npm - @cdklabs/cdk-construct-connect-datalake - Versions diffs - 0.0.5 → 0.0.6 - Mend

@cdklabs/cdk-construct-connect-datalake 0.0.5 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (262) hide show

package/node_modules/@aws-sdk/client-lakeformation/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-lakeformation",
   "description": "AWS SDK for JavaScript Lakeformation Client for Node.js, Browser and React Native",
-  "version": "3.1029.0",
+  "version": "3.1032.0",
   "scripts": {
     "build": "concurrently 'yarn:build:types' 'yarn:build:es' && yarn build:cjs",
     "build:cjs": "node ../../scripts/compilation/inline client-lakeformation",
@@ -21,42 +21,42 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "5.2.0",
     "@aws-crypto/sha256-js": "5.2.0",
-    "@aws-sdk/core": "^3.973.27",
-    "@aws-sdk/credential-provider-node": "^3.972.30",
-    "@aws-sdk/middleware-host-header": "^3.972.9",
-    "@aws-sdk/middleware-logger": "^3.972.9",
-    "@aws-sdk/middleware-recursion-detection": "^3.972.10",
-    "@aws-sdk/middleware-user-agent": "^3.972.29",
-    "@aws-sdk/region-config-resolver": "^3.972.11",
-    "@aws-sdk/types": "^3.973.7",
-    "@aws-sdk/util-endpoints": "^3.996.6",
-    "@aws-sdk/util-user-agent-browser": "^3.972.9",
-    "@aws-sdk/util-user-agent-node": "^3.973.15",
-    "@smithy/config-resolver": "^4.4.14",
-    "@smithy/core": "^3.23.14",
-    "@smithy/fetch-http-handler": "^5.3.16",
-    "@smithy/hash-node": "^4.2.13",
-    "@smithy/invalid-dependency": "^4.2.13",
-    "@smithy/middleware-content-length": "^4.2.13",
-    "@smithy/middleware-endpoint": "^4.4.29",
-    "@smithy/middleware-retry": "^4.5.0",
-    "@smithy/middleware-serde": "^4.2.17",
-    "@smithy/middleware-stack": "^4.2.13",
-    "@smithy/node-config-provider": "^4.3.13",
-    "@smithy/node-http-handler": "^4.5.2",
-    "@smithy/protocol-http": "^5.3.13",
-    "@smithy/smithy-client": "^4.12.9",
-    "@smithy/types": "^4.14.0",
-    "@smithy/url-parser": "^4.2.13",
+    "@aws-sdk/core": "^3.974.1",
+    "@aws-sdk/credential-provider-node": "^3.972.32",
+    "@aws-sdk/middleware-host-header": "^3.972.10",
+    "@aws-sdk/middleware-logger": "^3.972.10",
+    "@aws-sdk/middleware-recursion-detection": "^3.972.11",
+    "@aws-sdk/middleware-user-agent": "^3.972.31",
+    "@aws-sdk/region-config-resolver": "^3.972.12",
+    "@aws-sdk/types": "^3.973.8",
+    "@aws-sdk/util-endpoints": "^3.996.7",
+    "@aws-sdk/util-user-agent-browser": "^3.972.10",
+    "@aws-sdk/util-user-agent-node": "^3.973.17",
+    "@smithy/config-resolver": "^4.4.16",
+    "@smithy/core": "^3.23.15",
+    "@smithy/fetch-http-handler": "^5.3.17",
+    "@smithy/hash-node": "^4.2.14",
+    "@smithy/invalid-dependency": "^4.2.14",
+    "@smithy/middleware-content-length": "^4.2.14",
+    "@smithy/middleware-endpoint": "^4.4.30",
+    "@smithy/middleware-retry": "^4.5.3",
+    "@smithy/middleware-serde": "^4.2.18",
+    "@smithy/middleware-stack": "^4.2.14",
+    "@smithy/node-config-provider": "^4.3.14",
+    "@smithy/node-http-handler": "^4.5.3",
+    "@smithy/protocol-http": "^5.3.14",
+    "@smithy/smithy-client": "^4.12.11",
+    "@smithy/types": "^4.14.1",
+    "@smithy/url-parser": "^4.2.14",
     "@smithy/util-base64": "^4.3.2",
     "@smithy/util-body-length-browser": "^4.2.2",
     "@smithy/util-body-length-node": "^4.2.3",
-    "@smithy/util-defaults-mode-browser": "^4.3.45",
-    "@smithy/util-defaults-mode-node": "^4.2.49",
-    "@smithy/util-endpoints": "^3.3.4",
-    "@smithy/util-middleware": "^4.2.13",
-    "@smithy/util-retry": "^4.3.0",
-    "@smithy/util-stream": "^4.5.22",
+    "@smithy/util-defaults-mode-browser": "^4.3.47",
+    "@smithy/util-defaults-mode-node": "^4.2.52",
+    "@smithy/util-endpoints": "^3.4.1",
+    "@smithy/util-middleware": "^4.2.14",
+    "@smithy/util-retry": "^4.3.2",
+    "@smithy/util-stream": "^4.5.23",
     "@smithy/util-utf8": "^4.2.2",
     "tslib": "^2.6.2"
   },

