aws-sdk-s3 1.102.0 → 1.112.0

data/lib/aws-sdk-s3/client_api.rb

@@ -22,6 +22,7 @@ module Aws::S3
     AcceptRanges = Shapes::StringShape.new(name: 'AcceptRanges')
     AccessControlPolicy = Shapes::StructureShape.new(name: 'AccessControlPolicy')
     AccessControlTranslation = Shapes::StructureShape.new(name: 'AccessControlTranslation')
+    AccessPointArn = Shapes::StringShape.new(name: 'AccessPointArn')
     AccountId = Shapes::StringShape.new(name: 'AccountId')
     AllowQuotedRecordDelimiter = Shapes::BooleanShape.new(name: 'AllowQuotedRecordDelimiter')
     AllowedHeader = Shapes::StringShape.new(name: 'AllowedHeader')
@@ -157,6 +158,7 @@ module Aws::S3
     ErrorMessage = Shapes::StringShape.new(name: 'ErrorMessage')
     Errors = Shapes::ListShape.new(name: 'Errors', flattened: true)
     Event = Shapes::StringShape.new(name: 'Event')
+    EventBridgeConfiguration = Shapes::StructureShape.new(name: 'EventBridgeConfiguration')
     EventList = Shapes::ListShape.new(name: 'EventList', flattened: true)
     ExistingObjectReplication = Shapes::StructureShape.new(name: 'ExistingObjectReplication')
     ExistingObjectReplicationStatus = Shapes::StringShape.new(name: 'ExistingObjectReplicationStatus')
@@ -385,6 +387,8 @@ module Aws::S3
     ObjectLockToken = Shapes::StringShape.new(name: 'ObjectLockToken')
     ObjectNotInActiveTierError = Shapes::StructureShape.new(name: 'ObjectNotInActiveTierError')
     ObjectOwnership = Shapes::StringShape.new(name: 'ObjectOwnership')
+    ObjectSizeGreaterThanBytes = Shapes::IntegerShape.new(name: 'ObjectSizeGreaterThanBytes')
+    ObjectSizeLessThanBytes = Shapes::IntegerShape.new(name: 'ObjectSizeLessThanBytes')
     ObjectStorageClass = Shapes::StringShape.new(name: 'ObjectStorageClass')
     ObjectVersion = Shapes::StructureShape.new(name: 'ObjectVersion')
     ObjectVersionId = Shapes::StringShape.new(name: 'ObjectVersionId')
@@ -518,6 +522,7 @@ module Aws::S3
     ServerSideEncryptionRules = Shapes::ListShape.new(name: 'ServerSideEncryptionRules', flattened: true)
     Setting = Shapes::BooleanShape.new(name: 'Setting')
     Size = Shapes::IntegerShape.new(name: 'Size')
+    SkipValidation = Shapes::BooleanShape.new(name: 'SkipValidation')
     SourceSelectionCriteria = Shapes::StructureShape.new(name: 'SourceSelectionCriteria')
     SseKmsEncryptedObjects = Shapes::StructureShape.new(name: 'SseKmsEncryptedObjects')
     SseKmsEncryptedObjectsStatus = Shapes::StringShape.new(name: 'SseKmsEncryptedObjectsStatus')
@@ -560,6 +565,7 @@ module Aws::S3
     UploadPartRequest = Shapes::StructureShape.new(name: 'UploadPartRequest')
     UserMetadata = Shapes::ListShape.new(name: 'UserMetadata')
     Value = Shapes::StringShape.new(name: 'Value')
+    VersionCount = Shapes::IntegerShape.new(name: 'VersionCount')
     VersionIdMarker = Shapes::StringShape.new(name: 'VersionIdMarker')
     VersioningConfiguration = Shapes::StructureShape.new(name: 'VersioningConfiguration')
     WebsiteConfiguration = Shapes::StructureShape.new(name: 'WebsiteConfiguration')
@@ -795,6 +801,7 @@ module Aws::S3
     CreateBucketRequest.add_member(:grant_write, Shapes::ShapeRef.new(shape: GrantWrite, location: "header", location_name: "x-amz-grant-write"))
     CreateBucketRequest.add_member(:grant_write_acp, Shapes::ShapeRef.new(shape: GrantWriteACP, location: "header", location_name: "x-amz-grant-write-acp"))
     CreateBucketRequest.add_member(:object_lock_enabled_for_bucket, Shapes::ShapeRef.new(shape: ObjectLockEnabledForBucket, location: "header", location_name: "x-amz-bucket-object-lock-enabled"))
+    CreateBucketRequest.add_member(:object_ownership, Shapes::ShapeRef.new(shape: ObjectOwnership, location: "header", location_name: "x-amz-object-ownership"))
     CreateBucketRequest.struct_class = Types::CreateBucketRequest
     CreateBucketRequest[:payload] = :create_bucket_configuration
     CreateBucketRequest[:payload_member] = CreateBucketRequest.member(:create_bucket_configuration)
@@ -1000,6 +1007,8 @@ module Aws::S3
 
