fix on sts get caller identity

Author: SylvainSenechal

extensions/utils/VaultClientWrapper.js

@@ -1,6 +1,6 @@
 const { fromTemporaryCredentials } = require('@aws-sdk/credential-providers');
 const { errorUtils } = require('arsenal');
-const { GetCallerIdentityCommand } = require('@aws-sdk/client-sts');
+const { STSClient, GetCallerIdentityCommand } = require('@aws-sdk/client-sts');
 
 const { authTypeAssumeRole, authTypeNone } = require('../../lib/constants');
 const VaultClientCache = require('../../lib/clients/VaultClientCache');
@@ -47,8 +47,18 @@ class VaultClientWrapper {
         const stsWithCreds = CredentialsManager.resolveExternalFileSync(sts, this.logger);
         const endpoint = `${sts.transport || 'https'}://${sts.host}:${sts.port}`;
 
+        const stsClient = new STSClient({
+            endpoint,
+            region: sts.region || 'us-east-1',
+            credentials: {
+                accessKeyId: stsWithCreds.accessKey,
+                secretAccessKey: stsWithCreds.secretKey,
+            },
+            requestHandler: this.stsAgent,
+        });
+
         const getCallerIdentity = new GetCallerIdentityCommand({});
-        this._tempCredsPromise = stsWithCreds.send(getCallerIdentity)
+        this._tempCredsPromise = stsClient.send(getCallerIdentity)
             .then(res => {
                 const roleArn = `arn:aws:iam::${res.Account}:role/${roleName}`;
                 const roleSessionName = `${this._clientId}`;