@cdklabs/cdk-ecs-codedeploy 0.0.245 → 0.0.247

package/node_modules/@aws-sdk/client-sts/dist-es/defaultStsRoleAssumers.js

@@ -1,18 +1,18 @@
+import { partition } from "@aws-sdk/util-endpoints";
 import { AssumeRoleCommand } from "./commands/AssumeRoleCommand";
 import { AssumeRoleWithWebIdentityCommand, } from "./commands/AssumeRoleWithWebIdentityCommand";
 const ASSUME_ROLE_DEFAULT_REGION = "us-east-1";
-const decorateDefaultRegion = (region) => {
-    if (typeof region !== "function") {
-        return region === undefined ? ASSUME_ROLE_DEFAULT_REGION : region;
+const resolveRegion = async (_region, _parentRegion, credentialProviderLogger) => {
+    const region = typeof _region === "function" ? await _region() : _region;
+    const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion;
+    if (!parentRegion || partition(parentRegion).name === "aws") {
+        credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (provider)`, `${ASSUME_ROLE_DEFAULT_REGION} (STS default)`);
+        return region ?? ASSUME_ROLE_DEFAULT_REGION;
+    }
+    else {
+        credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (provider)`, `${parentRegion} (parent client)`, `${ASSUME_ROLE_DEFAULT_REGION} (STS default)`);
+        return region ?? parentRegion ?? ASSUME_ROLE_DEFAULT_REGION;
     }
-    return async () => {
-        try {
-            return await region();
-        }
-        catch (e) {
-            return ASSUME_ROLE_DEFAULT_REGION;
-        }
-    };
 };
 export const getDefaultRoleAssumer = (stsOptions, stsClientCtor) => {
     let stsClient;
@@ -20,11 +20,12 @@ export const getDefaultRoleAssumer = (stsOptions, stsClientCtor) => {
     return async (sourceCreds, params) => {
         closureSourceCreds = sourceCreds;
         if (!stsClient) {
-            const { logger, region, requestHandler } = stsOptions;
+            const { logger, region, requestHandler, credentialProviderLogger } = stsOptions;
+            const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger);
             stsClient = new stsClientCtor({
                 logger,
                 credentialDefaultProvider: () => async () => closureSourceCreds,
-                region: decorateDefaultRegion(region || stsOptions.region),
+                region: resolvedRegion,
                 ...(requestHandler ? { requestHandler } : {}),
             });
         }
@@ -45,10 +46,11 @@ export const getDefaultRoleAssumerWithWebIdentity = (stsOptions, stsClientCtor)
     let stsClient;
     return async (params) => {
         if (!stsClient) {
-            const { logger, region, requestHandler } = stsOptions;
+            const { logger, region, requestHandler, credentialProviderLogger } = stsOptions;
+            const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger);
             stsClient = new stsClientCtor({
                 logger,
-                region: decorateDefaultRegion(region || stsOptions.region),
+                region: resolvedRegion,
                 ...(requestHandler ? { requestHandler } : {}),
             });
         }

package/node_modules/@aws-sdk/client-sts/dist-types/defaultRoleAssumers.d.ts

@@ -1,14 +1,14 @@
 import { Pluggable } from "@smithy/types";
-import { DefaultCredentialProvider, RoleAssumer, RoleAssumerWithWebIdentity } from "./defaultStsRoleAssumers";
-import { ServiceInputTypes, ServiceOutputTypes, STSClientConfig } from "./STSClient";
+import { DefaultCredentialProvider, RoleAssumer, RoleAssumerWithWebIdentity, STSRoleAssumerOptions } from "./defaultStsRoleAssumers";
+import { ServiceInputTypes, ServiceOutputTypes } from "./STSClient";
 /**
  * The default role assumer that used by credential providers when sts:AssumeRole API is needed.
  */
-export declare const getDefaultRoleAssumer: (stsOptions?: Pick<STSClientConfig, "logger" | "region" | "requestHandler">, stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]) => RoleAssumer;
+export declare const getDefaultRoleAssumer: (stsOptions?: STSRoleAssumerOptions, stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]) => RoleAssumer;
 /**
  * The default role assumer that used by credential providers when sts:AssumeRoleWithWebIdentity API is needed.
  */
-export declare const getDefaultRoleAssumerWithWebIdentity: (stsOptions?: Pick<STSClientConfig, "logger" | "region" | "requestHandler">, stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]) => RoleAssumerWithWebIdentity;
+export declare const getDefaultRoleAssumerWithWebIdentity: (stsOptions?: STSRoleAssumerOptions, stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]) => RoleAssumerWithWebIdentity;
 /**
  * The default credential providers depend STS client to assume role with desired API: sts:assumeRole,
  * sts:assumeRoleWithWebIdentity, etc. This function decorates the default credential provider with role assumers which

