RubyGems - aws-sdk-s3 - Versions diffs - 1.125.0 → 1.126.0 - Mend

aws-sdk-s3 1.125.0 → 1.126.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-s3/bucket.rb +34 -12
data/lib/aws-sdk-s3/client.rb +398 -385
data/lib/aws-sdk-s3/client_api.rb +8 -0
data/lib/aws-sdk-s3/object.rb +36 -37
data/lib/aws-sdk-s3/object_summary.rb +31 -32
data/lib/aws-sdk-s3/types.rb +161 -87
data/lib/aws-sdk-s3.rb +1 -1
metadata +2 -2

data/lib/aws-sdk-s3/client.rb CHANGED Viewed

@@ -963,11 +963,12 @@ module Aws::S3
     #
     # Metadata
     #
-    # : When copying an object, you can preserve all metadata (default) or
-    #   specify new metadata. However, the ACL is not preserved and is set
-    #   to private for the user making the request. To override the default
-    #   ACL setting, specify a new ACL when generating a copy request. For
-    #   more information, see [Using ACLs][5].
+    # : When copying an object, you can preserve all metadata (the default)
+    #   or specify new metadata. However, the access control list (ACL) is
+    #   not preserved and is set to private for the user making the request.
+    #   To override the default ACL setting, specify a new ACL when
+    #   generating a copy request. For more information, see [Using
+    #   ACLs][5].
     #
     #   To specify whether you want the object metadata copied from the
     #   source object or replaced with metadata provided in the request, you
@@ -1032,25 +1033,26 @@ module Aws::S3
     #   of encryption configuration that uses server-side encryption with
     #   Amazon S3 managed keys (SSE-S3). If the destination bucket has a
     #   default encryption configuration that uses server-side encryption
-    #   with an Key Management Service (KMS) key (SSE-KMS), or a
-    #   customer-provided encryption key (SSE-C), Amazon S3 uses the
-    #   corresponding KMS key, or a customer-provided key to encrypt the
-    #   target object copy.
+    #   with Key Management Service (KMS) keys (SSE-KMS), dual-layer
+    #   server-side encryption with Amazon Web Services KMS keys (DSSE-KMS),
+    #   or server-side encryption with customer-provided encryption keys
+    #   (SSE-C), Amazon S3 uses the corresponding KMS key, or a
+    #   customer-provided key to encrypt the target object copy.
     #
-    #   When you perform a CopyObject operation, if you want to use a
+    #   When you perform a `CopyObject` operation, if you want to use a
     #   different type of encryption setting for the target object, you can
     #   use other appropriate encryption-related headers to encrypt the
     #   target object with a KMS key, an Amazon S3 managed key, or a
     #   customer-provided key. With server-side encryption, Amazon S3
-    #   encrypts your data as it writes it to disks in its data centers and
-    #   decrypts the data when you access it. If the encryption setting in
-    #   your request is different from the default encryption configuration
-    #   of the destination bucket, the encryption setting in your request
-    #   takes precedence. If the source object for the copy is stored in
-    #   Amazon S3 using SSE-C, you must provide the necessary encryption
-    #   information in your request so that Amazon S3 can decrypt the object
-    #   for copying. For more information about server-side encryption, see
-    #   [Using Server-Side Encryption][8].
+    #   encrypts your data as it writes your data to disks in its data
+    #   centers and decrypts the data when you access it. If the encryption
+    #   setting in your request is different from the default encryption
+    #   configuration of the destination bucket, the encryption setting in
+    #   your request takes precedence. If the source object for the copy is
+    #   stored in Amazon S3 using SSE-C, you must provide the necessary
+    #   encryption information in your request so that Amazon S3 can decrypt
+    #   the object for copying. For more information about server-side
+    #   encryption, see [Using Server-Side Encryption][8].
     #
     #   If a target object uses SSE-KMS, you can enable an S3 Bucket Key for
     #   the object. For more information, see [Amazon S3 Bucket Keys][9] in
@@ -1062,16 +1064,16 @@ module Aws::S3
     #   ACL-based permissions. By default, all objects are private. Only the
     #   owner has full access control. When adding a new object, you can
     #   grant permissions to individual Amazon Web Services accounts or to
-    #   predefined groups defined by Amazon S3. These permissions are then
-    #   added to the ACL on the object. For more information, see [Access
-    #   Control List (ACL) Overview][10] and [Managing ACLs Using the REST
-    #   API][11].
+    #   predefined groups that are defined by Amazon S3. These permissions
+    #   are then added to the ACL on the object. For more information, see
+    #   [Access Control List (ACL) Overview][10] and [Managing ACLs Using
+    #   the REST API][11].
     #
     #   If the bucket that you're copying objects to uses the bucket owner
     #   enforced setting for S3 Object Ownership, ACLs are disabled and no
     #   longer affect permissions. Buckets that use this setting only accept
-    #   PUT requests that don't specify an ACL or PUT requests that specify
-    #   bucket owner full control ACLs, such as the
+    #   `PUT` requests that don't specify an ACL or `PUT` requests that
+    #   specify bucket owner full control ACLs, such as the
     #   `bucket-owner-full-control` canned ACL or an equivalent form of this
     #   ACL expressed in the XML format.
     #
@@ -1088,13 +1090,13 @@ module Aws::S3
     #
     # : When copying an object, if it has a checksum, that checksum will be
     #   copied to the new object by default. When you copy the object over,
-    #   you may optionally specify a different checksum algorithm to use
+    #   you can optionally specify a different checksum algorithm to use
     #   with the `x-amz-checksum-algorithm` header.
     #
     # Storage Class Options
     #
     # : You can use the `CopyObject` action to change the storage class of
-    #   an object that is already stored in Amazon S3 using the
+    #   an object that is already stored in Amazon S3 by using the
     #   `StorageClass` parameter. For more information, see [Storage
     #   Classes][13] in the *Amazon S3 User Guide*.
     #
@@ -1105,10 +1107,10 @@ module Aws::S3
     #
     # Versioning
     #
-    # : By default, `x-amz-copy-source` identifies the current version of an
-    #   object to copy. If the current version is a delete marker, Amazon S3
-    #   behaves as if the object was deleted. To copy a different version,
-    #   use the `versionId` subresource.
+    # : By default, `x-amz-copy-source` header identifies the current
+    #   version of an object to copy. If the current version is a delete
+    #   marker, Amazon S3 behaves as if the object was deleted. To copy a
+    #   different version, use the `versionId` subresource.
     #
     #   If you enable versioning on the target bucket, Amazon S3 generates a
     #   unique version ID for the object being copied. This version ID is
@@ -1302,7 +1304,7 @@ module Aws::S3
     #
     # @option params [String] :server_side_encryption
     #   The server-side encryption algorithm used when storing this object in
-    #   Amazon S3 (for example, AES256, `aws:kms`).
+    #   Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
     #
     # @option params [String] :storage_class
     #   By default, Amazon S3 uses the STANDARD Storage Class to store newly
@@ -1341,13 +1343,12 @@ module Aws::S3
     #   ensure that the encryption key was transmitted without error.
     #
     # @option params [String] :ssekms_key_id
-    #   Specifies the Amazon Web Services KMS key ID to use for object
-    #   encryption. All GET and PUT requests for an object protected by Amazon
-    #   Web Services KMS will fail if not made via SSL or using SigV4. For
-    #   information about configuring using any of the officially supported
-    #   Amazon Web Services SDKs and Amazon Web Services CLI, see [Specifying
-    #   the Signature Version in Request Authentication][1] in the *Amazon S3
-    #   User Guide*.
+    #   Specifies the KMS key ID to use for object encryption. All GET and PUT
+    #   requests for an object protected by KMS will fail if they're not made
+    #   via SSL or using SigV4. For information about configuring any of the
+    #   officially supported Amazon Web Services SDKs and Amazon Web Services
+    #   CLI, see [Specifying the Signature Version in Request
+    #   Authentication][1] in the *Amazon S3 User Guide*.
