@etainabl/nodejs-sdk 1.3.193 → 1.3.196

package/dist/esm/sts-VPLY2J63.js

@@ -1,1169 +0,0 @@
-import {
-  parseXmlBody,
-  parseXmlErrorBody
-} from "./chunk-MCSCBMNG.js";
-import {
-  parseRfc3339DateTimeWithOffset
-} from "./chunk-YLT3BSXS.js";
-import {
-  createAggregatedClient,
-  package_default
-} from "./chunk-7QBJXGSP.js";
-import {
-  NoAuthSigner
-} from "./chunk-UQAJZJ7E.js";
-import {
-  AwsSdkSigV4Signer,
-  Client,
-  Command,
-  DEFAULT_RETRY_MODE,
-  DefaultIdentityProviderConfig,
-  EndpointCache,
-  Hash,
-  NODE_APP_ID_CONFIG_OPTIONS,
-  NODE_AUTH_SCHEME_PREFERENCE_OPTIONS,
-  NODE_MAX_ATTEMPT_CONFIG_OPTIONS,
-  NODE_REGION_CONFIG_FILE_OPTIONS,
-  NODE_REGION_CONFIG_OPTIONS,
-  NODE_RETRY_MODE_CONFIG_OPTIONS,
-  NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS,
-  NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS,
-  NoOpLogger,
-  SENSITIVE_STRING,
-  ServiceException,
-  awsEndpointFunctions,
-  calculateBodyLength,
-  createDefaultUserAgentProvider,
-  customEndpointFunctions,
-  decorateServiceException,
-  emitWarningIfUnsupportedVersion,
-  emitWarningIfUnsupportedVersion2,
-  extendedEncodeURIComponent,
-  getAwsRegionExtensionConfiguration,
-  getContentLengthPlugin,
-  getDefaultExtensionConfiguration,
-  getEndpointPlugin,
-  getHostHeaderPlugin,
-  getHttpAuthSchemeEndpointRuleSetPlugin,
-  getHttpHandlerExtensionConfiguration,
-  getHttpSigningPlugin,
-  getLoggerPlugin,
-  getRecursionDetectionPlugin,
-  getRetryPlugin,
-  getSerdePlugin,
-  getSmithyContext,
-  getUserAgentPlugin,
-  loadConfigsForDefaultMode,
-  normalizeProvider,
-  resolveAwsRegionExtensionConfiguration,
-  resolveAwsSdkSigV4Config,
-  resolveDefaultRuntimeConfig,
-  resolveDefaultsModeConfig,
-  resolveEndpoint,
-  resolveEndpointConfig,
-  resolveHostHeaderConfig,
-  resolveHttpHandlerRuntimeConfig,
-  resolveRegionConfig,
-  resolveRetryConfig,
-  resolveUserAgentConfig,
-  withBaseException
-} from "./chunk-4QSQRVYQ.js";
-import {
-  loadConfig,
-  parseUrl
-} from "./chunk-3G3VXGQN.js";
-import "./chunk-4JDZJVKZ.js";
-import {
-  HttpRequest,
-  NodeHttpHandler,
-  expectNonNull,
-  expectString,
-  fromBase64,
-  streamCollector,
-  strictParseInt32,
-  toBase64
-} from "./chunk-D74LA2XQ.js";
-import {
-  fromUtf8,
-  toUtf8
-} from "./chunk-Z63CAAFL.js";
-import "./chunk-CRX53WMM.js";
-import {
-  setCredentialFeature
-} from "./chunk-UZGMBQZB.js";
-import "./chunk-IX2LY325.js";
-import "./chunk-G3PMV62Z.js";
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/auth/httpAuthSchemeProvider.js
-var defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
-  return {
-    operation: getSmithyContext(context).operation,
-    region: await normalizeProvider(config.region)() || (() => {
-      throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
-    })()
-  };
-};
-function createAwsAuthSigv4HttpAuthOption(authParameters) {
-  return {
-    schemeId: "aws.auth#sigv4",
-    signingProperties: {
-      name: "sts",
-      region: authParameters.region
-    },
-    propertiesExtractor: (config, context) => ({
-      signingProperties: {
-        config,
-        context
-      }
-    })
-  };
-}
-function createSmithyApiNoAuthHttpAuthOption(authParameters) {
-  return {
-    schemeId: "smithy.api#noAuth"
-  };
-}
-var defaultSTSHttpAuthSchemeProvider = (authParameters) => {
-  const options = [];
-  switch (authParameters.operation) {
-    case "AssumeRoleWithWebIdentity": {
-      options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
-      break;
-    }
-    default: {
-      options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
-    }
-  }
-  return options;
-};
-var resolveStsAuthConfig = (input) => Object.assign(input, {
-  stsClientCtor: STSClient
-});
-var resolveHttpAuthSchemeConfig = (config) => {
-  const config_0 = resolveStsAuthConfig(config);
-  const config_1 = resolveAwsSdkSigV4Config(config_0);
-  return Object.assign(config_1, {
-    authSchemePreference: normalizeProvider(config.authSchemePreference ?? [])
-  });
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/endpoint/EndpointParameters.js
-var resolveClientEndpointParameters = (options) => {
-  return Object.assign(options, {
-    useDualstackEndpoint: options.useDualstackEndpoint ?? false,
-    useFipsEndpoint: options.useFipsEndpoint ?? false,
-    useGlobalEndpoint: options.useGlobalEndpoint ?? false,
-    defaultSigningName: "sts"
-  });
-};
-var commonParams = {
-  UseGlobalEndpoint: { type: "builtInParams", name: "useGlobalEndpoint" },
-  UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
-  Endpoint: { type: "builtInParams", name: "endpoint" },
-  Region: { type: "builtInParams", name: "region" },
-  UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/endpoint/ruleset.js
-var F = "required";
-var G = "type";
-var H = "fn";
-var I = "argv";
-var J = "ref";
-var a = false;
-var b = true;
-var c = "booleanEquals";
-var d = "stringEquals";
-var e = "sigv4";
-var f = "sts";
-var g = "us-east-1";
-var h = "endpoint";
-var i = "https://sts.{Region}.{PartitionResult#dnsSuffix}";
-var j = "tree";
-var k = "error";
-var l = "getAttr";
