From ed5b031c086e3caaebd012485e2989fbffd1e1f9 Mon Sep 17 00:00:00 2001 From: awstools Date: Thu, 18 May 2023 18:16:39 +0000 Subject: [PATCH] feat(client-sts): API updates for the AWS Security Token Service --- .../src/commands/AssumeRoleCommand.ts | 4 +- .../src/commands/AssumeRoleWithSAMLCommand.ts | 11 +- .../AssumeRoleWithWebIdentityCommand.ts | 11 +- .../src/commands/GetFederationTokenCommand.ts | 8 +- .../src/commands/GetSessionTokenCommand.ts | 8 +- clients/client-sts/src/models/models_0.ts | 66 +++++++- codegen/sdk-codegen/aws-models/sts.json | 157 +++++++++--------- 7 files changed, 176 insertions(+), 89 deletions(-) diff --git a/clients/client-sts/src/commands/AssumeRoleCommand.ts b/clients/client-sts/src/commands/AssumeRoleCommand.ts index ae5c6568048e..d38597d80f01 100644 --- a/clients/client-sts/src/commands/AssumeRoleCommand.ts +++ b/clients/client-sts/src/commands/AssumeRoleCommand.ts @@ -14,7 +14,7 @@ import { import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@smithy/protocol-http"; import { SerdeContext as __SerdeContext } from "@smithy/types"; -import { AssumeRoleRequest, AssumeRoleResponse } from "../models/models_0"; +import { AssumeRoleRequest, AssumeRoleResponse, AssumeRoleResponseFilterSensitiveLog } from "../models/models_0"; import { de_AssumeRoleCommand, se_AssumeRoleCommand } from "../protocols/Aws_query"; import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient"; @@ -302,7 +302,7 @@ export class AssumeRoleCommand extends $Command< clientName, commandName, inputFilterSensitiveLog: (_: any) => _, - outputFilterSensitiveLog: (_: any) => _, + outputFilterSensitiveLog: AssumeRoleResponseFilterSensitiveLog, }; const { requestHandler } = configuration; return stack.resolve( diff --git a/clients/client-sts/src/commands/AssumeRoleWithSAMLCommand.ts b/clients/client-sts/src/commands/AssumeRoleWithSAMLCommand.ts index 8ff6e6658340..e71adb92338d 100644 --- a/clients/client-sts/src/commands/AssumeRoleWithSAMLCommand.ts +++ b/clients/client-sts/src/commands/AssumeRoleWithSAMLCommand.ts @@ -13,7 +13,12 @@ import { import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@smithy/protocol-http"; import { SerdeContext as __SerdeContext } from "@smithy/types"; -import { AssumeRoleWithSAMLRequest, AssumeRoleWithSAMLResponse } from "../models/models_0"; +import { + AssumeRoleWithSAMLRequest, + AssumeRoleWithSAMLRequestFilterSensitiveLog, + AssumeRoleWithSAMLResponse, + AssumeRoleWithSAMLResponseFilterSensitiveLog, +} from "../models/models_0"; import { de_AssumeRoleWithSAMLCommand, se_AssumeRoleWithSAMLCommand } from "../protocols/Aws_query"; import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient"; @@ -332,8 +337,8 @@ export class AssumeRoleWithSAMLCommand extends $Command< logger, clientName, commandName, - inputFilterSensitiveLog: (_: any) => _, - outputFilterSensitiveLog: (_: any) => _, + inputFilterSensitiveLog: AssumeRoleWithSAMLRequestFilterSensitiveLog, + outputFilterSensitiveLog: AssumeRoleWithSAMLResponseFilterSensitiveLog, }; const { requestHandler } = configuration; return stack.resolve( diff --git a/clients/client-sts/src/commands/AssumeRoleWithWebIdentityCommand.ts b/clients/client-sts/src/commands/AssumeRoleWithWebIdentityCommand.ts index a37c90441ffa..62eb62b7c854 100644 --- a/clients/client-sts/src/commands/AssumeRoleWithWebIdentityCommand.ts +++ b/clients/client-sts/src/commands/AssumeRoleWithWebIdentityCommand.ts @@ -13,7 +13,12 @@ import { import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@smithy/protocol-http"; import { SerdeContext as __SerdeContext } from "@smithy/types"; -import { AssumeRoleWithWebIdentityRequest, AssumeRoleWithWebIdentityResponse } from "../models/models_0"; +import { + AssumeRoleWithWebIdentityRequest, + AssumeRoleWithWebIdentityRequestFilterSensitiveLog, + AssumeRoleWithWebIdentityResponse, + AssumeRoleWithWebIdentityResponseFilterSensitiveLog, +} from "../models/models_0"; import { de_AssumeRoleWithWebIdentityCommand, se_AssumeRoleWithWebIdentityCommand } from "../protocols/Aws_query"; import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient"; @@ -341,8 +346,8 @@ export class AssumeRoleWithWebIdentityCommand extends $Command< logger, clientName, commandName, - inputFilterSensitiveLog: (_: any) => _, - outputFilterSensitiveLog: (_: any) => _, + inputFilterSensitiveLog: AssumeRoleWithWebIdentityRequestFilterSensitiveLog, + outputFilterSensitiveLog: AssumeRoleWithWebIdentityResponseFilterSensitiveLog, }; const { requestHandler } = configuration; return stack.resolve( diff --git a/clients/client-sts/src/commands/GetFederationTokenCommand.ts b/clients/client-sts/src/commands/GetFederationTokenCommand.ts index af7d998ca785..e0de4382bacd 100644 --- a/clients/client-sts/src/commands/GetFederationTokenCommand.ts +++ b/clients/client-sts/src/commands/GetFederationTokenCommand.ts @@ -14,7 +14,11 @@ import { import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@smithy/protocol-http"; import { SerdeContext as __SerdeContext } from "@smithy/types"; -import { GetFederationTokenRequest, GetFederationTokenResponse } from "../models/models_0"; +import { + GetFederationTokenRequest, + GetFederationTokenResponse, + GetFederationTokenResponseFilterSensitiveLog, +} from "../models/models_0"; import { de_GetFederationTokenCommand, se_GetFederationTokenCommand } from "../protocols/Aws_query"; import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient"; @@ -278,7 +282,7 @@ export class GetFederationTokenCommand extends $Command< clientName, commandName, inputFilterSensitiveLog: (_: any) => _, - outputFilterSensitiveLog: (_: any) => _, + outputFilterSensitiveLog: GetFederationTokenResponseFilterSensitiveLog, }; const { requestHandler } = configuration; return stack.resolve( diff --git a/clients/client-sts/src/commands/GetSessionTokenCommand.ts b/clients/client-sts/src/commands/GetSessionTokenCommand.ts index ee7df623ecf3..5e65c623a177 100644 --- a/clients/client-sts/src/commands/GetSessionTokenCommand.ts +++ b/clients/client-sts/src/commands/GetSessionTokenCommand.ts @@ -14,7 +14,11 @@ import { import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@smithy/protocol-http"; import { SerdeContext as __SerdeContext } from "@smithy/types"; -import { GetSessionTokenRequest, GetSessionTokenResponse } from "../models/models_0"; +import { + GetSessionTokenRequest, + GetSessionTokenResponse, + GetSessionTokenResponseFilterSensitiveLog, +} from "../models/models_0"; import { de_GetSessionTokenCommand, se_GetSessionTokenCommand } from "../protocols/Aws_query"; import { ServiceInputTypes, ServiceOutputTypes, STSClientResolvedConfig } from "../STSClient"; @@ -205,7 +209,7 @@ export class GetSessionTokenCommand extends $Command< clientName, commandName, inputFilterSensitiveLog: (_: any) => _, - outputFilterSensitiveLog: (_: any) => _, + outputFilterSensitiveLog: GetSessionTokenResponseFilterSensitiveLog, }; const { requestHandler } = configuration; return stack.resolve( diff --git a/clients/client-sts/src/models/models_0.ts b/clients/client-sts/src/models/models_0.ts index 4378c6a3d08c..2119b265066c 100644 --- a/clients/client-sts/src/models/models_0.ts +++ b/clients/client-sts/src/models/models_0.ts @@ -1,5 +1,5 @@ // smithy-typescript generated code -import { ExceptionOptionType as __ExceptionOptionType } from "@aws-sdk/smithy-client"; +import { ExceptionOptionType as __ExceptionOptionType, SENSITIVE_STRING } from "@aws-sdk/smithy-client"; import { STSServiceException as __BaseException } from "./STSServiceException"; @@ -1216,3 +1216,67 @@ export interface GetSessionTokenResponse { */ Credentials?: Credentials; } + +/** + * @internal + */ +export const CredentialsFilterSensitiveLog = (obj: Credentials): any => ({ + ...obj, + ...(obj.SecretAccessKey && { SecretAccessKey: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const AssumeRoleResponseFilterSensitiveLog = (obj: AssumeRoleResponse): any => ({ + ...obj, + ...(obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }), +}); + +/** + * @internal + */ +export const AssumeRoleWithSAMLRequestFilterSensitiveLog = (obj: AssumeRoleWithSAMLRequest): any => ({ + ...obj, + ...(obj.SAMLAssertion && { SAMLAssertion: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const AssumeRoleWithSAMLResponseFilterSensitiveLog = (obj: AssumeRoleWithSAMLResponse): any => ({ + ...obj, + ...(obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }), +}); + +/** + * @internal + */ +export const AssumeRoleWithWebIdentityRequestFilterSensitiveLog = (obj: AssumeRoleWithWebIdentityRequest): any => ({ + ...obj, + ...(obj.WebIdentityToken && { WebIdentityToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const AssumeRoleWithWebIdentityResponseFilterSensitiveLog = (obj: AssumeRoleWithWebIdentityResponse): any => ({ + ...obj, + ...(obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }), +}); + +/** + * @internal + */ +export const GetFederationTokenResponseFilterSensitiveLog = (obj: GetFederationTokenResponse): any => ({ + ...obj, + ...(obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }), +}); + +/** + * @internal + */ +export const GetSessionTokenResponseFilterSensitiveLog = (obj: GetSessionTokenResponse): any => ({ + ...obj, + ...(obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }), +}); diff --git a/codegen/sdk-codegen/aws-models/sts.json b/codegen/sdk-codegen/aws-models/sts.json index 5773c54202dd..d41c06bf3679 100644 --- a/codegen/sdk-codegen/aws-models/sts.json +++ b/codegen/sdk-codegen/aws-models/sts.json @@ -1701,8 +1701,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -1720,10 +1720,10 @@ } ], "params": { - "Region": "ap-northeast-1", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "ap-northeast-1" } }, { @@ -1733,8 +1733,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -1752,10 +1752,10 @@ } ], "params": { - "Region": "ap-south-1", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "ap-south-1" } }, { @@ -1765,8 +1765,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -1784,10 +1784,10 @@ } ], "params": { - "Region": "ap-southeast-1", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "ap-southeast-1" } }, { @@ -1797,8 +1797,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -1816,10 +1816,10 @@ } ], "params": { - "Region": "ap-southeast-2", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "ap-southeast-2" } }, { @@ -1829,8 +1829,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -1848,10 +1848,10 @@ } ], "params": { - "Region": "aws-global", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "aws-global" } }, { @@ -1861,8 +1861,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -1880,10 +1880,10 @@ } ], "params": { - "Region": "ca-central-1", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "ca-central-1" } }, { @@ -1893,8 +1893,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -1912,10 +1912,10 @@ } ], "params": { - "Region": "eu-central-1", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "eu-central-1" } }, { @@ -1925,8 +1925,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -1944,10 +1944,10 @@ } ], "params": { - "Region": "eu-north-1", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "eu-north-1" } }, { @@ -1957,8 +1957,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -1976,10 +1976,10 @@ } ], "params": { - "Region": "eu-west-1", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "eu-west-1" } }, { @@ -1989,8 +1989,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -2008,10 +2008,10 @@ } ], "params": { - "Region": "eu-west-2", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "eu-west-2" } }, { @@ -2021,8 +2021,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -2040,10 +2040,10 @@ } ], "params": { - "Region": "eu-west-3", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "eu-west-3" } }, { @@ -2053,8 +2053,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -2072,10 +2072,10 @@ } ], "params": { - "Region": "sa-east-1", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "sa-east-1" } }, { @@ -2085,8 +2085,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -2104,10 +2104,10 @@ } ], "params": { - "Region": "us-east-1", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "us-east-1" } }, { @@ -2117,8 +2117,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -2136,10 +2136,10 @@ } ], "params": { - "Region": "us-east-2", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "us-east-2" } }, { @@ -2149,8 +2149,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -2168,10 +2168,10 @@ } ], "params": { - "Region": "us-west-1", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "us-west-1" } }, { @@ -2181,8 +2181,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-1", + "signingName": "sts", "name": "sigv4" } ] @@ -2200,10 +2200,10 @@ } ], "params": { - "Region": "us-west-2", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "us-west-2" } }, { @@ -2213,8 +2213,8 @@ "properties": { "authSchemes": [ { - "signingName": "sts", "signingRegion": "us-east-3", + "signingName": "sts", "name": "sigv4" } ] @@ -2232,10 +2232,10 @@ } ], "params": { - "Region": "us-east-3", - "UseFIPS": false, + "UseGlobalEndpoint": true, "UseDualStack": false, - "UseGlobalEndpoint": true + "UseFIPS": false, + "Region": "us-east-3" } }, { @@ -2256,10 +2256,10 @@ } ], "params": { - "Region": "us-west-1", - "UseFIPS": false, - "UseDualStack": false, "UseGlobalEndpoint": true, + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-west-1", "Endpoint": "https://example.com" } }, @@ -2272,9 +2272,9 @@ }, "params": { "Endpoint": "https://example.com", - "UseFIPS": false, + "UseGlobalEndpoint": false, "UseDualStack": false, - "UseGlobalEndpoint": false + "UseFIPS": false } } ], @@ -3224,7 +3224,8 @@ "smithy.api#length": { "min": 4, "max": 100000 - } + }, + "smithy.api#sensitive": {} } }, "com.amazonaws.sts#Subject": { @@ -3266,7 +3267,10 @@ } }, "com.amazonaws.sts#accessKeySecretType": { - "type": "string" + "type": "string", + "traits": { + "smithy.api#sensitive": {} + } }, "com.amazonaws.sts#accountType": { "type": "string" @@ -3297,7 +3301,8 @@ "smithy.api#length": { "min": 4, "max": 20000 - } + }, + "smithy.api#sensitive": {} } }, "com.amazonaws.sts#dateType": {