Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@aws-sdk/client-sts

Package Overview
Dependencies
Maintainers
5
Versions
402
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@aws-sdk/client-sts - npm Package Compare versions

Comparing version 1.0.0-rc.9 to 1.0.0-rc.10

12

CHANGELOG.md

@@ -6,2 +6,14 @@ # Change Log

# [1.0.0-rc.10](https://github.com/aws/aws-sdk-js-v3/compare/v1.0.0-rc.9...v1.0.0-rc.10) (2020-12-15)
### Features
* update clients as of 12/12/2020 ([#1771](https://github.com/aws/aws-sdk-js-v3/issues/1771)) ([f69ff44](https://github.com/aws/aws-sdk-js-v3/commit/f69ff440a79018ad69fcb26ad46e3db65b23ce71))
* update clients as of 12/12/2020 with model fixes ([#1774](https://github.com/aws/aws-sdk-js-v3/issues/1774)) ([54e8715](https://github.com/aws/aws-sdk-js-v3/commit/54e87151877dd5cf9a5f256698c088cc7a856225))
# [1.0.0-rc.9](https://github.com/aws/aws-sdk-js-v3/compare/v1.0.0-rc.8...v1.0.0-rc.9) (2020-12-11)

@@ -8,0 +20,0 @@

44

dist/cjs/package.json
{
"name": "@aws-sdk/client-sts",
"description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native",
"version": "1.0.0-rc.9",
"version": "1.0.0-rc.10",
"scripts": {

@@ -31,21 +31,21 @@ "clean": "yarn remove-definitions && yarn remove-dist && yarn remove-documentation",

"@aws-crypto/sha256-js": "^1.0.0",
"@aws-sdk/config-resolver": "1.0.0-rc.9",
"@aws-sdk/credential-provider-node": "1.0.0-rc.9",
"@aws-sdk/fetch-http-handler": "1.0.0-rc.8",
"@aws-sdk/hash-node": "1.0.0-rc.8",
"@aws-sdk/config-resolver": "1.0.0-rc.10",
"@aws-sdk/credential-provider-node": "1.0.0-rc.10",
"@aws-sdk/fetch-http-handler": "1.0.0-rc.10",
"@aws-sdk/hash-node": "1.0.0-rc.10",
"@aws-sdk/invalid-dependency": "1.0.0-rc.8",
"@aws-sdk/middleware-content-length": "1.0.0-rc.8",
"@aws-sdk/middleware-host-header": "1.0.0-rc.8",
"@aws-sdk/middleware-logger": "1.0.0-rc.8",
"@aws-sdk/middleware-retry": "1.0.0-rc.9",
"@aws-sdk/middleware-serde": "1.0.0-rc.8",
"@aws-sdk/middleware-signing": "1.0.0-rc.9",
"@aws-sdk/middleware-stack": "1.0.0-rc.8",
"@aws-sdk/middleware-user-agent": "1.0.0-rc.8",
"@aws-sdk/node-config-provider": "1.0.0-rc.9",
"@aws-sdk/node-http-handler": "1.0.0-rc.8",
"@aws-sdk/protocol-http": "1.0.0-rc.8",
"@aws-sdk/smithy-client": "1.0.0-rc.8",
"@aws-sdk/url-parser-browser": "1.0.0-rc.8",
"@aws-sdk/url-parser-node": "1.0.0-rc.9",
"@aws-sdk/middleware-content-length": "1.0.0-rc.10",
"@aws-sdk/middleware-host-header": "1.0.0-rc.10",
"@aws-sdk/middleware-logger": "1.0.0-rc.10",
"@aws-sdk/middleware-retry": "1.0.0-rc.10",
"@aws-sdk/middleware-serde": "1.0.0-rc.10",
"@aws-sdk/middleware-signing": "1.0.0-rc.10",
"@aws-sdk/middleware-stack": "1.0.0-rc.10",
"@aws-sdk/middleware-user-agent": "1.0.0-rc.10",
"@aws-sdk/node-config-provider": "1.0.0-rc.10",
"@aws-sdk/node-http-handler": "1.0.0-rc.10",
"@aws-sdk/protocol-http": "1.0.0-rc.10",
"@aws-sdk/smithy-client": "1.0.0-rc.10",
"@aws-sdk/url-parser-browser": "1.0.0-rc.10",
"@aws-sdk/url-parser-node": "1.0.0-rc.10",
"@aws-sdk/util-base64-browser": "1.0.0-rc.8",

@@ -55,4 +55,4 @@ "@aws-sdk/util-base64-node": "1.0.0-rc.8",

"@aws-sdk/util-body-length-node": "1.0.0-rc.8",
"@aws-sdk/util-user-agent-browser": "1.0.0-rc.8",
"@aws-sdk/util-user-agent-node": "1.0.0-rc.8",
"@aws-sdk/util-user-agent-browser": "1.0.0-rc.10",
"@aws-sdk/util-user-agent-node": "1.0.0-rc.10",
"@aws-sdk/util-utf8-browser": "1.0.0-rc.8",

@@ -65,3 +65,3 @@ "@aws-sdk/util-utf8-node": "1.0.0-rc.8",

"@aws-sdk/client-documentation-generator": "1.0.0-rc.8",
"@aws-sdk/types": "1.0.0-rc.8",
"@aws-sdk/types": "1.0.0-rc.10",
"@types/node": "^12.7.5",

@@ -68,0 +68,0 @@ "jest": "^26.1.0",

243

dist/cjs/protocols/Aws_query.js

@@ -9,3 +9,3 @@ "use strict";

const headers = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -23,3 +23,3 @@ let body;

const headers = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -37,3 +37,3 @@ let body;

const headers = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -51,3 +51,3 @@ let body;

const headers = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -65,3 +65,3 @@ let body;

const headers = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -79,3 +79,3 @@ let body;

const headers = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -93,3 +93,3 @@ let body;

const headers = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -107,3 +107,3 @@ let body;

const headers = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -697,12 +697,9 @@ let body;

const entries = {};
if (input.DurationSeconds !== undefined) {
entries["DurationSeconds"] = input.DurationSeconds;
if (input.RoleArn !== undefined && input.RoleArn !== null) {
entries["RoleArn"] = input.RoleArn;
}
if (input.RoleSessionName !== undefined) {
if (input.RoleSessionName !== undefined && input.RoleSessionName !== null) {
entries["RoleSessionName"] = input.RoleSessionName;
}
if (input.TokenCode !== undefined) {
entries["TokenCode"] = input.TokenCode;
}
if (input.PolicyArns !== undefined) {
if (input.PolicyArns !== undefined && input.PolicyArns !== null) {
const memberEntries = serializeAws_querypolicyDescriptorListType(input.PolicyArns, context);

@@ -714,9 +711,9 @@ Object.entries(memberEntries).forEach(([key, value]) => {

}
if (input.RoleArn !== undefined) {
entries["RoleArn"] = input.RoleArn;
}
if (input.Policy !== undefined) {
if (input.Policy !== undefined && input.Policy !== null) {
entries["Policy"] = input.Policy;
}
if (input.Tags !== undefined) {
if (input.DurationSeconds !== undefined && input.DurationSeconds !== null) {
entries["DurationSeconds"] = input.DurationSeconds;
}
if (input.Tags !== undefined && input.Tags !== null) {
const memberEntries = serializeAws_querytagListType(input.Tags, context);

@@ -728,6 +725,3 @@ Object.entries(memberEntries).forEach(([key, value]) => {

}
if (input.ExternalId !== undefined) {
entries["ExternalId"] = input.ExternalId;
}
if (input.TransitiveTagKeys !== undefined) {
if (input.TransitiveTagKeys !== undefined && input.TransitiveTagKeys !== null) {
const memberEntries = serializeAws_querytagKeyListType(input.TransitiveTagKeys, context);

@@ -739,5 +733,11 @@ Object.entries(memberEntries).forEach(([key, value]) => {

}
if (input.SerialNumber !== undefined) {
if (input.ExternalId !== undefined && input.ExternalId !== null) {
entries["ExternalId"] = input.ExternalId;
}
if (input.SerialNumber !== undefined && input.SerialNumber !== null) {
entries["SerialNumber"] = input.SerialNumber;
}
if (input.TokenCode !== undefined && input.TokenCode !== null) {
entries["TokenCode"] = input.TokenCode;
}
return entries;

@@ -747,9 +747,12 @@ };

const entries = {};
if (input.Policy !== undefined) {
entries["Policy"] = input.Policy;
}
if (input.RoleArn !== undefined) {
if (input.RoleArn !== undefined && input.RoleArn !== null) {
entries["RoleArn"] = input.RoleArn;
}
if (input.PolicyArns !== undefined) {
if (input.PrincipalArn !== undefined && input.PrincipalArn !== null) {
entries["PrincipalArn"] = input.PrincipalArn;
}
if (input.SAMLAssertion !== undefined && input.SAMLAssertion !== null) {
entries["SAMLAssertion"] = input.SAMLAssertion;
}
if (input.PolicyArns !== undefined && input.PolicyArns !== null) {
const memberEntries = serializeAws_querypolicyDescriptorListType(input.PolicyArns, context);

@@ -761,9 +764,6 @@ Object.entries(memberEntries).forEach(([key, value]) => {

}
if (input.PrincipalArn !== undefined) {
entries["PrincipalArn"] = input.PrincipalArn;
if (input.Policy !== undefined && input.Policy !== null) {
entries["Policy"] = input.Policy;
}
if (input.SAMLAssertion !== undefined) {
entries["SAMLAssertion"] = input.SAMLAssertion;
}
if (input.DurationSeconds !== undefined) {
if (input.DurationSeconds !== undefined && input.DurationSeconds !== null) {
entries["DurationSeconds"] = input.DurationSeconds;

@@ -775,21 +775,15 @@ }

const entries = {};
if (input.WebIdentityToken !== undefined) {
entries["WebIdentityToken"] = input.WebIdentityToken;
if (input.RoleArn !== undefined && input.RoleArn !== null) {
entries["RoleArn"] = input.RoleArn;
}
if (input.ProviderId !== undefined) {
entries["ProviderId"] = input.ProviderId;
}
if (input.Policy !== undefined) {
entries["Policy"] = input.Policy;
}
if (input.RoleSessionName !== undefined) {
if (input.RoleSessionName !== undefined && input.RoleSessionName !== null) {
entries["RoleSessionName"] = input.RoleSessionName;
}
if (input.RoleArn !== undefined) {
entries["RoleArn"] = input.RoleArn;
if (input.WebIdentityToken !== undefined && input.WebIdentityToken !== null) {
entries["WebIdentityToken"] = input.WebIdentityToken;
}
if (input.DurationSeconds !== undefined) {
entries["DurationSeconds"] = input.DurationSeconds;
if (input.ProviderId !== undefined && input.ProviderId !== null) {
entries["ProviderId"] = input.ProviderId;
}
if (input.PolicyArns !== undefined) {
if (input.PolicyArns !== undefined && input.PolicyArns !== null) {
const memberEntries = serializeAws_querypolicyDescriptorListType(input.PolicyArns, context);

@@ -801,2 +795,8 @@ Object.entries(memberEntries).forEach(([key, value]) => {

}
if (input.Policy !== undefined && input.Policy !== null) {
entries["Policy"] = input.Policy;
}
if (input.DurationSeconds !== undefined && input.DurationSeconds !== null) {
entries["DurationSeconds"] = input.DurationSeconds;
}
return entries;