     Errors.member = Shapes::ShapeRef.new(shape: Error)
 
+    EventBridgeConfiguration.struct_class = Types::EventBridgeConfiguration
+
     EventList.member = Shapes::ShapeRef.new(shape: Event)
 
     ExistingObjectReplication.add_member(:status, Shapes::ShapeRef.new(shape: ExistingObjectReplicationStatus, required: true, location_name: "Status"))
@@ -1490,10 +1499,14 @@ module Aws::S3
 
     LifecycleRuleAndOperator.add_member(:prefix, Shapes::ShapeRef.new(shape: Prefix, location_name: "Prefix"))
     LifecycleRuleAndOperator.add_member(:tags, Shapes::ShapeRef.new(shape: TagSet, location_name: "Tag", metadata: {"flattened"=>true}))
+    LifecycleRuleAndOperator.add_member(:object_size_greater_than, Shapes::ShapeRef.new(shape: ObjectSizeGreaterThanBytes, location_name: "ObjectSizeGreaterThan"))
+    LifecycleRuleAndOperator.add_member(:object_size_less_than, Shapes::ShapeRef.new(shape: ObjectSizeLessThanBytes, location_name: "ObjectSizeLessThan"))
     LifecycleRuleAndOperator.struct_class = Types::LifecycleRuleAndOperator
 
     LifecycleRuleFilter.add_member(:prefix, Shapes::ShapeRef.new(shape: Prefix, location_name: "Prefix"))
     LifecycleRuleFilter.add_member(:tag, Shapes::ShapeRef.new(shape: Tag, location_name: "Tag"))
+    LifecycleRuleFilter.add_member(:object_size_greater_than, Shapes::ShapeRef.new(shape: ObjectSizeGreaterThanBytes, location_name: "ObjectSizeGreaterThan"))
+    LifecycleRuleFilter.add_member(:object_size_less_than, Shapes::ShapeRef.new(shape: ObjectSizeLessThanBytes, location_name: "ObjectSizeLessThan"))
     LifecycleRuleFilter.add_member(:and, Shapes::ShapeRef.new(shape: LifecycleRuleAndOperator, location_name: "And"))
     LifecycleRuleFilter.struct_class = Types::LifecycleRuleFilter
 
@@ -1686,6 +1699,7 @@ module Aws::S3
 
     MetricsAndOperator.add_member(:prefix, Shapes::ShapeRef.new(shape: Prefix, location_name: "Prefix"))
     MetricsAndOperator.add_member(:tags, Shapes::ShapeRef.new(shape: TagSet, location_name: "Tag", metadata: {"flattened"=>true}))
+    MetricsAndOperator.add_member(:access_point_arn, Shapes::ShapeRef.new(shape: AccessPointArn, location_name: "AccessPointArn"))
     MetricsAndOperator.struct_class = Types::MetricsAndOperator
 
     MetricsConfiguration.add_member(:id, Shapes::ShapeRef.new(shape: MetricsId, required: true, location_name: "Id"))
@@ -1696,6 +1710,7 @@ module Aws::S3
 
     MetricsFilter.add_member(:prefix, Shapes::ShapeRef.new(shape: Prefix, location_name: "Prefix"))
     MetricsFilter.add_member(:tag, Shapes::ShapeRef.new(shape: Tag, location_name: "Tag"))
+    MetricsFilter.add_member(:access_point_arn, Shapes::ShapeRef.new(shape: AccessPointArn, location_name: "AccessPointArn"))
     MetricsFilter.add_member(:and, Shapes::ShapeRef.new(shape: MetricsAndOperator, location_name: "And"))
     MetricsFilter.struct_class = Types::MetricsFilter
 
