@nicollasfrazao/liguelead-log-service 1.0.0 → 1.1.1

package/README.md

@@ -14,7 +14,7 @@ npm install @ligue-lead-tech/log-service-nodejs
 
 ```typescript
 import express from 'express';
-import { LogService, loggingMiddleware } from '@ligue-lead-tech/log-service-nodejs';
+import { LogService, logMiddleware } from '@ligue-lead-tech/log-service-nodejs';
 
 const app = express();
 
@@ -25,7 +25,7 @@ process.env.LOG_DESTINATION = 'both'; // 'console', 'storage', ou 'both'
 process.env.NODE_ENV = 'development';
 
 // Adicione o middleware de logging (obrigatório para correlation IDs)
-app.use(loggingMiddleware);
+app.use(logMiddleware);
 
 // Suas rotas
 app.get('/api/users', (req, res) => {
@@ -49,6 +49,7 @@ app.listen(3000, () => {
 
 ### 2. Configuração com S3 via Kinesis Firehose
 
+#### Usando Nome do Stream (método tradicional)
 ```typescript
 // Configuração para produção com S3
 process.env.LOG_USE_S3_STORAGE = 'true';
@@ -61,6 +62,33 @@ process.env.LOG_AWS_ACCESS_KEY_ID = 'test';
 process.env.LOG_AWS_SECRET_ACCESS_KEY = 'test';
 ```
 
+#### Usando IAM Role (recomendado)
+```typescript
+// Configuração com IAM Role
+process.env.LOG_USE_S3_STORAGE = 'true';
+process.env.LOG_AWS_ROLE_ARN = 'arn:aws:iam::0000000000:role/my-firehose-delivery-role';
+
+// As variáveis LOG_AWS_REGION e LOG_FIREHOSE_STREAM_NAME são opcionais quando usar ARN
+// A região e nome do stream são extraídos automaticamente do ARN
+```
+
+#### Autenticação via IAM Role ARN (Nova Funcionalidade!)
+```typescript
+// Configuração para usar IAM Role com AssumeRole
+process.env.LOG_USE_S3_STORAGE = 'true';
+process.env.LOG_FIREHOSE_STREAM_NAME = 'my-app-logs-firehose';
+process.env.LOG_AWS_REGION = 'us-east-1';
+process.env.LOG_AWS_ROLE_ARN = 'arn:aws:iam::0000000000:role/my-firehose-delivery-role';
+
+// O serviço automaticamente:
+// ✅ Assume a role usando STS
+// ✅ Obtém credenciais temporárias 
+// ✅ Renova automaticamente antes da expiração
+// ✅ Cache inteligente para performance
+```
+
+📖 **Documentação Completa**: [AWS IAM Role Support](./docs/aws-iam-role-support.md)
+
 ### 3. Logging Manual
 
 ```typescript
@@ -118,6 +146,7 @@ app.post('/api/process', async (req, res) => {
 - ✅ **Armazenamento via Kinesis Firehose** para S3 com buffering e compressão
 - ✅ **Fallback para armazenamento local** em caso de falha do S3
 - ✅ **Padrão de serviço estático** - sem necessidade de instanciação
+- ✅ **Autenticação via IAM Role ARN** (AssumeRole automático, cache, renovação, cross-account)
 
 ## Estrutura dos Arquivos de Log
 
@@ -125,7 +154,7 @@ Os logs são organizados por ambiente e salvos via **Kinesis Firehose** para S3,
 
 ### Armazenamento S3 (via Kinesis Firehose)
 ```
-ll-api-logs/
+my-app-logs/
 ├── logs/
 │   ├── development/
 │   │   └── 2025-10-27-combined.log.gz     # Logs comprimidos pelo Firehose
@@ -183,7 +212,7 @@ Quando `LOG_USE_S3_STORAGE=true`, os logs são enviados para **Kinesis Firehose*
 
 Exemplo de estrutura no S3 via Firehose:
 ```
-ll-api-logs/
+my-app-logs/
 ├── logs/
 │   ├── 2025/10/27/14/
 │   │   ├── firehose_output-1-2025-10-27-14-01-01-uuid.gz
@@ -208,11 +237,16 @@ NODE_ENV=development                   # development|production|homologation|tes
 
