aws-iam-language-server 0.0.28 → 0.0.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/package.json +1 -1
  2. package/src/data/servicereference/actions.json +1 -1
  3. package/src/data/servicereference/services/apigateway.json +1 -1
  4. package/src/data/servicereference/services/bedrock-agentcore.json +1 -1
  5. package/src/data/servicereference/services/billing.json +1 -1
  6. package/src/data/servicereference/services/cloudformation.json +1 -1
  7. package/src/data/servicereference/services/cloudfront.json +1 -1
  8. package/src/data/servicereference/services/datazone.json +1 -1
  9. package/src/data/servicereference/services/dsql.json +1 -1
  10. package/src/data/servicereference/services/inspector2-telemetry.json +1 -1
  11. package/src/data/servicereference/services/kinesisanalytics.json +1 -1
  12. package/src/data/servicereference/services/logs.json +1 -1
  13. package/src/data/servicereference/services/odb.json +1 -1
  14. package/src/data/servicereference/services/rtbfabric.json +1 -1
  15. package/src/data/servicereference/services/sagemaker.json +1 -1
  16. package/src/data/servicereference/services/sts.json +1 -1
  17. package/src/lib/treesitter/yaml.js +14 -10
package/src/data/servicereference/services/sts.json CHANGED
@@ -1 +1 @@
1
- {"name":"sts","actions":{"AssumeRole":{"name":"AssumeRole","service":"sts","conditionKeys":["accounts.google.com:aud","accounts.google.com:sub","aws:RequestTag/${TagKey}","aws:TagKeys","cognito-identity.amazonaws.com:amr","cognito-identity.amazonaws.com:aud","cognito-identity.amazonaws.com:sub","graph.facebook.com:app_id","graph.facebook.com:id","iam:ResourceTag/${TagKey}","saml:namequalifier","saml:sub","saml:sub_type","sts:ExternalId","sts:RoleSessionName","sts:SourceIdentity","sts:TransitiveTagKeys","www.amazon.com:app_id","www.amazon.com:user_id"],"resources":[{"name":"role"}],"description":"Grants permission to obtain a set of temporary security credentials that you can use to access AWS resources that you might not normally have access to","accessLevel":"Write","resourceTypes":[{"name":"role","required":true}],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-AssumeRole"},"AssumeRoleWithSAML":{"name":"AssumeRoleWithSAML","service":"sts","conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","saml:aud","saml:cn","saml:commonName","saml:doc","saml:eduorghomepageuri","saml:eduorgidentityauthnpolicyuri","saml:eduorglegalname","saml:eduorgsuperioruri","saml:eduorgwhitepagesuri","saml:edupersonaffiliation","saml:edupersonassurance","saml:edupersonentitlement","saml:edupersonnickname","saml:edupersonorgdn","saml:edupersonorgunitdn","saml:edupersonprimaryaffiliation","saml:edupersonprimaryorgunitdn","saml:edupersonprincipalname","saml:edupersonscopedaffiliation","saml:edupersontargetedid","saml:givenName","saml:iss","saml:mail","saml:name","saml:namequalifier","saml:organizationStatus","saml:primaryGroupSID","saml:sub","saml:sub_type","saml:surname","saml:uid","saml:x500UniqueIdentifier","sts:RoleSessionName","sts:SourceIdentity","sts:TransitiveTagKeys"],"resources":[{"name":"role"}],"description":"Grants permission to obtain a set of temporary security credentials for users who have been authenticated via a SAML authentication response","accessLevel":"Write","resourceTypes":[{"name":"role","required":true}],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithSAML.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-AssumeRoleWithSAML"},"AssumeRoleWithWebIdentity":{"name":"AssumeRoleWithWebIdentity","service":"sts","conditionKeys":["accounts.google.com:aud","accounts.google.com:oaud","accounts.google.com:sub","aws:RequestTag/${TagKey}","aws:TagKeys","cognito-identity.amazonaws.com:amr","cognito-identity.amazonaws.com:aud","cognito-identity.amazonaws.com:sub","graph.facebook.com:app_id","graph.facebook.com:id","sts:RoleSessionName","sts:SourceIdentity","sts:TransitiveTagKeys","www.amazon.com:app_id","www.amazon.com:user_id"],"resources":[{"name":"role"}],"description":"Grants permission to obtain a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider","accessLevel":"Write","resourceTypes":[{"name":"role","required":true}],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-AssumeRoleWithWebIdentity"},"AssumeRoot":{"name":"AssumeRoot","service":"sts","conditionKeys":["sts:TaskPolicyArn"],"resources":[{"name":"root-user"}],"description":"Grants permission to obtain a set of temporary security credentials that you can use to perform privileged tasks in member accounts in your organization","accessLevel":"Write","resourceTypes":[{"name":"root-user","required":true}],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoot.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-AssumeRoot"},"DecodeAuthorizationMessage":{"name":"DecodeAuthorizationMessage","service":"sts","conditionKeys":[],"resources":[],"description":"Grants permission to decode additional information about the authorization status of a request from an encoded message returned in response to an AWS request","accessLevel":"Write","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_DecodeAuthorizationMessage.