@smithy/credential-provider-imds 1.0.0

package/dist-es/fromContainerMetadata.js

@@ -0,0 +1,66 @@
+import { CredentialsProviderError } from "@smithy/property-provider";
+import { parse } from "url";
+import { httpRequest } from "./remoteProvider/httpRequest";
+import { fromImdsCredentials, isImdsCredentials } from "./remoteProvider/ImdsCredentials";
+import { providerConfigFromInit } from "./remoteProvider/RemoteProviderInit";
+import { retry } from "./remoteProvider/retry";
+export const ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
+export const ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
+export const ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
+export const fromContainerMetadata = (init = {}) => {
+    const { timeout, maxRetries } = providerConfigFromInit(init);
+    return () => retry(async () => {
+        const requestOptions = await getCmdsUri();
+        const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions));
+        if (!isImdsCredentials(credsResponse)) {
+            throw new CredentialsProviderError("Invalid response received from instance metadata service.");
+        }
+        return fromImdsCredentials(credsResponse);
+    }, maxRetries);
+};
+const requestFromEcsImds = async (timeout, options) => {
+    if (process.env[ENV_CMDS_AUTH_TOKEN]) {
+        options.headers = {
+            ...options.headers,
+            Authorization: process.env[ENV_CMDS_AUTH_TOKEN],
+        };
+    }
+    const buffer = await httpRequest({
+        ...options,
+        timeout,
+    });
+    return buffer.toString();
+};
+const CMDS_IP = "169.254.170.2";
+const GREENGRASS_HOSTS = {
+    localhost: true,
+    "127.0.0.1": true,
+};
+const GREENGRASS_PROTOCOLS = {
+    "http:": true,
+    "https:": true,
+};
+const getCmdsUri = async () => {
+    if (process.env[ENV_CMDS_RELATIVE_URI]) {
+        return {
+            hostname: CMDS_IP,
+            path: process.env[ENV_CMDS_RELATIVE_URI],
+        };
+    }
+    if (process.env[ENV_CMDS_FULL_URI]) {
+        const parsed = parse(process.env[ENV_CMDS_FULL_URI]);
+        if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) {
+            throw new CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, false);
+        }
+        if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) {
+            throw new CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, false);
+        }
+        return {
+            ...parsed,
+            port: parsed.port ? parseInt(parsed.port, 10) : undefined,
+        };
+    }
+    throw new CredentialsProviderError("The container metadata credential provider cannot be used unless" +
+        ` the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment` +
+        " variable is set", false);
+};