 # S3 via Kinesis Firehose
 LOG_USE_S3_STORAGE=true               # Ativa envio para S3 via Firehose
+
+# Opção 1: Usar IAM Role (recomendado)
+LOG_AWS_ROLE_ARN=arn:aws:iam::0000000000:role/my-firehose-delivery-role
+
+# Opção 2: Usar nome e região separadamente
 LOG_FIREHOSE_STREAM_NAME=my-app-logs  # Nome do stream Kinesis Firehose
+LOG_AWS_REGION=us-east-1              # Região AWS (não necessária se usar ARN)
 
 # AWS (apenas para desenvolvimento/LocalStack)
 LOG_AWS_ENDPOINT=http://localhost:4566  # Endpoint AWS (LocalStack)
-LOG_AWS_REGION=us-east-1                # Região AWS
 LOG_AWS_ACCESS_KEY_ID=test              # Access Key (dev only)
 LOG_AWS_SECRET_ACCESS_KEY=test          # Secret Key (dev only)
 
@@ -334,7 +368,7 @@ LOG_DESTINATION=storage
 LOG_USE_S3_STORAGE=true
 
 # Nome do Kinesis Firehose stream
-LOG_FIREHOSE_STREAM_NAME=ll-api-logs-firehose
+LOG_FIREHOSE_STREAM_NAME=my-app-logs-firehose
 
 # Região AWS
 LOG_AWS_REGION=us-east-1
@@ -371,7 +405,7 @@ LOG_USE=true
 LOG_LEVEL=debug
 LOG_DESTINATION=both
 LOG_USE_S3_STORAGE=true
-LOG_FIREHOSE_STREAM_NAME=ll-api-logs-firehose
+LOG_FIREHOSE_STREAM_NAME=my-app-logs-firehose
 LOG_AWS_ENDPOINT=http://localhost:4566
 LOG_AWS_ACCESS_KEY_ID=test
 LOG_AWS_SECRET_ACCESS_KEY=test
@@ -384,7 +418,7 @@ LOG_USE=true
 LOG_LEVEL=info
 LOG_DESTINATION=storage
 LOG_USE_S3_STORAGE=true
-LOG_FIREHOSE_STREAM_NAME=ll-api-logs-firehose-hml
+LOG_FIREHOSE_STREAM_NAME=my-app-logs-firehose-hml
 # AWS credentials via IAM role ou environment variables
 ```
 
@@ -395,7 +429,7 @@ LOG_USE=true
 LOG_LEVEL=warn
 LOG_DESTINATION=storage
 LOG_USE_S3_STORAGE=true
-LOG_FIREHOSE_STREAM_NAME=ll-api-logs-firehose-prod
+LOG_FIREHOSE_STREAM_NAME=my-app-logs-firehose-prod
 LOG_INCLUDE_REQUEST_BODY=false
 LOG_INCLUDE_RESPONSE_BODY=false
 LOG_MAX_BODY_SIZE=1000
@@ -515,9 +549,9 @@ scripts/                             # Scripts utilitários
 O middleware de logging é aplicado automaticamente a todas as rotas:
 
 ```typescript
-import { loggingMiddleware } from './src/middlewares/log.middleware';
+import { logMiddleware } from './src/middlewares/log.middleware';
 
-app.use(loggingMiddleware);
+app.use(logMiddleware);
 ```
 
 ### 5. Logging Manual
@@ -622,13 +656,13 @@ Para integrar o serviço em sua aplicação Express:
 
 ```typescript
 import express from 'express';
-import { loggingMiddleware } from './src/middlewares/log.middleware';
+import { logMiddleware } from './src/middlewares/log.middleware';
 import { LogService } from './src/services/log.service';
 
 const app = express();
 
 // Aplicar middleware de logging
-app.use(loggingMiddleware);
+app.use(logMiddleware);
 