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-DecodeAuthorizationMessage"},"GetAccessKeyInfo":{"name":"GetAccessKeyInfo","service":"sts","conditionKeys":[],"resources":[],"description":"Grants permission to obtain details about the access key id passed as a parameter to the request","accessLevel":"Read","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetAccessKeyInfo.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetAccessKeyInfo"},"GetCallerIdentity":{"name":"GetCallerIdentity","service":"sts","conditionKeys":[],"resources":[],"description":"Grants permission to obtain details about the IAM identity whose credentials are used to call the API","accessLevel":"Read","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetCallerIdentity"},"GetDelegatedAccessToken":{"name":"GetDelegatedAccessToken","service":"sts","conditionKeys":[],"resources":[],"description":"Returns temporary security credentials for accessing an AWS account after temporary delegation request approval. This API requires the tradeInToken provided upon request delegation approval and is intended to be used only by Amazon or AWS Partners","accessLevel":"Write","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetDelegatedAccessToken.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetDelegatedAccessToken"},"GetFederationToken":{"name":"GetFederationToken","service":"sts","conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"federated-user"},{"name":"user"}],"description":"Grants permission to obtain a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a federated user","accessLevel":"Read","resourceTypes":[{"name":"federated-user","required":false},{"name":"user","required":false}],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetFederationToken.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetFederationToken"},"GetServiceBearerToken":{"name":"GetServiceBearerToken","service":"sts","conditionKeys":["sts:AWSServiceName","sts:DurationSeconds"],"resources":[],"description":"Grants permission to obtain a STS bearer token for an AWS root user, IAM role, or an IAM user","accessLevel":"Read","resourceTypes":[],"permissionOnly":true,"operationUrl":"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_bearer.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetServiceBearerToken"},"GetSessionToken":{"name":"GetSessionToken","service":"sts","conditionKeys":[],"resources":[],"description":"Grants permission to obtain a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for an AWS account or IAM user","accessLevel":"Read","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetSessionToken"},"GetWebIdentityToken":{"name":"GetWebIdentityToken","service":"sts","conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","sts:DurationSeconds","sts:IdentityTokenAudience","sts:SigningAlgorithm"],"resources":[],"description":"Grants permission to obtain a short-lived, publicly verifiable JSON Web Token (JWT) that represents the calling IAM principal's identity","accessLevel":"Write","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetWebIdentityToken.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetWebIdentityToken"},"SetContext":{"name":"SetContext","service":"sts","conditionKeys":["sts:RequestContext/${ContextKey}","sts:RequestContextProviders"],"resources":[{"name":"role"},{"name":"self-session"}],"description":"Grants permission to set context keys on a STS session","accessLevel":"Write","resourceTypes":[{"name":"role","required":false},{"name":"self-session","required":false}],"permissionOnly":true,"operationUrl":"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-sts","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-SetContext"},"SetSourceIdentity":{"name":"SetSourceIdentity","service":"sts","conditionKeys":["sts:SourceIdentity"],"resources":[{"name":"role"},{"name":"user"}],"description":"Grants permission to set a source identity on a STS session","accessLevel":"Write","resourceTypes":[{"name":"role","required":false},{"name":"user","required":false}],"permissionOnly":true,"operationUrl":"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html#id_credentials_temp_control-access_monitor-perms","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-SetSourceIdentity"},"TagGetWebIdentityToken":{"name":"TagGetWebIdentityToken","service":"sts","conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to add tags to the JSON Web Token (JWT) generated by the GetWebIdentityToken API","accessLevel":"Tagging","resourceTypes":[],"permissionOnly":true,"operationUrl":"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_web_identity_token_tags.