UNPKG

@smythos/cli

Version:

SmythOS SRE Command Line Interface

github.com/smythos/sre

smythos/sre

3 lines (2 loc) 32.2 kB
1
2
3
#!/usr/bin/env node "use strict";var ee=Object.defineProperty;var T=(S,R)=>ee(S,"name",{value:R,configurable:!0});var commands_agent=require("./agent.index.cjs");require("buffer");require("stream");require("node:stream");require("http");require("https");require("http2");require("os");require("path");require("crypto");var _package=require("./package2.cjs"),noAuth=require("./noAuth2.cjs"),createAggregatedClient=require("./create-aggregated-client.cjs");require("./index2.cjs");require("node:url");require("node:fs");require("node:fs/promises");require("node:util");require("node:path");require("fs");require("node:os");require("tty");require("util");require("inspector");require("node:perf_hooks");require("url");require("node:readline");require("node:process");require("node:tty");require("./index3.cjs");require("./index4.cjs");require("events");require("string_decoder");require("zlib");require("assert");require("process");require("querystring");require("net");require("tls");require("dns");require("fs/promises");require("child_process");require("punycode");require("node:stream/web");require("node:events");require("timers");require("node:crypto");require("readline");require("./index5.cjs");require("./index6.cjs");const defaultSTSHttpAuthSchemeParametersProvider=T(async(S,R,P)=>({operation:commands_agent.getSmithyContext(R).operation,region:await commands_agent.normalizeProvider(S.region)()||(()=>{throw new Error("expected `region` to be configured for `aws.auth#sigv4`")})()}),"defaultSTSHttpAuthSchemeParametersProvider");function createAwsAuthSigv4HttpAuthOption(S){return{schemeId:"aws.auth#sigv4",signingProperties:{name:"sts",region:S.region},propertiesExtractor:T((R,P)=>({signingProperties:{config:R,context:P}}),"propertiesExtractor")}}T(createAwsAuthSigv4HttpAuthOption,"createAwsAuthSigv4HttpAuthOption");function createSmithyApiNoAuthHttpAuthOption(S){return{schemeId:"smithy.api#noAuth"}}T(createSmithyApiNoAuthHttpAuthOption,"createSmithyApiNoAuthHttpAuthOption");const defaultSTSHttpAuthSchemeProvider=T(S=>{const R=[];switch(S.operation){case"AssumeRoleWithWebIdentity":{R.push(createSmithyApiNoAuthHttpAuthOption());break}default:R.push(createAwsAuthSigv4HttpAuthOption(S))}return R},"defaultSTSHttpAuthSchemeProvider"),resolveStsAuthConfig=T(S=>Object.assign(S,{stsClientCtor:STSClient}),"resolveStsAuthConfig"),resolveHttpAuthSchemeConfig=T(S=>{const R=resolveStsAuthConfig(S),P=commands_agent.resolveAwsSdkSigV4Config$1(R);return Object.assign(P,{authSchemePreference:commands_agent.normalizeProvider(S.authSchemePreference??[])})},"resolveHttpAuthSchemeConfig"),resolveClientEndpointParameters=T(S=>Object.assign(S,{useDualstackEndpoint:S.useDualstackEndpoint??!1,useFipsEndpoint:S.useFipsEndpoint??!1,useGlobalEndpoint:S.useGlobalEndpoint??!1,defaultSigningName:"sts"}),"resolveClientEndpointParameters"),commonParams={UseGlobalEndpoint:{type:"builtInParams",name:"useGlobalEndpoint"},UseFIPS:{type:"builtInParams",name:"useFipsEndpoint"},Endpoint:{type:"builtInParams",name:"endpoint"},Region:{type:"builtInParams",name:"region"},UseDualStack:{type:"builtInParams",name:"useDualstackEndpoint"}},F="required",G="type",H="fn",I="argv",J="ref",a=!1,b=!0,c="booleanEquals",d="stringEquals",e="sigv4",f="sts",g="us-east-1",h="endpoint",i="https://sts.{Region}.{PartitionResult#dnsSuffix}",j="tree",k="error",l="getAttr",m={[F]:!1,[G]:"String"},n={[F]:!0,default:!1,[G]:"Boolean"},o={[J]:"Endpoint"},p={[H]:"isSet",[I]:[{[J]:"Region"}]},q={[J]:"Region"},r={[H]:"aws.partition",[I]:[q],assign:"PartitionResult"},s={[J]:"UseFIPS"},t={[J]:"UseDualStack"},u={url:"https://sts.amazonaws.com",properties:{authSchemes:[{name:e,signingName:f,signingRegion:g}]},headers:{}},v={},w={conditions:[{[H]:d,[I]:[q,"aws-global"]}],[h]:u,[G]:h},x={[H]:c,[I]:[s,!0]},y={[H]:c,[I]:[t,!0]},z={[H]:l,[I]:[{[J]:"PartitionResult"},"supportsFIPS"]},A={[J]:"PartitionResult"},B={[H]:c,[I]:[!0,{[H]:l,[I]:[