aws-sdk-s3 1.127.0 → 1.141.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (46) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +87 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-s3/bucket.rb +421 -81
  5. data/lib/aws-sdk-s3/bucket_acl.rb +9 -9
  6. data/lib/aws-sdk-s3/bucket_cors.rb +12 -12
  7. data/lib/aws-sdk-s3/bucket_lifecycle.rb +12 -12
  8. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +12 -12
  9. data/lib/aws-sdk-s3/bucket_logging.rb +16 -9
  10. data/lib/aws-sdk-s3/bucket_notification.rb +3 -3
  11. data/lib/aws-sdk-s3/bucket_policy.rb +58 -14
  12. data/lib/aws-sdk-s3/bucket_request_payment.rb +9 -9
  13. data/lib/aws-sdk-s3/bucket_tagging.rb +12 -12
  14. data/lib/aws-sdk-s3/bucket_versioning.rb +27 -27
  15. data/lib/aws-sdk-s3/bucket_website.rb +12 -12
  16. data/lib/aws-sdk-s3/client.rb +5707 -2536
  17. data/lib/aws-sdk-s3/client_api.rb +111 -16
  18. data/lib/aws-sdk-s3/customizations/errors.rb +1 -1
  19. data/lib/aws-sdk-s3/customizations/object.rb +63 -0
  20. data/lib/aws-sdk-s3/customizations.rb +5 -0
  21. data/lib/aws-sdk-s3/endpoint_parameters.rb +36 -0
  22. data/lib/aws-sdk-s3/endpoint_provider.rb +104 -246
  23. data/lib/aws-sdk-s3/endpoints.rb +440 -0
  24. data/lib/aws-sdk-s3/express_credentials.rb +55 -0
  25. data/lib/aws-sdk-s3/express_credentials_cache.rb +30 -0
  26. data/lib/aws-sdk-s3/express_credentials_provider.rb +36 -0
  27. data/lib/aws-sdk-s3/file_downloader.rb +142 -21
  28. data/lib/aws-sdk-s3/multipart_file_uploader.rb +0 -1
  29. data/lib/aws-sdk-s3/multipart_stream_uploader.rb +0 -1
  30. data/lib/aws-sdk-s3/multipart_upload.rb +69 -16
  31. data/lib/aws-sdk-s3/multipart_upload_part.rb +160 -35
  32. data/lib/aws-sdk-s3/object.rb +1504 -235
  33. data/lib/aws-sdk-s3/object_acl.rb +29 -15
  34. data/lib/aws-sdk-s3/object_multipart_copier.rb +33 -17
  35. data/lib/aws-sdk-s3/object_summary.rb +1367 -254
  36. data/lib/aws-sdk-s3/object_version.rb +297 -42
  37. data/lib/aws-sdk-s3/plugins/endpoints.rb +13 -2
  38. data/lib/aws-sdk-s3/plugins/express_session_auth.rb +90 -0
  39. data/lib/aws-sdk-s3/plugins/location_constraint.rb +3 -1
  40. data/lib/aws-sdk-s3/plugins/md5s.rb +2 -1
  41. data/lib/aws-sdk-s3/presigned_post.rb +52 -43
  42. data/lib/aws-sdk-s3/presigner.rb +2 -2
  43. data/lib/aws-sdk-s3/resource.rb +83 -11
  44. data/lib/aws-sdk-s3/types.rb +4500 -1351
  45. data/lib/aws-sdk-s3.rb +1 -1
  46. metadata +11 -7
@@ -229,7 +229,15 @@ module Aws::S3
229
229
  # bucket.create({
230
230
  # acl: "private", # accepts private, public-read, public-read-write, authenticated-read
231
231
  # create_bucket_configuration: {
232
- # location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-southeast-1, ap-southeast-2, ap-southeast-3, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
232
+ # location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-south-2, ap-southeast-1, ap-southeast-2, ap-southeast-3, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-south-2, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
233
+ # location: {
234
+ # type: "AvailabilityZone", # accepts AvailabilityZone
235
+ # name: "LocationNameAsString",
236
+ # },
237
+ # bucket: {
238
+ # data_redundancy: "SingleAvailabilityZone", # accepts SingleAvailabilityZone
239
+ # type: "Directory", # accepts Directory
240
+ # },
233
241
  # },
234
242
  # grant_full_control: "GrantFullControl",
235
243
  # grant_read: "GrantRead",
@@ -242,42 +250,87 @@ module Aws::S3
242
250
  # @param [Hash] options ({})
243
251
  # @option options [String] :acl
244
252
  # The canned ACL to apply to the bucket.
253
+ #
254
+ # <note markdown="1"> This functionality is not supported for directory buckets.
255
+ #
256
+ # </note>
245
257
  # @option options [Types::CreateBucketConfiguration] :create_bucket_configuration
246
258
  # The configuration information for the bucket.
247
259
  # @option options [String] :grant_full_control
248
260
  # Allows grantee the read, write, read ACP, and write ACP permissions on
249
261
  # the bucket.
262
+ #
263
+ # <note markdown="1"> This functionality is not supported for directory buckets.