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-TagGetWebIdentityToken"},"TagSession":{"name":"TagSession","service":"sts","conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","saml:aud","sts:TransitiveTagKeys"],"resources":[{"name":"role"},{"name":"user"}],"description":"Grants permission to add tags to a STS session","accessLevel":"Tagging","resourceTypes":[{"name":"role","required":false},{"name":"user","required":false}],"permissionOnly":true,"operationUrl":"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-TagSession"}},"resources":[{"service":"sts","name":"context-provider","arnFormats":["arn:${Partition}:iam::aws:contextProvider/${ContextProviderName}"],"conditionKeys":[]},{"service":"sts","name":"federated-user","arnFormats":["arn:${Partition}:sts::${Account}:federated-user/${FederatedUserName}"],"conditionKeys":[]},{"service":"sts","name":"role","arnFormats":["arn:${Partition}:iam::${Account}:role/${RoleNameWithPath}"],"conditionKeys":["aws:ResourceTag/${TagKey}","iam:ResourceTag/${TagKey}"]},{"service":"sts","name":"root-user","arnFormats":["arn:${Partition}:iam::${Account}:root"],"conditionKeys":[]},{"service":"sts","name":"self-session","arnFormats":["arn:${Partition}:sts::${Account}:self"],"conditionKeys":[]},{"service":"sts","name":"user","arnFormats":["arn:${Partition}:iam::${Account}:user/${UserNameWithPath}"],"conditionKeys":[]}],"conditionKeys":{"accounts.google.com:aud":{"name":"accounts.google.com:aud","types":["String"],"description":"Filters access by the Google application ID"},"accounts.google.com:oaud":{"name":"accounts.google.com:oaud","types":["String"],"description":"Filters access by the Google audience"},"accounts.google.com:sub":{"name":"accounts.google.com:sub","types":["String"],"description":"Filters access by the subject of the claim (the Google user ID)"},"aws:RequestTag/${TagKey}":{"name":"aws:RequestTag/${TagKey}","types":["String"],"description":"Filters access by the tags that are passed in the request"},"aws:ResourceTag/${TagKey}":{"name":"aws:ResourceTag/${TagKey}","types":["String"],"description":"Filters access by the tags associated with the resource"},"aws:TagKeys":{"name":"aws:TagKeys","types":["ArrayOfString"],"description":"Filters access by the tag keys that are passed in the request"},"cognito-identity.amazonaws.com:amr":{"name":"cognito-identity.amazonaws.com:amr","types":["String"],"description":"Filters access by the login information for Amazon Cognito"},"cognito-identity.amazonaws.com:aud":{"name":"cognito-identity.amazonaws.com:aud","types":["String"],"description":"Filters access by the Amazon Cognito identity pool ID"},"cognito-identity.amazonaws.com:sub":{"name":"cognito-identity.amazonaws.com:sub","types":["String"],"description":"Filters access by the subject of the claim (the Amazon Cognito user ID)"},"graph.facebook.com:app_id":{"name":"graph.facebook.com:app_id","types":["String"],"description":"Filters access by the Facebook application ID"},"graph.facebook.com:id":{"name":"graph.facebook.com:id","types":["String"],"description":"Filters access by the Facebook user ID"},"iam:ResourceTag/${TagKey}":{"name":"iam:ResourceTag/${TagKey}","types":["String"],"description":"Filters access by the tags that are attached to the role that is being assumed"},"saml:aud":{"name":"saml:aud","types":["String"],"description":"Filters access by the endpoint URL to which SAML assertions are presented"},"saml:cn":{"name":"saml:cn","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:commonName":{"name":"saml:commonName","types":["String"],"description":"Filters access by the commonName attribute"},"saml:doc":{"name":"saml:doc","types":["String"],"description":"Filters access by on the principal that was used to assume the role"},"saml:eduorghomepageuri":{"name":"saml:eduorghomepageuri","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:eduorgidentityauthnpolicyuri":{"name":"saml:eduorgidentityauthnpolicyuri","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:eduorglegalname":{"name":"saml:eduorglegalname","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:eduorgsuperioruri":{"name":"saml:eduorgsuperioruri","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:eduorgwhitepagesuri":{"name":"saml:eduorgwhitepagesuri","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:edupersonaffiliation":{"name":"saml:edupersonaffiliation","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonassurance":{"name":"saml:edupersonassurance","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonentitlement":{"name":"saml:edupersonentitlement","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonnickname":{"name":"saml:edupersonnickname","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonorgdn":{"name":"saml:edupersonorgdn","types":["String"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonorgunitdn":{"name":"saml:edupersonorgunitdn","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonprimaryaffiliation":{"name":"saml:edupersonprimaryaffiliation","types":["String"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonprimaryorgunitdn":{"name":"saml:edupersonprimaryorgunitdn","types":["String"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonprincipalname":{"name":"saml:edupersonprincipalname","types":["String"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonscopedaffiliation":{"name":"saml:edupersonscopedaffiliation","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersontargetedid":{"name":"saml:edupersontargetedid","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:givenName":{"name":"saml:givenName","types":["String"],"description":"Filters