@granite-js/pulumi-aws 0.1.34 → 1.0.1

package/dist/{sts-OPF4H3GL.js → sts-7FBOVTCN.js}

@@ -1,16 +1,22 @@
 import {
+  createAggregatedClient,
   package_default
-} from "./chunk-UNXXS5FM.js";
+} from "./chunk-DDZTWBHZ.js";
+import {
+  NoAuthSigner
+} from "./chunk-G3FWLTNJ.js";
 import {
-  parseXmlBody,
-  parseXmlErrorBody
-} from "./chunk-KRJS4RAS.js";
+  XmlShapeDeserializer
+} from "./chunk-23MVQUOJ.js";
 import {
   AwsSdkSigV4Signer,
+  Client,
+  Command,
   DEFAULT_RETRY_MODE,
   DefaultIdentityProviderConfig,
   EndpointCache,
   Hash,
+  HttpProtocol,
   NODE_APP_ID_CONFIG_OPTIONS,
   NODE_AUTH_SCHEME_PREFERENCE_OPTIONS,
   NODE_MAX_ATTEMPT_CONFIG_OPTIONS,
@@ -19,76 +25,446 @@ import {
   NODE_RETRY_MODE_CONFIG_OPTIONS,
   NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS,
   NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS,
-  NoAuthSigner,
+  NoOpLogger,
+  NormalizedSchema,
+  NumericValue,
+  ProtocolLib,
+  SerdeContextConfig,
+  ServiceException,
+  TypeRegistry,
   awsEndpointFunctions,
   calculateBodyLength,
+  collectBody,
   createDefaultUserAgentProvider,
   customEndpointFunctions,
+  deref,
+  determineTimestampFormat,
   emitWarningIfUnsupportedVersion,
+  emitWarningIfUnsupportedVersion2,
+  extendedEncodeURIComponent,
   getAwsRegionExtensionConfiguration,
   getContentLengthPlugin,
+  getDefaultExtensionConfiguration,
   getEndpointPlugin,
   getHostHeaderPlugin,
   getHttpAuthSchemeEndpointRuleSetPlugin,
+  getHttpHandlerExtensionConfiguration,
   getHttpSigningPlugin,
   getLoggerPlugin,
   getRecursionDetectionPlugin,
   getRetryPlugin,
-  getSerdePlugin,
+  getSchemaSerdePlugin,
   getSmithyContext,
   getUserAgentPlugin,
+  loadConfigsForDefaultMode,
   normalizeProvider,
   resolveAwsRegionExtensionConfiguration,
   resolveAwsSdkSigV4Config,
+  resolveDefaultRuntimeConfig,
   resolveDefaultsModeConfig,
   resolveEndpoint,
   resolveEndpointConfig,
   resolveHostHeaderConfig,
+  resolveHttpHandlerRuntimeConfig,
   resolveRegionConfig,
   resolveRetryConfig,
-  resolveUserAgentConfig
-} from "./chunk-5W7B34BN.js";
+  resolveUserAgentConfig,
+  serializingStructIterator,
+  v4
+} from "./chunk-ASGFIK4A.js";
 import {
   loadConfig,
   parseUrl
-} from "./chunk-WCHHWTND.js";
-import "./chunk-KGNTV362.js";
+} from "./chunk-LCO5F3JB.js";
+import "./chunk-6KRYZP6R.js";
 import {
-  Client,
-  Command,
-  HttpRequest,
-  NoOpLogger,
   NodeHttpHandler,
-  SENSITIVE_STRING,
-  ServiceException,
-  createAggregatedClient,
-  decorateServiceException,
-  emitWarningIfUnsupportedVersion as emitWarningIfUnsupportedVersion2,
-  expectNonNull,
-  expectString,
-  extendedEncodeURIComponent,
+  dateToUtcString,
   fromBase64,
-  fromUtf8,
-  getDefaultExtensionConfiguration,
-  getHttpHandlerExtensionConfiguration,
-  loadConfigsForDefaultMode,
-  parseRfc3339DateTimeWithOffset,
-  resolveDefaultRuntimeConfig,
-  resolveHttpHandlerRuntimeConfig,
   streamCollector,
-  strictParseInt32,
-  toBase64,
-  toUtf8,
-  withBaseException
-} from "./chunk-VOTRVWIB.js";
+  toBase64
+} from "./chunk-OSJA4YYQ.js";
+import {
+  HttpRequest
+} from "./chunk-NDDYFDCU.js";
+import "./chunk-WDFKVCPC.js";
 import {
   setCredentialFeature
-} from "./chunk-ITI6QA2Q.js";
-import "./chunk-M5GUUX64.js";
-import "./chunk-W3VXP3A3.js";
-import "./chunk-JSBRDJBE.js";
+} from "./chunk-3OYGHA4S.js";
+import "./chunk-S4LJWEXU.js";
+import {
+  fromUtf8,
+  toUtf8
+} from "./chunk-Z4UYYQ4J.js";
+
+// ../../.yarn/cache/@smithy-core-npm-3.18.5-16e80a170e-c6ccaf4a06.zip/node_modules/@smithy/core/dist-es/submodules/protocols/RpcProtocol.js
+var RpcProtocol = class extends HttpProtocol {
+  async serializeRequest(operationSchema, input, context) {
+    const serializer = this.serializer;
+    const query = {};
+    const headers = {};
+    const endpoint = await context.endpoint();
+    const ns = NormalizedSchema.of(operationSchema?.input);
+    const schema = ns.getSchema();
+    let payload;
+    const request = new HttpRequest({
+      protocol: "",
+      hostname: "",
+      port: void 0,
+      path: "/",
+      fragment: void 0,
+      query,
+      headers,
+      body: void 0
+    });
+    if (endpoint) {
+      this.updateServiceEndpoint(request, endpoint);
+      this.setHostPrefix(request, operationSchema, input);
+    }
+    const _input = {
+      ...input
+    };
+    if (input) {
+      const eventStreamMember = ns.getEventStreamMember();
+      if (eventStreamMember) {
+        if (_input[eventStreamMember]) {
+          const initialRequest = {};
+          for (const [memberName, memberSchema] of ns.structIterator()) {
+            if (memberName !== eventStreamMember && _input[memberName]) {
+              serializer.write(memberSchema, _input[memberName]);
+              initialRequest[memberName] = serializer.flush();
+            }
+          }
+          payload = await this.serializeEventStream({
+            eventStream: _input[eventStreamMember],
+            requestSchema: ns,
+            initialRequest
+          });
+        }
+      } else {
+        serializer.write(schema, _input);
+        payload = serializer.flush();
+      }
+    }
+    request.headers = headers;
+    request.query = query;
+    request.body = payload;
+    request.method = "POST";
+    return request;
+  }
+  async deserializeResponse(operationSchema, context, response) {
+    const deserializer = this.deserializer;
+    const ns = NormalizedSchema.of(operationSchema.output);
+    const dataObject = {};
+    if (response.statusCode >= 300) {
+      const bytes = await collectBody(response.body, context);
+      if (bytes.byteLength > 0) {
+        Object.assign(dataObject, await deserializer.read(15, bytes));
+      }
+      await this.handleError(operationSchema, context, response, dataObject, this.deserializeMetadata(response));
+      throw new Error("@smithy/core/protocols - RPC Protocol error handler failed to throw.");
+    }
+    for (const header in response.headers) {
+      const value = response.headers[header];
+      delete response.headers[header];
+      response.headers[header.toLowerCase()] = value;
+    }
+    const eventStreamMember = ns.getEventStreamMember();
+    if (eventStreamMember) {
+      dataObject[eventStreamMember] = await this.deserializeEventStream({
+        response,
+        responseSchema: ns,
+        initialResponseContainer: dataObject
+      });
+    } else {
+      const bytes = await collectBody(response.body, context);
+      if (bytes.byteLength > 0) {
+        Object.assign(dataObject, await deserializer.read(ns, bytes));
+      }
+    }
+    dataObject.$metadata = this.deserializeMetadata(response);
+    return dataObject;
+  }
+};
+
+// ../../.yarn/cache/@aws-sdk-core-npm-3.940.0-0d32a8e8d2-090b960007.zip/node_modules/@aws-sdk/core/dist-es/submodules/protocols/query/QueryShapeSerializer.js
+var QueryShapeSerializer = class extends SerdeContextConfig {