package/node_modules/@aws-sdk/client-ram/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-ram",
   "description": "AWS SDK for JavaScript Ram Client for Node.js, Browser and React Native",
-  "version": "3.1029.0",
+  "version": "3.1032.0",
   "scripts": {
     "build": "concurrently 'yarn:build:types' 'yarn:build:es' && yarn build:cjs",
     "build:cjs": "node ../../scripts/compilation/inline client-ram",
@@ -21,41 +21,41 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "5.2.0",
     "@aws-crypto/sha256-js": "5.2.0",
-    "@aws-sdk/core": "^3.973.27",
-    "@aws-sdk/credential-provider-node": "^3.972.30",
-    "@aws-sdk/middleware-host-header": "^3.972.9",
-    "@aws-sdk/middleware-logger": "^3.972.9",
-    "@aws-sdk/middleware-recursion-detection": "^3.972.10",
-    "@aws-sdk/middleware-user-agent": "^3.972.29",
-    "@aws-sdk/region-config-resolver": "^3.972.11",
-    "@aws-sdk/types": "^3.973.7",
-    "@aws-sdk/util-endpoints": "^3.996.6",
-    "@aws-sdk/util-user-agent-browser": "^3.972.9",
-    "@aws-sdk/util-user-agent-node": "^3.973.15",
-    "@smithy/config-resolver": "^4.4.14",
-    "@smithy/core": "^3.23.14",
-    "@smithy/fetch-http-handler": "^5.3.16",
-    "@smithy/hash-node": "^4.2.13",
-    "@smithy/invalid-dependency": "^4.2.13",
-    "@smithy/middleware-content-length": "^4.2.13",
-    "@smithy/middleware-endpoint": "^4.4.29",
-    "@smithy/middleware-retry": "^4.5.0",
-    "@smithy/middleware-serde": "^4.2.17",
-    "@smithy/middleware-stack": "^4.2.13",
-    "@smithy/node-config-provider": "^4.3.13",
-    "@smithy/node-http-handler": "^4.5.2",
-    "@smithy/protocol-http": "^5.3.13",
-    "@smithy/smithy-client": "^4.12.9",
-    "@smithy/types": "^4.14.0",
-    "@smithy/url-parser": "^4.2.13",
+    "@aws-sdk/core": "^3.974.1",
+    "@aws-sdk/credential-provider-node": "^3.972.32",
+    "@aws-sdk/middleware-host-header": "^3.972.10",
+    "@aws-sdk/middleware-logger": "^3.972.10",
+    "@aws-sdk/middleware-recursion-detection": "^3.972.11",
+    "@aws-sdk/middleware-user-agent": "^3.972.31",
+    "@aws-sdk/region-config-resolver": "^3.972.12",
+    "@aws-sdk/types": "^3.973.8",
+    "@aws-sdk/util-endpoints": "^3.996.7",
+    "@aws-sdk/util-user-agent-browser": "^3.972.10",
+    "@aws-sdk/util-user-agent-node": "^3.973.17",
+    "@smithy/config-resolver": "^4.4.16",
+    "@smithy/core": "^3.23.15",
+    "@smithy/fetch-http-handler": "^5.3.17",
+    "@smithy/hash-node": "^4.2.14",
+    "@smithy/invalid-dependency": "^4.2.14",
+    "@smithy/middleware-content-length": "^4.2.14",
+    "@smithy/middleware-endpoint": "^4.4.30",
+    "@smithy/middleware-retry": "^4.5.3",
+    "@smithy/middleware-serde": "^4.2.18",
+    "@smithy/middleware-stack": "^4.2.14",
+    "@smithy/node-config-provider": "^4.3.14",
+    "@smithy/node-http-handler": "^4.5.3",
+    "@smithy/protocol-http": "^5.3.14",
+    "@smithy/smithy-client": "^4.12.11",
+    "@smithy/types": "^4.14.1",
+    "@smithy/url-parser": "^4.2.14",
     "@smithy/util-base64": "^4.3.2",
     "@smithy/util-body-length-browser": "^4.2.2",
     "@smithy/util-body-length-node": "^4.2.3",
-    "@smithy/util-defaults-mode-browser": "^4.3.45",
-    "@smithy/util-defaults-mode-node": "^4.2.49",
-    "@smithy/util-endpoints": "^3.3.4",
-    "@smithy/util-middleware": "^4.2.13",
-    "@smithy/util-retry": "^4.3.0",
+    "@smithy/util-defaults-mode-browser": "^4.3.47",
+    "@smithy/util-defaults-mode-node": "^4.2.52",
+    "@smithy/util-endpoints": "^3.4.1",
+    "@smithy/util-middleware": "^4.2.14",
+    "@smithy/util-retry": "^4.3.2",
     "@smithy/util-utf8": "^4.2.2",
     "tslib": "^2.6.2"
   },

