feat(types): update identity types (#4189)

Author: Steven Yuan

packages/credential-provider-cognito-identity/src/fromCognitoIdentity.ts

@@ -1,11 +1,11 @@
 import { GetCredentialsForIdentityCommand } from "@aws-sdk/client-cognito-identity";
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
-import { Credentials, Provider } from "@aws-sdk/types";
+import { AwsCredentialIdentity, Provider } from "@aws-sdk/types";
 
 import { CognitoProviderParameters } from "./CognitoProviderParameters";
 import { resolveLogins } from "./resolveLogins";
 
-export interface CognitoIdentityCredentials extends Credentials {
+export interface CognitoIdentityCredentials extends AwsCredentialIdentity {
   /**
    * The Cognito ID returned by the last call to AWS.CognitoIdentity.getOpenIdToken().
    */

packages/credential-provider-env/src/fromEnv.ts

@@ -1,5 +1,5 @@
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
-import { CredentialProvider } from "@aws-sdk/types";
+import { AwsCredentialIdentityProvider } from "@aws-sdk/types";
 
 export const ENV_KEY = "AWS_ACCESS_KEY_ID";
 export const ENV_SECRET = "AWS_SECRET_ACCESS_KEY";
@@ -11,7 +11,7 @@ export const ENV_EXPIRATION = "AWS_CREDENTIAL_EXPIRATION";
  * `AWS_ACCESS_KEY_ID` or `AWS_SECRET_ACCESS_KEY` environment variable is not
  * set in this process, the provider will return a rejected promise.
  */
-export const fromEnv = (): CredentialProvider => async () => {
+export const fromEnv = (): AwsCredentialIdentityProvider => async () => {
   const accessKeyId: string | undefined = process.env[ENV_KEY];
   const secretAccessKey: string | undefined = process.env[ENV_SECRET];
   const sessionToken: string | undefined = process.env[ENV_SESSION];

packages/credential-provider-imds/src/fromContainerMetadata.ts

@@ -1,5 +1,5 @@
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
-import { CredentialProvider } from "@aws-sdk/types";
+import { AwsCredentialIdentityProvider } from "@aws-sdk/types";
 import { RequestOptions } from "http";
 import { parse } from "url";
 
@@ -16,7 +16,7 @@ export const ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
  * Creates a credential provider that will source credentials from the ECS
  * Container Metadata Service
  */
-export const fromContainerMetadata = (init: RemoteProviderInit = {}): CredentialProvider => {
+export const fromContainerMetadata = (init: RemoteProviderInit = {}): AwsCredentialIdentityProvider => {
   const { timeout, maxRetries } = providerConfigFromInit(init);
   return () =>
     retry(async () => {

packages/credential-provider-imds/src/fromInstanceMetadata.ts

@@ -1,5 +1,5 @@
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
-import { Credentials, Provider } from "@aws-sdk/types";
+import { AwsCredentialIdentity, Provider } from "@aws-sdk/types";
 import { RequestOptions } from "http";
 
 import { httpRequest } from "./remoteProvider/httpRequest";
@@ -42,7 +42,7 @@ const getInstanceImdsProvider = (init: RemoteProviderInit) => {
     ).trim();
 
     return retry(async () => {
-      let creds: Credentials;
+      let creds: AwsCredentialIdentity;
       try {
         creds = await getCredentialsFromProfile(profile, options);
       } catch (err) {

packages/credential-provider-imds/src/remoteProvider/ImdsCredentials.spec.ts

@@ -1,4 +1,4 @@
-import { Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity } from "@aws-sdk/types";
 
 import { fromImdsCredentials, ImdsCredentials, isImdsCredentials } from "./ImdsCredentials";
 
@@ -39,7 +39,7 @@ describe("isImdsCredentials", () => {
 
 describe("fromImdsCredentials", () => {
   it("should convert IMDS credentials to a credentials object", () => {
-    const converted: Credentials = fromImdsCredentials(creds);
+    const converted: AwsCredentialIdentity = fromImdsCredentials(creds);
     expect(converted.accessKeyId).toEqual(creds.AccessKeyId);
     expect(converted.secretAccessKey).toEqual(creds.SecretAccessKey);
     expect(converted.sessionToken).toEqual(creds.Token);

packages/credential-provider-imds/src/remoteProvider/ImdsCredentials.ts

@@ -1,4 +1,4 @@
-import { Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity } from "@aws-sdk/types";
 
 export interface ImdsCredentials {
   AccessKeyId: string;
@@ -15,7 +15,7 @@ export const isImdsCredentials = (arg: any): arg is ImdsCredentials =>
   typeof arg.Token === "string" &&
   typeof arg.Expiration === "string";
 