     #
     #
     #
@@ -1360,9 +1361,9 @@ module Aws::S3
     #
     # @option params [Boolean] :bucket_key_enabled
     #   Specifies whether Amazon S3 should use an S3 Bucket Key for object
-    #   encryption with server-side encryption using AWS KMS (SSE-KMS).
-    #   Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
-    #   for object encryption with SSE-KMS.
+    #   encryption with server-side encryption using Key Management Service
+    #   (KMS) keys (SSE-KMS). Setting this header to `true` causes Amazon S3
+    #   to use an S3 Bucket Key for object encryption with SSE-KMS.
     #
     #   Specifying this header with a COPY action doesn’t affect bucket-level
     #   settings for S3 Bucket Key.
@@ -1545,8 +1546,8 @@ module Aws::S3
     # (Ireland) Region. For more information, see [Accessing a bucket][3].
     #
     # <note markdown="1"> If you send your create bucket request to the `s3.amazonaws.com`
-    # endpoint, the request goes to the us-east-1 Region. Accordingly, the
-    # signature calculations in Signature Version 4 must use us-east-1 as
+    # endpoint, the request goes to the `us-east-1` Region. Accordingly, the
+    # signature calculations in Signature Version 4 must use `us-east-1` as
     # the Region, even if the location constraint in the request specifies
     # another Region where the bucket is to be created. If you create a
     # bucket in a Region other than US East (N. Virginia), your application
@@ -1555,108 +1556,62 @@ module Aws::S3
     #
     #  </note>
     #
-    # Access control lists (ACLs)
-    #
-    # : When creating a bucket using this operation, you can optionally
-    #   configure the bucket ACL to specify the accounts or groups that
-    #   should be granted specific permissions on the bucket.
-    #
-    #   If your CreateBucket request sets bucket owner enforced for S3
-    #   Object Ownership and specifies a bucket ACL that provides access to
-    #   an external Amazon Web Services account, your request fails with a
-    #   `400` error and returns the `InvalidBucketAclWithObjectOwnership`
-    #   error code. For more information, see [Controlling object
-    #   ownership][5] in the *Amazon S3 User Guide*.
-    #
-    #   There are two ways to grant the appropriate permissions using the
-    #   request headers.
-    #
-    #   * Specify a canned ACL using the `x-amz-acl` request header. Amazon
-    #     S3 supports a set of predefined ACLs, known as *canned ACLs*. Each
-    #     canned ACL has a predefined set of grantees and permissions. For
-    #     more information, see [Canned ACL][6].
-    #
-    #   * Specify access permissions explicitly using the
-    #     `x-amz-grant-read`, `x-amz-grant-write`, `x-amz-grant-read-acp`,
-    #     `x-amz-grant-write-acp`, and `x-amz-grant-full-control` headers.
-    #     These headers map to the set of permissions Amazon S3 supports in
-    #     an ACL. For more information, see [Access control list (ACL)
-    #     overview][7].
-    #
-    #     You specify each grantee as a type=value pair, where the type is
-    #     one of the following:
-    #
-    #     * `id` – if the value specified is the canonical user ID of an
-    #       Amazon Web Services account
-    #
-    #     * `uri` – if you are granting permissions to a predefined group
-    #
-    #     * `emailAddress` – if the value specified is the email address of
-    #       an Amazon Web Services account
-    #
-    #       <note markdown="1"> Using email addresses to specify a grantee is only supported in
-    #       the following Amazon Web Services Regions:
-    #
-    #        * US East (N. Virginia)
-    #
-    #       * US West (N. California)
-    #
-    #       * US West (Oregon)
-    #
-    #       * Asia Pacific (Singapore)
-    #
-    #       * Asia Pacific (Sydney)
-    #
-    #       * Asia Pacific (Tokyo)
-    #
-    #       * Europe (Ireland)
-    #
-    #       * South America (São Paulo)
-    #
-    #        For a list of all the Amazon S3 supported Regions and endpoints,
-    #       see [Regions and Endpoints][8] in the Amazon Web Services
-    #       General Reference.
-    #
-    #        </note>
-    #
-    #     For example, the following `x-amz-grant-read` header grants the
-    #     Amazon Web Services accounts identified by account IDs permissions
-    #     to read object data and its metadata:
-    #
-    #     `x-amz-grant-read: id="11112222333", id="444455556666" `
-    #
-    #   <note markdown="1"> You can use either a canned ACL or specify access permissions
-    #   explicitly. You cannot do both.
-    #
-    #    </note>
-    #
     # Permissions
     #
     # : In addition to `s3:CreateBucket`, the following permissions are
-    #   required when your CreateBucket includes specific headers:
+    #   required when your `CreateBucket` request includes specific headers:
     #
-    #   * **ACLs** - If your `CreateBucket` request specifies ACL
-    #     permissions and the ACL is public-read, public-read-write,
-    #     authenticated-read, or if you specify access permissions
-    #     explicitly through any other ACL, both `s3:CreateBucket` and
-    #     `s3:PutBucketAcl` permissions are needed. If the ACL the
-    #     `CreateBucket` request is private or doesn't specify any ACLs,
-    #     only `s3:CreateBucket` permission is needed.
+    #   * **Access control lists (ACLs)** - If your `CreateBucket` request
+    #     specifies access control list (ACL) permissions and the ACL is
+    #     public-read, public-read-write, authenticated-read, or if you
+    #     specify access permissions explicitly through any other ACL, both
+    #     `s3:CreateBucket` and `s3:PutBucketAcl` permissions are needed. If
+    #     the ACL for the `CreateBucket` request is private or if the
+    #     request doesn't specify any ACLs, only `s3:CreateBucket`
+    #     permission is needed.
     #
     #   * **Object Lock** - If `ObjectLockEnabledForBucket` is set to true
     #     in your `CreateBucket` request,
     #     `s3:PutBucketObjectLockConfiguration` and `s3:PutBucketVersioning`
     #     permissions are required.
     #
-    #   * **S3 Object Ownership** - If your CreateBucket request includes
-    #     the `x-amz-object-ownership` header,
-    #     `s3:PutBucketOwnershipControls` permission is required.
+    #   * **S3 Object Ownership** - If your `CreateBucket` request includes
+    #     the `x-amz-object-ownership` header, then the
+    #     `s3:PutBucketOwnershipControls` permission is required. By
+    #     default, `ObjectOwnership` is set to `BucketOWnerEnforced` and
+    #     ACLs are disabled. We recommend keeping ACLs disabled, except in
+    #     uncommon use cases where you must control access for each object
+    #     individually. If you want to change the `ObjectOwnership` setting,
+    #     you can use the `x-amz-object-ownership` header in your
+    #     `CreateBucket` request to set the `ObjectOwnership` setting of
+    #     your choice. For more information about S3 Object Ownership, see
+    #     [Controlling object ownership ][5] in the *Amazon S3 User Guide*.
+    #
+    #   * **S3 Block Public Access** - If your specific use case requires
+    #     granting public access to your S3 resources, you can disable Block
+    #     Public Access. You can create a new bucket with Block Public
+    #     Access enabled, then separately call the [
+    #     `DeletePublicAccessBlock` ][6] API. To use this operation, you
+    #     must have the `s3:PutBucketPublicAccessBlock` permission. By
+    #     default, all Block Public Access settings are enabled for new
+    #     buckets. To avoid inadvertent exposure of your resources, we
+    #     recommend keeping the S3 Block Public Access settings enabled. For
+    #     more information about S3 Block Public Access, see [Blocking
+    #     public access to your Amazon S3 storage ][5] in the *Amazon S3
+    #     User Guide*.
+    #
+    # If your `CreateBucket` request sets `BucketOwnerEnforced` for Amazon
+    # S3 Object Ownership and specifies a bucket ACL that provides access to
+    # an external Amazon Web Services account, your request fails with a
+    # `400` error and returns the `InvalidBucketAcLWithObjectOwnership`
+    # error code. For more information, see [Setting Object Ownership on an
+    # existing bucket ][7] in the *Amazon S3 User Guide*.
