aws-sdk-s3 1.123.1 → 1.132.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +57 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-s3/bucket.rb +63 -33
- data/lib/aws-sdk-s3/client.rb +517 -465
- data/lib/aws-sdk-s3/client_api.rb +24 -0
- data/lib/aws-sdk-s3/customizations/errors.rb +1 -1
- data/lib/aws-sdk-s3/customizations/object.rb +20 -0
- data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +1 -0
- data/lib/aws-sdk-s3/endpoint_parameters.rb +4 -0
- data/lib/aws-sdk-s3/endpoint_provider.rb +22 -246
- data/lib/aws-sdk-s3/endpoints.rb +1 -0
- data/lib/aws-sdk-s3/file_downloader.rb +27 -1
- data/lib/aws-sdk-s3/object.rb +40 -41
- data/lib/aws-sdk-s3/object_multipart_copier.rb +33 -17
- data/lib/aws-sdk-s3/object_summary.rb +49 -36
- data/lib/aws-sdk-s3/object_version.rb +14 -0
- data/lib/aws-sdk-s3/presigned_post.rb +52 -43
- data/lib/aws-sdk-s3/presigner.rb +4 -2
- data/lib/aws-sdk-s3/resource.rb +1 -1
- data/lib/aws-sdk-s3/types.rb +371 -204
- data/lib/aws-sdk-s3.rb +1 -1
- metadata +6 -6
@@ -31,6 +31,10 @@ module Aws
|
|
31
31
|
key: options[:key],
|
32
32
|
}
|
33
33
|
@params[:version_id] = options[:version_id] if options[:version_id]
|
34
|
+
@params[:checksum_mode] = options[:checksum_mode] || 'ENABLED'
|
35
|
+
@on_checksum_validated = options[:on_checksum_validated]
|
36
|
+
|
37
|
+
validate!
|
34
38
|
|
35
39
|
Aws::Plugins::UserAgent.feature('s3-transfer') do
|
36
40
|
case @mode
|
@@ -54,6 +58,17 @@ module Aws
|
|
54
58
|
|
55
59
|
private
|
56
60
|
|
61
|
+
def validate!
|
62
|
+
if @on_checksum_validated && @params[:checksum_mode] != 'ENABLED'
|
63
|
+
raise ArgumentError, "You must set checksum_mode: 'ENABLED' " +
|
64
|
+
"when providing a on_checksum_validated callback"
|
65
|
+
end
|
66
|
+
|
67
|
+
if @on_checksum_validated && !@on_checksum_validated.respond_to?(:call)
|
68
|
+
raise ArgumentError, 'on_checksum_validated must be callable'
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
57
72
|
def multipart_download
|
58
73
|
resp = @client.head_object(@params.merge(part_number: 1))
|
59
74
|
count = resp.parts_count
|
@@ -129,6 +144,9 @@ module Aws
|
|
129
144
|
@params.merge(param.to_sym => chunk)
|
130
145
|
)
|
131
146
|
write(resp)
|
147
|
+
if @on_checksum_validated && resp.checksum_validated
|
148
|
+
@on_checksum_validated.call(resp.checksum_validated, resp)
|
149
|
+
end
|
132
150
|
end
|
133
151
|
end
|
134
152
|
threads.each(&:join)
|
@@ -142,9 +160,17 @@ module Aws
|
|
142
160
|
end
|
143
161
|
|
144
162
|
def single_request
|
145
|
-
@client.get_object(
|
163
|
+
resp = @client.get_object(
|
146
164
|
@params.merge(response_target: @path)
|
147
165
|
)
|
166
|
+
|
167
|
+
return resp unless @on_checksum_validated
|
168
|
+
|
169
|
+
if resp.checksum_validated
|
170
|
+
@on_checksum_validated.call(resp.checksum_validated, resp)
|
171
|
+
end
|
172
|
+
|
173
|
+
resp
|
148
174
|
end
|
149
175
|
end
|
150
176
|
end
|
data/lib/aws-sdk-s3/object.rb
CHANGED
@@ -240,7 +240,7 @@ module Aws::S3
|
|
240
240
|
end
|
241
241
|
|
242
242
|
# The server-side encryption algorithm used when storing this object in
|
243
|
-
# Amazon S3 (for example, AES256
|
243
|
+
# Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
|
244
244
|
# @return [String]
|
245
245
|
def server_side_encryption
|
246
246
|
data[:server_side_encryption]
|
@@ -269,16 +269,16 @@ module Aws::S3
|
|
269
269
|
data[:sse_customer_key_md5]