+  settings;
+  buffer;
+  constructor(settings) {
+    super();
+    this.settings = settings;
+  }
+  write(schema, value, prefix = "") {
+    if (this.buffer === void 0) {
+      this.buffer = "";
+    }
+    const ns = NormalizedSchema.of(schema);
+    if (prefix && !prefix.endsWith(".")) {
+      prefix += ".";
+    }
+    if (ns.isBlobSchema()) {
+      if (typeof value === "string" || value instanceof Uint8Array) {
+        this.writeKey(prefix);
+        this.writeValue((this.serdeContext?.base64Encoder ?? toBase64)(value));
+      }
+    } else if (ns.isBooleanSchema() || ns.isNumericSchema() || ns.isStringSchema()) {
+      if (value != null) {
+        this.writeKey(prefix);
+        this.writeValue(String(value));
+      } else if (ns.isIdempotencyToken()) {
+        this.writeKey(prefix);
+        this.writeValue(v4());
+      }
+    } else if (ns.isBigIntegerSchema()) {
+      if (value != null) {
+        this.writeKey(prefix);
+        this.writeValue(String(value));
+      }
+    } else if (ns.isBigDecimalSchema()) {
+      if (value != null) {
+        this.writeKey(prefix);
+        this.writeValue(value instanceof NumericValue ? value.string : String(value));
+      }
+    } else if (ns.isTimestampSchema()) {
+      if (value instanceof Date) {
+        this.writeKey(prefix);
+        const format = determineTimestampFormat(ns, this.settings);
+        switch (format) {
+          case 5:
+            this.writeValue(value.toISOString().replace(".000Z", "Z"));
+            break;
+          case 6:
+            this.writeValue(dateToUtcString(value));
+            break;
+          case 7:
+            this.writeValue(String(value.getTime() / 1e3));
+            break;
+        }
+      }
+    } else if (ns.isDocumentSchema()) {
+      throw new Error(`@aws-sdk/core/protocols - QuerySerializer unsupported document type ${ns.getName(true)}`);
+    } else if (ns.isListSchema()) {
+      if (Array.isArray(value)) {
+        if (value.length === 0) {
+          if (this.settings.serializeEmptyLists) {
+            this.writeKey(prefix);
+            this.writeValue("");
+          }
+        } else {
+          const member = ns.getValueSchema();
+          const flat = this.settings.flattenLists || ns.getMergedTraits().xmlFlattened;
+          let i2 = 1;
+          for (const item of value) {
+            if (item == null) {
+              continue;
+            }
+            const suffix = this.getKey("member", member.getMergedTraits().xmlName);
+            const key = flat ? `${prefix}${i2}` : `${prefix}${suffix}.${i2}`;
+            this.write(member, item, key);
+            ++i2;
+          }
+        }
+      }
+    } else if (ns.isMapSchema()) {
+      if (value && typeof value === "object") {
+        const keySchema = ns.getKeySchema();
+        const memberSchema = ns.getValueSchema();
+        const flat = ns.getMergedTraits().xmlFlattened;
+        let i2 = 1;
+        for (const [k2, v2] of Object.entries(value)) {
+          if (v2 == null) {
+            continue;
+          }
+          const keySuffix = this.getKey("key", keySchema.getMergedTraits().xmlName);
+          const key = flat ? `${prefix}${i2}.${keySuffix}` : `${prefix}entry.${i2}.${keySuffix}`;
+          const valueSuffix = this.getKey("value", memberSchema.getMergedTraits().xmlName);
+          const valueKey = flat ? `${prefix}${i2}.${valueSuffix}` : `${prefix}entry.${i2}.${valueSuffix}`;
+          this.write(keySchema, k2, key);
+          this.write(memberSchema, v2, valueKey);
+          ++i2;
+        }
+      }
+    } else if (ns.isStructSchema()) {
+      if (value && typeof value === "object") {
+        for (const [memberName, member] of serializingStructIterator(ns, value)) {
+          if (value[memberName] == null && !member.isIdempotencyToken()) {
+            continue;
+          }
+          const suffix = this.getKey(memberName, member.getMergedTraits().xmlName);
+          const key = `${prefix}${suffix}`;
+          this.write(member, value[memberName], key);
+        }
+      }
+    } else if (ns.isUnitSchema()) {
+    } else {
+      throw new Error(`@aws-sdk/core/protocols - QuerySerializer unrecognized schema type ${ns.getName(true)}`);
+    }
+  }
+  flush() {
+    if (this.buffer === void 0) {
+      throw new Error("@aws-sdk/core/protocols - QuerySerializer cannot flush with nothing written to buffer.");
+    }
+    const str = this.buffer;
+    delete this.buffer;
+    return str;
+  }
+  getKey(memberName, xmlName) {
+    const key = xmlName ?? memberName;
+    if (this.settings.capitalizeKeys) {
+      return key[0].toUpperCase() + key.slice(1);
+    }
+    return key;
+  }
+  writeKey(key) {
+    if (key.endsWith(".")) {
+      key = key.slice(0, key.length - 1);
+    }
+    this.buffer += `&${extendedEncodeURIComponent(key)}=`;
+  }
+  writeValue(value) {
+    this.buffer += extendedEncodeURIComponent(value);
+  }
+};
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/auth/httpAuthSchemeProvider.js
+// ../../.yarn/cache/@aws-sdk-core-npm-3.940.0-0d32a8e8d2-090b960007.zip/node_modules/@aws-sdk/core/dist-es/submodules/protocols/query/AwsQueryProtocol.js
+var AwsQueryProtocol = class extends RpcProtocol {
+  options;
+  serializer;
+  deserializer;
+  mixin = new ProtocolLib();
+  constructor(options) {
+    super({
+      defaultNamespace: options.defaultNamespace
+    });
+    this.options = options;
+    const settings = {
+      timestampFormat: {
+        useTrait: true,
+        default: 5
+      },
+      httpBindings: false,
+      xmlNamespace: options.xmlNamespace,
+      serviceNamespace: options.defaultNamespace,
+      serializeEmptyLists: true
+    };
+    this.serializer = new QueryShapeSerializer(settings);
+    this.deserializer = new XmlShapeDeserializer(settings);
+  }
+  getShapeId() {
+    return "aws.protocols#awsQuery";
+  }
+  setSerdeContext(serdeContext) {
+    this.serializer.setSerdeContext(serdeContext);
+    this.deserializer.setSerdeContext(serdeContext);
+  }
+  getPayloadCodec() {
+    throw new Error("AWSQuery protocol has no payload codec.");
+  }
+  async serializeRequest(operationSchema, input, context) {
+    const request = await super.serializeRequest(operationSchema, input, context);
+    if (!request.path.endsWith("/")) {
+      request.path += "/";
+    }
+    Object.assign(request.headers, {
+      "content-type": `application/x-www-form-urlencoded`
+    });
+    if (deref(operationSchema.input) === "unit" || !request.body) {
+      request.body = "";
+    }
+    const action = operationSchema.name.split("#")[1] ?? operationSchema.name;
+    request.body = `Action=${action}&Version=${this.options.version}` + request.body;
+    if (request.body.endsWith("&")) {
+      request.body = request.body.slice(-1);
+    }
+    return request;
+  }
+  async deserializeResponse(operationSchema, context, response) {