     #
     # The following operations are related to `CreateBucket`:
     #
-    # * [PutObject][9]
+    # * [PutObject][8]
     #
-    # * [DeleteBucket][10]
+    # * [DeleteBucket][9]
     #
     #
     #
@@ -1665,11 +1620,10 @@ module Aws::S3
     # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro
     # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html
     # [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html
-    # [8]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
-    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
-    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-ownership-existing-bucket.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
     #
     # @option params [String] :acl
     #   The canned ACL to apply to the bucket.
@@ -1726,33 +1680,33 @@ module Aws::S3
     #   * {Types::CreateBucketOutput#location #location} => String
     #
     #
-    # @example Example: To create a bucket in a specific region
+    # @example Example: To create a bucket
     #
-    #   # The following example creates a bucket. The request specifies an AWS region where to create the bucket.
+    #   # The following example creates a bucket.
     #
     #   resp = client.create_bucket({
     #     bucket: "examplebucket",
-    #     create_bucket_configuration: {
-    #       location_constraint: "eu-west-1",
-    #     },
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     location: "http://examplebucket.<Region>.s3.amazonaws.com/",
+    #     location: "/examplebucket",
     #   }
     #
-    # @example Example: To create a bucket
+    # @example Example: To create a bucket in a specific region
     #
-    #   # The following example creates a bucket.
+    #   # The following example creates a bucket. The request specifies an AWS region where to create the bucket.
     #
     #   resp = client.create_bucket({
     #     bucket: "examplebucket",
+    #     create_bucket_configuration: {
+    #       location_constraint: "eu-west-1",
+    #     },
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     location: "/examplebucket",
+    #     location: "http://examplebucket.<Region>.s3.amazonaws.com/",
     #   }
     #
     # @example Request syntax with placeholder values
@@ -2128,7 +2082,7 @@ module Aws::S3
     #
     # @option params [String] :server_side_encryption
     #   The server-side encryption algorithm used when storing this object in
-    #   Amazon S3 (for example, AES256, `aws:kms`).
+    #   Amazon S3 (for example, `AES256`, `aws:kms`).
     #
     # @option params [String] :storage_class
     #   By default, Amazon S3 uses the STANDARD Storage Class to store newly
@@ -2166,11 +2120,11 @@ module Aws::S3
     # @option params [String] :ssekms_key_id
     #   Specifies the ID of the symmetric encryption customer managed key to
     #   use for object encryption. All GET and PUT requests for an object
-    #   protected by Amazon Web Services KMS will fail if not made via SSL or
-    #   using SigV4. For information about configuring using any of the
-    #   officially supported Amazon Web Services SDKs and Amazon Web Services
-    #   CLI, see [Specifying the Signature Version in Request
-    #   Authentication][1] in the *Amazon S3 User Guide*.
+    #   protected by KMS will fail if they're not made via SSL or using
+    #   SigV4. For information about configuring any of the officially
+    #   supported Amazon Web Services SDKs and Amazon Web Services CLI, see
+    #   [Specifying the Signature Version in Request Authentication][1] in the
+    #   *Amazon S3 User Guide*.
     #
     #
     #
@@ -2183,9 +2137,9 @@ module Aws::S3
     #
     # @option params [Boolean] :bucket_key_enabled
     #   Specifies whether Amazon S3 should use an S3 Bucket Key for object
-    #   encryption with server-side encryption using AWS KMS (SSE-KMS).
-    #   Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
-    #   for object encryption with SSE-KMS.
+    #   encryption with server-side encryption using Key Management Service
+    #   (KMS) keys (SSE-KMS). Setting this header to `true` causes Amazon S3
+    #   to use an S3 Bucket Key for object encryption with SSE-KMS.
     #
     #   Specifying this header with an object action doesn’t affect
     #   bucket-level settings for S3 Bucket Key.
@@ -2446,7 +2400,7 @@ module Aws::S3
     # For information about `cors`, see [Enabling Cross-Origin Resource
     # Sharing][1] in the *Amazon S3 User Guide*.
     #
-    # The following operations are related to `DeleteBucketCors`:
+    # **Related Resources**
     #
     # * [PutBucketCors][2]
     #
@@ -3204,15 +3158,6 @@ module Aws::S3
     #   * {Types::DeleteObjectOutput#request_charged #request_charged} => String
     #
     #
-    # @example Example: To delete an object (from a non-versioned bucket)
-    #
-    #   # The following example deletes an object from a non-versioned bucket.
-    #
-    #   resp = client.delete_object({
-    #     bucket: "ExampleBucket",
-    #     key: "HappyFace.jpg",
-    #   })
-    #
     # @example Example: To delete an object
     #
     #   # The following example deletes an object from an S3 bucket.
@@ -3226,6 +3171,15 @@ module Aws::S3
     #   {
     #   }
     #
+    # @example Example: To delete an object (from a non-versioned bucket)
+    #
+    #   # The following example deletes an object from a non-versioned bucket.
+    #
+    #   resp = client.delete_object({
+    #     bucket: "ExampleBucket",
+    #     key: "HappyFace.jpg",
+    #   })
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.delete_object({
@@ -3317,35 +3271,35 @@ module Aws::S3
     #   * {Types::DeleteObjectTaggingOutput#version_id #version_id} => String
     #
     #
-    # @example Example: To remove tag set from an object
+    # @example Example: To remove tag set from an object version
     #
-    #   # The following example removes tag set associated with the specified object. If the bucket is versioning enabled, the
-    #   # operation removes tag set from the latest object version.
+    #   # The following example removes tag set associated with the specified object version. The request specifies both the
+    #   # object key and object version.
     #
     #   resp = client.delete_object_tagging({
     #     bucket: "examplebucket",
     #     key: "HappyFace.jpg",
+    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     version_id: "null",
+    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
     #   }
     #
-    # @example Example: To remove tag set from an object version
+    # @example Example: To remove tag set from an object
     #
-    #   # The following example removes tag set associated with the specified object version. The request specifies both the
-    #   # object key and object version.
+    #   # The following example removes tag set associated with the specified object. If the bucket is versioning enabled, the
+    #   # operation removes tag set from the latest object version.
     #
     #   resp = client.delete_object_tagging({
     #     bucket: "examplebucket",
     #     key: "HappyFace.jpg",
-    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
+    #     version_id: "null",
     #   }
     #
     # @example Request syntax with placeholder values
@@ -3720,20 +3674,34 @@ module Aws::S3
     #   a different account, the request fails with the HTTP status code `403
     #   Forbidden` (access denied).
     #
+    # @option params [String] :request_payer
+    #   Confirms that the requester knows that they will be charged for the
+    #   request. Bucket owners need not specify this parameter in their
+    #   requests. For information about downloading objects from Requester
+    #   Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
+    #   in the *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+    #
     # @return [Types::GetBucketAccelerateConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::GetBucketAccelerateConfigurationOutput#status #status} => String
+    #   * {Types::GetBucketAccelerateConfigurationOutput#request_charged #request_charged} => String
     #
     # @example Request syntax with placeholder values
     #
     #   resp = client.get_bucket_accelerate_configuration({
     #     bucket: "BucketName", # required
     #     expected_bucket_owner: "AccountId",
+    #     request_payer: "requester", # accepts requester
     #   })
     #
     # @example Response structure
     #
     #   resp.status #=> String, one of "Enabled", "Suspended"
+    #   resp.request_charged #=> String, one of "requester"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketAccelerateConfiguration AWS API Documentation
     #
@@ -5639,30 +5607,32 @@ module Aws::S3
     # For more information about returning the ACL of an object, see
     # [GetObjectAcl][2].
     #
-    # If the object you are retrieving is stored in the S3 Glacier or S3
-    # Glacier Deep Archive storage class, or S3 Intelligent-Tiering Archive
-    # or S3 Intelligent-Tiering Deep Archive tiers, before you can retrieve
-    # the object you must first restore a copy using [RestoreObject][3].
-    # Otherwise, this action returns an `InvalidObjectState` error. For
-    # information about restoring archived objects, see [Restoring Archived
-    # Objects][4].