|
270
270
|
end
|
271
271
|
|
272
|
-
# If present, specifies the ID of the
|
273
|
-
#
|
274
|
-
#
|
272
|
+
# If present, specifies the ID of the Key Management Service (KMS)
|
273
|
+
# symmetric encryption customer managed key that was used for the
|
274
|
+
# object.
|
275
275
|
# @return [String]
|
276
276
|
def ssekms_key_id
|
277
277
|
data[:ssekms_key_id]
|
278
278
|
end
|
279
279
|
|
280
280
|
# Indicates whether the object uses an S3 Bucket Key for server-side
|
281
|
-
# encryption with
|
281
|
+
# encryption with Key Management Service (KMS) keys (SSE-KMS).
|
282
282
|
# @return [Boolean]
|
283
283
|
def bucket_key_enabled
|
284
284
|
data[:bucket_key_enabled]
|
@@ -615,7 +615,7 @@ module Aws::S3
|
|
615
615
|
# },
|
616
616
|
# metadata_directive: "COPY", # accepts COPY, REPLACE
|
617
617
|
# tagging_directive: "COPY", # accepts COPY, REPLACE
|
618
|
-
# server_side_encryption: "AES256", # accepts AES256, aws:kms
|
618
|
+
# server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
|
619
619
|
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
|
620
620
|
# website_redirect_location: "WebsiteRedirectLocation",
|
621
621
|
# sse_customer_algorithm: "SSECustomerAlgorithm",
|
@@ -745,7 +745,7 @@ module Aws::S3
|
|
745
745
|
# or replaced with tag-set provided in the request.
|
746
746
|
# @option options [String] :server_side_encryption
|
747
747
|
# The server-side encryption algorithm used when storing this object in
|
748
|
-
# Amazon S3 (for example, AES256
|
748
|
+
# Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
|
749
749
|
# @option options [String] :storage_class
|
750
750
|
# By default, Amazon S3 uses the STANDARD Storage Class to store newly
|
751
751
|
# created objects. The STANDARD storage class provides high durability
|
@@ -778,13 +778,12 @@ module Aws::S3
|
|
778
778
|
# RFC 1321. Amazon S3 uses this header for a message integrity check to
|
779
779
|
# ensure that the encryption key was transmitted without error.
|
780
780
|
# @option options [String] :ssekms_key_id
|
781
|
-
# Specifies the
|
782
|
-
#
|
783
|
-
#
|
784
|
-
#
|
785
|
-
#
|
786
|
-
#
|
787
|
-
# User Guide*.
|
781
|
+
# Specifies the KMS key ID to use for object encryption. All GET and PUT
|
782
|
+
# requests for an object protected by KMS will fail if they're not made
|
783
|
+
# via SSL or using SigV4. For information about configuring any of the
|
784
|
+
# officially supported Amazon Web Services SDKs and Amazon Web Services
|
785
|
+
# CLI, see [Specifying the Signature Version in Request
|
786
|
+
# Authentication][1] in the *Amazon S3 User Guide*.
|
788
787
|
#
|
789
788
|
#
|
790
789
|
#
|
@@ -795,9 +794,9 @@ module Aws::S3
|
|
795
794
|
# string holding JSON with the encryption context key-value pairs.
|
796
795
|
# @option options [Boolean] :bucket_key_enabled
|
797
796
|
# Specifies whether Amazon S3 should use an S3 Bucket Key for object
|
798
|
-
# encryption with server-side encryption using
|
799
|
-
# Setting this header to `true` causes Amazon S3
|
800
|
-
# for object encryption with SSE-KMS.
|
797
|
+
# encryption with server-side encryption using Key Management Service
|
798
|
+
# (KMS) keys (SSE-KMS). Setting this header to `true` causes Amazon S3
|
799
|
+
# to use an S3 Bucket Key for object encryption with SSE-KMS.
|
801
800
|
#
|
802
801
|
# Specifying this header with a COPY action doesn’t affect bucket-level
|
803
802
|
