aws-sdk-s3 1.114.0 → 1.136.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +163 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-s3/bucket.rb +123 -61
  5. data/lib/aws-sdk-s3/bucket_acl.rb +9 -3
  6. data/lib/aws-sdk-s3/bucket_cors.rb +12 -4
  7. data/lib/aws-sdk-s3/bucket_lifecycle.rb +12 -4
  8. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +12 -4
  9. data/lib/aws-sdk-s3/bucket_logging.rb +9 -3
  10. data/lib/aws-sdk-s3/bucket_notification.rb +9 -3
  11. data/lib/aws-sdk-s3/bucket_policy.rb +12 -4
  12. data/lib/aws-sdk-s3/bucket_request_payment.rb +9 -3
  13. data/lib/aws-sdk-s3/bucket_tagging.rb +12 -4
  14. data/lib/aws-sdk-s3/bucket_versioning.rb +15 -5
  15. data/lib/aws-sdk-s3/bucket_website.rb +12 -4
  16. data/lib/aws-sdk-s3/client.rb +2084 -1724
  17. data/lib/aws-sdk-s3/client_api.rb +213 -189
  18. data/lib/aws-sdk-s3/customizations/bucket.rb +23 -47
  19. data/lib/aws-sdk-s3/customizations/errors.rb +27 -0
  20. data/lib/aws-sdk-s3/customizations/object.rb +95 -19
  21. data/lib/aws-sdk-s3/customizations/types/permanent_redirect.rb +26 -0
  22. data/lib/aws-sdk-s3/customizations.rb +2 -0
  23. data/lib/aws-sdk-s3/encryption/client.rb +6 -2
  24. data/lib/aws-sdk-s3/encryption/kms_cipher_provider.rb +13 -9
  25. data/lib/aws-sdk-s3/encryptionV2/client.rb +6 -2
  26. data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +1 -0
  27. data/lib/aws-sdk-s3/encryptionV2/kms_cipher_provider.rb +10 -6
  28. data/lib/aws-sdk-s3/endpoint_parameters.rb +146 -0
  29. data/lib/aws-sdk-s3/endpoint_provider.rb +509 -0
  30. data/lib/aws-sdk-s3/endpoints.rb +2150 -0
  31. data/lib/aws-sdk-s3/file_downloader.rb +170 -44
  32. data/lib/aws-sdk-s3/file_uploader.rb +8 -6
  33. data/lib/aws-sdk-s3/multipart_stream_uploader.rb +41 -13
  34. data/lib/aws-sdk-s3/multipart_upload.rb +27 -13
  35. data/lib/aws-sdk-s3/multipart_upload_part.rb +20 -10
  36. data/lib/aws-sdk-s3/object.rb +156 -110
  37. data/lib/aws-sdk-s3/object_acl.rb +14 -6
  38. data/lib/aws-sdk-s3/object_copier.rb +7 -5
  39. data/lib/aws-sdk-s3/object_multipart_copier.rb +41 -19
  40. data/lib/aws-sdk-s3/object_summary.rb +149 -94
  41. data/lib/aws-sdk-s3/object_version.rb +55 -21
  42. data/lib/aws-sdk-s3/plugins/accelerate.rb +3 -50
  43. data/lib/aws-sdk-s3/plugins/arn.rb +0 -184
  44. data/lib/aws-sdk-s3/plugins/bucket_dns.rb +3 -39
  45. data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +1 -6
  46. data/lib/aws-sdk-s3/plugins/dualstack.rb +1 -49
  47. data/lib/aws-sdk-s3/plugins/endpoints.rb +262 -0
  48. data/lib/aws-sdk-s3/plugins/expect_100_continue.rb +2 -1
  49. data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +0 -29
  50. data/lib/aws-sdk-s3/plugins/s3_signer.rb +32 -126
  51. data/lib/aws-sdk-s3/presigned_post.rb +61 -59
  52. data/lib/aws-sdk-s3/presigner.rb +24 -35
  53. data/lib/aws-sdk-s3/resource.rb +7 -3
  54. data/lib/aws-sdk-s3/types.rb +858 -4125
  55. data/lib/aws-sdk-s3.rb +5 -1
  56. metadata +12 -11
  57. data/lib/aws-sdk-s3/arn/access_point_arn.rb +0 -69
  58. data/lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb +0 -68
  59. data/lib/aws-sdk-s3/arn/object_lambda_arn.rb +0 -69
  60. data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +0 -74
  61. data/lib/aws-sdk-s3/plugins/object_lambda_endpoint.rb +0 -25
@@ -315,26 +315,28 @@ module Aws
315
315
 