@@ -806,3 +806,3 @@ };

const entries = {};
if (input.EncodedMessage !== undefined) {
if (input.EncodedMessage !== undefined && input.EncodedMessage !== null) {
entries["EncodedMessage"] = input.EncodedMessage;

@@ -814,3 +814,3 @@ }

const entries = {};
if (input.AccessKeyId !== undefined) {
if (input.AccessKeyId !== undefined && input.AccessKeyId !== null) {
entries["AccessKeyId"] = input.AccessKeyId;

@@ -826,25 +826,25 @@ }

const entries = {};
if (input.Policy !== undefined) {
if (input.Name !== undefined && input.Name !== null) {
entries["Name"] = input.Name;
}
if (input.Policy !== undefined && input.Policy !== null) {
entries["Policy"] = input.Policy;
}
if (input.Tags !== undefined) {
const memberEntries = serializeAws_querytagListType(input.Tags, context);
if (input.PolicyArns !== undefined && input.PolicyArns !== null) {
const memberEntries = serializeAws_querypolicyDescriptorListType(input.PolicyArns, context);
Object.entries(memberEntries).forEach(([key, value]) => {
const loc = `Tags.${key}`;
const loc = `PolicyArns.${key}`;
entries[loc] = value;
});
}
if (input.Name !== undefined) {
entries["Name"] = input.Name;
if (input.DurationSeconds !== undefined && input.DurationSeconds !== null) {
entries["DurationSeconds"] = input.DurationSeconds;
}
if (input.PolicyArns !== undefined) {
const memberEntries = serializeAws_querypolicyDescriptorListType(input.PolicyArns, context);
if (input.Tags !== undefined && input.Tags !== null) {
const memberEntries = serializeAws_querytagListType(input.Tags, context);
Object.entries(memberEntries).forEach(([key, value]) => {
const loc = `PolicyArns.${key}`;
const loc = `Tags.${key}`;
entries[loc] = value;
});
}
if (input.DurationSeconds !== undefined) {
entries["DurationSeconds"] = input.DurationSeconds;
}
return entries;

@@ -854,9 +854,9 @@ };

const entries = {};
if (input.SerialNumber !== undefined) {
if (input.DurationSeconds !== undefined && input.DurationSeconds !== null) {
entries["DurationSeconds"] = input.DurationSeconds;
}
if (input.SerialNumber !== undefined && input.SerialNumber !== null) {
entries["SerialNumber"] = input.SerialNumber;
}
if (input.DurationSeconds !== undefined) {
entries["DurationSeconds"] = input.DurationSeconds;
}
if (input.TokenCode !== undefined) {
if (input.TokenCode !== undefined && input.TokenCode !== null) {
entries["TokenCode"] = input.TokenCode;

@@ -870,2 +870,5 @@ }

for (let entry of input) {
if (entry === null) {
continue;
}
const memberEntries = serializeAws_queryPolicyDescriptorType(entry, context);

@@ -881,3 +884,3 @@ Object.entries(memberEntries).forEach(([key, value]) => {

const entries = {};
if (input.arn !== undefined) {
if (input.arn !== undefined && input.arn !== null) {
entries["arn"] = input.arn;

@@ -889,6 +892,6 @@ }

const entries = {};
if (input.Key !== undefined) {
if (input.Key !== undefined && input.Key !== null) {
entries["Key"] = input.Key;
}
if (input.Value !== undefined) {
if (input.Value !== undefined && input.Value !== null) {
entries["Value"] = input.Value;

@@ -902,2 +905,5 @@ }

for (let entry of input) {
if (entry === null) {
continue;
}
entries[`member.${counter}`] = entry;

@@ -912,2 +918,5 @@ counter++;

for (let entry of input) {
if (entry === null) {
continue;
}
const memberEntries = serializeAws_queryTag(entry, context);

@@ -923,11 +932,11 @@ Object.entries(memberEntries).forEach(([key, value]) => {

let contents = {
AssumedRoleId: undefined,
Arn: undefined,
AssumedRoleId: undefined,
};
if (output["AssumedRoleId"] !== undefined) {
contents.AssumedRoleId = output["AssumedRoleId"];
}
if (output["Arn"] !== undefined) {
contents.Arn = output["Arn"];
}
if (output["AssumedRoleId"] !== undefined) {
contents.AssumedRoleId = output["AssumedRoleId"];
}
return contents;

@@ -938,4 +947,4 @@ };

Credentials: undefined,
AssumedRoleUser: undefined,
PackedPolicySize: undefined,
AssumedRoleUser: undefined,
};

@@ -945,8 +954,8 @@ if (output["Credentials"] !== undefined) {

}
if (output["AssumedRoleUser"] !== undefined) {
contents.AssumedRoleUser = deserializeAws_queryAssumedRoleUser(output["AssumedRoleUser"], context);
}
if (output["PackedPolicySize"] !== undefined) {
contents.PackedPolicySize = parseInt(output["PackedPolicySize"]);
}
if (output["AssumedRoleUser"] !== undefined) {
contents.AssumedRoleUser = deserializeAws_queryAssumedRoleUser(output["AssumedRoleUser"], context);
}
return contents;

@@ -956,16 +965,19 @@ };

let contents = {
Credentials: undefined,
AssumedRoleUser: undefined,
Credentials: undefined,
PackedPolicySize: undefined,
Subject: undefined,
SubjectType: undefined,
NameQualifier: undefined,
Issuer: undefined,
Audience: undefined,
PackedPolicySize: undefined,
NameQualifier: undefined,
};
if (output["Credentials"] !== undefined) {
contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
}
if (output["AssumedRoleUser"] !== undefined) {
contents.AssumedRoleUser = deserializeAws_queryAssumedRoleUser(output["AssumedRoleUser"], context);
}
if (output["Credentials"] !== undefined) {
contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
if (output["PackedPolicySize"] !== undefined) {
contents.PackedPolicySize = parseInt(output["PackedPolicySize"]);
}

@@ -978,5 +990,2 @@ if (output["Subject"] !== undefined) {

}
if (output["NameQualifier"] !== undefined) {
contents.NameQualifier = output["NameQualifier"];
}
if (output["Issuer"] !== undefined) {

@@ -988,4 +997,4 @@ contents.Issuer = output["Issuer"];

}
if (output["PackedPolicySize"] !== undefined) {
contents.PackedPolicySize = parseInt(output["PackedPolicySize"]);
if (output["NameQualifier"] !== undefined) {
contents.NameQualifier = output["NameQualifier"];
}

@@ -996,9 +1005,18 @@ return contents;

let contents = {
Credentials: undefined,
SubjectFromWebIdentityToken: undefined,
AssumedRoleUser: undefined,
PackedPolicySize: undefined,
Provider: undefined,
Audience: undefined,
SubjectFromWebIdentityToken: undefined,
Credentials: undefined,
AssumedRoleUser: undefined,
};
if (output["Credentials"] !== undefined) {
contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
}
if (output["SubjectFromWebIdentityToken"] !== undefined) {
contents.SubjectFromWebIdentityToken = output["SubjectFromWebIdentityToken"];
}
if (output["AssumedRoleUser"] !== undefined) {
contents.AssumedRoleUser = deserializeAws_queryAssumedRoleUser(output["AssumedRoleUser"], context);
}
if (output["PackedPolicySize"] !== undefined) {

@@ -1013,11 +1031,2 @@ contents.PackedPolicySize = parseInt(output["PackedPolicySize"]);

}
if (output["SubjectFromWebIdentityToken"] !== undefined) {
contents.SubjectFromWebIdentityToken = output["SubjectFromWebIdentityToken"];
}
if (output["Credentials"] !== undefined) {
contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
}
if (output["AssumedRoleUser"] !== undefined) {
contents.AssumedRoleUser = deserializeAws_queryAssumedRoleUser(output["AssumedRoleUser"], context);
}
return contents;

@@ -1027,18 +1036,18 @@ };

let contents = {
Expiration: undefined,
AccessKeyId: undefined,
SecretAccessKey: undefined,
SessionToken: undefined,
SecretAccessKey: undefined,
Expiration: undefined,
};
if (output["Expiration"] !== undefined) {
contents.Expiration = new Date(output["Expiration"]);
}
if (output["AccessKeyId"] !== undefined) {
contents.AccessKeyId = output["AccessKeyId"];
}
if (output["SecretAccessKey"] !== undefined) {
contents.SecretAccessKey = output["SecretAccessKey"];
}
if (output["SessionToken"] !== undefined) {
contents.SessionToken = output["SessionToken"];
}
if (output["SecretAccessKey"] !== undefined) {
contents.SecretAccessKey = output["SecretAccessKey"];
if (output["Expiration"] !== undefined) {
contents.Expiration = new Date(output["Expiration"]);
}

@@ -1089,9 +1098,6 @@ return contents;

let contents = {
Arn: undefined,
UserId: undefined,
Account: undefined,
Arn: undefined,
};
if (output["Arn"] !== undefined) {
contents.Arn = output["Arn"];
}
if (output["UserId"] !== undefined) {

@@ -1103,2 +1109,5 @@ contents.UserId = output["UserId"];

}
if (output["Arn"] !== undefined) {
contents.Arn = output["Arn"];
}
return contents;

@@ -1109,4 +1118,4 @@ };

Credentials: undefined,
FederatedUser: undefined,
PackedPolicySize: undefined,
FederatedUser: undefined,
};

@@ -1116,8 +1125,8 @@ if (output["Credentials"] !== undefined) {

}
if (output["FederatedUser"] !== undefined) {
contents.FederatedUser = deserializeAws_queryFederatedUser(output["FederatedUser"], context);
}
if (output["PackedPolicySize"] !== undefined) {
contents.PackedPolicySize = parseInt(output["PackedPolicySize"]);
}
if (output["FederatedUser"] !== undefined) {
contents.FederatedUser = deserializeAws_queryFederatedUser(output["FederatedUser"], context);
}
return contents;

@@ -1124,0 +1133,0 @@ };

44

dist/es/package.json
{
"name": "@aws-sdk/client-sts",
"description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native",
"version": "1.0.0-rc.9",
"version": "1.0.0-rc.10",
"scripts": {

@@ -31,21 +31,21 @@ "clean": "yarn remove-definitions && yarn remove-dist && yarn remove-documentation",