access by the givenName attribute"},"saml:iss":{"name":"saml:iss","types":["String"],"description":"Filters access by on the issuer, which is represented by a URN"},"saml:mail":{"name":"saml:mail","types":["String"],"description":"Filters access by the mail attribute"},"saml:name":{"name":"saml:name","types":["String"],"description":"Filters access by the name attribute"},"saml:namequalifier":{"name":"saml:namequalifier","types":["String"],"description":"Filters access by the hash value of the issuer, account ID, and friendly name"},"saml:organizationStatus":{"name":"saml:organizationStatus","types":["String"],"description":"Filters access by the organizationStatus attribute"},"saml:primaryGroupSID":{"name":"saml:primaryGroupSID","types":["String"],"description":"Filters access by the primaryGroupSID attribute"},"saml:sub":{"name":"saml:sub","types":["String"],"description":"Filters access by the subject of the claim (the SAML user ID)"},"saml:sub_type":{"name":"saml:sub_type","types":["String"],"description":"Filters access by the value persistent, transient, or the full Format URI"},"saml:surname":{"name":"saml:surname","types":["String"],"description":"Filters access by the surname attribute"},"saml:uid":{"name":"saml:uid","types":["String"],"description":"Filters access by the uid attribute"},"saml:x500UniqueIdentifier":{"name":"saml:x500UniqueIdentifier","types":["String"],"description":"Filters access by the uid attribute"},"sts:AWSServiceName":{"name":"sts:AWSServiceName","types":["String"],"description":"Filters access by the service that is obtaining a bearer token"},"sts:DurationSeconds":{"name":"sts:DurationSeconds","types":["Numeric"],"description":"Filters access by the duration in seconds when getting a bearer token or a JSON Web Token (JWT) from the GetWebIdentityToken API"},"sts:ExternalId":{"name":"sts:ExternalId","types":["String"],"description":"Filters access by the unique identifier required when you assume a role in another account"},"sts:IdentityTokenAudience":{"name":"sts:IdentityTokenAudience","types":["ArrayOfString"],"description":"Filters access by the audience that is passed in the request"},"sts:RequestContext/${ContextKey}":{"name":"sts:RequestContext/${ContextKey}","types":["String"],"description":"Filters access by the session context key-value pairs embedded in the signed context assertion retrieved from a trusted context provider"},"sts:RequestContextProviders":{"name":"sts:RequestContextProviders","types":["ArrayOfARN"],"description":"Filters access by the context provider ARNs"},"sts:RoleSessionName":{"name":"sts:RoleSessionName","types":["String"],"description":"Filters access by the role session name required when you assume a role"},"sts:SigningAlgorithm":{"name":"sts:SigningAlgorithm","types":["String"],"description":"Filters access by the signing algorithm that is passed in the request"},"sts:SourceIdentity":{"name":"sts:SourceIdentity","types":["String"],"description":"Filters access by the source identity that is passed in the request"},"sts:TaskPolicyArn":{"name":"sts:TaskPolicyArn","types":["String"],"description":"Filters access by TaskPolicyARN"},"sts:TransitiveTagKeys":{"name":"sts:TransitiveTagKeys","types":["ArrayOfString"],"description":"Filters access by the transitive tag keys that are passed in the request"},"www.amazon.com:app_id":{"name":"www.amazon.com:app_id","types":["String"],"description":"Filters access by the Login with Amazon application ID"},"www.amazon.com:user_id":{"name":"www.amazon.com:user_id","types":["String"],"description":"Filters access by the Login with Amazon user ID"}},"url":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html"}
1
+ {"name":"sts","actions":{"AssumeRole":{"name":"AssumeRole","service":"sts","conditionKeys":["accounts.google.com:aud","accounts.google.com:sub","aws:RequestTag/${TagKey}","aws:TagKeys","cognito-identity.amazonaws.com:amr","cognito-identity.amazonaws.com:aud","cognito-identity.amazonaws.com:sub","graph.facebook.com:app_id","graph.facebook.com:id","iam:ResourceTag/${TagKey}","saml:namequalifier","saml:sub","saml:sub_type","sts:ExternalId","sts:RoleSessionName","sts:SourceIdentity","sts:TransitiveTagKeys","www.amazon.com:app_id","www.amazon.com:user_id"],"resources":[{"name":"role"}],"description":"Grants permission to obtain a set of temporary security credentials that you can use to access AWS resources that you might not normally have access