@granite-js/pulumi-aws 0.1.34 → 1.0.2

package/dist/{sts-P7Q3MYTS-BKGWHQE4.js → sts-TBWJ374A-DHXXCVJJ.js}

@@ -1,16 +1,21 @@
 import {
-  parseXmlBody,
-  parseXmlErrorBody
-} from "./chunk-FRWSD3YQ.js";
+  XmlShapeDeserializer
+} from "./chunk-3AVBP57V.js";
 import {
   package_default
-} from "./chunk-IEZY5C3G.js";
+} from "./chunk-46DIC54Q.js";
+import {
+  createAggregatedClient
+} from "./chunk-ZIHRRTTA.js";
 import {
   AwsSdkSigV4Signer,
+  Client,
+  Command,
   DEFAULT_RETRY_MODE,
   DefaultIdentityProviderConfig,
   EndpointCache,
   Hash,
+  HttpProtocol,
   NODE_APP_ID_CONFIG_OPTIONS,
   NODE_AUTH_SCHEME_PREFERENCE_OPTIONS,
   NODE_MAX_ATTEMPT_CONFIG_OPTIONS,
@@ -20,80 +25,440 @@ import {
   NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS,
   NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS,
   NoAuthSigner,
+  NoOpLogger,
+  NormalizedSchema,
+  NumericValue,
+  ProtocolLib,
+  SerdeContextConfig,
+  ServiceException,
+  TypeRegistry,
   awsEndpointFunctions,
   calculateBodyLength,
+  collectBody,
   createDefaultUserAgentProvider,
   customEndpointFunctions,
-  emitWarningIfUnsupportedVersion as emitWarningIfUnsupportedVersion2,
+  deref,
+  determineTimestampFormat,
+  emitWarningIfUnsupportedVersion,
+  emitWarningIfUnsupportedVersion2,
+  extendedEncodeURIComponent,
   getAwsRegionExtensionConfiguration,
   getContentLengthPlugin,
+  getDefaultExtensionConfiguration,
   getEndpointPlugin,
   getHostHeaderPlugin,
   getHttpAuthSchemeEndpointRuleSetPlugin,
+  getHttpHandlerExtensionConfiguration,
   getHttpSigningPlugin,
   getLoggerPlugin,
   getRecursionDetectionPlugin,
   getRetryPlugin,
-  getSerdePlugin,
+  getSchemaSerdePlugin,
   getSmithyContext,
   getUserAgentPlugin,
+  loadConfigsForDefaultMode,
   normalizeProvider,
   resolveAwsRegionExtensionConfiguration,
   resolveAwsSdkSigV4Config,
+  resolveDefaultRuntimeConfig,
   resolveDefaultsModeConfig,
   resolveEndpoint,
   resolveEndpointConfig,
   resolveHostHeaderConfig,
+  resolveHttpHandlerRuntimeConfig,
   resolveRegionConfig,
   resolveRetryConfig,
-  resolveUserAgentConfig
-} from "./chunk-QAE2S7MG.js";
+  resolveUserAgentConfig,
+  serializingStructIterator,
+  v4
+} from "./chunk-7NN7DVGK.js";
 import {
   loadConfig,
   parseUrl
-} from "./chunk-X6XO7USX.js";
+} from "./chunk-63Q3RLAK.js";
+import "./chunk-OCHPLE5N.js";
+import "./chunk-GJFKL6XM.js";
 import {
-  Client,
-  Command,
-  HttpRequest,
-  NoOpLogger,
   NodeHttpHandler,
-  SENSITIVE_STRING,
-  ServiceException,
-  createAggregatedClient,
-  decorateServiceException,
-  emitWarningIfUnsupportedVersion,
-  expectNonNull,
-  expectString,
-  extendedEncodeURIComponent,
+  dateToUtcString,
   fromBase64,
-  fromUtf8,
-  getDefaultExtensionConfiguration,
-  getHttpHandlerExtensionConfiguration,
-  loadConfigsForDefaultMode,
-  parseRfc3339DateTimeWithOffset,
-  resolveDefaultRuntimeConfig,
-  resolveHttpHandlerRuntimeConfig,
   streamCollector,
-  strictParseInt32,
-  toBase64,
-  toUtf8,
-  withBaseException
-} from "./chunk-UT2RMOJS.js";
-import "./chunk-TJ744C2T.js";
+  toBase64
+} from "./chunk-57WYIP4I.js";
+import {
+  HttpRequest
+} from "./chunk-TDZTH7TL.js";
 import {
   setCredentialFeature
-} from "./chunk-64IS37V6.js";
-import "./chunk-XLUI7RQ4.js";
+} from "./chunk-RYIGWCGK.js";
 import {
-  init_esm_shims
-} from "./chunk-JBVMOFGH.js";
-import "./chunk-JSBRDJBE.js";
+  fromUtf8,
+  toUtf8
+} from "./chunk-H4QJ5O4E.js";
+import "./chunk-THUA35UY.js";
 
-// ../deployment-manager/dist/sts-P7Q3MYTS.js
-init_esm_shims();
-init_esm_shims();
-init_esm_shims();
+// ../deployment-manager/dist/sts-TBWJ374A.js
+var RpcProtocol = class extends HttpProtocol {
+  async serializeRequest(operationSchema, input, context) {
+    const serializer = this.serializer;
+    const query = {};
+    const headers = {};
+    const endpoint = await context.endpoint();
+    const ns = NormalizedSchema.of(operationSchema?.input);
+    const schema = ns.getSchema();
+    let payload;
+    const request = new HttpRequest({
+      protocol: "",
+      hostname: "",
+      port: void 0,
+      path: "/",
+      fragment: void 0,
+      query,
+      headers,
+      body: void 0
+    });
+    if (endpoint) {
+      this.updateServiceEndpoint(request, endpoint);
+      this.setHostPrefix(request, operationSchema, input);
+    }
+    const _input = {
+      ...input
+    };
+    if (input) {
+      const eventStreamMember = ns.getEventStreamMember();
+      if (eventStreamMember) {
+        if (_input[eventStreamMember]) {
+          const initialRequest = {};
+          for (const [memberName, memberSchema] of ns.structIterator()) {
+            if (memberName !== eventStreamMember && _input[memberName]) {
+              serializer.write(memberSchema, _input[memberName]);
+              initialRequest[memberName] = serializer.flush();
+            }
+          }
+          payload = await this.serializeEventStream({
+            eventStream: _input[eventStreamMember],
+            requestSchema: ns,
+            initialRequest
+          });
+        }
+      } else {
+        serializer.write(schema, _input);
+        payload = serializer.flush();
+      }
+    }
+    request.headers = headers;
+    request.query = query;
+    request.body = payload;
+    request.method = "POST";
+    return request;
+  }
+  async deserializeResponse(operationSchema, context, response) {
+    const deserializer = this.deserializer;
+    const ns = NormalizedSchema.of(operationSchema.output);
+    const dataObject = {};
+    if (response.statusCode >= 300) {
+      const bytes = await collectBody(response.body, context);
+      if (bytes.byteLength > 0) {
+        Object.assign(dataObject, await deserializer.read(15, bytes));
+      }
+      await this.handleError(operationSchema, context, response, dataObject, this.deserializeMetadata(response));
+      throw new Error("@smithy/core/protocols - RPC Protocol error handler failed to throw.");
+    }
+    for (const header in response.headers) {
+      const value = response.headers[header];
+      delete response.headers[header];
+      response.headers[header.toLowerCase()] = value;