# settings for S3 Bucket Key.
|
@@ -1026,7 +1025,7 @@ module Aws::S3
|
|
1026
1025
|
# metadata: {
|
1027
1026
|
# "MetadataKey" => "MetadataValue",
|
1028
1027
|
# },
|
1029
|
-
# server_side_encryption: "AES256", # accepts AES256, aws:kms
|
1028
|
+
# server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
|
1030
1029
|
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
|
1031
1030
|
# website_redirect_location: "WebsiteRedirectLocation",
|
1032
1031
|
# sse_customer_algorithm: "SSECustomerAlgorithm",
|
@@ -1083,7 +1082,7 @@ module Aws::S3
|
|
1083
1082
|
# A map of metadata to store with the object in S3.
|
1084
1083
|
# @option options [String] :server_side_encryption
|
1085
1084
|
# The server-side encryption algorithm used when storing this object in
|
1086
|
-
# Amazon S3 (for example, AES256
|
1085
|
+
# Amazon S3 (for example, `AES256`, `aws:kms`).
|
1087
1086
|
# @option options [String] :storage_class
|
1088
1087
|
# By default, Amazon S3 uses the STANDARD Storage Class to store newly
|
1089
1088
|
# created objects. The STANDARD storage class provides high durability
|
@@ -1115,11 +1114,11 @@ module Aws::S3
|
|
1115
1114
|
# @option options [String] :ssekms_key_id
|
1116
1115
|
# Specifies the ID of the symmetric encryption customer managed key to
|
1117
1116
|
# use for object encryption. All GET and PUT requests for an object
|
1118
|
-
# protected by
|
1119
|
-
#
|
1120
|
-
#
|
1121
|
-
#
|
1122
|
-
#
|
1117
|
+
# protected by KMS will fail if they're not made via SSL or using
|
1118
|
+
# SigV4. For information about configuring any of the officially
|
1119
|
+
# supported Amazon Web Services SDKs and Amazon Web Services CLI, see
|
1120
|
+
# [Specifying the Signature Version in Request Authentication][1] in the
|
1121
|
+
# *Amazon S3 User Guide*.
|
1123
1122
|
#
|
1124
1123
|
#
|
1125
1124
|
#
|
@@ -1130,9 +1129,9 @@ module Aws::S3
|
|
1130
1129
|
# string holding JSON with the encryption context key-value pairs.
|
1131
1130
|
# @option options [Boolean] :bucket_key_enabled
|
1132
1131
|
# Specifies whether Amazon S3 should use an S3 Bucket Key for object
|
1133
|
-
# encryption with server-side encryption using
|
1134
|
-
# Setting this header to `true` causes Amazon S3
|
1135
|
-
# for object encryption with SSE-KMS.
|
1132
|
+
# encryption with server-side encryption using Key Management Service
|
1133
|
+
# (KMS) keys (SSE-KMS). Setting this header to `true` causes Amazon S3
|
1134
|
+
# to use an S3 Bucket Key for object encryption with SSE-KMS.
|
1136
1135
|
#
|
1137
1136
|
# Specifying this header with an object action doesn’t affect
|
1138
1137
|
# bucket-level settings for S3 Bucket Key.
|
@@ -1211,7 +1210,7 @@ module Aws::S3
|
|
1211
1210
|
# metadata: {
|
1212
1211
|
# "MetadataKey" => "MetadataValue",
|
1213
1212
|
# },
|
1214
|
-
# server_side_encryption: "AES256", # accepts AES256, aws:kms
|
1213
|
+
# server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
|
1215
1214
|
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
|
1216
1215
|
# website_redirect_location: "WebsiteRedirectLocation",
|
1217
1216
|
# sse_customer_algorithm: "SSECustomerAlgorithm",
|
@@ -1378,7 +1377,7 @@ module Aws::S3
|
|
1378
1377
|
# A map of metadata to store with the object in S3.
|
1379
1378
|
# @option options [String] :server_side_encryption
|
1380
1379
|
# The server-side encryption algorithm used when storing this object in
|
1381
|
-
# Amazon S3 (for example, AES256
|