316
316
  # @!group Fields
317
317
 
318
- # The key to use for the uploaded object. You can use `${filename}`
319
- # as a variable in the key. This will be replaced with the name
320
- # of the file as provided by the user.
318
+ # @!method key(key)
319
+ # The key to use for the uploaded object. You can use `${filename}`
320
+ # as a variable in the key. This will be replaced with the name
321
+ # of the file as provided by the user.
321
322
  #
322
- # For example, if the key is given as `/user/betty/${filename}` and
323
- # the file uploaded is named `lolcatz.jpg`, the resultant key will
324
- # be `/user/betty/lolcatz.jpg`.
323
+ # For example, if the key is given as `/user/betty/${filename}` and
324
+ # the file uploaded is named `lolcatz.jpg`, the resultant key will
325
+ # be `/user/betty/lolcatz.jpg`.
325
326
  #
326
- # @param [String] key
327
- # @see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html)
328
- # @return [self]
327
+ # @param [String] key
328
+ # @see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html)
329
+ # @return [self]
329
330
  define_field(:key) do |key|
330
331
  @key_set = true
331
332
  with('key', key)
332
333
  end
333
334
 
334
- # Specify a prefix the uploaded
335
- # @param [String] prefix
336
- # @see #key
337
- # @return [self]
335
+ # @!method key_starts_with(prefix)
336
+ # Specify a prefix the uploaded
337
+ # @param [String] prefix
338
+ # @see #key
339
+ # @return [self]
338
340
  define_field(:key_starts_with) do |prefix|
339
341
  @key_set = true
340
342
  starts_with('key', prefix)
@@ -412,26 +414,29 @@ module Aws
412
414
  # @return [self]
413
415
  define_field(:content_encoding, 'Content-Encoding', starts_with: true)
414
416
 
415
- # The date and time at which the object is no longer cacheable.
416
- # @note This does not affect the expiration of the presigned post
417
- # signature.
418
- # @param [Time] time
419
- # @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21
420
- # @return [self]
417
+ # @!method expires(time)
418
+ # The date and time at which the object is no longer cacheable.
419
+ # @note This does not affect the expiration of the presigned post
420
+ # signature.
421
+ # @param [Time] time
422
+ # @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21
423
+ # @return [self]
421
424
  define_field(:expires) do |time|
422
425
  with('Expires', time.httpdate)
423
426
  end
424
427
 
425
- # @param [String] prefix
426
- # @see #expires
427
- # @return [self]
428
+ # @!method expires_starts_with(prefix)
429
+ # @param [String] prefix
430
+ # @see #expires
431
+ # @return [self]
428
432
  define_field(:expires_starts_with) do |prefix|
429
433
  starts_with('Expires', prefix)
430
434
  end
431
435
 
432
- # The minimum and maximum allowable size for the uploaded content.
433
- # @param [Range<Integer>] byte_range
434
- # @return [self]
436
+ # @!method content_length_range(byte_range)
437
+ # The minimum and maximum allowable size for the uploaded content.
438
+ # @param [Range<Integer>] byte_range
439
+ # @return [self]
435
440
  define_field(:content_length_range) do |byte_range|
436
441
  min = byte_range.begin
437
442
  max = byte_range.end
@@ -507,10 +512,11 @@ module Aws
507
512
  # @return [self]
508
513
  define_field(:website_redirect_location, 'x-amz-website-redirect-location')
509
514
 