+    # If the object you are retrieving is stored in the S3 Glacier Flexible
+    # Retrieval or S3 Glacier Deep Archive storage class, or S3
+    # Intelligent-Tiering Archive or S3 Intelligent-Tiering Deep Archive
+    # tiers, before you can retrieve the object you must first restore a
+    # copy using [RestoreObject][3]. Otherwise, this action returns an
+    # `InvalidObjectState` error. For information about restoring archived
+    # objects, see [Restoring Archived Objects][4].
     #
     # Encryption request headers, like `x-amz-server-side-encryption`,
     # should not be sent for GET requests if your object uses server-side
-    # encryption with KMS keys (SSE-KMS) or server-side encryption with
-    # Amazon S3–managed encryption keys (SSE-S3). If your object does use
-    # these types of keys, you’ll get an HTTP 400 BadRequest error.
+    # encryption with Key Management Service (KMS) keys (SSE-KMS),
+    # dual-layer server-side encryption with Amazon Web Services KMS keys
+    # (DSSE-KMS), or server-side encryption with Amazon S3 managed
+    # encryption keys (SSE-S3). If your object does use these types of keys,
+    # you’ll get an HTTP 400 Bad Request error.
     #
     # If you encrypt an object by using server-side encryption with
     # customer-provided encryption keys (SSE-C) when you store the object in
     # Amazon S3, then when you GET the object, you must use the following
     # headers:
     #
-    # * x-amz-server-side-encryption-customer-algorithm
+    # * `x-amz-server-side-encryption-customer-algorithm`
     #
-    # * x-amz-server-side-encryption-customer-key
+    # * `x-amz-server-side-encryption-customer-key`
     #
-    # * x-amz-server-side-encryption-customer-key-MD5
+    # * `x-amz-server-side-encryption-customer-key-MD5`
     #
     # For more information about SSE-C, see [Server-Side Encryption (Using
     # Customer-Provided Encryption Keys)][5].
@@ -5677,20 +5647,21 @@ module Aws::S3
     #
     # : You need the relevant read object (or version) permission for this
     #   operation. For more information, see [Specifying Permissions in a
-    #   Policy][7]. If the object you request does not exist, the error
-    #   Amazon S3 returns depends on whether you also have the
+    #   Policy][7]. If the object that you request doesn’t exist, the error
+    #   that Amazon S3 returns depends on whether you also have the
     #   `s3:ListBucket` permission.
     #
-    #   * If you have the `s3:ListBucket` permission on the bucket, Amazon
-    #     S3 will return an HTTP status code 404 ("no such key") error.
+    #   If you have the `s3:ListBucket` permission on the bucket, Amazon S3
+    #   returns an HTTP status code 404 (Not Found) error.
     #
-    #   * If you don’t have the `s3:ListBucket` permission, Amazon S3 will
-    #     return an HTTP status code 403 ("access denied") error.
+    #   If you don’t have the `s3:ListBucket` permission, Amazon S3 returns
+    #   an HTTP status code 403 ("access denied") error.
     #
     # Versioning
     #
-    # : By default, the GET action returns the current version of an object.
-    #   To return a different version, use the `versionId` subresource.
+    # : By default, the `GET` action returns the current version of an
+    #   object. To return a different version, use the `versionId`
+    #   subresource.
     #
     #   <note markdown="1"> * If you supply a `versionId`, you need the `s3:GetObjectVersion`
     #     permission to access a specific version of an object. If you
@@ -5710,18 +5681,18 @@ module Aws::S3
     # Overriding Response Header Values
     #
     # : There are times when you want to override certain response header
-    #   values in a GET response. For example, you might override the
-    #   `Content-Disposition` response header value in your GET request.
+    #   values in a `GET` response. For example, you might override the
+    #   `Content-Disposition` response header value in your `GET` request.
     #
     #   You can override values for a set of response headers using the
     #   following query parameters. These response header values are sent
     #   only on a successful request, that is, when status code 200 OK is
     #   returned. The set of headers you can override using these parameters
     #   is a subset of the headers that Amazon S3 accepts when you create an
-    #   object. The response headers that you can override for the GET
+    #   object. The response headers that you can override for the `GET`
     #   response are `Content-Type`, `Content-Language`, `Expires`,
     #   `Cache-Control`, `Content-Disposition`, and `Content-Encoding`. To
-    #   override these header values in the GET response, you use the
+    #   override these header values in the `GET` response, you use the
     #   following request parameters.
     #
     #   <note markdown="1"> You must sign the request, either using an Authorization header or a
@@ -6821,49 +6792,49 @@ module Aws::S3
     #   * {Types::GetObjectTaggingOutput#tag_set #tag_set} => Array&lt;Types::Tag&gt;
     #
     #
-    # @example Example: To retrieve tag set of a specific object version
+    # @example Example: To retrieve tag set of an object
     #
-    #   # The following example retrieves tag set of an object. The request specifies object version.
+    #   # The following example retrieves tag set of an object.
     #
     #   resp = client.get_object_tagging({
     #     bucket: "examplebucket",
-    #     key: "exampleobject",
-    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
+    #     key: "HappyFace.jpg",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     tag_set: [
     #       {
-    #         key: "Key1",
-    #         value: "Value1",
+    #         key: "Key4",
+    #         value: "Value4",
+    #       },
+    #       {
+    #         key: "Key3",
+    #         value: "Value3",
     #       },
     #     ],
-    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
+    #     version_id: "null",
     #   }
     #
-    # @example Example: To retrieve tag set of an object
+    # @example Example: To retrieve tag set of a specific object version
     #
-    #   # The following example retrieves tag set of an object.
+    #   # The following example retrieves tag set of an object. The request specifies object version.
     #
     #   resp = client.get_object_tagging({
     #     bucket: "examplebucket",
-    #     key: "HappyFace.jpg",
+    #     key: "exampleobject",
+    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     tag_set: [
     #       {
-    #         key: "Key4",
-    #         value: "Value4",
-    #       },
-    #       {
-    #         key: "Key3",
-    #         value: "Value3",
+    #         key: "Key1",
+    #         value: "Value1",
     #       },
     #     ],
-    #     version_id: "null",
+    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
     #   }
     #
     # @example Request syntax with placeholder values
@@ -7165,9 +7136,9 @@ module Aws::S3
       req.send_request(options)
     end
-    # The HEAD action retrieves metadata from an object without returning
+    # The `HEAD` action retrieves metadata from an object without returning
     # the object itself. This action is useful if you're only interested in
-    # an object's metadata. To use HEAD, you must have READ access to the
+    # an object's metadata. To use `HEAD`, you must have READ access to the
     # object.
     #
     # A `HEAD` request has the same options as a `GET` action on an object.
@@ -7182,20 +7153,22 @@ module Aws::S3
     # Amazon S3, then when you retrieve the metadata from the object, you
     # must use the following headers:
     #
-    # * x-amz-server-side-encryption-customer-algorithm
+    # * `x-amz-server-side-encryption-customer-algorithm`
     #
-    # * x-amz-server-side-encryption-customer-key
+    # * `x-amz-server-side-encryption-customer-key`
     #
-    # * x-amz-server-side-encryption-customer-key-MD5
+    # * `x-amz-server-side-encryption-customer-key-MD5`
     #
     # For more information about SSE-C, see [Server-Side Encryption (Using
     # Customer-Provided Encryption Keys)][1].
     #
     # <note markdown="1"> * Encryption request headers, like `x-amz-server-side-encryption`,
-    #   should not be sent for GET requests if your object uses server-side
-    #   encryption with KMS keys (SSE-KMS) or server-side encryption with
-    #   Amazon S3–managed encryption keys (SSE-S3). If your object does use
-    #   these types of keys, you’ll get an HTTP 400 BadRequest error.
+    #   should not be sent for `GET` requests if your object uses
+    #   server-side encryption with Key Management Service (KMS) keys
+    #   (SSE-KMS), dual-layer server-side encryption with Amazon Web
+    #   Services KMS keys (DSSE-KMS), or server-side encryption with Amazon
+    #   S3 managed encryption keys (SSE-S3). If your object does use these
+    #   types of keys, you’ll get an HTTP 400 Bad Request error.