 // Exemplo de uso manual
 app.get('/health', (req, res) => {

package/dist/configs/log.storage.external.s3.config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"log.storage.external.s3.config.d.ts","sourceRoot":"","sources":["../../src/configs/log.storage.external.s3.config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,0CAA0C,EAAE,MAAM,gEAAgE,CAAC;AAE5H;;;;GAIG;AACH,eAAO,MAAM,6BAA6B,QAAO,0CAqBhD,CAAA"}
+{"version":3,"file":"log.storage.external.s3.config.d.ts","sourceRoot":"","sources":["../../src/configs/log.storage.external.s3.config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,0CAA0C,EAAE,MAAM,gEAAgE,CAAC;AAE5H;;;;GAIG;AACH,eAAO,MAAM,6BAA6B,QAAO,0CA4BhD,CAAA"}

package/dist/configs/log.storage.external.s3.config.js

@@ -12,15 +12,20 @@ const getLogStorageExternalS3Config = () => {
         region: process.env.LOG_AWS_REGION || 'us-east-1',
         version: 'latest',
     };
+    if (process.env.LOG_AWS_ROLE_ARN) {
+        config.roleArn = process.env.LOG_AWS_ROLE_ARN;
+    }
     if (process.env.LOG_AWS_ACCESS_KEY_ID
         && process.env.LOG_AWS_SECRET_ACCESS_KEY) {
         config = {
             ...config,
-            endpoint: process.env.LOG_AWS_ENDPOINT || 'http://localhost:4566',
             accessKeyId: process.env.LOG_AWS_ACCESS_KEY_ID,
             secretAccessKey: process.env.LOG_AWS_SECRET_ACCESS_KEY,
         };
     }
+    if (process.env.LOG_AWS_ENDPOINT) {
+        config.endpoint = process.env.LOG_AWS_ENDPOINT;
+    }
     return config;
 };
 exports.getLogStorageExternalS3Config = getLogStorageExternalS3Config;

package/dist/configs/log.storage.external.s3.config.js.map

@@ -1 +1 @@
-{"version":3,"file":"log.storage.external.s3.config.js","sourceRoot":"","sources":["../../src/configs/log.storage.external.s3.config.ts"],"names":[],"mappings":";;;AAEA;;;;GAIG;AACI,MAAM,6BAA6B,GAAG,GAA+C,EAAE;IAE5F,IAAI,MAAM,GAA+C;QACvD,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB,IAAI,sBAAsB;QAClF,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,WAAW;QACjD,OAAO,EAAE,QAAQ;KAClB,CAAC;IAEF,IACE,OAAO,CAAC,GAAG,CAAC,qBAAqB;WAC9B,OAAO,CAAC,GAAG,CAAC,yBAAyB,EACxC,CAAC;QACD,MAAM,GAAG;YACP,GAAG,MAAM;YACT,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,uBAAuB;YACjE,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;YAC9C,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;SACvD,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAA;AArBY,QAAA,6BAA6B,iCAqBzC"}
+{"version":3,"file":"log.storage.external.s3.config.js","sourceRoot":"","sources":["../../src/configs/log.storage.external.s3.config.ts"],"names":[],"mappings":";;;AAEA;;;;GAIG;AACI,MAAM,6BAA6B,GAAG,GAA+C,EAAE;IAE5F,IAAI,MAAM,GAA+C;QACvD,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB,IAAI,sBAAsB;QAClF,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,WAAW;QACjD,OAAO,EAAE,QAAQ;KAClB,CAAC;IAEF,IAAI,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACjC,MAAM,CAAC,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC;IAChD,CAAC;IAED,IACE,OAAO,CAAC,GAAG,CAAC,qBAAqB;WAC9B,OAAO,CAAC,GAAG,CAAC,yBAAyB,EACxC,CAAC;QACD,MAAM,GAAG;YACP,GAAG,MAAM;YACT,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;YAC9C,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;SACvD,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACjC,MAAM,CAAC,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC;IACjD,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAA;AA5BY,QAAA,6BAA6B,iCA4BzC"}

package/dist/interfaces/log.storage.external.s3.service.config.interface.d.ts

@@ -9,6 +9,7 @@
  * @property {string} endpoint - Custom S3 endpoint (optional)
  * @property {string} accessKeyId - AWS access key ID (optional)
  * @property {string} secretAccessKey - AWS secret access key (optional)
+ * @property {string} roleArn - AWS IAM role ARN for assume role authentication (optional)
  */
 export interface LogStorageExternalS3ServiceConfigInterface {
     /**
@@ -35,5 +36,9 @@ export interface LogStorageExternalS3ServiceConfigInterface {
      * @var {string}
      */
     secretAccessKey?: string;
+    /**
+     * @var {string}
+     */
+    roleArn?: string;
 }
 //# sourceMappingURL=log.storage.external.s3.service.config.interface.d.ts.map