264
+ #
265
+ # </note>
250
266
  # @option options [String] :grant_read
251
267
  # Allows grantee to list the objects in the bucket.
268
+ #
269
+ # <note markdown="1"> This functionality is not supported for directory buckets.
270
+ #
271
+ # </note>
252
272
  # @option options [String] :grant_read_acp
253
273
  # Allows grantee to read the bucket ACL.
274
+ #
275
+ # <note markdown="1"> This functionality is not supported for directory buckets.
276
+ #
277
+ # </note>
254
278
  # @option options [String] :grant_write
255
279
  # Allows grantee to create new objects in the bucket.
256
280
  #
257
281
  # For the bucket and object owners of existing objects, also allows
258
282
  # deletions and overwrites of those objects.
283
+ #
284
+ # <note markdown="1"> This functionality is not supported for directory buckets.
285
+ #
286
+ # </note>
259
287
  # @option options [String] :grant_write_acp
260
288
  # Allows grantee to write the ACL for the applicable bucket.
289
+ #
290
+ # <note markdown="1"> This functionality is not supported for directory buckets.
291
+ #
292
+ # </note>
261
293
  # @option options [Boolean] :object_lock_enabled_for_bucket
262
294
  # Specifies whether you want S3 Object Lock to be enabled for the new
263
295
  # bucket.
296
+ #
297
+ # <note markdown="1"> This functionality is not supported for directory buckets.
298
+ #
299
+ # </note>
264
300
  # @option options [String] :object_ownership
265
301
  # The container element for object ownership for a bucket's ownership
266
302
  # controls.
267
303
  #
268
- # BucketOwnerPreferred - Objects uploaded to the bucket change ownership
269
- # to the bucket owner if the objects are uploaded with the
304
+ # `BucketOwnerPreferred` - Objects uploaded to the bucket change
305
+ # ownership to the bucket owner if the objects are uploaded with the
270
306
  # `bucket-owner-full-control` canned ACL.
271
307
  #
272
- # ObjectWriter - The uploading account will own the object if the object
273
- # is uploaded with the `bucket-owner-full-control` canned ACL.
308
+ # `ObjectWriter` - The uploading account will own the object if the
309
+ # object is uploaded with the `bucket-owner-full-control` canned ACL.
310
+ #
311
+ # `BucketOwnerEnforced` - Access control lists (ACLs) are disabled and
312
+ # no longer affect permissions. The bucket owner automatically owns and
313
+ # has full control over every object in the bucket. The bucket only
314
+ # accepts PUT requests that don't specify an ACL or specify bucket
315
+ # owner full control ACLs (such as the predefined
316
+ # `bucket-owner-full-control` canned ACL or a custom ACL in XML format
317
+ # that grants the same permissions).
318
+ #
319
+ # By default, `ObjectOwnership` is set to `BucketOwnerEnforced` and ACLs
320
+ # are disabled. We recommend keeping ACLs disabled, except in uncommon
321
+ # use cases where you must control access for each object individually.
322
+ # For more information about S3 Object Ownership, see [Controlling
323
+ # ownership of objects and disabling ACLs for your bucket][1] in the
324
+ # *Amazon S3 User Guide*.
325
+ #
326
+ # <note markdown="1"> This functionality is not supported for directory buckets. Directory
327
+ # buckets use the bucket owner enforced setting for S3 Object Ownership.
328
+ #
329
+ # </note>
274
330
  #
275
- # BucketOwnerEnforced - Access control lists (ACLs) are disabled and no
276
- # longer affect permissions. The bucket owner automatically owns and has
277
- # full control over every object in the bucket. The bucket only accepts
278
- # PUT requests that don't specify an ACL or bucket owner full control
279
- # ACLs, such as the `bucket-owner-full-control` canned ACL or an
280
- # equivalent form of this ACL expressed in the XML format.
331
+ #
332
+ #
333
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
281
334
  # @return [Types::CreateBucketOutput]
282
335
  def create(options = {})
283
336
  options = options.merge(bucket: @name)
@@ -294,9 +347,15 @@ module Aws::S3
294
347
  # })
295
348
  # @param [Hash] options ({})
296
349
  # @option options [String] :expected_bucket_owner
297
- # The account ID of the expected bucket owner. If the bucket is owned by
298
- # a different account, the request fails with the HTTP status code `403
299
- # Forbidden` (access denied).
350
+ # The account ID of the expected bucket owner. If the account ID that
351
+ # you provide does not match the actual owner of the bucket, the request
352
+ # fails with the HTTP status code `403 Forbidden` (access denied).
353
+ #
354
+ # <note markdown="1"> For directory buckets, this header is not supported in this API
355
+ # operation. If you specify this header, the request fails with the HTTP
356
+ # status code `501 Not Implemented`.