     #
     # * The last modified property in this case is the creation date of the
     #   object.
@@ -7231,15 +7204,15 @@ module Aws::S3
     #
     # : You need the relevant read object (or version) permission for this
     #   operation. For more information, see [Actions, resources, and
-    #   condition keys for Amazon S3][4]. If the object you request does not
-    #   exist, the error Amazon S3 returns depends on whether you also have
-    #   the s3:ListBucket permission.
+    #   condition keys for Amazon S3][4]. If the object you request doesn't
+    #   exist, the error that Amazon S3 returns depends on whether you also
+    #   have the s3:ListBucket permission.
     #
     #   * If you have the `s3:ListBucket` permission on the bucket, Amazon
-    #     S3 returns an HTTP status code 404 ("no such key") error.
+    #     S3 returns an HTTP status code 404 error.
     #
     #   * If you don’t have the `s3:ListBucket` permission, Amazon S3
-    #     returns an HTTP status code 403 ("access denied") error.
+    #     returns an HTTP status code 403 error.
     #
     # The following actions are related to `HeadObject`:
     #
@@ -8061,6 +8034,17 @@ module Aws::S3
     #   a different account, the request fails with the HTTP status code `403
     #   Forbidden` (access denied).
     #
+    # @option params [String] :request_payer
+    #   Confirms that the requester knows that they will be charged for the
+    #   request. Bucket owners need not specify this parameter in their
+    #   requests. For information about downloading objects from Requester
+    #   Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
+    #   in the *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+    #
     # @return [Types::ListMultipartUploadsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ListMultipartUploadsOutput#bucket #bucket} => String
@@ -8075,101 +8059,102 @@ module Aws::S3
     #   * {Types::ListMultipartUploadsOutput#uploads #uploads} => Array&lt;Types::MultipartUpload&gt;
     #   * {Types::ListMultipartUploadsOutput#common_prefixes #common_prefixes} => Array&lt;Types::CommonPrefix&gt;
     #   * {Types::ListMultipartUploadsOutput#encoding_type #encoding_type} => String
+    #   * {Types::ListMultipartUploadsOutput#request_charged #request_charged} => String
     #
     # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
     #
     #
-    # @example Example: To list in-progress multipart uploads on a bucket
+    # @example Example: List next set of multipart uploads when previous result is truncated
     #
-    #   # The following example lists in-progress multipart uploads on a specific bucket.
+    #   # The following example specifies the upload-id-marker and key-marker from previous truncated response to retrieve next
+    #   # setup of multipart uploads.
     #
     #   resp = client.list_multipart_uploads({
     #     bucket: "examplebucket",
+    #     key_marker: "nextkeyfrompreviousresponse",
+    #     max_uploads: 2,
+    #     upload_id_marker: "valuefrompreviousresponse",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
+    #     bucket: "acl1",
+    #     is_truncated: true,
+    #     key_marker: "",
+    #     max_uploads: 2,
+    #     next_key_marker: "someobjectkey",
+    #     next_upload_id_marker: "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--",
+    #     upload_id_marker: "",
     #     uploads: [
     #       {
     #         initiated: Time.parse("2014-05-01T05:40:58.000Z"),
     #         initiator: {
-    #           display_name: "display-name",
+    #           display_name: "ownder-display-name",
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc",
     #         },
     #         key: "JavaFile",
     #         owner: {
-    #           display_name: "display-name",
-    #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc",
+    #           display_name: "mohanataws",
+    #           id: "852b113e7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc",
     #         },
     #         storage_class: "STANDARD",
-    #         upload_id: "examplelUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--",
+    #         upload_id: "gZ30jIqlUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--",
     #       },
     #       {
     #         initiated: Time.parse("2014-05-01T05:41:27.000Z"),
     #         initiator: {
-    #           display_name: "display-name",
+    #           display_name: "ownder-display-name",
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc",
     #         },
     #         key: "JavaFile",
     #         owner: {
-    #           display_name: "display-name",
+    #           display_name: "ownder-display-name",
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc",
     #         },
     #         storage_class: "STANDARD",
-    #         upload_id: "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--",
+    #         upload_id: "b7tZSqIlo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--",
     #       },
     #     ],
     #   }
     #
-    # @example Example: List next set of multipart uploads when previous result is truncated
+    # @example Example: To list in-progress multipart uploads on a bucket
     #
-    #   # The following example specifies the upload-id-marker and key-marker from previous truncated response to retrieve next
-    #   # setup of multipart uploads.
+    #   # The following example lists in-progress multipart uploads on a specific bucket.
     #
     #   resp = client.list_multipart_uploads({
     #     bucket: "examplebucket",
-    #     key_marker: "nextkeyfrompreviousresponse",
-    #     max_uploads: 2,
-    #     upload_id_marker: "valuefrompreviousresponse",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     bucket: "acl1",
-    #     is_truncated: true,
-    #     key_marker: "",
-    #     max_uploads: 2,
-    #     next_key_marker: "someobjectkey",
-    #     next_upload_id_marker: "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--",
-    #     upload_id_marker: "",
     #     uploads: [
     #       {
     #         initiated: Time.parse("2014-05-01T05:40:58.000Z"),
     #         initiator: {
-    #           display_name: "ownder-display-name",
+    #           display_name: "display-name",
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc",
     #         },
     #         key: "JavaFile",
     #         owner: {
-    #           display_name: "mohanataws",
-    #           id: "852b113e7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc",
+    #           display_name: "display-name",
+    #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc",
     #         },
     #         storage_class: "STANDARD",
-    #         upload_id: "gZ30jIqlUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--",
+    #         upload_id: "examplelUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--",
     #       },
     #       {
     #         initiated: Time.parse("2014-05-01T05:41:27.000Z"),
     #         initiator: {
-    #           display_name: "ownder-display-name",
+    #           display_name: "display-name",
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc",
     #         },
     #         key: "JavaFile",
     #         owner: {
-    #           display_name: "ownder-display-name",
+    #           display_name: "display-name",
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc",
     #         },
     #         storage_class: "STANDARD",
-    #         upload_id: "b7tZSqIlo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--",
+    #         upload_id: "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--",
     #       },
     #     ],
     #   }
@@ -8185,6 +8170,7 @@ module Aws::S3
     #     prefix: "Prefix",
     #     upload_id_marker: "UploadIdMarker",
     #     expected_bucket_owner: "AccountId",
+    #     request_payer: "requester", # accepts requester
     #   })
     #
     # @example Response structure
@@ -8211,6 +8197,7 @@ module Aws::S3
     #   resp.common_prefixes #=> Array
     #   resp.common_prefixes[0].prefix #=> String
     #   resp.encoding_type #=> String, one of "url"
+    #   resp.request_charged #=> String, one of "requester"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListMultipartUploads AWS API Documentation
