Provider<string[] | undefined>;
     streamCollector: import("@smithy/types").StreamCollector;
     useDualstackEndpoint: boolean | import("@smithy/types").Provider<boolean>;
     useFipsEndpoint: boolean | import("@smithy/types").Provider<boolean>;
@@ -46,7 +52,7 @@ export declare const getRuntimeConfig: (config: STSClientConfig) => {
     customUserAgent?: string | import("@smithy/types").UserAgent;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2;
     endpoint?: ((string | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2>) & (string | import("@smithy/types").Provider<string> | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2>)) | undefined;
-    endpointProvider: (params: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
+    endpointProvider: (endpointParams: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
         logger?: import("@smithy/types").Logger;
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean;
@@ -57,6 +63,6 @@ export declare const getRuntimeConfig: (config: STSClientConfig) => {
     signingEscapePath?: boolean;
     systemClockOffset?: number;
     signingRegion?: string;
-    signerConstructor?: new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner;
+    signerConstructor: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | typeof import("@aws-sdk/signature-v4-multi-region").SignatureV4MultiRegion;
     useGlobalEndpoint?: boolean | undefined | import("@smithy/types").Provider<boolean | undefined>;
 };

package/node_modules/@aws-sdk/client-sts/dist-types/runtimeConfig.native.d.ts

@@ -37,7 +37,7 @@ export declare const getRuntimeConfig: (config: STSClientConfig) => {
     userAgentAppId?: string | undefined | import("@smithy/types").Provider<string | undefined>;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2;
     endpoint?: ((string | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2>) & (string | import("@smithy/types").Provider<string> | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2>)) | undefined;
-    endpointProvider: (params: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
+    endpointProvider: (endpointParams: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
         logger?: import("@smithy/types").Logger;
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean;
@@ -58,6 +58,7 @@ export declare const getRuntimeConfig: (config: STSClientConfig) => {
     signingEscapePath?: boolean;
     systemClockOffset?: number;
     signingRegion?: string;
-    signerConstructor?: new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner;
+    signerConstructor: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | typeof import("@aws-sdk/signature-v4-multi-region").SignatureV4MultiRegion;
+    sigv4aSigningRegionSet?: string[] | undefined | import("@smithy/types").Provider<string[] | undefined>;
     useGlobalEndpoint?: boolean | undefined | import("@smithy/types").Provider<boolean | undefined>;
 };

package/node_modules/@aws-sdk/client-sts/dist-types/runtimeConfig.shared.d.ts

@@ -1,5 +1,6 @@
 import { AwsSdkSigV4Signer } from "@aws-sdk/core/httpAuthSchemes";
 import { AwsQueryProtocol } from "@aws-sdk/core/protocols";
+import { SignatureV4MultiRegion } from "@aws-sdk/signature-v4-multi-region";
 import { NoAuthSigner } from "@smithy/core";
 import type { IdentityProviderConfig } from "@smithy/types";
 import type { STSClientConfig } from "./STSClient";
@@ -11,7 +12,7 @@ export declare const getRuntimeConfig: (config: STSClientConfig) => {
     base64Decoder: import("@smithy/types").Decoder;
     base64Encoder: (_input: Uint8Array | string) => string;
     disableHostPrefix: boolean;
-    endpointProvider: (params: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
+    endpointProvider: (endpointParams: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
         logger?: import("@smithy/types").Logger;
     }) => import("@smithy/types").EndpointV2;
     extensions: import("./runtimeExtensions").RuntimeExtension[];
@@ -32,6 +33,7 @@ export declare const getRuntimeConfig: (config: STSClientConfig) => {
         defaultNamespace?: string;
     };
     serviceId: string;
+    signerConstructor: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | typeof SignatureV4MultiRegion;
     urlParser: import("@smithy/types").UrlParser;
     utf8Decoder: import("@smithy/types").Decoder;
     utf8Encoder: (input: Uint8Array | string) => string;