aws-sdk-s3 1.122.0 → 1.157.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (85) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +238 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-s3/access_grants_credentials.rb +57 -0
  5. data/lib/aws-sdk-s3/access_grants_credentials_provider.rb +250 -0
  6. data/lib/aws-sdk-s3/bucket.rb +507 -114
  7. data/lib/aws-sdk-s3/bucket_acl.rb +18 -12
  8. data/lib/aws-sdk-s3/bucket_cors.rb +24 -16
  9. data/lib/aws-sdk-s3/bucket_lifecycle.rb +24 -16
  10. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +24 -16
  11. data/lib/aws-sdk-s3/bucket_logging.rb +25 -12
  12. data/lib/aws-sdk-s3/bucket_notification.rb +12 -6
  13. data/lib/aws-sdk-s3/bucket_policy.rb +70 -18
  14. data/lib/aws-sdk-s3/bucket_region_cache.rb +9 -5
  15. data/lib/aws-sdk-s3/bucket_request_payment.rb +18 -12
  16. data/lib/aws-sdk-s3/bucket_tagging.rb +24 -16
  17. data/lib/aws-sdk-s3/bucket_versioning.rb +42 -32
  18. data/lib/aws-sdk-s3/bucket_website.rb +24 -16
  19. data/lib/aws-sdk-s3/client.rb +6048 -2781
  20. data/lib/aws-sdk-s3/client_api.rb +148 -20
  21. data/lib/aws-sdk-s3/customizations/bucket.rb +3 -1
  22. data/lib/aws-sdk-s3/customizations/errors.rb +16 -3
  23. data/lib/aws-sdk-s3/customizations/object.rb +91 -18
  24. data/lib/aws-sdk-s3/customizations.rb +8 -0
  25. data/lib/aws-sdk-s3/encryption/client.rb +6 -2
  26. data/lib/aws-sdk-s3/encryption/kms_cipher_provider.rb +13 -9
  27. data/lib/aws-sdk-s3/encryptionV2/client.rb +6 -2
  28. data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +1 -0
  29. data/lib/aws-sdk-s3/encryptionV2/kms_cipher_provider.rb +10 -6
  30. data/lib/aws-sdk-s3/endpoint_parameters.rb +44 -0
  31. data/lib/aws-sdk-s3/endpoint_provider.rb +111 -252
  32. data/lib/aws-sdk-s3/endpoints.rb +540 -0
  33. data/lib/aws-sdk-s3/express_credentials.rb +55 -0
  34. data/lib/aws-sdk-s3/express_credentials_provider.rb +59 -0
  35. data/lib/aws-sdk-s3/file_downloader.rb +169 -44
  36. data/lib/aws-sdk-s3/file_uploader.rb +8 -6
  37. data/lib/aws-sdk-s3/multipart_file_uploader.rb +4 -4
  38. data/lib/aws-sdk-s3/multipart_stream_uploader.rb +10 -7
  39. data/lib/aws-sdk-s3/multipart_upload.rb +81 -20
  40. data/lib/aws-sdk-s3/multipart_upload_part.rb +169 -38
  41. data/lib/aws-sdk-s3/object.rb +1571 -261
  42. data/lib/aws-sdk-s3/object_acl.rb +38 -18
  43. data/lib/aws-sdk-s3/object_copier.rb +7 -5
  44. data/lib/aws-sdk-s3/object_multipart_copier.rb +42 -24
  45. data/lib/aws-sdk-s3/object_summary.rb +1422 -276
  46. data/lib/aws-sdk-s3/object_version.rb +344 -47
  47. data/lib/aws-sdk-s3/plugins/access_grants.rb +178 -0
  48. data/lib/aws-sdk-s3/plugins/endpoints.rb +14 -2
  49. data/lib/aws-sdk-s3/plugins/express_session_auth.rb +97 -0
  50. data/lib/aws-sdk-s3/plugins/http_200_errors.rb +53 -16
  51. data/lib/aws-sdk-s3/plugins/location_constraint.rb +3 -1
  52. data/lib/aws-sdk-s3/plugins/md5s.rb +2 -1
  53. data/lib/aws-sdk-s3/plugins/s3_signer.rb +7 -2
  54. data/lib/aws-sdk-s3/presigned_post.rb +52 -43
  55. data/lib/aws-sdk-s3/presigner.rb +8 -4
  56. data/lib/aws-sdk-s3/resource.rb +89 -13
  57. data/lib/aws-sdk-s3/types.rb +4879 -1513
  58. data/lib/aws-sdk-s3.rb +1 -1
  59. data/sig/bucket.rbs +212 -0
  60. data/sig/bucket_acl.rbs +78 -0
  61. data/sig/bucket_cors.rbs +69 -0