+    }
+    const eventStreamMember = ns.getEventStreamMember();
+    if (eventStreamMember) {
+      dataObject[eventStreamMember] = await this.deserializeEventStream({
+        response,
+        responseSchema: ns,
+        initialResponseContainer: dataObject
+      });
+    } else {
+      const bytes = await collectBody(response.body, context);
+      if (bytes.byteLength > 0) {
+        Object.assign(dataObject, await deserializer.read(ns, bytes));
+      }
+    }
+    dataObject.$metadata = this.deserializeMetadata(response);
+    return dataObject;
+  }
+};
+var QueryShapeSerializer = class extends SerdeContextConfig {
+  settings;
+  buffer;
+  constructor(settings) {
+    super();
+    this.settings = settings;
+  }
+  write(schema, value, prefix = "") {
+    if (this.buffer === void 0) {
+      this.buffer = "";
+    }
+    const ns = NormalizedSchema.of(schema);
+    if (prefix && !prefix.endsWith(".")) {
+      prefix += ".";
+    }
+    if (ns.isBlobSchema()) {
+      if (typeof value === "string" || value instanceof Uint8Array) {
+        this.writeKey(prefix);
+        this.writeValue((this.serdeContext?.base64Encoder ?? toBase64)(value));
+      }
+    } else if (ns.isBooleanSchema() || ns.isNumericSchema() || ns.isStringSchema()) {
+      if (value != null) {
+        this.writeKey(prefix);
+        this.writeValue(String(value));
+      } else if (ns.isIdempotencyToken()) {
+        this.writeKey(prefix);
+        this.writeValue(v4());
+      }
+    } else if (ns.isBigIntegerSchema()) {
+      if (value != null) {
+        this.writeKey(prefix);
+        this.writeValue(String(value));
+      }
+    } else if (ns.isBigDecimalSchema()) {
+      if (value != null) {
+        this.writeKey(prefix);
+        this.writeValue(value instanceof NumericValue ? value.string : String(value));
+      }
+    } else if (ns.isTimestampSchema()) {
+      if (value instanceof Date) {
+        this.writeKey(prefix);
+        const format = determineTimestampFormat(ns, this.settings);
+        switch (format) {
+          case 5:
+            this.writeValue(value.toISOString().replace(".000Z", "Z"));
+            break;
+          case 6:
+            this.writeValue(dateToUtcString(value));
+            break;
+          case 7:
+            this.writeValue(String(value.getTime() / 1e3));
+            break;
+        }
+      }
+    } else if (ns.isDocumentSchema()) {
+      throw new Error(`@aws-sdk/core/protocols - QuerySerializer unsupported document type ${ns.getName(true)}`);
+    } else if (ns.isListSchema()) {
+      if (Array.isArray(value)) {
+        if (value.length === 0) {
+          if (this.settings.serializeEmptyLists) {
+            this.writeKey(prefix);
+            this.writeValue("");
+          }
+        } else {
+          const member = ns.getValueSchema();
+          const flat = this.settings.flattenLists || ns.getMergedTraits().xmlFlattened;
+          let i2 = 1;
+          for (const item of value) {
+            if (item == null) {
+              continue;
+            }
+            const suffix = this.getKey("member", member.getMergedTraits().xmlName);
+            const key = flat ? `${prefix}${i2}` : `${prefix}${suffix}.${i2}`;
+            this.write(member, item, key);
+            ++i2;
+          }
+        }
+      }
+    } else if (ns.isMapSchema()) {
+      if (value && typeof value === "object") {
+        const keySchema = ns.getKeySchema();
+        const memberSchema = ns.getValueSchema();
+        const flat = ns.getMergedTraits().xmlFlattened;
+        let i2 = 1;
+        for (const [k2, v2] of Object.entries(value)) {
+          if (v2 == null) {
+            continue;
+          }
+          const keySuffix = this.getKey("key", keySchema.getMergedTraits().xmlName);
+          const key = flat ? `${prefix}${i2}.${keySuffix}` : `${prefix}entry.${i2}.${keySuffix}`;
+          const valueSuffix = this.getKey("value", memberSchema.getMergedTraits().xmlName);
+          const valueKey = flat ? `${prefix}${i2}.${valueSuffix}` : `${prefix}entry.${i2}.${valueSuffix}`;
+          this.write(keySchema, k2, key);
+          this.write(memberSchema, v2, valueKey);
+          ++i2;
+        }
+      }
+    } else if (ns.isStructSchema()) {
+      if (value && typeof value === "object") {
+        for (const [memberName, member] of serializingStructIterator(ns, value)) {
+          if (value[memberName] == null && !member.isIdempotencyToken()) {
+            continue;
+          }
+          const suffix = this.getKey(memberName, member.getMergedTraits().xmlName);
+          const key = `${prefix}${suffix}`;
+          this.write(member, value[memberName], key);
+        }
+      }
+    } else if (ns.isUnitSchema()) {
+    } else {
+      throw new Error(`@aws-sdk/core/protocols - QuerySerializer unrecognized schema type ${ns.getName(true)}`);
+    }
+  }
+  flush() {
+    if (this.buffer === void 0) {
+      throw new Error("@aws-sdk/core/protocols - QuerySerializer cannot flush with nothing written to buffer.");
+    }
+    const str = this.buffer;
+    delete this.buffer;
+    return str;
+  }
+  getKey(memberName, xmlName) {
+    const key = xmlName ?? memberName;
+    if (this.settings.capitalizeKeys) {
+      return key[0].toUpperCase() + key.slice(1);
+    }
+    return key;
+  }
+  writeKey(key) {
+    if (key.endsWith(".")) {
+      key = key.slice(0, key.length - 1);
+    }
+    this.buffer += `&${extendedEncodeURIComponent(key)}=`;
+  }
+  writeValue(value) {
+    this.buffer += extendedEncodeURIComponent(value);
+  }
+};
+var AwsQueryProtocol = class extends RpcProtocol {
+  options;
+  serializer;
+  deserializer;
+  mixin = new ProtocolLib();
+  constructor(options) {
+    super({
+      defaultNamespace: options.defaultNamespace
+    });
+    this.options = options;
+    const settings = {
+      timestampFormat: {
+        useTrait: true,
+        default: 5
+      },
+      httpBindings: false,
+      xmlNamespace: options.xmlNamespace,
+      serviceNamespace: options.defaultNamespace,
+      serializeEmptyLists: true
+    };
+    this.serializer = new QueryShapeSerializer(settings);