-var m = { [F]: false, [G]: "String" };
-var n = { [F]: true, "default": false, [G]: "Boolean" };
-var o = { [J]: "Endpoint" };
-var p = { [H]: "isSet", [I]: [{ [J]: "Region" }] };
-var q = { [J]: "Region" };
-var r = { [H]: "aws.partition", [I]: [q], "assign": "PartitionResult" };
-var s = { [J]: "UseFIPS" };
-var t = { [J]: "UseDualStack" };
-var u = { "url": "https://sts.amazonaws.com", "properties": { "authSchemes": [{ "name": e, "signingName": f, "signingRegion": g }] }, "headers": {} };
-var v = {};
-var w = { "conditions": [{ [H]: d, [I]: [q, "aws-global"] }], [h]: u, [G]: h };
-var x = { [H]: c, [I]: [s, true] };
-var y = { [H]: c, [I]: [t, true] };
-var z = { [H]: l, [I]: [{ [J]: "PartitionResult" }, "supportsFIPS"] };
-var A = { [J]: "PartitionResult" };
-var B = { [H]: c, [I]: [true, { [H]: l, [I]: [A, "supportsDualStack"] }] };
-var C = [{ [H]: "isSet", [I]: [o] }];
-var D = [x];
-var E = [y];
-var _data = { version: "1.0", parameters: { Region: m, UseDualStack: n, UseFIPS: n, Endpoint: m, UseGlobalEndpoint: n }, rules: [{ conditions: [{ [H]: c, [I]: [{ [J]: "UseGlobalEndpoint" }, b] }, { [H]: "not", [I]: C }, p, r, { [H]: c, [I]: [s, a] }, { [H]: c, [I]: [t, a] }], rules: [{ conditions: [{ [H]: d, [I]: [q, "ap-northeast-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "ap-south-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "ap-southeast-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "ap-southeast-2"] }], endpoint: u, [G]: h }, w, { conditions: [{ [H]: d, [I]: [q, "ca-central-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "eu-central-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "eu-north-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "eu-west-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "eu-west-2"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "eu-west-3"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "sa-east-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, g] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "us-east-2"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "us-west-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "us-west-2"] }], endpoint: u, [G]: h }, { endpoint: { url: i, properties: { authSchemes: [{ name: e, signingName: f, signingRegion: "{Region}" }] }, headers: v }, [G]: h }], [G]: j }, { conditions: C, rules: [{ conditions: D, error: "Invalid Configuration: FIPS and custom endpoint are not supported", [G]: k }, { conditions: E, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", [G]: k }, { endpoint: { url: o, properties: v, headers: v }, [G]: h }], [G]: j }, { conditions: [p], rules: [{ conditions: [r], rules: [{ conditions: [x, y], rules: [{ conditions: [{ [H]: c, [I]: [b, z] }, B], rules: [{ endpoint: { url: "https://sts-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: v, headers: v }, [G]: h }], [G]: j }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", [G]: k }], [G]: j }, { conditions: D, rules: [{ conditions: [{ [H]: c, [I]: [z, b] }], rules: [{ conditions: [{ [H]: d, [I]: [{ [H]: l, [I]: [A, "name"] }, "aws-us-gov"] }], endpoint: { url: "https://sts.{Region}.amazonaws.com", properties: v, headers: v }, [G]: h }, { endpoint: { url: "https://sts-fips.{Region}.{PartitionResult#dnsSuffix}", properties: v, headers: v }, [G]: h }], [G]: j }, { error: "FIPS is enabled but this partition does not support FIPS", [G]: k }], [G]: j }, { conditions: E, rules: [{ conditions: [B], rules: [{ endpoint: { url: "https://sts.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: v, headers: v }, [G]: h }], [G]: j }, { error: "DualStack is enabled but this partition does not support DualStack", [G]: k }], [G]: j }, w, { endpoint: { url: i, properties: v, headers: v }, [G]: h }], [G]: j }], [G]: j }, { error: "Invalid Configuration: Missing Region", [G]: k }] };
-var ruleSet = _data;
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/endpoint/endpointResolver.js
-var cache = new EndpointCache({
-  size: 50,
-  params: ["Endpoint", "Region", "UseDualStack", "UseFIPS", "UseGlobalEndpoint"]
-});
-var defaultEndpointResolver = (endpointParams, context = {}) => {
-  return cache.get(endpointParams, () => resolveEndpoint(ruleSet, {
-    endpointParams,
-    logger: context.logger
-  }));
-};
-customEndpointFunctions.aws = awsEndpointFunctions;
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/runtimeConfig.shared.js
-var getRuntimeConfig = (config) => {
-  return {
-    apiVersion: "2011-06-15",
-    base64Decoder: config?.base64Decoder ?? fromBase64,
-    base64Encoder: config?.base64Encoder ?? toBase64,
-    disableHostPrefix: config?.disableHostPrefix ?? false,
-    endpointProvider: config?.endpointProvider ?? defaultEndpointResolver,
-    extensions: config?.extensions ?? [],
-    httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSTSHttpAuthSchemeProvider,
-    httpAuthSchemes: config?.httpAuthSchemes ?? [
-      {
-        schemeId: "aws.auth#sigv4",
-        identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
-        signer: new AwsSdkSigV4Signer()
-      },
-      {
-        schemeId: "smithy.api#noAuth",
-        identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