A,"supportsDualStack"]}]},C=[{[H]:"isSet",[I]:[o]}],D=[x],E=[y],_data={parameters:{Region:m,UseDualStack:n,UseFIPS:n,Endpoint:m,UseGlobalEndpoint:n},rules:[{conditions:[{[H]:c,[I]:[{[J]:"UseGlobalEndpoint"},b]},{[H]:"not",[I]:C},p,r,{[H]:c,[I]:[s,a]},{[H]:c,[I]:[t,a]}],rules:[{conditions:[{[H]:d,[I]:[q,"ap-northeast-1"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"ap-south-1"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"ap-southeast-1"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"ap-southeast-2"]}],endpoint:u,[G]:h},w,{conditions:[{[H]:d,[I]:[q,"ca-central-1"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"eu-central-1"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"eu-north-1"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"eu-west-1"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"eu-west-2"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"eu-west-3"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"sa-east-1"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,g]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"us-east-2"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"us-west-1"]}],endpoint:u,[G]:h},{conditions:[{[H]:d,[I]:[q,"us-west-2"]}],endpoint:u,[G]:h},{endpoint:{url:i,properties:{authSchemes:[{name:e,signingName:f,signingRegion:"{Region}"}]},headers:v},[G]:h}],[G]:j},{conditions:C,rules:[{conditions:D,error:"Invalid Configuration: FIPS and custom endpoint are not supported",[G]:k},{conditions:E,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",[G]:k},{endpoint:{url:o,properties:v,headers:v},[G]:h}],[G]:j},{conditions:[p],rules:[{conditions:[r],rules:[{conditions:[x,y],rules:[{conditions:[{[H]:c,[I]:[b,z]},B],rules:[{endpoint:{url:"https://sts-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:v,headers:v},[G]:h}],[G]:j},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",[G]:k}],[G]:j},{conditions:D,rules:[{conditions:[{[H]:c,[I]:[z,b]}],rules:[{conditions:[{[H]:d,[I]:[{[H]:l,[I]:[A,"name"]},"aws-us-gov"]}],endpoint:{url:"https://sts.{Region}.amazonaws.com",properties:v,headers:v},[G]:h},{endpoint:{url:"https://sts-fips.{Region}.{PartitionResult#dnsSuffix}",properties:v,headers:v},[G]:h}],[G]:j},{error:"FIPS is enabled but this partition does not support FIPS",[G]:k}],[G]:j},{conditions:E,rules:[{conditions:[B],rules:[{endpoint:{url:"https://sts.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:v,headers:v},[G]:h}],[G]:j},{error:"DualStack is enabled but this partition does not support DualStack",[G]:k}],[G]:j},w,{endpoint:{url:i,properties:v,headers:v},[G]:h}],[G]:j}],[G]:j},{error:"Invalid Configuration: Missing Region",[G]:k}]},ruleSet=_data,cache=new commands_agent.EndpointCache({size:50,params:["Endpoint","Region","UseDualStack","UseFIPS","UseGlobalEndpoint"]}),defaultEndpointResolver=T((S,R={})=>cache.get(S,()=>commands_agent.resolveEndpoint(ruleSet,{endpointParams:S,logger:R.logger})),"defaultEndpointResolver");commands_agent.customEndpointFunctions.aws=commands_agent.awsEndpointFunctions$1;const getRuntimeConfig$1=T(S=>({apiVersion:"2011-06-15",base64Decoder:S?.base64Decoder??commands_agent.fromBase64,base64Encoder:S?.base64Encoder??commands_agent.toBase64,disableHostPrefix:S?.disableHostPrefix??!1,endpointProvider:S?.endpointProvider??defaultEndpointResolver,extensions:S?.extensions??[],httpAuthSchemeProvider:S?.httpAuthSchemeProvider??defaultSTSHttpAuthSchemeProvider,httpAuthSchemes:S?.httpAuthSchemes??