+    this.deserializer = new XmlShapeDeserializer(settings);
+  }
+  getShapeId() {
+    return "aws.protocols#awsQuery";
+  }
+  setSerdeContext(serdeContext) {
+    this.serializer.setSerdeContext(serdeContext);
+    this.deserializer.setSerdeContext(serdeContext);
+  }
+  getPayloadCodec() {
+    throw new Error("AWSQuery protocol has no payload codec.");
+  }
+  async serializeRequest(operationSchema, input, context) {
+    const request = await super.serializeRequest(operationSchema, input, context);
+    if (!request.path.endsWith("/")) {
+      request.path += "/";
+    }
+    Object.assign(request.headers, {
+      "content-type": `application/x-www-form-urlencoded`
+    });
+    if (deref(operationSchema.input) === "unit" || !request.body) {
+      request.body = "";
+    }
+    const action = operationSchema.name.split("#")[1] ?? operationSchema.name;
+    request.body = `Action=${action}&Version=${this.options.version}` + request.body;
+    if (request.body.endsWith("&")) {
+      request.body = request.body.slice(-1);
+    }
+    return request;
+  }
+  async deserializeResponse(operationSchema, context, response) {
+    const deserializer = this.deserializer;
+    const ns = NormalizedSchema.of(operationSchema.output);
+    const dataObject = {};
+    if (response.statusCode >= 300) {
+      const bytes2 = await collectBody(response.body, context);
+      if (bytes2.byteLength > 0) {
+        Object.assign(dataObject, await deserializer.read(15, bytes2));
+      }
+      await this.handleError(operationSchema, context, response, dataObject, this.deserializeMetadata(response));
+    }
+    for (const header in response.headers) {
+      const value = response.headers[header];
+      delete response.headers[header];
+      response.headers[header.toLowerCase()] = value;
+    }
+    const shortName = operationSchema.name.split("#")[1] ?? operationSchema.name;
+    const awsQueryResultKey = ns.isStructSchema() && this.useNestedResult() ? shortName + "Result" : void 0;
+    const bytes = await collectBody(response.body, context);
+    if (bytes.byteLength > 0) {
+      Object.assign(dataObject, await deserializer.read(ns, bytes, awsQueryResultKey));
+    }
+    const output = {
+      $metadata: this.deserializeMetadata(response),
+      ...dataObject
+    };
+    return output;
+  }
+  useNestedResult() {
+    return true;
+  }
+  async handleError(operationSchema, context, response, dataObject, metadata) {
+    const errorIdentifier = this.loadQueryErrorCode(response, dataObject) ?? "Unknown";
+    const errorData = this.loadQueryError(dataObject);
+    const message = this.loadQueryErrorMessage(dataObject);
+    errorData.message = message;
+    errorData.Error = {
+      Type: errorData.Type,
+      Code: errorData.Code,
+      Message: message
+    };
+    const { errorSchema, errorMetadata } = await this.mixin.getErrorSchemaOrThrowBaseException(errorIdentifier, this.options.defaultNamespace, response, errorData, metadata, (registry, errorName) => {
+      try {
+        return registry.getSchema(errorName);
+      } catch (e2) {
+        return registry.find((schema) => NormalizedSchema.of(schema).getMergedTraits().awsQueryError?.[0] === errorName);
+      }
+    });
+    const ns = NormalizedSchema.of(errorSchema);
+    const ErrorCtor = TypeRegistry.for(errorSchema[1]).getErrorCtor(errorSchema) ?? Error;
+    const exception = new ErrorCtor(message);
+    const output = {
+      Error: errorData.Error
+    };
+    for (const [name, member] of ns.structIterator()) {
+      const target = member.getMergedTraits().xmlName ?? name;
+      const value = errorData[target] ?? dataObject[target];
+      output[name] = this.deserializer.readSchema(member, value);
+    }
+    throw this.mixin.decorateServiceException(Object.assign(exception, errorMetadata, {
+      $fault: ns.getMergedTraits().error,
+      message
+    }, output), dataObject);
+  }
+  loadQueryErrorCode(output, data) {
+    const code = (data.Errors?.[0]?.Error ?? data.Errors?.Error ?? data.Error)?.Code;
+    if (code !== void 0) {
+      return code;
+    }
+    if (output.statusCode == 404) {
+      return "NotFound";
+    }
+  }
+  loadQueryError(data) {
+    return data.Errors?.[0]?.Error ?? data.Errors?.Error ?? data.Error;
+  }
+  loadQueryErrorMessage(data) {
+    const errorData = this.loadQueryError(data);
+    return errorData?.message ?? errorData?.Message ?? data.message ?? data.Message ?? "Unknown";
+  }
+  getDefaultContentType() {
+    return "application/x-www-form-urlencoded";
+  }
+};
 var defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
   return {
     operation: getSmithyContext(context).operation,
@@ -145,7 +510,6 @@ var resolveHttpAuthSchemeConfig = (config) => {
     authSchemePreference: normalizeProvider(config.authSchemePreference ?? [])
   });
 };
-init_esm_shims();
 var resolveClientEndpointParameters = (options) => {
   return Object.assign(options, {
     useDualstackEndpoint: options.useDualstackEndpoint ?? false,
@@ -161,10 +525,6 @@ var commonParams = {
   Region: { type: "builtInParams", name: "region" },
   UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }
 };
-init_esm_shims();
-init_esm_shims();
-init_esm_shims();
-init_esm_shims();
 var F = "required";
 var G = "type";
 var H = "fn";
@@ -182,8 +542,8 @@ var i = "https://sts.{Region}.{PartitionResult#dnsSuffix}";
 var j = "tree";
 var k = "error";
 var l = "getAttr";
-var m = { [F]: false, [G]: "String" };
-var n = { [F]: true, "default": false, [G]: "Boolean" };
+var m = { [F]: false, [G]: "string" };
+var n = { [F]: true, "default": false, [G]: "boolean" };
 var o = { [J]: "Endpoint" };
 var p = { [H]: "isSet", [I]: [{ [J]: "Region" }] };
 var q = { [J]: "Region" };
@@ -236,6 +596,11 @@ var getRuntimeConfig = (config) => {
       }
     ],
     logger: config?.logger ?? new NoOpLogger(),
+    protocol: config?.protocol ?? new AwsQueryProtocol({
+      defaultNamespace: "com.amazonaws.sts",
+      xmlNamespace: "https://sts.amazonaws.com/doc/2011-06-15/",
+      version: "2011-06-15"
+    }),
     serviceId: config?.serviceId ?? "STS",