  62. data/sig/bucket_lifecycle.rbs +88 -0
  63. data/sig/bucket_lifecycle_configuration.rbs +111 -0
  64. data/sig/bucket_logging.rbs +76 -0
  65. data/sig/bucket_notification.rbs +114 -0
  66. data/sig/bucket_policy.rbs +59 -0
  67. data/sig/bucket_request_payment.rbs +54 -0
  68. data/sig/bucket_tagging.rbs +65 -0
  69. data/sig/bucket_versioning.rbs +77 -0
  70. data/sig/bucket_website.rbs +93 -0
  71. data/sig/client.rbs +2381 -0
  72. data/sig/customizations/bucket.rbs +19 -0
  73. data/sig/customizations/object.rbs +38 -0
  74. data/sig/customizations/object_summary.rbs +35 -0
  75. data/sig/errors.rbs +34 -0
  76. data/sig/multipart_upload.rbs +110 -0
  77. data/sig/multipart_upload_part.rbs +105 -0
  78. data/sig/object.rbs +442 -0
  79. data/sig/object_acl.rbs +86 -0
  80. data/sig/object_summary.rbs +334 -0
  81. data/sig/object_version.rbs +137 -0
  82. data/sig/resource.rbs +127 -0
  83. data/sig/types.rbs +2568 -0
  84. data/sig/waiters.rbs +95 -0
  85. metadata +43 -11
@@ -0,0 +1,178 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ module S3
5
+ module Plugins
6
+ # @api private
7
+ class AccessGrants < Seahorse::Client::Plugin
8
+ @s3control =
9
+ begin
10
+ require 'aws-sdk-s3control'
11
+ true
12
+ rescue LoadError
13
+ false
14
+ end
15
+
16
+ option(
17
+ :access_grants,
18
+ default: false,
19
+ doc_type: 'Boolean',
20
+ docstring: <<-DOCS)
21
+ When `true`, the S3 client will use the S3 Access Grants feature to
22
+ authenticate requests. Bucket credentials will be fetched from S3
23
+ Control using the `get_data_access` API.
24
+ DOCS
25
+
26
+ option(:access_grants_credentials_provider,
27
+ doc_type: 'Aws::S3::AccessGrantsCredentialsProvider',
28
+ rbs_type: 'untyped',
29
+ docstring: <<-DOCS) do |_cfg|
30
+ When `access_grants` is `true`, this option can be used to provide
31
+ additional options to the credentials provider, including a privilege
32
+ setting, caching, and fallback behavior.
33
+ DOCS
34
+ Aws::S3::AccessGrantsCredentialsProvider.new
35
+ end
36
+
37
+ # @api private
38
+ class Handler < Seahorse::Client::Handler
39
+ PERMISSION_MAP = {
40
+ head_object: 'READ',
41
+ get_object: 'READ',
42
+ get_object_acl: 'READ',
43
+ list_multipart_uploads: 'READ',
44
+ list_objects_v2: 'READ',
45
+ list_object_versions: 'READ',
46
+ list_parts: 'READ',
47
+ head_bucket: 'READ',
48
+ get_object_attributes: 'READ',
49
+ put_object: 'WRITE',
50
+ put_object_acl: 'WRITE',
51
+ delete_object: 'WRITE',
52
+ abort_multipart_upload: 'WRITE',
53
+ create_multipart_upload: 'WRITE',
54
+ upload_part: 'WRITE',
55
+ complete_multipart_upload: 'WRITE',
56
+ delete_objects: 'WRITE',
57
+ copy_object: 'READWRITE'
58
+ }.freeze
59
+
60
+ def call(context)
61
+ provider = context.config.access_grants_credentials_provider
62
+
63
+ if access_grants_operation?(context) &&
64
+ !s3_express_endpoint?(context) &&
65
+ !credentials_head_bucket_call?(provider)
66
+ params = context[:endpoint_params]
67
+ permission = PERMISSION_MAP[context.operation_name]
68
+
69
+ key =
70
+ case context.operation_name
71
+ when :delete_objects
72
+ delete_params = context.params[:delete]
73
+ common_prefixes(delete_params[:objects].map { |o| o[:key] })
74
+ when :copy_object
75
+ source_bucket, source_key = params[:copy_source].split('/', 2)
76
+ if params[:bucket] != source_bucket