@@ -1716,10 +1731,12 @@ module Aws::S3
     NoSuchUpload.struct_class = Types::NoSuchUpload
 
     NoncurrentVersionExpiration.add_member(:noncurrent_days, Shapes::ShapeRef.new(shape: Days, location_name: "NoncurrentDays"))
+    NoncurrentVersionExpiration.add_member(:newer_noncurrent_versions, Shapes::ShapeRef.new(shape: VersionCount, location_name: "NewerNoncurrentVersions"))
     NoncurrentVersionExpiration.struct_class = Types::NoncurrentVersionExpiration
 
     NoncurrentVersionTransition.add_member(:noncurrent_days, Shapes::ShapeRef.new(shape: Days, location_name: "NoncurrentDays"))
     NoncurrentVersionTransition.add_member(:storage_class, Shapes::ShapeRef.new(shape: TransitionStorageClass, location_name: "StorageClass"))
+    NoncurrentVersionTransition.add_member(:newer_noncurrent_versions, Shapes::ShapeRef.new(shape: VersionCount, location_name: "NewerNoncurrentVersions"))
     NoncurrentVersionTransition.struct_class = Types::NoncurrentVersionTransition
 
     NoncurrentVersionTransitionList.member = Shapes::ShapeRef.new(shape: NoncurrentVersionTransition)
@@ -1727,6 +1744,7 @@ module Aws::S3
     NotificationConfiguration.add_member(:topic_configurations, Shapes::ShapeRef.new(shape: TopicConfigurationList, location_name: "TopicConfiguration"))
     NotificationConfiguration.add_member(:queue_configurations, Shapes::ShapeRef.new(shape: QueueConfigurationList, location_name: "QueueConfiguration"))
     NotificationConfiguration.add_member(:lambda_function_configurations, Shapes::ShapeRef.new(shape: LambdaFunctionConfigurationList, location_name: "CloudFunctionConfiguration"))
+    NotificationConfiguration.add_member(:event_bridge_configuration, Shapes::ShapeRef.new(shape: EventBridgeConfiguration, location_name: "EventBridgeConfiguration"))
     NotificationConfiguration.struct_class = Types::NotificationConfiguration
 
     NotificationConfigurationDeprecated.add_member(:topic_configuration, Shapes::ShapeRef.new(shape: TopicConfigurationDeprecated, location_name: "TopicConfiguration"))
@@ -1923,6 +1941,7 @@ module Aws::S3
     PutBucketNotificationConfigurationRequest.add_member(:bucket, Shapes::ShapeRef.new(shape: BucketName, required: true, location: "uri", location_name: "Bucket"))
     PutBucketNotificationConfigurationRequest.add_member(:notification_configuration, Shapes::ShapeRef.new(shape: NotificationConfiguration, required: true, location_name: "NotificationConfiguration", metadata: {"xmlNamespace"=>{"uri"=>"http://s3.amazonaws.com/doc/2006-03-01/"}}))
     PutBucketNotificationConfigurationRequest.add_member(:expected_bucket_owner, Shapes::ShapeRef.new(shape: AccountId, location: "header", location_name: "x-amz-expected-bucket-owner"))
+    PutBucketNotificationConfigurationRequest.add_member(:skip_destination_validation, Shapes::ShapeRef.new(shape: SkipValidation, location: "header", location_name: "x-amz-skip-destination-validation"))
     PutBucketNotificationConfigurationRequest.struct_class = Types::PutBucketNotificationConfigurationRequest
     PutBucketNotificationConfigurationRequest[:payload] = :notification_configuration
     PutBucketNotificationConfigurationRequest[:payload_member] = PutBucketNotificationConfigurationRequest.member(:notification_configuration)

data/lib/aws-sdk-s3/customizations/object.rb

@@ -161,7 +161,7 @@ module Aws
       #
       # @param [Symbol] method
       #   The S3 operation to generate a presigned URL for. Valid values
-      #   are `:get`, `:put`, `:head`, `:delete`, `:create_multipart_upload`, 
+      #   are `:get`, `:put`, `:head`, `:delete`, `:create_multipart_upload`,
       #   `:list_multipart_uploads`, `:complete_multipart_upload`,
       #   `:abort_multipart_upload`, `:list_parts`, and `:upload_part`.
       #
@@ -215,6 +215,79 @@ module Aws
         )
       end
 