to","accessLevel":"Write","resourceTypes":[{"name":"role","required":true}],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-AssumeRole"},"AssumeRoleWithSAML":{"name":"AssumeRoleWithSAML","service":"sts","conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","saml:aud","saml:cn","saml:commonName","saml:doc","saml:eduorghomepageuri","saml:eduorgidentityauthnpolicyuri","saml:eduorglegalname","saml:eduorgsuperioruri","saml:eduorgwhitepagesuri","saml:edupersonaffiliation","saml:edupersonassurance","saml:edupersonentitlement","saml:edupersonnickname","saml:edupersonorgdn","saml:edupersonorgunitdn","saml:edupersonprimaryaffiliation","saml:edupersonprimaryorgunitdn","saml:edupersonprincipalname","saml:edupersonscopedaffiliation","saml:edupersontargetedid","saml:givenName","saml:iss","saml:mail","saml:name","saml:namequalifier","saml:organizationStatus","saml:primaryGroupSID","saml:sub","saml:sub_type","saml:surname","saml:uid","saml:x500UniqueIdentifier","sts:RoleSessionName","sts:SourceIdentity","sts:TransitiveTagKeys"],"resources":[{"name":"role"}],"description":"Grants permission to obtain a set of temporary security credentials for users who have been authenticated via a SAML authentication response","accessLevel":"Write","resourceTypes":[{"name":"role","required":true}],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithSAML.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-AssumeRoleWithSAML"},"AssumeRoleWithWebIdentity":{"name":"AssumeRoleWithWebIdentity","service":"sts","conditionKeys":["accounts.google.com:aud","accounts.google.com:oaud","accounts.google.com:sub","aws:RequestTag/${TagKey}","aws:TagKeys","cognito-identity.amazonaws.com:amr","cognito-identity.amazonaws.com:aud","cognito-identity.amazonaws.com:sub","graph.facebook.com:app_id","graph.facebook.com:id","sts:RoleSessionName","sts:SourceIdentity","sts:TransitiveTagKeys","www.amazon.com:app_id","www.amazon.com:user_id"],"resources":[{"name":"role"}],"description":"Grants permission to obtain a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider","accessLevel":"Write","resourceTypes":[{"name":"role","required":true}],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-AssumeRoleWithWebIdentity"},"AssumeRoot":{"name":"AssumeRoot","service":"sts","conditionKeys":["sts:TaskPolicyArn"],"resources":[{"name":"root-user"}],"description":"Grants permission to obtain a set of temporary security credentials that you can use to perform privileged tasks in member accounts in your organization","accessLevel":"Write","resourceTypes":[{"name":"root-user","required":true}],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoot.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-AssumeRoot"},"DecodeAuthorizationMessage":{"name":"DecodeAuthorizationMessage","service":"sts","conditionKeys":[],"resources":[],"description":"Grants permission to decode additional information about the authorization status of a request from an encoded message returned in response to an AWS request","accessLevel":"Write","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_DecodeAuthorizationMessage.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-DecodeAuthorizationMessage"},"GetAccessKeyInfo":{"name":"GetAccessKeyInfo","service":"sts","conditionKeys":[],"resources":[],"description":"Grants permission to obtain details about the access key id passed as a parameter to the request","accessLevel":"Read","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetAccessKeyInfo.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetAccessKeyInfo"},"GetCallerIdentity":{"name":"GetCallerIdentity","service":"sts","conditionKeys":[],"resources":[],"description":"Grants permission to obtain details about the IAM identity whose credentials are used to call the API","accessLevel":"Read","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetCallerIdentity"},"GetDelegatedAccessToken":{"name":"GetDelegatedAccessToken","service":"sts","conditionKeys":[],"resources":[],"description":"Returns temporary security credentials for accessing an AWS account after temporary delegation request approval. This API requires the tradeInToken provided upon request delegation approval and is intended to be used only by Amazon or AWS Partners","accessLevel":"Write","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetDelegatedAccessToken.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetDelegatedAccessToken"},"GetFederationToken":{"name":"GetFederationToken","service":"sts","conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[{"name":"federated-user"}],"description":"Grants permission to obtain a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a federated user","accessLevel":"Read","resourceTypes":[{"name":"federated-user","required":false}],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetFederationToken.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetFederationToken"},"GetServiceBearerToken":{"name":"GetServiceBearerToken","service":"sts","conditionKeys":["sts:AWSServiceName","sts:DurationSeconds"],"resources":[],"description":"Grants permission to obtain a STS bearer token for an AWS root user, IAM role, or an IAM user","accessLevel":"Read","resourceTypes":[],"permissionOnly":true,"operationUrl":"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_bearer.