-        signer: new NoAuthSigner()
-      }
-    ],
-    logger: config?.logger ?? new NoOpLogger(),
-    serviceId: config?.serviceId ?? "STS",
-    urlParser: config?.urlParser ?? parseUrl,
-    utf8Decoder: config?.utf8Decoder ?? fromUtf8,
-    utf8Encoder: config?.utf8Encoder ?? toUtf8
-  };
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/runtimeConfig.js
-var getRuntimeConfig2 = (config) => {
-  emitWarningIfUnsupportedVersion(process.version);
-  const defaultsMode = resolveDefaultsModeConfig(config);
-  const defaultConfigProvider = () => defaultsMode().then(loadConfigsForDefaultMode);
-  const clientSharedValues = getRuntimeConfig(config);
-  emitWarningIfUnsupportedVersion2(process.version);
-  const loaderConfig = {
-    profile: config?.profile,
-    logger: clientSharedValues.logger
-  };
-  return {
-    ...clientSharedValues,
-    ...config,
-    runtime: "node",
-    defaultsMode,
-    authSchemePreference: config?.authSchemePreference ?? loadConfig(NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, loaderConfig),
-    bodyLengthChecker: config?.bodyLengthChecker ?? calculateBodyLength,
-    defaultUserAgentProvider: config?.defaultUserAgentProvider ?? createDefaultUserAgentProvider({ serviceId: clientSharedValues.serviceId, clientVersion: package_default.version }),
-    httpAuthSchemes: config?.httpAuthSchemes ?? [
-      {
-        schemeId: "aws.auth#sigv4",
-        identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4") || (async (idProps) => await config.credentialDefaultProvider(idProps?.__config || {})()),
-        signer: new AwsSdkSigV4Signer()
-      },
-      {
-        schemeId: "smithy.api#noAuth",
-        identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
-        signer: new NoAuthSigner()
-      }
-    ],
-    maxAttempts: config?.maxAttempts ?? loadConfig(NODE_MAX_ATTEMPT_CONFIG_OPTIONS, config),
-    region: config?.region ?? loadConfig(NODE_REGION_CONFIG_OPTIONS, { ...NODE_REGION_CONFIG_FILE_OPTIONS, ...loaderConfig }),
-    requestHandler: NodeHttpHandler.create(config?.requestHandler ?? defaultConfigProvider),
-    retryMode: config?.retryMode ?? loadConfig({
-      ...NODE_RETRY_MODE_CONFIG_OPTIONS,
-      default: async () => (await defaultConfigProvider()).retryMode || DEFAULT_RETRY_MODE
-    }, config),
-    sha256: config?.sha256 ?? Hash.bind(null, "sha256"),
-    streamCollector: config?.streamCollector ?? streamCollector,
-    useDualstackEndpoint: config?.useDualstackEndpoint ?? loadConfig(NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
-    useFipsEndpoint: config?.useFipsEndpoint ?? loadConfig(NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
-    userAgentAppId: config?.userAgentAppId ?? loadConfig(NODE_APP_ID_CONFIG_OPTIONS, loaderConfig)
-  };
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/auth/httpAuthExtensionConfiguration.js
-var getHttpAuthExtensionConfiguration = (runtimeConfig) => {
-  const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
-  let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
-  let _credentials = runtimeConfig.credentials;
-  return {
-    setHttpAuthScheme(httpAuthScheme) {
-      const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
-      if (index === -1) {
-        _httpAuthSchemes.push(httpAuthScheme);
-      } else {
-        _httpAuthSchemes.splice(index, 1, httpAuthScheme);
-      }
-    },
-    httpAuthSchemes() {
-      return _httpAuthSchemes;
-    },
-    setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
-      _httpAuthSchemeProvider = httpAuthSchemeProvider;
-    },
-    httpAuthSchemeProvider() {
-      return _httpAuthSchemeProvider;
-    },
-    setCredentials(credentials) {
-      _credentials = credentials;
-    },
-    credentials() {
-      return _credentials;
-    }
-  };
-};
-var resolveHttpAuthRuntimeConfig = (config) => {
-  return {
-    httpAuthSchemes: config.httpAuthSchemes(),
-    httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
-    credentials: config.credentials()
-  };
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/runtimeExtensions.js
-var resolveRuntimeExtensions = (runtimeConfig, extensions) => {
-  const extensionConfiguration = Object.assign(getAwsRegionExtensionConfiguration(runtimeConfig), getDefaultExtensionConfiguration(runtimeConfig), getHttpHandlerExtensionConfiguration(runtimeConfig), getHttpAuthExtensionConfiguration(runtimeConfig));
-  extensions.forEach((extension) => extension.configure(extensionConfiguration));
-  return Object.assign(runtimeConfig, resolveAwsRegionExtensionConfiguration(extensionConfiguration), resolveDefaultRuntimeConfig(extensionConfiguration), resolveHttpHandlerRuntimeConfig(extensionConfiguration), resolveHttpAuthRuntimeConfig(extensionConfiguration));
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/STSClient.js
-var STSClient = class extends Client {
-  config;
-  constructor(...[configuration]) {
-    const _config_0 = getRuntimeConfig2(configuration || {});
-    super(_config_0);
-    this.initConfig = _config_0;
-    const _config_1 = resolveClientEndpointParameters(_config_0);