package/dist/interfaces/log.storage.external.s3.service.config.interface.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"log.storage.external.s3.service.config.interface.d.ts","sourceRoot":"","sources":["../../src/interfaces/log.storage.external.s3.service.config.interface.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AACH,MAAM,WAAW,0CAA0C;IAEzD;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,kBAAkB,EAAE,MAAM,CAAC;IAE3B;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B"}
+{"version":3,"file":"log.storage.external.s3.service.config.interface.d.ts","sourceRoot":"","sources":["../../src/interfaces/log.storage.external.s3.service.config.interface.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,0CAA0C;IAEzD;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,kBAAkB,EAAE,MAAM,CAAC;IAE3B;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB"}

package/dist/services/log.storage.external.s3.service.d.ts

@@ -9,6 +9,7 @@ import { LogType } from '../types/log.type';
  * @property {FirehoseClient} firehose
  * @property {LogStorageExternalS3ServiceConfigInterface} config
  * @property {Map<string, Promise<void>>} writeQueue
+ * @property {Promise<any> | null} credentialsCache
  */
 export declare class LogStorageExternalS3Service extends LogStorageExternalService {
     /**
@@ -23,6 +24,10 @@ export declare class LogStorageExternalS3Service extends LogStorageExternalServi
      * @var {Map<string, Promise<void>>}
      */
     private writeQueue;
+    /**
+     * @var {Promise<any> | null}
+     */
+    private credentialsCache;
     /**
      * Constructor of the LogStorageS3Service
      *
@@ -35,6 +40,18 @@ export declare class LogStorageExternalS3Service extends LogStorageExternalServi
      * @returns {boolean} True if the storage target should be used, false otherwise
      */
     shouldUse(): boolean;
+    /**
+     * Gets temporary credentials using STS AssumeRole
+     *
+     * @returns {Promise<any>} Credentials object for AWS SDK
+     */
+    private getAssumeRoleCredentials;
+    /**
+     * Refreshes temporary credentials using STS AssumeRole
+     *
+     * @returns {Promise<any>} Fresh credentials object for AWS SDK
+     */
+    private refreshAssumeRoleCredentials;
     /**
      * Upload log content to Firehose (which delivers to S3)
      *

package/dist/services/log.storage.external.s3.service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"log.storage.external.s3.service.d.ts","sourceRoot":"","sources":["../../src/services/log.storage.external.s3.service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAE3E,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AAEvF,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAG5C;;;;;;;;GAQG;AACH,qBAAa,2BAA4B,SAAQ,yBAAyB;IAExE;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAiB;IAEjC;;OAEG;IACH,OAAO,CAAC,MAAM,CAA6C;IAE3D;;OAEG;IACH,OAAO,CAAC,UAAU,CAAyC;IAE3D;;;;OAIG;gBACU,gBAAgB,EAAE,yBAAyB;IA4BxD;;;;OAIG;IACI,SAAS,IAAI,OAAO;IAK3B;;;;;;;OAOG;YACW,SAAS;IAmBvB;;;;;;;;OAQG;YACW,SAAS;IAgCvB;;;;;;OAMG;IACU,KAAK,CAAC,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;CAoBjD"}
+{"version":3,"file":"log.storage.external.s3.service.d.ts","sourceRoot":"","sources":["../../src/services/log.storage.external.s3.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAE3E,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AAEvF,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAI5C;;;;;;;;;GASG;AACH,qBAAa,2BAA4B,SAAQ,yBAAyB;IAExE;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAiB;IAEjC;;OAEG;IACH,OAAO,CAAC,MAAM,CAA6C;IAE3D;;OAEG;IACH,OAAO,CAAC,UAAU,CAAyC;IAE3D;;OAEG;IACH,OAAO,CAAC,gBAAgB,CAA6B;IAErD;;;;OAIG;gBACU,gBAAgB,EAAE,yBAAyB;IA6BxD;;;;OAIG;IACI,SAAS,IAAI,OAAO;IAK3B;;;;OAIG;YACW,wBAAwB;IA6BtC;;;;OAIG;YACW,4BAA4B;IAsC1C;;;;;;;OAOG;YACW,SAAS;IAmBvB;;;;;;;;OAQG;YACW,SAAS;IAgCvB;;;;;;OAMG;IACU,KAAK,CAAC,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;CAoBjD"}