package/dist-es/fromInstanceMetadata.js

@@ -0,0 +1,91 @@
+import { CredentialsProviderError } from "@smithy/property-provider";
+import { httpRequest } from "./remoteProvider/httpRequest";
+import { fromImdsCredentials, isImdsCredentials } from "./remoteProvider/ImdsCredentials";
+import { providerConfigFromInit } from "./remoteProvider/RemoteProviderInit";
+import { retry } from "./remoteProvider/retry";
+import { getInstanceMetadataEndpoint } from "./utils/getInstanceMetadataEndpoint";
+import { staticStabilityProvider } from "./utils/staticStabilityProvider";
+const IMDS_PATH = "/latest/meta-data/iam/security-credentials/";
+const IMDS_TOKEN_PATH = "/latest/api/token";
+export const fromInstanceMetadata = (init = {}) => staticStabilityProvider(getInstanceImdsProvider(init), { logger: init.logger });
+const getInstanceImdsProvider = (init) => {
+    let disableFetchToken = false;
+    const { timeout, maxRetries } = providerConfigFromInit(init);
+    const getCredentials = async (maxRetries, options) => {
+        const profile = (await retry(async () => {
+            let profile;
+            try {
+                profile = await getProfile(options);
+            }
+            catch (err) {
+                if (err.statusCode === 401) {
+                    disableFetchToken = false;
+                }
+                throw err;
+            }
+            return profile;
+        }, maxRetries)).trim();
+        return retry(async () => {
+            let creds;
+            try {
+                creds = await getCredentialsFromProfile(profile, options);
+            }
+            catch (err) {
+                if (err.statusCode === 401) {
+                    disableFetchToken = false;
+                }
+                throw err;
+            }
+            return creds;
+        }, maxRetries);
+    };
+    return async () => {
+        const endpoint = await getInstanceMetadataEndpoint();
+        if (disableFetchToken) {
+            return getCredentials(maxRetries, { ...endpoint, timeout });
+        }
+        else {
+            let token;
+            try {
+                token = (await getMetadataToken({ ...endpoint, timeout })).toString();
+            }
+            catch (error) {
+                if (error?.statusCode === 400) {
+                    throw Object.assign(error, {
+                        message: "EC2 Metadata token request returned error",
+                    });
+                }
+                else if (error.message === "TimeoutError" || [403, 404, 405].includes(error.statusCode)) {
+                    disableFetchToken = true;
+                }
+                return getCredentials(maxRetries, { ...endpoint, timeout });
+            }
+            return getCredentials(maxRetries, {
+                ...endpoint,
+                headers: {
+                    "x-aws-ec2-metadata-token": token,
+                },
+                timeout,
+            });
+        }
+    };
+};
+const getMetadataToken = async (options) => httpRequest({
+    ...options,
+    path: IMDS_TOKEN_PATH,
+    method: "PUT",
+    headers: {
+        "x-aws-ec2-metadata-token-ttl-seconds": "21600",
+    },
+});
+const getProfile = async (options) => (await httpRequest({ ...options, path: IMDS_PATH })).toString();
+const getCredentialsFromProfile = async (profile, options) => {
+    const credsResponse = JSON.parse((await httpRequest({
+        ...options,
+        path: IMDS_PATH + profile,
+    })).toString());
+    if (!isImdsCredentials(credsResponse)) {
+        throw new CredentialsProviderError("Invalid response received from instance metadata service.");
+    }
+    return fromImdsCredentials(credsResponse);
+};

package/dist-es/index.js

@@ -0,0 +1,6 @@
+export * from "./fromContainerMetadata";
+export * from "./fromInstanceMetadata";
+export * from "./remoteProvider/RemoteProviderInit";
+export * from "./types";
+export { httpRequest } from "./remoteProvider/httpRequest";
+export { getInstanceMetadataEndpoint } from "./utils/getInstanceMetadataEndpoint";

package/dist-es/remoteProvider/ImdsCredentials.js

@@ -0,0 +1,12 @@
+export const isImdsCredentials = (arg) => Boolean(arg) &&
+    typeof arg === "object" &&
+    typeof arg.AccessKeyId === "string" &&
+    typeof arg.SecretAccessKey === "string" &&
+    typeof arg.Token === "string" &&
+    typeof arg.Expiration === "string";
+export const fromImdsCredentials = (creds) => ({
+    accessKeyId: creds.AccessKeyId,
+    secretAccessKey: creds.SecretAccessKey,
+    sessionToken: creds.Token,
+    expiration: new Date(creds.Expiration),
+});

package/dist-es/remoteProvider/RemoteProviderInit.js

@@ -0,0 +1,3 @@
+export const DEFAULT_TIMEOUT = 1000;
+export const DEFAULT_MAX_RETRIES = 0;
+export const providerConfigFromInit = ({ maxRetries = DEFAULT_MAX_RETRIES, timeout = DEFAULT_TIMEOUT, }) => ({ maxRetries, timeout });

