docs(client-sts): Doc only change to update wording in a key topic

Author: awstools

clients/client-sts/src/STS.ts

@@ -49,11 +49,10 @@ import { STSClient } from "./STSClient";
 export class STS extends STSClient {
   /**
    * <p>Returns a set of temporary security credentials that you can use to access Amazon Web Services
-   *          resources that you might not normally have access to. These temporary credentials consist
-   *          of an access key ID, a secret access key, and a security token. Typically, you use
-   *             <code>AssumeRole</code> within your account or for cross-account access. For a
-   *          comparison of <code>AssumeRole</code> with other API operations that produce temporary
-   *          credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting Temporary Security
+   *          resources. These temporary credentials consist of an access key ID, a secret access key,
+   *          and a security token. Typically, you use <code>AssumeRole</code> within your account or for
+   *          cross-account access. For a comparison of <code>AssumeRole</code> with other API operations
+   *          that produce temporary credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting Temporary Security
    *             Credentials</a> and <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison">Comparing the
    *             Amazon Web Services STS API operations</a> in the <i>IAM User Guide</i>.</p>
    *          <p>
@@ -103,7 +102,6 @@ export class STS extends STSClient {
    *          additional identity-based policy is required. For more information about trust policies and
    *          resource-based policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html">IAM Policies</a> in the
    *             <i>IAM User Guide</i>.</p>
-   *
    *          <p>
    *             <b>Tags</b>
    *          </p>
@@ -242,15 +240,13 @@ export class STS extends STSClient {
    *          characters and the values can’t exceed 256 characters. For these and additional limits, see
    *             <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
    *             and STS Character Limits</a> in the <i>IAM User Guide</i>.</p>
-   *
    *          <note>
    *             <p>An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs,
    *             and session tags into a packed binary format that has a separate limit. Your request can
    *             fail for this limit even if your plaintext meets the other requirements. The
    *                <code>PackedPolicySize</code> response element indicates by percentage how close the
    *             policies and tags for your request are to the upper size limit.</p>
    *          </note>
-   *
    *          <p>You can pass a session tag with the same key as a tag that is attached to the role. When
    *          you do, session tags override the role's tags with the same key.</p>
    *          <p>An administrator must grant you the permissions necessary to pass session tags. The
@@ -396,15 +392,13 @@ export class STS extends STSClient {
    *          characters and the values can’t exceed 256 characters. For these and additional limits, see
    *             <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
    *             and STS Character Limits</a> in the <i>IAM User Guide</i>.</p>
-   *
    *          <note>
    *             <p>An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs,
    *             and session tags into a packed binary format that has a separate limit. Your request can
    *             fail for this limit even if your plaintext meets the other requirements. The
    *                <code>PackedPolicySize</code> response element indicates by percentage how close the
    *             policies and tags for your request are to the upper size limit.</p>
    *          </note>
-   *
    *          <p>You can pass a session tag with the same key as a tag that is attached to the role. When
    *          you do, the session tag overrides the role tag with the same key.</p>
    *          <p>An administrator must grant you the permissions necessary to pass session tags. The
@@ -682,15 +676,16 @@ export class STS extends STSClient {
    *             <b>Permissions</b>
    *          </p>
    *          <p>You can use the temporary credentials created by <code>GetFederationToken</code> in any
-   *          Amazon Web Services service except the following:</p>
+   *          Amazon Web Services service with the following exceptions:</p>
    *          <ul>
    *             <li>
-   *                <p>You cannot call any IAM operations using the CLI or the Amazon Web Services API. </p>
+   *                <p>You cannot call any IAM operations using the CLI or the Amazon Web Services API. This limitation does not apply to console sessions.</p>
    *             </li>
    *             <li>
    *                <p>You cannot call any STS operations except <code>GetCallerIdentity</code>.</p>
    *             </li>
    *          </ul>
+   *          <p>You can use temporary credentials for single sign-on (SSO) to the console.</p>
    *          <p>You must pass an inline or managed <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session policy</a> to
    *          this operation. You can pass a single JSON policy document to use as an inline session
    *          policy. You can also specify up to 10 managed policy Amazon Resource Names (ARNs) to use as

clients/client-sts/src/commands/AssumeRoleCommand.ts

@@ -28,11 +28,10 @@ export interface AssumeRoleCommandOutput extends AssumeRoleResponse, __MetadataB
 