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetServiceBearerToken"},"GetSessionToken":{"name":"GetSessionToken","service":"sts","conditionKeys":[],"resources":[],"description":"Grants permission to obtain a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for an AWS account or IAM user","accessLevel":"Read","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetSessionToken"},"GetWebIdentityToken":{"name":"GetWebIdentityToken","service":"sts","conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","sts:DurationSeconds","sts:IdentityTokenAudience","sts:SigningAlgorithm"],"resources":[],"description":"Grants permission to obtain a short-lived, publicly verifiable JSON Web Token (JWT) that represents the calling IAM principal's identity","accessLevel":"Write","resourceTypes":[],"operationUrl":"https://docs.aws.amazon.com/STS/latest/APIReference/API_GetWebIdentityToken.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-GetWebIdentityToken"},"SetContext":{"name":"SetContext","service":"sts","conditionKeys":["sts:RequestContext/${ContextKey}","sts:RequestContextProviders"],"resources":[{"name":"role"},{"name":"self-session"}],"description":"Grants permission to set context keys on a STS session","accessLevel":"Write","resourceTypes":[{"name":"role","required":false},{"name":"self-session","required":false}],"permissionOnly":true,"operationUrl":"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-sts","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-SetContext"},"SetSourceIdentity":{"name":"SetSourceIdentity","service":"sts","conditionKeys":["sts:SourceIdentity"],"resources":[{"name":"role"}],"description":"Grants permission to set a source identity on a STS session","accessLevel":"Write","resourceTypes":[{"name":"role","required":false}],"permissionOnly":true,"operationUrl":"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html#id_credentials_temp_control-access_monitor-perms","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-SetSourceIdentity"},"TagGetWebIdentityToken":{"name":"TagGetWebIdentityToken","service":"sts","conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys"],"resources":[],"description":"Grants permission to add tags to the JSON Web Token (JWT) generated by the GetWebIdentityToken API","accessLevel":"Tagging","resourceTypes":[],"permissionOnly":true,"operationUrl":"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_web_identity_token_tags.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-TagGetWebIdentityToken"},"TagSession":{"name":"TagSession","service":"sts","conditionKeys":["aws:RequestTag/${TagKey}","aws:TagKeys","saml:aud","sts:TransitiveTagKeys"],"resources":[{"name":"role"}],"description":"Grants permission to add tags to a STS session","accessLevel":"Tagging","resourceTypes":[{"name":"role","required":false}],"permissionOnly":true,"operationUrl":"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html","iamUrl":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html#awssecuritytokenservice-TagSession"}},"resources":[{"service":"sts","name":"context-provider","arnFormats":["arn:${Partition}:iam::aws:contextProvider/${ContextProviderName}"],"conditionKeys":[]},{"service":"sts","name":"federated-user","arnFormats":["arn:${Partition}:sts::${Account}:federated-user/${FederatedUserName}"],"conditionKeys":[]},{"service":"sts","name":"role","arnFormats":["arn:${Partition}:iam::${Account}:role/${RoleNameWithPath}"],"conditionKeys":["aws:ResourceTag/${TagKey}","iam:ResourceTag/${TagKey}"]},{"service":"sts","name":"root-user","arnFormats":["arn:${Partition}:iam::${Account}:root"],"conditionKeys":[]},{"service":"sts","name":"self-session","arnFormats":["arn:${Partition}:sts::${Account}:self"],"conditionKeys":[]}],"conditionKeys":{"accounts.google.com:aud":{"name":"accounts.google.com:aud","types":["String"],"description":"Filters access by the Google application ID"},"accounts.google.com:oaud":{"name":"accounts.google.com:oaud","types":["String"],"description":"Filters access by the Google audience"},"accounts.google.com:sub":{"name":"accounts.google.com:sub","types":["String"],"description":"Filters access by the subject of the claim (the Google user ID)"},"aws:RequestTag/${TagKey}":{"name":"aws:RequestTag/${TagKey}","types":["String"],"description":"Filters access by the tags that are passed in the request"},"aws:ResourceTag/${TagKey}":{"name":"aws:ResourceTag/${TagKey}","types":["String"],"description":"Filters access by the tags associated with the resource"},"aws:TagKeys":{"name":"aws:TagKeys","types":["ArrayOfString"],"description":"Filters access by the tag keys that are passed in the request"},"cognito-identity.amazonaws.com:amr":{"name":"cognito-identity.amazonaws.com:amr","types":["String"],"description":"Filters access by the login information