     urlParser: config?.urlParser ?? parseUrl,
     utf8Decoder: config?.utf8Decoder ?? fromUtf8,
@@ -243,11 +608,11 @@ var getRuntimeConfig = (config) => {
   };
 };
 var getRuntimeConfig2 = (config) => {
-  emitWarningIfUnsupportedVersion(process.version);
+  emitWarningIfUnsupportedVersion2(process.version);
   const defaultsMode = resolveDefaultsModeConfig(config);
   const defaultConfigProvider = () => defaultsMode().then(loadConfigsForDefaultMode);
   const clientSharedValues = getRuntimeConfig(config);
-  emitWarningIfUnsupportedVersion2(process.version);
+  emitWarningIfUnsupportedVersion(process.version);
   const loaderConfig = {
     profile: config?.profile,
     logger: clientSharedValues.logger
@@ -286,8 +651,20 @@ var getRuntimeConfig2 = (config) => {
     userAgentAppId: config?.userAgentAppId ?? loadConfig(NODE_APP_ID_CONFIG_OPTIONS, loaderConfig)
   };
 };
-init_esm_shims();
-init_esm_shims();
+function stsRegionDefaultResolver(loaderConfig = {}) {
+  return loadConfig({
+    ...NODE_REGION_CONFIG_OPTIONS,
+    async default() {
+      if (!warning.silence) {
+        console.warn("@aws-sdk - WARN - default STS region of us-east-1 used. See @aws-sdk/credential-providers README and set a region explicitly.");
+      }
+      return "us-east-1";
+    }
+  }, { ...NODE_REGION_CONFIG_FILE_OPTIONS, ...loaderConfig });
+}
+var warning = {
+  silence: false
+};
 var getHttpAuthExtensionConfiguration = (runtimeConfig) => {
   const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
   let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
@@ -345,6 +722,7 @@ var STSClient = class extends Client {
     const _config_7 = resolveHttpAuthSchemeConfig(_config_6);
     const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
     this.config = _config_8;
+    this.middlewareStack.use(getSchemaSerdePlugin(this.config));
     this.middlewareStack.use(getUserAgentPlugin(this.config));
     this.middlewareStack.use(getRetryPlugin(this.config));
     this.middlewareStack.use(getContentLengthPlugin(this.config));
@@ -363,24 +741,12 @@ var STSClient = class extends Client {
     super.destroy();
   }
 };
-init_esm_shims();
-init_esm_shims();
-init_esm_shims();
-init_esm_shims();
 var STSServiceException = class _STSServiceException extends ServiceException {
   constructor(options) {
     super(options);
     Object.setPrototypeOf(this, _STSServiceException.prototype);
   }
 };
-var CredentialsFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.SecretAccessKey && { SecretAccessKey: SENSITIVE_STRING }
-});
-var AssumeRoleResponseFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }
-});
 var ExpiredTokenException = class _ExpiredTokenException extends STSServiceException {
   name = "ExpiredTokenException";
   $fault = "client";
@@ -453,14 +819,6 @@ var InvalidIdentityTokenException = class _InvalidIdentityTokenException extends
     Object.setPrototypeOf(this, _InvalidIdentityTokenException.prototype);
   }
 };
-var AssumeRoleWithWebIdentityRequestFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.WebIdentityToken && { WebIdentityToken: SENSITIVE_STRING }
-});
-var AssumeRoleWithWebIdentityResponseFilterSensitiveLog = (obj) => ({
-  ...obj,
-  ...obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }
-});
 var IDPCommunicationErrorException = class _IDPCommunicationErrorException extends STSServiceException {
   name = "IDPCommunicationErrorException";
   $fault = "client";
@@ -473,504 +831,41 @@ var IDPCommunicationErrorException = class _IDPCommunicationErrorException exten
     Object.setPrototypeOf(this, _IDPCommunicationErrorException.prototype);
   }
 };
-init_esm_shims();
-var se_AssumeRoleCommand = async (input, context) => {
-  const headers = SHARED_HEADERS;
-  let body;
-  body = buildFormUrlencodedString({
-    ...se_AssumeRoleRequest(input, context),
-    [_A]: _AR,
-    [_V]: _
-  });
-  return buildHttpRpcRequest(context, headers, "/", void 0, body);
-};
-var se_AssumeRoleWithWebIdentityCommand = async (input, context) => {
-  const headers = SHARED_HEADERS;
-  let body;
-  body = buildFormUrlencodedString({
-    ...se_AssumeRoleWithWebIdentityRequest(input, context),
-    [_A]: _ARWWI,
-    [_V]: _
-  });
-  return buildHttpRpcRequest(context, headers, "/", void 0, body);
-};
-var de_AssumeRoleCommand = async (output, context) => {
-  if (output.statusCode >= 300) {
-    return de_CommandError(output, context);
-  }
-  const data = await parseXmlBody(output.body, context);
-  let contents = {};
-  contents = de_AssumeRoleResponse(data.AssumeRoleResult, context);
-  const response = {
-    $metadata: deserializeMetadata(output),
-    ...contents
-  };
-  return response;
-};
-var de_AssumeRoleWithWebIdentityCommand = async (output, context) => {
-  if (output.statusCode >= 300) {
-    return de_CommandError(output, context);
-  }
-  const data = await parseXmlBody(output.body, context);
-  let contents = {};
-  contents = de_AssumeRoleWithWebIdentityResponse(data.AssumeRoleWithWebIdentityResult, context);
-  const response = {
-    $metadata: deserializeMetadata(output),
-    ...contents
-  };
-  return response;
-};
-var de_CommandError = async (output, context) => {
-  const parsedOutput = {
-    ...output,
-    body: await parseXmlErrorBody(output.body, context)
-  };
-  const errorCode = loadQueryErrorCode(output, parsedOutput.body);
-  switch (errorCode) {
-    case "ExpiredTokenException":
-    case "com.amazonaws.sts#ExpiredTokenException":
-      throw await de_ExpiredTokenExceptionRes(parsedOutput, context);
-    case "MalformedPolicyDocument":
-    case "com.amazonaws.sts#MalformedPolicyDocumentException":
-      throw await de_MalformedPolicyDocumentExceptionRes(parsedOutput, context);
-    case "PackedPolicyTooLarge":
-    case "com.amazonaws.sts#PackedPolicyTooLargeException":
-      throw await de_PackedPolicyTooLargeExceptionRes(parsedOutput, context);
-    case "RegionDisabledException":
-    case "com.amazonaws.sts#RegionDisabledException":
-      throw await de_RegionDisabledExceptionRes(parsedOutput, context);
-    case "IDPCommunicationError":
-    case "com.amazonaws.sts#IDPCommunicationErrorException":