77
+ raise ArgumentError,
78
+ 'source and destination bucket must be the same'
79
+ end
80
+ common_prefixes([params[:key], source_key])
81
+ else
82
+ params[:key]
83
+ end
84
+
85
+ credentials = provider.access_grants_credentials_for(
86
+ bucket: params[:bucket],
87
+ key: key,
88
+ prefix: params[:prefix],
89
+ permission: permission
90
+ )
91
+ context[:sigv4_credentials] = credentials # Sign will use this
92
+ end
93
+
94
+ with_metric(credentials) { @handler.call(context) }
95
+ end
96
+
97
+ private
98
+
99
+ def with_metric(credentials, &block)
100
+ return block.call unless credentials
101
+
102
+ Aws::Plugins::UserAgent.metric('S3_ACCESS_GRANTS', &block)
103
+ end
104
+
105
+ # HeadBucket is a supported call. When fetching credentials,
106
+ # this plugin is executed again, and becomes recursive.
107
+ def credentials_head_bucket_call?(provider)
108
+ provider.instance_variable_get(:@head_bucket_call)
109
+ end
110
+
111
+ def access_grants_operation?(context)
112
+ params = context[:endpoint_params]
113
+ params[:bucket] && PERMISSION_MAP[context.operation_name]
114
+ end
115
+
116
+ def s3_express_endpoint?(context)
117
+ context[:endpoint_properties]['backend'] == 'S3Express'
118
+ end
119
+
120
+ # Return the common prefix of the keys, regardless of the delimiter.
121
+ # For example, given keys ['foo/bar', 'foo/baz'], the common prefix
122
+ # is 'foo/ba'.
123
+ def common_prefixes(keys)
124
+ return '' if keys.empty?
125
+
126
+ first_key = keys[0]
127
+ common_ancestor = first_key
128
+ last_prefix = ''
129
+ keys.each do |k|
130
+ until common_ancestor.empty?
131
+ break if k.start_with?(common_ancestor)
132
+
133
+ last_index = common_ancestor.rindex('/')
134
+ return '' if last_index.nil?
135
+
136
+ last_prefix = common_ancestor[(last_index + 1)..-1]
137
+ common_ancestor = common_ancestor[0...last_index]
138
+ end
139
+ end
140
+ new_common_ancestor = "#{common_ancestor}/#{last_prefix}"
141
+ keys.each do |k|
142
+ until last_prefix.empty?
143
+ break if k.start_with?(new_common_ancestor)
144
+
145
+ last_prefix = last_prefix[0...-1]
146
+ new_common_ancestor = "#{common_ancestor}/#{last_prefix}"
147
+ end
148
+ end
149
+ if new_common_ancestor == "#{first_key}/"
150
+ first_key
151
+ else
152
+ new_common_ancestor
153
+ end
154
+ end
155
+ end
156
+
157
+ def add_handlers(handlers, config)
158
+ return unless AccessGrants.s3control? && config.access_grants
159
+
160
+ handlers.add(Handler)
161
+ end
162
+
163
+ def after_initialize(client)
164
+ return unless AccessGrants.s3control? && client.config.access_grants
165
+
166
+ provider = client.config.access_grants_credentials_provider
167
+ provider.s3_client = client unless provider.s3_client
168
+ end
169
+
170
+ class << self
171
+ def s3control?
172
+ @s3control
173
+ end
174
+ end
175
+ end
176
+ end
177
+ end
178
+ end
@@ -14,6 +14,7 @@ module Aws::S3
14
14
  option(
15
15
  :endpoint_provider,
16
16
  doc_type: 'Aws::S3::EndpointProvider',
17
+ rbs_type: 'untyped',
17
18
  docstring: 'The endpoint provider used to resolve endpoints. Any '\
18
19
  'object that responds to `#resolve_endpoint(parameters)` '\
19
20
  'where `parameters` is a Struct similar to '\
@@ -22,19 +23,26 @@ module Aws::S3
22
23
  Aws::S3::EndpointProvider.new
23
24
  end
24
25
 