 /**
  * <p>Returns a set of temporary security credentials that you can use to access Amazon Web Services
- *          resources that you might not normally have access to. These temporary credentials consist
- *          of an access key ID, a secret access key, and a security token. Typically, you use
- *             <code>AssumeRole</code> within your account or for cross-account access. For a
- *          comparison of <code>AssumeRole</code> with other API operations that produce temporary
- *          credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting Temporary Security
+ *          resources. These temporary credentials consist of an access key ID, a secret access key,
+ *          and a security token. Typically, you use <code>AssumeRole</code> within your account or for
+ *          cross-account access. For a comparison of <code>AssumeRole</code> with other API operations
+ *          that produce temporary credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting Temporary Security
  *             Credentials</a> and <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison">Comparing the
  *             Amazon Web Services STS API operations</a> in the <i>IAM User Guide</i>.</p>
  *          <p>
@@ -82,7 +81,6 @@ export interface AssumeRoleCommandOutput extends AssumeRoleResponse, __MetadataB
  *          additional identity-based policy is required. For more information about trust policies and
  *          resource-based policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html">IAM Policies</a> in the
  *             <i>IAM User Guide</i>.</p>
- *
  *          <p>
  *             <b>Tags</b>
  *          </p>

clients/client-sts/src/commands/AssumeRoleWithSAMLCommand.ts

@@ -108,15 +108,13 @@ export interface AssumeRoleWithSAMLCommandOutput extends AssumeRoleWithSAMLRespo
  *          characters and the values can’t exceed 256 characters. For these and additional limits, see
  *             <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
  *             and STS Character Limits</a> in the <i>IAM User Guide</i>.</p>
- *
  *          <note>
  *             <p>An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs,
  *             and session tags into a packed binary format that has a separate limit. Your request can
  *             fail for this limit even if your plaintext meets the other requirements. The
  *                <code>PackedPolicySize</code> response element indicates by percentage how close the
  *             policies and tags for your request are to the upper size limit.</p>
  *          </note>
- *
  *          <p>You can pass a session tag with the same key as a tag that is attached to the role. When
  *          you do, session tags override the role's tags with the same key.</p>
  *          <p>An administrator must grant you the permissions necessary to pass session tags. The

clients/client-sts/src/commands/AssumeRoleWithWebIdentityCommand.ts

@@ -100,15 +100,13 @@ export interface AssumeRoleWithWebIdentityCommandOutput extends AssumeRoleWithWe
  *          characters and the values can’t exceed 256 characters. For these and additional limits, see
  *             <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
  *             and STS Character Limits</a> in the <i>IAM User Guide</i>.</p>
- *
  *          <note>
  *             <p>An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs,
  *             and session tags into a packed binary format that has a separate limit. Your request can
  *             fail for this limit even if your plaintext meets the other requirements. The
  *                <code>PackedPolicySize</code> response element indicates by percentage how close the
  *             policies and tags for your request are to the upper size limit.</p>
  *          </note>
- *
  *          <p>You can pass a session tag with the same key as a tag that is attached to the role. When
  *          you do, the session tag overrides the role tag with the same key.</p>
  *          <p>An administrator must grant you the permissions necessary to pass session tags. The

clients/client-sts/src/commands/GetFederationTokenCommand.ts

@@ -64,15 +64,16 @@ export interface GetFederationTokenCommandOutput extends GetFederationTokenRespo
  *             <b>Permissions</b>
  *          </p>
  *          <p>You can use the temporary credentials created by <code>GetFederationToken</code> in any
- *          Amazon Web Services service except the following:</p>
+ *          Amazon Web Services service with the following exceptions:</p>
  *          <ul>
  *             <li>
- *                <p>You cannot call any IAM operations using the CLI or the Amazon Web Services API. </p>
+ *                <p>You cannot call any IAM operations using the CLI or the Amazon Web Services API. This limitation does not apply to console sessions.</p>
  *             </li>
  *             <li>
  *                <p>You cannot call any STS operations except <code>GetCallerIdentity</code>.</p>
  *             </li>
  *          </ul>
+ *          <p>You can use temporary credentials for single sign-on (SSO) to the console.</p>
  *          <p>You must pass an inline or managed <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session policy</a> to
  *          this operation. You can pass a single JSON policy document to use as an inline session
  *          policy. You can also specify up to 10 managed policy Amazon Resource Names (ARNs) to use as

clients/client-sts/src/endpoint/ruleset.ts

@@ -6,7 +6,8 @@ import { RuleSetObject } from "@aws-sdk/util-endpoints";
    or see "smithy.rules#endpointRuleSet"
    in codegen/sdk-codegen/aws-models/sts.json */
 