1380
|
+
# Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
|
1382
1381
|
# @option options [String] :storage_class
|
1383
1382
|
# By default, Amazon S3 uses the STANDARD Storage Class to store newly
|
1384
1383
|
# created objects. The STANDARD storage class provides high durability
|
@@ -1429,15 +1428,15 @@ module Aws::S3
|
|
1429
1428
|
# RFC 1321. Amazon S3 uses this header for a message integrity check to
|
1430
1429
|
# ensure that the encryption key was transmitted without error.
|
1431
1430
|
# @option options [String] :ssekms_key_id
|
1432
|
-
# If `x-amz-server-side-encryption` has a valid value of `aws:kms
|
1433
|
-
# header specifies the ID of the
|
1434
|
-
# Service (
|
1435
|
-
#
|
1436
|
-
# `x-amz-server-side-encryption:aws:kms`, but do not provide`
|
1431
|
+
# If `x-amz-server-side-encryption` has a valid value of `aws:kms` or
|
1432
|
+
# `aws:kms:dsse`, this header specifies the ID of the Key Management
|
1433
|
+
# Service (KMS) symmetric encryption customer managed key that was used
|
1434
|
+
# for the object. If you specify `x-amz-server-side-encryption:aws:kms`
|
1435
|
+
# or `x-amz-server-side-encryption:aws:kms:dsse`, but do not provide`
|
1437
1436
|
# x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
|
1438
|
-
# Amazon Web Services managed key to protect the data. If the
|
1439
|
-
# does not exist in the same account issuing the
|
1440
|
-
# the full ARN and not just the ID.
|
1437
|
+
# Amazon Web Services managed key (`aws/s3`) to protect the data. If the
|
1438
|
+
# KMS key does not exist in the same account that's issuing the
|
1439
|
+
# command, you must use the full ARN and not just the ID.
|
1441
1440
|
# @option options [String] :ssekms_encryption_context
|
1442
1441
|
# Specifies the Amazon Web Services KMS Encryption Context to use for
|
1443
1442
|
# object encryption. The value of this header is a base64-encoded UTF-8
|
@@ -1447,9 +1446,9 @@ module Aws::S3
|
|
1447
1446
|
# operations on this object.
|
1448
1447
|
# @option options [Boolean] :bucket_key_enabled
|
1449
1448
|
# Specifies whether Amazon S3 should use an S3 Bucket Key for object
|
1450
|
-
# encryption with server-side encryption using
|
1451
|
-
# Setting this header to `true` causes Amazon S3
|
1452
|
-
# for object encryption with SSE-KMS.
|
1449
|
+
# encryption with server-side encryption using Key Management Service
|
1450
|
+
# (KMS) keys (SSE-KMS). Setting this header to `true` causes Amazon S3
|
1451
|
+
# to use an S3 Bucket Key for object encryption with SSE-KMS.
|
1453
1452
|
#
|
1454
1453
|
# Specifying this header with a PUT action doesn’t affect bucket-level
|
1455
1454
|
# settings for S3 Bucket Key.
|
@@ -1544,7 +1543,7 @@ module Aws::S3
|
|
1544
1543
|
# bucket_name: "BucketName", # required
|
1545
1544
|
# prefix: "LocationPrefix", # required
|
1546
1545
|
# encryption: {
|
1547
|
-
# encryption_type: "AES256", # required, accepts AES256, aws:kms
|
1546
|
+
# encryption_type: "AES256", # required, accepts AES256, aws:kms, aws:kms:dsse
|
1548
1547
|
# kms_key_id: "SSEKMSKeyId",
|
1549
1548
|
# kms_context: "KMSContext",
|
1550
1549
|
# },
|
@@ -15,18 +15,21 @@ module Aws
|
|
15
15
|
MAX_PARTS = 10_000
|
16
16
|
|
17
17
|
# @option options [Client] :client
|
18
|
-
# @option [Integer] :min_part_size (52428800)
|
19
|
-
# Defaults to 50MB.
|
20
|
-
#
|
21
|
-
#
|
22
|
-
#
|
18
|
+
# @option options [Integer] :min_part_size (52428800)
|