357
+ #
358
+ # </note>
300
359
  # @return [EmptyStructure]
301
360
  def delete(options = {})
302
361
  options = options.merge(bucket: @name)
@@ -332,13 +391,36 @@ module Aws::S3
332
391
  # space, and the value that is displayed on your authentication device.
333
392
  # Required to permanently delete a versioned object if versioning is
334
393
  # configured with MFA delete enabled.
394
+ #
395
+ # When performing the `DeleteObjects` operation on an MFA delete enabled
396
+ # bucket, which attempts to delete the specified versioned objects, you
397
+ # must include an MFA token. If you don't provide an MFA token, the
398
+ # entire request will fail, even if there are non-versioned objects that
399
+ # you are trying to delete. If you provide an invalid token, whether
400
+ # there are versioned object keys in the request or not, the entire
401
+ # Multi-Object Delete request will fail. For information about MFA
402
+ # Delete, see [ MFA Delete][1] in the *Amazon S3 User Guide*.
403
+ #
404
+ # <note markdown="1"> This functionality is not supported for directory buckets.
405
+ #
406
+ # </note>
407
+ #
408
+ #
409
+ #
410
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete
335
411
  # @option options [String] :request_payer
336
412
  # Confirms that the requester knows that they will be charged for the
337
413
  # request. Bucket owners need not specify this parameter in their
338
- # requests. For information about downloading objects from Requester
414
+ # requests. If either the source or destination S3 bucket has Requester
415
+ # Pays enabled, the requester will pay for corresponding charges to copy
416
+ # the object. For information about downloading objects from Requester
339
417
  # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
340
418
  # in the *Amazon S3 User Guide*.
341
419
  #
420
+ # <note markdown="1"> This functionality is not supported for directory buckets.
421
+ #
422
+ # </note>
423
+ #
342
424
  #
343
425
  #
344
426
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
@@ -346,25 +428,45 @@ module Aws::S3
346
428
  # Specifies whether you want to delete this object even if it has a
347
429
  # Governance-type Object Lock in place. To use this header, you must
348
430
  # have the `s3:BypassGovernanceRetention` permission.
431
+ #
432
+ # <note markdown="1"> This functionality is not supported for directory buckets.
433
+ #
434
+ # </note>
349
435
  # @option options [String] :expected_bucket_owner
350
- # The account ID of the expected bucket owner. If the bucket is owned by
351
- # a different account, the request fails with the HTTP status code `403
352
- # Forbidden` (access denied).
436
+ # The account ID of the expected bucket owner. If the account ID that
437
+ # you provide does not match the actual owner of the bucket, the request
438
+ # fails with the HTTP status code `403 Forbidden` (access denied).
353
439
  # @option options [String] :checksum_algorithm
354
440
  # Indicates the algorithm used to create the checksum for the object
355
- # when using the SDK. This header will not provide any additional
356
- # functionality if not using the SDK. When sending this header, there
357
- # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
358
- # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
359
- # `400 Bad Request`. For more information, see [Checking object
360
- # integrity][1] in the *Amazon S3 User Guide*.
441
+ # when you use the SDK. This header will not provide any additional
442
+ # functionality if you don't use the SDK. When you send this header,
443
+ # there must be a corresponding `x-amz-checksum-algorithm ` or
444
+ # `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request
445
+ # with the HTTP status code `400 Bad Request`.
446
+ #
447
+ # For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with
448
+ # the supported algorithm from the following list:
449
+ #
450
+ # * CRC32
451
+ #
452
+ # * CRC32C
453
+ #
454
+ # * SHA1
455
+ #
456
+ # * SHA256
457
+ #
458
+ # For more information, see [Checking object integrity][1] in the
459
+ # *Amazon S3 User Guide*.
460
+ #
461
+ # If the individual checksum value you provide through
462
+ # `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
463
+ # set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
464
+ # provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
465
+ # that matches the provided value in `x-amz-checksum-algorithm `.
361
466
  #
362
467
  # If you provide an individual checksum, Amazon S3 ignores any provided
363
468
  # `ChecksumAlgorithm` parameter.
364
469
  #
365
- # This checksum algorithm must be the same for all parts and it match
366
- # the checksum value supplied in the `CreateMultipartUpload` request.
367
- #
368
470
  #
369
471
  #
370
472
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
@@ -404,7 +506,7 @@ module Aws::S3
404
506
  # "MetadataKey" => "MetadataValue",
405
507
  # },
406
508
  # server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
407
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
509
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
408
510
  # website_redirect_location: "WebsiteRedirectLocation",
409
511
  # sse_customer_algorithm: "SSECustomerAlgorithm",
410
512
  # sse_customer_key: "SSECustomerKey",
@@ -422,13 +524,41 @@ module Aws::S3
422
524
  # @param [Hash] options ({})
423
525
  # @option options [String] :acl
424
526
  # The canned ACL to apply to the object. For more information, see
425
- # [Canned ACL][1].
527
+ # [Canned ACL][1] in the *Amazon S3 User Guide*.