package/dist-es/remoteProvider/httpRequest.js

@@ -0,0 +1,36 @@
+import { ProviderError } from "@smithy/property-provider";
+import { Buffer } from "buffer";
+import { request } from "http";
+export function httpRequest(options) {
+    return new Promise((resolve, reject) => {
+        const req = request({
+            method: "GET",
+            ...options,
+            hostname: options.hostname?.replace(/^\[(.+)\]$/, "$1"),
+        });
+        req.on("error", (err) => {
+            reject(Object.assign(new ProviderError("Unable to connect to instance metadata service"), err));
+            req.destroy();
+        });
+        req.on("timeout", () => {
+            reject(new ProviderError("TimeoutError from instance metadata service"));
+            req.destroy();
+        });
+        req.on("response", (res) => {
+            const { statusCode = 400 } = res;
+            if (statusCode < 200 || 300 <= statusCode) {
+                reject(Object.assign(new ProviderError("Error response received from instance metadata service"), { statusCode }));
+                req.destroy();
+            }
+            const chunks = [];
+            res.on("data", (chunk) => {
+                chunks.push(chunk);
+            });
+            res.on("end", () => {
+                resolve(Buffer.concat(chunks));
+                req.destroy();
+            });
+        });
+        req.end();
+    });
+}

package/dist-es/remoteProvider/index.js

@@ -0,0 +1,2 @@
+export * from "./ImdsCredentials";
+export * from "./RemoteProviderInit";

package/dist-es/remoteProvider/retry.js

@@ -0,0 +1,7 @@
+export const retry = (toRetry, maxRetries) => {
+    let promise = toRetry();
+    for (let i = 0; i < maxRetries; i++) {
+        promise = promise.catch(toRetry);
+    }
+    return promise;
+};

package/dist-es/types.js

@@ -0,0 +1 @@
+export {};

package/dist-es/utils/getExtendedInstanceMetadataCredentials.js

@@ -0,0 +1,17 @@
+const STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60;
+const STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60;
+const STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html";
+export const getExtendedInstanceMetadataCredentials = (credentials, logger) => {
+    const refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS +
+        Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS);
+    const newExpiration = new Date(Date.now() + refreshInterval * 1000);
+    logger.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these " +
+        "credentials will be attempted after ${new Date(newExpiration)}.\nFor more information, please visit: " +
+        STATIC_STABILITY_DOC_URL);
+    const originalExpiration = credentials.originalExpiration ?? credentials.expiration;
+    return {
+        ...credentials,
+        ...(originalExpiration ? { originalExpiration } : {}),
+        expiration: newExpiration,
+    };
+};

package/dist-es/utils/getInstanceMetadataEndpoint.js

@@ -0,0 +1,19 @@
+import { loadConfig } from "@smithy/node-config-provider";
+import { parseUrl } from "@smithy/url-parser";
+import { Endpoint as InstanceMetadataEndpoint } from "../config/Endpoint";
+import { ENDPOINT_CONFIG_OPTIONS } from "../config/EndpointConfigOptions";
+import { EndpointMode } from "../config/EndpointMode";
+import { ENDPOINT_MODE_CONFIG_OPTIONS, } from "../config/EndpointModeConfigOptions";
+export const getInstanceMetadataEndpoint = async () => parseUrl((await getFromEndpointConfig()) || (await getFromEndpointModeConfig()));
+const getFromEndpointConfig = async () => loadConfig(ENDPOINT_CONFIG_OPTIONS)();
+const getFromEndpointModeConfig = async () => {
+    const endpointMode = await loadConfig(ENDPOINT_MODE_CONFIG_OPTIONS)();
+    switch (endpointMode) {
+        case EndpointMode.IPv4:
+            return InstanceMetadataEndpoint.IPv4;
+        case EndpointMode.IPv6:
+            return InstanceMetadataEndpoint.IPv6;
+        default:
+            throw new Error(`Unsupported endpoint mode: ${endpointMode}.` + ` Select from ${Object.values(EndpointMode)}`);
+    }
+};