-export const fromImdsCredentials = (creds: ImdsCredentials): Credentials => ({
+export const fromImdsCredentials = (creds: ImdsCredentials): AwsCredentialIdentity => ({
   accessKeyId: creds.AccessKeyId,
   secretAccessKey: creds.SecretAccessKey,
   sessionToken: creds.Token,

packages/credential-provider-imds/src/types.ts

@@ -1,5 +1,5 @@
-import { Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity } from "@aws-sdk/types";
 
-export interface InstanceMetadataCredentials extends Credentials {
+export interface InstanceMetadataCredentials extends AwsCredentialIdentity {
   readonly originalExpiration?: Date;
 }

packages/credential-provider-imds/src/utils/staticStabilityProvider.ts

@@ -1,4 +1,4 @@
-import { Credentials, Logger, Provider } from "@aws-sdk/types";
+import { AwsCredentialIdentity, Logger, Provider } from "@aws-sdk/types";
 
 import { InstanceMetadataCredentials } from "../types";
 import { getExtendedInstanceMetadataCredentials } from "./getExtendedInstanceMetadataCredentials";

packages/credential-provider-ini/src/fromIni.spec.ts

@@ -1,5 +1,5 @@
 import { getProfileName, parseKnownFiles } from "@aws-sdk/shared-ini-file-loader";
-import { Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity } from "@aws-sdk/types";
 
 import { fromIni } from "./fromIni";
 import { resolveProfileData } from "./resolveProfileData";
@@ -51,7 +51,7 @@ describe(fromIni.name, () => {
   });
 
   it("returns resolved process creds", async () => {
-    const expectedCreds: Credentials = {
+    const expectedCreds: AwsCredentialIdentity = {
       accessKeyId: "mockAccessKeyId",
       secretAccessKey: "mockSecretAccessKey",
     };

packages/credential-provider-ini/src/fromIni.ts

@@ -1,6 +1,6 @@
 import { AssumeRoleWithWebIdentityParams } from "@aws-sdk/credential-provider-web-identity";
 import { getProfileName, parseKnownFiles, SourceProfileInit } from "@aws-sdk/shared-ini-file-loader";
-import { CredentialProvider, Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity, AwsCredentialIdentityProvider } from "@aws-sdk/types";
 
 import { AssumeRoleParams } from "./resolveAssumeRoleCredentials";
 import { resolveProfileData } from "./resolveProfileData";
@@ -23,7 +23,7 @@ export interface FromIniInit extends SourceProfileInit {
    * @param sourceCreds The credentials with which to assume a role.
    * @param params
    */
-  roleAssumer?: (sourceCreds: Credentials, params: AssumeRoleParams) => Promise<Credentials>;
+  roleAssumer?: (sourceCreds: AwsCredentialIdentity, params: AssumeRoleParams) => Promise<AwsCredentialIdentity>;
 
   /**
    * A function that assumes a role with web identity and returns a promise fulfilled with
@@ -32,15 +32,15 @@ export interface FromIniInit extends SourceProfileInit {
    * @param sourceCreds The credentials with which to assume a role.
    * @param params
    */
-  roleAssumerWithWebIdentity?: (params: AssumeRoleWithWebIdentityParams) => Promise<Credentials>;
+  roleAssumerWithWebIdentity?: (params: AssumeRoleWithWebIdentityParams) => Promise<AwsCredentialIdentity>;
 }
 