-      throw await de_IDPCommunicationErrorExceptionRes(parsedOutput, context);
-    case "IDPRejectedClaim":
-    case "com.amazonaws.sts#IDPRejectedClaimException":
-      throw await de_IDPRejectedClaimExceptionRes(parsedOutput, context);
-    case "InvalidIdentityToken":
-    case "com.amazonaws.sts#InvalidIdentityTokenException":
-      throw await de_InvalidIdentityTokenExceptionRes(parsedOutput, context);
-    default:
-      const parsedBody = parsedOutput.body;
-      return throwDefaultError({
-        output,
-        parsedBody: parsedBody.Error,
-        errorCode
-      });
-  }
-};
-var de_ExpiredTokenExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_ExpiredTokenException(body.Error, context);
-  const exception = new ExpiredTokenException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_IDPCommunicationErrorExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_IDPCommunicationErrorException(body.Error, context);
-  const exception = new IDPCommunicationErrorException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_IDPRejectedClaimExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_IDPRejectedClaimException(body.Error, context);
-  const exception = new IDPRejectedClaimException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_InvalidIdentityTokenExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_InvalidIdentityTokenException(body.Error, context);
-  const exception = new InvalidIdentityTokenException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_MalformedPolicyDocumentExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_MalformedPolicyDocumentException(body.Error, context);
-  const exception = new MalformedPolicyDocumentException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_PackedPolicyTooLargeExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_PackedPolicyTooLargeException(body.Error, context);
-  const exception = new PackedPolicyTooLargeException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var de_RegionDisabledExceptionRes = async (parsedOutput, context) => {
-  const body = parsedOutput.body;
-  const deserialized = de_RegionDisabledException(body.Error, context);
-  const exception = new RegionDisabledException({
-    $metadata: deserializeMetadata(parsedOutput),
-    ...deserialized
-  });
-  return decorateServiceException(exception, body);
-};
-var se_AssumeRoleRequest = (input, context) => {
-  const entries = {};
-  if (input[_RA] != null) {
-    entries[_RA] = input[_RA];
-  }
-  if (input[_RSN] != null) {
-    entries[_RSN] = input[_RSN];
-  }
-  if (input[_PA] != null) {
-    const memberEntries = se_policyDescriptorListType(input[_PA], context);
-    if (input[_PA]?.length === 0) {
-      entries.PolicyArns = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `PolicyArns.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_P] != null) {
-    entries[_P] = input[_P];
-  }
-  if (input[_DS] != null) {
-    entries[_DS] = input[_DS];
-  }
-  if (input[_T] != null) {
-    const memberEntries = se_tagListType(input[_T], context);
-    if (input[_T]?.length === 0) {
-      entries.Tags = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `Tags.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_TTK] != null) {
-    const memberEntries = se_tagKeyListType(input[_TTK], context);
-    if (input[_TTK]?.length === 0) {
-      entries.TransitiveTagKeys = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `TransitiveTagKeys.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_EI] != null) {
-    entries[_EI] = input[_EI];
-  }
-  if (input[_SN] != null) {
-    entries[_SN] = input[_SN];
-  }
-  if (input[_TC] != null) {
-    entries[_TC] = input[_TC];
-  }
-  if (input[_SI] != null) {
-    entries[_SI] = input[_SI];
-  }
-  if (input[_PC] != null) {
-    const memberEntries = se_ProvidedContextsListType(input[_PC], context);
-    if (input[_PC]?.length === 0) {
-      entries.ProvidedContexts = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `ProvidedContexts.${key}`;
-      entries[loc] = value;
-    });
-  }
-  return entries;
-};
-var se_AssumeRoleWithWebIdentityRequest = (input, context) => {
-  const entries = {};
-  if (input[_RA] != null) {
-    entries[_RA] = input[_RA];
-  }
-  if (input[_RSN] != null) {
-    entries[_RSN] = input[_RSN];
-  }
-  if (input[_WIT] != null) {
-    entries[_WIT] = input[_WIT];
-  }
-  if (input[_PI] != null) {
-    entries[_PI] = input[_PI];
-  }
-  if (input[_PA] != null) {
-    const memberEntries = se_policyDescriptorListType(input[_PA], context);
-    if (input[_PA]?.length === 0) {
-      entries.PolicyArns = [];
-    }
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      const loc = `PolicyArns.${key}`;
-      entries[loc] = value;
-    });
-  }
-  if (input[_P] != null) {
-    entries[_P] = input[_P];
-  }
-  if (input[_DS] != null) {
-    entries[_DS] = input[_DS];
-  }
-  return entries;
-};
-var se_policyDescriptorListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    const memberEntries = se_PolicyDescriptorType(entry, context);
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      entries[`member.${counter}.${key}`] = value;
-    });
-    counter++;
-  }
-  return entries;
-};
-var se_PolicyDescriptorType = (input, context) => {
-  const entries = {};
-  if (input[_a] != null) {
-    entries[_a] = input[_a];
-  }
-  return entries;
-};
-var se_ProvidedContext = (input, context) => {
-  const entries = {};
-  if (input[_PAr] != null) {
-    entries[_PAr] = input[_PAr];
-  }
-  if (input[_CA] != null) {
-    entries[_CA] = input[_CA];
-  }
-  return entries;
-};
-var se_ProvidedContextsListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    const memberEntries = se_ProvidedContext(entry, context);
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      entries[`member.${counter}.${key}`] = value;
-    });
-    counter++;
-  }
-  return entries;
-};
-var se_Tag = (input, context) => {
-  const entries = {};
-  if (input[_K] != null) {
-    entries[_K] = input[_K];
-  }
-  if (input[_Va] != null) {
-    entries[_Va] = input[_Va];
-  }
-  return entries;