package/dist-es/utils/staticStabilityProvider.js

@@ -0,0 +1,25 @@
+import { getExtendedInstanceMetadataCredentials } from "./getExtendedInstanceMetadataCredentials";
+export const staticStabilityProvider = (provider, options = {}) => {
+    const logger = options?.logger || console;
+    let pastCredentials;
+    return async () => {
+        let credentials;
+        try {
+            credentials = await provider();
+            if (credentials.expiration && credentials.expiration.getTime() < Date.now()) {
+                credentials = getExtendedInstanceMetadataCredentials(credentials, logger);
+            }
+        }
+        catch (e) {
+            if (pastCredentials) {
+                logger.warn("Credential renew failed: ", e);
+                credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger);
+            }
+            else {
+                throw e;
+            }
+        }
+        pastCredentials = credentials;
+        return credentials;
+    };
+};

package/dist-types/config/Endpoint.d.ts

@@ -0,0 +1,7 @@
+/**
+ * @internal
+ */
+export declare enum Endpoint {
+    IPv4 = "http://169.254.169.254",
+    IPv6 = "http://[fd00:ec2::254]"
+}

package/dist-types/config/EndpointConfigOptions.d.ts

@@ -0,0 +1,13 @@
+import { LoadedConfigSelectors } from "@smithy/node-config-provider";
+/**
+ * @internal
+ */
+export declare const ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT";
+/**
+ * @internal
+ */
+export declare const CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint";
+/**
+ * @internal
+ */
+export declare const ENDPOINT_CONFIG_OPTIONS: LoadedConfigSelectors<string | undefined>;

package/dist-types/config/EndpointMode.d.ts

@@ -0,0 +1,7 @@
+/**
+ * @internal
+ */
+export declare enum EndpointMode {
+    IPv4 = "IPv4",
+    IPv6 = "IPv6"
+}

package/dist-types/config/EndpointModeConfigOptions.d.ts

@@ -0,0 +1,13 @@
+import { LoadedConfigSelectors } from "@smithy/node-config-provider";
+/**
+ * @internal
+ */
+export declare const ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE";
+/**
+ * @internal
+ */
+export declare const CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode";
+/**
+ * @internal
+ */
+export declare const ENDPOINT_MODE_CONFIG_OPTIONS: LoadedConfigSelectors<string | undefined>;

package/dist-types/fromContainerMetadata.d.ts

@@ -0,0 +1,21 @@
+import { AwsCredentialIdentityProvider } from "@smithy/types";
+import { RemoteProviderInit } from "./remoteProvider/RemoteProviderInit";
+/**
+ * @internal
+ */
+export declare const ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
+/**
+ * @internal
+ */
+export declare const ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
+/**
+ * @internal
+ */
+export declare const ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
+/**
+ * @internal
+ *
+ * Creates a credential provider that will source credentials from the ECS
+ * Container Metadata Service
+ */
+export declare const fromContainerMetadata: (init?: RemoteProviderInit) => AwsCredentialIdentityProvider;

package/dist-types/fromInstanceMetadata.d.ts

@@ -0,0 +1,10 @@
+import { Provider } from "@smithy/types";
+import { RemoteProviderInit } from "./remoteProvider/RemoteProviderInit";
+import { InstanceMetadataCredentials } from "./types";
+/**
+ * @internal
+ *
+ * Creates a credential provider that will source credentials from the EC2
+ * Instance Metadata Service
+ */
+export declare const fromInstanceMetadata: (init?: RemoteProviderInit) => Provider<InstanceMetadataCredentials>;

package/dist-types/index.d.ts

@@ -0,0 +1,24 @@
+/**
+ * @internal
+ */
+export * from "./fromContainerMetadata";
+/**
+ * @internal
+ */
+export * from "./fromInstanceMetadata";
+/**
+ * @internal
+ */
+export * from "./remoteProvider/RemoteProviderInit";
+/**
+ * @internal
+ */
+export * from "./types";
+/**
+ * @internal
+ */
+export { httpRequest } from "./remoteProvider/httpRequest";
+/**
+ * @internal
+ */
+export { getInstanceMetadataEndpoint } from "./utils/getInstanceMetadataEndpoint";

