@aws-sdk/client-sts/dist-cjs/commands/GetAccessKeyInfoCommand.js

AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.GetAccessKeyInfoCommand = void 0;
const middleware_serde_1 = require("@aws-sdk/middleware-serde");
const middleware_signing_1 = require("@aws-sdk/middleware-signing");
const smithy_client_1 = require("@aws-sdk/smithy-client");
const models_0_1 = require("../models/models_0");
const Aws_query_1 = require("../protocols/Aws_query");
/**
 * <p>Returns the account identifier for the specified access key ID.</p>
 *         <p>Access keys consist of two parts: an access key ID (for example,
 *                 <code>AKIAIOSFODNN7EXAMPLE</code>) and a secret access key (for example,
 *                 <code>wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY</code>). For more information about
 *             access keys, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html">Managing Access Keys for IAM
 *                 Users</a> in the <i>IAM User Guide</i>.</p>
 *         <p>When you pass an access key ID to this operation, it returns the ID of the Amazon Web Services
 *             account to which the keys belong. Access key IDs beginning with <code>AKIA</code> are
 *             long-term credentials for an IAM user or the Amazon Web Services account root user. Access key IDs
 *             beginning with <code>ASIA</code> are temporary credentials that are created using STS
 *             operations. If the account in the response belongs to you, you can sign in as the root
 *             user and review your root user access keys. Then, you can pull a <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html">credentials report</a> to learn which IAM user owns the keys. To learn who
 *             requested the temporary credentials for an <code>ASIA</code> access key, view the STS
 *             events in your <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html">CloudTrail logs</a> in the
 *                 <i>IAM User Guide</i>.</p>
 *         <p>This operation does not indicate the state of the access key. The key might be active,
 *             inactive, or deleted. Active keys might not have permissions to perform an operation.
 *             Providing a deleted access key might return an error that the key doesn't exist.</p>
 * @example
 * Use a bare-bones client and the command you need to make an API call.
 * ```javascript
 * import { STSClient, GetAccessKeyInfoCommand } from "@aws-sdk/client-sts"; // ES Modules import
 * // const { STSClient, GetAccessKeyInfoCommand } = require("@aws-sdk/client-sts"); // CommonJS import
 * const client = new STSClient(config);
 * const command = new GetAccessKeyInfoCommand(input);
 * const response = await client.send(command);
 * ```
 *
 * @see {@link GetAccessKeyInfoCommandInput} for command's `input` shape.
 * @see {@link GetAccessKeyInfoCommandOutput} for command's `response` shape.
 * @see {@link STSClientResolvedConfig | config} for command's `input` shape.
 *
 */
class GetAccessKeyInfoCommand extends smithy_client_1.Command {
    // Start section: command_properties
    // End section: command_properties
    constructor(input) {
        // Start section: command_constructor
        super();
        this.input = input;
        // End section: command_constructor
    }
    /**
     * @internal
     */
    resolveMiddleware(clientStack, configuration, options) {
        this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
        this.middlewareStack.use(middleware_signing_1.getAwsAuthPlugin(configuration));
        const stack = clientStack.concat(this.middlewareStack);
        const { logger } = configuration;
        const clientName = "STSClient";
        const commandName = "GetAccessKeyInfoCommand";
        const handlerExecutionContext = {
            logger,
            clientName,
            commandName,
            inputFilterSensitiveLog: models_0_1.GetAccessKeyInfoRequest.filterSensitiveLog,
            outputFilterSensitiveLog: models_0_1.GetAccessKeyInfoResponse.filterSensitiveLog,
        };
        const { requestHandler } = configuration;
        return stack.resolve((request) => requestHandler.handle(request.request, options || {}), handlerExecutionContext);
    }
    serialize(input, context) {
        return Aws_query_1.serializeAws_queryGetAccessKeyInfoCommand(input, context);
    }
    deserialize(output, context) {
        return Aws_query_1.deserializeAws_queryGetAccessKeyInfoCommand(output, context);
    }
}
exports.GetAccessKeyInfoCommand = GetAccessKeyInfoCommand;