1 | import { STSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../STSClient";
|
2 | import { GetAccessKeyInfoRequest, GetAccessKeyInfoResponse } from "../models/models_0";
|
3 | import {
|
4 | deserializeAws_queryGetAccessKeyInfoCommand,
|
5 | serializeAws_queryGetAccessKeyInfoCommand,
|
6 | } from "../protocols/Aws_query";
|
7 | import { getSerdePlugin } from "@aws-sdk/middleware-serde";
|
8 | import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
|
9 | import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http";
|
10 | import { Command as $Command } from "@aws-sdk/smithy-client";
|
11 | import {
|
12 | FinalizeHandlerArguments,
|
13 | Handler,
|
14 | HandlerExecutionContext,
|
15 | MiddlewareStack,
|
16 | HttpHandlerOptions as __HttpHandlerOptions,
|
17 | MetadataBearer as __MetadataBearer,
|
18 | SerdeContext as __SerdeContext,
|
19 | } from "@aws-sdk/types";
|
20 |
|
21 | export interface GetAccessKeyInfoCommandInput extends GetAccessKeyInfoRequest {}
|
22 | export interface GetAccessKeyInfoCommandOutput extends GetAccessKeyInfoResponse, __MetadataBearer {}
|
23 |
|
24 | /**
|
25 | * <p>Returns the account identifier for the specified access key ID.</p>
|
26 | * <p>Access keys consist of two parts: an access key ID (for example,
|
27 | * <code>AKIAIOSFODNN7EXAMPLE</code>) and a secret access key (for example,
|
28 | * <code>wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY</code>). For more information about
|
29 | * access keys, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html">Managing Access Keys for IAM
|
30 | * Users</a> in the <i>IAM User Guide</i>.</p>
|
31 | * <p>When you pass an access key ID to this operation, it returns the ID of the Amazon Web Services
|
32 | * account to which the keys belong. Access key IDs beginning with <code>AKIA</code> are
|
33 | * long-term credentials for an IAM user or the Amazon Web Services account root user. Access key IDs
|
34 | * beginning with <code>ASIA</code> are temporary credentials that are created using STS
|
35 | * operations. If the account in the response belongs to you, you can sign in as the root
|
36 | * user and review your root user access keys. Then, you can pull a <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html">credentials report</a> to learn which IAM user owns the keys. To learn who
|
37 | * requested the temporary credentials for an <code>ASIA</code> access key, view the STS
|
38 | * events in your <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html">CloudTrail logs</a> in the
|
39 | * <i>IAM User Guide</i>.</p>
|
40 | * <p>This operation does not indicate the state of the access key. The key might be active,
|
41 | * inactive, or deleted. Active keys might not have permissions to perform an operation.
|
42 | * Providing a deleted access key might return an error that the key doesn't exist.</p>
|
43 | * @example
|
44 | * Use a bare-bones client and the command you need to make an API call.
|
45 | * ```javascript
|
46 | * import { STSClient, GetAccessKeyInfoCommand } from "@aws-sdk/client-sts"; // ES Modules import
|
47 | * // const { STSClient, GetAccessKeyInfoCommand } = require("@aws-sdk/client-sts"); // CommonJS import
|
48 | * const client = new STSClient(config);
|
49 | * const command = new GetAccessKeyInfoCommand(input);
|
50 | * const response = await client.send(command);
|
51 | * ```
|
52 | *
|
53 | * @see {@link GetAccessKeyInfoCommandInput} for command's `input` shape.
|
54 | * @see {@link GetAccessKeyInfoCommandOutput} for command's `response` shape.
|
55 | * @see {@link STSClientResolvedConfig | config} for command's `input` shape.
|
56 | *
|
57 | */
|
58 | export class GetAccessKeyInfoCommand extends $Command<
|
59 | GetAccessKeyInfoCommandInput,
|
60 | GetAccessKeyInfoCommandOutput,
|
61 | STSClientResolvedConfig
|
62 | > {
|
63 | // Start section: command_properties
|
64 | // End section: command_properties
|
65 |
|
66 | constructor(readonly input: GetAccessKeyInfoCommandInput) {
|
67 | // Start section: command_constructor
|
68 | super();
|
69 | // End section: command_constructor
|
70 | }
|
71 |
|
72 | /**
|
73 | * @internal
|
74 | */
|
75 | resolveMiddleware(
|
76 | clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>,
|
77 | configuration: STSClientResolvedConfig,
|
78 | options?: __HttpHandlerOptions
|
79 | ): Handler<GetAccessKeyInfoCommandInput, GetAccessKeyInfoCommandOutput> {
|
80 | this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
|
81 | this.middlewareStack.use(getAwsAuthPlugin(configuration));
|
82 |
|
83 | const stack = clientStack.concat(this.middlewareStack);
|
84 |
|
85 | const { logger } = configuration;
|
86 | const clientName = "STSClient";
|
87 | const commandName = "GetAccessKeyInfoCommand";
|
88 | const handlerExecutionContext: HandlerExecutionContext = {
|
89 | logger,
|
90 | clientName,
|
91 | commandName,
|
92 | inputFilterSensitiveLog: GetAccessKeyInfoRequest.filterSensitiveLog,
|
93 | outputFilterSensitiveLog: GetAccessKeyInfoResponse.filterSensitiveLog,
|
94 | };
|
95 | const { requestHandler } = configuration;
|
96 | return stack.resolve(
|
97 | (request: FinalizeHandlerArguments<any>) =>
|
98 | requestHandler.handle(request.request as __HttpRequest, options || {}),
|
99 | handlerExecutionContext
|
100 | );
|
101 | }
|
102 |
|
103 | private serialize(input: GetAccessKeyInfoCommandInput, context: __SerdeContext): Promise<__HttpRequest> {
|
104 | return serializeAws_queryGetAccessKeyInfoCommand(input, context);
|
105 | }
|
106 |
|
107 | private deserialize(output: __HttpResponse, context: __SerdeContext): Promise<GetAccessKeyInfoCommandOutput> {
|
108 | return deserializeAws_queryGetAccessKeyInfoCommand(output, context);
|
109 | }
|
110 |
|
111 | // Start section: command_body_extra
|
112 | // End section: command_body_extra
|
113 | }
|