Discriminator check for protocol-test error-shape dispatchers. Used by the generated parse_<err>_response function: if the wire-side discriminator (header or body) resolves to expected_local, the response was routed to the right error shape and the dispatcher reports Ok(Nil). The runner’s response-side assertion is binary — Ok vs Error — so returning Nil is enough.

The runner hands fixture headers through with their literal-case keys (X-Amzn-Errortype), but extract_error_type expects the lowercased form that the real-request path produces via headers_to_dict. We lowercase here so the helper matches HTTP’s case-insensitive header semantics regardless of which call-site invokes it.

Sensible default config given a region. Credentials default to the standard chain (env → web-identity → SSO → profile → process → ECS → IMDS); callers swap in a custom provider via with_credentials_provider, matching the convention every other AWS SDK follows.

Match an AWS error_type wire value against a local Smithy shape name. Used by the generated per-op translate_<op>_error dispatchers. error_type already passes through normalise_error_type (namespace + suffix stripped) at the invoke layer, so a plain equality check suffices; we keep this behind a helper to give the codegen one stable call-site.

Pull the wire-error-type local name out of a response. Looks at the X-Amzn-Errortype header first (restJson1, awsJson*); falls back to the body for __type / code / <Code> (covers JSON and XML error shapes). The returned string is the local shape name — namespace prefix, URI suffix, and Smithy [Charlie,foo,bar] suffix are all stripped. Exposed for codegen-emitted error-shape protocol test dispatchers; the in-process retry path uses it via the ServiceError discriminator.

Run one operation end-to-end. See module docs for the pipeline.

Operations that need to thread rule-set parameters known only to the op itself (e.g. S3’s Bucket) should use invoke_with_endpoint_params instead and pass those parameters through op_params.

Streaming-response variant of invoke. Builds + signs the request exactly like invoke, but dispatches through streaming_http_send (chunked transport) and returns the raw Response(StreamingBody) so callers can consume the body incrementally — fold chunk-by-chunk via streaming.fold_chunks, decode event-stream frames via event_stream.fold_events, or stream-to-disk without buffering.

Used by generated codegen for operations whose output carries @streaming — S3.GetObject for multi-GB downloads, Transcribe.StartStreamTranscription and Kinesis.SubscribeToShard for event-stream responses, etc.

Error responses (non-2xx) are materialised via streaming.to_bit_array_max(body, 1 MiB) so error_type extraction works on the JSON/XML error body the same way as invoke. A response body that exceeds the 1 MiB cap on the error path surfaces as DecodeError since we can’t safely extract a typed error from an oversized error body.

Retry is intentionally NOT wrapped around streaming_http_send at this layer — replaying a streaming request after a transient failure is op-specific (idempotent vs. mutating). Callers that want retry on a streaming op should layer it themselves or drop down to the buffered invoke.

invoke_streaming with per-op endpoint-rule-set parameters (the streaming-side counterpart to invoke_with_endpoint_params).

Same as invoke but with extra rule-set parameters merged in for this operation only — used by generated S3 ops to supply Bucket/Key etc. without leaking them onto the client config. If the client has no endpoint_rule_set, op_params is ignored (the static endpoint_url is used).

invoke_with_endpoint_params with an already-substituted host prefix. Codegen passes Some(prefix) for ops carrying @smithy.api#endpoint.hostPrefix — the template (e.g. "{RequestRoute}.") is expanded against the input’s @hostLabel members in the generated wrapper, mirroring the Rust SDK’s read_before_execution interceptor.

Generic translator from the runtime’s ClientError to a per-op typed-error enum. Each generated translate_<op>_error is a one-liner that supplies its operation’s decoder table plus constructors for the always-present *Transport and *Unknown variants. Saves ~15–25 LOC/op vs the previous open-coded nested match — see Pass 3c in plan.md.

decoders is a list of (wire_error_type_local_name, decoder) pairs. The first pair whose error_type matches gets to attempt the decode; if its decoder returns Error(Nil), we fall back to on_unknown with the textified body so the caller still sees something useful instead of a panic.

Override the credentials provider — use for non-default profiles, in-process static creds, or any custom resolution chain.

Set a single client-level endpoint-rule-set parameter (e.g. "UseFIPS" -> BoolVal(True)). Operation-specific params (S3 Bucket, Key) are threaded per-call via invoke_with_endpoint_params.

Attach a Smithy endpoint rule set. When set, the runtime walks the rule set per request to compute the endpoint URL — the value passed in via with_endpoint_url (or default_endpoint) is then ignored except as a fallback when the rule set is cleared. Use this from generated service constructors that embed their service’s rule set.

Override the request endpoint URL. Used for LocalStack, FIPS endpoints, custom DNS, and pre-signed-URL replay flows.

When a Smithy endpoint rule set is attached (the codegen wires one on every generated service that declares one), the override is threaded into the rule set as the standard Endpoint parameter rather than replacing endpoint_url outright. AWS rule sets honour this parameter via an early-branch rule like case isSet(Endpoint) -> endpoint { url: "{Endpoint}" }, so the override wins consistently across all services that declare an Endpoint rule-set parameter.

The static endpoint_url is also updated so services without a rule set continue to honour the override via the fallback path.

Switch the streaming sender to the HTTP/2 variant. httpc adds {http_version, "HTTP/2"} to its option list; servers that don’t speak HTTP/2 negotiate down to HTTP/1.1 via ALPN, so calls keep working even when the peer doesn’t support it. Buffered requests (http_send) are unaffected — HTTP/2 is for high-throughput streaming endpoints (S3 multipart, Bedrock streaming, Transcribe).

Pair with with_streaming_http_send for finer control (e.g. a stubbed sender in tests that needs HTTP/2 wiring elsewhere).

Tune just the retry attempt budget without replacing the whole strategy. Equivalent to with_retry_strategy(config, retry.with_max_attempts(config.retry_strategy, n)), but reads as a single knob — the common case for production tuning. Pass 1 to disable retries entirely (single attempt per request), 5 for long-running batch workloads that tolerate extra wait, etc.

Override the retry strategy used to wrap http_send. Pass retry.standard() for the AWS-standard 3-attempt backoff (the default), or retry.adaptive(bucket) to add the token-bucket gate.

Override the SigV4a normalize_path knob. No-op when the client hasn’t opted into SigV4a yet (with_sigv4a_region_set not called). Pass False for S3 — its object-key paths can carry . / .. that the RFC 3986 dot-segment removal would otherwise strip.

Opt the Client into SigV4a (asymmetric ECDSA P-256) signing for every request. region_set becomes the X-Amz-Region-Set header — single-region callers pass ["us-east-1"], multi-region callers pass the full list. Required for S3 Multi-Region Access Points.

normalize_path defaults to True; S3 callers should follow up with with_sigv4a_path_normalization(client, False) so keys containing . / .. survive the canonical-request step.

Override the streaming HTTP sender. Use for tests (stub the transport), for forcing the buffered-then-streamed path via http_send.lift_to_streaming(custom_buffered), or to inject a future custom transport (proxy, gRPC tunnel, etc.).