528
+ #
529
+ # When adding a new object, you can use headers to grant ACL-based
530
+ # permissions to individual Amazon Web Services accounts or to
531
+ # predefined groups defined by Amazon S3. These permissions are then
532
+ # added to the ACL on the object. By default, all objects are private.
533
+ # Only the owner has full access control. For more information, see
534
+ # [Access Control List (ACL) Overview][2] and [Managing ACLs Using the
535
+ # REST API][3] in the *Amazon S3 User Guide*.
536
+ #
537
+ # If the bucket that you're uploading objects to uses the bucket owner
538
+ # enforced setting for S3 Object Ownership, ACLs are disabled and no
539
+ # longer affect permissions. Buckets that use this setting only accept
540
+ # PUT requests that don't specify an ACL or PUT requests that specify
541
+ # bucket owner full control ACLs, such as the
542
+ # `bucket-owner-full-control` canned ACL or an equivalent form of this
543
+ # ACL expressed in the XML format. PUT requests that contain other ACLs
544
+ # (for example, custom grants to certain Amazon Web Services accounts)
545
+ # fail and return a `400` error with the error code
546
+ # `AccessControlListNotSupported`. For more information, see [
547
+ # Controlling ownership of objects and disabling ACLs][4] in the *Amazon
548
+ # S3 User Guide*.
426
549
  #
427
- # This action is not supported by Amazon S3 on Outposts.
550
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
551
+ #
552
+ # * This functionality is not supported for Amazon S3 on Outposts.
553
+ #
554
+ # </note>
428
555
  #
429
556
  #
430
557
  #
431
558
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
559
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
560
+ # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html
561
+ # [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
432
562
  # @option options [String, StringIO, File] :body
433
563
  # Object data.
434
564
  # @option options [String] :cache_control
@@ -475,9 +605,21 @@ module Aws::S3
475
605
  # information about REST request authentication, see [REST
476
606
  # Authentication][1].
477
607
  #
608
+ # <note markdown="1"> The `Content-MD5` header is required for any request to upload an
609
+ # object with a retention period configured using Amazon S3 Object Lock.
610
+ # For more information about Amazon S3 Object Lock, see [Amazon S3
611
+ # Object Lock Overview][2] in the *Amazon S3 User Guide*.
612
+ #
613
+ # </note>
614
+ #
615
+ # <note markdown="1"> This functionality is not supported for directory buckets.
616
+ #
617
+ # </note>
618
+ #
478
619
  #
479
620
  #
480
621
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html
622
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html
481
623
  # @option options [String] :content_type
482
624
  # A standard MIME type describing the format of the contents. For more
483
625
  # information, see
@@ -488,15 +630,36 @@ module Aws::S3
488
630
  # [1]: https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type
489
631
  # @option options [String] :checksum_algorithm
490
632
  # Indicates the algorithm used to create the checksum for the object
491
- # when using the SDK. This header will not provide any additional
492
- # functionality if not using the SDK. When sending this header, there
493
- # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
494
- # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
495
- # `400 Bad Request`. For more information, see [Checking object
496
- # integrity][1] in the *Amazon S3 User Guide*.
633
+ # when you use the SDK. This header will not provide any additional
634
+ # functionality if you don't use the SDK. When you send this header,
635
+ # there must be a corresponding `x-amz-checksum-algorithm ` or
636
+ # `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request
637
+ # with the HTTP status code `400 Bad Request`.
497
638
  #
498
- # If you provide an individual checksum, Amazon S3 ignores any provided
499
- # `ChecksumAlgorithm` parameter.
639
+ # For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with
640
+ # the supported algorithm from the following list:
641
+ #
642
+ # * CRC32
643
+ #
644
+ # * CRC32C
645
+ #
646
+ # * SHA1
647
+ #
648
+ # * SHA256
649
+ #
650
+ # For more information, see [Checking object integrity][1] in the
651
+ # *Amazon S3 User Guide*.
652
+ #
653
+ # If the individual checksum value you provide through
654
+ # `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
655
+ # set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
656
+ # provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
657
+ # that matches the provided value in `x-amz-checksum-algorithm `.
658
+ #
659
+ # <note markdown="1"> For directory buckets, when you use Amazon Web Services SDKs, `CRC32`
660
+ # is the default checksum algorithm that's used for performance.
661
+ #
662
+ # </note>
500
663
  #
501
664
  #
502
665
  #
@@ -553,33 +716,76 @@ module Aws::S3
553
716
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
554
717
  # object.
555
718
  #
556
- # This action is not supported by Amazon S3 on Outposts.
719
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
720
+ #
721
+ # * This functionality is not supported for Amazon S3 on Outposts.
722
+ #
723
+ # </note>
557
724
  # @option options [String] :grant_read
558
725
  # Allows grantee to read the object data and its metadata.
559
726
  #
560
- # This action is not supported by Amazon S3 on Outposts.
727
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
728
+ #
729
+ # * This functionality is not supported for Amazon S3 on Outposts.