19
|
+
# Size of copied parts. Defaults to 50MB.
|
20
|
+
# @option options [Integer] :thread_count (10) Number of concurrent
|
21
|
+
# threads to use for copying parts.
|
22
|
+
# @option options [Boolean] :use_source_parts (false) Use part sizes
|
23
|
+
# defined on the source object if any exist. If copying or moving an
|
24
|
+
# object that is already multipart, this does not re-part the object,
|
25
|
+
# instead re-using the part definitions on the original. That means
|
26
|
+
# the etag and any checksums will not change. This is especially
|
27
|
+
# useful if the source object has parts with varied sizes.
|
23
28
|
def initialize(options = {})
|
29
|
+
@use_source_parts = options.delete(:use_source_parts) || false
|
24
30
|
@thread_count = options.delete(:thread_count) || 10
|
25
31
|
@min_part_size = options.delete(:min_part_size) || (FIVE_MB * 10)
|
26
32
|
@client = options[:client] || Client.new
|
27
|
-
if options[:checksum_algorithm]
|
28
|
-
raise ArgumentError, 'Multipart Copy does not support setting :checksum_algorithm'
|
29
|
-
end
|
30
33
|
end
|
31
34
|
|
32
35
|
# @return [Client]
|
@@ -78,10 +81,9 @@ module Aws
|
|
78
81
|
end
|
79
82
|
|
80
83
|
def copy_part(part)
|
81
|
-
{
|
82
|
-
|
83
|
-
|
84
|
-
}
|
84
|
+
@client.upload_part_copy(part).copy_part_result.to_h.merge({
|
85
|
+
part_number: part[:part_number]
|
86
|
+
}).tap { |result| result.delete(:last_modified) }
|
85
87
|
end
|
86
88
|
|
87
89
|
def complete_upload(parts, options)
|
@@ -104,24 +106,37 @@ module Aws
|
|
104
106
|
parts = []
|
105
107
|
options = options_for(:upload_part_copy, options)
|
106
108
|
while offset < size
|
109
|
+
part_size = calculate_part_size(part_number, default_part_size, options)
|
107
110
|
parts << options.merge({
|
108
111
|
part_number: part_number,
|
109
|
-
copy_source_range: byte_range(offset,
|
112
|
+
copy_source_range: byte_range(offset, part_size, size),
|
110
113
|
})
|
111
114
|
part_number += 1
|
112
|
-
offset +=
|
115
|
+
offset += part_size
|
113
116
|
end
|
114
117
|
parts
|
115
118
|
end
|
116
119
|
|
117
|
-
def byte_range(offset,
|
118
|
-
if offset +
|
119
|
-
"bytes=#{offset}-#{offset +
|
120
|
+
def byte_range(offset, part_size, size)
|
121
|
+
if offset + part_size < size
|
122
|
+
"bytes=#{offset}-#{offset + part_size - 1}"
|
120
123
|
else
|
121
124
|
"bytes=#{offset}-#{size - 1}"
|
122
125
|
end
|
123
126
|
end
|
124
127
|
|
128
|
+
def calculate_part_size(part_number, default_part_size, options)
|
129
|
+
if @use_source_parts && source_has_parts(options)
|
130
|
+
source_metadata(options.merge({ part_number: part_number }))[:content_length]
|
131
|
+
else
|
132
|
+
default_part_size
|
133
|
+
end
|
134
|
+
end
|
135
|
+
|
136
|
+
def source_has_parts(options)
|
137
|
+
@source_has_parts ||= source_metadata(options.merge({ part_number: 1 }))[:parts_count]
|
138
|
+
end
|
139
|
+
|
125
140
|
def source_metadata(options)
|
126
141
|
if options[:content_length]
|
127
142
|
return { content_length: options.delete(:content_length) }
|
@@ -138,6 +153,7 @@ module Aws
|
|
138
153
|
key = CGI.unescape(key)
|
139
154
|
opts = { bucket: bucket, key: key }
|
140
155
|
opts[:version_id] = version_id if version_id
|
156
|
+
opts[:part_number] = options[:part_number] if options[:part_number]
|
141
157
|
client.head_object(opts).to_h
|
142
158
|
end
|
143
159
|
|
@@ -98,6 +98,20 @@ module Aws::S3
|
|
98
98
|
data[:owner]