-    const _config_2 = resolveUserAgentConfig(_config_1);
-    const _config_3 = resolveRetryConfig(_config_2);
-    const _config_4 = resolveRegionConfig(_config_3);
-    const _config_5 = resolveHostHeaderConfig(_config_4);
-    const _config_6 = resolveEndpointConfig(_config_5);
-    const _config_7 = resolveHttpAuthSchemeConfig(_config_6);
-    const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
-    this.config = _config_8;
-    this.middlewareStack.use(getUserAgentPlugin(this.config));
-    this.middlewareStack.use(getRetryPlugin(this.config));
-    this.middlewareStack.use(getContentLengthPlugin(this.config));
-    this.middlewareStack.use(getHostHeaderPlugin(this.config));
-    this.middlewareStack.use(getLoggerPlugin(this.config));
-    this.middlewareStack.use(getRecursionDetectionPlugin(this.config));
-    this.middlewareStack.use(getHttpAuthSchemeEndpointRuleSetPlugin(this.config, {
-      httpAuthSchemeParametersProvider: defaultSTSHttpAuthSchemeParametersProvider,
-      identityProviderConfigProvider: async (config) => new DefaultIdentityProviderConfig({
-        "aws.auth#sigv4": config.credentials
-      })
-    }));
-    this.middlewareStack.use(getHttpSigningPlugin(this.config));
-  }
-  destroy() {
-    super.destroy();
-  }
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/models/STSServiceException.js
-var STSServiceException = class _STSServiceException extends ServiceException {
-  constructor(options) {
-    super(options);
-    Object.setPrototypeOf(this, _STSServiceException.prototype);
-  }
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/models/models_0.js
-var CredentialsFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.SecretAccessKey && { SecretAccessKey: SENSITIVE_STRING }
-});
-var AssumeRoleResponseFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }
-});
-var ExpiredTokenException = class _ExpiredTokenException extends STSServiceException {
-  name = "ExpiredTokenException";
-  $fault = "client";
-  constructor(opts) {
-    super({
-      name: "ExpiredTokenException",
-      $fault: "client",
-      ...opts
-    });
-    Object.setPrototypeOf(this, _ExpiredTokenException.prototype);
-  }
-};
-var MalformedPolicyDocumentException = class _MalformedPolicyDocumentException extends STSServiceException {
-  name = "MalformedPolicyDocumentException";
-  $fault = "client";
-  constructor(opts) {
-    super({
-      name: "MalformedPolicyDocumentException",
-      $fault: "client",
-      ...opts
-    });
-    Object.setPrototypeOf(this, _MalformedPolicyDocumentException.prototype);
-  }
-};
-var PackedPolicyTooLargeException = class _PackedPolicyTooLargeException extends STSServiceException {
-  name = "PackedPolicyTooLargeException";
-  $fault = "client";
-  constructor(opts) {
-    super({
-      name: "PackedPolicyTooLargeException",
-      $fault: "client",
-      ...opts
-    });
-    Object.setPrototypeOf(this, _PackedPolicyTooLargeException.prototype);
-  }
-};
-var RegionDisabledException = class _RegionDisabledException extends STSServiceException {
-  name = "RegionDisabledException";
-  $fault = "client";
-  constructor(opts) {
-    super({
-      name: "RegionDisabledException",
-      $fault: "client",
-      ...opts
-    });
-    Object.setPrototypeOf(this, _RegionDisabledException.prototype);
-  }
-};
-var IDPRejectedClaimException = class _IDPRejectedClaimException extends STSServiceException {
-  name = "IDPRejectedClaimException";
-  $fault = "client";
-  constructor(opts) {
-    super({
-      name: "IDPRejectedClaimException",
-      $fault: "client",
-      ...opts
-    });
-    Object.setPrototypeOf(this, _IDPRejectedClaimException.prototype);
-  }
-};
-var InvalidIdentityTokenException = class _InvalidIdentityTokenException extends STSServiceException {
-  name = "InvalidIdentityTokenException";
-  $fault = "client";
-  constructor(opts) {
-    super({
-      name: "InvalidIdentityTokenException",
-      $fault: "client",
-      ...opts
-    });
-    Object.setPrototypeOf(this, _InvalidIdentityTokenException.prototype);
-  }
-};
-var AssumeRoleWithWebIdentityRequestFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.WebIdentityToken && { WebIdentityToken: SENSITIVE_STRING }
-});
-var AssumeRoleWithWebIdentityResponseFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }
-});
-var IDPCommunicationErrorException = class _IDPCommunicationErrorException extends STSServiceException {
-  name = "IDPCommunicationErrorException";
-  $fault = "client";
-  constructor(opts) {
-    super({
-      name: "IDPCommunicationErrorException",
-      $fault: "client",
-      ...opts
-    });
-    Object.setPrototypeOf(this, _IDPCommunicationErrorException.prototype);
-  }
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/protocols/Aws_query.js
-var se_AssumeRoleCommand = async (input, context) => {
-  const headers = SHARED_HEADERS;
-  let body;
-  body = buildFormUrlencodedString({
-    ...se_AssumeRoleRequest(input, context),
-    [_A]: _AR,
-    [_V]: _
-  });
-  return buildHttpRpcRequest(context, headers, "/", void 0, body);
-};
-var se_AssumeRoleWithWebIdentityCommand = async (input, context) => {