-const H="required",
+const G="required",
+H="type",
 I="fn",
 J="argv",
 K="ref",
@@ -18,32 +19,31 @@ c="PartitionResult",
 d="tree",
 e="booleanEquals",
 f="stringEquals",
-g="https://sts.amazonaws.com",
-h="sigv4",
+g="sigv4",
+h="us-east-1",
 i="sts",
-j="us-east-1",
-k="endpoint",
-l="https://sts.{Region}.{PartitionResult#dnsSuffix}",
-m="error",
-n="getAttr",
-o={[H]:false,"type":"String"},
-p={[H]:true,"default":false,"type":"Boolean"},
-q={[K]:"Region"},
-r={[K]:"UseFIPS"},
-s={[K]:"UseDualStack"},
-t={[I]:"isSet",[J]:[{[K]:"Endpoint"}]},
-u={[K]:"Endpoint"},
-v={"url":g,[L]:{"authSchemes":[{"name":h,"signingName":i,"signingRegion":j}]},[M]:{}},
-w={},
-x={[I]:e,[J]:[r,true]},
-y={[I]:e,[J]:[s,true]},
-z={[I]:e,[J]:[true,{[I]:n,[J]:[{[K]:c},"supportsFIPS"]}]},
+j="endpoint",
+k="https://sts.{Region}.{PartitionResult#dnsSuffix}",
+l="error",
+m="getAttr",
+n={[G]:false,[H]:"String"},
+o={[G]:true,"default":false,[H]:"Boolean"},
+p={[K]:"Region"},
+q={[K]:"UseFIPS"},
+r={[K]:"UseDualStack"},
+s={[I]:"isSet",[J]:[{[K]:"Endpoint"}]},
+t={[K]:"Endpoint"},
+u={"url":"https://sts.amazonaws.com",[L]:{"authSchemes":[{"name":g,"signingRegion":h,"signingName":i}]},[M]:{}},
+v={},
+w={"conditions":[{[I]:f,[J]:[p,"aws-global"]}],[j]:u,[H]:j},
+x={[I]:e,[J]:[q,true]},
+y={[I]:e,[J]:[r,true]},
+z={[I]:e,[J]:[true,{[I]:m,[J]:[{[K]:c},"supportsFIPS"]}]},
 A={[K]:c},
-B={[I]:e,[J]:[true,{[I]:n,[J]:[A,"supportsDualStack"]}]},
-C={"url":l,[L]:{},[M]:{}},
-D=[u],
-E=[{[I]:f,[J]:[q,"aws-global"]}],
-F=[x],
-G=[y];
-const _data={version:"1.0",parameters:{Region:o,UseDualStack:p,UseFIPS:p,Endpoint:o,UseGlobalEndpoint:p},rules:[{conditions:[{[I]:"aws.partition",[J]:[q],assign:c}],type:d,rules:[{conditions:[{[I]:e,[J]:[{[K]:"UseGlobalEndpoint"},b]},{[I]:e,[J]:[r,a]},{[I]:e,[J]:[s,a]},{[I]:"not",[J]:[t]}],type:d,rules:[{conditions:[{[I]:f,[J]:[q,"ap-northeast-1"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"ap-south-1"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"ap-southeast-1"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"ap-southeast-2"]}],endpoint:v,type:k},{conditions:E,endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"ca-central-1"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"eu-central-1"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"eu-north-1"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"eu-west-1"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"eu-west-2"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"eu-west-3"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"sa-east-1"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,j]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"us-east-2"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"us-west-1"]}],endpoint:v,type:k},{conditions:[{[I]:f,[J]:[q,"us-west-2"]}],endpoint:v,type:k},{endpoint:{url:l,[L]:{authSchemes:[{name:h,signingName:i,signingRegion:"{Region}"}]},[M]:w},type:k}]},{conditions:[t,{[I]:"parseURL",[J]:D,assign:"url"}],type:d,rules:[{conditions:F,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:m},{type:d,rules:[{conditions:G,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:m},{endpoint:{url:u,[L]:w,[M]:w},type:k}]}]},{conditions:[x,y],type:d,rules:[{conditions:[z,B],type:d,rules:[{endpoint:{url:"https://sts-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",[L]:w,[M]:w},type:k}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:m}]},{conditions:F,type:d,rules:[{conditions:[z],type:d,rules:[{type:d,rules:[{conditions:[{[I]:f,[J]:["aws-us-gov",{[I]:n,[J]:[A,"name"]}]}],endpoint:C,type:k},{endpoint:{url:"https://sts-fips.