-};
-var se_tagKeyListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    entries[`member.${counter}`] = entry;
-    counter++;
-  }
-  return entries;
-};
-var se_tagListType = (input, context) => {
-  const entries = {};
-  let counter = 1;
-  for (const entry of input) {
-    if (entry === null) {
-      continue;
-    }
-    const memberEntries = se_Tag(entry, context);
-    Object.entries(memberEntries).forEach(([key, value]) => {
-      entries[`member.${counter}.${key}`] = value;
-    });
-    counter++;
-  }
-  return entries;
-};
-var de_AssumedRoleUser = (output, context) => {
-  const contents = {};
-  if (output[_ARI] != null) {
-    contents[_ARI] = expectString(output[_ARI]);
-  }
-  if (output[_Ar] != null) {
-    contents[_Ar] = expectString(output[_Ar]);
-  }
-  return contents;
-};
-var de_AssumeRoleResponse = (output, context) => {
-  const contents = {};
-  if (output[_C] != null) {
-    contents[_C] = de_Credentials(output[_C], context);
-  }
-  if (output[_ARU] != null) {
-    contents[_ARU] = de_AssumedRoleUser(output[_ARU], context);
-  }
-  if (output[_PPS] != null) {
-    contents[_PPS] = strictParseInt32(output[_PPS]);
-  }
-  if (output[_SI] != null) {
-    contents[_SI] = expectString(output[_SI]);
-  }
-  return contents;
-};
-var de_AssumeRoleWithWebIdentityResponse = (output, context) => {
-  const contents = {};
-  if (output[_C] != null) {
-    contents[_C] = de_Credentials(output[_C], context);
-  }
-  if (output[_SFWIT] != null) {
-    contents[_SFWIT] = expectString(output[_SFWIT]);
-  }
-  if (output[_ARU] != null) {
-    contents[_ARU] = de_AssumedRoleUser(output[_ARU], context);
-  }
-  if (output[_PPS] != null) {
-    contents[_PPS] = strictParseInt32(output[_PPS]);
-  }
-  if (output[_Pr] != null) {
-    contents[_Pr] = expectString(output[_Pr]);
-  }
-  if (output[_Au] != null) {
-    contents[_Au] = expectString(output[_Au]);
-  }
-  if (output[_SI] != null) {
-    contents[_SI] = expectString(output[_SI]);
-  }
-  return contents;
-};
-var de_Credentials = (output, context) => {
-  const contents = {};
-  if (output[_AKI] != null) {
-    contents[_AKI] = expectString(output[_AKI]);
-  }
-  if (output[_SAK] != null) {
-    contents[_SAK] = expectString(output[_SAK]);
-  }
-  if (output[_ST] != null) {
-    contents[_ST] = expectString(output[_ST]);
-  }
-  if (output[_E] != null) {
-    contents[_E] = expectNonNull(parseRfc3339DateTimeWithOffset(output[_E]));
-  }
-  return contents;
-};
-var de_ExpiredTokenException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_IDPCommunicationErrorException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_IDPRejectedClaimException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_InvalidIdentityTokenException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_MalformedPolicyDocumentException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_PackedPolicyTooLargeException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var de_RegionDisabledException = (output, context) => {
-  const contents = {};
-  if (output[_m] != null) {
-    contents[_m] = expectString(output[_m]);
-  }
-  return contents;
-};
-var deserializeMetadata = (output) => ({
-  httpStatusCode: output.statusCode,
-  requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"] ?? output.headers["x-amz-request-id"],
-  extendedRequestId: output.headers["x-amz-id-2"],
-  cfId: output.headers["x-amz-cf-id"]
-});
-var throwDefaultError = withBaseException(STSServiceException);
-var buildHttpRpcRequest = async (context, headers, path, resolvedHostname, body) => {
-  const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
-  const contents = {
-    protocol,
-    hostname,
-    port,
-    method: "POST",
-    path: basePath.endsWith("/") ? basePath.slice(0, -1) + path : basePath + path,
-    headers
-  };
-  if (resolvedHostname !== void 0) {
-    contents.hostname = resolvedHostname;
-  }
-  if (body !== void 0) {
-    contents.body = body;
-  }
-  return new HttpRequest(contents);
-};
-var SHARED_HEADERS = {
-  "content-type": "application/x-www-form-urlencoded"
-};
-var _ = "2011-06-15";
-var _A = "Action";
+var _A = "Arn";
 var _AKI = "AccessKeyId";
 var _AR = "AssumeRole";
 var _ARI = "AssumedRoleId";
+var _ARR = "AssumeRoleRequest";
+var _ARRs = "AssumeRoleResponse";
 var _ARU = "AssumedRoleUser";
 var _ARWWI = "AssumeRoleWithWebIdentity";
-var _Ar = "Arn";
+var _ARWWIR = "AssumeRoleWithWebIdentityRequest";
+var _ARWWIRs = "AssumeRoleWithWebIdentityResponse";
 var _Au = "Audience";
 var _C = "Credentials";
 var _CA = "ContextAssertion";
 var _DS = "DurationSeconds";
 var _E = "Expiration";
 var _EI = "ExternalId";
+var _ETE = "ExpiredTokenException";
+var _IDPCEE = "IDPCommunicationErrorException";
+var _IDPRCE = "IDPRejectedClaimException";
+var _IITE = "InvalidIdentityTokenException";
 var _K = "Key";
+var _MPDE = "MalformedPolicyDocumentException";
 var _P = "Policy";
 var _PA = "PolicyArns";
 var _PAr = "ProviderArn";
 var _PC = "ProvidedContexts";
+var _PCLT = "ProvidedContextsListType";
+var _PCr = "ProvidedContext";
+var _PDT = "PolicyDescriptorType";
 var _PI = "ProviderId";
 var _PPS = "PackedPolicySize";
+var _PPTLE = "PackedPolicyTooLargeException";
 var _Pr = "Provider";
 var _RA = "RoleArn";
+var _RDE = "RegionDisabledException";
 var _RSN = "RoleSessionName";
 var _SAK = "SecretAccessKey";
 var _SFWIT = "SubjectFromWebIdentityToken";
@@ -980,34 +875,180 @@ var _ST = "SessionToken";
 var _T = "Tags";
 var _TC = "TokenCode";
 var _TTK = "TransitiveTagKeys";
-var _V = "Version";
-var _Va = "Value";
+var _Ta = "Tag";
+var _V = "Value";
 var _WIT = "WebIdentityToken";
 var _a = "arn";
+var _aKST = "accessKeySecretType";
+var _aQE = "awsQueryError";
+var _c = "client";
+var _cTT = "clientTokenType";
+var _e = "error";
+var _hE = "httpError";
 var _m = "message";
-var buildFormUrlencodedString = (formEntries) => Object.entries(formEntries).map(([key, value]) => extendedEncodeURIComponent(key) + "=" + extendedEncodeURIComponent(value)).join("&");
-var loadQueryErrorCode = (output, data) => {
-  if (data.Error?.Code !== void 0) {
-    return data.Error.Code;