-  const headers = SHARED_HEADERS;
-  let body;
-  body = buildFormUrlencodedString({
-    ...se_AssumeRoleWithWebIdentityRequest(input, context),
-    [_A]: _ARWWI,
-    [_V]: _
-  });
-  return buildHttpRpcRequest(context, headers, "/", void 0, body);
-};
-var de_AssumeRoleCommand = async (output, context) => {
-  if (output.statusCode >= 300) {
-    return de_CommandError(output, context);
-  }
-  const data = await parseXmlBody(output.body, context);
-  let contents = {};
-  contents = de_AssumeRoleResponse(data.AssumeRoleResult, context);
-  const response = {
-    $metadata: deserializeMetadata(output),
-    ...contents
-  };
-  return response;
-};
-var de_AssumeRoleWithWebIdentityCommand = async (output, context) => {
-  if (output.statusCode >= 300) {
-    return de_CommandError(output, context);
-  }
-  const data = await parseXmlBody(output.body, context);
-  let contents = {};
-  contents = de_AssumeRoleWithWebIdentityResponse(data.AssumeRoleWithWebIdentityResult, context);
-  const response = {
-    $metadata: deserializeMetadata(output),
-    ...contents
-  };
-  return response;
-};
-var de_CommandError = async (output, context) => {
-  const parsedOutput = {
-    ...output,
-    body: await parseXmlErrorBody(output.body, context)
-  };
-  const errorCode = loadQueryErrorCode(output, parsedOutput.body);
-  switch (errorCode) {
-    case "ExpiredTokenException":
-    case "com.amazonaws.sts#ExpiredTokenException":
-      throw await de_ExpiredTokenExceptionRes(parsedOutput, context);
-    case "MalformedPolicyDocument":
-    case "com.amazonaws.sts#MalformedPolicyDocumentException":
-      throw await de_MalformedPolicyDocumentExceptionRes(parsedOutput, context);
-    case "PackedPolicyTooLarge":
-    case "com.amazonaws.sts#PackedPolicyTooLargeException":
-      throw await de_PackedPolicyTooLargeExceptionRes(parsedOutput, context);
-    case "RegionDisabledException":
-    case "com.amazonaws.sts#RegionDisabledException":
-      throw await de_RegionDisabledExceptionRes(parsedOutput, context);
-    case "IDPCommunicationError":
-    case "com.amazonaws.sts#IDPCommunicationErrorException":
-      throw await de_IDPCommunicationErrorExceptionRes(parsedOutput, context);
-    case "IDPRejectedClaim":
-    case "com.amazonaws.sts#IDPRejectedClaimException":
-      throw await de_IDPRejectedClaimExceptionRes(parsedOutput, context);
-    case "InvalidIdentityToken":
-    case "com.amazonaws.sts#InvalidIdentityTokenException":
-      throw await de_InvalidIdentityTokenExceptionRes(parsedOutput, context);
-    default:
-      const parsedBody = parsedOutput.body;
-      return throwDefaultError({
-        output,
-        parsedBody: parsedBody.Error,
-        errorCode
-      });
-  }
-};
-var de_ExpiredTokenExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_ExpiredTokenException(body.Error, context);
-  const exception = new ExpiredTokenException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_IDPCommunicationErrorExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_IDPCommunicationErrorException(body.Error, context);
-  const exception = new IDPCommunicationErrorException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_IDPRejectedClaimExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_IDPRejectedClaimException(body.Error, context);
-  const exception = new IDPRejectedClaimException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_InvalidIdentityTokenExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_InvalidIdentityTokenException(body.Error, context);
-  const exception = new InvalidIdentityTokenException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_MalformedPolicyDocumentExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_MalformedPolicyDocumentException(body.Error, context);
-  const exception = new MalformedPolicyDocumentException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_PackedPolicyTooLargeExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_PackedPolicyTooLargeException(body.Error, context);
-  const exception = new PackedPolicyTooLargeException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_RegionDisabledExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_RegionDisabledException(body.Error, context);
-  const exception = new RegionDisabledException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var se_AssumeRoleRequest = (input, context) => {
-  const entries = {};
-  if (input[_RA] != null) {
-    entries[_RA] = input[_RA];
-  }
-  if (input[_RSN] != null) {
-    entries[_RSN] = input[_RSN];
-  }
-  if (input[_PA] != null) {
-    const memberEntries = se_policyDescriptorListType(input[_PA], context);
-    if (input[_PA]?.length === 0) {
-      entries.PolicyArns = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `PolicyArns.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_P] != null) {
-    entries[_P] = input[_P];
-  }
-  if (input[_DS] != null) {
-    entries[_DS] = input[_DS];
-  }
-  if (input[_T] != null) {
-    const memberEntries = se_tagListType(input[_T], context);
-    if (input[_T]?.length === 0) {