package/node_modules/@aws-sdk/client-sts/dist-cjs/STSClient.js CHANGED Viewed

@@ -43,6 +43,7 @@ class STSClient extends smithy_client_1.Client {
             httpAuthSchemeParametersProvider: httpAuthSchemeProvider_1.defaultSTSHttpAuthSchemeParametersProvider,
             identityProviderConfigProvider: async (config) => new core_1.DefaultIdentityProviderConfig({
                 "aws.auth#sigv4": config.credentials,
+                "aws.auth#sigv4a": config.credentials,
             }),
         }));
         this.middlewareStack.use((0, core_1.getHttpSigningPlugin)(this.config));

package/node_modules/@aws-sdk/client-sts/dist-cjs/auth/httpAuthSchemeProvider.js CHANGED Viewed

@@ -2,9 +2,25 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.resolveHttpAuthSchemeConfig = exports.resolveStsAuthConfig = exports.defaultSTSHttpAuthSchemeProvider = exports.defaultSTSHttpAuthSchemeParametersProvider = void 0;
 const httpAuthSchemes_1 = require("@aws-sdk/core/httpAuthSchemes");
+const signature_v4_multi_region_1 = require("@aws-sdk/signature-v4-multi-region");
+const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
 const util_middleware_1 = require("@smithy/util-middleware");
+const endpointResolver_1 = require("../endpoint/endpointResolver");
 const STSClient_1 = require("../STSClient");
-const defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
+const createEndpointRuleSetHttpAuthSchemeParametersProvider = (defaultHttpAuthSchemeParametersProvider) => async (config, context, input) => {
+    if (!input) {
+        throw new Error("Could not find `input` for `defaultEndpointRuleSetHttpAuthSchemeParametersProvider`");
+    }
+    const defaultParameters = await defaultHttpAuthSchemeParametersProvider(config, context, input);
+    const instructionsFn = (0, util_middleware_1.getSmithyContext)(context)?.commandInstance?.constructor
+        ?.getEndpointParameterInstructions;
+    if (!instructionsFn) {
+        throw new Error(`getEndpointParameterInstructions() is not defined on '${context.commandName}'`);
+    }
+    const endpointParameters = await (0, middleware_endpoint_1.resolveParams)(input, { getEndpointParameterInstructions: instructionsFn }, config);
+    return Object.assign(defaultParameters, endpointParameters);
+};
+const _defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
     return {
         operation: (0, util_middleware_1.getSmithyContext)(context).operation,
         region: await (0, util_middleware_1.normalizeProvider)(config.region)() || (() => {
@@ -12,7 +28,7 @@ const defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input
         })(),
     };
 };
-exports.defaultSTSHttpAuthSchemeParametersProvider = defaultSTSHttpAuthSchemeParametersProvider;
+exports.defaultSTSHttpAuthSchemeParametersProvider = createEndpointRuleSetHttpAuthSchemeParametersProvider(_defaultSTSHttpAuthSchemeParametersProvider);
 function createAwsAuthSigv4HttpAuthOption(authParameters) {
     return {
         schemeId: "aws.auth#sigv4",
@@ -28,33 +44,95 @@ function createAwsAuthSigv4HttpAuthOption(authParameters) {
         }),
     };
 }
+function createAwsAuthSigv4aHttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4a",
+        signingProperties: {
+            name: "sts",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
 function createSmithyApiNoAuthHttpAuthOption(authParameters) {
     return {
         schemeId: "smithy.api#noAuth",
     };
 }
-const defaultSTSHttpAuthSchemeProvider = (authParameters) => {
-    const options = [];
-    switch (authParameters.operation) {
-        case "AssumeRoleWithSAML":
-            {
-                options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
-                break;
+const createEndpointRuleSetHttpAuthSchemeProvider = (defaultEndpointResolver, defaultHttpAuthSchemeResolver, createHttpAuthOptionFunctions) => {