26
+ option(
27
+ :disable_s3_express_session_auth,
28
+ doc_type: 'Boolean',
29
+ default: nil,
30
+ docstring: "Parameter to indicate whether S3Express session auth should be disabled")
31
+
25
32
  # @api private
26
33
  class Handler < Seahorse::Client::Handler
27
34
  def call(context)
28
- # If endpoint was discovered, do not resolve or apply the endpoint.
29
35
  unless context[:discovered_endpoint]
30
36
  params = parameters_for_operation(context)
31
37
  endpoint = context.config.endpoint_provider.resolve_endpoint(params)
32
38
 
33
39
  context.http_request.endpoint = endpoint.url
34
40
  apply_endpoint_headers(context, endpoint.headers)
41
+
42
+ context[:endpoint_params] = params
43
+ context[:endpoint_properties] = endpoint.properties
35
44
  end
36
45
 
37
- context[:endpoint_params] = params
38
46
  context[:auth_scheme] =
39
47
  Aws::Endpoints.resolve_auth_scheme(context, endpoint)
40
48
 
@@ -66,6 +74,8 @@ module Aws::S3
66
74
  Aws::S3::Endpoints::CreateBucket.build(context)
67
75
  when :create_multipart_upload
68
76
  Aws::S3::Endpoints::CreateMultipartUpload.build(context)
77
+ when :create_session
78
+ Aws::S3::Endpoints::CreateSession.build(context)
69
79
  when :delete_bucket
70
80
  Aws::S3::Endpoints::DeleteBucket.build(context)
71
81
  when :delete_bucket_analytics_configuration
@@ -176,6 +186,8 @@ module Aws::S3
176
186
  Aws::S3::Endpoints::ListBucketMetricsConfigurations.build(context)
177
187
  when :list_buckets
178
188
  Aws::S3::Endpoints::ListBuckets.build(context)
189
+ when :list_directory_buckets
190
+ Aws::S3::Endpoints::ListDirectoryBuckets.build(context)
179
191
  when :list_multipart_uploads
180
192
  Aws::S3::Endpoints::ListMultipartUploads.build(context)
181
193
  when :list_object_versions
@@ -0,0 +1,97 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ module S3
5
+ module Plugins
6
+ # @api private
7
+ class ExpressSessionAuth < Seahorse::Client::Plugin
8
+ # This should be s3_disable_express_auth instead
9
+ # But this is not a built in. We're overwriting the generated value
10
+ option(:disable_s3_express_session_auth,
11
+ default: false,
12
+ doc_type: 'Boolean',
13
+ docstring: <<-DOCS) do |cfg|
14
+ When `true`, S3 Express session authentication is disabled.
15
+ DOCS
16
+ resolve_disable_s3_express_session_auth(cfg)
17
+ end
18
+
19
+ option(:express_credentials_provider,
20
+ doc_type: 'Aws::S3::ExpressCredentialsProvider',
21
+ rbs_type: 'untyped',
22
+ docstring: <<-DOCS) do |_cfg|
23
+ Credential Provider for S3 Express endpoints. Manages credentials
24
+ for different buckets.
25
+ DOCS
26
+ Aws::S3::ExpressCredentialsProvider.new
27
+ end
28
+
29
+ # @api private
30
+ class Handler < Seahorse::Client::Handler
31
+ def call(context)
32
+ if (props = context[:endpoint_properties])
33
+ # S3 Express endpoint - turn off md5 and enable crc32 default
34
+ if props['backend'] == 'S3Express'
35
+ if context.operation_name == :put_object || checksum_required?(context)
36
+ context[:default_request_checksum_algorithm] = 'CRC32'
37
+ end
38
+ context[:s3_express_endpoint] = true
39
+ end
40
+
41
+ # if s3 express auth, use new credentials and sign additional header
42
+ if context[:auth_scheme]['name'] == 'sigv4-s3express' &&
43
+ !context.config.disable_s3_express_session_auth
44
+ bucket = context.params[:bucket]
45
+ credentials_provider = context.config.express_credentials_provider
46
+ credentials = credentials_provider.express_credentials_for(bucket)
47
+ context[:sigv4_credentials] = credentials # Sign will use this
48
+ end
49
+ end
50
+ with_metric(credentials) { @handler.call(context) }
51
+ end
52
+
53
+ private
54
+
55
+ def with_metric(credentials, &block)
56
+ return block.call unless credentials
57
+
58
+ Aws::Plugins::UserAgent.metric('S3_EXPRESS_BUCKET', &block)
59
+ end
60
+
61
+ def checksum_required?(context)
62
+ context.operation.http_checksum_required ||
63
+ (context.operation.http_checksum &&
64
+ context.operation.http_checksum['requestChecksumRequired'])
65
+ end
66
+ end
67
+
68
+ handler(Handler)
69
+
70
+ # Optimization - sets this client as the client to create sessions.
71
+ def after_initialize(client)
72
+ provider = client.config.express_credentials_provider
73
+ provider.client = client unless provider.client
74
+ end
75
+
76
+ class << self
77
+ private
78
+
79
+ def resolve_disable_s3_express_session_auth(cfg)
80
+ value = ENV['AWS_S3_DISABLE_EXPRESS_SESSION_AUTH'] ||
81
+ Aws.shared_config.s3_disable_express_session_auth(profile: cfg.profile) ||
82
+ 'false'
83
+ value = Aws::Util.str_2_bool(value)
84
+ # Raise if provided value is not true or false
85
+ if value.nil?
86
+ raise ArgumentError,
87
+ 'Must provide either `true` or `false` for the '\
88
+ '`s3_disable_express_session_auth` profile option or for '\
89
+ "ENV['AWS_S3_DISABLE_EXPRESS_SESSION_AUTH']."
90
+ end
91
+ value
92
+ end
93
+ end
94
+ end
95
+ end
96
+ end
97
+ end
@@ -15,22 +15,67 @@ module Aws
15
15
 