package/dist-types/remoteProvider/ImdsCredentials.d.ts

@@ -0,0 +1,18 @@
+import { AwsCredentialIdentity } from "@smithy/types";
+/**
+ * @internal
+ */
+export interface ImdsCredentials {
+    AccessKeyId: string;
+    SecretAccessKey: string;
+    Token: string;
+    Expiration: string;
+}
+/**
+ * @internal
+ */
+export declare const isImdsCredentials: (arg: any) => arg is ImdsCredentials;
+/**
+ * @internal
+ */
+export declare const fromImdsCredentials: (creds: ImdsCredentials) => AwsCredentialIdentity;

package/dist-types/remoteProvider/RemoteProviderInit.d.ts

@@ -0,0 +1,32 @@
+import { Logger } from "@smithy/types";
+/**
+ * @internal
+ */
+export declare const DEFAULT_TIMEOUT = 1000;
+/**
+ * @internal
+ */
+export declare const DEFAULT_MAX_RETRIES = 0;
+/**
+ * @internal
+ */
+export interface RemoteProviderConfig {
+    /**
+     * The connection timeout (in milliseconds)
+     */
+    timeout: number;
+    /**
+     * The maximum number of times the HTTP connection should be retried
+     */
+    maxRetries: number;
+}
+/**
+ * @internal
+ */
+export interface RemoteProviderInit extends Partial<RemoteProviderConfig> {
+    logger?: Logger;
+}
+/**
+ * @internal
+ */
+export declare const providerConfigFromInit: ({ maxRetries, timeout, }: RemoteProviderInit) => RemoteProviderConfig;

package/dist-types/remoteProvider/httpRequest.d.ts

@@ -0,0 +1,7 @@
+/// <reference types="node" />
+/// <reference types="node" />
+import { RequestOptions } from "http";
+/**
+ * @internal
+ */
+export declare function httpRequest(options: RequestOptions): Promise<Buffer>;

package/dist-types/remoteProvider/index.d.ts

@@ -0,0 +1,8 @@
+/**
+ * @internal
+ */
+export * from "./ImdsCredentials";
+/**
+ * @internal
+ */
+export * from "./RemoteProviderInit";

package/dist-types/remoteProvider/retry.d.ts

@@ -0,0 +1,10 @@
+/**
+ * @internal
+ */
+export interface RetryableProvider<T> {
+    (): Promise<T>;
+}
+/**
+ * @internal
+ */
+export declare const retry: <T>(toRetry: RetryableProvider<T>, maxRetries: number) => Promise<T>;

package/dist-types/types.d.ts

@@ -0,0 +1,7 @@
+import { AwsCredentialIdentity } from "@smithy/types";
+/**
+ * @internal
+ */
+export interface InstanceMetadataCredentials extends AwsCredentialIdentity {
+    readonly originalExpiration?: Date;
+}

package/dist-types/utils/getExtendedInstanceMetadataCredentials.d.ts

@@ -0,0 +1,6 @@
+import { Logger } from "@smithy/types";
+import { InstanceMetadataCredentials } from "../types";
+/**
+ * @internal
+ */
+export declare const getExtendedInstanceMetadataCredentials: (credentials: InstanceMetadataCredentials, logger: Logger) => InstanceMetadataCredentials;

package/dist-types/utils/getInstanceMetadataEndpoint.d.ts

@@ -0,0 +1,21 @@
+import { Endpoint } from "@smithy/types";
+/**
+ * Returns the host to use for instance metadata service call.
+ *
+ * The host is read from endpoint which can be set either in
+ * {@link ENV_ENDPOINT_NAME} environment variable or {@link CONFIG_ENDPOINT_NAME}
+ * configuration property.
+ *
+ * If endpoint is not set, then endpoint mode is read either from
+ * {@link ENV_ENDPOINT_MODE_NAME} environment variable or {@link CONFIG_ENDPOINT_MODE_NAME}
+ * configuration property. If endpoint mode is not set, then default endpoint mode
+ * {@link EndpointMode.IPv4} is used.
+ *
+ * If endpoint mode is set to {@link EndpointMode.IPv4}, then the host is {@link Endpoint.IPv4}.
+ * If endpoint mode is set to {@link EndpointMode.IPv6}, then the host is {@link Endpoint.IPv6}.
+ *
+ * @returns Host to use for instance metadata service call.
+ *
+ * @internal
+ */
+export declare const getInstanceMetadataEndpoint: () => Promise<Endpoint>;