-      entries.Tags = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `Tags.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_TTK] != null) {
-    const memberEntries = se_tagKeyListType(input[_TTK], context);
-    if (input[_TTK]?.length === 0) {
-      entries.TransitiveTagKeys = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `TransitiveTagKeys.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_EI] != null) {
-    entries[_EI] = input[_EI];
-  }
-  if (input[_SN] != null) {
-    entries[_SN] = input[_SN];
-  }
-  if (input[_TC] != null) {
-    entries[_TC] = input[_TC];
-  }
-  if (input[_SI] != null) {
-    entries[_SI] = input[_SI];
-  }
-  if (input[_PC] != null) {
-    const memberEntries = se_ProvidedContextsListType(input[_PC], context);
-    if (input[_PC]?.length === 0) {
-      entries.ProvidedContexts = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `ProvidedContexts.${key}`;
-      entries[loc] = value;
-    });
-  }
-  return entries;
-};
-var se_AssumeRoleWithWebIdentityRequest = (input, context) => {
-  const entries = {};
-  if (input[_RA] != null) {
-    entries[_RA] = input[_RA];
-  }
-  if (input[_RSN] != null) {
-    entries[_RSN] = input[_RSN];
-  }
-  if (input[_WIT] != null) {
-    entries[_WIT] = input[_WIT];
-  }
-  if (input[_PI] != null) {
-    entries[_PI] = input[_PI];
-  }
-  if (input[_PA] != null) {
-    const memberEntries = se_policyDescriptorListType(input[_PA], context);
-    if (input[_PA]?.length === 0) {
-      entries.PolicyArns = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `PolicyArns.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_P] != null) {
-    entries[_P] = input[_P];
-  }
-  if (input[_DS] != null) {
-    entries[_DS] = input[_DS];
-  }
-  return entries;
-};
-var se_policyDescriptorListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    const memberEntries = se_PolicyDescriptorType(entry, context);
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      entries[`member.${counter}.${key}`] = value;
-    });
-    counter++;
-  }
-  return entries;
-};
-var se_PolicyDescriptorType = (input, context) => {
-  const entries = {};
-  if (input[_a] != null) {
-    entries[_a] = input[_a];
-  }
-  return entries;
-};
-var se_ProvidedContext = (input, context) => {
-  const entries = {};
-  if (input[_PAr] != null) {
-    entries[_PAr] = input[_PAr];
-  }
-  if (input[_CA] != null) {
-    entries[_CA] = input[_CA];
-  }
-  return entries;
-};
-var se_ProvidedContextsListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    const memberEntries = se_ProvidedContext(entry, context);
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      entries[`member.${counter}.${key}`] = value;
-    });
-    counter++;
-  }
-  return entries;
-};
-var se_Tag = (input, context) => {
-  const entries = {};
-  if (input[_K] != null) {
-    entries[_K] = input[_K];
-  }
-  if (input[_Va] != null) {
-    entries[_Va] = input[_Va];
-  }
-  return entries;
-};
-var se_tagKeyListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    entries[`member.${counter}`] = entry;
-    counter++;
-  }
-  return entries;
-};
-var se_tagListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    const memberEntries = se_Tag(entry, context);
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      entries[`member.${counter}.${key}`] = value;
-    });
-    counter++;
-  }
-  return entries;
-};
-var de_AssumedRoleUser = (output, context) => {
-  const contents = {};
-  if (output[_ARI] != null) {
-    contents[_ARI] = expectString(output[_ARI]);
-  }
-  if (output[_Ar] != null) {
-    contents[_Ar] = expectString(output[_Ar]);
-  }
-  return contents;
-};
-var de_AssumeRoleResponse = (output, context) => {
-  const contents = {};
-  if (output[_C] != null) {
-    contents[_C] = de_Credentials(output[_C], context);
-  }
-  if (output[_ARU] != null) {
-    contents[_ARU] = de_AssumedRoleUser(output[_ARU], context);
-  }
-  if (output[_PPS] != null) {
-    contents[_PPS] = strictParseInt32(output[_PPS]);
-  }
-  if (output[_SI] != null) {
-    contents[_SI] = expectString(output[_SI]);
-  }
-  return contents;
-};
-var de_AssumeRoleWithWebIdentityResponse = (output, context) => {
-  const contents = {};
-  if (output[_C] != null) {
-    contents[_C] = de_Credentials(output[_C], context);
-  }
-  if (output[_SFWIT] != null) {
-    contents[_SFWIT] = expectString(output[_SFWIT]);
-  }
-  if (output[_ARU] != null) {
-    contents[_ARU] = de_AssumedRoleUser(output[_ARU], context);
-  }
-  if (output[_PPS] != null) {
-    contents[_PPS] = strictParseInt32(output[_PPS]);
-  }
-  if (output[_Pr] != null) {
-    contents[_Pr] = expectString(output[_Pr]);
-  }
-  if (output[_Au] != null) {
-    contents[_Au] = expectString(output[_Au]);
-  }
-  if (output[_SI] != null) {
-    contents[_SI] = expectString(output[_SI]);
-  }
-  return contents;
-};
-var de_Credentials = (output, context) => {
-  const contents = {};
-  if (output[_AKI] != null) {
-    contents[_AKI] = expectString(output[_AKI]);
-  }
-  if (output[_SAK] != null) {
-    contents[_SAK] = expectString(output[_SAK]);
-  }
-  if (output[_ST] != null) {
-    contents[_ST] = expectString(output[_ST]);
-  }