|
99
99
|
end
|
100
100
|
|
101
|
+
# Specifies the restoration status of an object. Objects in certain
|
102
|
+
# storage classes must be restored before they can be retrieved. For
|
103
|
+
# more information about these storage classes and how to work with
|
104
|
+
# archived objects, see [ Working with archived objects][1] in the
|
105
|
+
# *Amazon S3 User Guide*.
|
106
|
+
#
|
107
|
+
#
|
108
|
+
#
|
109
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html
|
110
|
+
# @return [Types::RestoreStatus]
|
111
|
+
def restore_status
|
112
|
+
data[:restore_status]
|
113
|
+
end
|
114
|
+
|
101
115
|
# @!endgroup
|
102
116
|
|
103
117
|
# @return [Client]
|
@@ -310,7 +324,7 @@ module Aws::S3
|
|
310
324
|
# },
|
311
325
|
# metadata_directive: "COPY", # accepts COPY, REPLACE
|
312
326
|
# tagging_directive: "COPY", # accepts COPY, REPLACE
|
313
|
-
# server_side_encryption: "AES256", # accepts AES256, aws:kms
|
327
|
+
# server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
|
314
328
|
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
|
315
329
|
# website_redirect_location: "WebsiteRedirectLocation",
|
316
330
|
# sse_customer_algorithm: "SSECustomerAlgorithm",
|
@@ -440,7 +454,7 @@ module Aws::S3
|
|
440
454
|
# or replaced with tag-set provided in the request.
|
441
455
|
# @option options [String] :server_side_encryption
|
442
456
|
# The server-side encryption algorithm used when storing this object in
|
443
|
-
# Amazon S3 (for example, AES256
|
457
|
+
# Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
|
444
458
|
# @option options [String] :storage_class
|
445
459
|
# By default, Amazon S3 uses the STANDARD Storage Class to store newly
|
446
460
|
# created objects. The STANDARD storage class provides high durability
|
@@ -473,13 +487,12 @@ module Aws::S3
|
|
473
487
|
# RFC 1321. Amazon S3 uses this header for a message integrity check to
|
474
488
|
# ensure that the encryption key was transmitted without error.
|
475
489
|
# @option options [String] :ssekms_key_id
|
476
|
-
# Specifies the
|
477
|
-
#
|
478
|
-
#
|
479
|
-
#
|
480
|
-
#
|
481
|
-
#
|
482
|
-
# User Guide*.
|
490
|
+
# Specifies the KMS key ID to use for object encryption. All GET and PUT
|
491
|
+
# requests for an object protected by KMS will fail if they're not made
|
492
|
+
# via SSL or using SigV4. For information about configuring any of the
|
493
|
+
# officially supported Amazon Web Services SDKs and Amazon Web Services
|
494
|
+
# CLI, see [Specifying the Signature Version in Request
|
495
|
+
# Authentication][1] in the *Amazon S3 User Guide*.
|
483
496
|
#
|
484
497
|
#
|
485
498
|
#
|
@@ -490,9 +503,9 @@ module Aws::S3
|
|
490
503
|
# string holding JSON with the encryption context key-value pairs.
|
491
504
|
# @option options [Boolean] :bucket_key_enabled
|
492
505
|
# Specifies whether Amazon S3 should use an S3 Bucket Key for object
|
493
|
-
# encryption with server-side encryption using
|
494
|
-
# Setting this header to `true` causes Amazon S3
|
495
|
-
# for object encryption with SSE-KMS.
|
506
|
+
# encryption with server-side encryption using Key Management Service
|
507
|
+
# (KMS) keys (SSE-KMS). Setting this header to `true` causes Amazon S3
|
508
|
+
# to use an S3 Bucket Key for object encryption with SSE-KMS.
|
496
509
|
#
|
497
510
|
# Specifying this header with a COPY action doesn’t affect bucket-level
|
498
511
|
# settings for S3 Bucket Key.
|
@@ -721,7 +734,7 @@ module Aws::S3
|
|
721
734
|
# metadata: {
|
722
735
|
# "MetadataKey" => "MetadataValue",
|