"@aws-crypto/sha256-js": "^1.0.0",
"@aws-sdk/config-resolver": "1.0.0-rc.9",
"@aws-sdk/credential-provider-node": "1.0.0-rc.9",
"@aws-sdk/fetch-http-handler": "1.0.0-rc.8",
"@aws-sdk/hash-node": "1.0.0-rc.8",
"@aws-sdk/config-resolver": "1.0.0-rc.10",
"@aws-sdk/credential-provider-node": "1.0.0-rc.10",
"@aws-sdk/fetch-http-handler": "1.0.0-rc.10",
"@aws-sdk/hash-node": "1.0.0-rc.10",
"@aws-sdk/invalid-dependency": "1.0.0-rc.8",
"@aws-sdk/middleware-content-length": "1.0.0-rc.8",
"@aws-sdk/middleware-host-header": "1.0.0-rc.8",
"@aws-sdk/middleware-logger": "1.0.0-rc.8",
"@aws-sdk/middleware-retry": "1.0.0-rc.9",
"@aws-sdk/middleware-serde": "1.0.0-rc.8",
"@aws-sdk/middleware-signing": "1.0.0-rc.9",
"@aws-sdk/middleware-stack": "1.0.0-rc.8",
"@aws-sdk/middleware-user-agent": "1.0.0-rc.8",
"@aws-sdk/node-config-provider": "1.0.0-rc.9",
"@aws-sdk/node-http-handler": "1.0.0-rc.8",
"@aws-sdk/protocol-http": "1.0.0-rc.8",
"@aws-sdk/smithy-client": "1.0.0-rc.8",
"@aws-sdk/url-parser-browser": "1.0.0-rc.8",
"@aws-sdk/url-parser-node": "1.0.0-rc.9",
"@aws-sdk/middleware-content-length": "1.0.0-rc.10",
"@aws-sdk/middleware-host-header": "1.0.0-rc.10",
"@aws-sdk/middleware-logger": "1.0.0-rc.10",
"@aws-sdk/middleware-retry": "1.0.0-rc.10",
"@aws-sdk/middleware-serde": "1.0.0-rc.10",
"@aws-sdk/middleware-signing": "1.0.0-rc.10",
"@aws-sdk/middleware-stack": "1.0.0-rc.10",
"@aws-sdk/middleware-user-agent": "1.0.0-rc.10",
"@aws-sdk/node-config-provider": "1.0.0-rc.10",
"@aws-sdk/node-http-handler": "1.0.0-rc.10",
"@aws-sdk/protocol-http": "1.0.0-rc.10",
"@aws-sdk/smithy-client": "1.0.0-rc.10",
"@aws-sdk/url-parser-browser": "1.0.0-rc.10",
"@aws-sdk/url-parser-node": "1.0.0-rc.10",
"@aws-sdk/util-base64-browser": "1.0.0-rc.8",

@@ -55,4 +55,4 @@ "@aws-sdk/util-base64-node": "1.0.0-rc.8",

"@aws-sdk/util-body-length-node": "1.0.0-rc.8",
"@aws-sdk/util-user-agent-browser": "1.0.0-rc.8",
"@aws-sdk/util-user-agent-node": "1.0.0-rc.8",
"@aws-sdk/util-user-agent-browser": "1.0.0-rc.10",
"@aws-sdk/util-user-agent-node": "1.0.0-rc.10",
"@aws-sdk/util-utf8-browser": "1.0.0-rc.8",

@@ -65,3 +65,3 @@ "@aws-sdk/util-utf8-node": "1.0.0-rc.8",

"@aws-sdk/client-documentation-generator": "1.0.0-rc.8",
"@aws-sdk/types": "1.0.0-rc.8",
"@aws-sdk/types": "1.0.0-rc.10",
"@types/node": "^12.7.5",

@@ -68,0 +68,0 @@ "jest": "^26.1.0",

510

models/models_0.ts

@@ -10,2 +10,8 @@ import { SmithyException as __SmithyException } from "@aws-sdk/smithy-client";

/**
* <p>A unique identifier that contains the role ID and the role session name of the role that
* is being assumed. The role ID is generated by AWS when the role is created.</p>
*/
AssumedRoleId: string | undefined;
/**
* <p>The ARN of the temporary security credentials that are returned from the <a>AssumeRole</a> action. For more information about ARNs and how to use them in

@@ -16,8 +22,2 @@ * policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html">IAM Identifiers</a> in the

Arn: string | undefined;
/**
* <p>A unique identifier that contains the role ID and the role session name of the role that
* is being assumed. The role ID is generated by AWS when the role is created.</p>
*/
AssumedRoleId: string | undefined;
}

@@ -82,22 +82,5 @@

/**
* <p>The duration, in seconds, of the role session. The value can range from 900 seconds (15
* minutes) up to the maximum session duration setting for the role. This setting can have a
* value from 1 hour to 12 hours. If you specify a value higher than this setting, the
* operation fails. For example, if you specify a session duration of 12 hours, but your
* administrator set the maximum session duration to 6 hours, your operation fails. To learn
* how to view the maximum value for your role, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session">View the
* Maximum Session Duration Setting for a Role</a> in the
* <i>IAM User Guide</i>.</p>
* <p>By default, the value is set to <code>3600</code> seconds. </p>
* <note>
* <p>The <code>DurationSeconds</code> parameter is separate from the duration of a console
* session that you might request using the returned credentials. The request to the
* federation endpoint for a console sign-in token takes a <code>SessionDuration</code>
* parameter that specifies the maximum length of the console session. For more
* information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html">Creating a URL
* that Enables Federated Users to Access the AWS Management Console</a> in the
* <i>IAM User Guide</i>.</p>
* </note>
* <p>The Amazon Resource Name (ARN) of the role to assume.</p>
*/
DurationSeconds?: number;
RoleArn: string | undefined;

@@ -119,12 +102,2 @@ /**

/**
* <p>The value provided by the MFA device, if the trust policy of the role being assumed
* requires MFA (that is, if the policy includes a condition that tests for MFA). If the role
* being assumed requires MFA and if the <code>TokenCode</code> value is missing or expired,
* the <code>AssumeRole</code> call returns an "access denied" error.</p>
* <p>The format for this parameter, as described by its regex pattern, is a sequence of six
* numeric digits.</p>
*/
TokenCode?: string;
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as

@@ -158,7 +131,2 @@ * managed session policies. The policies must exist in the same account as the role.</p>

/**
* <p>The Amazon Resource Name (ARN) of the role to assume.</p>
*/
RoleArn: string | undefined;
/**
* <p>An IAM policy in JSON format that you want to use as an inline session policy.</p>

@@ -191,2 +159,24 @@ * <p>This parameter is optional. Passing policies to this operation returns new

/**
* <p>The duration, in seconds, of the role session. The value can range from 900 seconds (15
* minutes) up to the maximum session duration setting for the role. This setting can have a
* value from 1 hour to 12 hours. If you specify a value higher than this setting, the
* operation fails. For example, if you specify a session duration of 12 hours, but your
* administrator set the maximum session duration to 6 hours, your operation fails. To learn
* how to view the maximum value for your role, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session">View the
* Maximum Session Duration Setting for a Role</a> in the
* <i>IAM User Guide</i>.</p>
* <p>By default, the value is set to <code>3600</code> seconds. </p>
* <note>
* <p>The <code>DurationSeconds</code> parameter is separate from the duration of a console
* session that you might request using the returned credentials. The request to the
* federation endpoint for a console sign-in token takes a <code>SessionDuration</code>
* parameter that specifies the maximum length of the console session. For more
* information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html">Creating a URL
* that Enables Federated Users to Access the AWS Management Console</a> in the
* <i>IAM User Guide</i>.</p>
* </note>
*/
DurationSeconds?: number;
/**
* <p>A list of session tags that you want to pass. Each session tag consists of a key name

@@ -226,2 +216,14 @@ * and an associated value. For more information about session tags, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Tagging AWS STS

/**
* <p>A list of keys for session tags that you want to set as transitive. If you set a tag key
* as transitive, the corresponding key and value passes to subsequent sessions in a role
* chain. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining">Chaining Roles
* with Session Tags</a> in the <i>IAM User Guide</i>.</p>
* <p>This parameter is optional. When you set session tags as transitive, the session policy
* and session tags packed binary limit is not affected.</p>
* <p>If you choose not to specify a transitive tag key, then no tags are passed from this
* session to any subsequent sessions.</p>
*/
TransitiveTagKeys?: string[];
/**
* <p>A unique identifier that might be required when you assume a role in another account. If

@@ -244,14 +246,2 @@ * the administrator of the account to which the role belongs provided you with an external

/**
* <p>A list of keys for session tags that you want to set as transitive. If you set a tag key
* as transitive, the corresponding key and value passes to subsequent sessions in a role
* chain. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining">Chaining Roles
* with Session Tags</a> in the <i>IAM User Guide</i>.</p>
* <p>This parameter is optional. When you set session tags as transitive, the session policy
* and session tags packed binary limit is not affected.</p>
* <p>If you choose not to specify a transitive tag key, then no tags are passed from this
* session to any subsequent sessions.</p>
*/
TransitiveTagKeys?: string[];
/**
* <p>The identification number of the MFA device that is associated with the user who is

@@ -268,2 +258,12 @@ * making the <code>AssumeRole</code> call. Specify this value if the trust policy of the role

SerialNumber?: string;
/**
* <p>The value provided by the MFA device, if the trust policy of the role being assumed
* requires MFA (that is, if the policy includes a condition that tests for MFA). If the role
* being assumed requires MFA and if the <code>TokenCode</code> value is missing or expired,
* the <code>AssumeRole</code> call returns an "access denied" error.</p>
* <p>The format for this parameter, as described by its regex pattern, is a sequence of six
* numeric digits.</p>
*/
TokenCode?: string;
}

@@ -282,10 +282,10 @@

/**
* <p>The date on which the current credentials expire.</p>
* <p>The access key ID that identifies the temporary security credentials.</p>
*/
Expiration: Date | undefined;
AccessKeyId: string | undefined;
/**
* <p>The access key ID that identifies the temporary security credentials.</p>
* <p>The secret access key that can be used to sign requests.</p>
*/
AccessKeyId: string | undefined;
SecretAccessKey: string | undefined;

@@ -299,5 +299,5 @@ /**

/**
* <p>The secret access key that can be used to sign requests.</p>
* <p>The date on which the current credentials expire.</p>
*/
SecretAccessKey: string | undefined;
Expiration: Date | undefined;
}

@@ -327,9 +327,2 @@

/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
/**
* <p>The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers that you

@@ -342,2 +335,9 @@ * can use to refer to the resulting temporary security credentials. For example, you can

AssumedRoleUser?: AssumedRoleUser;
/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
}

@@ -427,33 +427,20 @@

/**
* <p>An IAM policy in JSON format that you want to use as an inline session policy.</p>
* <p>This parameter is optional. Passing policies to this operation returns new
* temporary credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent AWS API calls to access resources in the account that owns
* the role. You cannot use session policies to grant more permissions than those allowed
* by the identity-based policy of the role that is being assumed. For more information, see
* <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>. </p>
* <p>The plain text that you use for both inline and managed session policies can't exceed
* 2,048 characters. The JSON policy characters can be any ASCII character from the space
* character to the end of the valid character list (\u0020 through \u00FF). It can also
* include the tab (\u0009), linefeed (\u000A), and carriage return (\u000D)
* characters.</p>
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
* <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
*/
Policy?: string;
RoleArn: string | undefined;
/**
* <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
* <p>The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the
* IdP.</p>
*/
RoleArn: string | undefined;
PrincipalArn: string | undefined;
/**
* <p>The base-64 encoded SAML authentication response provided by the IdP.</p>
* <p>For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html">Configuring a Relying Party and
* Adding Claims</a> in the <i>IAM User Guide</i>. </p>
*/
SAMLAssertion: string | undefined;
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as

@@ -486,15 +473,28 @@ * managed session policies. The policies must exist in the same account as the role.</p>

/**
* <p>The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the
* IdP.</p>
* <p>An IAM policy in JSON format that you want to use as an inline session policy.</p>
* <p>This parameter is optional. Passing policies to this operation returns new
* temporary credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent AWS API calls to access resources in the account that owns
* the role. You cannot use session policies to grant more permissions than those allowed
* by the identity-based policy of the role that is being assumed. For more information, see
* <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>. </p>
* <p>The plain text that you use for both inline and managed session policies can't exceed
* 2,048 characters. The JSON policy characters can be any ASCII character from the space
* character to the end of the valid character list (\u0020 through \u00FF). It can also
* include the tab (\u0009), linefeed (\u000A), and carriage return (\u000D)
* characters.</p>
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*/
PrincipalArn: string | undefined;
Policy?: string;
/**
* <p>The base-64 encoded SAML authentication response provided by the IdP.</p>
* <p>For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html">Configuring a Relying Party and
* Adding Claims</a> in the <i>IAM User Guide</i>. </p>
*/
SAMLAssertion: string | undefined;
/**
* <p>The duration, in seconds, of the role session. Your role session lasts for the duration