730
+ #
731
+ # </note>
561
732
  # @option options [String] :grant_read_acp
562
733
  # Allows grantee to read the object ACL.
563
734
  #
564
- # This action is not supported by Amazon S3 on Outposts.
735
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
736
+ #
737
+ # * This functionality is not supported for Amazon S3 on Outposts.
738
+ #
739
+ # </note>
565
740
  # @option options [String] :grant_write_acp
566
741
  # Allows grantee to write the ACL for the applicable object.
567
742
  #
568
- # This action is not supported by Amazon S3 on Outposts.
743
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
744
+ #
745
+ # * This functionality is not supported for Amazon S3 on Outposts.
746
+ #
747
+ # </note>
569
748
  # @option options [required, String] :key
570
749
  # Object key for which the PUT action was initiated.
571
750
  # @option options [Hash<String,String>] :metadata
572
751
  # A map of metadata to store with the object in S3.
573
752
  # @option options [String] :server_side_encryption
574
- # The server-side encryption algorithm used when storing this object in
575
- # Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
753
+ # The server-side encryption algorithm that was used when you store this
754
+ # object in Amazon S3 (for example, `AES256`, `aws:kms`,
755
+ # `aws:kms:dsse`).
756
+ #
757
+ # <b>General purpose buckets </b> - You have four mutually exclusive
758
+ # options to protect data using server-side encryption in Amazon S3,
759
+ # depending on how you choose to manage the encryption keys.
760
+ # Specifically, the encryption key options are Amazon S3 managed keys
761
+ # (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), and
762
+ # customer-provided keys (SSE-C). Amazon S3 encrypts data with
763
+ # server-side encryption by using Amazon S3 managed keys (SSE-S3) by
764
+ # default. You can optionally tell Amazon S3 to encrypt data at rest by
765
+ # using server-side encryption with other key options. For more
766
+ # information, see [Using Server-Side Encryption][1] in the *Amazon S3
767
+ # User Guide*.
768
+ #
769
+ # <b>Directory buckets </b> - For directory buckets, only the
770
+ # server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`)
771
+ # value is supported.
772
+ #
773
+ #
774
+ #
775
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
576
776
  # @option options [String] :storage_class
577
777
  # By default, Amazon S3 uses the STANDARD Storage Class to store newly
578
778
  # created objects. The STANDARD storage class provides high durability
579
779
  # and high availability. Depending on performance needs, you can specify
580
- # a different Storage Class. Amazon S3 on Outposts only uses the
581
- # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
582
- # in the *Amazon S3 User Guide*.
780
+ # a different Storage Class. For more information, see [Storage
781
+ # Classes][1] in the *Amazon S3 User Guide*.
782
+ #
783
+ # <note markdown="1"> * For directory buckets, only the S3 Express One Zone storage class is
784
+ # supported to store newly created objects.
785
+ #
786
+ # * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
787
+ #
788
+ # </note>
583
789
  #
584
790
  #
585
791
  #
@@ -588,7 +794,8 @@ module Aws::S3
588
794
  # If the bucket is configured as a website, redirects requests for this
589
795
  # object to another object in the same bucket or to an external URL.
590
796
  # Amazon S3 stores the value of this header in the object metadata. For
591
- # information about object metadata, see [Object Key and Metadata][1].
797
+ # information about object metadata, see [Object Key and Metadata][1] in
798
+ # the *Amazon S3 User Guide*.
592
799
  #
593
800
  # In the following example, the request header sets the redirect to an
594
801
  # object (anotherPage.html) in the same bucket:
@@ -602,7 +809,11 @@ module Aws::S3
602
809
  #
603
810
  # For more information about website hosting in Amazon S3, see [Hosting
604
811
  # Websites on Amazon S3][2] and [How to Configure Website Page
605
- # Redirects][3].
812
+ # Redirects][3] in the *Amazon S3 User Guide*.
813
+ #
814
+ # <note markdown="1"> This functionality is not supported for directory buckets.
815
+ #
816
+ # </note>
606
817
  #
607
818
  #
608
819
  #
@@ -610,35 +821,57 @@ module Aws::S3
610
821
  # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html
611
822
  # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html
612
823
  # @option options [String] :sse_customer_algorithm
613
- # Specifies the algorithm to use to when encrypting the object (for
614
- # example, AES256).
824
+ # Specifies the algorithm to use when encrypting the object (for
825
+ # example, `AES256`).
826
+ #
827
+ # <note markdown="1"> This functionality is not supported for directory buckets.
828
+ #
829
+ # </note>
615
830
  # @option options [String] :sse_customer_key
616
831
  # Specifies the customer-provided encryption key for Amazon S3 to use in
617
832
  # encrypting data. This value is used to store the object and then it is
618
833
  # discarded; Amazon S3 does not store the encryption key. The key must
619
834
  # be appropriate for use with the algorithm specified in the
620
835
  # `x-amz-server-side-encryption-customer-algorithm` header.
836
+ #
837
+ # <note markdown="1"> This functionality is not supported for directory buckets.