510
- # Metadata hash to store with the uploaded object. Hash keys will be
511
- # prefixed with "x-amz-meta-".
512
- # @param [Hash<String,String>] hash
513
- # @return [self]
515
+ # @!method metadata(hash)
516
+ # Metadata hash to store with the uploaded object. Hash keys will be
517
+ # prefixed with "x-amz-meta-".
518
+ # @param [Hash<String,String>] hash
519
+ # @return [self]
514
520
  define_field(:metadata) do |hash|
515
521
  hash.each do |key, value|
516
522
  with("x-amz-meta-#{key}", value)
@@ -518,10 +524,11 @@ module Aws
518
524
  self
519
525
  end
520
526
 
521
- # Specify allowable prefix for each key in the metadata hash.
522
- # @param [Hash<String,String>] hash
523
- # @see #metadata
524
- # @return [self]
527
+ # @!method metadata_starts_with(hash)
528
+ # Specify allowable prefix for each key in the metadata hash.
529
+ # @param [Hash<String,String>] hash
530
+ # @see #metadata
531
+ # @return [self]
525
532
  define_field(:metadata_starts_with) do |hash|
526
533
  hash.each do |key, value|
527
534
  starts_with("x-amz-meta-#{key}", value)
@@ -571,24 +578,26 @@ module Aws
571
578
  'x-amz-server-side-encryption-customer-algorithm'
572
579
  )
573
580
 
574
- # Specifies the customer-provided encryption key for Amazon S3 to use
575
- # in encrypting data. This value is used to store the object and then
576
- # it is discarded; Amazon does not store the encryption key.
581
+ # @!method server_side_encryption_customer_key(value)
582
+ # Specifies the customer-provided encryption key for Amazon S3 to use
583
+ # in encrypting data. This value is used to store the object and then
584
+ # it is discarded; Amazon does not store the encryption key.
577
585
  #
578
- # You must also call {#server_side_encryption_customer_algorithm}.
586
+ # You must also call {#server_side_encryption_customer_algorithm}.
579
587
  #
580
- # @param [String] value
581
- # @see #server_side_encryption_customer_algorithm
582
- # @return [self]
588
+ # @param [String] value
589
+ # @see #server_side_encryption_customer_algorithm
590
+ # @return [self]
583
591
  define_field(:server_side_encryption_customer_key) do |value|
584
592
  field_name = 'x-amz-server-side-encryption-customer-key'
585
593
  with(field_name, base64(value))
586
594
  with(field_name + '-MD5', base64(OpenSSL::Digest::MD5.digest(value)))
587
595
  end
588
596
 
589
- # @param [String] prefix
590
- # @see #server_side_encryption_customer_key
591
- # @return [self]
597
+ # @!method server_side_encryption_customer_key_starts_with(prefix)
598
+ # @param [String] prefix
599
+ # @see #server_side_encryption_customer_key
600
+ # @return [self]
592
601
  define_field(:server_side_encryption_customer_key_starts_with) do |prefix|
593
602
  field_name = 'x-amz-server-side-encryption-customer-key'
594
603
  starts_with(field_name, prefix)
@@ -629,22 +638,15 @@ module Aws
629
638
  end
630
639
 
631
640
  def bucket_url
632
- url = Aws::Partitions::EndpointProvider.resolve(@bucket_region, 's3')
633
- url = URI.parse(url)
634
- if Plugins::BucketDns.dns_compatible?(@bucket_name, _ssl = true)
635
- if @accelerate
636
- url.host = "#{@bucket_name}.s3-accelerate.amazonaws.com"
637
- else
638
- url.host = "#{@bucket_name}.#{url.host}"
639
- end
640
- else
641
- url.path = "/#{@bucket_name}"
642
- end
643
- if @bucket_region == 'us-east-1'
644
- # keep legacy behavior by default
645
- url.host = Plugins::IADRegionalEndpoint.legacy_host(url.host)
646
- end
647
- url.to_s
641
+ # Taken from Aws::S3::Endpoints module
642
+ params = Aws::S3::EndpointParameters.new(
643
+ bucket: @bucket_name,
644
+ region: @bucket_region,
645
+ accelerate: @accelerate,
646
+ use_global_endpoint: true
647
+ )
648
+ endpoint = Aws::S3::EndpointProvider.new.resolve_endpoint(params)
649
+ endpoint.url
648
650
  end
649
651
 