+      # Allows you to create presigned URL requests for S3 operations. This
+      # method returns a tuple containing the URL and the signed X-amz-* headers
+      # to be used with the presigned url.
+      #
+      # @example Pre-signed GET URL, valid for one hour
+      #
+      #     obj.presigned_request(:get, expires_in: 3600)
+      #     #=> ["https://bucket-name.s3.amazonaws.com/object-key?...", {}]
+      #
+      # @example Pre-signed PUT with a canned ACL
+      #
+      #     # the object uploaded using this URL will be publicly accessible
+      #     obj.presigned_request(:put, acl: 'public-read')
+      #     #=> ["https://bucket-name.s3.amazonaws.com/object-key?...",
+      #      {"x-amz-acl"=>"public-read"}]
+      #
+      # @param [Symbol] method
+      #   The S3 operation to generate a presigned request for. Valid values
+      #   are `:get`, `:put`, `:head`, `:delete`, `:create_multipart_upload`,
+      #   `:list_multipart_uploads`, `:complete_multipart_upload`,
+      #   `:abort_multipart_upload`, `:list_parts`, and `:upload_part`.
+      #
+      # @param [Hash] params
+      #   Additional request parameters to use when generating the pre-signed
+      #   request. See the related documentation in {Client} for accepted
+      #   params.
+      #
+      #   | Method                       | Client Method                      |
+      #   |------------------------------|------------------------------------|
+      #   | `:get`                       | {Client#get_object}                |
+      #   | `:put`                       | {Client#put_object}                |
+      #   | `:head`                      | {Client#head_object}               |
+      #   | `:delete`                    | {Client#delete_object}             |
+      #   | `:create_multipart_upload`   | {Client#create_multipart_upload}   |
+      #   | `:list_multipart_uploads`    | {Client#list_multipart_uploads}    |
+      #   | `:complete_multipart_upload` | {Client#complete_multipart_upload} |
+      #   | `:abort_multipart_upload`    | {Client#abort_multipart_upload}    |
+      #   | `:list_parts`                | {Client#list_parts}                |
+      #   | `:upload_part`               | {Client#upload_part}               |
+      #
+      # @option params [Boolean] :virtual_host (false) When `true` the
+      #   presigned URL will use the bucket name as a virtual host.
+      #
+      #     bucket = Aws::S3::Bucket.new('my.bucket.com')
+      #     bucket.object('key').presigned_request(virtual_host: true)
+      #     #=> ["http://my.bucket.com/key?...", {}]
+      #
+      # @option params [Integer] :expires_in (900) Number of seconds before
+      #   the pre-signed URL expires. This may not exceed one week (604800
+      #   seconds). Note that the pre-signed URL is also only valid as long as
+      #   credentials used to sign it are. For example, when using IAM roles,
+      #   temporary tokens generated for signing also have a default expiration
+      #   which will affect the effective expiration of the pre-signed URL.
+      #
+      # @raise [ArgumentError] Raised if `:expires_in` exceeds one week
+      #   (604800 seconds).
+      #
+      # @return [String, Hash] A tuple with a presigned URL and headers that
+      #   should be included with the request.
+      #
+      def presigned_request(method, params = {})
+        presigner = Presigner.new(client: client)
+
+        if %w(delete head get put).include?(method.to_s)
+          method = "#{method}_object".to_sym
+        end
+
+        presigner.presigned_request(
+          method.downcase,
+          params.merge(bucket: bucket_name, key: key)
+        )
+      end
+
       # Returns the public (un-signed) URL for this object.
       #
       #     s3.bucket('bucket-name').object('obj-key').public_url

data/lib/aws-sdk-s3/file_downloader.rb

@@ -134,7 +134,7 @@ module Aws
       def write(resp)
         range, _ = resp.content_range.split(' ').last.split('/')
         head, _ = range.split('-').map {|s| s.to_i}
-        IO.write(@path, resp.body.read, head)
+        File.write(@path, resp.body.read, head)
       end
 