package/node_modules/@aws-sdk/client-sts/dist-types/defaultStsRoleAssumers.d.ts

@@ -1,7 +1,15 @@
-import { AwsCredentialIdentity, Provider } from "@smithy/types";
+import type { CredentialProviderOptions } from "@aws-sdk/types";
+import { AwsCredentialIdentity, Logger, Provider } from "@smithy/types";
 import { AssumeRoleCommandInput } from "./commands/AssumeRoleCommand";
 import { AssumeRoleWithWebIdentityCommandInput } from "./commands/AssumeRoleWithWebIdentityCommand";
 import type { STSClient, STSClientConfig } from "./STSClient";
+/**
+ * @public
+ */
+export type STSRoleAssumerOptions = Pick<STSClientConfig, "logger" | "region" | "requestHandler"> & {
+    credentialProviderLogger?: Logger;
+    parentClientConfig?: CredentialProviderOptions["parentClientConfig"];
+};
 /**
  * @internal
  */
@@ -10,7 +18,7 @@ export type RoleAssumer = (sourceCreds: AwsCredentialIdentity, params: AssumeRol
  * The default role assumer that used by credential providers when sts:AssumeRole API is needed.
  * @internal
  */
-export declare const getDefaultRoleAssumer: (stsOptions: Pick<STSClientConfig, "logger" | "region" | "requestHandler">, stsClientCtor: new (options: STSClientConfig) => STSClient) => RoleAssumer;
+export declare const getDefaultRoleAssumer: (stsOptions: STSRoleAssumerOptions, stsClientCtor: new (options: STSClientConfig) => STSClient) => RoleAssumer;
 /**
  * @internal
  */
@@ -19,7 +27,7 @@ export type RoleAssumerWithWebIdentity = (params: AssumeRoleWithWebIdentityComma
  * The default role assumer that used by credential providers when sts:AssumeRoleWithWebIdentity API is needed.
  * @internal
  */
-export declare const getDefaultRoleAssumerWithWebIdentity: (stsOptions: Pick<STSClientConfig, "logger" | "region" | "requestHandler">, stsClientCtor: new (options: STSClientConfig) => STSClient) => RoleAssumerWithWebIdentity;
+export declare const getDefaultRoleAssumerWithWebIdentity: (stsOptions: STSRoleAssumerOptions, stsClientCtor: new (options: STSClientConfig) => STSClient) => RoleAssumerWithWebIdentity;
 /**
  * @internal
  */

package/node_modules/@aws-sdk/client-sts/dist-types/ts3.4/defaultRoleAssumers.d.ts

@@ -3,18 +3,15 @@ import {
   DefaultCredentialProvider,
   RoleAssumer,
   RoleAssumerWithWebIdentity,
+  STSRoleAssumerOptions,
 } from "./defaultStsRoleAssumers";
-import {
-  ServiceInputTypes,
-  ServiceOutputTypes,
-  STSClientConfig,
-} from "./STSClient";
+import { ServiceInputTypes, ServiceOutputTypes } from "./STSClient";
 export declare const getDefaultRoleAssumer: (
-  stsOptions?: Pick<STSClientConfig, "logger" | "region" | "requestHandler">,
+  stsOptions?: STSRoleAssumerOptions,
   stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]
 ) => RoleAssumer;
 export declare const getDefaultRoleAssumerWithWebIdentity: (
-  stsOptions?: Pick<STSClientConfig, "logger" | "region" | "requestHandler">,
+  stsOptions?: STSRoleAssumerOptions,
   stsPlugins?: Pluggable<ServiceInputTypes, ServiceOutputTypes>[]
 ) => RoleAssumerWithWebIdentity;
 export declare const decorateDefaultCredentialProvider: (

package/node_modules/@aws-sdk/client-sts/dist-types/ts3.4/defaultStsRoleAssumers.d.ts