-  if (output[_E] != null) {
-    contents[_E] = expectNonNull(parseRfc3339DateTimeWithOffset(output[_E]));
-  }
-  return contents;
-};
-var de_ExpiredTokenException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_IDPCommunicationErrorException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_IDPRejectedClaimException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_InvalidIdentityTokenException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_MalformedPolicyDocumentException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_PackedPolicyTooLargeException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_RegionDisabledException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var deserializeMetadata = (output) => ({
-  httpStatusCode: output.statusCode,
-  requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"] ?? output.headers["x-amz-request-id"],
-  extendedRequestId: output.headers["x-amz-id-2"],
-  cfId: output.headers["x-amz-cf-id"]
-});
-var throwDefaultError = withBaseException(STSServiceException);
-var buildHttpRpcRequest = async (context, headers, path, resolvedHostname, body) => {
-  const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
-  const contents = {
-    protocol,
-    hostname,
-    port,
-    method: "POST",
-    path: basePath.endsWith("/") ? basePath.slice(0, -1) + path : basePath + path,
-    headers
-  };
-  if (resolvedHostname !== void 0) {
-    contents.hostname = resolvedHostname;
-  }
-  if (body !== void 0) {
-    contents.body = body;
-  }
-  return new HttpRequest(contents);
-};
-var SHARED_HEADERS = {
-  "content-type": "application/x-www-form-urlencoded"
-};
-var _ = "2011-06-15";
-var _A = "Action";
-var _AKI = "AccessKeyId";
-var _AR = "AssumeRole";
-var _ARI = "AssumedRoleId";
-var _ARU = "AssumedRoleUser";
-var _ARWWI = "AssumeRoleWithWebIdentity";
-var _Ar = "Arn";
-var _Au = "Audience";
-var _C = "Credentials";
-var _CA = "ContextAssertion";
-var _DS = "DurationSeconds";
-var _E = "Expiration";
-var _EI = "ExternalId";
-var _K = "Key";
-var _P = "Policy";
-var _PA = "PolicyArns";
-var _PAr = "ProviderArn";
-var _PC = "ProvidedContexts";
-var _PI = "ProviderId";
-var _PPS = "PackedPolicySize";
-var _Pr = "Provider";
-var _RA = "RoleArn";
-var _RSN = "RoleSessionName";
-var _SAK = "SecretAccessKey";
-var _SFWIT = "SubjectFromWebIdentityToken";
-var _SI = "SourceIdentity";
-var _SN = "SerialNumber";
-var _ST = "SessionToken";
-var _T = "Tags";
-var _TC = "TokenCode";
-var _TTK = "TransitiveTagKeys";
-var _V = "Version";
-var _Va = "Value";
-var _WIT = "WebIdentityToken";
-var _a = "arn";
-var _m = "message";
-var buildFormUrlencodedString = (formEntries) => Object.entries(formEntries).map(([key, value]) => extendedEncodeURIComponent(key) + "=" + extendedEncodeURIComponent(value)).join("&");
-var loadQueryErrorCode = (output, data) => {
-  if (data.Error?.Code !== void 0) {
-    return data.Error.Code;
-  }
-  if (output.statusCode == 404) {
-    return "NotFound";
-  }
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/commands/AssumeRoleCommand.js
-var AssumeRoleCommand = class extends Command.classBuilder().ep(commonParams).m(function(Command2, cs, config, o2) {
-  return [
-    getSerdePlugin(config, this.serialize, this.deserialize),
-    getEndpointPlugin(config, Command2.getEndpointParameterInstructions())
-  ];
-}).s("AWSSecurityTokenServiceV20110615", "AssumeRole", {}).n("STSClient", "AssumeRoleCommand").f(void 0, AssumeRoleResponseFilterSensitiveLog).ser(se_AssumeRoleCommand).de(de_AssumeRoleCommand).build() {
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/commands/AssumeRoleWithWebIdentityCommand.js
-var AssumeRoleWithWebIdentityCommand = class extends Command.classBuilder().ep(commonParams).m(function(Command2, cs, config, o2) {
-  return [
-    getSerdePlugin(config, this.serialize, this.deserialize),
-    getEndpointPlugin(config, Command2.getEndpointParameterInstructions())
-  ];
-}).s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithWebIdentity", {}).n("STSClient", "AssumeRoleWithWebIdentityCommand").f(AssumeRoleWithWebIdentityRequestFilterSensitiveLog, AssumeRoleWithWebIdentityResponseFilterSensitiveLog).ser(se_AssumeRoleWithWebIdentityCommand).de(de_AssumeRoleWithWebIdentityCommand).build() {
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/STS.js
-var commands = {
-  AssumeRoleCommand,
-  AssumeRoleWithWebIdentityCommand
-};
-var STS = class extends STSClient {
-};
-createAggregatedClient(commands, STS);
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/defaultStsRoleAssumers.js
-var ASSUME_ROLE_DEFAULT_REGION = "us-east-1";
-var getAccountIdFromAssumedRoleUser = (assumedRoleUser) => {
-  if (typeof assumedRoleUser?.Arn === "string") {
-    const arnComponents = assumedRoleUser.Arn.split(":");
-    if (arnComponents.length > 4 && arnComponents[4] !== "") {
-      return arnComponents[4];
-    }
-  }
-  return void 0;
-};
-var resolveRegion = async (_region, _parentRegion, credentialProviderLogger) => {
-  const region = typeof _region === "function" ? await _region() : _region;
-  const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion;