       def single_request

data/lib/aws-sdk-s3/file_uploader.rb

@@ -32,11 +32,16 @@ module Aws
       # @option options [Proc] :progress_callback
       #   A Proc that will be called when each chunk of the upload is sent.
       #   It will be invoked with [bytes_read], [total_sizes]
+      # @option options [Integer] :thread_count
+      #   The thread count to use for multipart uploads. Ignored for
+      #   objects smaller than the multipart threshold.
       # @return [void]
       def upload(source, options = {})
         if File.size(source) >= multipart_threshold
           MultipartFileUploader.new(@options).upload(source, options)
         else
+          # remove multipart parameters not supported by put_object
+          options.delete(:thread_count)
           put_object(source, options)
         end
       end

data/lib/aws-sdk-s3/object.rb

@@ -184,10 +184,10 @@ module Aws::S3
     end
 
     # If the object is stored using server-side encryption either with an
-    # Amazon Web Services KMS customer master key (CMK) or an Amazon
-    # S3-managed encryption key, the response includes this header with the
-    # value of the server-side encryption algorithm used when storing this
-    # object in Amazon S3 (for example, AES256, aws:kms).
+    # Amazon Web Services KMS key or an Amazon S3-managed encryption key,
+    # the response includes this header with the value of the server-side
+    # encryption algorithm used when storing this object in Amazon S3 (for
+    # example, AES256, aws:kms).
     # @return [String]
     def server_side_encryption
       data[:server_side_encryption]
@@ -217,8 +217,8 @@ module Aws::S3
     end
 
     # If present, specifies the ID of the Amazon Web Services Key Management
-    # Service (Amazon Web Services KMS) symmetric customer managed customer
-    # master key (CMK) that was used for the object.
+    # Service (Amazon Web Services KMS) symmetric customer managed key that
+    # was used for the object.
     # @return [String]
     def ssekms_key_id
       data[:ssekms_key_id]
@@ -552,7 +552,7 @@ module Aws::S3
     #     metadata_directive: "COPY", # accepts COPY, REPLACE
     #     tagging_directive: "COPY", # accepts COPY, REPLACE
     #     server_side_encryption: "AES256", # accepts AES256, aws:kms
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -943,7 +943,7 @@ module Aws::S3
     #       "MetadataKey" => "MetadataValue",
     #     },
     #     server_side_encryption: "AES256", # accepts AES256, aws:kms
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -1028,13 +1028,13 @@ module Aws::S3
     #   RFC 1321. Amazon S3 uses this header for a message integrity check to
     #   ensure that the encryption key was transmitted without error.
     # @option options [String] :ssekms_key_id
-    #   Specifies the ID of the symmetric customer managed Amazon Web Services
-    #   KMS CMK to use for object encryption. All GET and PUT requests for an
-    #   object protected by Amazon Web Services KMS will fail if not made via
-    #   SSL or using SigV4. For information about configuring using any of the
-    #   officially supported Amazon Web Services SDKs and Amazon Web Services
-    #   CLI, see [Specifying the Signature Version in Request
-    #   Authentication][1] in the *Amazon S3 User Guide*.
+    #   Specifies the ID of the symmetric customer managed key to use for
+    #   object encryption. All GET and PUT requests for an object protected by
+    #   Amazon Web Services KMS will fail if not made via SSL or using SigV4.
+    #   For information about configuring using any of the officially
+    #   supported Amazon Web Services SDKs and Amazon Web Services CLI, see
+    #   [Specifying the Signature Version in Request Authentication][1] in the
+    #   *Amazon S3 User Guide*.
     #
     #
     #
@@ -1112,7 +1112,7 @@ module Aws::S3
     #       "MetadataKey" => "MetadataValue",
     #     },
     #     server_side_encryption: "AES256", # accepts AES256, aws:kms
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -1277,12 +1277,12 @@ module Aws::S3
     #   If `x-amz-server-side-encryption` is present and has the value of
     #   `aws:kms`, this header specifies the ID of the Amazon Web Services Key
     #   Management Service (Amazon Web Services KMS) symmetrical customer
-    #   managed customer master key (CMK) that was used for the object. If you
-    #   specify `x-amz-server-side-encryption:aws:kms`, but do not provide`
+    #   managed key that was used for the object. If you specify
+    #   `x-amz-server-side-encryption:aws:kms`, but do not provide`
     #   x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
-    #   Amazon Web Services managed CMK in Amazon Web Services to protect the
-    #   data. If the KMS key does not exist in the same account issuing the
-    #   command, you must use the full ARN and not just the ID.
+    #   Amazon Web Services managed key to protect the data. If the KMS key
+    #   does not exist in the same account issuing the command, you must use
+    #   the full ARN and not just the ID.
     # @option options [String] :ssekms_encryption_context
     #   Specifies the Amazon Web Services KMS Encryption Context to use for
     #   object encryption. The value of this header is a base64-encoded UTF-8
@@ -1415,7 +1415,7 @@ module Aws::S3
     #               value: "MetadataValue",
     #             },
     #           ],
-    #           storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
+    #           storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
     #         },
     #       },
     #     },
@@ -1481,18 +1481,8 @@ module Aws::S3
     #   Return the object only if it has not been modified since the specified
     #   time, otherwise return a 412 (precondition failed).
     # @option options [String] :range
-    #   Downloads the specified range bytes of an object. For more information
-    #   about the HTTP Range header, see
-    #   [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35][1].
-    #
-    #   <note markdown="1"> Amazon S3 doesn't support retrieving multiple ranges of data per
-    #   `GET` request.
-    #
-    #    </note>
-    #
-    #
-    #
-    #   [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
+    #   Because `HeadObject` returns only the metadata for an object, this
+    #   parameter has no effect.
     # @option options [String] :version_id
     #   VersionId used to reference a specific version of the object.
     # @option options [String] :sse_customer_algorithm