+    const deserializer = this.deserializer;
+    const ns = NormalizedSchema.of(operationSchema.output);
+    const dataObject = {};
+    if (response.statusCode >= 300) {
+      const bytes2 = await collectBody(response.body, context);
+      if (bytes2.byteLength > 0) {
+        Object.assign(dataObject, await deserializer.read(15, bytes2));
+      }
+      await this.handleError(operationSchema, context, response, dataObject, this.deserializeMetadata(response));
+    }
+    for (const header in response.headers) {
+      const value = response.headers[header];
+      delete response.headers[header];
+      response.headers[header.toLowerCase()] = value;
+    }
+    const shortName = operationSchema.name.split("#")[1] ?? operationSchema.name;
+    const awsQueryResultKey = ns.isStructSchema() && this.useNestedResult() ? shortName + "Result" : void 0;
+    const bytes = await collectBody(response.body, context);
+    if (bytes.byteLength > 0) {
+      Object.assign(dataObject, await deserializer.read(ns, bytes, awsQueryResultKey));
+    }
+    const output = {
+      $metadata: this.deserializeMetadata(response),
+      ...dataObject
+    };
+    return output;
+  }
+  useNestedResult() {
+    return true;
+  }
+  async handleError(operationSchema, context, response, dataObject, metadata) {
+    const errorIdentifier = this.loadQueryErrorCode(response, dataObject) ?? "Unknown";
+    const errorData = this.loadQueryError(dataObject);
+    const message = this.loadQueryErrorMessage(dataObject);
+    errorData.message = message;
+    errorData.Error = {
+      Type: errorData.Type,
+      Code: errorData.Code,
+      Message: message
+    };
+    const { errorSchema, errorMetadata } = await this.mixin.getErrorSchemaOrThrowBaseException(errorIdentifier, this.options.defaultNamespace, response, errorData, metadata, (registry, errorName) => {
+      try {
+        return registry.getSchema(errorName);
+      } catch (e2) {
+        return registry.find((schema) => NormalizedSchema.of(schema).getMergedTraits().awsQueryError?.[0] === errorName);
+      }
+    });
+    const ns = NormalizedSchema.of(errorSchema);
+    const ErrorCtor = TypeRegistry.for(errorSchema[1]).getErrorCtor(errorSchema) ?? Error;
+    const exception = new ErrorCtor(message);
+    const output = {
+      Error: errorData.Error
+    };
+    for (const [name, member] of ns.structIterator()) {
+      const target = member.getMergedTraits().xmlName ?? name;
+      const value = errorData[target] ?? dataObject[target];
+      output[name] = this.deserializer.readSchema(member, value);
+    }
+    throw this.mixin.decorateServiceException(Object.assign(exception, errorMetadata, {
+      $fault: ns.getMergedTraits().error,
+      message
+    }, output), dataObject);
+  }
+  loadQueryErrorCode(output, data) {
+    const code = (data.Errors?.[0]?.Error ?? data.Errors?.Error ?? data.Error)?.Code;
+    if (code !== void 0) {
+      return code;
+    }
+    if (output.statusCode == 404) {
+      return "NotFound";
+    }
+  }
+  loadQueryError(data) {
+    return data.Errors?.[0]?.Error ?? data.Errors?.Error ?? data.Error;
+  }
+  loadQueryErrorMessage(data) {
+    const errorData = this.loadQueryError(data);
+    return errorData?.message ?? errorData?.Message ?? data.message ?? data.Message ?? "Unknown";
+  }
+  getDefaultContentType() {
+    return "application/x-www-form-urlencoded";
+  }
+};
+
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/auth/httpAuthSchemeProvider.js
 var defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
   return {
     operation: getSmithyContext(context).operation,
@@ -141,7 +517,7 @@ var resolveHttpAuthSchemeConfig = (config) => {
   });
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/endpoint/EndpointParameters.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/endpoint/EndpointParameters.js
 var resolveClientEndpointParameters = (options) => {
   return Object.assign(options, {
     useDualstackEndpoint: options.useDualstackEndpoint ?? false,
@@ -158,7 +534,7 @@ var commonParams = {
   UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/endpoint/ruleset.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/endpoint/ruleset.js
 var F = "required";
 var G = "type";
 var H = "fn";
@@ -176,8 +552,8 @@ var i = "https://sts.{Region}.{PartitionResult#dnsSuffix}";
 var j = "tree";
 var k = "error";
 var l = "getAttr";
-var m = { [F]: false, [G]: "String" };
-var n = { [F]: true, "default": false, [G]: "Boolean" };
+var m = { [F]: false, [G]: "string" };
+var n = { [F]: true, "default": false, [G]: "boolean" };
 var o = { [J]: "Endpoint" };
 var p = { [H]: "isSet", [I]: [{ [J]: "Region" }] };
 var q = { [J]: "Region" };
@@ -198,7 +574,7 @@ var E = [y];
 var _data = { version: "1.0", parameters: { Region: m, UseDualStack: n, UseFIPS: n, Endpoint: m, UseGlobalEndpoint: n }, rules: [{ conditions: [{ [H]: c, [I]: [{ [J]: "UseGlobalEndpoint" }, b] }, { [H]: "not", [I]: C }, p, r, { [H]: c, [I]: [s, a] }, { [H]: c, [I]: [t, a] }], rules: [{ conditions: [{ [H]: d, [I]: [q, "ap-northeast-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "ap-south-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "ap-southeast-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "ap-southeast-2"] }], endpoint: u, [G]: h }, w, { conditions: [{ [H]: d, [I]: [q, "ca-central-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "eu-central-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "eu-north-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "eu-west-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "eu-west-2"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "eu-west-3"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "sa-east-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, g] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "us-east-2"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "us-west-1"] }], endpoint: u, [G]: h }, { conditions: [{ [H]: d, [I]: [q, "us-west-2"] }], endpoint: u, [G]: h }, { endpoint: { url: i, properties: { authSchemes: [{ name: e, signingName: f, signingRegion: "{Region}" }] }, headers: v }, [G]: h }], [G]: j }, { conditions: C, rules: [{ conditions: D, error: "Invalid Configuration: FIPS and custom endpoint are not supported", [G]: k }, { conditions: E, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", [G]: k }, { endpoint: { url: o, properties: v, headers: v }, [G]: h }], [G]: j }, { conditions: [p], rules: [{ conditions: [r], rules: [{ conditions: [x, y], rules: [{ conditions: [{ [H]: c, [I]: [b, z] }, B], rules: [{ endpoint: { url: "https://sts-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: v, headers: v }, [G]: h }], [G]: j }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", [G]: k }], [G]: j }, { conditions: D, rules: [{ conditions: [{ [H]: c, [I]: [z, b] }], rules: [{ conditions: [{ [H]: d, [I]: [{ [H]: l, [I]: [A, "name"] }, "aws-us-gov"] }], endpoint: { url: "https://sts.{Region}.amazonaws.com", properties: v, headers: v }, [G]: h }, { endpoint: { url: "https://sts-fips.{Region}.{PartitionResult#dnsSuffix}", properties: v, headers: v }, [G]: h }], [G]: j }, { error: "FIPS is enabled but this partition does not support FIPS", [G]: k }], [G]: j }, { conditions: E, rules: [{ conditions: [B], rules: [{ endpoint: { url: "https://sts.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: v, headers: v }, [G]: h }], [G]: j }, { error: "DualStack is enabled but this partition does not support DualStack", [G]: k }], [G]: j }, w, { endpoint: { url: i, properties: v, headers: v }, [G]: h }], [G]: j }], [G]: j }, { error: "Invalid Configuration: Missing Region", [G]: k }] };