-  credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (provider)`, `${parentRegion} (parent client)`, `${ASSUME_ROLE_DEFAULT_REGION} (STS default)`);
-  return region ?? parentRegion ?? ASSUME_ROLE_DEFAULT_REGION;
-};
-var getDefaultRoleAssumer = (stsOptions, STSClient2) => {
-  let stsClient;
-  let closureSourceCreds;
-  return async (sourceCreds, params) => {
-    closureSourceCreds = sourceCreds;
-    if (!stsClient) {
-      const { logger = stsOptions?.parentClientConfig?.logger, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger } = stsOptions;
-      const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger);
-      const isCompatibleRequestHandler = !isH2(requestHandler);
-      stsClient = new STSClient2({
-        profile: stsOptions?.parentClientConfig?.profile,
-        credentialDefaultProvider: () => async () => closureSourceCreds,
-        region: resolvedRegion,
-        requestHandler: isCompatibleRequestHandler ? requestHandler : void 0,
-        logger
-      });
-    }
-    const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleCommand(params));
-    if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {
-      throw new Error(`Invalid response from STS.assumeRole call with role ${params.RoleArn}`);
-    }
-    const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);
-    const credentials = {
-      accessKeyId: Credentials.AccessKeyId,
-      secretAccessKey: Credentials.SecretAccessKey,
-      sessionToken: Credentials.SessionToken,
-      expiration: Credentials.Expiration,
-      ...Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope },
-      ...accountId && { accountId }
-    };
-    setCredentialFeature(credentials, "CREDENTIALS_STS_ASSUME_ROLE", "i");
-    return credentials;
-  };
-};
-var getDefaultRoleAssumerWithWebIdentity = (stsOptions, STSClient2) => {
-  let stsClient;
-  return async (params) => {
-    if (!stsClient) {
-      const { logger = stsOptions?.parentClientConfig?.logger, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger } = stsOptions;
-      const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger);
-      const isCompatibleRequestHandler = !isH2(requestHandler);
-      stsClient = new STSClient2({
-        profile: stsOptions?.parentClientConfig?.profile,
-        region: resolvedRegion,
-        requestHandler: isCompatibleRequestHandler ? requestHandler : void 0,
-        logger
-      });
-    }
-    const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
-    if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {
-      throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${params.RoleArn}`);
-    }
-    const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);
-    const credentials = {
-      accessKeyId: Credentials.AccessKeyId,
-      secretAccessKey: Credentials.SecretAccessKey,
-      sessionToken: Credentials.SessionToken,
-      expiration: Credentials.Expiration,
-      ...Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope },
-      ...accountId && { accountId }
-    };
-    if (accountId) {
-      setCredentialFeature(credentials, "RESOLVED_ACCOUNT_ID", "T");
-    }
-    setCredentialFeature(credentials, "CREDENTIALS_STS_ASSUME_ROLE_WEB_ID", "k");
-    return credentials;
-  };
-};
-var isH2 = (requestHandler) => {
-  return requestHandler?.metadata?.handlerProtocol === "h2";
-};
-
-// node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/defaultRoleAssumers.js
-var getCustomizableStsClientCtor = (baseCtor, customizations) => {
-  if (!customizations)
-    return baseCtor;
-  else
-    return class CustomizableSTSClient extends baseCtor {
-      constructor(config) {
-        super(config);
-        for (const customization of customizations) {
-          this.middlewareStack.use(customization);
-        }
-      }
-    };
-};
-var getDefaultRoleAssumer2 = (stsOptions = {}, stsPlugins) => getDefaultRoleAssumer(stsOptions, getCustomizableStsClientCtor(STSClient, stsPlugins));
-var getDefaultRoleAssumerWithWebIdentity2 = (stsOptions = {}, stsPlugins) => getDefaultRoleAssumerWithWebIdentity(stsOptions, getCustomizableStsClientCtor(STSClient, stsPlugins));
-var decorateDefaultCredentialProvider = (provider) => (input) => provider({
-  roleAssumer: getDefaultRoleAssumer2(input),
-  roleAssumerWithWebIdentity: getDefaultRoleAssumerWithWebIdentity2(input),
-  ...input
-});
-export {
-  Command as $Command,
-  AssumeRoleCommand,
-  AssumeRoleResponseFilterSensitiveLog,
-  AssumeRoleWithWebIdentityCommand,
-  AssumeRoleWithWebIdentityRequestFilterSensitiveLog,
-  AssumeRoleWithWebIdentityResponseFilterSensitiveLog,
-  CredentialsFilterSensitiveLog,
-  ExpiredTokenException,
-  IDPCommunicationErrorException,
-  IDPRejectedClaimException,
-  InvalidIdentityTokenException,
-  MalformedPolicyDocumentException,
-  PackedPolicyTooLargeException,
-  RegionDisabledException,
-  STS,
-  STSClient,
-  STSServiceException,
-  Client as __Client,
-  decorateDefaultCredentialProvider,
-  getDefaultRoleAssumer2 as getDefaultRoleAssumer,
-  getDefaultRoleAssumerWithWebIdentity2 as getDefaultRoleAssumerWithWebIdentity
-};
-//# sourceMappingURL=sts-VPLY2J63.js.map