[{schemeId:"aws.auth#sigv4",identityProvider:T(R=>R.getIdentityProvider("aws.auth#sigv4"),"identityProvider"),signer:new commands_agent.AwsSdkSigV4Signer$1},{schemeId:"smithy.api#noAuth",identityProvider:T(R=>R.getIdentityProvider("smithy.api#noAuth")||(async()=>({})),"identityProvider"),signer:new noAuth.NoAuthSigner}],logger:S?.logger??new commands_agent.NoOpLogger,serviceId:S?.serviceId??"STS",urlParser:S?.urlParser??commands_agent.parseUrl,utf8Decoder:S?.utf8Decoder??commands_agent.fromUtf8,utf8Encoder:S?.utf8Encoder??commands_agent.toUtf8}),"getRuntimeConfig$1"),getRuntimeConfig=T(S=>{commands_agent.emitWarningIfUnsupportedVersion(process.version);const R=commands_agent.resolveDefaultsModeConfig(S),P=T(()=>R().then(commands_agent.loadConfigsForDefaultMode),"defaultConfigProvider"),O=getRuntimeConfig$1(S);commands_agent.emitWarningIfUnsupportedVersion$2(process.version);const $={profile:S?.profile,logger:O.logger};return{...O,...S,runtime:"node",defaultsMode:R,authSchemePreference:S?.authSchemePreference??commands_agent.loadConfig(commands_agent.NODE_AUTH_SCHEME_PREFERENCE_OPTIONS$1,$),bodyLengthChecker:S?.bodyLengthChecker??commands_agent.calculateBodyLength,defaultUserAgentProvider:S?.defaultUserAgentProvider??commands_agent.createDefaultUserAgentProvider$1({serviceId:O.serviceId,clientVersion:_package.packageInfo.version}),httpAuthSchemes:S?.httpAuthSchemes??[{schemeId:"aws.auth#sigv4",identityProvider:T(W=>W.getIdentityProvider("aws.auth#sigv4")||(async N=>await S.credentialDefaultProvider(N?.__config||{})()),"identityProvider"),signer:new commands_agent.AwsSdkSigV4Signer$1},{schemeId:"smithy.api#noAuth",identityProvider:T(W=>W.getIdentityProvider("smithy.api#noAuth")||(async()=>({})),"identityProvider"),signer:new noAuth.NoAuthSigner}],maxAttempts:S?.maxAttempts??commands_agent.loadConfig(commands_agent.NODE_MAX_ATTEMPT_CONFIG_OPTIONS,S),region:S?.region??commands_agent.loadConfig(commands_agent.NODE_REGION_CONFIG_OPTIONS,{...commands_agent.NODE_REGION_CONFIG_FILE_OPTIONS,...$}),requestHandler:commands_agent.NodeHttpHandler.create(S?.requestHandler??P),retryMode:S?.retryMode??commands_agent.loadConfig({...commands_agent.NODE_RETRY_MODE_CONFIG_OPTIONS,default:T(async()=>(await P()).retryMode||commands_agent.DEFAULT_RETRY_MODE,"default")},S),sha256:S?.sha256??commands_agent.Hash.bind(null,"sha256"),streamCollector:S?.streamCollector??commands_agent.streamCollector,useDualstackEndpoint:S?.useDualstackEndpoint??commands_agent.loadConfig(commands_agent.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS,$),useFipsEndpoint:S?.useFipsEndpoint??commands_agent.loadConfig(commands_agent.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS,$),userAgentAppId:S?.userAgentAppId??commands_agent.loadConfig(commands_agent.NODE_APP_ID_CONFIG_OPTIONS$1,$)}},"getRuntimeConfig"),getHttpAuthExtensionConfiguration=T(S=>{const R=S.httpAuthSchemes;let P=S.httpAuthSchemeProvider,O=S.credentials;return{setHttpAuthScheme($){const W=R.findIndex(N=>N.schemeId===$.schemeId);W===-1?R.push($):R.splice(W,1,$)},httpAuthSchemes(){return R},setHttpAuthSchemeProvider($){P=$},httpAuthSchemeProvider(){return P},setCredentials($){O=$},credentials(){return O}}},"getHttpAuthExtensionConfiguration"),resolveHttpAuthRuntimeConfig=T(S=>({httpAuthSchemes:S.httpAuthSchemes(),httpAuthSchemeProvider:S.httpAuthSchemeProvider(),credentials:S.credentials()}),"resolveHttpAuthRuntimeConfig"),resolveRuntimeExtensions=T((S,R)=>{const P=Object.assign(commands_agent.getAwsRegionExtensionConfiguration(S),commands_agent.getDefaultExtensionConfiguration(S),commands_agent.getHttpHandlerExtensionConfiguration(S),getHttpAuthExtensionConfiguration(S));return R.forEach(O=>O.configure(P)),Object.assign(S,commands_agent.resolveAwsRegionExtensionConfiguration(P),commands_agent.resolveDefaultRuntimeConfig(P),commands_agent.resolveHttpHandlerRuntimeConfig(P),resolveHttpAuthRuntimeConfig(P))},"resolveRuntimeExtensions");class STSClient extends commands_agent.Client{static{T(this,"STSClient")}config;constructor(...