@@ -1,20 +1,28 @@
-import { AwsCredentialIdentity, Provider } from "@smithy/types";
+import { CredentialProviderOptions } from "@aws-sdk/types";
+import { AwsCredentialIdentity, Logger, Provider } from "@smithy/types";
 import { AssumeRoleCommandInput } from "./commands/AssumeRoleCommand";
 import { AssumeRoleWithWebIdentityCommandInput } from "./commands/AssumeRoleWithWebIdentityCommand";
 import { STSClient, STSClientConfig } from "./STSClient";
+export type STSRoleAssumerOptions = Pick<
+  STSClientConfig,
+  "logger" | "region" | "requestHandler"
+> & {
+  credentialProviderLogger?: Logger;
+  parentClientConfig?: CredentialProviderOptions["parentClientConfig"];
+};
 export type RoleAssumer = (
   sourceCreds: AwsCredentialIdentity,
   params: AssumeRoleCommandInput
 ) => Promise<AwsCredentialIdentity>;
 export declare const getDefaultRoleAssumer: (
-  stsOptions: Pick<STSClientConfig, "logger" | "region" | "requestHandler">,
+  stsOptions: STSRoleAssumerOptions,
   stsClientCtor: new (options: STSClientConfig) => STSClient
 ) => RoleAssumer;
 export type RoleAssumerWithWebIdentity = (
   params: AssumeRoleWithWebIdentityCommandInput
 ) => Promise<AwsCredentialIdentity>;
 export declare const getDefaultRoleAssumerWithWebIdentity: (
-  stsOptions: Pick<STSClientConfig, "logger" | "region" | "requestHandler">,
+  stsOptions: STSRoleAssumerOptions,
   stsClientCtor: new (options: STSClientConfig) => STSClient
 ) => RoleAssumerWithWebIdentity;
 export type DefaultCredentialProvider = (

package/node_modules/@aws-sdk/client-sts/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-sts",
   "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native",
-  "version": "3.507.0",
+  "version": "3.511.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-sts",
@@ -22,16 +22,16 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "3.0.0",
     "@aws-crypto/sha256-js": "3.0.0",
-    "@aws-sdk/core": "3.496.0",
-    "@aws-sdk/middleware-host-header": "3.502.0",
-    "@aws-sdk/middleware-logger": "3.502.0",
-    "@aws-sdk/middleware-recursion-detection": "3.502.0",
-    "@aws-sdk/middleware-user-agent": "3.502.0",
-    "@aws-sdk/region-config-resolver": "3.502.0",
-    "@aws-sdk/types": "3.502.0",
-    "@aws-sdk/util-endpoints": "3.502.0",
-    "@aws-sdk/util-user-agent-browser": "3.502.0",
-    "@aws-sdk/util-user-agent-node": "3.502.0",
+    "@aws-sdk/core": "3.511.0",
+    "@aws-sdk/middleware-host-header": "3.511.0",
+    "@aws-sdk/middleware-logger": "3.511.0",
+    "@aws-sdk/middleware-recursion-detection": "3.511.0",
+    "@aws-sdk/middleware-user-agent": "3.511.0",
+    "@aws-sdk/region-config-resolver": "3.511.0",
+    "@aws-sdk/types": "3.511.0",
+    "@aws-sdk/util-endpoints": "3.511.0",
+    "@aws-sdk/util-user-agent-browser": "3.511.0",
+    "@aws-sdk/util-user-agent-node": "3.511.0",
     "@smithy/config-resolver": "^2.1.1",
     "@smithy/core": "^1.3.1",
     "@smithy/fetch-http-handler": "^2.4.1",
@@ -88,7 +88,7 @@
   },
   "license": "Apache-2.0",
   "peerDependencies": {
-    "@aws-sdk/credential-provider-node": "^3.507.0"
+    "@aws-sdk/credential-provider-node": "^3.511.0"
   },
   "browser": {
     "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.browser"