+    const endpointRuleSetHttpAuthSchemeProvider = (authParameters) => {
+        const endpoint = defaultEndpointResolver(authParameters);
+        const authSchemes = endpoint.properties?.authSchemes;
+        if (!authSchemes) {
+            return defaultHttpAuthSchemeResolver(authParameters);
+        }
+        const options = [];
+        for (const scheme of authSchemes) {
+            const { name: resolvedName, properties = {}, ...rest } = scheme;
+            const name = resolvedName.toLowerCase();
+            if (resolvedName !== name) {
+                console.warn(`HttpAuthScheme has been normalized with lowercasing: '${resolvedName}' to '${name}'`);
             }
-            ;
-        case "AssumeRoleWithWebIdentity":
-            {
-                options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
-                break;
+            let schemeId;
+            if (name === "sigv4a") {
+                schemeId = "aws.auth#sigv4a";
+                const sigv4Present = authSchemes.find((s) => {
+                    const name = s.name.toLowerCase();
+                    return name !== "sigv4a" && name.startsWith("sigv4");
+                });
+                if (signature_v4_multi_region_1.SignatureV4MultiRegion.sigv4aDependency() === "none" && sigv4Present) {
+                    continue;
+                }
             }
-            ;
+            else if (name.startsWith("sigv4")) {
+                schemeId = "aws.auth#sigv4";
+            }
+            else {
+                throw new Error(`Unknown HttpAuthScheme found in '@smithy.rules#endpointRuleSet': '${name}'`);
+            }
+            const createOption = createHttpAuthOptionFunctions[schemeId];
+            if (!createOption) {
+                throw new Error(`Could not find HttpAuthOption create function for '${schemeId}'`);
+            }
+            const option = createOption(authParameters);
+            option.schemeId = schemeId;
+            option.signingProperties = { ...(option.signingProperties || {}), ...rest, ...properties };
+            options.push(option);
+        }
+        return options;
+    };
+    return endpointRuleSetHttpAuthSchemeProvider;
+};
+const _defaultSTSHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        case "AssumeRoleWithSAML": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
+            break;
+        }
+        case "AssumeRoleWithWebIdentity": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
+            break;
+        }
         default: {
             options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
         }
     }
     return options;
 };
-exports.defaultSTSHttpAuthSchemeProvider = defaultSTSHttpAuthSchemeProvider;
+exports.defaultSTSHttpAuthSchemeProvider = createEndpointRuleSetHttpAuthSchemeProvider(endpointResolver_1.defaultEndpointResolver, _defaultSTSHttpAuthSchemeProvider, {
+    "aws.auth#sigv4": createAwsAuthSigv4HttpAuthOption,
+    "aws.auth#sigv4a": createAwsAuthSigv4aHttpAuthOption,
+    "smithy.api#noAuth": createSmithyApiNoAuthHttpAuthOption,
+});
 const resolveStsAuthConfig = (input) => Object.assign(input, {
     stsClientCtor: STSClient_1.STSClient,
 });
@@ -62,7 +140,8 @@ exports.resolveStsAuthConfig = resolveStsAuthConfig;
 const resolveHttpAuthSchemeConfig = (config) => {
     const config_0 = (0, exports.resolveStsAuthConfig)(config);
     const config_1 = (0, httpAuthSchemes_1.resolveAwsSdkSigV4Config)(config_0);
-    return Object.assign(config_1, {
+    const config_2 = (0, httpAuthSchemes_1.resolveAwsSdkSigV4AConfig)(config_1);
+    return Object.assign(config_2, {
         authSchemePreference: (0, util_middleware_1.normalizeProvider)(config.authSchemePreference ?? []),
     });
 };