650
652
  # @return [Hash]
@@ -49,7 +49,8 @@ module Aws
49
49
  # before the presigned URL expires. Defaults to 15 minutes. As signature
50
50
  # version 4 has a maximum expiry time of one week for presigned URLs,
51
51
  # attempts to set this value to greater than one week (604800) will
52
- # raise an exception.
52
+ # raise an exception. The min value of this option and the credentials
53
+ # expiration time is used in the presigned URL.
53
54
  #
54
55
  # @option params [Time] :time (Time.now) The starting time for when the
55
56
  # presigned url becomes active.
@@ -96,7 +97,8 @@ module Aws
96
97
  # before the presigned URL expires. Defaults to 15 minutes. As signature
97
98
  # version 4 has a maximum expiry time of one week for presigned URLs,
98
99
  # attempts to set this value to greater than one week (604800) will
99
- # raise an exception.
100
+ # raise an exception. The min value of this option and the credentials
101
+ # expiration time is used in the presigned URL.
100
102
  #
101
103
  # @option params [Time] :time (Time.now) The starting time for when the
102
104
  # presigned url becomes active.
@@ -133,7 +135,7 @@ module Aws
133
135
  virtual_host = params.delete(:virtual_host)
134
136
  time = params.delete(:time)
135
137
  unsigned_headers = unsigned_headers(params)
136
- scheme = http_scheme(params)
138
+ secure = params.delete(:secure) != false
137
139
  expires_in = expires_in(params)
138
140
 
139
141
  req = @client.build_request(method, params)
@@ -141,7 +143,7 @@ module Aws
141
143
  handle_presigned_url_context(req)
142
144
 
143
145
  x_amz_headers = sign_but_dont_send(
144
- req, expires_in, scheme, time, unsigned_headers, hoist
146
+ req, expires_in, secure, time, unsigned_headers, hoist
145
147
  )
146
148
  [req.send_request.data, x_amz_headers]
147
149
  end
@@ -151,14 +153,6 @@ module Aws
151
153
  BLACKLISTED_HEADERS - whitelist_headers
152
154
  end
153
155
 
154
- def http_scheme(params)
155
- if params.delete(:secure) == false
156
- 'http'
157
- else
158
- @client.config.endpoint.scheme
159
- end
160
- end
161
-
162
156
  def expires_in(params)
163
157
  if (expires_in = params.delete(:expires_in))
164
158
  if expires_in > ONE_WEEK
@@ -175,8 +169,7 @@ module Aws
175
169
  end
176
170
 
177
171
  def use_bucket_as_hostname(req)
178
- req.handlers.remove(Plugins::BucketDns::Handler)
179
- req.handle do |context|
172
+ req.handle(priority: 35) do |context|
180
173
  uri = context.http_request.endpoint
181
174
  uri.host = context.params[:bucket]
182
175
  uri.path.sub!("/#{context.params[:bucket]}", '')
@@ -197,22 +190,21 @@ module Aws
197
190
 
198
191
  # @param [Seahorse::Client::Request] req
199
192
  def sign_but_dont_send(
200
- req, expires_in, scheme, time, unsigned_headers, hoist = true
193
+ req, expires_in, secure, time, unsigned_headers, hoist = true
201
194
  )
202
195
  x_amz_headers = {}
203
196
 
204
197
  http_req = req.context.http_request
205
198
 
206
199
  req.handlers.remove(Aws::S3::Plugins::S3Signer::LegacyHandler)
207
- req.handlers.remove(Aws::S3::Plugins::S3Signer::V4Handler)
200
+ req.handlers.remove(Aws::Plugins::Sign::Handler)
208
201
  req.handlers.remove(Seahorse::Client::Plugins::ContentLength::Handler)
209
202
 