 var ruleSet = _data;
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/endpoint/endpointResolver.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/endpoint/endpointResolver.js
 var cache = new EndpointCache({
   size: 50,
   params: ["Endpoint", "Region", "UseDualStack", "UseFIPS", "UseGlobalEndpoint"]
@@ -211,7 +587,7 @@ var defaultEndpointResolver = (endpointParams, context = {}) => {
 };
 customEndpointFunctions.aws = awsEndpointFunctions;
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/runtimeConfig.shared.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/runtimeConfig.shared.js
 var getRuntimeConfig = (config) => {
   return {
     apiVersion: "2011-06-15",
@@ -234,6 +610,11 @@ var getRuntimeConfig = (config) => {
       }
     ],
     logger: config?.logger ?? new NoOpLogger(),
+    protocol: config?.protocol ?? new AwsQueryProtocol({
+      defaultNamespace: "com.amazonaws.sts",
+      xmlNamespace: "https://sts.amazonaws.com/doc/2011-06-15/",
+      version: "2011-06-15"
+    }),
     serviceId: config?.serviceId ?? "STS",
     urlParser: config?.urlParser ?? parseUrl,
     utf8Decoder: config?.utf8Decoder ?? fromUtf8,
@@ -241,7 +622,7 @@ var getRuntimeConfig = (config) => {
   };
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/runtimeConfig.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/runtimeConfig.js
 var getRuntimeConfig2 = (config) => {
   emitWarningIfUnsupportedVersion2(process.version);
   const defaultsMode = resolveDefaultsModeConfig(config);
@@ -287,7 +668,23 @@ var getRuntimeConfig2 = (config) => {
   };
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/auth/httpAuthExtensionConfiguration.js
+// ../../.yarn/cache/@aws-sdk-region-config-resolver-npm-3.936.0-ac429a151d-67ecf8f357.zip/node_modules/@aws-sdk/region-config-resolver/dist-es/regionConfig/stsRegionDefaultResolver.js
+function stsRegionDefaultResolver(loaderConfig = {}) {
+  return loadConfig({
+    ...NODE_REGION_CONFIG_OPTIONS,
+    async default() {
+      if (!warning.silence) {
+        console.warn("@aws-sdk - WARN - default STS region of us-east-1 used. See @aws-sdk/credential-providers README and set a region explicitly.");
+      }
+      return "us-east-1";
+    }
+  }, { ...NODE_REGION_CONFIG_FILE_OPTIONS, ...loaderConfig });
+}
+var warning = {
+  silence: false
+};
+
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/auth/httpAuthExtensionConfiguration.js
 var getHttpAuthExtensionConfiguration = (runtimeConfig) => {
   const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
   let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
@@ -326,14 +723,14 @@ var resolveHttpAuthRuntimeConfig = (config) => {
   };
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/runtimeExtensions.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/runtimeExtensions.js
 var resolveRuntimeExtensions = (runtimeConfig, extensions) => {
   const extensionConfiguration = Object.assign(getAwsRegionExtensionConfiguration(runtimeConfig), getDefaultExtensionConfiguration(runtimeConfig), getHttpHandlerExtensionConfiguration(runtimeConfig), getHttpAuthExtensionConfiguration(runtimeConfig));
   extensions.forEach((extension) => extension.configure(extensionConfiguration));
   return Object.assign(runtimeConfig, resolveAwsRegionExtensionConfiguration(extensionConfiguration), resolveDefaultRuntimeConfig(extensionConfiguration), resolveHttpHandlerRuntimeConfig(extensionConfiguration), resolveHttpAuthRuntimeConfig(extensionConfiguration));
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/STSClient.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/STSClient.js
 var STSClient = class extends Client {
   config;
   constructor(...[configuration]) {
@@ -349,6 +746,7 @@ var STSClient = class extends Client {
     const _config_7 = resolveHttpAuthSchemeConfig(_config_6);
     const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
     this.config = _config_8;
+    this.middlewareStack.use(getSchemaSerdePlugin(this.config));
     this.middlewareStack.use(getUserAgentPlugin(this.config));
     this.middlewareStack.use(getRetryPlugin(this.config));
     this.middlewareStack.use(getContentLengthPlugin(this.config));
@@ -368,7 +766,7 @@ var STSClient = class extends Client {
   }
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/models/STSServiceException.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/models/STSServiceException.js
 var STSServiceException = class _STSServiceException extends ServiceException {
   constructor(options) {
     super(options);
@@ -376,15 +774,7 @@ var STSServiceException = class _STSServiceException extends ServiceException {
   }
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/models/models_0.js
-var CredentialsFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.SecretAccessKey && { SecretAccessKey: SENSITIVE_STRING }
-});
-var AssumeRoleResponseFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }
-});
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/models/errors.js
 var ExpiredTokenException = class _ExpiredTokenException extends STSServiceException {
   name = "ExpiredTokenException";
   $fault = "client";
@@ -457,14 +847,6 @@ var InvalidIdentityTokenException = class _InvalidIdentityTokenException extends
     Object.setPrototypeOf(this, _InvalidIdentityTokenException.prototype);
   }
 };
-var AssumeRoleWithWebIdentityRequestFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.WebIdentityToken && { WebIdentityToken: SENSITIVE_STRING }
-});
-var AssumeRoleWithWebIdentityResponseFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }
-});
 var IDPCommunicationErrorException = class _IDPCommunicationErrorException extends STSServiceException {
   name = "IDPCommunicationErrorException";
   $fault = "client";
@@ -478,504 +860,42 @@ var IDPCommunicationErrorException = class _IDPCommunicationErrorException exten
   }
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/protocols/Aws_query.js
-var se_AssumeRoleCommand = async (input, context) => {
-  const headers = SHARED_HEADERS;
-  let body;
-  body = buildFormUrlencodedString({
-    ...se_AssumeRoleRequest(input, context),