[R]){const P=getRuntimeConfig(R||{});super(P),this.initConfig=P;const O=resolveClientEndpointParameters(P),$=commands_agent.resolveUserAgentConfig$1(O),W=commands_agent.resolveRetryConfig($),N=commands_agent.resolveRegionConfig(W),U=commands_agent.resolveHostHeaderConfig(N),L=commands_agent.resolveEndpointConfig(U),K=resolveHttpAuthSchemeConfig(L),M=resolveRuntimeExtensions(K,R?.extensions||[]);this.config=M,this.middlewareStack.use(commands_agent.getUserAgentPlugin$1(this.config)),this.middlewareStack.use(commands_agent.getRetryPlugin(this.config)),this.middlewareStack.use(commands_agent.getContentLengthPlugin(this.config)),this.middlewareStack.use(commands_agent.getHostHeaderPlugin(this.config)),this.middlewareStack.use(commands_agent.getLoggerPlugin(this.config)),this.middlewareStack.use(commands_agent.getRecursionDetectionPlugin(this.config)),this.middlewareStack.use(commands_agent.getHttpAuthSchemeEndpointRuleSetPlugin$1(this.config,{httpAuthSchemeParametersProvider:defaultSTSHttpAuthSchemeParametersProvider,identityProviderConfigProvider:T(async V=>new commands_agent.DefaultIdentityProviderConfig$1({"aws.auth#sigv4":V.credentials}),"identityProviderConfigProvider")})),this.middlewareStack.use(commands_agent.getHttpSigningPlugin$1(this.config))}destroy(){super.destroy()}}class STSServiceException extends commands_agent.ServiceException{static{T(this,"STSServiceException")}constructor(R){super(R),Object.setPrototypeOf(this,STSServiceException.prototype)}}const CredentialsFilterSensitiveLog=T(S=>({...S,...S.SecretAccessKey&&{SecretAccessKey:commands_agent.SENSITIVE_STRING}}),"CredentialsFilterSensitiveLog"),AssumeRoleResponseFilterSensitiveLog=T(S=>({...S,...S.Credentials&&{Credentials:CredentialsFilterSensitiveLog(S.Credentials)}}),"AssumeRoleResponseFilterSensitiveLog");class ExpiredTokenException extends STSServiceException{static{T(this,"ExpiredTokenException")}name="ExpiredTokenException";$fault="client";constructor(R){super({name:"ExpiredTokenException",$fault:"client",...R}),Object.setPrototypeOf(this,ExpiredTokenException.prototype)}}class MalformedPolicyDocumentException extends STSServiceException{static{T(this,"MalformedPolicyDocumentException")}name="MalformedPolicyDocumentException";$fault="client";constructor(R){super({name:"MalformedPolicyDocumentException",$fault:"client",...R}),Object.setPrototypeOf(this,MalformedPolicyDocumentException.prototype)}}class PackedPolicyTooLargeException extends STSServiceException{static{T(this,"PackedPolicyTooLargeException")}name="PackedPolicyTooLargeException";$fault="client";constructor(R){super({name:"PackedPolicyTooLargeException",$fault:"client",...R}),Object.setPrototypeOf(this,PackedPolicyTooLargeException.prototype)}}class RegionDisabledException extends STSServiceException{static{T(this,"RegionDisabledException")}name="RegionDisabledException";$fault="client";constructor(R){super({name:"RegionDisabledException",$fault:"client",...R}),Object.setPrototypeOf(this,RegionDisabledException.prototype)}}class IDPRejectedClaimException extends STSServiceException{static{T(this,"IDPRejectedClaimException")}name="IDPRejectedClaimException";$fault="client";constructor(R){super({name:"IDPRejectedClaimException",$fault:"client",...R}),Object.setPrototypeOf(this,IDPRejectedClaimException.prototype)}}class InvalidIdentityTokenException extends STSServiceException{static{T(this,"InvalidIdentityTokenException")}name="InvalidIdentityTokenException";$fault="client";constructor(R){super({name:"InvalidIdentityTokenException",$fault:"client",...R}),Object.setPrototypeOf(this,InvalidIdentityTokenException.prototype)}}const AssumeRoleWithWebIdentityRequestFilterSensitiveLog=T(S=>({...S,...S.WebIdentityToken&&{WebIdentityToken:commands_agent.SENSITIVE_STRING}}),"AssumeRoleWithWebIdentityRequestFilterSensitiveLog"),AssumeRoleWithWebIdentityResponseFilterSensitiveLog=T(S=>({...S,...S.Credentials&&{Credentials:CredentialsFilterSensitiveLog(S.Credentials)}}),"AssumeRoleWithWebIdentityResponseFilterSensitiveLog");class IDPCommunicationErrorException extends STSServiceException{static{T(this,"IDPCommunicationErrorException")}name="IDPCommunicationErrorException";$fault="client";constructor(R){super({name:"IDPCommunicationErrorException",$fault:"client",...R}),Object.setPrototypeOf(this,IDPCommunicationErrorException.prototype)}}const se_AssumeRoleCommand=T(async(S,R)=>{const P=SHARED_HEADERS;let O;return O=buildFormUrlencodedString({...se_AssumeRoleRequest(S),[_A]:_AR,[_V]:_}),buildHttpRpcRequest(R,P,"/",void 0,O)},"se_AssumeRoleCommand"),se_AssumeRoleWithWebIdentityCommand=T(async(S,R)=>{const P=SHARED_HEADERS;let O;return