package/node_modules/@aws-sdk/client-sts/dist-cjs/runtimeConfig.js CHANGED Viewed

@@ -43,6 +43,11 @@ const getRuntimeConfig = (config) => {
                 identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4") || (async (idProps) => await (0, credential_provider_node_1.defaultProvider)(idProps?.__config || {})()),
                 signer: new httpAuthSchemes_1.AwsSdkSigV4Signer(),
             },
+            {
+                schemeId: "aws.auth#sigv4a",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4a"),
+                signer: new httpAuthSchemes_1.AwsSdkSigV4ASigner(),
+            },
             {
                 schemeId: "smithy.api#noAuth",
                 identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
@@ -58,6 +63,7 @@ const getRuntimeConfig = (config) => {
                 default: async () => (await defaultConfigProvider()).retryMode || util_retry_1.DEFAULT_RETRY_MODE,
             }, config),
         sha256: config?.sha256 ?? hash_node_1.Hash.bind(null, "sha256"),
+        sigv4aSigningRegionSet: config?.sigv4aSigningRegionSet ?? (0, node_config_provider_1.loadConfig)(httpAuthSchemes_1.NODE_SIGV4A_CONFIG_OPTIONS, loaderConfig),
         streamCollector: config?.streamCollector ?? node_http_handler_1.streamCollector,
         useDualstackEndpoint: config?.useDualstackEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
         useFipsEndpoint: config?.useFipsEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, loaderConfig),

package/node_modules/@aws-sdk/client-sts/dist-cjs/runtimeConfig.shared.js CHANGED Viewed