838
+ #
839
+ # </note>
621
840
  # @option options [String] :sse_customer_key_md5
622
841
  # Specifies the 128-bit MD5 digest of the encryption key according to
623
842
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
624
843
  # ensure that the encryption key was transmitted without error.
844
+ #
845
+ # <note markdown="1"> This functionality is not supported for directory buckets.
846
+ #
847
+ # </note>
625
848
  # @option options [String] :ssekms_key_id
626
849
  # If `x-amz-server-side-encryption` has a valid value of `aws:kms` or
627
- # `aws:kms:dsse`, this header specifies the ID of the Key Management
628
- # Service (KMS) symmetric encryption customer managed key that was used
629
- # for the object. If you specify `x-amz-server-side-encryption:aws:kms`
630
- # or `x-amz-server-side-encryption:aws:kms:dsse`, but do not provide`
850
+ # `aws:kms:dsse`, this header specifies the ID (Key ID, Key ARN, or Key
851
+ # Alias) of the Key Management Service (KMS) symmetric encryption
852
+ # customer managed key that was used for the object. If you specify
853
+ # `x-amz-server-side-encryption:aws:kms` or
854
+ # `x-amz-server-side-encryption:aws:kms:dsse`, but do not provide`
631
855
  # x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
632
856
  # Amazon Web Services managed key (`aws/s3`) to protect the data. If the
633
857
  # KMS key does not exist in the same account that's issuing the
634
858
  # command, you must use the full ARN and not just the ID.
859
+ #
860
+ # <note markdown="1"> This functionality is not supported for directory buckets.
861
+ #
862
+ # </note>
635
863
  # @option options [String] :ssekms_encryption_context
636
864
  # Specifies the Amazon Web Services KMS Encryption Context to use for
637
865
  # object encryption. The value of this header is a base64-encoded UTF-8
638
866
  # string holding JSON with the encryption context key-value pairs. This
639
867
  # value is stored as object metadata and automatically gets passed on to
640
868
  # Amazon Web Services KMS for future `GetObject` or `CopyObject`
641
- # operations on this object.
869
+ # operations on this object. This value must be explicitly added during
870
+ # `CopyObject` operations.
871
+ #
872
+ # <note markdown="1"> This functionality is not supported for directory buckets.
873
+ #
874
+ # </note>
642
875
  # @option options [Boolean] :bucket_key_enabled
643
876
  # Specifies whether Amazon S3 should use an S3 Bucket Key for object
644
877
  # encryption with server-side encryption using Key Management Service
@@ -647,35 +880,62 @@ module Aws::S3
647
880
  #
648
881
  # Specifying this header with a PUT action doesn’t affect bucket-level
649
882
  # settings for S3 Bucket Key.
883
+ #
884
+ # <note markdown="1"> This functionality is not supported for directory buckets.
885
+ #
886
+ # </note>
650
887
  # @option options [String] :request_payer
651
888
  # Confirms that the requester knows that they will be charged for the
652
889
  # request. Bucket owners need not specify this parameter in their
653
- # requests. For information about downloading objects from Requester
890
+ # requests. If either the source or destination S3 bucket has Requester
891
+ # Pays enabled, the requester will pay for corresponding charges to copy
892
+ # the object. For information about downloading objects from Requester
654
893
  # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
655
894
  # in the *Amazon S3 User Guide*.
656
895
  #
896
+ # <note markdown="1"> This functionality is not supported for directory buckets.
897
+ #
898
+ # </note>
899
+ #
657
900
  #
658
901
  #
659
902
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
660
903
  # @option options [String] :tagging
661
904
  # The tag-set for the object. The tag-set must be encoded as URL Query
662
905
  # parameters. (For example, "Key1=Value1")
906
+ #
907
+ # <note markdown="1"> This functionality is not supported for directory buckets.
908
+ #
909
+ # </note>
663
910
  # @option options [String] :object_lock_mode
664
911
  # The Object Lock mode that you want to apply to this object.
912
+ #
913
+ # <note markdown="1"> This functionality is not supported for directory buckets.
914
+ #
915
+ # </note>
665
916
  # @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
666
917
  # The date and time when you want this object's Object Lock to expire.
667
918
  # Must be formatted as a timestamp parameter.
919
+ #
920
+ # <note markdown="1"> This functionality is not supported for directory buckets.
921
+ #
922
+ # </note>
668
923
  # @option options [String] :object_lock_legal_hold_status
669
924
  # Specifies whether a legal hold will be applied to this object. For
670
- # more information about S3 Object Lock, see [Object Lock][1].
925
+ # more information about S3 Object Lock, see [Object Lock][1] in the
926
+ # *Amazon S3 User Guide*.
927
+ #
928
+ # <note markdown="1"> This functionality is not supported for directory buckets.
929
+ #
930
+ # </note>
671
931
  #
672
932
  #
673
933
  #
674
934
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
675
935
  # @option options [String] :expected_bucket_owner
676
- # The account ID of the expected bucket owner. If the bucket is owned by
677
- # a different account, the request fails with the HTTP status code `403
678
- # Forbidden` (access denied).