for Amazon Cognito"},"cognito-identity.amazonaws.com:aud":{"name":"cognito-identity.amazonaws.com:aud","types":["String"],"description":"Filters access by the Amazon Cognito identity pool ID"},"cognito-identity.amazonaws.com:sub":{"name":"cognito-identity.amazonaws.com:sub","types":["String"],"description":"Filters access by the subject of the claim (the Amazon Cognito user ID)"},"graph.facebook.com:app_id":{"name":"graph.facebook.com:app_id","types":["String"],"description":"Filters access by the Facebook application ID"},"graph.facebook.com:id":{"name":"graph.facebook.com:id","types":["String"],"description":"Filters access by the Facebook user ID"},"iam:ResourceTag/${TagKey}":{"name":"iam:ResourceTag/${TagKey}","types":["String"],"description":"Filters access by the tags that are attached to the role that is being assumed"},"saml:aud":{"name":"saml:aud","types":["String"],"description":"Filters access by the endpoint URL to which SAML assertions are presented"},"saml:cn":{"name":"saml:cn","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:commonName":{"name":"saml:commonName","types":["String"],"description":"Filters access by the commonName attribute"},"saml:doc":{"name":"saml:doc","types":["String"],"description":"Filters access by on the principal that was used to assume the role"},"saml:eduorghomepageuri":{"name":"saml:eduorghomepageuri","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:eduorgidentityauthnpolicyuri":{"name":"saml:eduorgidentityauthnpolicyuri","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:eduorglegalname":{"name":"saml:eduorglegalname","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:eduorgsuperioruri":{"name":"saml:eduorgsuperioruri","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:eduorgwhitepagesuri":{"name":"saml:eduorgwhitepagesuri","types":["ArrayOfString"],"description":"Filters access by the eduOrg attribute"},"saml:edupersonaffiliation":{"name":"saml:edupersonaffiliation","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonassurance":{"name":"saml:edupersonassurance","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonentitlement":{"name":"saml:edupersonentitlement","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonnickname":{"name":"saml:edupersonnickname","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonorgdn":{"name":"saml:edupersonorgdn","types":["String"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonorgunitdn":{"name":"saml:edupersonorgunitdn","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonprimaryaffiliation":{"name":"saml:edupersonprimaryaffiliation","types":["String"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonprimaryorgunitdn":{"name":"saml:edupersonprimaryorgunitdn","types":["String"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonprincipalname":{"name":"saml:edupersonprincipalname","types":["String"],"description":"Filters access by the eduPerson attribute"},"saml:edupersonscopedaffiliation":{"name":"saml:edupersonscopedaffiliation","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:edupersontargetedid":{"name":"saml:edupersontargetedid","types":["ArrayOfString"],"description":"Filters access by the eduPerson attribute"},"saml:givenName":{"name":"saml:givenName","types":["String"],"description":"Filters access by the givenName attribute"},"saml:iss":{"name":"saml:iss","types":["String"],"description":"Filters access by on the issuer, which is represented by a URN"},"saml:mail":{"name":"saml:mail","types":["String"],"description":"Filters access by the mail attribute"},"saml:name":{"name":"saml:name","types":["String"],"description":"Filters access by the name attribute"},"saml:namequalifier":{"name":"saml:namequalifier","types":["String"],"description":"Filters access by the hash value of the issuer, account ID, and friendly name"},"saml:organizationStatus":{"name":"saml:organizationStatus","types":["String"],"description":"Filters access by the organizationStatus attribute"},"saml:primaryGroupSID":{"name":"saml:primaryGroupSID","types":["String"],"description":"Filters access by the primaryGroupSID attribute"},"saml:sub":{"name":"saml:sub","types":["String"],"description":"Filters access by the subject of the claim (the SAML user ID)"},"saml:sub_type":{"name":"saml:sub_type","types":["String"],"description":"Filters access by the value persistent, transient, or the full Format URI"},"saml:surname":{"name":"saml:surname","types":["String"],"description":"Filters access by the surname attribute"},"saml:uid":{"name":"saml:uid","types":["String"],"description":"Filters access by the uid attribute"},"saml:x500UniqueIdentifier":{"name":"saml:x500UniqueIdentifier","types":["String"],"description":"Filters access by the uid attribute"},"sts:AWSServiceName":{"name":"sts:AWSServiceName","types":["String"],"description":"Filters access by the service that is obtaining a bearer token"},"sts:DurationSeconds":{"name":"sts:DurationSeconds","types":["Numeric"],"description":"Filters access