package/dist/services/log.storage.external.s3.service.js

@@ -2,9 +2,11 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.LogStorageExternalS3Service = void 0;
 const client_firehose_1 = require("@aws-sdk/client-firehose");
+const client_sts_1 = require("@aws-sdk/client-sts");
 const log_storage_external_service_1 = require("./log.storage.external.service");
 const log_service_1 = require("./log.service");
 const log_storage_external_s3_config_1 = require("../configs/log.storage.external.s3.config");
+const log_error_1 = require("../errors/log.error");
 /**
  * Class LogStorageExternalS3Service
  *
@@ -13,6 +15,7 @@ const log_storage_external_s3_config_1 = require("../configs/log.storage.externa
  * @property {FirehoseClient} firehose
  * @property {LogStorageExternalS3ServiceConfigInterface} config
  * @property {Map<string, Promise<void>>} writeQueue
+ * @property {Promise<any> | null} credentialsCache
  */
 class LogStorageExternalS3Service extends log_storage_external_service_1.LogStorageExternalService {
     /**
@@ -26,22 +29,27 @@ class LogStorageExternalS3Service extends log_storage_external_service_1.LogStor
          * @var {Map<string, Promise<void>>}
          */
         this.writeQueue = new Map();
+        /**
+         * @var {Promise<any> | null}
+         */
+        this.credentialsCache = null;
         this.config = (0, log_storage_external_s3_config_1.getLogStorageExternalS3Config)();
-        let firehoseConfig = {
+        const firehoseConfig = {
             region: this.config.region,
-            endpoint: this.config.endpoint,
         };
-        if (this.config.accessKeyId
+        if (this.config.roleArn) {
+            firehoseConfig.credentials = () => this.getAssumeRoleCredentials();
+        }
+        else if (this.config.accessKeyId
             && this.config.secretAccessKey) {
-            firehoseConfig = {
-                region: this.config.region,
-                endpoint: this.config.endpoint,
-                credentials: {
-                    accessKeyId: this.config.accessKeyId,
-                    secretAccessKey: this.config.secretAccessKey,
-                },
+            firehoseConfig.credentials = {
+                accessKeyId: this.config.accessKeyId,
+                secretAccessKey: this.config.secretAccessKey,
             };
         }
+        if (this.config.endpoint) {
+            firehoseConfig.endpoint = this.config.endpoint;
+        }
         this.firehose = new client_firehose_1.FirehoseClient(firehoseConfig);
     }
     /**
@@ -52,6 +60,65 @@ class LogStorageExternalS3Service extends log_storage_external_service_1.LogStor
     shouldUse() {
         return this.logServiceConfig.useS3Storage;
     }
+    /**
+     * Gets temporary credentials using STS AssumeRole
+     *
+     * @returns {Promise<any>} Credentials object for AWS SDK
+     */
+    async getAssumeRoleCredentials() {
+        if (!this.config.roleArn) {
+            throw new Error('Role ARN is required for AssumeRole authentication');
+        }
+        if (this.credentialsCache) {
+            try {
+                const credentials = await this.credentialsCache;
+                const expirationTime = new Date(credentials.expiration);
+                const now = new Date();
+                const bufferTime = 5 * 60 * 1000;
+                if (expirationTime.getTime() - now.getTime() > bufferTime) {
+                    return credentials;
+                }
+            }
+            catch (error) {
+                console.warn('Cached credentials failed, refreshing:', error);
+            }
+        }
+        this.credentialsCache = this.refreshAssumeRoleCredentials();
+        return this.credentialsCache;
+    }
+    /**
+     * Refreshes temporary credentials using STS AssumeRole
+     *
+     * @returns {Promise<any>} Fresh credentials object for AWS SDK
+     */
+    async refreshAssumeRoleCredentials() {
+        const stsClient = new client_sts_1.STSClient({
+            region: this.config.region,
+            endpoint: this.config.endpoint
+        });
+        const command = new client_sts_1.AssumeRoleCommand({
+            RoleArn: this.config.roleArn,
+            RoleSessionName: `log-service-session-${Date.now()}`,
+            DurationSeconds: 3600, // 1 hour
+        });
+        try {
+            const response = await stsClient.send(command);
+            if (!response.Credentials) {
+                throw new log_error_1.LogError('Failed to retrieve credentials from STS AssumeRole');
+            }
+            return {
+                accessKeyId: response.Credentials.AccessKeyId,
+                secretAccessKey: response.Credentials.SecretAccessKey,
+                sessionToken: response.Credentials.SessionToken,
+                expiration: response.Credentials.Expiration.toISOString(),
+            };
+        }
+        catch (error) {
+            console.error('Failed to assume role:', error);
+            this.credentialsCache = null;
+            throw error;
+        }
+    }
     /**
      * Upload log content to Firehose (which delivers to S3)
      *