-  }
-  if (output.statusCode == 404) {
-    return "NotFound";
-  }
-};
+var _pDLT = "policyDescriptorListType";
+var _s = "smithy.ts.sdk.synthetic.com.amazonaws.sts";
+var _tLT = "tagListType";
+var n0 = "com.amazonaws.sts";
+var accessKeySecretType = [0, n0, _aKST, 8, 0];
+var clientTokenType = [0, n0, _cTT, 8, 0];
+var AssumedRoleUser = [3, n0, _ARU, 0, [_ARI, _A], [0, 0]];
+var AssumeRoleRequest = [
+  3,
+  n0,
+  _ARR,
+  0,
+  [_RA, _RSN, _PA, _P, _DS, _T, _TTK, _EI, _SN, _TC, _SI, _PC],
+  [0, 0, () => policyDescriptorListType, 0, 1, () => tagListType, 64 | 0, 0, 0, 0, 0, () => ProvidedContextsListType]
+];
+var AssumeRoleResponse = [
+  3,
+  n0,
+  _ARRs,
+  0,
+  [_C, _ARU, _PPS, _SI],
+  [[() => Credentials, 0], () => AssumedRoleUser, 1, 0]
+];
+var AssumeRoleWithWebIdentityRequest = [
+  3,
+  n0,
+  _ARWWIR,
+  0,
+  [_RA, _RSN, _WIT, _PI, _PA, _P, _DS],
+  [0, 0, [() => clientTokenType, 0], 0, () => policyDescriptorListType, 0, 1]
+];
+var AssumeRoleWithWebIdentityResponse = [
+  3,
+  n0,
+  _ARWWIRs,
+  0,
+  [_C, _SFWIT, _ARU, _PPS, _Pr, _Au, _SI],
+  [[() => Credentials, 0], 0, () => AssumedRoleUser, 1, 0, 0, 0]
+];
+var Credentials = [
+  3,
+  n0,
+  _C,
+  0,
+  [_AKI, _SAK, _ST, _E],
+  [0, [() => accessKeySecretType, 0], 0, 4]
+];
+var ExpiredTokenException2 = [
+  -3,
+  n0,
+  _ETE,
+  {
+    [_e]: _c,
+    [_hE]: 400,
+    [_aQE]: [`ExpiredTokenException`, 400]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(ExpiredTokenException2, ExpiredTokenException);
+var IDPCommunicationErrorException2 = [
+  -3,
+  n0,
+  _IDPCEE,
+  {
+    [_e]: _c,
+    [_hE]: 400,
+    [_aQE]: [`IDPCommunicationError`, 400]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(IDPCommunicationErrorException2, IDPCommunicationErrorException);
+var IDPRejectedClaimException2 = [
+  -3,
+  n0,
+  _IDPRCE,
+  {
+    [_e]: _c,
+    [_hE]: 403,
+    [_aQE]: [`IDPRejectedClaim`, 403]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(IDPRejectedClaimException2, IDPRejectedClaimException);
+var InvalidIdentityTokenException2 = [
+  -3,
+  n0,
+  _IITE,
+  {
+    [_e]: _c,
+    [_hE]: 400,
+    [_aQE]: [`InvalidIdentityToken`, 400]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(InvalidIdentityTokenException2, InvalidIdentityTokenException);
+var MalformedPolicyDocumentException2 = [
+  -3,
+  n0,
+  _MPDE,
+  {
+    [_e]: _c,
+    [_hE]: 400,
+    [_aQE]: [`MalformedPolicyDocument`, 400]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(MalformedPolicyDocumentException2, MalformedPolicyDocumentException);
+var PackedPolicyTooLargeException2 = [
+  -3,
+  n0,
+  _PPTLE,
+  {
+    [_e]: _c,
+    [_hE]: 400,
+    [_aQE]: [`PackedPolicyTooLarge`, 400]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(PackedPolicyTooLargeException2, PackedPolicyTooLargeException);
+var PolicyDescriptorType = [3, n0, _PDT, 0, [_a], [0]];
+var ProvidedContext = [3, n0, _PCr, 0, [_PAr, _CA], [0, 0]];
+var RegionDisabledException2 = [
+  -3,
+  n0,
+  _RDE,
+  {
+    [_e]: _c,
+    [_hE]: 403,
+    [_aQE]: [`RegionDisabledException`, 403]
+  },
+  [_m],
+  [0]
+];
+TypeRegistry.for(n0).registerError(RegionDisabledException2, RegionDisabledException);
+var Tag = [3, n0, _Ta, 0, [_K, _V], [0, 0]];
+var STSServiceException2 = [-3, _s, "STSServiceException", 0, [], []];
+TypeRegistry.for(_s).registerError(STSServiceException2, STSServiceException);
+var policyDescriptorListType = [1, n0, _pDLT, 0, () => PolicyDescriptorType];
+var ProvidedContextsListType = [1, n0, _PCLT, 0, () => ProvidedContext];
+var tagKeyListType = 64 | 0;
+var tagListType = [1, n0, _tLT, 0, () => Tag];
+var AssumeRole = [9, n0, _AR, 0, () => AssumeRoleRequest, () => AssumeRoleResponse];
+var AssumeRoleWithWebIdentity = [
+  9,
+  n0,
+  _ARWWI,
+  0,
+  () => AssumeRoleWithWebIdentityRequest,
+  () => AssumeRoleWithWebIdentityResponse
+];
 var AssumeRoleCommand = class extends Command.classBuilder().ep(commonParams).m(function(Command2, cs, config, o2) {
-  return [
-    getSerdePlugin(config, this.serialize, this.deserialize),
-    getEndpointPlugin(config, Command2.getEndpointParameterInstructions())
-  ];
-}).s("AWSSecurityTokenServiceV20110615", "AssumeRole", {}).n("STSClient", "AssumeRoleCommand").f(void 0, AssumeRoleResponseFilterSensitiveLog).ser(se_AssumeRoleCommand).de(de_AssumeRoleCommand).build() {
+  return [getEndpointPlugin(config, Command2.getEndpointParameterInstructions())];
+}).s("AWSSecurityTokenServiceV20110615", "AssumeRole", {}).n("STSClient", "AssumeRoleCommand").sc(AssumeRole).build() {
 };
-init_esm_shims();
 var AssumeRoleWithWebIdentityCommand = class extends Command.classBuilder().ep(commonParams).m(function(Command2, cs, config, o2) {
-  return [
-    getSerdePlugin(config, this.serialize, this.deserialize),
-    getEndpointPlugin(config, Command2.getEndpointParameterInstructions())
-  ];
-}).s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithWebIdentity", {}).n("STSClient", "AssumeRoleWithWebIdentityCommand").f(AssumeRoleWithWebIdentityRequestFilterSensitiveLog, AssumeRoleWithWebIdentityResponseFilterSensitiveLog).ser(se_AssumeRoleWithWebIdentityCommand).de(de_AssumeRoleWithWebIdentityCommand).build() {
+  return [getEndpointPlugin(config, Command2.getEndpointParameterInstructions())];
+}).s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithWebIdentity", {}).n("STSClient", "AssumeRoleWithWebIdentityCommand").sc(AssumeRoleWithWebIdentity).build() {
 };
 var commands = {
   AssumeRoleCommand,
@@ -1016,11 +1057,6 @@ var commands = {
 var STS = class extends STSClient {
 };
 createAggregatedClient(commands, STS);
-init_esm_shims();
-init_esm_shims();
-init_esm_shims();
-init_esm_shims();
-var ASSUME_ROLE_DEFAULT_REGION = "us-east-1";
 var getAccountIdFromAssumedRoleUser = (assumedRoleUser) => {
   if (typeof assumedRoleUser?.Arn === "string") {
     const arnComponents = assumedRoleUser.Arn.split(":");
@@ -1030,11 +1066,12 @@ var getAccountIdFromAssumedRoleUser = (assumedRoleUser) => {
   }
   return void 0;
 };
-var resolveRegion = async (_region, _parentRegion, credentialProviderLogger) => {