package/dist-types/utils/staticStabilityProvider.d.ts

@@ -0,0 +1,16 @@
+import { Logger, Provider } from "@smithy/types";
+import { InstanceMetadataCredentials } from "../types";
+/**
+ * @internal
+ *
+ * IMDS credential supports static stability feature. When used, the expiration
+ * of recently issued credentials is extended. The server side allows using
+ * the recently expired credentials. This mitigates impact when clients using
+ * refreshable credentials are unable to retrieve updates.
+ *
+ * @param provider Credential provider
+ * @returns A credential provider that supports static stability
+ */
+export declare const staticStabilityProvider: (provider: Provider<InstanceMetadataCredentials>, options?: {
+    logger?: Logger | undefined;
+}) => Provider<InstanceMetadataCredentials>;

package/package.json

@@ -0,0 +1,69 @@
+{
+  "name": "@smithy/credential-provider-imds",
+  "version": "1.0.0",
+  "description": "AWS credential provider that sources credentials from the EC2 instance metadata service and ECS container metadata service",
+  "main": "./dist-cjs/index.js",
+  "module": "./dist-es/index.js",
+  "scripts": {
+    "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
+    "build:cjs": "tsc -p tsconfig.cjs.json",
+    "build:es": "tsc -p tsconfig.es.json",
+    "build:types": "tsc -p tsconfig.types.json",
+    "build:types:downlevel": "downlevel-dts dist-types dist-types/ts3.4",
+    "stage-release": "rimraf ./.release && yarn pack && mkdir ./.release && tar zxvf ./package.tgz --directory ./.release && rm ./package.tgz",
+    "clean": "rimraf ./dist-* && rimraf *.tsbuildinfo",
+    "lint": "eslint -c ../../.eslintrc.js \"src/**/*.ts\"",
+    "format": "prettier --config ../../prettier.config.js --ignore-path ../.prettierignore --write \"**/*.{ts,md,json}\"",
+    "test": "jest"
+  },
+  "keywords": [
+    "aws",
+    "credentials"
+  ],
+  "author": {
+    "name": "AWS SDK for JavaScript Team",
+    "url": "https://aws.amazon.com/javascript/"
+  },
+  "license": "Apache-2.0",
+  "dependencies": {
+    "@smithy/node-config-provider": "workspace:^",
+    "@smithy/property-provider": "workspace:^",
+    "@smithy/types": "workspace:^",
+    "@smithy/url-parser": "workspace:^",
+    "tslib": "^2.5.0"
+  },
+  "devDependencies": {
+    "@tsconfig/recommended": "1.0.1",
+    "@types/node": "^14.14.31",
+    "concurrently": "7.0.0",
+    "downlevel-dts": "0.10.1",
+    "jest": "28.1.1",
+    "nock": "^13.0.2",
+    "rimraf": "3.0.2",
+    "typedoc": "0.23.23",
+    "typescript": "~4.9.5"
+  },
+  "types": "./dist-types/index.d.ts",
+  "engines": {
+    "node": ">=14.0.0"
+  },
+  "typesVersions": {
+    "<4.0": {
+      "dist-types/*": [
+        "dist-types/ts3.4/*"
+      ]
+    }
+  },
+  "files": [
+    "dist-*/**"
+  ],
+  "homepage": "https://github.com/awslabs/smithy-typescript/tree/main/packages/credential-provider-imds",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/awslabs/smithy-typescript.git",
+    "directory": "packages/credential-provider-imds"
+  },
+  "typedoc": {
+    "entryPoint": "src/index.ts"
+  }
+}