@@ -537,8 +537,2 @@ * that you specify for the <code>DurationSeconds</code> parameter, or until the time

/**
* <p>The identifiers for the temporary security credentials that the operation
* returns.</p>
*/
AssumedRoleUser?: AssumedRoleUser;
/**
* <p>The temporary security credentials, which include an access key ID, a secret access key,

@@ -554,2 +548,15 @@ * and a security (or session) token.</p>

/**
* <p>The identifiers for the temporary security credentials that the operation
* returns.</p>
*/
AssumedRoleUser?: AssumedRoleUser;
/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
/**
* <p>The value of the <code>NameID</code> element in the <code>Subject</code> element of the

@@ -573,14 +580,2 @@ * SAML assertion.</p>

/**
* <p>A hash value based on the concatenation of the <code>Issuer</code> response value, the
* AWS account ID, and the friendly name (the last part of the ARN) of the SAML provider in
* IAM. The combination of <code>NameQualifier</code> and <code>Subject</code> can be used
* to uniquely identify a federated user. </p>
* <p>The following pseudocode shows how the hash value is calculated:</p>
* <p>
* <code>BASE64 ( SHA1 ( "https://example.com/saml" + "123456789012" + "/MySAMLIdP" ) )</code>
* </p>
*/
NameQualifier?: string;
/**
* <p>The value of the <code>Issuer</code> element of the SAML assertion.</p>

@@ -597,7 +592,12 @@ */

/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
* <p>A hash value based on the concatenation of the <code>Issuer</code> response value, the
* AWS account ID, and the friendly name (the last part of the ARN) of the SAML provider in
* IAM. The combination of <code>NameQualifier</code> and <code>Subject</code> can be used
* to uniquely identify a federated user. </p>
* <p>The following pseudocode shows how the hash value is calculated:</p>
* <p>
* <code>BASE64 ( SHA1 ( "https://example.com/saml" + "123456789012" + "/MySAMLIdP" ) )</code>
* </p>
*/
PackedPolicySize?: number;
NameQualifier?: string;
}

@@ -647,2 +647,19 @@

/**
* <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
*/
RoleArn: string | undefined;
/**
* <p>An identifier for the assumed role session. Typically, you pass the name or identifier
* that is associated with the user who is using your application. That way, the temporary
* security credentials that your application will use are associated with that user. This
* session name is included as part of the ARN and assumed role ID in the
* <code>AssumedRoleUser</code> response element.</p>
* <p>The regex used to validate this parameter is a string of characters
* consisting of upper- and lower-case alphanumeric characters with no spaces. You can
* also include underscores or any of the following characters: =,.@-</p>
*/
RoleSessionName: string | undefined;
/**
* <p>The OAuth 2.0 access token or OpenID Connect ID token that is provided by the identity

@@ -666,2 +683,29 @@ * provider. Your application must get this token by authenticating the user who is using your

/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as
* managed session policies. The policies must exist in the same account as the role.</p>
* <p>This parameter is optional. You can provide up to 10 managed policy ARNs. However, the
* plain text that you use for both inline and managed session policies can't exceed 2,048
* characters. For more information about ARNs, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Names (ARNs) and AWS
* Service Namespaces</a> in the AWS General Reference.</p>
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*
* <p>Passing policies to this operation returns new
* temporary credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent AWS API calls to access resources in the account that owns
* the role. You cannot use session policies to grant more permissions than those allowed
* by the identity-based policy of the role that is being assumed. For more information, see
* <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p>
*/
PolicyArns?: PolicyDescriptorType[];
/**
* <p>An IAM policy in JSON format that you want to use as an inline session policy.</p>

@@ -693,19 +737,2 @@ * <p>This parameter is optional. Passing policies to this operation returns new

/**
* <p>An identifier for the assumed role session. Typically, you pass the name or identifier
* that is associated with the user who is using your application. That way, the temporary
* security credentials that your application will use are associated with that user. This
* session name is included as part of the ARN and assumed role ID in the
* <code>AssumedRoleUser</code> response element.</p>
* <p>The regex used to validate this parameter is a string of characters
* consisting of upper- and lower-case alphanumeric characters with no spaces. You can
* also include underscores or any of the following characters: =,.@-</p>
*/
RoleSessionName: string | undefined;
/**
* <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
*/
RoleArn: string | undefined;
/**
* <p>The duration, in seconds, of the role session. The value can range from 900 seconds (15

@@ -731,29 +758,2 @@ * minutes) up to the maximum session duration setting for the role. This setting can have a

DurationSeconds?: number;
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as
* managed session policies. The policies must exist in the same account as the role.</p>
* <p>This parameter is optional. You can provide up to 10 managed policy ARNs. However, the
* plain text that you use for both inline and managed session policies can't exceed 2,048
* characters. For more information about ARNs, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Names (ARNs) and AWS
* Service Namespaces</a> in the AWS General Reference.</p>
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*
* <p>Passing policies to this operation returns new
* temporary credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent AWS API calls to access resources in the account that owns
* the role. You cannot use session policies to grant more permissions than those allowed
* by the identity-based policy of the role that is being assumed. For more information, see
* <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p>
*/
PolicyArns?: PolicyDescriptorType[];
}

@@ -773,2 +773,31 @@

/**
* <p>The temporary security credentials, which include an access key ID, a secret access key,
* and a security token.</p>
* <note>
* <p>The size of the security token that STS API operations return is not fixed. We
* strongly recommend that you make no assumptions about the maximum size.</p>
* </note>
*/
Credentials?: Credentials;
/**
* <p>The unique user identifier that is returned by the identity provider. This identifier is
* associated with the <code>WebIdentityToken</code> that was submitted with the
* <code>AssumeRoleWithWebIdentity</code> call. The identifier is typically unique to the
* user and the application that acquired the <code>WebIdentityToken</code> (pairwise
* identifier). For OpenID Connect ID tokens, this field contains the value returned by the
* identity provider as the token's <code>sub</code> (Subject) claim. </p>
*/
SubjectFromWebIdentityToken?: string;
/**
* <p>The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers that you
* can use to refer to the resulting temporary security credentials. For example, you can
* reference these credentials as a principal in a resource-based policy by using the ARN or
* assumed role ID. The ARN and ID include the <code>RoleSessionName</code> that you specified
* when you called <code>AssumeRole</code>. </p>
*/
AssumedRoleUser?: AssumedRoleUser;
/**
* <p>A percentage value that indicates the packed size of the session policies and session

@@ -794,31 +823,2 @@ * tags combined passed in the request. The request fails if the packed size is greater than 100 percent,

Audience?: string;
/**
* <p>The unique user identifier that is returned by the identity provider. This identifier is
* associated with the <code>WebIdentityToken</code> that was submitted with the
* <code>AssumeRoleWithWebIdentity</code> call. The identifier is typically unique to the
* user and the application that acquired the <code>WebIdentityToken</code> (pairwise
* identifier). For OpenID Connect ID tokens, this field contains the value returned by the
* identity provider as the token's <code>sub</code> (Subject) claim. </p>
*/
SubjectFromWebIdentityToken?: string;
/**
* <p>The temporary security credentials, which include an access key ID, a secret access key,
* and a security token.</p>
* <note>
* <p>The size of the security token that STS API operations return is not fixed. We
* strongly recommend that you make no assumptions about the maximum size.</p>
* </note>
*/
Credentials?: Credentials;
/**
* <p>The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers that you
* can use to refer to the resulting temporary security credentials. For example, you can
* reference these credentials as a principal in a resource-based policy by using the ARN or
* assumed role ID. The ARN and ID include the <code>RoleSessionName</code> that you specified
* when you called <code>AssumeRole</code>. </p>
*/
AssumedRoleUser?: AssumedRoleUser;
}

@@ -940,7 +940,2 @@

/**
* <p>The AWS ARN associated with the calling entity.</p>
*/
Arn?: string;
/**
* <p>The unique identifier of the calling entity. The exact value depends on the type of

@@ -958,2 +953,7 @@ * entity that is making the call. The values returned are those listed in the <b>aws:userid</b> column in the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable">Principal

Account?: string;
/**
* <p>The AWS ARN associated with the calling entity.</p>
*/
Arn?: string;
}

@@ -969,2 +969,12 @@

/**
* <p>The name of the federated user. The name is used as an identifier for the temporary
* security credentials (such as <code>Bob</code>). For example, you can reference the
* federated user name in a resource-based policy, such as in an Amazon S3 bucket policy.</p>
* <p>The regex used to validate this parameter is a string of characters
* consisting of upper- and lower-case alphanumeric characters with no spaces. You can
* also include underscores or any of the following characters: =,.@-</p>
*/
Name: string | undefined;
/**
* <p>An IAM policy in JSON format that you want to use as an inline session policy.</p>

@@ -1005,41 +1015,2 @@ * <p>You must pass an inline or managed <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session policy</a> to

/**
* <p>A list of session tags. Each session tag consists of a key name and an associated value.
* For more information about session tags, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in the
* <i>IAM User Guide</i>.</p>
* <p>This parameter is optional. You can pass up to 50 session tags. The plain text session
* tag keys can’t exceed 128 characters and the values can’t exceed 256 characters. For these
* and additional limits, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p>
*
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*
* <p>You can pass a session tag with the same key as a tag that is already attached to the
* user you are federating. When you do, session tags override a user tag with the same key. </p>
* <p>Tag key–value pairs are not case sensitive, but case is preserved. This means that you
* cannot have separate <code>Department</code> and <code>department</code> tag keys. Assume
* that the role has the <code>Department</code>=<code>Marketing</code> tag and you pass the
* <code>department</code>=<code>engineering</code> session tag. <code>Department</code>
* and <code>department</code> are not saved as separate tags, and the session tag passed in
* the request takes precedence over the role tag.</p>
*/
Tags?: Tag[];
/**
* <p>The name of the federated user. The name is used as an identifier for the temporary
* security credentials (such as <code>Bob</code>). For example, you can reference the
* federated user name in a resource-based policy, such as in an Amazon S3 bucket policy.</p>
* <p>The regex used to validate this parameter is a string of characters
* consisting of upper- and lower-case alphanumeric characters with no spaces. You can
* also include underscores or any of the following characters: =,.@-</p>
*/
Name: string | undefined;
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a

@@ -1088,2 +1059,31 @@ * managed session policy. The policies must exist in the same account as the IAM user that

DurationSeconds?: number;
/**
* <p>A list of session tags. Each session tag consists of a key name and an associated value.
* For more information about session tags, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in the
* <i>IAM User Guide</i>.</p>
* <p>This parameter is optional. You can pass up to 50 session tags. The plain text session
* tag keys can’t exceed 128 characters and the values can’t exceed 256 characters. For these
* and additional limits, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p>
*
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*
* <p>You can pass a session tag with the same key as a tag that is already attached to the
* user you are federating. When you do, session tags override a user tag with the same key. </p>
* <p>Tag key–value pairs are not case sensitive, but case is preserved. This means that you
* cannot have separate <code>Department</code> and <code>department</code> tag keys. Assume
* that the role has the <code>Department</code>=<code>Marketing</code> tag and you pass the
* <code>department</code>=<code>engineering</code> session tag. <code>Department</code>
* and <code>department</code> are not saved as separate tags, and the session tag passed in
* the request takes precedence over the role tag.</p>
*/
Tags?: Tag[];
}