16
16
  def call(context)
17
17
  @handler.call(context).on(200) do |response|
18
- if error = check_for_error(context)
19
- context.http_response.status_code = 500
20
- response.data = nil
21
- response.error = error
18
+ return response if streaming_output?(context.operation.output)
19
+
20
+ error = check_for_error(context)
21
+ return response unless error
22
+
23
+ context.http_response.status_code = 500
24
+ response.data = nil
25
+ response.error = error
26
+ end
27
+ end
28
+
29
+ private
30
+
31
+ # Streaming outputs are not subject to 200 errors.
32
+ def streaming_output?(output)
33
+ if (payload = output[:payload_member])
34
+ # checking ref and shape
35
+ payload['streaming'] || payload.shape['streaming'] ||
36
+ payload.eventstream
37
+ else
38
+ false
39
+ end
40
+ end
41
+
42
+ # Checks if the output shape is a structure shape and has members that
43
+ # are in the body for the case of a payload and a normal structure. A
44
+ # non-structure shape will not have members in the body. In the case
45
+ # of a string or blob, the body contents would have been checked first
46
+ # before this method is called in incomplete_xml_body?.
47
+ def members_in_body?(output)
48
+ shape =
49
+ if output[:payload_member]
50
+ output[:payload_member].shape
51
+ else
52
+ output.shape
22
53
  end
54
+
55
+ if structure_shape?(shape)
56
+ shape.members.any? { |_, k| k.location.nil? }
57
+ else
58
+ false
23
59
  end
24
60
  end
25
61
 