package/dist/services/log.storage.external.s3.service.js.map

@@ -1 +1 @@
-{"version":3,"file":"log.storage.external.s3.service.js","sourceRoot":"","sources":["../../src/services/log.storage.external.s3.service.ts"],"names":[],"mappings":";;;AAAA,8DAA4E;AAC5E,iFAA2E;AAG3E,+CAA2C;AAE3C,8FAA0F;AAE1F;;;;;;;;GAQG;AACH,MAAa,2BAA4B,SAAQ,wDAAyB;IAiBxE;;;;OAIG;IACH,YAAa,gBAA2C;QAEtD,KAAK,CAAE,gBAAgB,CAAC,CAAC;QAZ3B;;WAEG;QACK,eAAU,GAA+B,IAAI,GAAG,EAAE,CAAC;QAWzD,IAAI,CAAC,MAAM,GAAG,IAAA,8DAA6B,GAAE,CAAC;QAE9C,IAAI,cAAc,GAAQ;YACxB,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;SAC/B,CAAC;QAEF,IACE,IAAI,CAAC,MAAM,CAAC,WAAW;eACpB,IAAI,CAAC,MAAM,CAAC,eAAe,EAC9B,CAAC;YACD,cAAc,GAAG;gBACf,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;gBAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC9B,WAAW,EAAE;oBACX,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;oBACpC,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;iBAC7C;aACF,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,IAAI,gCAAc,CAAC,cAAc,CAAC,CAAC;IACrD,CAAC;IAED;;;;OAIG;IACI,SAAS;QAEd,OAAO,IAAI,CAAC,gBAAgB,CAAC,YAAY,CAAC;IAC5C,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,SAAS,CACrB,GAAW,EACX,OAAe;QAEf,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,kCAAgB,CAAC;gBAC5C,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;gBAClD,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,EAAE;aAC9C,CAAC,CAAC,CAAC;QACN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,qCAAqC,GAAG,EAAE,EAC1C,KAAK,CACN,CAAC;YAEF,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACK,KAAK,CAAC,SAAS,CACrB,GAAW,EACX,UAAkB;QAElB,MAAM,gBAAgB,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QAEvE,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE;YACpD,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,SAAS,CAClB,GAAG,EACH,UAAU,CACX,CAAC;YACJ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CACX,mCAAmC,GAAG,EAAE,EACxC,KAAK,CACN,CAAC;gBAEF,MAAM,KAAK,CAAC;YACd,CAAC;oBAAS,CAAC;gBACT,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,CAAC,GAAG,CACjB,GAAG,EACH,YAAY,CACb,CAAC;QAEF,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,KAAK,CAAC,IAAa;QAE9B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,wBAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAE5C,MAAM,gBAAgB,GAAG,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAEvD,MAAM,IAAI,CAAC,SAAS,CAClB,gBAAgB,EAChB,QAAQ,CACT,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,6CAA6C,EAC7C,KAAK,CACN,CAAC;YAEF,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;CACF;AA3JD,kEA2JC"}
+{"version":3,"file":"log.storage.external.s3.service.js","sourceRoot":"","sources":["../../src/services/log.storage.external.s3.service.ts"],"names":[],"mappings":";;;AAAA,8DAA4E;AAC5E,oDAAmE;AACnE,iFAA2E;AAG3E,+CAA2C;AAE3C,8FAA0F;AAC1F,mDAA+C;AAE/C;;;;;;;;;GASG;AACH,MAAa,2BAA4B,SAAQ,wDAAyB;IAsBxE;;;;OAIG;IACH,YAAa,gBAA2C;QAEtD,KAAK,CAAE,gBAAgB,CAAC,CAAC;QAjB3B;;WAEG;QACK,eAAU,GAA+B,IAAI,GAAG,EAAE,CAAC;QAE3D;;WAEG;QACK,qBAAgB,GAAwB,IAAI,CAAC;QAWnD,IAAI,CAAC,MAAM,GAAG,IAAA,8DAA6B,GAAE,CAAC;QAE9C,MAAM,cAAc,GAAQ;YAC1B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;SAC3B,CAAC;QAEF,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,cAAc,CAAC,WAAW,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,wBAAwB,EAAE,CAAC;QACrE,CAAC;aAAM,IACL,IAAI,CAAC,MAAM,CAAC,WAAW;eACpB,IAAI,CAAC,MAAM,CAAC,eAAe,EAC9B,CAAC;YACD,cAAc,CAAC,WAAW,GAAG;gBAC3B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;aAC7C,CAAC;QACJ,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACzB,cAAc,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QACjD,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,IAAI,gCAAc,CAAC,cAAc,CAAC,CAAC;IACrD,CAAC;IAED;;;;OAIG;IACI