{Region}.{PartitionResult#dnsSuffix}",[L]:w,[M]:w},type:k}]}]},{error:"FIPS is enabled but this partition does not support FIPS",type:m}]},{conditions:G,type:d,rules:[{conditions:[B],type:d,rules:[{endpoint:{url:"https://sts.{Region}.{PartitionResult#dualStackDnsSuffix}",[L]:w,[M]:w},type:k}]},{error:"DualStack is enabled but this partition does not support DualStack",type:m}]},{type:d,rules:[{conditions:E,endpoint:{url:g,[L]:{authSchemes:[{name:h,signingRegion:j,signingName:i}]},[M]:w},type:k},{endpoint:C,type:k}]}]}]};
+B={[I]:e,[J]:[true,{[I]:m,[J]:[A,"supportsDualStack"]}]},
+C={"url":k,[L]:{},[M]:{}},
+D=[t],
+E=[x],
+F=[y];
+const _data={version:"1.0",parameters:{Region:n,UseDualStack:o,UseFIPS:o,Endpoint:n,UseGlobalEndpoint:o},rules:[{conditions:[{[I]:"aws.partition",[J]:[p],assign:c}],[H]:d,rules:[{conditions:[{[I]:e,[J]:[{[K]:"UseGlobalEndpoint"},b]},{[I]:e,[J]:[q,a]},{[I]:e,[J]:[r,a]},{[I]:"not",[J]:[s]}],[H]:d,rules:[{conditions:[{[I]:f,[J]:[p,"ap-northeast-1"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"ap-south-1"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"ap-southeast-1"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"ap-southeast-2"]}],endpoint:u,[H]:j},w,{conditions:[{[I]:f,[J]:[p,"ca-central-1"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"eu-central-1"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"eu-north-1"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"eu-west-1"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"eu-west-2"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"eu-west-3"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"sa-east-1"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,h]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"us-east-2"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"us-west-1"]}],endpoint:u,[H]:j},{conditions:[{[I]:f,[J]:[p,"us-west-2"]}],endpoint:u,[H]:j},{endpoint:{url:k,[L]:{authSchemes:[{name:g,signingRegion:"{Region}",signingName:i}]},[M]:v},[H]:j}]},{conditions:[s,{[I]:"parseURL",[J]:D,assign:"url"}],[H]:d,rules:[{conditions:E,error:"Invalid Configuration: FIPS and custom endpoint are not supported",[H]:l},{[H]:d,rules:[{conditions:F,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",[H]:l},{endpoint:{url:t,[L]:v,[M]:v},[H]:j}]}]},{conditions:[x,y],[H]:d,rules:[{conditions:[z,B],[H]:d,rules:[{endpoint:{url:"https://sts-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",[L]:v,[M]:v},[H]:j}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",[H]:l}]},{conditions:E,[H]:d,rules:[{conditions:[z],[H]:d,rules:[{[H]:d,rules:[{conditions:[{[I]:f,[J]:["aws-us-gov",{[I]:m,[J]:[A,"name"]}]}],endpoint:C,[H]:j},{endpoint:{url:"https://sts-fips.{Region}.{PartitionResult#dnsSuffix}",[L]:v,[M]:v},[H]:j}]}]},{error:"FIPS is enabled but this partition does not support FIPS",[H]:l}]},{conditions:F,[H]:d,rules:[{conditions:[B],[H]:d,rules:[{endpoint:{url:"https://sts.{Region}.{PartitionResult#dualStackDnsSuffix}",[L]:v,[M]:v},[H]:j}]},{error:"DualStack is enabled but this partition does not support DualStack",[H]:l}]},{[H]:d,rules:[w,{endpoint:C,[H]:j}]}]}]};
 export const ruleSet: RuleSetObject = _data;