 /**
  * Creates a credential provider that will read from ini files and supports
  * role assumption and multi-factor authentication.
  */
 export const fromIni =
-  (init: FromIniInit = {}): CredentialProvider =>
+  (init: FromIniInit = {}): AwsCredentialIdentityProvider =>
   async () => {
     const profiles = await parseKnownFiles(init);
     return resolveProfileData(getProfileName(init), profiles, init);

packages/credential-provider-ini/src/resolveCredentialSource.ts

@@ -1,7 +1,7 @@
 import { fromEnv } from "@aws-sdk/credential-provider-env";
 import { fromContainerMetadata, fromInstanceMetadata } from "@aws-sdk/credential-provider-imds";
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
-import { CredentialProvider } from "@aws-sdk/types";
+import { AwsCredentialIdentityProvider } from "@aws-sdk/types";
 
 /**
  * Resolve the `credential_source` entry from the profile, and return the
@@ -10,8 +10,8 @@ import { CredentialProvider } from "@aws-sdk/types";
  * fromIni() provider. The source credential needs to be refreshed every time
  * fromIni() is called.
  */
-export const resolveCredentialSource = (credentialSource: string, profileName: string): CredentialProvider => {
-  const sourceProvidersMap: Record<string, () => CredentialProvider> = {
+export const resolveCredentialSource = (credentialSource: string, profileName: string): AwsCredentialIdentityProvider => {
+  const sourceProvidersMap: Record<string, () => AwsCredentialIdentityProvider> = {
     EcsContainer: fromContainerMetadata,
     Ec2InstanceMetadata: fromInstanceMetadata,
     Environment: fromEnv,

packages/credential-provider-ini/src/resolveProfileData.ts

@@ -1,5 +1,5 @@
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
-import { Credentials, ParsedIniData } from "@aws-sdk/types";
+import { AwsCredentialIdentity, ParsedIniData } from "@aws-sdk/types";
 
 import { FromIniInit } from "./fromIni";
 import { isAssumeRoleProfile, resolveAssumeRoleCredentials } from "./resolveAssumeRoleCredentials";
@@ -12,7 +12,7 @@ export const resolveProfileData = async (
   profiles: ParsedIniData,
   options: FromIniInit,
   visitedProfiles: Record<string, true> = {}
-): Promise<Credentials> => {
+): Promise<AwsCredentialIdentity> => {
   const data = profiles[profileName];
 
   // If this is not the first profile visited, static credentials should be

packages/credential-provider-ini/src/resolveSsoCredentials.spec.ts

@@ -1,5 +1,5 @@
 import { fromSSO, isSsoProfile as origIsSsoProfile, validateSsoProfile } from "@aws-sdk/credential-provider-sso";
-import { Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity } from "@aws-sdk/types";
 
 import { isSsoProfile, resolveSsoCredentials } from "./resolveSsoCredentials";
 
@@ -79,7 +79,7 @@ describe(resolveSsoCredentials.name, () => {
     const mockProfile = getMockOriginalSsoProfile();
     const mockValidatedProfile = getMockValidatedSsoProfile();
 
-    const mockCreds: Credentials = {
+    const mockCreds: AwsCredentialIdentity = {
       accessKeyId: "mockAccessKeyId",
       secretAccessKey: "mockSecretAccessKey",
     };
@@ -104,7 +104,7 @@ describe(resolveSsoCredentials.name, () => {
       sso_session: "test-session",
     });
 
-    const mockCreds: Credentials = {
+    const mockCreds: AwsCredentialIdentity = {
       accessKeyId: "mockAccessKeyId",
       secretAccessKey: "mockSecretAccessKey",
     };

packages/credential-provider-ini/src/resolveStaticCredentials.ts

@@ -1,4 +1,4 @@
-import { Credentials, Profile } from "@aws-sdk/types";
+import { AwsCredentialIdentity, Profile } from "@aws-sdk/types";
 
 export interface StaticCredsProfile extends Profile {
   aws_access_key_id: string;
@@ -13,7 +13,7 @@ export const isStaticCredsProfile = (arg: any): arg is StaticCredsProfile =>
   typeof arg.aws_secret_access_key === "string" &&
   ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1;
 