data/lib/aws-sdk-s3/object_summary.rb

@@ -296,7 +296,7 @@ module Aws::S3
     #     metadata_directive: "COPY", # accepts COPY, REPLACE
     #     tagging_directive: "COPY", # accepts COPY, REPLACE
     #     server_side_encryption: "AES256", # accepts AES256, aws:kms
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -687,7 +687,7 @@ module Aws::S3
     #       "MetadataKey" => "MetadataValue",
     #     },
     #     server_side_encryption: "AES256", # accepts AES256, aws:kms
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -772,13 +772,13 @@ module Aws::S3
     #   RFC 1321. Amazon S3 uses this header for a message integrity check to
     #   ensure that the encryption key was transmitted without error.
     # @option options [String] :ssekms_key_id
-    #   Specifies the ID of the symmetric customer managed Amazon Web Services
-    #   KMS CMK to use for object encryption. All GET and PUT requests for an
-    #   object protected by Amazon Web Services KMS will fail if not made via
-    #   SSL or using SigV4. For information about configuring using any of the
-    #   officially supported Amazon Web Services SDKs and Amazon Web Services
-    #   CLI, see [Specifying the Signature Version in Request
-    #   Authentication][1] in the *Amazon S3 User Guide*.
+    #   Specifies the ID of the symmetric customer managed key to use for
+    #   object encryption. All GET and PUT requests for an object protected by
+    #   Amazon Web Services KMS will fail if not made via SSL or using SigV4.
+    #   For information about configuring using any of the officially
+    #   supported Amazon Web Services SDKs and Amazon Web Services CLI, see
+    #   [Specifying the Signature Version in Request Authentication][1] in the
+    #   *Amazon S3 User Guide*.
     #
     #
     #
@@ -856,7 +856,7 @@ module Aws::S3
     #       "MetadataKey" => "MetadataValue",
     #     },
     #     server_side_encryption: "AES256", # accepts AES256, aws:kms
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -1021,12 +1021,12 @@ module Aws::S3
     #   If `x-amz-server-side-encryption` is present and has the value of
     #   `aws:kms`, this header specifies the ID of the Amazon Web Services Key
     #   Management Service (Amazon Web Services KMS) symmetrical customer
-    #   managed customer master key (CMK) that was used for the object. If you
-    #   specify `x-amz-server-side-encryption:aws:kms`, but do not provide`
+    #   managed key that was used for the object. If you specify
+    #   `x-amz-server-side-encryption:aws:kms`, but do not provide`
     #   x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
-    #   Amazon Web Services managed CMK in Amazon Web Services to protect the
-    #   data. If the KMS key does not exist in the same account issuing the
-    #   command, you must use the full ARN and not just the ID.
+    #   Amazon Web Services managed key to protect the data. If the KMS key
+    #   does not exist in the same account issuing the command, you must use
+    #   the full ARN and not just the ID.
     # @option options [String] :ssekms_encryption_context
     #   Specifies the Amazon Web Services KMS Encryption Context to use for
     #   object encryption. The value of this header is a base64-encoded UTF-8
@@ -1159,7 +1159,7 @@ module Aws::S3
     #               value: "MetadataValue",
     #             },
     #           ],
-    #           storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
+    #           storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
     #         },
     #       },
     #     },