O=buildFormUrlencodedString({...se_AssumeRoleWithWebIdentityRequest(S),[_A]:_ARWWI,[_V]:_}),buildHttpRpcRequest(R,P,"/",void 0,O)},"se_AssumeRoleWithWebIdentityCommand"),de_AssumeRoleCommand=T(async(S,R)=>{if(S.statusCode>=300)return de_CommandError(S,R);const P=await commands_agent.parseXmlBody$1(S.body,R);let O={};return O=de_AssumeRoleResponse(P.AssumeRoleResult),{$metadata:deserializeMetadata(S),...O}},"de_AssumeRoleCommand"),de_AssumeRoleWithWebIdentityCommand=T(async(S,R)=>{if(S.statusCode>=300)return de_CommandError(S,R);const P=await commands_agent.parseXmlBody$1(S.body,R);let O={};return O=de_AssumeRoleWithWebIdentityResponse(P.AssumeRoleWithWebIdentityResult),{$metadata:deserializeMetadata(S),...O}},"de_AssumeRoleWithWebIdentityCommand"),de_CommandError=T(async(S,R)=>{const P={...S,body:await commands_agent.parseXmlErrorBody$1(S.body,R)},O=loadQueryErrorCode(S,P.body);switch(O){case"ExpiredTokenException":case"com.amazonaws.sts#ExpiredTokenException":throw await de_ExpiredTokenExceptionRes(P);case"MalformedPolicyDocument":case"com.amazonaws.sts#MalformedPolicyDocumentException":throw await de_MalformedPolicyDocumentExceptionRes(P);case"PackedPolicyTooLarge":case"com.amazonaws.sts#PackedPolicyTooLargeException":throw await de_PackedPolicyTooLargeExceptionRes(P);case"RegionDisabledException":case"com.amazonaws.sts#RegionDisabledException":throw await de_RegionDisabledExceptionRes(P);case"IDPCommunicationError":case"com.amazonaws.sts#IDPCommunicationErrorException":throw await de_IDPCommunicationErrorExceptionRes(P);case"IDPRejectedClaim":case"com.amazonaws.sts#IDPRejectedClaimException":throw await de_IDPRejectedClaimExceptionRes(P);case"InvalidIdentityToken":case"com.amazonaws.sts#InvalidIdentityTokenException":throw await de_InvalidIdentityTokenExceptionRes(P);default:const $=P.body;return throwDefaultError({output:S,parsedBody:$.Error,errorCode:O})}},"de_CommandError"),de_ExpiredTokenExceptionRes=T(async(S,R)=>{const P=S.body,O=de_ExpiredTokenException(P.Error),$=new ExpiredTokenException({$metadata:deserializeMetadata(S),...O});return commands_agent.decorateServiceException($,P)},"de_ExpiredTokenExceptionRes"),de_IDPCommunicationErrorExceptionRes=T(async(S,R)=>{const P=S.body,O=de_IDPCommunicationErrorException(P.Error),$=new IDPCommunicationErrorException({$metadata:deserializeMetadata(S),...O});return commands_agent.decorateServiceException($,P)},"de_IDPCommunicationErrorExceptionRes"),de_IDPRejectedClaimExceptionRes=T(async(S,R)=>{const P=S.body,O=de_IDPRejectedClaimException(P.Error),$=new IDPRejectedClaimException({$metadata:deserializeMetadata(S),...O});return commands_agent.decorateServiceException($,P)},"de_IDPRejectedClaimExceptionRes"),de_InvalidIdentityTokenExceptionRes=T(async(S,R)=>{const P=S.body,O=de_InvalidIdentityTokenException(P.Error),$=new InvalidIdentityTokenException({$metadata:deserializeMetadata(S),...O});return commands_agent.decorateServiceException($,P)},"de_InvalidIdentityTokenExceptionRes"),de_MalformedPolicyDocumentExceptionRes=T(async(S,R)=>{const P=S.body,O=de_MalformedPolicyDocumentException(P.Error),$=new MalformedPolicyDocumentException({$metadata:deserializeMetadata(S),...O});return commands_agent.decorateServiceException($,P)},"de_MalformedPolicyDocumentExceptionRes"),de_PackedPolicyTooLargeExceptionRes=T(async(S,R)=>{const P=S.body,O=de_PackedPolicyTooLargeException(P.Error),$=new PackedPolicyTooLargeException({$metadata:deserializeMetadata(S),...O});return commands_agent.decorateServiceException($,P)},"de_PackedPolicyTooLargeExceptionRes"),de_RegionDisabledExceptionRes=T(async(S,R)=>{const P=S.body,O=de_RegionDisabledException(P.Error),$=new RegionDisabledException({$metadata:deserializeMetadata(S),...O});return commands_agent.decorateServiceException($,P)},"de_RegionDisabledExceptionRes"),se_AssumeRoleRequest=T((S,R)=>{const P={};if(S[_RA]!=null&&(P[_RA]=S[_RA]),S[_RSN]!=null&&(P[_RSN]=S[_RSN]),S[_PA]!=null){const O=se_policyDescriptorListType(S[_PA]);S[_PA]?.length===0&&(P.PolicyArns=[]),Object.entries(O).forEach(([$,W])=>{const N=`PolicyArns.