-    [_A]: _AR,
-    [_V]: _
-  });
-  return buildHttpRpcRequest(context, headers, "/", void 0, body);
-};
-var se_AssumeRoleWithWebIdentityCommand = async (input, context) => {
-  const headers = SHARED_HEADERS;
-  let body;
-  body = buildFormUrlencodedString({
-    ...se_AssumeRoleWithWebIdentityRequest(input, context),
-    [_A]: _ARWWI,
-    [_V]: _
-  });
-  return buildHttpRpcRequest(context, headers, "/", void 0, body);
-};
-var de_AssumeRoleCommand = async (output, context) => {
-  if (output.statusCode >= 300) {
-    return de_CommandError(output, context);
-  }
-  const data = await parseXmlBody(output.body, context);
-  let contents = {};
-  contents = de_AssumeRoleResponse(data.AssumeRoleResult, context);
-  const response = {
-    $metadata: deserializeMetadata(output),
-    ...contents
-  };
-  return response;
-};
-var de_AssumeRoleWithWebIdentityCommand = async (output, context) => {
-  if (output.statusCode >= 300) {
-    return de_CommandError(output, context);
-  }
-  const data = await parseXmlBody(output.body, context);
-  let contents = {};
-  contents = de_AssumeRoleWithWebIdentityResponse(data.AssumeRoleWithWebIdentityResult, context);
-  const response = {
-    $metadata: deserializeMetadata(output),
-    ...contents
-  };
-  return response;
-};
-var de_CommandError = async (output, context) => {
-  const parsedOutput = {
-    ...output,
-    body: await parseXmlErrorBody(output.body, context)
-  };
-  const errorCode = loadQueryErrorCode(output, parsedOutput.body);
-  switch (errorCode) {
-    case "ExpiredTokenException":
-    case "com.amazonaws.sts#ExpiredTokenException":
-      throw await de_ExpiredTokenExceptionRes(parsedOutput, context);
-    case "MalformedPolicyDocument":
-    case "com.amazonaws.sts#MalformedPolicyDocumentException":
-      throw await de_MalformedPolicyDocumentExceptionRes(parsedOutput, context);
-    case "PackedPolicyTooLarge":
-    case "com.amazonaws.sts#PackedPolicyTooLargeException":
-      throw await de_PackedPolicyTooLargeExceptionRes(parsedOutput, context);
-    case "RegionDisabledException":
-    case "com.amazonaws.sts#RegionDisabledException":
-      throw await de_RegionDisabledExceptionRes(parsedOutput, context);
-    case "IDPCommunicationError":
-    case "com.amazonaws.sts#IDPCommunicationErrorException":
-      throw await de_IDPCommunicationErrorExceptionRes(parsedOutput, context);
-    case "IDPRejectedClaim":
-    case "com.amazonaws.sts#IDPRejectedClaimException":
-      throw await de_IDPRejectedClaimExceptionRes(parsedOutput, context);
-    case "InvalidIdentityToken":
-    case "com.amazonaws.sts#InvalidIdentityTokenException":
-      throw await de_InvalidIdentityTokenExceptionRes(parsedOutput, context);
-    default:
-      const parsedBody = parsedOutput.body;
-      return throwDefaultError({
-        output,
-        parsedBody: parsedBody.Error,
-        errorCode
-      });
-  }
-};
-var de_ExpiredTokenExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_ExpiredTokenException(body.Error, context);
-  const exception = new ExpiredTokenException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_IDPCommunicationErrorExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_IDPCommunicationErrorException(body.Error, context);
-  const exception = new IDPCommunicationErrorException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_IDPRejectedClaimExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_IDPRejectedClaimException(body.Error, context);
-  const exception = new IDPRejectedClaimException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_InvalidIdentityTokenExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_InvalidIdentityTokenException(body.Error, context);
-  const exception = new InvalidIdentityTokenException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_MalformedPolicyDocumentExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_MalformedPolicyDocumentException(body.Error, context);
-  const exception = new MalformedPolicyDocumentException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_PackedPolicyTooLargeExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_PackedPolicyTooLargeException(body.Error, context);
-  const exception = new PackedPolicyTooLargeException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_RegionDisabledExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_RegionDisabledException(body.Error, context);
-  const exception = new RegionDisabledException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var se_AssumeRoleRequest = (input, context) => {
-  const entries = {};
-  if (input[_RA] != null) {
-    entries[_RA] = input[_RA];
-  }
-  if (input[_RSN] != null) {
-    entries[_RSN] = input[_RSN];
-  }
-  if (input[_PA] != null) {
-    const memberEntries = se_policyDescriptorListType(input[_PA], context);
-    if (input[_PA]?.length === 0) {
-      entries.PolicyArns = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `PolicyArns.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_P] != null) {
-    entries[_P] = input[_P];
-  }
-  if (input[_DS] != null) {
-    entries[_DS] = input[_DS];
-  }
-  if (input[_T] != null) {
-    const memberEntries = se_tagListType(input[_T], context);
-    if (input[_T]?.length === 0) {
-      entries.Tags = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `Tags.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_TTK] != null) {
-    const memberEntries = se_tagKeyListType(input[_TTK], context);
-    if (input[_TTK]?.length === 0) {
-      entries.TransitiveTagKeys = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `TransitiveTagKeys.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_EI] != null) {
-    entries[_EI] = input[_EI];
-  }
-  if (input[_SN] != null) {
-    entries[_SN] = input[_SN];
-  }
-  if (input[_TC] != null) {
-    entries[_TC] = input[_TC];
-  }
-  if (input[_SI] != null) {
-    entries[_SI] = input[_SI];
-  }
-  if (input[_PC] != null) {
-    const memberEntries = se_ProvidedContextsListType(input[_PC], context);
-    if (input[_PC]?.length === 0) {
-      entries.ProvidedContexts = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `ProvidedContexts.${key}`;
-      entries[loc] = value;
-    });
-  }
-  return entries;
-};
-var se_AssumeRoleWithWebIdentityRequest = (input, context) => {
-  const entries = {};
-  if (input[_RA] != null) {
-    entries[_RA] = input[_RA];
-  }
-  if (input[_RSN] != null) {
-    entries[_RSN] = input[_RSN];
-  }
-  if (input[_WIT] != null) {
-    entries[_WIT] = input[_WIT];
-  }
-  if (input[_PI] != null) {
-    entries[_PI] = input[_PI];
-  }
-  if (input[_PA] != null) {
-    const memberEntries = se_policyDescriptorListType(input[_PA], context);
-    if (input[_PA]?.length === 0) {
-      entries.PolicyArns = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `PolicyArns.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_P] != null) {