936
+ # The account ID of the expected bucket owner. If the account ID that
937
+ # you provide does not match the actual owner of the bucket, the request
938
+ # fails with the HTTP status code `403 Forbidden` (access denied).
679
939
  # @return [Object]
680
940
  def put_object(options = {})
681
941
  options = options.merge(bucket: @name)
@@ -752,6 +1012,11 @@ module Aws::S3
752
1012
  # don't specify the prefix parameter, then the substring starts at the
753
1013
  # beginning of the key. The keys that are grouped under `CommonPrefixes`
754
1014
  # result element are not returned elsewhere in the response.
1015
+ #
1016
+ # <note markdown="1"> **Directory buckets** - For directory buckets, `/` is the only
1017
+ # supported delimiter.
1018
+ #
1019
+ # </note>
755
1020
  # @option options [String] :encoding_type
756
1021
  # Requests Amazon S3 to encode the object keys in the response and
757
1022
  # specifies the encoding method to use. An object key can contain any
@@ -760,22 +1025,43 @@ module Aws::S3
760
1025
  # characters that are not supported in XML 1.0, you can add this
761
1026
  # parameter to request that Amazon S3 encode the keys in the response.
762
1027
  # @option options [String] :key_marker
763
- # Together with `upload-id-marker`, this parameter specifies the
764
- # multipart upload after which listing should begin.
1028
+ # Specifies the multipart upload after which listing should begin.
765
1029
  #
766
- # If `upload-id-marker` is not specified, only the keys
767
- # lexicographically greater than the specified `key-marker` will be
768
- # included in the list.
1030
+ # <note markdown="1"> * **General purpose buckets** - For general purpose buckets,
1031
+ # `key-marker` is an object key. Together with `upload-id-marker`,
1032
+ # this parameter specifies the multipart upload after which listing
1033
+ # should begin.
769
1034
  #
770
- # If `upload-id-marker` is specified, any multipart uploads for a key
771
- # equal to the `key-marker` might also be included, provided those
772
- # multipart uploads have upload IDs lexicographically greater than the
773
- # specified `upload-id-marker`.
1035
+ # If `upload-id-marker` is not specified, only the keys
1036
+ # lexicographically greater than the specified `key-marker` will be
1037
+ # included in the list.
1038
+ #
1039
+ # If `upload-id-marker` is specified, any multipart uploads for a key
1040
+ # equal to the `key-marker` might also be included, provided those
1041
+ # multipart uploads have upload IDs lexicographically greater than the
1042
+ # specified `upload-id-marker`.
1043
+ #
1044
+ # * **Directory buckets** - For directory buckets, `key-marker` is
1045
+ # obfuscated and isn't a real object key. The `upload-id-marker`
1046
+ # parameter isn't supported by directory buckets. To list the
1047
+ # additional multipart uploads, you only need to set the value of
1048
+ # `key-marker` to the `NextKeyMarker` value from the previous
1049
+ # response.
1050
+ #
1051
+ # In the `ListMultipartUploads` response, the multipart uploads
1052
+ # aren't sorted lexicographically based on the object keys.
1053
+ #
1054
+ # </note>
774
1055
  # @option options [String] :prefix
775
1056
  # Lists in-progress uploads only for those keys that begin with the
776
1057
  # specified prefix. You can use prefixes to separate a bucket into
777
1058
  # different grouping of keys. (You can think of using `prefix` to make
778
1059
  # groups in the same way that you'd use a folder in a file system.)
1060
+ #
1061
+ # <note markdown="1"> **Directory buckets** - For directory buckets, only prefixes that end
1062
+ # in a delimiter (`/`) are supported.
1063
+ #
1064
+ # </note>
779
1065
  # @option options [String] :upload_id_marker
780
1066
  # Together with key-marker, specifies the multipart upload after which
781
1067
  # listing should begin. If key-marker is not specified, the
@@ -783,17 +1069,27 @@ module Aws::S3
783
1069
  # uploads for a key equal to the key-marker might be included in the
784
1070
  # list only if they have an upload ID lexicographically greater than the
785
1071
  # specified `upload-id-marker`.
1072
+ #
1073
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1074
+ #
1075
+ # </note>
786
1076
  # @option options [String] :expected_bucket_owner
787
- # The account ID of the expected bucket owner. If the bucket is owned by
788
- # a different account, the request fails with the HTTP status code `403
789
- # Forbidden` (access denied).
1077
+ # The account ID of the expected bucket owner. If the account ID that
1078
+ # you provide does not match the actual owner of the bucket, the request
1079
+ # fails with the HTTP status code `403 Forbidden` (access denied).