     #
@@ -8301,6 +8288,17 @@ module Aws::S3
     #   a different account, the request fails with the HTTP status code `403
     #   Forbidden` (access denied).
     #
+    # @option params [String] :request_payer
+    #   Confirms that the requester knows that they will be charged for the
+    #   request. Bucket owners need not specify this parameter in their
+    #   requests. For information about downloading objects from Requester
+    #   Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
+    #   in the *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
+    #
     # @return [Types::ListObjectVersionsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ListObjectVersionsOutput#is_truncated #is_truncated} => Boolean
@@ -8316,6 +8314,7 @@ module Aws::S3
     #   * {Types::ListObjectVersionsOutput#max_keys #max_keys} => Integer
     #   * {Types::ListObjectVersionsOutput#common_prefixes #common_prefixes} => Array&lt;Types::CommonPrefix&gt;
     #   * {Types::ListObjectVersionsOutput#encoding_type #encoding_type} => String
+    #   * {Types::ListObjectVersionsOutput#request_charged #request_charged} => String
     #
     # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
     #
@@ -8374,6 +8373,7 @@ module Aws::S3
     #     prefix: "Prefix",
     #     version_id_marker: "VersionIdMarker",
     #     expected_bucket_owner: "AccountId",
+    #     request_payer: "requester", # accepts requester
     #   })
     #
     # @example Response structure
@@ -8409,6 +8409,7 @@ module Aws::S3
     #   resp.common_prefixes #=> Array
     #   resp.common_prefixes[0].prefix #=> String
     #   resp.encoding_type #=> String, one of "url"
+    #   resp.request_charged #=> String, one of "requester"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjectVersions AWS API Documentation
     #
@@ -8520,6 +8521,7 @@ module Aws::S3
     #   * {Types::ListObjectsOutput#max_keys #max_keys} => Integer
     #   * {Types::ListObjectsOutput#common_prefixes #common_prefixes} => Array&lt;Types::CommonPrefix&gt;
     #   * {Types::ListObjectsOutput#encoding_type #encoding_type} => String
+    #   * {Types::ListObjectsOutput#request_charged #request_charged} => String
     #
     # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
     #
@@ -8597,6 +8599,7 @@ module Aws::S3
     #   resp.common_prefixes #=> Array
     #   resp.common_prefixes[0].prefix #=> String
     #   resp.encoding_type #=> String, one of "url"
+    #   resp.request_charged #=> String, one of "requester"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjects AWS API Documentation
     #
@@ -8729,6 +8732,7 @@ module Aws::S3
     #   * {Types::ListObjectsV2Output#continuation_token #continuation_token} => String
     #   * {Types::ListObjectsV2Output#next_continuation_token #next_continuation_token} => String
     #   * {Types::ListObjectsV2Output#start_after #start_after} => String
+    #   * {Types::ListObjectsV2Output#request_charged #request_charged} => String
     #
     # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
     #
@@ -8808,6 +8812,7 @@ module Aws::S3
     #   resp.continuation_token #=> String
     #   resp.next_continuation_token #=> String
     #   resp.start_after #=> String
+    #   resp.request_charged #=> String, one of "requester"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjectsV2 AWS API Documentation
     #
@@ -9187,7 +9192,8 @@ module Aws::S3
     #
     # Permissions
     #
-    # : You can set access permissions using one of the following methods:
+    # : You can set access permissions by using one of the following
+    #   methods:
     #
     #   * Specify a canned ACL with the `x-amz-acl` request header. Amazon
     #     S3 supports a set of predefined ACLs, known as *canned ACLs*. Each
@@ -9760,19 +9766,20 @@ module Aws::S3
     # By default, all buckets have a default encryption configuration that
     # uses server-side encryption with Amazon S3 managed keys (SSE-S3). You
     # can optionally configure default encryption for a bucket by using
-    # server-side encryption with an Amazon Web Services KMS key (SSE-KMS)
-    # or a customer-provided key (SSE-C). If you specify default encryption
-    # by using SSE-KMS, you can also configure Amazon S3 Bucket Keys. For
-    # information about bucket default encryption, see [Amazon S3 bucket
-    # default encryption][1] in the *Amazon S3 User Guide*. For more
-    # information about S3 Bucket Keys, see [Amazon S3 Bucket Keys][2] in
-    # the *Amazon S3 User Guide*.
+    # server-side encryption with Key Management Service (KMS) keys
+    # (SSE-KMS), dual-layer server-side encryption with Amazon Web Services
+    # KMS keys (DSSE-KMS), or server-side encryption with customer-provided
+    # keys (SSE-C). If you specify default encryption by using SSE-KMS, you
+    # can also configure Amazon S3 Bucket Keys. For information about bucket
+    # default encryption, see [Amazon S3 bucket default encryption][1] in
+    # the *Amazon S3 User Guide*. For more information about S3 Bucket Keys,
+    # see [Amazon S3 Bucket Keys][2] in the *Amazon S3 User Guide*.
     #
     # This action requires Amazon Web Services Signature Version 4. For more
     # information, see [ Authenticating Requests (Amazon Web Services
     # Signature Version 4)][3].
     #
-    # To use this operation, you must have permissions to perform the
+    # To use this operation, you must have permission to perform the
     # `s3:PutEncryptionConfiguration` action. The bucket owner has this
     # permission by default. The bucket owner can grant this permission to
     # others. For more information about permissions, see [Permissions
@@ -10314,11 +10321,11 @@ module Aws::S3
     #   1,000 rules. This limit is not adjustable. Each rule consists of the
     #   following:
     #
-    #   * Filter identifying a subset of objects to which the rule applies.
-    #     The filter can be based on a key name prefix, object tags, or a
-    #     combination of both.
+    #   * A filter identifying a subset of objects to which the rule
+    #     applies. The filter can be based on a key name prefix, object
+    #     tags, or a combination of both.
     #
-    #   * Status whether the rule is in effect.
+    #   * A status indicating whether the rule is in effect.
     #
     #   * One or more lifecycle transition and expiration actions that you
     #     want Amazon S3 to perform on the objects identified by the filter.
@@ -10342,7 +10349,7 @@ module Aws::S3
     #   operation, a user must get the `s3:PutLifecycleConfiguration`
     #   permission.
     #
-    #   You can also explicitly deny permissions. Explicit deny also
+    #   You can also explicitly deny permissions. An explicit deny also
     #   supersedes any other permissions. If you want to block users or
     #   accounts from removing or deleting objects from your bucket, you
     #   must deny them permissions for the following actions:
@@ -10525,7 +10532,7 @@ module Aws::S3
     # Grantee Values
     #
     # : You can specify the person (grantee) to whom you're assigning
-    #   access rights (using request elements) in the following ways:
+    #   access rights (by using request elements) in the following ways:
     #
     #   * By the person's ID:
     #
@@ -10533,23 +10540,23 @@ module Aws::S3
     #     xsi:type="CanonicalUser"><ID><>ID<></ID><DisplayName><>GranteesEmail<></DisplayName>
     #     </Grantee>`
     #
-    #     DisplayName is optional and ignored in the request.
+    #     `DisplayName` is optional and ignored in the request.
     #
     #   * By Email address:
     #
     #     ` <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     #     xsi:type="AmazonCustomerByEmail"><EmailAddress><>Grantees@email.com<></EmailAddress></Grantee>`
     #
-    #     The grantee is resolved to the CanonicalUser and, in a response to
-    #     a GET Object acl request, appears as the CanonicalUser.
+    #     The grantee is resolved to the `CanonicalUser` and, in a response
+    #     to a `GETObjectAcl` request, appears as the CanonicalUser.
     #
     #   * By URI:
     #
     #     `<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     #     xsi:type="Group"><URI><>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<></URI></Grantee>`
     #
-    # To enable logging, you use LoggingEnabled and its children request
-    # elements. To disable logging, you use an empty BucketLoggingStatus
+    # To enable logging, you use `LoggingEnabled` and its children request
+    # elements. To disable logging, you use an empty `BucketLoggingStatus`
     # request element:
     #
     # `<BucketLoggingStatus xmlns="http://doc.s3.amazonaws.com/2006-03-01"
@@ -10704,7 +10711,7 @@ module Aws::S3
     #
     # * [ListBucketMetricsConfigurations][6]
     #
-    # `GetBucketLifecycle` has the following special error:
+    # `PutBucketMetricsConfiguration` has the following special error:
     #
     # * Error code: `TooManyConfigurations`
     #
@@ -10899,7 +10906,7 @@ module Aws::S3
     #
     # By default, only the bucket owner can configure notifications on a
     # bucket. However, bucket owners can use a bucket policy to grant
-    # permission to other users to set this configuration with
+    # permission to other users to set this configuration with the required
     # `s3:PutBucketNotification` permission.
     #
     # <note markdown="1"> The PUT notification is an atomic operation. For example, suppose your
@@ -12041,15 +12048,15 @@ module Aws::S3
     #
     #  </note>
     #
-    # You have three mutually exclusive options to protect data using
+    # You have four mutually exclusive options to protect data using
     # server-side encryption in Amazon S3, depending on how you choose to
     # manage the encryption keys. Specifically, the encryption key options
     # are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys
-    # (SSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data
-    # with server-side encryption by using Amazon S3 managed keys (SSE-S3)
-    # by default. You can optionally tell Amazon S3 to encrypt data at by
-    # rest using server-side encryption with other key options. For more
-    # information, see [Using Server-Side Encryption][3].