62
+ def structure_shape?(shape)
63
+ shape.is_a?(Seahorse::Model::Shapes::StructureShape)
64
+ end
65
+
66
+ # Must have a member in the body and have the start of an XML Tag.
67
+ # Other incomplete xml bodies will result in an XML ParsingError.
68
+ def incomplete_xml_body?(xml, output)
69
+ members_in_body?(output) && !xml.match(/<\w/)
70
+ end
71
+
26
72
  def check_for_error(context)
27
73
  xml = context.http_response.body_contents
28
- if xml.match(/<Error>/)
74
+ if xml.match(/\?>\s*<Error>/)
29
75
  error_code = xml.match(/<Code>(.+?)<\/Code>/)[1]
30
76
  error_message = xml.match(/<Message>(.+?)<\/Message>/)[1]
31
77
  S3::Errors.error_class(error_code).new(context, error_message)
32
- elsif !xml.match(/<\w/) # Must have the start of an XML Tag
33
- # Other incomplete xml bodies will result in XML ParsingError
78
+ elsif incomplete_xml_body?(xml, context.operation.output)
34
79
  Seahorse::Client::NetworkingError.new(
35
80
  S3::Errors
36
81
  .error_class('InternalError')
@@ -40,15 +85,7 @@ module Aws
40
85
  end
41
86
  end
42
87
 
43
- handler(
44
- Handler,
45
- step: :sign,
46
- operations: [
47
- :complete_multipart_upload,
48
- :copy_object,
49
- :upload_part_copy,
50
- ]
51
- )
88
+ handler(Handler, step: :sign)
52
89
  end
53
90
  end
54
91
  end
@@ -22,7 +22,9 @@ module Aws
22
22
 
23
23
  def populate_location_constraint(params, region)
24
24
  params[:create_bucket_configuration] ||= {}
25
- params[:create_bucket_configuration][:location_constraint] ||= region
25
+ unless params[:create_bucket_configuration][:location]
26
+ params[:create_bucket_configuration][:location_constraint] ||= region
27
+ end
26
28
  end
27
29
 
28
30
  end
@@ -22,7 +22,8 @@ module Aws
22
22
  CHUNK_SIZE = 1 * 1024 * 1024 # one MB
23
23
 
24
24
  def call(context)
25
- if !context[:checksum_algorithms] # skip in favor of flexible checksum
25
+ if !context[:checksum_algorithms] && # skip in favor of flexible checksum
26
+ !context[:s3_express_endpoint] # s3 express endpoints do not support md5
26
27
  body = context.http_request.body
27
28
  if body.respond_to?(:size) && body.size > 0
28
29
  context.http_request.headers['Content-Md5'] ||= md5(body)
@@ -4,6 +4,11 @@ require 'aws-sigv4'
4
4
 
5
5
  module Aws
6
6
  module S3
7
+ # @api private
8
+ def self.bucket_region_cache
9
+ @bucket_region_cache ||= BucketRegionCache.new
10
+ end
11
+
7
12
  module Plugins
8
13
  # This plugin used to have a V4 signer but it was removed in favor of
9
14
  # generic Sign plugin that uses endpoint auth scheme.
@@ -51,7 +56,7 @@ module Aws
51
56
  private
52
57
 
53
58
  def check_for_cached_region(context, bucket)
54
- cached_region = S3::BUCKET_REGIONS[bucket]
59
+ cached_region = Aws::S3.bucket_region_cache[bucket]
55
60
  if cached_region &&
56
61
  cached_region != context.config.region &&
57
62
  !S3Signer.custom_endpoint?(context)
@@ -97,7 +102,7 @@ module Aws
97
102
  end
98
103
 
99
104
  def update_bucket_cache(context, actual_region)
100
- S3::BUCKET_REGIONS[context.params[:bucket]] = actual_region
105
+ Aws::S3.bucket_region_cache[context.params[:bucket]] = actual_region
101
106
  end
102
107
 