${$}`;P[N]=W})}if(S[_P]!=null&&(P[_P]=S[_P]),S[_DS]!=null&&(P[_DS]=S[_DS]),S[_T]!=null){const O=se_tagListType(S[_T]);S[_T]?.length===0&&(P.Tags=[]),Object.entries(O).forEach(([$,W])=>{const N=`Tags.${$}`;P[N]=W})}if(S[_TTK]!=null){const O=se_tagKeyListType(S[_TTK]);S[_TTK]?.length===0&&(P.TransitiveTagKeys=[]),Object.entries(O).forEach(([$,W])=>{const N=`TransitiveTagKeys.${$}`;P[N]=W})}if(S[_EI]!=null&&(P[_EI]=S[_EI]),S[_SN]!=null&&(P[_SN]=S[_SN]),S[_TC]!=null&&(P[_TC]=S[_TC]),S[_SI]!=null&&(P[_SI]=S[_SI]),S[_PC]!=null){const O=se_ProvidedContextsListType(S[_PC]);S[_PC]?.length===0&&(P.ProvidedContexts=[]),Object.entries(O).forEach(([$,W])=>{const N=`ProvidedContexts.${$}`;P[N]=W})}return P},"se_AssumeRoleRequest"),se_AssumeRoleWithWebIdentityRequest=T((S,R)=>{const P={};if(S[_RA]!=null&&(P[_RA]=S[_RA]),S[_RSN]!=null&&(P[_RSN]=S[_RSN]),S[_WIT]!=null&&(P[_WIT]=S[_WIT]),S[_PI]!=null&&(P[_PI]=S[_PI]),S[_PA]!=null){const O=se_policyDescriptorListType(S[_PA]);S[_PA]?.length===0&&(P.PolicyArns=[]),Object.entries(O).forEach(([$,W])=>{const N=`PolicyArns.${$}`;P[N]=W})}return S[_P]!=null&&(P[_P]=S[_P]),S[_DS]!=null&&(P[_DS]=S[_DS]),P},"se_AssumeRoleWithWebIdentityRequest"),se_policyDescriptorListType=T((S,R)=>{const P={};let O=1;for(const $ of S){if($===null)continue;const W=se_PolicyDescriptorType($);Object.entries(W).forEach(([N,U])=>{P[`member.${O}.${N}`]=U}),O++}return P},"se_policyDescriptorListType"),se_PolicyDescriptorType=T((S,R)=>{const P={};return S[_a]!=null&&(P[_a]=S[_a]),P},"se_PolicyDescriptorType"),se_ProvidedContext=T((S,R)=>{const P={};return S[_PAr]!=null&&(P[_PAr]=S[_PAr]),S[_CA]!=null&&(P[_CA]=S[_CA]),P},"se_ProvidedContext"),se_ProvidedContextsListType=T((S,R)=>{const P={};let O=1;for(const $ of S){if($===null)continue;const W=se_ProvidedContext($);Object.entries(W).forEach(([N,U])=>{P[`member.${O}.${N}`]=U}),O++}return P},"se_ProvidedContextsListType"),se_Tag=T((S,R)=>{const P={};return S[_K]!=null&&(P[_K]=S[_K]),S[_Va]!=null&&(P[_Va]=S[_Va]),P},"se_Tag"),se_tagKeyListType=T((S,R)=>{const P={};let O=1;for(const $ of S)$!==null&&(P[`member.${O}`]=$,O++);return P},"se_tagKeyListType"),se_tagListType=T((S,R)=>{const P={};let O=1;for(const $ of S){if($===null)continue;const W=se_Tag($);Object.entries(W).forEach(([N,U])=>{P[`member.${O}.${N}`]=U}),O++}return P},"se_tagListType"),de_AssumedRoleUser=T((S,R)=>{const P={};return S[_ARI]!=null&&(P[_ARI]=commands_agent.expectString(S[_ARI])),S[_Ar]!=null&&(P[_Ar]=commands_agent.expectString(S[_Ar])),P},"de_AssumedRoleUser"),de_AssumeRoleResponse=T((S,R)=>{const P={};return S[_C]!=null&&(P[_C]=de_Credentials(S[_C])),S[_ARU]!=null&&(P[_ARU]=de_AssumedRoleUser(S[_ARU])),S[_PPS]!=null&&(P[_PPS]=commands_agent.strictParseInt32(S[_PPS])),S[_SI]!=null&&(P[_SI]=commands_agent.expectString(S[_SI])),P},"de_AssumeRoleResponse"),de_AssumeRoleWithWebIdentityResponse=T((S,R)=>{const P={};return S[_C]!=null&&(P[_C]=de_Credentials(S[_C])),S[_SFWIT]!=null&&(P[_SFWIT]=commands_agent.expectString(S[_SFWIT])),S[_ARU]!=null&&(P[_ARU]=de_AssumedRoleUser(S[_ARU])),S[_PPS]!=null&&(P[_PPS]=commands_agent.strictParseInt32(S[_PPS])),S[_Pr]!=null&&(P[_Pr]=commands_agent.expectString(S[_Pr])),S[_Au]!=null&&(P[_Au]=commands_agent.expectString(S[_Au])),S[_SI]!=null&&(P[_SI]=commands_agent.expectString(S[_SI])),P},"de_AssumeRoleWithWebIdentityResponse"),de_Credentials=T((S,R)=>{const P={};return S[_AKI]!=null&&(P[_AKI]=commands_agent.expectString(S[_AKI])),S[_SAK]!=null&&(P[_SAK]=commands_agent.expectString(S[_SAK])),S[_ST]!=null&&(P[_ST]=commands_agent.expectString(S[_ST])),S[_E]!=null&&(P[_E]=commands_agent.expectNonNull(commands_agent.parseRfc3339DateTimeWithOffset(S[_E]))),P},"de_Credentials"),de_ExpiredTokenException=T((S,R)=>{const P={};return S[_m]!=null&&(P[_m]=commands_agent.expectString(S[_m])),P},"de_ExpiredTokenException"),de_IDPCommunicationErrorException=T((S,R)=>{const P={};return S[_m]!=null&&(P[_m]=commands_agent.expectString(S[_m])),P},"de_IDPCommunicationErrorException"),de_IDPRejectedClaimException=T((S,R)=>{const P={};return S[_m]!