@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.getRuntimeConfig = void 0;
 const httpAuthSchemes_1 = require("@aws-sdk/core/httpAuthSchemes");
 const protocols_1 = require("@aws-sdk/core/protocols");
+const signature_v4_multi_region_1 = require("@aws-sdk/signature-v4-multi-region");
 const core_1 = require("@smithy/core");
 const smithy_client_1 = require("@smithy/smithy-client");
 const url_parser_1 = require("@smithy/url-parser");
@@ -26,6 +27,11 @@ const getRuntimeConfig = (config) => {
                 identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
                 signer: new httpAuthSchemes_1.AwsSdkSigV4Signer(),
             },
+            {
+                schemeId: "aws.auth#sigv4a",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4a"),
+                signer: new httpAuthSchemes_1.AwsSdkSigV4ASigner(),
+            },
             {
                 schemeId: "smithy.api#noAuth",
                 identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
@@ -42,6 +48,7 @@ const getRuntimeConfig = (config) => {
             serviceTarget: "AWSSecurityTokenServiceV20110615",
         },
         serviceId: config?.serviceId ?? "STS",
+        signerConstructor: config?.signerConstructor ?? signature_v4_multi_region_1.SignatureV4MultiRegion,
         urlParser: config?.urlParser ?? url_parser_1.parseUrl,
         utf8Decoder: config?.utf8Decoder ?? util_utf8_1.fromUtf8,
         utf8Encoder: config?.utf8Encoder ?? util_utf8_1.toUtf8,

package/node_modules/@aws-sdk/client-sts/dist-es/STSClient.js CHANGED Viewed

@@ -40,6 +40,7 @@ export class STSClient extends __Client {
             httpAuthSchemeParametersProvider: defaultSTSHttpAuthSchemeParametersProvider,
             identityProviderConfigProvider: async (config) => new DefaultIdentityProviderConfig({
                 "aws.auth#sigv4": config.credentials,
+                "aws.auth#sigv4a": config.credentials,
             }),
         }));
         this.middlewareStack.use(getHttpSigningPlugin(this.config));

package/node_modules/@aws-sdk/client-sts/dist-es/auth/httpAuthSchemeProvider.js CHANGED Viewed