@@ -1137,9 +1137,2 @@

/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
/**
* <p>Identifiers for the federated user associated with the credentials (such as

@@ -1151,2 +1144,9 @@ * <code>arn:aws:sts::123456789012:federated-user/Bob</code> or

FederatedUser?: FederatedUser;
/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
}

@@ -1162,2 +1162,11 @@

/**
* <p>The duration, in seconds, that the credentials should remain valid. Acceptable durations
* for IAM user sessions range from 900 seconds (15 minutes) to 129,600 seconds (36 hours),
* with 43,200 seconds (12 hours) as the default. Sessions for AWS account owners are
* restricted to a maximum of 3,600 seconds (one hour). If the duration is longer than one
* hour, the session for AWS account owners defaults to one hour.</p>
*/
DurationSeconds?: number;
/**
* <p>The identification number of the MFA device that is associated with the IAM user who

@@ -1177,11 +1186,2 @@ * is making the <code>GetSessionToken</code> call. Specify this value if the IAM user has a

/**
* <p>The duration, in seconds, that the credentials should remain valid. Acceptable durations
* for IAM user sessions range from 900 seconds (15 minutes) to 129,600 seconds (36 hours),
* with 43,200 seconds (12 hours) as the default. Sessions for AWS account owners are
* restricted to a maximum of 3,600 seconds (one hour). If the duration is longer than one
* hour, the session for AWS account owners defaults to one hour.</p>
*/
DurationSeconds?: number;
/**
* <p>The value provided by the MFA device, if MFA is required. If any policy requires the

@@ -1188,0 +1188,0 @@ * IAM user to submit an MFA code, specify this value. If MFA authentication is required,

44

package.json
{
"name": "@aws-sdk/client-sts",
"description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native",
"version": "1.0.0-rc.9",
"version": "1.0.0-rc.10",
"scripts": {

@@ -31,21 +31,21 @@ "clean": "yarn remove-definitions && yarn remove-dist && yarn remove-documentation",

"@aws-crypto/sha256-js": "^1.0.0",
"@aws-sdk/config-resolver": "1.0.0-rc.9",
"@aws-sdk/credential-provider-node": "1.0.0-rc.9",
"@aws-sdk/fetch-http-handler": "1.0.0-rc.8",
"@aws-sdk/hash-node": "1.0.0-rc.8",
"@aws-sdk/config-resolver": "1.0.0-rc.10",
"@aws-sdk/credential-provider-node": "1.0.0-rc.10",
"@aws-sdk/fetch-http-handler": "1.0.0-rc.10",
"@aws-sdk/hash-node": "1.0.0-rc.10",
"@aws-sdk/invalid-dependency": "1.0.0-rc.8",
"@aws-sdk/middleware-content-length": "1.0.0-rc.8",
"@aws-sdk/middleware-host-header": "1.0.0-rc.8",
"@aws-sdk/middleware-logger": "1.0.0-rc.8",
"@aws-sdk/middleware-retry": "1.0.0-rc.9",
"@aws-sdk/middleware-serde": "1.0.0-rc.8",
"@aws-sdk/middleware-signing": "1.0.0-rc.9",
"@aws-sdk/middleware-stack": "1.0.0-rc.8",
"@aws-sdk/middleware-user-agent": "1.0.0-rc.8",
"@aws-sdk/node-config-provider": "1.0.0-rc.9",
"@aws-sdk/node-http-handler": "1.0.0-rc.8",
"@aws-sdk/protocol-http": "1.0.0-rc.8",
"@aws-sdk/smithy-client": "1.0.0-rc.8",
"@aws-sdk/url-parser-browser": "1.0.0-rc.8",
"@aws-sdk/url-parser-node": "1.0.0-rc.9",
"@aws-sdk/middleware-content-length": "1.0.0-rc.10",
"@aws-sdk/middleware-host-header": "1.0.0-rc.10",
"@aws-sdk/middleware-logger": "1.0.0-rc.10",
"@aws-sdk/middleware-retry": "1.0.0-rc.10",
"@aws-sdk/middleware-serde": "1.0.0-rc.10",
"@aws-sdk/middleware-signing": "1.0.0-rc.10",
"@aws-sdk/middleware-stack": "1.0.0-rc.10",
"@aws-sdk/middleware-user-agent": "1.0.0-rc.10",
"@aws-sdk/node-config-provider": "1.0.0-rc.10",
"@aws-sdk/node-http-handler": "1.0.0-rc.10",
"@aws-sdk/protocol-http": "1.0.0-rc.10",
"@aws-sdk/smithy-client": "1.0.0-rc.10",
"@aws-sdk/url-parser-browser": "1.0.0-rc.10",
"@aws-sdk/url-parser-node": "1.0.0-rc.10",
"@aws-sdk/util-base64-browser": "1.0.0-rc.8",

@@ -55,4 +55,4 @@ "@aws-sdk/util-base64-node": "1.0.0-rc.8",

"@aws-sdk/util-body-length-node": "1.0.0-rc.8",
"@aws-sdk/util-user-agent-browser": "1.0.0-rc.8",
"@aws-sdk/util-user-agent-node": "1.0.0-rc.8",
"@aws-sdk/util-user-agent-browser": "1.0.0-rc.10",
"@aws-sdk/util-user-agent-node": "1.0.0-rc.10",
"@aws-sdk/util-utf8-browser": "1.0.0-rc.8",

@@ -65,3 +65,3 @@ "@aws-sdk/util-utf8-node": "1.0.0-rc.8",

"@aws-sdk/client-documentation-generator": "1.0.0-rc.8",
"@aws-sdk/types": "1.0.0-rc.8",
"@aws-sdk/types": "1.0.0-rc.10",
"@types/node": "^12.7.5",

@@ -68,0 +68,0 @@ "jest": "^26.1.0",

243

protocols/Aws_query.ts

@@ -66,3 +66,3 @@ import { AssumeRoleCommandInput, AssumeRoleCommandOutput } from "../commands/AssumeRoleCommand";

const headers: __HeaderBag = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -83,3 +83,3 @@ let body: any;

const headers: __HeaderBag = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -100,3 +100,3 @@ let body: any;

const headers: __HeaderBag = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -117,3 +117,3 @@ let body: any;

const headers: __HeaderBag = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -134,3 +134,3 @@ let body: any;

const headers: __HeaderBag = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -151,3 +151,3 @@ let body: any;

const headers: __HeaderBag = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -168,3 +168,3 @@ let body: any;

const headers: __HeaderBag = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -185,3 +185,3 @@ let body: any;

const headers: __HeaderBag = {
"Content-Type": "application/x-www-form-urlencoded",
"content-type": "application/x-www-form-urlencoded",
};

@@ -863,12 +863,9 @@ let body: any;

const entries: any = {};
if (input.DurationSeconds !== undefined) {
entries["DurationSeconds"] = input.DurationSeconds;
if (input.RoleArn !== undefined && input.RoleArn !== null) {
entries["RoleArn"] = input.RoleArn;
}
if (input.RoleSessionName !== undefined) {
if (input.RoleSessionName !== undefined && input.RoleSessionName !== null) {
entries["RoleSessionName"] = input.RoleSessionName;
}
if (input.TokenCode !== undefined) {
entries["TokenCode"] = input.TokenCode;
}
if (input.PolicyArns !== undefined) {
if (input.PolicyArns !== undefined && input.PolicyArns !== null) {
const memberEntries = serializeAws_querypolicyDescriptorListType(input.PolicyArns, context);

@@ -880,9 +877,9 @@ Object.entries(memberEntries).forEach(([key, value]) => {

}
if (input.RoleArn !== undefined) {
entries["RoleArn"] = input.RoleArn;
}
if (input.Policy !== undefined) {
if (input.Policy !== undefined && input.Policy !== null) {
entries["Policy"] = input.Policy;
}
if (input.Tags !== undefined) {
if (input.DurationSeconds !== undefined && input.DurationSeconds !== null) {
entries["DurationSeconds"] = input.DurationSeconds;
}
if (input.Tags !== undefined && input.Tags !== null) {
const memberEntries = serializeAws_querytagListType(input.Tags, context);

@@ -894,6 +891,3 @@ Object.entries(memberEntries).forEach(([key, value]) => {

}
if (input.ExternalId !== undefined) {
entries["ExternalId"] = input.ExternalId;
}
if (input.TransitiveTagKeys !== undefined) {
if (input.TransitiveTagKeys !== undefined && input.TransitiveTagKeys !== null) {
const memberEntries = serializeAws_querytagKeyListType(input.TransitiveTagKeys, context);

@@ -905,5 +899,11 @@ Object.entries(memberEntries).forEach(([key, value]) => {

}
if (input.SerialNumber !== undefined) {
if (input.ExternalId !== undefined && input.ExternalId !== null) {
entries["ExternalId"] = input.ExternalId;
}
if (input.SerialNumber !== undefined && input.SerialNumber !== null) {
entries["SerialNumber"] = input.SerialNumber;
}
if (input.TokenCode !== undefined && input.TokenCode !== null) {
entries["TokenCode"] = input.TokenCode;
}
return entries;

@@ -917,9 +917,12 @@ };

const entries: any = {};
if (input.Policy !== undefined) {
entries["Policy"] = input.Policy;
}
if (input.RoleArn !== undefined) {
if (input.RoleArn !== undefined && input.RoleArn !== null) {
entries["RoleArn"] = input.RoleArn;
}
if (input.PolicyArns !== undefined) {
if (input.PrincipalArn !== undefined && input.PrincipalArn !== null) {
entries["PrincipalArn"] = input.PrincipalArn;
}
if (input.SAMLAssertion !== undefined && input.SAMLAssertion !== null) {
entries["SAMLAssertion"] = input.SAMLAssertion;
}
if (input.PolicyArns !== undefined && input.PolicyArns !== null) {
const memberEntries = serializeAws_querypolicyDescriptorListType(input.PolicyArns, context);

@@ -931,9 +934,6 @@ Object.entries(memberEntries).forEach(([key, value]) => {

}
if (input.PrincipalArn !== undefined) {
entries["PrincipalArn"] = input.PrincipalArn;
if (input.Policy !== undefined && input.Policy !== null) {
entries["Policy"] = input.Policy;
}
if (input.SAMLAssertion !== undefined) {
entries["SAMLAssertion"] = input.SAMLAssertion;
}
if (input.DurationSeconds !== undefined) {
if (input.DurationSeconds !== undefined && input.DurationSeconds !== null) {
entries["DurationSeconds"] = input.DurationSeconds;