-export const resolveStaticCredentials = (profile: StaticCredsProfile): Promise<Credentials> =>
+export const resolveStaticCredentials = (profile: StaticCredsProfile): Promise<AwsCredentialIdentity> =>
   Promise.resolve({
     accessKeyId: profile.aws_access_key_id,
     secretAccessKey: profile.aws_secret_access_key,

packages/credential-provider-ini/src/resolveWebIdentityCredentials.spec.ts

@@ -1,5 +1,5 @@
 import { fromTokenFile } from "@aws-sdk/credential-provider-web-identity";
-import { Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity } from "@aws-sdk/types";
 
 import { isWebIdentityProfile, resolveWebIdentityCredentials } from "./resolveWebIdentityCredentials";
 
@@ -42,7 +42,7 @@ describe(isWebIdentityProfile.name, () => {
 });
 
 describe(resolveWebIdentityCredentials.name, () => {
-  const mockCreds: Credentials = {
+  const mockCreds: AwsCredentialIdentity = {
     accessKeyId: "mockAccessKeyId",
     secretAccessKey: "mockSecretAccessKey",
   };

packages/credential-provider-ini/src/resolveWebIdentityCredentials.ts

@@ -1,5 +1,5 @@
 import { fromTokenFile } from "@aws-sdk/credential-provider-web-identity";
-import { Credentials, Profile } from "@aws-sdk/types";
+import { AwsCredentialIdentity, Profile } from "@aws-sdk/types";
 
 import { FromIniInit } from "./fromIni";
 
@@ -19,7 +19,7 @@ export const isWebIdentityProfile = (arg: any): arg is WebIdentityProfile =>
 export const resolveWebIdentityCredentials = async (
   profile: WebIdentityProfile,
   options: FromIniInit
-): Promise<Credentials> =>
+): Promise<AwsCredentialIdentity> =>
   fromTokenFile({
     webIdentityTokenFile: profile.web_identity_token_file,
     roleArn: profile.role_arn,

packages/credential-provider-node/src/defaultProvider.ts

@@ -6,7 +6,7 @@ import { fromSSO, FromSSOInit } from "@aws-sdk/credential-provider-sso";
 import { fromTokenFile, FromTokenFileInit } from "@aws-sdk/credential-provider-web-identity";
 import { chain, CredentialsProviderError, memoize } from "@aws-sdk/property-provider";
 import { ENV_PROFILE } from "@aws-sdk/shared-ini-file-loader";
-import { Credentials, MemoizedProvider } from "@aws-sdk/types";
+import { AwsCredentialIdentity, MemoizedProvider } from "@aws-sdk/types";
 
 import { remoteProvider } from "./remoteProvider";
 
@@ -46,7 +46,7 @@ export type DefaultProviderInit = FromIniInit & RemoteProviderInit & FromProcess
  * @see {@link fromContainerMetadata}   The function used to source credentials from the
  *                              ECS Container Metadata Service
  */
-export const defaultProvider = (init: DefaultProviderInit = {}): MemoizedProvider<Credentials> =>
+export const defaultProvider = (init: DefaultProviderInit = {}): MemoizedProvider<AwsCredentialIdentity> =>
   memoize(
     chain(
       ...(init.profile || process.env[ENV_PROFILE] ? [] : [fromEnv()]),

packages/credential-provider-node/src/remoteProvider.ts

@@ -6,11 +6,11 @@ import {
   RemoteProviderInit,
 } from "@aws-sdk/credential-provider-imds";
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
-import { CredentialProvider } from "@aws-sdk/types";
+import { AwsCredentialIdentityProvider } from "@aws-sdk/types";
 
 export const ENV_IMDS_DISABLED = "AWS_EC2_METADATA_DISABLED";
 
-export const remoteProvider = (init: RemoteProviderInit): CredentialProvider => {
+export const remoteProvider = (init: RemoteProviderInit): AwsCredentialIdentityProvider => {
   if (process.env[ENV_CMDS_RELATIVE_URI] || process.env[ENV_CMDS_FULL_URI]) {
     return fromContainerMetadata(init);
   }

packages/credential-provider-process/src/fromProcess.spec.ts

@@ -1,5 +1,5 @@
 import { getProfileName, parseKnownFiles } from "@aws-sdk/shared-ini-file-loader";
-import { Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity } from "@aws-sdk/types";
 
 import { fromProcess } from "./fromProcess";
 import { resolveProcessCredentials } from "./resolveProcessCredentials";
@@ -51,7 +51,7 @@ describe(fromProcess.name, () => {
   });
 