-    entries[_P] = input[_P];
-  }
-  if (input[_DS] != null) {
-    entries[_DS] = input[_DS];
-  }
-  return entries;
-};
-var se_policyDescriptorListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    const memberEntries = se_PolicyDescriptorType(entry, context);
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      entries[`member.${counter}.${key}`] = value;
-    });
-    counter++;
-  }
-  return entries;
-};
-var se_PolicyDescriptorType = (input, context) => {
-  const entries = {};
-  if (input[_a] != null) {
-    entries[_a] = input[_a];
-  }
-  return entries;
-};
-var se_ProvidedContext = (input, context) => {
-  const entries = {};
-  if (input[_PAr] != null) {
-    entries[_PAr] = input[_PAr];
-  }
-  if (input[_CA] != null) {
-    entries[_CA] = input[_CA];
-  }
-  return entries;
-};
-var se_ProvidedContextsListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    const memberEntries = se_ProvidedContext(entry, context);
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      entries[`member.${counter}.${key}`] = value;
-    });
-    counter++;
-  }
-  return entries;
-};
-var se_Tag = (input, context) => {
-  const entries = {};
-  if (input[_K] != null) {
-    entries[_K] = input[_K];
-  }
-  if (input[_Va] != null) {
-    entries[_Va] = input[_Va];
-  }
-  return entries;
-};
-var se_tagKeyListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    entries[`member.${counter}`] = entry;
-    counter++;
-  }
-  return entries;
-};
-var se_tagListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    const memberEntries = se_Tag(entry, context);
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      entries[`member.${counter}.${key}`] = value;
-    });
-    counter++;
-  }
-  return entries;
-};
-var de_AssumedRoleUser = (output, context) => {
-  const contents = {};
-  if (output[_ARI] != null) {
-    contents[_ARI] = expectString(output[_ARI]);
-  }
-  if (output[_Ar] != null) {
-    contents[_Ar] = expectString(output[_Ar]);
-  }
-  return contents;
-};
-var de_AssumeRoleResponse = (output, context) => {
-  const contents = {};
-  if (output[_C] != null) {
-    contents[_C] = de_Credentials(output[_C], context);
-  }
-  if (output[_ARU] != null) {
-    contents[_ARU] = de_AssumedRoleUser(output[_ARU], context);
-  }
-  if (output[_PPS] != null) {
-    contents[_PPS] = strictParseInt32(output[_PPS]);
-  }
-  if (output[_SI] != null) {
-    contents[_SI] = expectString(output[_SI]);
-  }
-  return contents;
-};
-var de_AssumeRoleWithWebIdentityResponse = (output, context) => {
-  const contents = {};
-  if (output[_C] != null) {
-    contents[_C] = de_Credentials(output[_C], context);
-  }
-  if (output[_SFWIT] != null) {
-    contents[_SFWIT] = expectString(output[_SFWIT]);
-  }
-  if (output[_ARU] != null) {
-    contents[_ARU] = de_AssumedRoleUser(output[_ARU], context);
-  }
-  if (output[_PPS] != null) {
-    contents[_PPS] = strictParseInt32(output[_PPS]);
-  }
-  if (output[_Pr] != null) {
-    contents[_Pr] = expectString(output[_Pr]);
-  }
-  if (output[_Au] != null) {
-    contents[_Au] = expectString(output[_Au]);
-  }
-  if (output[_SI] != null) {
-    contents[_SI] = expectString(output[_SI]);
-  }
-  return contents;
-};
-var de_Credentials = (output, context) => {
-  const contents = {};
-  if (output[_AKI] != null) {
-    contents[_AKI] = expectString(output[_AKI]);
-  }
-  if (output[_SAK] != null) {
-    contents[_SAK] = expectString(output[_SAK]);
-  }
-  if (output[_ST] != null) {
-    contents[_ST] = expectString(output[_ST]);
-  }
-  if (output[_E] != null) {
-    contents[_E] = expectNonNull(parseRfc3339DateTimeWithOffset(output[_E]));
-  }
-  return contents;
-};
-var de_ExpiredTokenException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_IDPCommunicationErrorException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_IDPRejectedClaimException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_InvalidIdentityTokenException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_MalformedPolicyDocumentException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_PackedPolicyTooLargeException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_RegionDisabledException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var deserializeMetadata = (output) => ({
-  httpStatusCode: output.statusCode,
-  requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"] ?? output.headers["x-amz-request-id"],
-  extendedRequestId: output.headers["x-amz-id-2"],
-  cfId: output.headers["x-amz-cf-id"]
-});
-var throwDefaultError = withBaseException(STSServiceException);
-var buildHttpRpcRequest = async (context, headers, path, resolvedHostname, body) => {
-  const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
-  const contents = {
-    protocol,
-    hostname,
-    port,
-    method: "POST",
-    path: basePath.endsWith("/") ? basePath.slice(0, -1) + path : basePath + path,
-    headers
-  };
-  if (resolvedHostname !== void 0) {
-    contents.hostname = resolvedHostname;
-  }
-  if (body !== void 0) {
-    contents.body = body;
-  }
-  return new HttpRequest(contents);
-};
-var SHARED_HEADERS = {
-  "content-type": "application/x-www-form-urlencoded"
-};
-var _ = "2011-06-15";
-var _A = "Action";
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/schemas/schemas_0.js
+var _A = "Arn";
 var _AKI = "AccessKeyId";
 var _AR = "AssumeRole";
 var _ARI = "AssumedRoleId";
+var _ARR = "AssumeRoleRequest";
+var _ARRs = "AssumeRoleResponse";
 var _ARU = "AssumedRoleUser";
 var _ARWWI = "AssumeRoleWithWebIdentity";
-var _Ar = "Arn";
+var _ARWWIR = "AssumeRoleWithWebIdentityRequest";
+var _ARWWIRs = "AssumeRoleWithWebIdentityResponse";
 var _Au = "Audience";
 var _C = "Credentials";
 var _CA = "ContextAssertion";
 var _DS = "DurationSeconds";
 var _E = "Expiration";
 var _EI = "ExternalId";
+var _ETE = "ExpiredTokenException";
+var _IDPCEE = "IDPCommunicationErrorException";
+var _IDPRCE = "IDPRejectedClaimException";
+var _IITE = "InvalidIdentityTokenException";
 var _K = "Key";
+var _MPDE = "MalformedPolicyDocumentException";
 var _P = "Policy";
 var _PA = "PolicyArns";
 var _PAr = "ProviderArn";
 var _PC = "ProvidedContexts";
+var _PCLT = "ProvidedContextsListType";
+var _PCr = "ProvidedContext";
+var _PDT = "PolicyDescriptorType";
 var _PI = "ProviderId";
 var _PPS = "PackedPolicySize";
+var _PPTLE = "PackedPolicyTooLargeException";
 var _Pr = "Provider";
 var _RA = "RoleArn";
+var _RDE = "RegionDisabledException";
 var _RSN = "RoleSessionName";
 var _SAK = "SecretAccessKey";
 var _SFWIT = "SubjectFromWebIdentityToken";
@@ -985,40 +905,187 @@ var _ST = "SessionToken";
 var _T = "Tags";
 var _TC = "TokenCode";
 var _TTK = "TransitiveTagKeys";
-var _V = "Version";
-var _Va = "Value";
+var _Ta = "Tag";
+var _V = "Value";
 var _WIT = "WebIdentityToken";
 var _a = "arn";
+var _aKST = "accessKeySecretType";