723
736
|
# },
|
724
|
-
# server_side_encryption: "AES256", # accepts AES256, aws:kms
|
737
|
+
# server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
|
725
738
|
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
|
726
739
|
# website_redirect_location: "WebsiteRedirectLocation",
|
727
740
|
# sse_customer_algorithm: "SSECustomerAlgorithm",
|
@@ -778,7 +791,7 @@ module Aws::S3
|
|
778
791
|
# A map of metadata to store with the object in S3.
|
779
792
|
# @option options [String] :server_side_encryption
|
780
793
|
# The server-side encryption algorithm used when storing this object in
|
781
|
-
# Amazon S3 (for example, AES256
|
794
|
+
# Amazon S3 (for example, `AES256`, `aws:kms`).
|
782
795
|
# @option options [String] :storage_class
|
783
796
|
# By default, Amazon S3 uses the STANDARD Storage Class to store newly
|
784
797
|
# created objects. The STANDARD storage class provides high durability
|
@@ -810,11 +823,11 @@ module Aws::S3
|
|
810
823
|
# @option options [String] :ssekms_key_id
|
811
824
|
# Specifies the ID of the symmetric encryption customer managed key to
|
812
825
|
# use for object encryption. All GET and PUT requests for an object
|
813
|
-
# protected by
|
814
|
-
#
|
815
|
-
#
|
816
|
-
#
|
817
|
-
#
|
826
|
+
# protected by KMS will fail if they're not made via SSL or using
|
827
|
+
# SigV4. For information about configuring any of the officially
|
828
|
+
# supported Amazon Web Services SDKs and Amazon Web Services CLI, see
|
829
|
+
# [Specifying the Signature Version in Request Authentication][1] in the
|
830
|
+
# *Amazon S3 User Guide*.
|
818
831
|
#
|
819
832
|
#
|
820
833
|
#
|
@@ -825,9 +838,9 @@ module Aws::S3
|
|
825
838
|
# string holding JSON with the encryption context key-value pairs.
|
826
839
|
# @option options [Boolean] :bucket_key_enabled
|
827
840
|
# Specifies whether Amazon S3 should use an S3 Bucket Key for object
|
828
|
-
# encryption with server-side encryption using
|
829
|
-
# Setting this header to `true` causes Amazon S3
|
830
|
-
# for object encryption with SSE-KMS.
|
841
|
+
# encryption with server-side encryption using Key Management Service
|
842
|
+
# (KMS) keys (SSE-KMS). Setting this header to `true` causes Amazon S3
|
843
|
+
# to use an S3 Bucket Key for object encryption with SSE-KMS.
|
831
844
|
#
|
832
845
|
# Specifying this header with an object action doesn’t affect
|
833
846
|
# bucket-level settings for S3 Bucket Key.
|
@@ -906,7 +919,7 @@ module Aws::S3
|
|
906
919
|
# metadata: {
|
907
920
|
# "MetadataKey" => "MetadataValue",
|
908
921
|
# },
|
909
|
-
# server_side_encryption: "AES256", # accepts AES256, aws:kms
|
922
|
+
# server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
|
910
923
|
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
|
911
924
|
# website_redirect_location: "WebsiteRedirectLocation",
|
912
925
|
# sse_customer_algorithm: "SSECustomerAlgorithm",
|
@@ -1073,7 +1086,7 @@ module Aws::S3
|
|
1073
1086
|
# A map of metadata to store with the object in S3.
|
1074
1087
|
# @option options [String] :server_side_encryption
|
1075
1088
|
# The server-side encryption algorithm used when storing this object in
|
1076
|
-
# Amazon S3 (for example, AES256
|
1089
|
+
# Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
|
1077
1090
|
# @option options [String] :storage_class
|
1078
1091
|
# By default, Amazon S3 uses the STANDARD Storage Class to store newly
|
1079
1092
|
# created objects. The STANDARD storage class provides high durability
|
@@ -1124,15 +1137,15 @@ module Aws::S3