   it("returns resolved process creds", async () => {
-    const expectedCreds: Credentials = {
+    const expectedCreds: AwsCredentialIdentity = {
       accessKeyId: "mockAccessKeyId",
       secretAccessKey: "mockSecretAccessKey",
     };

packages/credential-provider-process/src/fromProcess.ts

@@ -1,5 +1,5 @@
 import { getProfileName, parseKnownFiles, SourceProfileInit } from "@aws-sdk/shared-ini-file-loader";
-import { CredentialProvider } from "@aws-sdk/types";
+import { AwsCredentialIdentityProvider } from "@aws-sdk/types";
 
 import { resolveProcessCredentials } from "./resolveProcessCredentials";
 
@@ -10,7 +10,7 @@ export interface FromProcessInit extends SourceProfileInit {}
  * in ini files.
  */
 export const fromProcess =
-  (init: FromProcessInit = {}): CredentialProvider =>
+  (init: FromProcessInit = {}): AwsCredentialIdentityProvider =>
   async () => {
     const profiles = await parseKnownFiles(init);
     return resolveProcessCredentials(getProfileName(init), profiles);

packages/credential-provider-process/src/getValidatedProcessCredentials.spec.ts

@@ -1,4 +1,4 @@
-import { Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity } from "@aws-sdk/types";
 
 import { getValidatedProcessCredentials } from "./getValidatedProcessCredentials";
 import { ProcessCredentials } from "./ProcessCredentials";
@@ -47,7 +47,7 @@ describe(getValidatedProcessCredentials.name, () => {
   });
 
   describe("returns validated Process credentials", () => {
-    const getValidatedCredentials = (data: ProcessCredentials): Credentials => ({
+    const getValidatedCredentials = (data: ProcessCredentials): AwsCredentialIdentity => ({
       accessKeyId: data.AccessKeyId,
       secretAccessKey: data.SecretAccessKey,
       ...(data.SessionToken && { sessionToken: data.SessionToken }),

packages/credential-provider-process/src/getValidatedProcessCredentials.ts

@@ -1,8 +1,8 @@
-import { Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity } from "@aws-sdk/types";
 
 import { ProcessCredentials } from "./ProcessCredentials";
 
-export const getValidatedProcessCredentials = (profileName: string, data: ProcessCredentials): Credentials => {
+export const getValidatedProcessCredentials = (profileName: string, data: ProcessCredentials): AwsCredentialIdentity => {
   if (data.Version !== 1) {
     throw Error(`Profile ${profileName} credential_process did not return Version 1.`);
   }

packages/credential-provider-process/src/resolveProcessCredentials.spec.ts

@@ -1,5 +1,5 @@
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
-import { Credentials } from "@aws-sdk/types";
+import { AwsCredentialIdentity } from "@aws-sdk/types";
 import { promisify } from "util";
 
 import { getValidatedProcessCredentials } from "./getValidatedProcessCredentials";
@@ -103,7 +103,7 @@ describe(resolveProcessCredentials.name, () => {
   });
 
   it("returns data from getValidatedProcessCredentials", async () => {
-    const expectedCreds: Credentials = {
+    const expectedCreds: AwsCredentialIdentity = {
       accessKeyId: "mockAccessKeyId",
       secretAccessKey: "mockSecretAccessKey",
     };

packages/credential-provider-process/src/resolveProcessCredentials.ts

@@ -1,12 +1,12 @@
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
-import { Credentials, ParsedIniData } from "@aws-sdk/types";
+import { AwsCredentialIdentity, ParsedIniData } from "@aws-sdk/types";
 import { exec } from "child_process";
 import { promisify } from "util";
 
 import { getValidatedProcessCredentials } from "./getValidatedProcessCredentials";
 import { ProcessCredentials } from "./ProcessCredentials";
 
-export const resolveProcessCredentials = async (profileName: string, profiles: ParsedIniData): Promise<Credentials> => {
+export const resolveProcessCredentials = async (profileName: string, profiles: ParsedIniData): Promise<AwsCredentialIdentity> => {
   const profile = profiles[profileName];
 
   if (profiles[profileName]) {