+var _aQE = "awsQueryError";
+var _c = "client";
+var _cTT = "clientTokenType";
+var _e = "error";
+var _hE = "httpError";
 var _m = "message";
-var buildFormUrlencodedString = (formEntries) => Object.entries(formEntries).map(([key, value]) => extendedEncodeURIComponent(key) + "=" + extendedEncodeURIComponent(value)).join("&");
-var loadQueryErrorCode = (output, data) => {
-  if (data.Error?.Code !== void 0) {
-    return data.Error.Code;
-  }
-  if (output.statusCode == 404) {
-    return "NotFound";
-  }
-};
+var _pDLT = "policyDescriptorListType";
+var _s = "smithy.ts.sdk.synthetic.com.amazonaws.sts";
+var _tLT = "tagListType";
+var n0 = "com.amazonaws.sts";
+var accessKeySecretType = [0, n0, _aKST, 8, 0];
+var clientTokenType = [0, n0, _cTT, 8, 0];
+var AssumedRoleUser = [3, n0, _ARU, 0, [_ARI, _A], [0, 0]];
+var AssumeRoleRequest = [
+  3,
+  n0,
+  _ARR,
+  0,
+  [_RA, _RSN, _PA, _P, _DS, _T, _TTK, _EI, _SN, _TC, _SI, _PC],
+  [0, 0, () => policyDescriptorListType, 0, 1, () => tagListType, 64 | 0, 0, 0, 0, 0, () => ProvidedContextsListType]
+];
+var AssumeRoleResponse = [
+  3,
+  n0,
+  _ARRs,
+  0,
+  [_C, _ARU, _PPS, _SI],
+  [[() => Credentials, 0], () => AssumedRoleUser, 1, 0]
+];
+var AssumeRoleWithWebIdentityRequest = [
+  3,
+  n0,
+  _ARWWIR,
+  0,
+  [_RA, _RSN, _WIT, _PI, _PA, _P, _DS],
+  [0, 0, [() => clientTokenType, 0], 0, () => policyDescriptorListType, 0, 1]
+];
+var AssumeRoleWithWebIdentityResponse = [
+  3,
+  n0,
+  _ARWWIRs,
+  0,
+  [_C, _SFWIT, _ARU, _PPS, _Pr, _Au, _SI],
+  [[() => Credentials, 0], 0, () => AssumedRoleUser, 1, 0, 0, 0]
+];
+var Credentials = [
+  3,
+  n0,
+  _C,
+  0,
+  [_AKI, _SAK, _ST, _E],
+  [0, [() => accessKeySecretType, 0], 0, 4]
+];
+var ExpiredTokenException2 = [
+  -3,
+  n0,
+  _ETE,
+  {
+    [_e]: _c,
+    [_hE]: 400,
+    [_aQE]: [`ExpiredTokenException`, 400]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(ExpiredTokenException2, ExpiredTokenException);
+var IDPCommunicationErrorException2 = [
+  -3,
+  n0,
+  _IDPCEE,
+  {
+    [_e]: _c,
+    [_hE]: 400,
+    [_aQE]: [`IDPCommunicationError`, 400]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(IDPCommunicationErrorException2, IDPCommunicationErrorException);
+var IDPRejectedClaimException2 = [
+  -3,
+  n0,
+  _IDPRCE,
+  {
+    [_e]: _c,
+    [_hE]: 403,
+    [_aQE]: [`IDPRejectedClaim`, 403]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(IDPRejectedClaimException2, IDPRejectedClaimException);
+var InvalidIdentityTokenException2 = [
+  -3,
+  n0,
+  _IITE,
+  {
+    [_e]: _c,
+    [_hE]: 400,
+    [_aQE]: [`InvalidIdentityToken`, 400]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(InvalidIdentityTokenException2, InvalidIdentityTokenException);
+var MalformedPolicyDocumentException2 = [
+  -3,
+  n0,
+  _MPDE,
+  {
+    [_e]: _c,
+    [_hE]: 400,
+    [_aQE]: [`MalformedPolicyDocument`, 400]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(MalformedPolicyDocumentException2, MalformedPolicyDocumentException);
+var PackedPolicyTooLargeException2 = [
+  -3,
+  n0,
+  _PPTLE,
+  {
+    [_e]: _c,
+    [_hE]: 400,
+    [_aQE]: [`PackedPolicyTooLarge`, 400]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(PackedPolicyTooLargeException2, PackedPolicyTooLargeException);
+var PolicyDescriptorType = [3, n0, _PDT, 0, [_a], [0]];
+var ProvidedContext = [3, n0, _PCr, 0, [_PAr, _CA], [0, 0]];
+var RegionDisabledException2 = [
+  -3,
+  n0,
+  _RDE,
+  {
+    [_e]: _c,
+    [_hE]: 403,
+    [_aQE]: [`RegionDisabledException`, 403]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(RegionDisabledException2, RegionDisabledException);
+var Tag = [3, n0, _Ta, 0, [_K, _V], [0, 0]];
+var STSServiceException2 = [-3, _s, "STSServiceException", 0, [], []];
+TypeRegistry.for(_s).registerError(STSServiceException2, STSServiceException);
+var policyDescriptorListType = [1, n0, _pDLT, 0, () => PolicyDescriptorType];
+var ProvidedContextsListType = [1, n0, _PCLT, 0, () => ProvidedContext];
+var tagKeyListType = 64 | 0;
+var tagListType = [1, n0, _tLT, 0, () => Tag];
+var AssumeRole = [9, n0, _AR, 0, () => AssumeRoleRequest, () => AssumeRoleResponse];
+var AssumeRoleWithWebIdentity = [
+  9,
+  n0,
+  _ARWWI,
+  0,
+  () => AssumeRoleWithWebIdentityRequest,
+  () => AssumeRoleWithWebIdentityResponse
+];
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/commands/AssumeRoleCommand.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/commands/AssumeRoleCommand.js
 var AssumeRoleCommand = class extends Command.classBuilder().ep(commonParams).m(function(Command2, cs, config, o2) {
-  return [
-    getSerdePlugin(config, this.serialize, this.deserialize),
-    getEndpointPlugin(config, Command2.getEndpointParameterInstructions())
-  ];
-}).s("AWSSecurityTokenServiceV20110615", "AssumeRole", {}).n("STSClient", "AssumeRoleCommand").f(void 0, AssumeRoleResponseFilterSensitiveLog).ser(se_AssumeRoleCommand).de(de_AssumeRoleCommand).build() {
+  return [getEndpointPlugin(config, Command2.getEndpointParameterInstructions())];
+}).s("AWSSecurityTokenServiceV20110615", "AssumeRole", {}).n("STSClient", "AssumeRoleCommand").sc(AssumeRole).build() {
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/commands/AssumeRoleWithWebIdentityCommand.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/commands/AssumeRoleWithWebIdentityCommand.js
 var AssumeRoleWithWebIdentityCommand = class extends Command.classBuilder().ep(commonParams).m(function(Command2, cs, config, o2) {
-  return [
-    getSerdePlugin(config, this.serialize, this.deserialize),
-    getEndpointPlugin(config, Command2.getEndpointParameterInstructions())
-  ];
-}).s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithWebIdentity", {}).n("STSClient", "AssumeRoleWithWebIdentityCommand").f(AssumeRoleWithWebIdentityRequestFilterSensitiveLog, AssumeRoleWithWebIdentityResponseFilterSensitiveLog).ser(se_AssumeRoleWithWebIdentityCommand).de(de_AssumeRoleWithWebIdentityCommand).build() {
+  return [getEndpointPlugin(config, Command2.getEndpointParameterInstructions())];
+}).s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithWebIdentity", {}).n("STSClient", "AssumeRoleWithWebIdentityCommand").sc(AssumeRoleWithWebIdentity).build() {
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/STS.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/STS.js
 var commands = {
   AssumeRoleCommand,
   AssumeRoleWithWebIdentityCommand
@@ -1027,8 +1094,7 @@ var STS = class extends STSClient {
 };
 createAggregatedClient(commands, STS);
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/defaultStsRoleAssumers.js
-var ASSUME_ROLE_DEFAULT_REGION = "us-east-1";
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/defaultStsRoleAssumers.js
 var getAccountIdFromAssumedRoleUser = (assumedRoleUser) => {
   if (typeof assumedRoleUser?.Arn === "string") {
     const arnComponents = assumedRoleUser.Arn.split(":");