@@ -949,21 +949,15 @@ }

const entries: any = {};
if (input.WebIdentityToken !== undefined) {
entries["WebIdentityToken"] = input.WebIdentityToken;
if (input.RoleArn !== undefined && input.RoleArn !== null) {
entries["RoleArn"] = input.RoleArn;
}
if (input.ProviderId !== undefined) {
entries["ProviderId"] = input.ProviderId;
}
if (input.Policy !== undefined) {
entries["Policy"] = input.Policy;
}
if (input.RoleSessionName !== undefined) {
if (input.RoleSessionName !== undefined && input.RoleSessionName !== null) {
entries["RoleSessionName"] = input.RoleSessionName;
}
if (input.RoleArn !== undefined) {
entries["RoleArn"] = input.RoleArn;
if (input.WebIdentityToken !== undefined && input.WebIdentityToken !== null) {
entries["WebIdentityToken"] = input.WebIdentityToken;
}
if (input.DurationSeconds !== undefined) {
entries["DurationSeconds"] = input.DurationSeconds;
if (input.ProviderId !== undefined && input.ProviderId !== null) {
entries["ProviderId"] = input.ProviderId;
}
if (input.PolicyArns !== undefined) {
if (input.PolicyArns !== undefined && input.PolicyArns !== null) {
const memberEntries = serializeAws_querypolicyDescriptorListType(input.PolicyArns, context);

@@ -975,2 +969,8 @@ Object.entries(memberEntries).forEach(([key, value]) => {

}
if (input.Policy !== undefined && input.Policy !== null) {
entries["Policy"] = input.Policy;
}
if (input.DurationSeconds !== undefined && input.DurationSeconds !== null) {
entries["DurationSeconds"] = input.DurationSeconds;
}
return entries;

@@ -984,3 +984,3 @@ };

const entries: any = {};
if (input.EncodedMessage !== undefined) {
if (input.EncodedMessage !== undefined && input.EncodedMessage !== null) {
entries["EncodedMessage"] = input.EncodedMessage;

@@ -993,3 +993,3 @@ }

const entries: any = {};
if (input.AccessKeyId !== undefined) {
if (input.AccessKeyId !== undefined && input.AccessKeyId !== null) {
entries["AccessKeyId"] = input.AccessKeyId;

@@ -1010,25 +1010,25 @@ }

const entries: any = {};
if (input.Policy !== undefined) {
if (input.Name !== undefined && input.Name !== null) {
entries["Name"] = input.Name;
}
if (input.Policy !== undefined && input.Policy !== null) {
entries["Policy"] = input.Policy;
}
if (input.Tags !== undefined) {
const memberEntries = serializeAws_querytagListType(input.Tags, context);
if (input.PolicyArns !== undefined && input.PolicyArns !== null) {
const memberEntries = serializeAws_querypolicyDescriptorListType(input.PolicyArns, context);
Object.entries(memberEntries).forEach(([key, value]) => {
const loc = `Tags.${key}`;
const loc = `PolicyArns.${key}`;
entries[loc] = value;
});
}
if (input.Name !== undefined) {
entries["Name"] = input.Name;
if (input.DurationSeconds !== undefined && input.DurationSeconds !== null) {
entries["DurationSeconds"] = input.DurationSeconds;
}
if (input.PolicyArns !== undefined) {
const memberEntries = serializeAws_querypolicyDescriptorListType(input.PolicyArns, context);
if (input.Tags !== undefined && input.Tags !== null) {
const memberEntries = serializeAws_querytagListType(input.Tags, context);
Object.entries(memberEntries).forEach(([key, value]) => {
const loc = `PolicyArns.${key}`;
const loc = `Tags.${key}`;
entries[loc] = value;
});
}
if (input.DurationSeconds !== undefined) {
entries["DurationSeconds"] = input.DurationSeconds;
}
return entries;

@@ -1039,9 +1039,9 @@ };

const entries: any = {};
if (input.SerialNumber !== undefined) {
if (input.DurationSeconds !== undefined && input.DurationSeconds !== null) {
entries["DurationSeconds"] = input.DurationSeconds;
}
if (input.SerialNumber !== undefined && input.SerialNumber !== null) {
entries["SerialNumber"] = input.SerialNumber;
}
if (input.DurationSeconds !== undefined) {
entries["DurationSeconds"] = input.DurationSeconds;
}
if (input.TokenCode !== undefined) {
if (input.TokenCode !== undefined && input.TokenCode !== null) {
entries["TokenCode"] = input.TokenCode;

@@ -1056,2 +1056,5 @@ }

for (let entry of input) {
if (entry === null) {
continue;
}
const memberEntries = serializeAws_queryPolicyDescriptorType(entry, context);

@@ -1068,3 +1071,3 @@ Object.entries(memberEntries).forEach(([key, value]) => {

const entries: any = {};
if (input.arn !== undefined) {
if (input.arn !== undefined && input.arn !== null) {
entries["arn"] = input.arn;

@@ -1077,6 +1080,6 @@ }

const entries: any = {};
if (input.Key !== undefined) {
if (input.Key !== undefined && input.Key !== null) {
entries["Key"] = input.Key;
}
if (input.Value !== undefined) {
if (input.Value !== undefined && input.Value !== null) {
entries["Value"] = input.Value;

@@ -1091,2 +1094,5 @@ }

for (let entry of input) {
if (entry === null) {
continue;
}
entries[`member.${counter}`] = entry;

@@ -1102,2 +1108,5 @@ counter++;

for (let entry of input) {
if (entry === null) {
continue;
}
const memberEntries = serializeAws_queryTag(entry, context);

@@ -1114,11 +1123,11 @@ Object.entries(memberEntries).forEach(([key, value]) => {

let contents: any = {
AssumedRoleId: undefined,
Arn: undefined,
AssumedRoleId: undefined,
};
if (output["AssumedRoleId"] !== undefined) {
contents.AssumedRoleId = output["AssumedRoleId"];
}
if (output["Arn"] !== undefined) {
contents.Arn = output["Arn"];
}
if (output["AssumedRoleId"] !== undefined) {
contents.AssumedRoleId = output["AssumedRoleId"];
}
return contents;

@@ -1130,4 +1139,4 @@ };

Credentials: undefined,
AssumedRoleUser: undefined,
PackedPolicySize: undefined,
AssumedRoleUser: undefined,
};

@@ -1137,8 +1146,8 @@ if (output["Credentials"] !== undefined) {

}
if (output["AssumedRoleUser"] !== undefined) {
contents.AssumedRoleUser = deserializeAws_queryAssumedRoleUser(output["AssumedRoleUser"], context);
}
if (output["PackedPolicySize"] !== undefined) {
contents.PackedPolicySize = parseInt(output["PackedPolicySize"]);
}
if (output["AssumedRoleUser"] !== undefined) {
contents.AssumedRoleUser = deserializeAws_queryAssumedRoleUser(output["AssumedRoleUser"], context);
}
return contents;

@@ -1152,16 +1161,19 @@ };

let contents: any = {
Credentials: undefined,
AssumedRoleUser: undefined,
Credentials: undefined,
PackedPolicySize: undefined,
Subject: undefined,
SubjectType: undefined,
NameQualifier: undefined,
Issuer: undefined,
Audience: undefined,
PackedPolicySize: undefined,
NameQualifier: undefined,
};
if (output["Credentials"] !== undefined) {
contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
}
if (output["AssumedRoleUser"] !== undefined) {
contents.AssumedRoleUser = deserializeAws_queryAssumedRoleUser(output["AssumedRoleUser"], context);
}
if (output["Credentials"] !== undefined) {
contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
if (output["PackedPolicySize"] !== undefined) {
contents.PackedPolicySize = parseInt(output["PackedPolicySize"]);
}

@@ -1174,5 +1186,2 @@ if (output["Subject"] !== undefined) {

}
if (output["NameQualifier"] !== undefined) {
contents.NameQualifier = output["NameQualifier"];
}
if (output["Issuer"] !== undefined) {

@@ -1184,4 +1193,4 @@ contents.Issuer = output["Issuer"];

}
if (output["PackedPolicySize"] !== undefined) {
contents.PackedPolicySize = parseInt(output["PackedPolicySize"]);
if (output["NameQualifier"] !== undefined) {
contents.NameQualifier = output["NameQualifier"];
}

@@ -1196,9 +1205,18 @@ return contents;

let contents: any = {
Credentials: undefined,
SubjectFromWebIdentityToken: undefined,
AssumedRoleUser: undefined,
PackedPolicySize: undefined,
Provider: undefined,
Audience: undefined,
SubjectFromWebIdentityToken: undefined,
Credentials: undefined,
AssumedRoleUser: undefined,
};
if (output["Credentials"] !== undefined) {
contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
}
if (output["SubjectFromWebIdentityToken"] !== undefined) {
contents.SubjectFromWebIdentityToken = output["SubjectFromWebIdentityToken"];
}
if (output["AssumedRoleUser"] !== undefined) {
contents.AssumedRoleUser = deserializeAws_queryAssumedRoleUser(output["AssumedRoleUser"], context);
}
if (output["PackedPolicySize"] !== undefined) {

@@ -1213,11 +1231,2 @@ contents.PackedPolicySize = parseInt(output["PackedPolicySize"]);

}
if (output["SubjectFromWebIdentityToken"] !== undefined) {
contents.SubjectFromWebIdentityToken = output["SubjectFromWebIdentityToken"];
}
if (output["Credentials"] !== undefined) {
contents.Credentials = deserializeAws_queryCredentials(output["Credentials"], context);
}
if (output["AssumedRoleUser"] !== undefined) {
contents.AssumedRoleUser = deserializeAws_queryAssumedRoleUser(output["AssumedRoleUser"], context);
}
return contents;

@@ -1228,18 +1237,18 @@ };

let contents: any = {
Expiration: undefined,
AccessKeyId: undefined,
SecretAccessKey: undefined,
SessionToken: undefined,
SecretAccessKey: undefined,
Expiration: undefined,
};
if (output["Expiration"] !== undefined) {
contents.Expiration = new Date(output["Expiration"]);
}
if (output["AccessKeyId"] !== undefined) {
contents.AccessKeyId = output["AccessKeyId"];
}
if (output["SecretAccessKey"] !== undefined) {
contents.SecretAccessKey = output["SecretAccessKey"];
}
if (output["SessionToken"] !== undefined) {
contents.SessionToken = output["SessionToken"];
}
if (output["SecretAccessKey"] !== undefined) {
contents.SecretAccessKey = output["SecretAccessKey"];
if (output["Expiration"] !== undefined) {
contents.Expiration = new Date(output["Expiration"]);
}

@@ -1304,9 +1313,6 @@ return contents;

let contents: any = {
Arn: undefined,
UserId: undefined,
Account: undefined,
Arn: undefined,
};
if (output["Arn"] !== undefined) {
contents.Arn = output["Arn"];
}
if (output["UserId"] !== undefined) {

@@ -1318,2 +1324,5 @@ contents.UserId = output["UserId"];

}
if (output["Arn"] !== undefined) {
contents.Arn = output["Arn"];
}
return contents;

@@ -1328,4 +1337,4 @@ };

Credentials: undefined,
FederatedUser: undefined,
PackedPolicySize: undefined,
FederatedUser: undefined,
};

@@ -1335,8 +1344,8 @@ if (output["Credentials"] !== undefined) {

}
if (output["FederatedUser"] !== undefined) {
contents.FederatedUser = deserializeAws_queryFederatedUser(output["FederatedUser"], context);
}
if (output["PackedPolicySize"] !== undefined) {
contents.PackedPolicySize = parseInt(output["PackedPolicySize"]);
}
if (output["FederatedUser"] !== undefined) {
contents.FederatedUser = deserializeAws_queryFederatedUser(output["FederatedUser"], context);
}
return contents;

@@ -1343,0 +1352,0 @@ };

472

types/models/models_0.d.ts

@@ -9,2 +9,7 @@ import { SmithyException as __SmithyException } from "@aws-sdk/smithy-client";