103
108
  def fips_region?(resp)
@@ -315,26 +315,28 @@ module Aws
315
315
 
316
316
  # @!group Fields
317
317
 
318
- # The key to use for the uploaded object. You can use `${filename}`
319
- # as a variable in the key. This will be replaced with the name
320
- # of the file as provided by the user.
318
+ # @!method key(key)
319
+ # The key to use for the uploaded object. You can use `${filename}`
320
+ # as a variable in the key. This will be replaced with the name
321
+ # of the file as provided by the user.
321
322
  #
322
- # For example, if the key is given as `/user/betty/${filename}` and
323
- # the file uploaded is named `lolcatz.jpg`, the resultant key will
324
- # be `/user/betty/lolcatz.jpg`.
323
+ # For example, if the key is given as `/user/betty/${filename}` and
324
+ # the file uploaded is named `lolcatz.jpg`, the resultant key will
325
+ # be `/user/betty/lolcatz.jpg`.
325
326
  #
326
- # @param [String] key
327
- # @see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html)
328
- # @return [self]
327
+ # @param [String] key
328
+ # @see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html)
329
+ # @return [self]
329
330
  define_field(:key) do |key|
330
331
  @key_set = true
331
332
  with('key', key)
332
333
  end
333
334
 
334
- # Specify a prefix the uploaded
335
- # @param [String] prefix
336
- # @see #key
337
- # @return [self]
335
+ # @!method key_starts_with(prefix)
336
+ # Specify a prefix the uploaded
337
+ # @param [String] prefix
338
+ # @see #key
339
+ # @return [self]
338
340
  define_field(:key_starts_with) do |prefix|
339
341
  @key_set = true
340
342
  starts_with('key', prefix)
@@ -412,26 +414,29 @@ module Aws
412
414
  # @return [self]
413
415
  define_field(:content_encoding, 'Content-Encoding', starts_with: true)
414
416
 
415
- # The date and time at which the object is no longer cacheable.
416
- # @note This does not affect the expiration of the presigned post
417
- # signature.
418
- # @param [Time] time
419
- # @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21
420
- # @return [self]
417
+ # @!method expires(time)
418
+ # The date and time at which the object is no longer cacheable.
419
+ # @note This does not affect the expiration of the presigned post
420
+ # signature.
421
+ # @param [Time] time
422
+ # @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21
423
+ # @return [self]
421
424
  define_field(:expires) do |time|
422
425
  with('Expires', time.httpdate)
423
426
  end
424
427
 
425
- # @param [String] prefix
426
- # @see #expires
427
- # @return [self]
428
+ # @!method expires_starts_with(prefix)
429
+ # @param [String] prefix
430
+ # @see #expires
431
+ # @return [self]
428
432
  define_field(:expires_starts_with) do |prefix|
429
433
  starts_with('Expires', prefix)
430
434
  end
431
435
 
432
- # The minimum and maximum allowable size for the uploaded content.
433
- # @param [Range<Integer>] byte_range
434
- # @return [self]
436
+ # @!method content_length_range(byte_range)
437
+ # The minimum and maximum allowable size for the uploaded content.
438
+ # @param [Range<Integer>] byte_range
439
+ # @return [self]
435
440
  define_field(:content_length_range) do |byte_range|
436
441
  min = byte_range.begin
437
442
  max = byte_range.end
@@ -507,10 +512,11 @@ module Aws
507
512
  # @return [self]
508
513
  define_field(:website_redirect_location, 'x-amz-website-redirect-location')
509
514
 
510
- # Metadata hash to store with the uploaded object. Hash keys will be
511
- # prefixed with "x-amz-meta-".
512
- # @param [Hash<String,String>] hash
513
- # @return [self]
515
+ # @!method metadata(hash)
516
+ # Metadata hash to store with the uploaded object. Hash keys will be
517
+ # prefixed with "x-amz-meta-".
518
+ # @param [Hash<String,String>] hash
519
+ # @return [self]
514
520
  define_field(:metadata) do |hash|
515
521
  hash.each do |key, value|
516
522
  with("x-amz-meta-#{key}", value)
@@ -518,10 +524,11 @@ module Aws
518
524
  self
519
525
  end
520
526
 
521
- # Specify allowable prefix for each key in the metadata hash.
522
- # @param [Hash<String,String>] hash
523
- # @see #metadata
524
- # @return [self]
527
+ # @!method metadata_starts_with(hash)
528
+ # Specify allowable prefix for each key in the metadata hash.
529
+ # @param [Hash<String,String>] hash
530
+ # @see #metadata
531
+ # @return [self]
525
532
  define_field(:metadata_starts_with) do |hash|
526
533
  hash.each do |key, value|
527
534
  starts_with("x-amz-meta-#{key}", value)
@@ -571,24 +578,26 @@ module Aws
571
578
  'x-amz-server-side-encryption-customer-algorithm'
572
579
  )
573
580
 