data/lib/aws-sdk-s3/object_version.rb

@@ -402,18 +402,8 @@ module Aws::S3
     #   Return the object only if it has not been modified since the specified
     #   time, otherwise return a 412 (precondition failed).
     # @option options [String] :range
-    #   Downloads the specified range bytes of an object. For more information
-    #   about the HTTP Range header, see
-    #   [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35][1].
-    #
-    #   <note markdown="1"> Amazon S3 doesn't support retrieving multiple ranges of data per
-    #   `GET` request.
-    #
-    #    </note>
-    #
-    #
-    #
-    #   [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
+    #   Because `HeadObject` returns only the metadata for an object, this
+    #   parameter has no effect.
     # @option options [String] :sse_customer_algorithm
     #   Specifies the algorithm to use to when encrypting the object (for
     #   example, AES256).

data/lib/aws-sdk-s3/plugins/accelerate.rb

@@ -41,11 +41,17 @@ each bucket. [Go here for more information](http://docs.aws.amazon.com/AmazonS3/
               accelerate = context.params.delete(:use_accelerate_endpoint)
             end
             accelerate = context.config.use_accelerate_endpoint if accelerate.nil?
-            # Raise if :endpoint and dualstack are both provided
+            # Raise if :endpoint and accelerate are both provided
             if accelerate && !context.config.regional_endpoint
               raise ArgumentError,
                     'Cannot use both :use_accelerate_endpoint and :endpoint'
             end
+            # Raise if :use_fips_endpoint and accelerate are both provided
+            if accelerate && context.config.use_fips_endpoint
+              raise ArgumentError,
+                    'Cannot use both :use_accelerate_endpoint and '\
+                    ':use_fips_endpoint'
+            end
             context[:use_accelerate_endpoint] = accelerate
             @handler.call(context)
           end

data/lib/aws-sdk-s3/plugins/arn.rb

@@ -77,17 +77,10 @@ result in cross region requests.
               if arn
                 validate_config!(context, arn)
 
-                fips = false
-                if resolved_region.include?('fips')
-                  fips = true
-                  resolved_region = resolved_region.gsub('fips-', '')
-                                                   .gsub('-fips', '')
-                end
-
                 context.metadata[:s3_arn] = {
                   arn: arn,
                   resolved_region: resolved_region,
-                  fips: fips,
+                  fips: context.config.use_fips_endpoint,
                   dualstack: extract_dualstack_config!(context)
                 }
               end
@@ -126,7 +119,8 @@ result in cross region requests.
 
             if !arn.support_dualstack? && context[:use_dualstack_endpoint]
               raise ArgumentError,
-                    'Cannot provide an Outpost Access Point or Multi-region Access Point ARN'\
+                    'Cannot provide an Outpost Access Point, Object Lambda, '\
+                    'or Multi-region Access Point ARN'\
                     ' when `:use_dualstack_endpoint` is set to true.'
             end
 
@@ -135,6 +129,12 @@ result in cross region requests.
                     'Cannot provide a Multi-region Access Point ARN with '\
                     '`:s3_disable_multiregion_access_points` set to true'
             end
+
+            if context.config.use_fips_endpoint && !arn.support_fips?
+              raise ArgumentError,
+                    'FIPS client regions are not supported for this type '\
+                    'of ARN.'
+            end
           end
         end
 
@@ -146,7 +146,7 @@ result in cross region requests.
               s3_arn = resolve_arn_type!(arn)
               s3_arn.validate_arn!
               validate_region_config!(s3_arn, region, use_arn_region)
-              region = s3_arn.region if use_arn_region && !region.include?('fips')
+              region = s3_arn.region if use_arn_region
               [region, s3_arn]
             else
               [region]
@@ -231,19 +231,6 @@ result in cross region requests.
                 raise Aws::Errors::InvalidARNPartitionError
               end
             else
-              if region.include?('fips')
-                # If ARN type doesn't support FIPS but the client region is FIPS
-                unless arn.support_fips?
-                  raise ArgumentError,
-                        'FIPS client regions are not supported for this type '\
-                        'of ARN.'
-                end
-
-                fips = true
-                # Normalize the region so we can compare partition and regions
-                region = region.gsub('fips-', '').gsub('-fips', '')
-              end
-
               # use_arn_region does not apply to MRAP (global) arns
               unless arn.region.empty?
                 # Raise if the ARN and client regions are in different partitions
@@ -254,7 +241,7 @@ result in cross region requests.
 