+    # (SSE-KMS or DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3
+    # encrypts data with server-side encryption by using Amazon S3 managed
+    # keys (SSE-S3) by default. You can optionally tell Amazon S3 to encrypt
+    # data at rest by using server-side encryption with other key options.
+    # For more information, see [Using Server-Side Encryption][3].
     #
     # When adding a new object, you can use headers to grant ACL-based
     # permissions to individual Amazon Web Services accounts or to
@@ -12312,7 +12319,7 @@ module Aws::S3
     #
     # @option params [String] :server_side_encryption
     #   The server-side encryption algorithm used when storing this object in
-    #   Amazon S3 (for example, AES256, `aws:kms`).
+    #   Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
     #
     # @option params [String] :storage_class
     #   By default, Amazon S3 uses the STANDARD Storage Class to store newly
@@ -12369,15 +12376,15 @@ module Aws::S3
     #   ensure that the encryption key was transmitted without error.
     #
     # @option params [String] :ssekms_key_id
-    #   If `x-amz-server-side-encryption` has a valid value of `aws:kms`, this
-    #   header specifies the ID of the Amazon Web Services Key Management
-    #   Service (Amazon Web Services KMS) symmetric encryption customer
-    #   managed key that was used for the object. If you specify
-    #   `x-amz-server-side-encryption:aws:kms`, but do not provide`
+    #   If `x-amz-server-side-encryption` has a valid value of `aws:kms` or
+    #   `aws:kms:dsse`, this header specifies the ID of the Key Management
+    #   Service (KMS) symmetric encryption customer managed key that was used
+    #   for the object. If you specify `x-amz-server-side-encryption:aws:kms`
+    #   or `x-amz-server-side-encryption:aws:kms:dsse`, but do not provide`
     #   x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
-    #   Amazon Web Services managed key to protect the data. If the KMS key
-    #   does not exist in the same account issuing the command, you must use
-    #   the full ARN and not just the ID.
+    #   Amazon Web Services managed key (`aws/s3`) to protect the data. If the
+    #   KMS key does not exist in the same account that's issuing the
+    #   command, you must use the full ARN and not just the ID.
     #
     # @option params [String] :ssekms_encryption_context
     #   Specifies the Amazon Web Services KMS Encryption Context to use for
@@ -12389,9 +12396,9 @@ module Aws::S3
     #
     # @option params [Boolean] :bucket_key_enabled
     #   Specifies whether Amazon S3 should use an S3 Bucket Key for object
-    #   encryption with server-side encryption using AWS KMS (SSE-KMS).
-    #   Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
-    #   for object encryption with SSE-KMS.
+    #   encryption with server-side encryption using Key Management Service
+    #   (KMS) keys (SSE-KMS). Setting this header to `true` causes Amazon S3
+    #   to use an S3 Bucket Key for object encryption with SSE-KMS.
     #
     #   Specifying this header with a PUT action doesn’t affect bucket-level
     #   settings for S3 Bucket Key.
@@ -12449,62 +12456,40 @@ module Aws::S3
     #   * {Types::PutObjectOutput#request_charged #request_charged} => String
     #
     #
-    # @example Example: To upload an object
+    # @example Example: To upload an object and specify optional tags
     #
-    #   # The following example uploads an object to a versioning-enabled bucket. The source file is specified using Windows file
-    #   # syntax. S3 returns VersionId of the newly created object.
+    #   # The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore
+    #   # S3 returns version ID of the newly created object.
     #
     #   resp = client.put_object({
-    #     body: "HappyFace.jpg",
+    #     body: "c:\\HappyFace.jpg",
     #     bucket: "examplebucket",
     #     key: "HappyFace.jpg",
+    #     tagging: "key1=value1&key2=value2",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
-    #     version_id: "tpf3zF08nBplQK1XLOefGskR7mGDwcDk",
+    #     version_id: "psM2sYY4.o1501dSx8wMvnkOzSBB.V4a",
     #   }
     #
-    # @example Example: To upload object and specify user-defined metadata
+    # @example Example: To upload an object and specify canned ACL.
     #
-    #   # The following example creates an object. The request also specifies optional metadata. If the bucket is versioning
-    #   # enabled, S3 returns version ID in response.
+    #   # The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ
+    #   # access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.
     #
     #   resp = client.put_object({
+    #     acl: "authenticated-read",
     #     body: "filetoupload",
     #     bucket: "examplebucket",
     #     key: "exampleobject",
-    #     metadata: {
-    #       "metadata1" => "value1",
-    #       "metadata2" => "value2",
-    #     },
-    #   })
-    #
-    #   resp.to_h outputs the following:
-    #   {
-    #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
-    #     version_id: "pSKidl4pHBiNwukdbcPXAIs.sshFFOc0",
-    #   }
-    #
-    # @example Example: To upload an object (specify optional headers)
-    #
-    #   # The following example uploads an object. The request specifies optional request headers to directs S3 to use specific
-    #   # storage class and use server-side encryption.
-    #
-    #   resp = client.put_object({
-    #     body: "HappyFace.jpg",
-    #     bucket: "examplebucket",
-    #     key: "HappyFace.jpg",
-    #     server_side_encryption: "AES256",
-    #     storage_class: "STANDARD_IA",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
-    #     server_side_encryption: "AES256",
-    #     version_id: "CG612hodqujkf8FaaNfp8U..FIhLROcp",
+    #     version_id: "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr",
     #   }
     #
     # @example Example: To create an object.
@@ -12543,40 +12528,62 @@ module Aws::S3
     #     version_id: "Ri.vC6qVlA4dEnjgRV4ZHsHoFIjqEMNt",
     #   }
     #
-    # @example Example: To upload an object and specify optional tags
+    # @example Example: To upload object and specify user-defined metadata
     #
-    #   # The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore
-    #   # S3 returns version ID of the newly created object.
+    #   # The following example creates an object. The request also specifies optional metadata. If the bucket is versioning
+    #   # enabled, S3 returns version ID in response.
     #
     #   resp = client.put_object({
-    #     body: "c:\\HappyFace.jpg",
+    #     body: "filetoupload",
+    #     bucket: "examplebucket",
+    #     key: "exampleobject",
+    #     metadata: {
+    #       "metadata1" => "value1",
+    #       "metadata2" => "value2",
+    #     },
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
+    #     version_id: "pSKidl4pHBiNwukdbcPXAIs.sshFFOc0",
+    #   }
+    #
+    # @example Example: To upload an object
+    #
+    #   # The following example uploads an object to a versioning-enabled bucket. The source file is specified using Windows file
+    #   # syntax. S3 returns VersionId of the newly created object.
+    #
+    #   resp = client.put_object({
+    #     body: "HappyFace.jpg",
     #     bucket: "examplebucket",
     #     key: "HappyFace.jpg",
-    #     tagging: "key1=value1&key2=value2",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
-    #     version_id: "psM2sYY4.o1501dSx8wMvnkOzSBB.V4a",
+    #     version_id: "tpf3zF08nBplQK1XLOefGskR7mGDwcDk",
     #   }
     #
-    # @example Example: To upload an object and specify canned ACL.
+    # @example Example: To upload an object (specify optional headers)
     #
-    #   # The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ
-    #   # access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.
+    #   # The following example uploads an object. The request specifies optional request headers to directs S3 to use specific
+    #   # storage class and use server-side encryption.