+var resolveRegion = async (_region, _parentRegion, credentialProviderLogger, loaderConfig = {}) => {
   const region = typeof _region === "function" ? await _region() : _region;
   const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion;
-  credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (provider)`, `${parentRegion} (parent client)`, `${ASSUME_ROLE_DEFAULT_REGION} (STS default)`);
-  return region ?? parentRegion ?? ASSUME_ROLE_DEFAULT_REGION;
+  const stsDefaultRegion = await stsRegionDefaultResolver(loaderConfig)();
+  credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (credential provider clientConfig)`, `${parentRegion} (contextual client)`, `${stsDefaultRegion} (STS default: AWS_REGION, profile region, or us-east-1)`);
+  return region ?? parentRegion ?? stsDefaultRegion;
 };
 var getDefaultRoleAssumer = (stsOptions, STSClient2) => {
   let stsClient;
@@ -1042,28 +1079,33 @@ var getDefaultRoleAssumer = (stsOptions, STSClient2) => {
   return async (sourceCreds, params) => {
     closureSourceCreds = sourceCreds;
     if (!stsClient) {
-      const { logger = stsOptions?.parentClientConfig?.logger, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger } = stsOptions;
-      const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger);
+      const { logger = stsOptions?.parentClientConfig?.logger, profile = stsOptions?.parentClientConfig?.profile, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger, userAgentAppId = stsOptions?.parentClientConfig?.userAgentAppId } = stsOptions;
+      const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger, {
+        logger,
+        profile
+      });
       const isCompatibleRequestHandler = !isH2(requestHandler);
       stsClient = new STSClient2({
-        profile: stsOptions?.parentClientConfig?.profile,
+        ...stsOptions,
+        userAgentAppId,
+        profile,
         credentialDefaultProvider: () => async () => closureSourceCreds,
         region: resolvedRegion,
         requestHandler: isCompatibleRequestHandler ? requestHandler : void 0,
         logger
       });
     }
-    const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleCommand(params));
-    if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {
+    const { Credentials: Credentials2, AssumedRoleUser: AssumedRoleUser2 } = await stsClient.send(new AssumeRoleCommand(params));
+    if (!Credentials2 || !Credentials2.AccessKeyId || !Credentials2.SecretAccessKey) {
       throw new Error(`Invalid response from STS.assumeRole call with role ${params.RoleArn}`);
     }
-    const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);
+    const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser2);
     const credentials = {
-      accessKeyId: Credentials.AccessKeyId,
-      secretAccessKey: Credentials.SecretAccessKey,
-      sessionToken: Credentials.SessionToken,
-      expiration: Credentials.Expiration,
-      ...Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope },
+      accessKeyId: Credentials2.AccessKeyId,
+      secretAccessKey: Credentials2.SecretAccessKey,
+      sessionToken: Credentials2.SessionToken,
+      expiration: Credentials2.Expiration,
+      ...Credentials2.CredentialScope && { credentialScope: Credentials2.CredentialScope },
       ...accountId && { accountId }
     };
     setCredentialFeature(credentials, "CREDENTIALS_STS_ASSUME_ROLE", "i");
@@ -1074,27 +1116,32 @@ var getDefaultRoleAssumerWithWebIdentity = (stsOptions, STSClient2) => {
   let stsClient;
   return async (params) => {
     if (!stsClient) {
-      const { logger = stsOptions?.parentClientConfig?.logger, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger } = stsOptions;
-      const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger);
+      const { logger = stsOptions?.parentClientConfig?.logger, profile = stsOptions?.parentClientConfig?.profile, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger, userAgentAppId = stsOptions?.parentClientConfig?.userAgentAppId } = stsOptions;
+      const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger, {
+        logger,
+        profile
+      });
       const isCompatibleRequestHandler = !isH2(requestHandler);
       stsClient = new STSClient2({
-        profile: stsOptions?.parentClientConfig?.profile,
+        ...stsOptions,
+        userAgentAppId,
+        profile,
         region: resolvedRegion,
         requestHandler: isCompatibleRequestHandler ? requestHandler : void 0,
         logger
       });
     }
-    const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
-    if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {
+    const { Credentials: Credentials2, AssumedRoleUser: AssumedRoleUser2 } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
+    if (!Credentials2 || !Credentials2.AccessKeyId || !Credentials2.SecretAccessKey) {
       throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${params.RoleArn}`);
     }
-    const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);
+    const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser2);
     const credentials = {
-      accessKeyId: Credentials.AccessKeyId,
-      secretAccessKey: Credentials.SecretAccessKey,
-      sessionToken: Credentials.SessionToken,
-      expiration: Credentials.Expiration,
-      ...Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope },
+      accessKeyId: Credentials2.AccessKeyId,
+      secretAccessKey: Credentials2.SecretAccessKey,
+      sessionToken: Credentials2.SessionToken,
+      expiration: Credentials2.Expiration,
+      ...Credentials2.CredentialScope && { credentialScope: Credentials2.CredentialScope },
       ...accountId && { accountId }
     };
     if (accountId) {
@@ -1130,11 +1177,7 @@ var decorateDefaultCredentialProvider = (provider) => (input) => provider({
 export {
   Command as $Command,
   AssumeRoleCommand,
-  AssumeRoleResponseFilterSensitiveLog,
   AssumeRoleWithWebIdentityCommand,
-  AssumeRoleWithWebIdentityRequestFilterSensitiveLog,
-  AssumeRoleWithWebIdentityResponseFilterSensitiveLog,
-  CredentialsFilterSensitiveLog,
   ExpiredTokenException,
   IDPCommunicationErrorException,
   IDPRejectedClaimException,