=null&&(P[_m]=commands_agent.expectString(S[_m])),P},"de_IDPRejectedClaimException"),de_InvalidIdentityTokenException=T((S,R)=>{const P={};return S[_m]!=null&&(P[_m]=commands_agent.expectString(S[_m])),P},"de_InvalidIdentityTokenException"),de_MalformedPolicyDocumentException=T((S,R)=>{const P={};return S[_m]!=null&&(P[_m]=commands_agent.expectString(S[_m])),P},"de_MalformedPolicyDocumentException"),de_PackedPolicyTooLargeException=T((S,R)=>{const P={};return S[_m]!=null&&(P[_m]=commands_agent.expectString(S[_m])),P},"de_PackedPolicyTooLargeException"),de_RegionDisabledException=T((S,R)=>{const P={};return S[_m]!=null&&(P[_m]=commands_agent.expectString(S[_m])),P},"de_RegionDisabledException"),deserializeMetadata=T(S=>({httpStatusCode:S.statusCode,requestId:S.headers["x-amzn-requestid"]??S.headers["x-amzn-request-id"]??S.headers["x-amz-request-id"],extendedRequestId:S.headers["x-amz-id-2"],cfId:S.headers["x-amz-cf-id"]}),"deserializeMetadata"),throwDefaultError=commands_agent.withBaseException(STSServiceException),buildHttpRpcRequest=T(async(S,R,P,O,$)=>{const{hostname:W,protocol:N="https",port:U,path:L}=await S.endpoint(),K={protocol:N,hostname:W,port:U,method:"POST",path:L.endsWith("/")?L.slice(0,-1)+P:L+P,headers:R};return $!==void 0&&(K.body=$),new commands_agent.HttpRequest(K)},"buildHttpRpcRequest"),SHARED_HEADERS={"content-type":"application/x-www-form-urlencoded"},_="2011-06-15",_A="Action",_AKI="AccessKeyId",_AR="AssumeRole",_ARI="AssumedRoleId",_ARU="AssumedRoleUser",_ARWWI="AssumeRoleWithWebIdentity",_Ar="Arn",_Au="Audience",_C="Credentials",_CA="ContextAssertion",_DS="DurationSeconds",_E="Expiration",_EI="ExternalId",_K="Key",_P="Policy",_PA="PolicyArns",_PAr="ProviderArn",_PC="ProvidedContexts",_PI="ProviderId",_PPS="PackedPolicySize",_Pr="Provider",_RA="RoleArn",_RSN="RoleSessionName",_SAK="SecretAccessKey",_SFWIT="SubjectFromWebIdentityToken",_SI="SourceIdentity",_SN="SerialNumber",_ST="SessionToken",_T="Tags",_TC="TokenCode",_TTK="TransitiveTagKeys",_V="Version",_Va="Value",_WIT="WebIdentityToken",_a="arn",_m="message",buildFormUrlencodedString=T(S=>Object.entries(S).map(([R,P])=>commands_agent.extendedEncodeURIComponent(R)+"="+commands_agent.extendedEncodeURIComponent(P)).join("&"),"buildFormUrlencodedString"),loadQueryErrorCode=T((S,R)=>{if(R.Error?.Code!==void 0)return R.Error.Code;if(S.statusCode==404)return"NotFound"},"loadQueryErrorCode");class AssumeRoleCommand extends commands_agent.Command.classBuilder().ep(commonParams).m(function(R,P,O,$){return[commands_agent.getSerdePlugin(O,this.serialize,this.deserialize),commands_agent.getEndpointPlugin(O,R.getEndpointParameterInstructions())]}).s("AWSSecurityTokenServiceV20110615","AssumeRole",{}).n("STSClient","AssumeRoleCommand").f(void 0,AssumeRoleResponseFilterSensitiveLog).ser(se_AssumeRoleCommand).de(de_AssumeRoleCommand).build(){static{T(this,"AssumeRoleCommand")}}class AssumeRoleWithWebIdentityCommand extends commands_agent.Command.classBuilder().ep(commonParams).m(function(R,P,O,$){return[commands_agent.getSerdePlugin(O,this.serialize,this.deserialize),commands_agent.getEndpointPlugin(O,R.getEndpointParameterInstructions())]}).s("AWSSecurityTokenServiceV20110615","AssumeRoleWithWebIdentity",{}).n("STSClient","AssumeRoleWithWebIdentityCommand").f(AssumeRoleWithWebIdentityRequestFilterSensitiveLog,AssumeRoleWithWebIdentityResponseFilterSensitiveLog).ser(se_AssumeRoleWithWebIdentityCommand).de(de_AssumeRoleWithWebIdentityCommand).build(){static{T(this,"AssumeRoleWithWebIdentityCommand")}}const commands={AssumeRoleCommand,AssumeRoleWithWebIdentityCommand};class STS extends STSClient{static{T(this,"STS")}}createAggregatedClient.createAggregatedClient(commands,STS);const ASSUME_ROLE_DEFAULT_REGION="us-east-1",getAccountIdFromAssumedRoleUser=T(S=>{if(typeof S?.Arn=="string"){const R=S.Arn.split(":");if(R.length>4&&R[4]!=="")return R[4]}},"getAccountIdFromAssumedRoleUser"),resolveRegion=T(async(S,R,P)=>{const O=typeof S=="function"?await S():S,$=typeof R=="function"?await R():R;return P?.debug?.