by the duration in seconds when getting a bearer token or a JSON Web Token (JWT) from the GetWebIdentityToken API"},"sts:ExternalId":{"name":"sts:ExternalId","types":["String"],"description":"Filters access by the unique identifier required when you assume a role in another account"},"sts:IdentityTokenAudience":{"name":"sts:IdentityTokenAudience","types":["ArrayOfString"],"description":"Filters access by the audience that is passed in the request"},"sts:RequestContext/${ContextKey}":{"name":"sts:RequestContext/${ContextKey}","types":["String"],"description":"Filters access by the session context key-value pairs embedded in the signed context assertion retrieved from a trusted context provider"},"sts:RequestContextProviders":{"name":"sts:RequestContextProviders","types":["ArrayOfARN"],"description":"Filters access by the context provider ARNs"},"sts:RoleSessionName":{"name":"sts:RoleSessionName","types":["String"],"description":"Filters access by the role session name required when you assume a role"},"sts:SigningAlgorithm":{"name":"sts:SigningAlgorithm","types":["String"],"description":"Filters access by the signing algorithm that is passed in the request"},"sts:SourceIdentity":{"name":"sts:SourceIdentity","types":["String"],"description":"Filters access by the source identity that is passed in the request"},"sts:TaskPolicyArn":{"name":"sts:TaskPolicyArn","types":["ARN"],"description":"Filters access by TaskPolicyARN"},"sts:TransitiveTagKeys":{"name":"sts:TransitiveTagKeys","types":["ArrayOfString"],"description":"Filters access by the transitive tag keys that are passed in the request"},"www.amazon.com:app_id":{"name":"www.amazon.com:app_id","types":["String"],"description":"Filters access by the Login with Amazon application ID"},"www.amazon.com:user_id":{"name":"www.amazon.com:user_id","types":["String"],"description":"Filters access by the Login with Amazon user ID"}},"url":"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html"}
package/src/lib/treesitter/yaml.js CHANGED
@@ -141,10 +141,13 @@ export class TreeYaml extends TreeBase {
141
141
  }
142
142
  return entries;
143
143
  }
144
+ #getPairValueNode(pair) {
145
+ return pair.namedChildren.find((child, i) => i > 0 && child.type !== 'comment') ?? null;
146
+ }
144
147
  #readPairStatementValues(pair) {
145
- if (pair.namedChildren.length < 2)
148
+ const valueNode = this.#getPairValueNode(pair);
149
+ if (!valueNode)
146
150
  return [];
147
- const valueNode = pair.namedChildren[1];
148
151
  // Direct flow_node scalar
149
152
  if (valueNode.type === 'flow_node') {
150
153
  return this.#flowNodeToStatementValue(valueNode);
@@ -188,14 +191,15 @@ export class TreeYaml extends TreeBase {
188
191
  return [{ text, range: nodeRange(flowNode) }];
189
192
  }
190
193
  #getPairValueRange(pair) {
191
- if (pair.namedChildren.length < 2) {
194
+ const valueNode = this.#getPairValueNode(pair);
195
+ if (!valueNode) {
192
196
  // No value — zero-width range at key end
193
197
  return {
194
198
  start: { line: pair.endPosition.row, character: pair.endPosition.column },
195
199
  end: { line: pair.endPosition.row, character: pair.endPosition.column },
196
200
  };
197
201
  }
198
- return nodeRange(pair.namedChildren[1]);
202
+ return nodeRange(valueNode);
199
203
  }
200
204
  /**
201
205
  * Traverse the tree from root, collecting every block_mapping that sits inside
@@ -608,9 +612,9 @@ export class TreeYaml extends TreeBase {
608
612
  * Find a block_mapping in a pair's value, unwrapping block_node if present.
609
613
  */
610
614
  #findValueBlockMapping(pair) {
611
- if (pair.namedChildren.length < 2)
615
+ let value = this.#getPairValueNode(pair);
616
+ if (!value)
612
617
  return null;
613
- let value = pair.namedChildren[1];
614
618
  if (value.type === 'block_node')
615
619
  value = value.namedChildren[0] ?? null;
616
620
  return value?.type === 'block_mapping' ? value : null;
@@ -619,9 +623,9 @@ export class TreeYaml extends TreeBase {
619
623
  * Find a block_sequence in a pair's value, unwrapping block_node if present.
620
624
  */
621
625
  #findValueBlockSequence(pair) {
622
- if (pair.namedChildren.length < 2)
626
+ let value = this.#getPairValueNode(pair);
627
+ if (!value)
623
628
  return null;
624
- let value = pair.namedChildren[1];
625
629
  if (value.type === 'block_node')
626
630
  value = value.namedChildren[0] ?? null;
627
631
  return value?.type === 'block_sequence' ? value : null;
@@ -984,9 +988,9 @@ export class TreeYaml extends TreeBase {
984
988
  * Read string values from a mapping pair's value (scalar, block sequence, or flow sequence).
985
989
  */
986
990
  #readPairStringValues(pair) {
987
- if (pair.namedChildren.length < 2)
991
+ const valueNode = this.#getPairValueNode(pair);
992
+ if (!valueNode)
988
993
  return [];
989
- const valueNode = pair.namedChildren[1];
990
994
  // Direct flow_node scalar
991
995
  if (valueNode.type === 'flow_node') {
992
996
  const text = this.#getScalarText(valueNode);