,SAAS;QAEd,OAAO,IAAI,CAAC,gBAAgB,CAAC,YAAY,CAAC;IAC5C,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,wBAAwB;QAEpC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACxE,CAAC;QAED,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1B,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC;gBAChD,MAAM,cAAc,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;gBACxD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;gBACvB,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;gBAEjC,IAAI,cAAc,CAAC,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;oBAC1D,OAAO,WAAW,CAAC;gBACrB,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CACV,wCAAwC,EACxC,KAAK,CACN,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,4BAA4B,EAAE,CAAC;QAE5D,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,4BAA4B;QAExC,MAAM,SAAS,GAAG,IAAI,sBAAS,CAAC;YAC9B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;SAC/B,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,IAAI,8BAAiB,CAAC;YACpC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAQ;YAC7B,eAAe,EAAE,uBAAuB,IAAI,CAAC,GAAG,EAAE,EAAE;YACpD,eAAe,EAAE,IAAI,EAAE,SAAS;SACjC,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAE/C,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAC1B,MAAM,IAAI,oBAAQ,CAAC,oDAAoD,CAAC,CAAC;YAC3E,CAAC;YAED,OAAO;gBACL,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,WAAY;gBAC9C,eAAe,EAAE,QAAQ,CAAC,WAAW,CAAC,eAAgB;gBACtD,YAAY,EAAE,QAAQ,CAAC,WAAW,CAAC,YAAa;gBAChD,UAAU,EAAE,QAAQ,CAAC,WAAW,CAAC,UAAW,CAAC,WAAW,EAAE;aAC3D,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,wBAAwB,EACxB,KAAK,CACN,CAAC;YAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC;YAE7B,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,SAAS,CACrB,GAAW,EACX,OAAe;QAEf,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,kCAAgB,CAAC;gBAC5C,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;gBAClD,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,EAAE;aAC9C,CAAC,CAAC,CAAC;QACN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,qCAAqC,GAAG,EAAE,EAC1C,KAAK,CACN,CAAC;YAEF,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACK,KAAK,CAAC,SAAS,CACrB,GAAW,EACX,UAAkB;QAElB,MAAM,gBAAgB,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QAEvE,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE;YACpD,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,SAAS,CAClB,GAAG,EACH,UAAU,CACX,CAAC;YACJ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CACX,mCAAmC,GAAG,EAAE,EACxC,KAAK,CACN,CAAC;gBAEF,MAAM,KAAK,CAAC;YACd,CAAC;oBAAS,CAAC;gBACT,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,CAAC,GAAG,CACjB,GAAG,EACH,YAAY,CACb,CAAC;QAEF,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,KAAK,CAAC,IAAa;QAE9B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,wBAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAE5C,MAAM,gBAAgB,GAAG,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAEvD,MAAM,IAAI,CAAC,SAAS,CAClB,gBAAgB,EAChB,QAAQ,CACT,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,6CAA6C,EAC7C,KAAK,CACN,CAAC;YAEF,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;CACF;AA9OD,kEA8OC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nicollasfrazao/liguelead-log-service",
-  "version": "1.0.0",
+  "version": "1.1.1",
   "description": "A standalone logging service for Express applications with multi-destination storage (local files + S3 via Kinesis Firehose) and comprehensive request tracking using strategy pattern.",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -49,6 +49,7 @@
   "dependencies": {
     "@aws-sdk/client-firehose": "^3.658.1",
     "@aws-sdk/client-s3": "^3.658.1",
+    "@aws-sdk/client-sts": "^3.921.0",
     "uuid": "^9.0.1"
   },
   "devDependencies": {