574
- # Specifies the customer-provided encryption key for Amazon S3 to use
575
- # in encrypting data. This value is used to store the object and then
576
- # it is discarded; Amazon does not store the encryption key.
581
+ # @!method server_side_encryption_customer_key(value)
582
+ # Specifies the customer-provided encryption key for Amazon S3 to use
583
+ # in encrypting data. This value is used to store the object and then
584
+ # it is discarded; Amazon does not store the encryption key.
577
585
  #
578
- # You must also call {#server_side_encryption_customer_algorithm}.
586
+ # You must also call {#server_side_encryption_customer_algorithm}.
579
587
  #
580
- # @param [String] value
581
- # @see #server_side_encryption_customer_algorithm
582
- # @return [self]
588
+ # @param [String] value
589
+ # @see #server_side_encryption_customer_algorithm
590
+ # @return [self]
583
591
  define_field(:server_side_encryption_customer_key) do |value|
584
592
  field_name = 'x-amz-server-side-encryption-customer-key'
585
593
  with(field_name, base64(value))
586
594
  with(field_name + '-MD5', base64(OpenSSL::Digest::MD5.digest(value)))
587
595
  end
588
596
 
589
- # @param [String] prefix
590
- # @see #server_side_encryption_customer_key
591
- # @return [self]
597
+ # @!method server_side_encryption_customer_key_starts_with(prefix)
598
+ # @param [String] prefix
599
+ # @see #server_side_encryption_customer_key
600
+ # @return [self]
592
601
  define_field(:server_side_encryption_customer_key_starts_with) do |prefix|
593
602
  field_name = 'x-amz-server-side-encryption-customer-key'
594
603
  starts_with(field_name, prefix)
@@ -49,7 +49,8 @@ module Aws
49
49
  # before the presigned URL expires. Defaults to 15 minutes. As signature
50
50
  # version 4 has a maximum expiry time of one week for presigned URLs,
51
51
  # attempts to set this value to greater than one week (604800) will
52
- # raise an exception.
52
+ # raise an exception. The min value of this option and the credentials
53
+ # expiration time is used in the presigned URL.
53
54
  #
54
55
  # @option params [Time] :time (Time.now) The starting time for when the
55
56
  # presigned url becomes active.
@@ -96,7 +97,8 @@ module Aws
96
97
  # before the presigned URL expires. Defaults to 15 minutes. As signature
97
98
  # version 4 has a maximum expiry time of one week for presigned URLs,
98
99
  # attempts to set this value to greater than one week (604800) will
99
- # raise an exception.
100
+ # raise an exception. The min value of this option and the credentials
101
+ # expiration time is used in the presigned URL.
100
102
  #
101
103
  # @option params [Time] :time (Time.now) The starting time for when the
102
104
  # presigned url becomes active.
@@ -197,6 +199,8 @@ module Aws
197
199
  req.handlers.remove(Aws::S3::Plugins::S3Signer::LegacyHandler)
198
200
  req.handlers.remove(Aws::Plugins::Sign::Handler)
199
201
  req.handlers.remove(Seahorse::Client::Plugins::ContentLength::Handler)
202
+ req.handlers.remove(Aws::Rest::ContentTypeHandler)
203
+ req.handlers.remove(Aws::Plugins::InvocationId::Handler)
200
204
 
201
205
  req.handle(step: :send) do |context|
202
206
  # if an endpoint was not provided, force secure or insecure
@@ -230,8 +234,8 @@ module Aws
230
234
  end
231
235
  signer = Aws::Sigv4::Signer.new(
232
236
  service: auth_scheme['signingName'] || 's3',
233
- region: region || context.config.region,
234
- credentials_provider: context.config.credentials,
237
+ region: context[:sigv4_region] || region || context.config.region,
238
+ credentials_provider: context[:sigv4_credentials] || context.config.credentials,
235
239
  signing_algorithm: scheme_name.to_sym,
236
240
  uri_escape_path: !!!auth_scheme['disableDoubleEncoding'],
237
241
  unsigned_headers: unsigned_headers,