/**
* <p>A unique identifier that contains the role ID and the role session name of the role that
* is being assumed. The role ID is generated by AWS when the role is created.</p>
*/
AssumedRoleId: string | undefined;
/**
* <p>The ARN of the temporary security credentials that are returned from the <a>AssumeRole</a> action. For more information about ARNs and how to use them in

@@ -15,7 +20,2 @@ * policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html">IAM Identifiers</a> in the

Arn: string | undefined;
/**
* <p>A unique identifier that contains the role ID and the role session name of the role that
* is being assumed. The role ID is generated by AWS when the role is created.</p>
*/
AssumedRoleId: string | undefined;
}

@@ -67,22 +67,5 @@ export declare namespace AssumedRoleUser {

/**
* <p>The duration, in seconds, of the role session. The value can range from 900 seconds (15
* minutes) up to the maximum session duration setting for the role. This setting can have a
* value from 1 hour to 12 hours. If you specify a value higher than this setting, the
* operation fails. For example, if you specify a session duration of 12 hours, but your
* administrator set the maximum session duration to 6 hours, your operation fails. To learn
* how to view the maximum value for your role, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session">View the
* Maximum Session Duration Setting for a Role</a> in the
* <i>IAM User Guide</i>.</p>
* <p>By default, the value is set to <code>3600</code> seconds. </p>
* <note>
* <p>The <code>DurationSeconds</code> parameter is separate from the duration of a console
* session that you might request using the returned credentials. The request to the
* federation endpoint for a console sign-in token takes a <code>SessionDuration</code>
* parameter that specifies the maximum length of the console session. For more
* information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html">Creating a URL
* that Enables Federated Users to Access the AWS Management Console</a> in the
* <i>IAM User Guide</i>.</p>
* </note>
* <p>The Amazon Resource Name (ARN) of the role to assume.</p>
*/
DurationSeconds?: number;
RoleArn: string | undefined;
/**

@@ -102,11 +85,2 @@ * <p>An identifier for the assumed role session.</p>

/**
* <p>The value provided by the MFA device, if the trust policy of the role being assumed
* requires MFA (that is, if the policy includes a condition that tests for MFA). If the role
* being assumed requires MFA and if the <code>TokenCode</code> value is missing or expired,
* the <code>AssumeRole</code> call returns an "access denied" error.</p>
* <p>The format for this parameter, as described by its regex pattern, is a sequence of six
* numeric digits.</p>
*/
TokenCode?: string;
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as

@@ -139,6 +113,2 @@ * managed session policies. The policies must exist in the same account as the role.</p>

/**
* <p>The Amazon Resource Name (ARN) of the role to assume.</p>
*/
RoleArn: string | undefined;
/**
* <p>An IAM policy in JSON format that you want to use as an inline session policy.</p>

@@ -170,2 +140,23 @@ * <p>This parameter is optional. Passing policies to this operation returns new

/**
* <p>The duration, in seconds, of the role session. The value can range from 900 seconds (15
* minutes) up to the maximum session duration setting for the role. This setting can have a
* value from 1 hour to 12 hours. If you specify a value higher than this setting, the
* operation fails. For example, if you specify a session duration of 12 hours, but your
* administrator set the maximum session duration to 6 hours, your operation fails. To learn
* how to view the maximum value for your role, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session">View the
* Maximum Session Duration Setting for a Role</a> in the
* <i>IAM User Guide</i>.</p>
* <p>By default, the value is set to <code>3600</code> seconds. </p>
* <note>
* <p>The <code>DurationSeconds</code> parameter is separate from the duration of a console
* session that you might request using the returned credentials. The request to the
* federation endpoint for a console sign-in token takes a <code>SessionDuration</code>
* parameter that specifies the maximum length of the console session. For more
* information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html">Creating a URL
* that Enables Federated Users to Access the AWS Management Console</a> in the
* <i>IAM User Guide</i>.</p>
* </note>
*/
DurationSeconds?: number;
/**
* <p>A list of session tags that you want to pass. Each session tag consists of a key name

@@ -204,2 +195,13 @@ * and an associated value. For more information about session tags, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Tagging AWS STS

/**
* <p>A list of keys for session tags that you want to set as transitive. If you set a tag key
* as transitive, the corresponding key and value passes to subsequent sessions in a role
* chain. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining">Chaining Roles
* with Session Tags</a> in the <i>IAM User Guide</i>.</p>
* <p>This parameter is optional. When you set session tags as transitive, the session policy
* and session tags packed binary limit is not affected.</p>
* <p>If you choose not to specify a transitive tag key, then no tags are passed from this
* session to any subsequent sessions.</p>
*/
TransitiveTagKeys?: string[];
/**
* <p>A unique identifier that might be required when you assume a role in another account. If

@@ -221,13 +223,2 @@ * the administrator of the account to which the role belongs provided you with an external

/**
* <p>A list of keys for session tags that you want to set as transitive. If you set a tag key
* as transitive, the corresponding key and value passes to subsequent sessions in a role
* chain. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining">Chaining Roles
* with Session Tags</a> in the <i>IAM User Guide</i>.</p>
* <p>This parameter is optional. When you set session tags as transitive, the session policy
* and session tags packed binary limit is not affected.</p>
* <p>If you choose not to specify a transitive tag key, then no tags are passed from this
* session to any subsequent sessions.</p>
*/
TransitiveTagKeys?: string[];
/**
* <p>The identification number of the MFA device that is associated with the user who is

@@ -244,2 +235,11 @@ * making the <code>AssumeRole</code> call. Specify this value if the trust policy of the role

SerialNumber?: string;
/**
* <p>The value provided by the MFA device, if the trust policy of the role being assumed
* requires MFA (that is, if the policy includes a condition that tests for MFA). If the role
* being assumed requires MFA and if the <code>TokenCode</code> value is missing or expired,
* the <code>AssumeRole</code> call returns an "access denied" error.</p>
* <p>The format for this parameter, as described by its regex pattern, is a sequence of six
* numeric digits.</p>
*/
TokenCode?: string;
}

@@ -254,6 +254,2 @@ export declare namespace AssumeRoleRequest {

/**
* <p>The date on which the current credentials expire.</p>
*/
Expiration: Date | undefined;
/**
* <p>The access key ID that identifies the temporary security credentials.</p>

@@ -263,2 +259,6 @@ */

/**
* <p>The secret access key that can be used to sign requests.</p>
*/
SecretAccessKey: string | undefined;
/**
* <p>The token that users must pass to the service API to use the temporary

@@ -269,5 +269,5 @@ * credentials.</p>

/**
* <p>The secret access key that can be used to sign requests.</p>
* <p>The date on which the current credentials expire.</p>
*/
SecretAccessKey: string | undefined;
Expiration: Date | undefined;
}

@@ -292,8 +292,2 @@ export declare namespace Credentials {

/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
/**
* <p>The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers that you

@@ -306,2 +300,8 @@ * can use to refer to the resulting temporary security credentials. For example, you can

AssumedRoleUser?: AssumedRoleUser;
/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
}

@@ -371,27 +371,2 @@ export declare namespace AssumeRoleResponse {

/**
* <p>An IAM policy in JSON format that you want to use as an inline session policy.</p>
* <p>This parameter is optional. Passing policies to this operation returns new
* temporary credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent AWS API calls to access resources in the account that owns
* the role. You cannot use session policies to grant more permissions than those allowed
* by the identity-based policy of the role that is being assumed. For more information, see
* <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>. </p>
* <p>The plain text that you use for both inline and managed session policies can't exceed
* 2,048 characters. The JSON policy characters can be any ASCII character from the space
* character to the end of the valid character list (\u0020 through \u00FF). It can also
* include the tab (\u0009), linefeed (\u000A), and carriage return (\u000D)
* characters.</p>
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*/
Policy?: string;
/**
* <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>

@@ -401,2 +376,13 @@ */

/**
* <p>The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the
* IdP.</p>
*/
PrincipalArn: string | undefined;
/**
* <p>The base-64 encoded SAML authentication response provided by the IdP.</p>
* <p>For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html">Configuring a Relying Party and
* Adding Claims</a> in the <i>IAM User Guide</i>. </p>
*/
SAMLAssertion: string | undefined;
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as

@@ -428,13 +414,27 @@ * managed session policies. The policies must exist in the same account as the role.</p>

/**
* <p>The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the
* IdP.</p>
* <p>An IAM policy in JSON format that you want to use as an inline session policy.</p>
* <p>This parameter is optional. Passing policies to this operation returns new
* temporary credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent AWS API calls to access resources in the account that owns
* the role. You cannot use session policies to grant more permissions than those allowed
* by the identity-based policy of the role that is being assumed. For more information, see
* <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>. </p>
* <p>The plain text that you use for both inline and managed session policies can't exceed
* 2,048 characters. The JSON policy characters can be any ASCII character from the space
* character to the end of the valid character list (\u0020 through \u00FF). It can also
* include the tab (\u0009), linefeed (\u000A), and carriage return (\u000D)
* characters.</p>
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*/
PrincipalArn: string | undefined;
Policy?: string;
/**
* <p>The base-64 encoded SAML authentication response provided by the IdP.</p>
* <p>For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html">Configuring a Relying Party and
* Adding Claims</a> in the <i>IAM User Guide</i>. </p>
*/
SAMLAssertion: string | undefined;
/**
* <p>The duration, in seconds, of the role session. Your role session lasts for the duration

@@ -473,7 +473,2 @@ * that you specify for the <code>DurationSeconds</code> parameter, or until the time

/**
* <p>The identifiers for the temporary security credentials that the operation
* returns.</p>
*/
AssumedRoleUser?: AssumedRoleUser;
/**
* <p>The temporary security credentials, which include an access key ID, a secret access key,

@@ -488,2 +483,13 @@ * and a security (or session) token.</p>

/**
* <p>The identifiers for the temporary security credentials that the operation
* returns.</p>
*/
AssumedRoleUser?: AssumedRoleUser;
/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
/**
* <p>The value of the <code>NameID</code> element in the <code>Subject</code> element of the

@@ -505,2 +511,11 @@ * SAML assertion.</p>

/**
* <p>The value of the <code>Issuer</code> element of the SAML assertion.</p>
*/
Issuer?: string;
/**
* <p> The value of the <code>Recipient</code> attribute of the
* <code>SubjectConfirmationData</code> element of the SAML assertion. </p>
*/
Audience?: string;
/**
* <p>A hash value based on the concatenation of the <code>Issuer</code> response value, the

@@ -516,17 +531,2 @@ * AWS account ID, and the friendly name (the last part of the ARN) of the SAML provider in

NameQualifier?: string;
/**
* <p>The value of the <code>Issuer</code> element of the SAML assertion.</p>
*/
Issuer?: string;
/**
* <p> The value of the <code>Recipient</code> attribute of the
* <code>SubjectConfirmationData</code> element of the SAML assertion. </p>
*/
Audience?: string;
/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
}

@@ -564,2 +564,17 @@ export declare namespace AssumeRoleWithSAMLResponse {

/**
* <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
*/
RoleArn: string | undefined;
/**
* <p>An identifier for the assumed role session. Typically, you pass the name or identifier
* that is associated with the user who is using your application. That way, the temporary
* security credentials that your application will use are associated with that user. This
* session name is included as part of the ARN and assumed role ID in the
* <code>AssumedRoleUser</code> response element.</p>
* <p>The regex used to validate this parameter is a string of characters
* consisting of upper- and lower-case alphanumeric characters with no spaces. You can
* also include underscores or any of the following characters: =,.@-</p>
*/
RoleSessionName: string | undefined;
/**
* <p>The OAuth 2.0 access token or OpenID Connect ID token that is provided by the identity