@@ -1038,11 +1104,12 @@ var getAccountIdFromAssumedRoleUser = (assumedRoleUser) => {
   }
   return void 0;
 };
-var resolveRegion = async (_region, _parentRegion, credentialProviderLogger) => {
+var resolveRegion = async (_region, _parentRegion, credentialProviderLogger, loaderConfig = {}) => {
   const region = typeof _region === "function" ? await _region() : _region;
   const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion;
-  credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (provider)`, `${parentRegion} (parent client)`, `${ASSUME_ROLE_DEFAULT_REGION} (STS default)`);
-  return region ?? parentRegion ?? ASSUME_ROLE_DEFAULT_REGION;
+  const stsDefaultRegion = await stsRegionDefaultResolver(loaderConfig)();
+  credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (credential provider clientConfig)`, `${parentRegion} (contextual client)`, `${stsDefaultRegion} (STS default: AWS_REGION, profile region, or us-east-1)`);
+  return region ?? parentRegion ?? stsDefaultRegion;
 };
 var getDefaultRoleAssumer = (stsOptions, STSClient2) => {
   let stsClient;
@@ -1050,28 +1117,33 @@ var getDefaultRoleAssumer = (stsOptions, STSClient2) => {
   return async (sourceCreds, params) => {
     closureSourceCreds = sourceCreds;
     if (!stsClient) {
-      const { logger = stsOptions?.parentClientConfig?.logger, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger } = stsOptions;
-      const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger);
+      const { logger = stsOptions?.parentClientConfig?.logger, profile = stsOptions?.parentClientConfig?.profile, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger, userAgentAppId = stsOptions?.parentClientConfig?.userAgentAppId } = stsOptions;
+      const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger, {
+        logger,
+        profile
+      });
       const isCompatibleRequestHandler = !isH2(requestHandler);
       stsClient = new STSClient2({
-        profile: stsOptions?.parentClientConfig?.profile,
+        ...stsOptions,
+        userAgentAppId,
+        profile,
         credentialDefaultProvider: () => async () => closureSourceCreds,
         region: resolvedRegion,
         requestHandler: isCompatibleRequestHandler ? requestHandler : void 0,
         logger
       });
     }
-    const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleCommand(params));
-    if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {
+    const { Credentials: Credentials2, AssumedRoleUser: AssumedRoleUser2 } = await stsClient.send(new AssumeRoleCommand(params));
+    if (!Credentials2 || !Credentials2.AccessKeyId || !Credentials2.SecretAccessKey) {
       throw new Error(`Invalid response from STS.assumeRole call with role ${params.RoleArn}`);
     }
-    const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);
+    const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser2);
     const credentials = {
-      accessKeyId: Credentials.AccessKeyId,
-      secretAccessKey: Credentials.SecretAccessKey,
-      sessionToken: Credentials.SessionToken,
-      expiration: Credentials.Expiration,
-      ...Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope },
+      accessKeyId: Credentials2.AccessKeyId,
+      secretAccessKey: Credentials2.SecretAccessKey,
+      sessionToken: Credentials2.SessionToken,
+      expiration: Credentials2.Expiration,
+      ...Credentials2.CredentialScope && { credentialScope: Credentials2.CredentialScope },
       ...accountId && { accountId }
     };
     setCredentialFeature(credentials, "CREDENTIALS_STS_ASSUME_ROLE", "i");
@@ -1082,27 +1154,32 @@ var getDefaultRoleAssumerWithWebIdentity = (stsOptions, STSClient2) => {
   let stsClient;
   return async (params) => {
     if (!stsClient) {
-      const { logger = stsOptions?.parentClientConfig?.logger, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger } = stsOptions;
-      const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger);
+      const { logger = stsOptions?.parentClientConfig?.logger, profile = stsOptions?.parentClientConfig?.profile, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger, userAgentAppId = stsOptions?.parentClientConfig?.userAgentAppId } = stsOptions;
+      const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger, {
+        logger,
+        profile
+      });
       const isCompatibleRequestHandler = !isH2(requestHandler);
       stsClient = new STSClient2({
-        profile: stsOptions?.parentClientConfig?.profile,
+        ...stsOptions,
+        userAgentAppId,
+        profile,
         region: resolvedRegion,
         requestHandler: isCompatibleRequestHandler ? requestHandler : void 0,
         logger
       });
     }
-    const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
-    if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {
+    const { Credentials: Credentials2, AssumedRoleUser: AssumedRoleUser2 } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
+    if (!Credentials2 || !Credentials2.AccessKeyId || !Credentials2.SecretAccessKey) {
       throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${params.RoleArn}`);
     }
-    const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);
+    const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser2);
     const credentials = {
-      accessKeyId: Credentials.AccessKeyId,
-      secretAccessKey: Credentials.SecretAccessKey,
-      sessionToken: Credentials.SessionToken,
-      expiration: Credentials.Expiration,
-      ...Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope },
+      accessKeyId: Credentials2.AccessKeyId,
+      secretAccessKey: Credentials2.SecretAccessKey,
+      sessionToken: Credentials2.SessionToken,
+      expiration: Credentials2.Expiration,
+      ...Credentials2.CredentialScope && { credentialScope: Credentials2.CredentialScope },
       ...accountId && { accountId }
     };
     if (accountId) {
@@ -1116,7 +1193,7 @@ var isH2 = (requestHandler) => {
   return requestHandler?.metadata?.handlerProtocol === "h2";
 };
 
-// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.817.0-7e685fc30b-9829525f45.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/defaultRoleAssumers.js
+// ../../.yarn/cache/@aws-sdk-nested-clients-npm-3.940.0-415b36f0bc-6695cd044d.zip/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/defaultRoleAssumers.js
 var getCustomizableStsClientCtor = (baseCtor, customizations) => {
   if (!customizations)
     return baseCtor;
@@ -1140,11 +1217,7 @@ var decorateDefaultCredentialProvider = (provider) => (input) => provider({
 export {
   Command as $Command,
   AssumeRoleCommand,
-  AssumeRoleResponseFilterSensitiveLog,
   AssumeRoleWithWebIdentityCommand,
-  AssumeRoleWithWebIdentityRequestFilterSensitiveLog,
-  AssumeRoleWithWebIdentityResponseFilterSensitiveLog,
-  CredentialsFilterSensitiveLog,
   ExpiredTokenException,
   IDPCommunicationErrorException,
   IDPRejectedClaimException,