@@ -1,7 +1,23 @@
-import { resolveAwsSdkSigV4Config, } from "@aws-sdk/core/httpAuthSchemes";
+import { resolveAwsSdkSigV4AConfig, resolveAwsSdkSigV4Config, } from "@aws-sdk/core/httpAuthSchemes";
+import { SignatureV4MultiRegion } from "@aws-sdk/signature-v4-multi-region";
+import { resolveParams } from "@smithy/middleware-endpoint";
 import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware";
+import { defaultEndpointResolver } from "../endpoint/endpointResolver";
 import { STSClient } from "../STSClient";
-export const defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
+const createEndpointRuleSetHttpAuthSchemeParametersProvider = (defaultHttpAuthSchemeParametersProvider) => async (config, context, input) => {
+    if (!input) {
+        throw new Error("Could not find `input` for `defaultEndpointRuleSetHttpAuthSchemeParametersProvider`");
+    }
+    const defaultParameters = await defaultHttpAuthSchemeParametersProvider(config, context, input);
+    const instructionsFn = getSmithyContext(context)?.commandInstance?.constructor
+        ?.getEndpointParameterInstructions;
+    if (!instructionsFn) {
+        throw new Error(`getEndpointParameterInstructions() is not defined on '${context.commandName}'`);
+    }
+    const endpointParameters = await resolveParams(input, { getEndpointParameterInstructions: instructionsFn }, config);
+    return Object.assign(defaultParameters, endpointParameters);
+};
+const _defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
     return {
         operation: getSmithyContext(context).operation,
         region: await normalizeProvider(config.region)() || (() => {
@@ -9,6 +25,7 @@ export const defaultSTSHttpAuthSchemeParametersProvider = async (config, context
         })(),
     };
 };
+export const defaultSTSHttpAuthSchemeParametersProvider = createEndpointRuleSetHttpAuthSchemeParametersProvider(_defaultSTSHttpAuthSchemeParametersProvider);
 function createAwsAuthSigv4HttpAuthOption(authParameters) {
     return {
         schemeId: "aws.auth#sigv4",
@@ -24,39 +41,103 @@ function createAwsAuthSigv4HttpAuthOption(authParameters) {
         }),
     };
 }
+function createAwsAuthSigv4aHttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4a",
+        signingProperties: {
+            name: "sts",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
 function createSmithyApiNoAuthHttpAuthOption(authParameters) {
     return {
         schemeId: "smithy.api#noAuth",
     };
 }
-export const defaultSTSHttpAuthSchemeProvider = (authParameters) => {
-    const options = [];
-    switch (authParameters.operation) {
-        case "AssumeRoleWithSAML":
-            {
-                options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
-                break;
+const createEndpointRuleSetHttpAuthSchemeProvider = (defaultEndpointResolver, defaultHttpAuthSchemeResolver, createHttpAuthOptionFunctions) => {
+    const endpointRuleSetHttpAuthSchemeProvider = (authParameters) => {
+        const endpoint = defaultEndpointResolver(authParameters);
+        const authSchemes = endpoint.properties?.authSchemes;
+        if (!authSchemes) {
+            return defaultHttpAuthSchemeResolver(authParameters);
+        }
+        const options = [];
+        for (const scheme of authSchemes) {
+            const { name: resolvedName, properties = {}, ...rest } = scheme;
+            const name = resolvedName.toLowerCase();
+            if (resolvedName !== name) {
+                console.warn(`HttpAuthScheme has been normalized with lowercasing: '${resolvedName}' to '${name}'`);
             }
-            ;
-        case "AssumeRoleWithWebIdentity":
-            {
-                options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
-                break;
+            let schemeId;
+            if (name === "sigv4a") {
+                schemeId = "aws.auth#sigv4a";
+                const sigv4Present = authSchemes.find((s) => {
+                    const name = s.name.toLowerCase();
+                    return name !== "sigv4a" && name.startsWith("sigv4");
+                });
+                if (SignatureV4MultiRegion.sigv4aDependency() === "none" && sigv4Present) {
+                    continue;
+                }
             }
-            ;
+            else if (name.startsWith("sigv4")) {
+                schemeId = "aws.auth#sigv4";
+            }
+            else {
+                throw new Error(`Unknown HttpAuthScheme found in '@smithy.rules#endpointRuleSet': '${name}'`);
+            }
+            const createOption = createHttpAuthOptionFunctions[schemeId];
+            if (!createOption) {
+                throw new Error(`Could not find HttpAuthOption create function for '${schemeId}'`);
+            }
+            const option = createOption(authParameters);
+            option.schemeId = schemeId;
+            option.signingProperties = { ...(option.signingProperties || {}), ...rest, ...properties };
+            options.push(option);
+        }
+        return options;
+    };
+    return endpointRuleSetHttpAuthSchemeProvider;
+};
+const _defaultSTSHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        case "AssumeRoleWithSAML": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
+            break;
+        }
+        case "AssumeRoleWithWebIdentity": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
+            break;
+        }
         default: {
             options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+            options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
         }
     }
     return options;
 };
+export const defaultSTSHttpAuthSchemeProvider = createEndpointRuleSetHttpAuthSchemeProvider(defaultEndpointResolver, _defaultSTSHttpAuthSchemeProvider, {
+    "aws.auth#sigv4": createAwsAuthSigv4HttpAuthOption,
+    "aws.auth#sigv4a": createAwsAuthSigv4aHttpAuthOption,
+    "smithy.api#noAuth": createSmithyApiNoAuthHttpAuthOption,
+});
 export const resolveStsAuthConfig = (input) => Object.assign(input, {
     stsClientCtor: STSClient,
 });
 export const resolveHttpAuthSchemeConfig = (config) => {
     const config_0 = resolveStsAuthConfig(config);
     const config_1 = resolveAwsSdkSigV4Config(config_0);
-    return Object.assign(config_1, {
+    const config_2 = resolveAwsSdkSigV4AConfig(config_1);
+    return Object.assign(config_2, {
         authSchemePreference: normalizeProvider(config.authSchemePreference ?? []),
     });
 };

