Support for AWS SDK 3 KMS client

[PhilLavoie]

Problem:

The current KmsKeyringNode keyring implementation only supports the old style AWS SDK 2 client, or it isn't clear how to make it work with the client from v3. I'm assuming it's the same for the browser implementation.

Solution:

Either distribute a @aws-crypto/kms-keyring-v3 that we can use with the existing buildClient() function, or make it easy and document how to implement KmsKeyringXXX with a v3 client. As it stands currently, the KmsKeyringNode prevents this by its type declaration:

declare const KmsKeyringNode_base: import("@aws-crypto/kms-keyring").KmsKeyRingConstructible<NodeAlgorithmSuite, KMS>;
export declare class KmsKeyringNode extends KmsKeyringNode_base {
    constructor({ clientProvider, keyIds, generatorKeyId, grantTokens, discovery, }?: KmsKeyringNodeInput);
}

Where KMS refers to the v2 client.

Thanks!

[dbartholomae]

This would also be helpful to be able to use this with AWS SSO, since SDK v2 did not have full support for that yet.

[seebees]

This will be fixed with #1043
It does not remove the v2 dependency, that will require a major version change

[brianfrantz]

Is there an ETA on pushing this out? (Looks like the PR is ready to go?)

I'm blocked as it isn't picking up my SSO config. @dbartholomae Do you know of any workarounds to getting SSO to work?

[dbartholomae]

@brianfrantz For me, SSO works with the newest version. I assume that it was backported to the AWS SDK client version 2 at some point.

[brianfrantz]

Thanks - you gave me hope to keep looking. Turns out I was missing AWS_SDK_LOAD_CONFIG=1 in my environment. Looks like it works now.

[texastony]

@PhilLavoie & @dbartholomae
We have released AWS SKD V3 support in ESDK-JS 3.2.0.
Note: The ESDK-JS still lists the AWS SDK V2 as a dependency.
We will release a new major version that removes this V2 dependency
as a breaking change.