package/node_modules/@aws-sdk/core/CHANGELOG.md

@@ -3,6 +3,17 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [3.511.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.510.0...v3.511.0) (2024-02-09)
+
+
+### Bug Fixes
+
+* **credential-provider-node:** pass client region to inner credential client region ([#5758](https://github.com/aws/aws-sdk-js-v3/issues/5758)) ([8c0b29e](https://github.com/aws/aws-sdk-js-v3/commit/8c0b29eabfe0ce8dbd2cbdcfb8b0a31b003bc3f2))
+
+
+
+
+
 # [3.496.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.495.0...v3.496.0) (2024-01-19)
 
 

package/node_modules/@aws-sdk/core/dist-cjs/index.js

@@ -154,7 +154,13 @@ var resolveAwsSdkSigV4Config = /* @__PURE__ */ __name((config) => {
   }
   if (!normalizedCreds) {
     if (config.credentialDefaultProvider) {
-      normalizedCreds = (0, import_core.normalizeProvider)(config.credentialDefaultProvider(config));
+      normalizedCreds = (0, import_core.normalizeProvider)(
+        config.credentialDefaultProvider(
+          Object.assign({}, config, {
+            parentClientConfig: config
+          })
+        )
+      );
     } else {
       normalizedCreds = /* @__PURE__ */ __name(async () => {
         throw new Error("`credentials` is missing");
@@ -303,14 +309,14 @@ var awsExpectUnion = /* @__PURE__ */ __name((value) => {
 // Annotate the CommonJS export names for ESM import in node:
 
 0 && (module.exports = {
-  AWSSDKSigV4Signer,
+  emitWarningIfUnsupportedVersion,
   AwsSdkSigV4Signer,
+  AWSSDKSigV4Signer,
+  resolveAwsSdkSigV4Config,
+  resolveAWSSDKSigV4Config,
+  _toStr,
   _toBool,
   _toNum,
-  _toStr,
-  awsExpectUnion,
-  emitWarningIfUnsupportedVersion,
-  resolveAWSSDKSigV4Config,
-  resolveAwsSdkSigV4Config
+  awsExpectUnion
 });
 

package/node_modules/@aws-sdk/core/dist-es/httpAuthSchemes/aws_sdk/resolveAwsSdkSigV4Config.js

@@ -7,10 +7,14 @@ export const resolveAwsSdkSigV4Config = (config) => {
     }
     if (!normalizedCreds) {
         if (config.credentialDefaultProvider) {
-            normalizedCreds = normalizeProvider(config.credentialDefaultProvider(config));
+            normalizedCreds = normalizeProvider(config.credentialDefaultProvider(Object.assign({}, config, {
+                parentClientConfig: config,
+            })));
         }
         else {
-            normalizedCreds = async () => { throw new Error("`credentials` is missing"); };
+            normalizedCreds = async () => {
+                throw new Error("`credentials` is missing");
+            };
         }
     }
     const { signingEscapePath = true, systemClockOffset = config.systemClockOffset || 0, sha256, } = config;

package/node_modules/@aws-sdk/core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/core",
-  "version": "3.496.0",
+  "version": "3.511.0",
   "description": "Core functions & classes shared by multiple AWS SDK clients",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/aws_sdk/resolveAwsSdkSigV4Config.ts

@@ -111,9 +111,17 @@ export const resolveAwsSdkSigV4Config = <T>(
     // credentialDefaultProvider should always be populated, but in case
     // it isn't, set a default identity provider that throws an error
     if (config.credentialDefaultProvider) {
-      normalizedCreds = normalizeProvider(config.credentialDefaultProvider(config as any));
+      normalizedCreds = normalizeProvider(
+        config.credentialDefaultProvider(
+          Object.assign({}, config as any, {
+            parentClientConfig: config,
+          })
+        )
+      );
     } else {
-      normalizedCreds = async () => { throw new Error("`credentials` is missing") };
+      normalizedCreds = async () => {
+        throw new Error("`credentials` is missing");
+      };
     }
   }