790
1080
  # @option options [String] :request_payer
791
1081
  # Confirms that the requester knows that they will be charged for the
792
1082
  # request. Bucket owners need not specify this parameter in their
793
- # requests. For information about downloading objects from Requester
1083
+ # requests. If either the source or destination S3 bucket has Requester
1084
+ # Pays enabled, the requester will pay for corresponding charges to copy
1085
+ # the object. For information about downloading objects from Requester
794
1086
  # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
795
1087
  # in the *Amazon S3 User Guide*.
796
1088
  #
1089
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1090
+ #
1091
+ # </note>
1092
+ #
797
1093
  #
798
1094
  #
799
1095
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
@@ -878,16 +1174,22 @@ module Aws::S3
878
1174
  # @option options [String] :version_id_marker
879
1175
  # Specifies the object version you want to start listing from.
880
1176
  # @option options [String] :expected_bucket_owner
881
- # The account ID of the expected bucket owner. If the bucket is owned by
882
- # a different account, the request fails with the HTTP status code `403
883
- # Forbidden` (access denied).
1177
+ # The account ID of the expected bucket owner. If the account ID that
1178
+ # you provide does not match the actual owner of the bucket, the request
1179
+ # fails with the HTTP status code `403 Forbidden` (access denied).
884
1180
  # @option options [String] :request_payer
885
1181
  # Confirms that the requester knows that they will be charged for the
886
1182
  # request. Bucket owners need not specify this parameter in their
887
- # requests. For information about downloading objects from Requester
1183
+ # requests. If either the source or destination S3 bucket has Requester
1184
+ # Pays enabled, the requester will pay for corresponding charges to copy
1185
+ # the object. For information about downloading objects from Requester
888
1186
  # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
889
1187
  # in the *Amazon S3 User Guide*.
890
1188
  #
1189
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1190
+ #
1191
+ # </note>
1192
+ #
891
1193
  #
892
1194
  #
893
1195
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
@@ -933,29 +1235,67 @@ module Aws::S3
933
1235
  # @param [Hash] options ({})
934
1236
  # @option options [String] :delimiter
935
1237
  # A delimiter is a character that you use to group keys.
1238
+ #
1239
+ # <note markdown="1"> * **Directory buckets** - For directory buckets, `/` is the only
1240
+ # supported delimiter.
1241
+ #
1242
+ # * <b>Directory buckets </b> - When you query `ListObjectsV2` with a
1243
+ # delimiter during in-progress multipart uploads, the `CommonPrefixes`
1244
+ # response parameter contains the prefixes that are associated with
1245
+ # the in-progress multipart uploads. For more information about
1246
+ # multipart uploads, see [Multipart Upload Overview][1] in the *Amazon
1247
+ # S3 User Guide*.
1248
+ #
1249
+ # </note>
1250
+ #
1251
+ #
1252
+ #
1253
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html
936
1254
  # @option options [String] :encoding_type
937
1255
  # Encoding type used by Amazon S3 to encode object keys in the response.
938
1256
  # @option options [String] :prefix
939
1257
  # Limits the response to keys that begin with the specified prefix.
1258
+ #
1259
+ # <note markdown="1"> **Directory buckets** - For directory buckets, only prefixes that end
1260
+ # in a delimiter (`/`) are supported.
1261
+ #
1262
+ # </note>
940
1263
  # @option options [Boolean] :fetch_owner
941
1264
  # The owner field is not present in `ListObjectsV2` by default. If you
942
1265
  # want to return the owner field with each key in the result, then set
943
1266
  # the `FetchOwner` field to `true`.
1267
+ #
1268
+ # <note markdown="1"> **Directory buckets** - For directory buckets, the bucket owner is
1269
+ # returned as the object owner for all objects.
1270
+ #
1271
+ # </note>
944
1272
  # @option options [String] :start_after
945
1273
  # StartAfter is where you want Amazon S3 to start listing from. Amazon
946
1274
  # S3 starts listing after this specified key. StartAfter can be any key
947
1275
  # in the bucket.
1276
+ #
1277
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1278
+ #
1279
+ # </note>
948
1280
  # @option options [String] :request_payer
949
1281
  # Confirms that the requester knows that she or he will be charged for
950
1282
  # the list objects request in V2 style. Bucket owners need not specify
951
1283
  # this parameter in their requests.
1284
+ #
1285
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1286
+ #
1287
+ # </note>
952
1288
  # @option options [String] :expected_bucket_owner
953
- # The account ID of the expected bucket owner. If the bucket is owned by
954
- # a different account, the request fails with the HTTP status code `403
955
- # Forbidden` (access denied).
1289
+ # The account ID of the expected bucket owner. If the account ID that
1290
+ # you provide does not match the actual owner of the bucket, the request
1291
+ # fails with the HTTP status code `403 Forbidden` (access denied).
956
1292
  # @option options [Array<String>] :optional_object_attributes
957
1293
  # Specifies the optional fields that you want returned in the response.
958
1294
  # Fields that you do not specify are not returned.
1295
+ #
1296
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1297
+ #
1298
+ # </note>
959
1299
  # @return [ObjectSummary::Collection]
960
1300
  def objects(options = {})
961
1301
  batches = Enumerator.new do |y|