|
|
1124
1137
|
# RFC 1321. Amazon S3 uses this header for a message integrity check to
|
1125
1138
|
# ensure that the encryption key was transmitted without error.
|
1126
1139
|
# @option options [String] :ssekms_key_id
|
1127
|
-
# If `x-amz-server-side-encryption` has a valid value of `aws:kms
|
1128
|
-
# header specifies the ID of the
|
1129
|
-
# Service (
|
1130
|
-
#
|
1131
|
-
# `x-amz-server-side-encryption:aws:kms`, but do not provide`
|
1140
|
+
# If `x-amz-server-side-encryption` has a valid value of `aws:kms` or
|
1141
|
+
# `aws:kms:dsse`, this header specifies the ID of the Key Management
|
1142
|
+
# Service (KMS) symmetric encryption customer managed key that was used
|
1143
|
+
# for the object. If you specify `x-amz-server-side-encryption:aws:kms`
|
1144
|
+
# or `x-amz-server-side-encryption:aws:kms:dsse`, but do not provide`
|
1132
1145
|
# x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
|
1133
|
-
# Amazon Web Services managed key to protect the data. If the
|
1134
|
-
# does not exist in the same account issuing the
|
1135
|
-
# the full ARN and not just the ID.
|
1146
|
+
# Amazon Web Services managed key (`aws/s3`) to protect the data. If the
|
1147
|
+
# KMS key does not exist in the same account that's issuing the
|
1148
|
+
# command, you must use the full ARN and not just the ID.
|
1136
1149
|
# @option options [String] :ssekms_encryption_context
|
1137
1150
|
# Specifies the Amazon Web Services KMS Encryption Context to use for
|
1138
1151
|
# object encryption. The value of this header is a base64-encoded UTF-8
|
@@ -1142,9 +1155,9 @@ module Aws::S3
|
|
1142
1155
|
# operations on this object.
|
1143
1156
|
# @option options [Boolean] :bucket_key_enabled
|
1144
1157
|
# Specifies whether Amazon S3 should use an S3 Bucket Key for object
|
1145
|
-
# encryption with server-side encryption using
|
1146
|
-
# Setting this header to `true` causes Amazon S3
|
1147
|
-
# for object encryption with SSE-KMS.
|
1158
|
+
# encryption with server-side encryption using Key Management Service
|
1159
|
+
# (KMS) keys (SSE-KMS). Setting this header to `true` causes Amazon S3
|
1160
|
+
# to use an S3 Bucket Key for object encryption with SSE-KMS.
|
1148
1161
|
#
|
1149
1162
|
# Specifying this header with a PUT action doesn’t affect bucket-level
|
1150
1163
|
# settings for S3 Bucket Key.
|
@@ -1239,7 +1252,7 @@ module Aws::S3
|
|
1239
1252
|
# bucket_name: "BucketName", # required
|
1240
1253
|
# prefix: "LocationPrefix", # required
|
1241
1254
|
# encryption: {
|
1242
|
-
# encryption_type: "AES256", # required, accepts AES256, aws:kms
|
1255
|
+
# encryption_type: "AES256", # required, accepts AES256, aws:kms, aws:kms:dsse
|
1243
1256
|
# kms_key_id: "SSEKMSKeyId",
|
1244
1257
|
# kms_context: "KMSContext",
|
1245
1258
|
# },
|
@@ -105,6 +105,20 @@ module Aws::S3
|
|
105
105
|
data[:owner]
|
106
106
|
end
|
107
107
|
|
108
|
+
# Specifies the restoration status of an object. Objects in certain
|
109
|
+
# storage classes must be restored before they can be retrieved. For
|
110
|
+
# more information about these storage classes and how to work with
|
111
|
+
# archived objects, see [ Working with archived objects][1] in the
|
112
|
+
# *Amazon S3 User Guide*.
|
113
|
+
#
|
114
|
+
#
|
115
|
+
#
|
116
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html
|
117
|
+
# @return [Types::RestoreStatus]
|
118
|
+
def restore_status
|
119
|
+
data[:restore_status]
|
120
|
+
end
|
121
|
+
|
108
122
|
# @!endgroup
|
109
123
|
|
110
124
|
# @return [Client]
|