package/node_modules/@aws-sdk/client-sts/dist-es/runtimeConfig.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import packageInfo from "../package.json";
 import { emitWarningIfUnsupportedVersion as awsCheckVersion } from "@aws-sdk/core/client";
-import { AwsSdkSigV4Signer, NODE_AUTH_SCHEME_PREFERENCE_OPTIONS } from "@aws-sdk/core/httpAuthSchemes";
+import { AwsSdkSigV4ASigner, AwsSdkSigV4Signer, NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, NODE_SIGV4A_CONFIG_OPTIONS, } from "@aws-sdk/core/httpAuthSchemes";
 import { defaultProvider as credentialDefaultProvider } from "@aws-sdk/credential-provider-node";
 import { createDefaultUserAgentProvider, NODE_APP_ID_CONFIG_OPTIONS } from "@aws-sdk/util-user-agent-node";
 import { NODE_REGION_CONFIG_FILE_OPTIONS, NODE_REGION_CONFIG_OPTIONS, NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, } from "@smithy/config-resolver";
@@ -39,6 +39,11 @@ export const getRuntimeConfig = (config) => {
                 identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4") || (async (idProps) => await credentialDefaultProvider(idProps?.__config || {})()),
                 signer: new AwsSdkSigV4Signer(),
             },
+            {
+                schemeId: "aws.auth#sigv4a",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4a"),
+                signer: new AwsSdkSigV4ASigner(),
+            },
             {
                 schemeId: "smithy.api#noAuth",
                 identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
@@ -54,6 +59,7 @@ export const getRuntimeConfig = (config) => {
                 default: async () => (await defaultConfigProvider()).retryMode || DEFAULT_RETRY_MODE,
             }, config),
         sha256: config?.sha256 ?? Hash.bind(null, "sha256"),
+        sigv4aSigningRegionSet: config?.sigv4aSigningRegionSet ?? loadNodeConfig(NODE_SIGV4A_CONFIG_OPTIONS, loaderConfig),
         streamCollector: config?.streamCollector ?? streamCollector,
         useDualstackEndpoint: config?.useDualstackEndpoint ?? loadNodeConfig(NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
         useFipsEndpoint: config?.useFipsEndpoint ?? loadNodeConfig(NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, loaderConfig),

package/node_modules/@aws-sdk/client-sts/dist-es/runtimeConfig.shared.js CHANGED Viewed

@@ -1,5 +1,6 @@
-import { AwsSdkSigV4Signer } from "@aws-sdk/core/httpAuthSchemes";
+import { AwsSdkSigV4ASigner, AwsSdkSigV4Signer } from "@aws-sdk/core/httpAuthSchemes";
 import { AwsQueryProtocol } from "@aws-sdk/core/protocols";
+import { SignatureV4MultiRegion } from "@aws-sdk/signature-v4-multi-region";
 import { NoAuthSigner } from "@smithy/core";
 import { NoOpLogger } from "@smithy/smithy-client";
 import { parseUrl } from "@smithy/url-parser";
@@ -23,6 +24,11 @@ export const getRuntimeConfig = (config) => {
                 identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
                 signer: new AwsSdkSigV4Signer(),
             },
+            {
+                schemeId: "aws.auth#sigv4a",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4a"),
+                signer: new AwsSdkSigV4ASigner(),
+            },
             {
                 schemeId: "smithy.api#noAuth",
                 identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
@@ -39,6 +45,7 @@ export const getRuntimeConfig = (config) => {
             serviceTarget: "AWSSecurityTokenServiceV20110615",
         },
         serviceId: config?.serviceId ?? "STS",
+        signerConstructor: config?.signerConstructor ?? SignatureV4MultiRegion,
         urlParser: config?.urlParser ?? parseUrl,
         utf8Decoder: config?.utf8Decoder ?? fromUtf8,
         utf8Encoder: config?.utf8Encoder ?? toUtf8,