210
203
  req.handle(step: :send) do |context|
211
- if scheme != http_req.endpoint.scheme
212
- endpoint = http_req.endpoint.dup
213
- endpoint.scheme = scheme
214
- endpoint.port = (scheme == 'http' ? 80 : 443)
215
- http_req.endpoint = URI.parse(endpoint.to_s)
204
+ # if an endpoint was not provided, force secure or insecure
205
+ if context.config.regional_endpoint
206
+ http_req.endpoint.scheme = secure ? 'https' : 'http'
207
+ http_req.endpoint.port = secure ? 443 : 80
216
208
  end
217
209
 
218
210
  query = http_req.endpoint.query ? http_req.endpoint.query.split('&') : []
@@ -231,24 +223,21 @@ module Aws
231
223
  end
232
224
  http_req.endpoint.query = query.join('&') unless query.empty?
233
225
 
234
- signing_algorithm = :sigv4
235
-
236
- # If it's an ARN, get the resolved region and service
237
- if (arn = context.metadata[:s3_arn])
238
- region = arn[:resolved_region]
239
- service = arn[:arn].service
240
- region = arn[:arn].is_a?(MultiRegionAccessPointARN) ? '*': arn[:resolved_region]
241
- signing_algorithm = arn[:arn].is_a?(MultiRegionAccessPointARN) ? :sigv4a : :sigv4
242
- end
243
-
226
+ auth_scheme = context[:auth_scheme]
227
+ scheme_name = auth_scheme['name']
228
+ region = if scheme_name == 'sigv4a'
229
+ auth_scheme['signingRegionSet'].first
230
+ else
231
+ auth_scheme['signingRegion']
232
+ end
244
233
  signer = Aws::Sigv4::Signer.new(
245
- service: service || 's3',
234
+ service: auth_scheme['signingName'] || 's3',
246
235
  region: region || context.config.region,
247
- signing_algorithm: signing_algorithm,
248
236
  credentials_provider: context.config.credentials,
237
+ signing_algorithm: scheme_name.to_sym,
238
+ uri_escape_path: !!!auth_scheme['disableDoubleEncoding'],
249
239
  unsigned_headers: unsigned_headers,
250
- apply_checksum_header: false,
251
- uri_escape_path: false
240
+ apply_checksum_header: false
252
241
  )
253
242
 
254
243
  url = signer.presign_url(
@@ -41,7 +41,7 @@ module Aws::S3
41
41
  # acl: "private", # accepts private, public-read, public-read-write, authenticated-read
42
42
  # bucket: "BucketName", # required
43
43
  # create_bucket_configuration: {
44
- # location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
44
+ # location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-southeast-1, ap-southeast-2, ap-southeast-3, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2, ap-south-2, eu-south-2
45
45
  # },
46
46
  # grant_full_control: "GrantFullControl",
47
47
  # grant_read: "GrantRead",
@@ -94,7 +94,9 @@ module Aws::S3
94
94
  # equivalent form of this ACL expressed in the XML format.
95
95
  # @return [Bucket]
96
96
  def create_bucket(options = {})
97
- @client.create_bucket(options)
97
+ Aws::Plugins::UserAgent.feature('resource') do
98
+ @client.create_bucket(options)
99
+ end
98
100
  Bucket.new(
99
101
  name: options[:bucket],
100
102
  client: @client
@@ -120,7 +122,9 @@ module Aws::S3
120
122
  def buckets(options = {})
121
123
  batches = Enumerator.new do |y|
122
124
  batch = []
123
- resp = @client.list_buckets(options)
125
+ resp = Aws::Plugins::UserAgent.feature('resource') do
126
+ @client.list_buckets(options)
127
+ end
124
128
  resp.data.buckets.each do |b|
125
129
  batch << Bucket.new(
126
130
  name: b.name,