                 # Raise if regions mismatch
                 # Either when it's a fips client or not using the ARN region
-                if (!use_arn_region || fips) && region != arn.region
+                if !use_arn_region && region != arn.region
                   raise Aws::Errors::InvalidARNRegionError
                 end
               end

data/lib/aws-sdk-s3/plugins/bucket_dns.rb

@@ -24,7 +24,7 @@ request URI and never moved to the host as a sub-domain.
           DOCS
 
         def add_handlers(handlers, config)
-          handlers.add(Handler) unless config.force_path_style
+          handlers.add(Handler, priority: 48) unless config.force_path_style
         end
 
         # @api private

data/lib/aws-sdk-s3/plugins/dualstack.rb

@@ -5,18 +5,9 @@ module Aws
     module Plugins
       # @api private
       class Dualstack < Seahorse::Client::Plugin
-
-        option(:use_dualstack_endpoint,
-          default: false,
-          doc_type: 'Boolean',
-          docstring: <<-DOCS)
-When set to `true`, IPv6-compatible bucket endpoints will be used
-for all operations.
-          DOCS
-
         def add_handlers(handlers, config)
           handlers.add(OptionHandler, step: :initialize)
-          handlers.add(DualstackHandler, step: :build, priority: 11)
+          handlers.add(DualstackHandler, step: :build, priority: 49)
         end
 
         # @api private
@@ -40,38 +31,41 @@ for all operations.
         # @api private
         class DualstackHandler < Seahorse::Client::Handler
           def call(context)
-            if context.config.regional_endpoint && use_dualstack_endpoint?(context)
+            # only rewrite the endpoint if it's not a custom endpoint
+            # accelerate/ARN already handle dualstack cases, so ignore these
+            # check to see if dualstack is on but configured off via operation
+            if context.config.regional_endpoint &&
+               use_dualstack_endpoint?(context)
               apply_dualstack_endpoint(context)
             end
             @handler.call(context)
           end
 
           private
-          def apply_dualstack_endpoint(context)
-            bucket_name = context.params[:bucket]
-            region = context.config.region
-            dns_suffix = Aws::Partitions::EndpointProvider.dns_suffix_for(region)
 
-            if use_bucket_dns?(bucket_name, context)
-              host = "#{bucket_name}.s3.dualstack.#{region}.#{dns_suffix}"
-            else
-              host = "s3.dualstack.#{region}.#{dns_suffix}"
-            end
+          def apply_dualstack_endpoint(context)
+            new_endpoint = Aws::Partitions::EndpointProvider.resolve(
+              context.config.region,
+              's3',
+              'regional',
+              {
+                dualstack: context[:use_dualstack_endpoint],
+                fips: context.config.use_fips_endpoint
+              }
+            )
             endpoint = URI.parse(context.http_request.endpoint.to_s)
-            endpoint.scheme = context.http_request.endpoint.scheme
-            endpoint.port = context.http_request.endpoint.port
-            endpoint.host = host
-            context.http_request.endpoint = endpoint.to_s
-          end
-
-          def use_bucket_dns?(bucket_name, context)
-            ssl = context.http_request.endpoint.scheme == "https"
-            bucket_name && BucketDns.dns_compatible?(bucket_name, ssl) &&
-              !context.config.force_path_style
+            endpoint.host = URI.parse(new_endpoint).host
+            context.http_request.endpoint = endpoint
           end
 
           def use_dualstack_endpoint?(context)
-            context[:use_dualstack_endpoint] && !context[:use_accelerate_endpoint]
+            # case when dualstack is turned off via operation
+            (context[:use_dualstack_endpoint] ||
+              context.config.use_dualstack_endpoint) &&
+              # accelerate plugin already applies dualstack
+              !context[:use_accelerate_endpoint] &&
+              # arns handle dualstack
+              !context.metadata[:s3_arn]
           end
         end