("@aws-sdk/client-sts::resolveRegion","accepting first of:",`${O} (provider)`,`${$} (parent client)`,`${ASSUME_ROLE_DEFAULT_REGION} (STS default)`),O??$??ASSUME_ROLE_DEFAULT_REGION},"resolveRegion"),getDefaultRoleAssumer$1=T((S,R)=>{let P,O;return async($,W)=>{if(O=$,!P){const{logger:M=S?.parentClientConfig?.logger,region:V,requestHandler:X=S?.parentClientConfig?.requestHandler,credentialProviderLogger:Y}=S,Q=await resolveRegion(V,S?.parentClientConfig?.region,Y),Z=!isH2(X);P=new R({profile:S?.parentClientConfig?.profile,credentialDefaultProvider:T(()=>async()=>O,"credentialDefaultProvider"),region:Q,requestHandler:Z?X:void 0,logger:M})}const{Credentials:N,AssumedRoleUser:U}=await P.send(new AssumeRoleCommand(W));if(!N||!N.AccessKeyId||!N.SecretAccessKey)throw new Error(`Invalid response from STS.assumeRole call with role ${W.RoleArn}`);const L=getAccountIdFromAssumedRoleUser(U),K={accessKeyId:N.AccessKeyId,secretAccessKey:N.SecretAccessKey,sessionToken:N.SessionToken,expiration:N.Expiration,...N.CredentialScope&&{credentialScope:N.CredentialScope},...L&&{accountId:L}};return commands_agent.setCredentialFeature$1(K,"CREDENTIALS_STS_ASSUME_ROLE","i"),K}},"getDefaultRoleAssumer$1"),getDefaultRoleAssumerWithWebIdentity$1=T((S,R)=>{let P;return async O=>{if(!P){const{logger:L=S?.parentClientConfig?.logger,region:K,requestHandler:M=S?.parentClientConfig?.requestHandler,credentialProviderLogger:V}=S,X=await resolveRegion(K,S?.parentClientConfig?.region,V),Y=!isH2(M);P=new R({profile:S?.parentClientConfig?.profile,region:X,requestHandler:Y?M:void 0,logger:L})}const{Credentials:$,AssumedRoleUser:W}=await P.send(new AssumeRoleWithWebIdentityCommand(O));if(!$||!$.AccessKeyId||!$.SecretAccessKey)throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${O.RoleArn}`);const N=getAccountIdFromAssumedRoleUser(W),U={accessKeyId:$.AccessKeyId,secretAccessKey:$.SecretAccessKey,sessionToken:$.SessionToken,expiration:$.Expiration,...$.CredentialScope&&{credentialScope:$.CredentialScope},...N&&{accountId:N}};return N&&commands_agent.setCredentialFeature$1(U,"RESOLVED_ACCOUNT_ID","T"),commands_agent.setCredentialFeature$1(U,"CREDENTIALS_STS_ASSUME_ROLE_WEB_ID","k"),U}},"getDefaultRoleAssumerWithWebIdentity$1"),isH2=T(S=>S?.metadata?.handlerProtocol==="h2","isH2"),getCustomizableStsClientCtor=T((S,R)=>R?class extends S{static{T(this,"CustomizableSTSClient")}constructor(O){super(O);for(const $ of R)this.middlewareStack.use($)}}:S,"getCustomizableStsClientCtor"),getDefaultRoleAssumer=T((S={},R)=>getDefaultRoleAssumer$1(S,getCustomizableStsClientCtor(STSClient,R)),"getDefaultRoleAssumer"),getDefaultRoleAssumerWithWebIdentity=T((S={},R)=>getDefaultRoleAssumerWithWebIdentity$1(S,getCustomizableStsClientCtor(STSClient,R)),"getDefaultRoleAssumerWithWebIdentity");exports.$Command=commands_agent.Command;exports.__Client=commands_agent.Client;exports.AssumeRoleCommand=AssumeRoleCommand;exports.AssumeRoleResponseFilterSensitiveLog=AssumeRoleResponseFilterSensitiveLog;exports.AssumeRoleWithWebIdentityCommand=AssumeRoleWithWebIdentityCommand;exports.AssumeRoleWithWebIdentityRequestFilterSensitiveLog=AssumeRoleWithWebIdentityRequestFilterSensitiveLog;exports.AssumeRoleWithWebIdentityResponseFilterSensitiveLog=AssumeRoleWithWebIdentityResponseFilterSensitiveLog;exports.CredentialsFilterSensitiveLog=CredentialsFilterSensitiveLog;exports.ExpiredTokenException=ExpiredTokenException;exports.IDPCommunicationErrorException=IDPCommunicationErrorException;exports.IDPRejectedClaimException=IDPRejectedClaimException;exports.InvalidIdentityTokenException=InvalidIdentityTokenException;exports.MalformedPolicyDocumentException=MalformedPolicyDocumentException;exports.PackedPolicyTooLargeException=PackedPolicyTooLargeException;exports.RegionDisabledException=RegionDisabledException;exports.STS=STS;exports.STSClient=STSClient;exports.STSServiceException=STSServiceException;exports.getDefaultRoleAssumer=getDefaultRoleAssumer;exports.getDefaultRoleAssumerWithWebIdentity=getDefaultRoleAssumerWithWebIdentity;