     #
     #   resp = client.put_object({
-    #     acl: "authenticated-read",
-    #     body: "filetoupload",
+    #     body: "HappyFace.jpg",
     #     bucket: "examplebucket",
-    #     key: "exampleobject",
+    #     key: "HappyFace.jpg",
+    #     server_side_encryption: "AES256",
+    #     storage_class: "STANDARD_IA",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
-    #     version_id: "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr",
+    #     server_side_encryption: "AES256",
+    #     version_id: "CG612hodqujkf8FaaNfp8U..FIhLROcp",
     #   }
     #
     # @example Streaming a file from disk
@@ -13725,19 +13732,20 @@ module Aws::S3
     #
     # Restoring objects
     #
-    # : Objects that you archive to the S3 Glacier Flexible Retrieval or S3
-    #   Glacier Deep Archive storage class, and S3 Intelligent-Tiering
-    #   Archive or S3 Intelligent-Tiering Deep Archive tiers, are not
-    #   accessible in real time. For objects in the S3 Glacier Flexible
-    #   Retrieval or S3 Glacier Deep Archive storage classes, you must first
-    #   initiate a restore request, and then wait until a temporary copy of
-    #   the object is available. If you want a permanent copy of the object,
-    #   create a copy of it in the Amazon S3 Standard storage class in your
-    #   S3 bucket. To access an archived object, you must restore the object
-    #   for the duration (number of days) that you specify. For objects in
-    #   the Archive Access or Deep Archive Access tiers of S3
-    #   Intelligent-Tiering, you must first initiate a restore request, and
-    #   then wait until the object is moved into the Frequent Access tier.
+    # : Objects that you archive to the S3 Glacier Flexible Retrieval
+    #   Flexible Retrieval or S3 Glacier Deep Archive storage class, and S3
+    #   Intelligent-Tiering Archive or S3 Intelligent-Tiering Deep Archive
+    #   tiers, are not accessible in real time. For objects in the S3
+    #   Glacier Flexible Retrieval Flexible Retrieval or S3 Glacier Deep
+    #   Archive storage classes, you must first initiate a restore request,
+    #   and then wait until a temporary copy of the object is available. If
+    #   you want a permanent copy of the object, create a copy of it in the
+    #   Amazon S3 Standard storage class in your S3 bucket. To access an
+    #   archived object, you must restore the object for the duration
+    #   (number of days) that you specify. For objects in the Archive Access
+    #   or Deep Archive Access tiers of S3 Intelligent-Tiering, you must
+    #   first initiate a restore request, and then wait until the object is
+    #   moved into the Frequent Access tier.
     #
     #   To restore a specific object version, you can provide a version ID.
     #   If you don't provide a version ID, Amazon S3 restores the current
@@ -13748,37 +13756,38 @@ module Aws::S3
     #   request body:
     #
     #   * `Expedited` - Expedited retrievals allow you to quickly access
-    #     your data stored in the S3 Glacier Flexible Retrieval storage
-    #     class or S3 Intelligent-Tiering Archive tier when occasional
-    #     urgent requests for restoring archives are required. For all but
-    #     the largest archived objects (250 MB+), data accessed using
-    #     Expedited retrievals is typically made available within 1–5
-    #     minutes. Provisioned capacity ensures that retrieval capacity for
-    #     Expedited retrievals is available when you need it. Expedited
-    #     retrievals and provisioned capacity are not available for objects
-    #     stored in the S3 Glacier Deep Archive storage class or S3
-    #     Intelligent-Tiering Deep Archive tier.
+    #     your data stored in the S3 Glacier Flexible Retrieval Flexible
+    #     Retrieval storage class or S3 Intelligent-Tiering Archive tier
+    #     when occasional urgent requests for restoring archives are
+    #     required. For all but the largest archived objects (250 MB+), data
+    #     accessed using Expedited retrievals is typically made available
+    #     within 1–5 minutes. Provisioned capacity ensures that retrieval
+    #     capacity for Expedited retrievals is available when you need it.
+    #     Expedited retrievals and provisioned capacity are not available
+    #     for objects stored in the S3 Glacier Deep Archive storage class or
+    #     S3 Intelligent-Tiering Deep Archive tier.
     #
     #   * `Standard` - Standard retrievals allow you to access any of your
     #     archived objects within several hours. This is the default option
     #     for retrieval requests that do not specify the retrieval option.
     #     Standard retrievals typically finish within 3–5 hours for objects
-    #     stored in the S3 Glacier Flexible Retrieval storage class or S3
-    #     Intelligent-Tiering Archive tier. They typically finish within 12
-    #     hours for objects stored in the S3 Glacier Deep Archive storage
-    #     class or S3 Intelligent-Tiering Deep Archive tier. Standard
-    #     retrievals are free for objects stored in S3 Intelligent-Tiering.
+    #     stored in the S3 Glacier Flexible Retrieval Flexible Retrieval
+    #     storage class or S3 Intelligent-Tiering Archive tier. They
+    #     typically finish within 12 hours for objects stored in the S3
+    #     Glacier Deep Archive storage class or S3 Intelligent-Tiering Deep
+    #     Archive tier. Standard retrievals are free for objects stored in
+    #     S3 Intelligent-Tiering.
     #
     #   * `Bulk` - Bulk retrievals free for objects stored in the S3 Glacier
     #     Flexible Retrieval and S3 Intelligent-Tiering storage classes,
     #     enabling you to retrieve large amounts, even petabytes, of data at
     #     no cost. Bulk retrievals typically finish within 5–12 hours for
-    #     objects stored in the S3 Glacier Flexible Retrieval storage class
-    #     or S3 Intelligent-Tiering Archive tier. Bulk retrievals are also
-    #     the lowest-cost retrieval option when restoring objects from S3
-    #     Glacier Deep Archive. They typically finish within 48 hours for
-    #     objects stored in the S3 Glacier Deep Archive storage class or S3
-    #     Intelligent-Tiering Deep Archive tier.
+    #     objects stored in the S3 Glacier Flexible Retrieval Flexible
+    #     Retrieval storage class or S3 Intelligent-Tiering Archive tier.
+    #     Bulk retrievals are also the lowest-cost retrieval option when
+    #     restoring objects from S3 Glacier Deep Archive. They typically
+    #     finish within 48 hours for objects stored in the S3 Glacier Deep
+    #     Archive storage class or S3 Intelligent-Tiering Deep Archive tier.
     #
     #   For more information about archive retrieval options and provisioned
     #   capacity for `Expedited` data access, see [Restoring Archived
@@ -14139,10 +14148,14 @@ module Aws::S3
     #     the request parameters), you cannot specify the range of bytes of
     #     an object to return.
     #
-    #   * GLACIER, DEEP\_ARCHIVE and REDUCED\_REDUNDANCY storage classes:
-    #     You cannot specify the GLACIER, DEEP\_ARCHIVE, or
-    #     `REDUCED_REDUNDANCY` storage classes. For more information, about
-    #     storage classes see [Storage Classes][9] in the *Amazon S3 User
+    #   * The `GLACIER`, `DEEP_ARCHIVE`, and `REDUCED_REDUNDANCY` storage
+    #     classes, or the `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` access
+    #     tiers of the `INTELLIGENT_TIERING` storage class: You cannot query
+    #     objects in the `GLACIER`, `DEEP_ARCHIVE`, or `REDUCED_REDUNDANCY`
+    #     storage classes, nor objects in the `ARCHIVE_ACCESS` or
+    #     `DEEP_ARCHIVE_ACCESS` access tiers of the `INTELLIGENT_TIERING`
+    #     storage class. For more information about storage classes, see
+    #     [Using Amazon S3 storage classes][9] in the *Amazon S3 User
     #     Guide*.
     #
     # Special Errors
@@ -14168,7 +14181,7 @@ module Aws::S3
     # [6]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
     # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/RESTSelectObjectAppendix.html
     # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_SelectObjectContent.html#AmazonS3-SelectObjectContent-request-ScanRange
-    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#storage-class-intro
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html
     # [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#SelectObjectContentErrorCodeList
     # [11]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html
     # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html
@@ -15601,7 +15614,7 @@ module Aws::S3
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-s3'
-      context[:gem_version] = '1.125.0'
+      context[:gem_version] = '1.126.0'
       Seahorse::Client::Request.new(handlers, context)
     end