@@ -581,2 +596,28 @@ * provider. Your application must get this token by authenticating the user who is using your

/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as
* managed session policies. The policies must exist in the same account as the role.</p>
* <p>This parameter is optional. You can provide up to 10 managed policy ARNs. However, the
* plain text that you use for both inline and managed session policies can't exceed 2,048
* characters. For more information about ARNs, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Names (ARNs) and AWS
* Service Namespaces</a> in the AWS General Reference.</p>
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*
* <p>Passing policies to this operation returns new
* temporary credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent AWS API calls to access resources in the account that owns
* the role. You cannot use session policies to grant more permissions than those allowed
* by the identity-based policy of the role that is being assumed. For more information, see
* <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p>
*/
PolicyArns?: PolicyDescriptorType[];
/**
* <p>An IAM policy in JSON format that you want to use as an inline session policy.</p>

@@ -607,17 +648,2 @@ * <p>This parameter is optional. Passing policies to this operation returns new

/**
* <p>An identifier for the assumed role session. Typically, you pass the name or identifier
* that is associated with the user who is using your application. That way, the temporary
* security credentials that your application will use are associated with that user. This
* session name is included as part of the ARN and assumed role ID in the
* <code>AssumedRoleUser</code> response element.</p>
* <p>The regex used to validate this parameter is a string of characters
* consisting of upper- and lower-case alphanumeric characters with no spaces. You can
* also include underscores or any of the following characters: =,.@-</p>
*/
RoleSessionName: string | undefined;
/**
* <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
*/
RoleArn: string | undefined;
/**
* <p>The duration, in seconds, of the role session. The value can range from 900 seconds (15

@@ -643,28 +669,2 @@ * minutes) up to the maximum session duration setting for the role. This setting can have a

DurationSeconds?: number;
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as
* managed session policies. The policies must exist in the same account as the role.</p>
* <p>This parameter is optional. You can provide up to 10 managed policy ARNs. However, the
* plain text that you use for both inline and managed session policies can't exceed 2,048
* characters. For more information about ARNs, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Names (ARNs) and AWS
* Service Namespaces</a> in the AWS General Reference.</p>
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*
* <p>Passing policies to this operation returns new
* temporary credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent AWS API calls to access resources in the account that owns
* the role. You cannot use session policies to grant more permissions than those allowed
* by the identity-based policy of the role that is being assumed. For more information, see
* <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p>
*/
PolicyArns?: PolicyDescriptorType[];
}

@@ -680,2 +680,28 @@ export declare namespace AssumeRoleWithWebIdentityRequest {

/**
* <p>The temporary security credentials, which include an access key ID, a secret access key,
* and a security token.</p>
* <note>
* <p>The size of the security token that STS API operations return is not fixed. We
* strongly recommend that you make no assumptions about the maximum size.</p>
* </note>
*/
Credentials?: Credentials;
/**
* <p>The unique user identifier that is returned by the identity provider. This identifier is
* associated with the <code>WebIdentityToken</code> that was submitted with the
* <code>AssumeRoleWithWebIdentity</code> call. The identifier is typically unique to the
* user and the application that acquired the <code>WebIdentityToken</code> (pairwise
* identifier). For OpenID Connect ID tokens, this field contains the value returned by the
* identity provider as the token's <code>sub</code> (Subject) claim. </p>
*/
SubjectFromWebIdentityToken?: string;
/**
* <p>The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers that you
* can use to refer to the resulting temporary security credentials. For example, you can
* reference these credentials as a principal in a resource-based policy by using the ARN or
* assumed role ID. The ARN and ID include the <code>RoleSessionName</code> that you specified
* when you called <code>AssumeRole</code>. </p>
*/
AssumedRoleUser?: AssumedRoleUser;
/**
* <p>A percentage value that indicates the packed size of the session policies and session

@@ -699,28 +725,2 @@ * tags combined passed in the request. The request fails if the packed size is greater than 100 percent,

Audience?: string;
/**
* <p>The unique user identifier that is returned by the identity provider. This identifier is
* associated with the <code>WebIdentityToken</code> that was submitted with the
* <code>AssumeRoleWithWebIdentity</code> call. The identifier is typically unique to the
* user and the application that acquired the <code>WebIdentityToken</code> (pairwise
* identifier). For OpenID Connect ID tokens, this field contains the value returned by the
* identity provider as the token's <code>sub</code> (Subject) claim. </p>
*/
SubjectFromWebIdentityToken?: string;
/**
* <p>The temporary security credentials, which include an access key ID, a secret access key,
* and a security token.</p>
* <note>
* <p>The size of the security token that STS API operations return is not fixed. We
* strongly recommend that you make no assumptions about the maximum size.</p>
* </note>
*/
Credentials?: Credentials;
/**
* <p>The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers that you
* can use to refer to the resulting temporary security credentials. For example, you can
* reference these credentials as a principal in a resource-based policy by using the ARN or
* assumed role ID. The ARN and ID include the <code>RoleSessionName</code> that you specified
* when you called <code>AssumeRole</code>. </p>
*/
AssumedRoleUser?: AssumedRoleUser;
}

@@ -811,6 +811,2 @@ export declare namespace AssumeRoleWithWebIdentityResponse {

/**
* <p>The AWS ARN associated with the calling entity.</p>
*/
Arn?: string;
/**
* <p>The unique identifier of the calling entity. The exact value depends on the type of

@@ -827,2 +823,6 @@ * entity that is making the call. The values returned are those listed in the <b>aws:userid</b> column in the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable">Principal

Account?: string;
/**
* <p>The AWS ARN associated with the calling entity.</p>
*/
Arn?: string;
}

@@ -834,2 +834,11 @@ export declare namespace GetCallerIdentityResponse {

/**
* <p>The name of the federated user. The name is used as an identifier for the temporary
* security credentials (such as <code>Bob</code>). For example, you can reference the
* federated user name in a resource-based policy, such as in an Amazon S3 bucket policy.</p>
* <p>The regex used to validate this parameter is a string of characters
* consisting of upper- and lower-case alphanumeric characters with no spaces. You can
* also include underscores or any of the following characters: =,.@-</p>
*/
Name: string | undefined;
/**
* <p>An IAM policy in JSON format that you want to use as an inline session policy.</p>

@@ -869,39 +878,2 @@ * <p>You must pass an inline or managed <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session policy</a> to

/**
* <p>A list of session tags. Each session tag consists of a key name and an associated value.
* For more information about session tags, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in the
* <i>IAM User Guide</i>.</p>
* <p>This parameter is optional. You can pass up to 50 session tags. The plain text session
* tag keys can’t exceed 128 characters and the values can’t exceed 256 characters. For these
* and additional limits, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p>
*
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*
* <p>You can pass a session tag with the same key as a tag that is already attached to the
* user you are federating. When you do, session tags override a user tag with the same key. </p>
* <p>Tag key–value pairs are not case sensitive, but case is preserved. This means that you
* cannot have separate <code>Department</code> and <code>department</code> tag keys. Assume
* that the role has the <code>Department</code>=<code>Marketing</code> tag and you pass the
* <code>department</code>=<code>engineering</code> session tag. <code>Department</code>
* and <code>department</code> are not saved as separate tags, and the session tag passed in
* the request takes precedence over the role tag.</p>
*/
Tags?: Tag[];
/**
* <p>The name of the federated user. The name is used as an identifier for the temporary
* security credentials (such as <code>Bob</code>). For example, you can reference the
* federated user name in a resource-based policy, such as in an Amazon S3 bucket policy.</p>
* <p>The regex used to validate this parameter is a string of characters
* consisting of upper- and lower-case alphanumeric characters with no spaces. You can
* also include underscores or any of the following characters: =,.@-</p>
*/
Name: string | undefined;
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a

@@ -949,2 +921,30 @@ * managed session policy. The policies must exist in the same account as the IAM user that

DurationSeconds?: number;
/**
* <p>A list of session tags. Each session tag consists of a key name and an associated value.
* For more information about session tags, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in the
* <i>IAM User Guide</i>.</p>
* <p>This parameter is optional. You can pass up to 50 session tags. The plain text session
* tag keys can’t exceed 128 characters and the values can’t exceed 256 characters. For these
* and additional limits, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p>
*
* <note>
* <p>An AWS conversion compresses the passed session policies and session tags into a
* packed binary format that has a separate limit. Your request can fail for this limit
* even if your plain text meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for your
* request are to the upper size limit.
* </p>
* </note>
*
* <p>You can pass a session tag with the same key as a tag that is already attached to the
* user you are federating. When you do, session tags override a user tag with the same key. </p>
* <p>Tag key–value pairs are not case sensitive, but case is preserved. This means that you
* cannot have separate <code>Department</code> and <code>department</code> tag keys. Assume
* that the role has the <code>Department</code>=<code>Marketing</code> tag and you pass the
* <code>department</code>=<code>engineering</code> session tag. <code>Department</code>
* and <code>department</code> are not saved as separate tags, and the session tag passed in
* the request takes precedence over the role tag.</p>
*/
Tags?: Tag[];
}

@@ -988,8 +988,2 @@ export declare namespace GetFederationTokenRequest {

/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
/**
* <p>Identifiers for the federated user associated with the credentials (such as

@@ -1001,2 +995,8 @@ * <code>arn:aws:sts::123456789012:federated-user/Bob</code> or

FederatedUser?: FederatedUser;
/**
* <p>A percentage value that indicates the packed size of the session policies and session
* tags combined passed in the request. The request fails if the packed size is greater than 100 percent,
* which means the policies and tags exceeded the allowed space.</p>
*/
PackedPolicySize?: number;
}

@@ -1008,2 +1008,10 @@ export declare namespace GetFederationTokenResponse {

/**
* <p>The duration, in seconds, that the credentials should remain valid. Acceptable durations
* for IAM user sessions range from 900 seconds (15 minutes) to 129,600 seconds (36 hours),
* with 43,200 seconds (12 hours) as the default. Sessions for AWS account owners are
* restricted to a maximum of 3,600 seconds (one hour). If the duration is longer than one
* hour, the session for AWS account owners defaults to one hour.</p>
*/
DurationSeconds?: number;
/**
* <p>The identification number of the MFA device that is associated with the IAM user who

@@ -1022,10 +1030,2 @@ * is making the <code>GetSessionToken</code> call. Specify this value if the IAM user has a

/**
* <p>The duration, in seconds, that the credentials should remain valid. Acceptable durations
* for IAM user sessions range from 900 seconds (15 minutes) to 129,600 seconds (36 hours),
* with 43,200 seconds (12 hours) as the default. Sessions for AWS account owners are
* restricted to a maximum of 3,600 seconds (one hour). If the duration is longer than one
* hour, the session for AWS account owners defaults to one hour.</p>
*/
DurationSeconds?: number;
/**
* <p>The value provided by the MFA device, if MFA is required. If any policy requires the

@@ -1032,0 +1032,0 @@ * IAM user to submit an MFA code, specify this value. If MFA authentication is required,

dist/cjs/protocols/Aws_query.js.map

Sorry, the diff of this file is not supported yet

dist/es/protocols/Aws_query.js

Sorry, the diff of this file is too big to display

dist/es/protocols/Aws_query.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc