aws-sdk-s3 1.136.0 → 1.142.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +35 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-s3/bucket.rb +424 -93
  5. data/lib/aws-sdk-s3/bucket_acl.rb +9 -9
  6. data/lib/aws-sdk-s3/bucket_cors.rb +12 -12
  7. data/lib/aws-sdk-s3/bucket_lifecycle.rb +12 -12
  8. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +12 -12
  9. data/lib/aws-sdk-s3/bucket_logging.rb +16 -9
  10. data/lib/aws-sdk-s3/bucket_notification.rb +3 -3
  11. data/lib/aws-sdk-s3/bucket_policy.rb +58 -14
  12. data/lib/aws-sdk-s3/bucket_request_payment.rb +9 -9
  13. data/lib/aws-sdk-s3/bucket_tagging.rb +12 -12
  14. data/lib/aws-sdk-s3/bucket_versioning.rb +27 -27
  15. data/lib/aws-sdk-s3/bucket_website.rb +12 -12
  16. data/lib/aws-sdk-s3/client.rb +5527 -2417
  17. data/lib/aws-sdk-s3/client_api.rb +111 -16
  18. data/lib/aws-sdk-s3/customizations.rb +5 -0
  19. data/lib/aws-sdk-s3/endpoint_parameters.rb +32 -0
  20. data/lib/aws-sdk-s3/endpoint_provider.rb +82 -0
  21. data/lib/aws-sdk-s3/endpoints.rb +440 -0
  22. data/lib/aws-sdk-s3/express_credentials.rb +55 -0
  23. data/lib/aws-sdk-s3/express_credentials_cache.rb +30 -0
  24. data/lib/aws-sdk-s3/express_credentials_provider.rb +36 -0
  25. data/lib/aws-sdk-s3/file_downloader.rb +0 -1
  26. data/lib/aws-sdk-s3/multipart_file_uploader.rb +0 -1
  27. data/lib/aws-sdk-s3/multipart_stream_uploader.rb +0 -1
  28. data/lib/aws-sdk-s3/multipart_upload.rb +75 -28
  29. data/lib/aws-sdk-s3/multipart_upload_part.rb +164 -43
  30. data/lib/aws-sdk-s3/object.rb +1498 -247
  31. data/lib/aws-sdk-s3/object_acl.rb +31 -19
  32. data/lib/aws-sdk-s3/object_summary.rb +1369 -272
  33. data/lib/aws-sdk-s3/object_version.rb +305 -58
  34. data/lib/aws-sdk-s3/plugins/endpoints.rb +13 -2
  35. data/lib/aws-sdk-s3/plugins/express_session_auth.rb +90 -0
  36. data/lib/aws-sdk-s3/plugins/location_constraint.rb +3 -1
  37. data/lib/aws-sdk-s3/plugins/md5s.rb +2 -1
  38. data/lib/aws-sdk-s3/presigner.rb +2 -2
  39. data/lib/aws-sdk-s3/resource.rb +83 -11
  40. data/lib/aws-sdk-s3/types.rb +4338 -1252
  41. data/lib/aws-sdk-s3.rb +1 -1
  42. metadata +11 -7
@@ -45,6 +45,10 @@ module Aws::S3
45
45
  # Specifies whether the object retrieved was (true) or was not (false) a
46
46
  # Delete Marker. If false, this response header does not appear in the
47
47
  # response.
48
+ #
49
+ # <note markdown="1"> This functionality is not supported for directory buckets.
50
+ #
51
+ # </note>
48
52
  # @return [Boolean]
49
53
  def delete_marker
50
54
  data[:delete_marker]
@@ -56,10 +60,19 @@ module Aws::S3
56
60
  data[:accept_ranges]
57
61
  end
58
62
 
59
- # If the object expiration is configured (see PUT Bucket lifecycle), the
60
- # response includes this header. It includes the `expiry-date` and
61
- # `rule-id` key-value pairs providing object expiration information. The
62
- # value of the `rule-id` is URL-encoded.
63
+ # If the object expiration is configured (see [
64
+ # `PutBucketLifecycleConfiguration` ][1]), the response includes this
65
+ # header. It includes the `expiry-date` and `rule-id` key-value pairs
66
+ # providing object expiration information. The value of the `rule-id` is
67
+ # URL-encoded.
68
+ #
69
+ # <note markdown="1"> This functionality is not supported for directory buckets.
70
+ #
71
+ # </note>
72
+ #
73
+ #
74
+ #
75
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html
63
76
  # @return [String]
64
77
  def expiration
65
78
  data[:expiration]
@@ -82,6 +95,12 @@ module Aws::S3
82
95
  # For more information about archiving objects, see [Transitioning
83
96
  # Objects: General Considerations][2].
84
97
  #
98
+ # <note markdown="1"> This functionality is not supported for directory buckets. Only the S3
99
+ # Express One Zone storage class is supported by directory buckets to
100
+ # store objects.
101
+ #
102
+ # </note>
103
+ #
85
104
  #
86
105
  #
87
106
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html
@@ -92,12 +111,16 @@ module Aws::S3
92
111
  end
93
112
 
94
113
  # The archive state of the head object.
114
+ #
115
+ # <note markdown="1"> This functionality is not supported for directory buckets.
116
+ #
117
+ # </note>
95
118
  # @return [String]
96
119
  def archive_status
97
120
  data[:archive_status]
98
121
  end
99
122
 
100
- # Creation date of the object.
123
+ # Date and time when the object was last modified.
101
124
  # @return [Time]
102
125
  def last_modified
103
126
  data[:last_modified]
@@ -110,10 +133,13 @@ module Aws::S3
110
133
  end
111
134
 
112
135
  # The base64-encoded, 32-bit CRC32 checksum of the object. This will
113
- # only be present if it was uploaded with the object. With multipart
114
- # uploads, this may not be a checksum value of the object. For more
115
- # information about how checksums are calculated with multipart uploads,
116
- # see [ Checking object integrity][1] in the *Amazon S3 User Guide*.
136
+ # only be present if it was uploaded with the object. When you use an
137
+ # API operation on an object that was uploaded using multipart uploads,
138
+ # this value may not be a direct checksum value of the full object.
139
+ # Instead, it's a calculation based on the checksum values of each
140
+ # individual part. For more information about how checksums are
141
+ # calculated with multipart uploads, see [ Checking object integrity][1]
142
+ # in the *Amazon S3 User Guide*.
117
143
  #
118
144
  #
119
145
  #
@@ -124,10 +150,13 @@ module Aws::S3
124
150
  end
125
151
 
126
152
  # The base64-encoded, 32-bit CRC32C checksum of the object. This will
127
- # only be present if it was uploaded with the object. With multipart
128
- # uploads, this may not be a checksum value of the object. For more
129
- # information about how checksums are calculated with multipart uploads,
130
- # see [ Checking object integrity][1] in the *Amazon S3 User Guide*.
153
+ # only be present if it was uploaded with the object. When you use an
154
+ # API operation on an object that was uploaded using multipart uploads,
155
+ # this value may not be a direct checksum value of the full object.
156
+ # Instead, it's a calculation based on the checksum values of each
157
+ # individual part. For more information about how checksums are
158
+ # calculated with multipart uploads, see [ Checking object integrity][1]
159
+ # in the *Amazon S3 User Guide*.
131
160
  #
132
161
  #
133
162
  #
@@ -138,10 +167,13 @@ module Aws::S3
138
167
  end
139
168
 
140
169
  # The base64-encoded, 160-bit SHA-1 digest of the object. This will only
141
- # be present if it was uploaded with the object. With multipart uploads,
142
- # this may not be a checksum value of the object. For more information
143
- # about how checksums are calculated with multipart uploads, see [
144
- # Checking object integrity][1] in the *Amazon S3 User Guide*.
170
+ # be present if it was uploaded with the object. When you use the API
171
+ # operation on an object that was uploaded using multipart uploads, this
172
+ # value may not be a direct checksum value of the full object. Instead,
173
+ # it's a calculation based on the checksum values of each individual
174
+ # part. For more information about how checksums are calculated with
175
+ # multipart uploads, see [ Checking object integrity][1] in the *Amazon
176
+ # S3 User Guide*.
145
177
  #
146
178
  #
147
179
  #
@@ -152,10 +184,13 @@ module Aws::S3
152
184
  end
153
185
 
154
186
  # The base64-encoded, 256-bit SHA-256 digest of the object. This will
155
- # only be present if it was uploaded with the object. With multipart
156
- # uploads, this may not be a checksum value of the object. For more
157
- # information about how checksums are calculated with multipart uploads,
158
- # see [ Checking object integrity][1] in the *Amazon S3 User Guide*.
187
+ # only be present if it was uploaded with the object. When you use an
188
+ # API operation on an object that was uploaded using multipart uploads,
189
+ # this value may not be a direct checksum value of the full object.
190
+ # Instead, it's a calculation based on the checksum values of each
191
+ # individual part. For more information about how checksums are
192
+ # calculated with multipart uploads, see [ Checking object integrity][1]
193
+ # in the *Amazon S3 User Guide*.
159
194
  #
160
195
  #
161
196
  #
@@ -177,12 +212,20 @@ module Aws::S3
177
212
  # API like SOAP that supports more flexible metadata than the REST API.
178
213
  # For example, using SOAP, you can create metadata whose values are not
179
214
  # legal HTTP headers.
215
+ #
216
+ # <note markdown="1"> This functionality is not supported for directory buckets.
217
+ #
218
+ # </note>
180
219
  # @return [Integer]
181
220
  def missing_meta
182
221
  data[:missing_meta]
183
222
  end
184
223
 
185
- # Version of the object.
224
+ # Version ID of the object.
225
+ #
226
+ # <note markdown="1"> This functionality is not supported for directory buckets.
227
+ #
228
+ # </note>
186
229
  # @return [String]
187
230
  def version_id
188
231
  data[:version_id]
@@ -200,7 +243,7 @@ module Aws::S3
200
243
  data[:content_disposition]
201
244
  end
202
245
 
203
- # Specifies what content encodings have been applied to the object and
246
+ # Indicates what content encodings have been applied to the object and
204
247
  # thus what decoding mechanisms must be applied to obtain the media-type
205
248
  # referenced by the Content-Type header field.
206
249
  # @return [String]
@@ -234,13 +277,22 @@ module Aws::S3
234
277
  # If the bucket is configured as a website, redirects requests for this
235
278
  # object to another object in the same bucket or to an external URL.
236
279
  # Amazon S3 stores the value of this header in the object metadata.
280
+ #
281
+ # <note markdown="1"> This functionality is not supported for directory buckets.
282
+ #
283
+ # </note>
237
284
  # @return [String]
238
285
  def website_redirect_location
239
286
  data[:website_redirect_location]
240
287
  end
241
288
 
242
- # The server-side encryption algorithm used when storing this object in
243
- # Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
289
+ # The server-side encryption algorithm used when you store this object
290
+ # in Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
291
+ #
292
+ # <note markdown="1"> For directory buckets, only server-side encryption with Amazon S3
293
+ # managed keys (SSE-S3) (`AES256`) is supported.
294
+ #
295
+ # </note>
244
296
  # @return [String]
245
297
  def server_side_encryption
246
298
  data[:server_side_encryption]
@@ -253,25 +305,37 @@ module Aws::S3
253
305
  end
254
306
 
255
307
  # If server-side encryption with a customer-provided encryption key was
256
- # requested, the response will include this header confirming the
257
- # encryption algorithm used.
308
+ # requested, the response will include this header to confirm the
309
+ # encryption algorithm that's used.
310
+ #
311
+ # <note markdown="1"> This functionality is not supported for directory buckets.
312
+ #
313
+ # </note>
258
314
  # @return [String]
259
315
  def sse_customer_algorithm
260
316
  data[:sse_customer_algorithm]
261
317
  end
262
318
 
263
319
  # If server-side encryption with a customer-provided encryption key was
264
- # requested, the response will include this header to provide round-trip
265
- # message integrity verification of the customer-provided encryption
266
- # key.
320
+ # requested, the response will include this header to provide the
321
+ # round-trip message integrity verification of the customer-provided
322
+ # encryption key.
323
+ #
324
+ # <note markdown="1"> This functionality is not supported for directory buckets.
325
+ #
326
+ # </note>
267
327
  # @return [String]
268
328
  def sse_customer_key_md5
269
329
  data[:sse_customer_key_md5]
270
330
  end
271
331
 
272
- # If present, specifies the ID of the Key Management Service (KMS)
332
+ # If present, indicates the ID of the Key Management Service (KMS)
273
333
  # symmetric encryption customer managed key that was used for the
274
334
  # object.
335
+ #
336
+ # <note markdown="1"> This functionality is not supported for directory buckets.
337
+ #
338
+ # </note>
275
339
  # @return [String]
276
340
  def ssekms_key_id
277
341
  data[:ssekms_key_id]
@@ -279,6 +343,10 @@ module Aws::S3
279
343
 
280
344
  # Indicates whether the object uses an S3 Bucket Key for server-side
281
345
  # encryption with Key Management Service (KMS) keys (SSE-KMS).
346
+ #
347
+ # <note markdown="1"> This functionality is not supported for directory buckets.
348
+ #
349
+ # </note>
282
350
  # @return [Boolean]
283
351
  def bucket_key_enabled
284
352
  data[:bucket_key_enabled]
@@ -290,6 +358,11 @@ module Aws::S3
290
358
  #
291
359
  # For more information, see [Storage Classes][1].
292
360
  #
361
+ # <note markdown="1"> <b>Directory buckets </b> - Only the S3 Express One Zone storage class
362
+ # is supported by directory buckets to store objects.
363
+ #
364
+ # </note>
365
+ #
293
366
  #
294
367
  #
295
368
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
@@ -300,6 +373,10 @@ module Aws::S3
300
373
 
301
374
  # If present, indicates that the requester was successfully charged for
302
375
  # the request.
376
+ #
377
+ # <note markdown="1"> This functionality is not supported for directory buckets.
378
+ #
379
+ # </note>
303
380
  # @return [String]
304
381
  def request_charged
305
382
  data[:request_charged]
@@ -342,6 +419,10 @@ module Aws::S3
342
419
  #
343
420
  # For more information, see [Replication][1].
344
421
  #
422
+ # <note markdown="1"> This functionality is not supported for directory buckets.
423
+ #
424
+ # </note>
425
+ #
345
426
  #
346
427
  #
347
428
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html
@@ -363,6 +444,10 @@ module Aws::S3
363
444
  # `s3:GetObjectRetention` permission. For more information about S3
364
445
  # Object Lock, see [Object Lock][1].
365
446
  #
447
+ # <note markdown="1"> This functionality is not supported for directory buckets.
448
+ #
449
+ # </note>
450
+ #
366
451
  #
367
452
  #
368
453
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
@@ -374,6 +459,10 @@ module Aws::S3
374
459
  # The date and time when the Object Lock retention period expires. This
375
460
  # header is only returned if the requester has the
376
461
  # `s3:GetObjectRetention` permission.
462
+ #
463
+ # <note markdown="1"> This functionality is not supported for directory buckets.
464
+ #
465
+ # </note>
377
466
  # @return [Time]
378
467
  def object_lock_retain_until_date
379
468
  data[:object_lock_retain_until_date]
@@ -385,6 +474,10 @@ module Aws::S3
385
474
  # specified version of this object has never had a legal hold applied.
386
475
  # For more information about S3 Object Lock, see [Object Lock][1].
387
476
  #
477
+ # <note markdown="1"> This functionality is not supported for directory buckets.
478
+ #
479
+ # </note>
480
+ #
388
481
  #
389
482
  #
390
483
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
@@ -616,7 +709,7 @@ module Aws::S3
616
709
  # metadata_directive: "COPY", # accepts COPY, REPLACE
617
710
  # tagging_directive: "COPY", # accepts COPY, REPLACE
618
711
  # server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
619
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
712
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
620
713
  # website_redirect_location: "WebsiteRedirectLocation",
621
714
  # sse_customer_algorithm: "SSECustomerAlgorithm",
622
715
  # sse_customer_key: "SSECustomerKey",
@@ -637,40 +730,98 @@ module Aws::S3
637
730
  # })
638
731
  # @param [Hash] options ({})
639
732
  # @option options [String] :acl
640
- # The canned ACL to apply to the object.
733
+ # The canned access control list (ACL) to apply to the object.
734
+ #
735
+ # When you copy an object, the ACL metadata is not preserved and is set
736
+ # to `private` by default. Only the owner has full access control. To
737
+ # override the default ACL setting, specify a new ACL when you generate
738
+ # a copy request. For more information, see [Using ACLs][1].
739
+ #
740
+ # If the destination bucket that you're copying objects to uses the
741
+ # bucket owner enforced setting for S3 Object Ownership, ACLs are
742
+ # disabled and no longer affect permissions. Buckets that use this
743
+ # setting only accept `PUT` requests that don't specify an ACL or `PUT`
744
+ # requests that specify bucket owner full control ACLs, such as the
745
+ # `bucket-owner-full-control` canned ACL or an equivalent form of this
746
+ # ACL expressed in the XML format. For more information, see
747
+ # [Controlling ownership of objects and disabling ACLs][2] in the
748
+ # *Amazon S3 User Guide*.
641
749
  #
642
- # This action is not supported by Amazon S3 on Outposts.
750
+ # <note markdown="1"> * If your destination bucket uses the bucket owner enforced setting
751
+ # for Object Ownership, all objects written to the bucket by any
752
+ # account will be owned by the bucket owner.
753
+ #
754
+ # * This functionality is not supported for directory buckets.
755
+ #
756
+ # * This functionality is not supported for Amazon S3 on Outposts.
757
+ #
758
+ # </note>
759
+ #
760
+ #
761
+ #
762
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html
763
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
643
764
  # @option options [String] :cache_control
644
- # Specifies caching behavior along the request/reply chain.
765
+ # Specifies the caching behavior along the request/reply chain.
645
766
  # @option options [String] :checksum_algorithm
646
- # Indicates the algorithm you want Amazon S3 to use to create the
767
+ # Indicates the algorithm that you want Amazon S3 to use to create the
647
768
  # checksum for the object. For more information, see [Checking object
648
769
  # integrity][1] in the *Amazon S3 User Guide*.
649
770
  #
771
+ # When you copy an object, if the source object has a checksum, that
772
+ # checksum value will be copied to the new object by default. If the
773
+ # `CopyObject` request does not include this `x-amz-checksum-algorithm`
774
+ # header, the checksum algorithm will be copied from the source object
775
+ # to the destination object (if it's present on the source object). You
776
+ # can optionally specify a different checksum algorithm to use with the
777
+ # `x-amz-checksum-algorithm` header. Unrecognized or unsupported values
778
+ # will respond with the HTTP status code `400 Bad Request`.
779
+ #
780
+ # <note markdown="1"> For directory buckets, when you use Amazon Web Services SDKs, `CRC32`
781
+ # is the default checksum algorithm that's used for performance.
782
+ #
783
+ # </note>
784
+ #
650
785
  #
651
786
  #
652
787
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
653
788
  # @option options [String] :content_disposition
654
- # Specifies presentational information for the object.
789
+ # Specifies presentational information for the object. Indicates whether
790
+ # an object should be displayed in a web browser or downloaded as a
791
+ # file. It allows specifying the desired filename for the downloaded
792
+ # file.
655
793
  # @option options [String] :content_encoding
656
794
  # Specifies what content encodings have been applied to the object and
657
795
  # thus what decoding mechanisms must be applied to obtain the media-type
658
796
  # referenced by the Content-Type header field.
797
+ #
798
+ # <note markdown="1"> For directory buckets, only the `aws-chunked` value is supported in
799
+ # this header field.
800
+ #
801
+ # </note>
659
802
  # @option options [String] :content_language
660
803
  # The language the content is in.
661
804
  # @option options [String] :content_type
662
- # A standard MIME type describing the format of the object data.
805
+ # A standard MIME type that describes the format of the object data.
663
806
  # @option options [required, String] :copy_source
664
- # Specifies the source object for the copy operation. You specify the
665
- # value in one of two formats, depending on whether you want to access
666
- # the source object through an [access point][1]:
807
+ # Specifies the source object for the copy operation. The source object
808
+ # can be up to 5 GB. If the source object is an object that was uploaded
809
+ # by using a multipart upload, the object copy will be a single part
810
+ # object after the source object is copied to the destination bucket.
811
+ #
812
+ # You specify the value of the copy source in one of two formats,
813
+ # depending on whether you want to access the source object through an
814
+ # [access point][1]:
667
815
  #
668
816
  # * For objects not accessed through an access point, specify the name
669
817
  # of the source bucket and the key of the source object, separated by
670
818
  # a slash (/). For example, to copy the object `reports/january.pdf`
671
- # from the bucket `awsexamplebucket`, use
819
+ # from the general purpose bucket `awsexamplebucket`, use
672
820
  # `awsexamplebucket/reports/january.pdf`. The value must be
673
- # URL-encoded.
821
+ # URL-encoded. To copy the object `reports/january.pdf` from the
822
+ # directory bucket `awsexamplebucket--use1-az5--x-s3`, use
823
+ # `awsexamplebucket--use1-az5--x-s3/reports/january.pdf`. The value
824
+ # must be URL-encoded.
674
825
  #
675
826
  # * For objects accessed through access points, specify the Amazon
676
827
  # Resource Name (ARN) of the object as accessed through the access
@@ -682,9 +833,11 @@ module Aws::S3
682
833
  # `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
683
834
  # The value must be URL encoded.
684
835
  #
685
- # <note markdown="1"> Amazon S3 supports copy operations using access points only when the
686
- # source and destination buckets are in the same Amazon Web Services
687
- # Region.
836
+ # <note markdown="1"> * Amazon S3 supports copy operations using Access points only when
837
+ # the source and destination buckets are in the same Amazon Web
838
+ # Services Region.
839
+ #
840
+ # * Access points are not supported by directory buckets.
688
841
  #
689
842
  # </note>
690
843
  #
@@ -697,87 +850,315 @@ module Aws::S3
697
850
  # `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`.
698
851
  # The value must be URL-encoded.
699
852
  #
700
- # To copy a specific version of an object, append
701
- # `?versionId=<version-id>` to the value (for example,
853
+ # If your source bucket versioning is enabled, the `x-amz-copy-source`
854
+ # header by default identifies the current version of an object to copy.
855
+ # If the current version is a delete marker, Amazon S3 behaves as if the
856
+ # object was deleted. To copy a different version, use the `versionId`
857
+ # query parameter. Specifically, append `?versionId=<version-id>` to the
858
+ # value (for example,
702
859
  # `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
703
860
  # If you don't specify a version ID, Amazon S3 copies the latest
704
861
  # version of the source object.
705
862
  #
863
+ # If you enable versioning on the destination bucket, Amazon S3
864
+ # generates a unique version ID for the copied object. This version ID
865
+ # is different from the version ID of the source object. Amazon S3
866
+ # returns the version ID of the copied object in the `x-amz-version-id`
867
+ # response header in the response.
868
+ #
869
+ # If you do not enable versioning or suspend it on the destination
870
+ # bucket, the version ID that Amazon S3 generates in the
871
+ # `x-amz-version-id` response header is always null.
872
+ #
873
+ # <note markdown="1"> **Directory buckets** - S3 Versioning isn't enabled and supported for
874
+ # directory buckets.
875
+ #
876
+ # </note>
877
+ #
706
878
  #
707
879
  #
708
880
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html
709
881
  # @option options [String] :copy_source_if_match
710
882
  # Copies the object if its entity tag (ETag) matches the specified tag.
883
+ #
884
+ # If both the `x-amz-copy-source-if-match` and
885
+ # `x-amz-copy-source-if-unmodified-since` headers are present in the
886
+ # request and evaluate as follows, Amazon S3 returns `200 OK` and copies
887
+ # the data:
888
+ #
889
+ # * `x-amz-copy-source-if-match` condition evaluates to true
890
+ #
891
+ # * `x-amz-copy-source-if-unmodified-since` condition evaluates to false
711
892
  # @option options [Time,DateTime,Date,Integer,String] :copy_source_if_modified_since
712
893
  # Copies the object if it has been modified since the specified time.
894
+ #
895
+ # If both the `x-amz-copy-source-if-none-match` and
896
+ # `x-amz-copy-source-if-modified-since` headers are present in the
897
+ # request and evaluate as follows, Amazon S3 returns the `412
898
+ # Precondition Failed` response code:
899
+ #
900
+ # * `x-amz-copy-source-if-none-match` condition evaluates to false
901
+ #
902
+ # * `x-amz-copy-source-if-modified-since` condition evaluates to true
713
903
  # @option options [String] :copy_source_if_none_match
714
904
  # Copies the object if its entity tag (ETag) is different than the
715
905
  # specified ETag.
906
+ #
907
+ # If both the `x-amz-copy-source-if-none-match` and
908
+ # `x-amz-copy-source-if-modified-since` headers are present in the
909
+ # request and evaluate as follows, Amazon S3 returns the `412
910
+ # Precondition Failed` response code:
911
+ #
912
+ # * `x-amz-copy-source-if-none-match` condition evaluates to false
913
+ #
914
+ # * `x-amz-copy-source-if-modified-since` condition evaluates to true
716
915
  # @option options [Time,DateTime,Date,Integer,String] :copy_source_if_unmodified_since
717
916
  # Copies the object if it hasn't been modified since the specified
718
917
  # time.
918
+ #
919
+ # If both the `x-amz-copy-source-if-match` and
920
+ # `x-amz-copy-source-if-unmodified-since` headers are present in the
921
+ # request and evaluate as follows, Amazon S3 returns `200 OK` and copies
922
+ # the data:
923
+ #
924
+ # * `x-amz-copy-source-if-match` condition evaluates to true
925
+ #
926
+ # * `x-amz-copy-source-if-unmodified-since` condition evaluates to false
719
927
  # @option options [Time,DateTime,Date,Integer,String] :expires
720
928
  # The date and time at which the object is no longer cacheable.
721
929
  # @option options [String] :grant_full_control
722
930
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
723
931
  # object.
724
932
  #
725
- # This action is not supported by Amazon S3 on Outposts.
933
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
934
+ #
935
+ # * This functionality is not supported for Amazon S3 on Outposts.
936
+ #
937
+ # </note>
726
938
  # @option options [String] :grant_read
727
939
  # Allows grantee to read the object data and its metadata.
728
940
  #
729
- # This action is not supported by Amazon S3 on Outposts.
941
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
942
+ #
943
+ # * This functionality is not supported for Amazon S3 on Outposts.
944
+ #
945
+ # </note>
730
946
  # @option options [String] :grant_read_acp
731
947
  # Allows grantee to read the object ACL.
732
948
  #
733
- # This action is not supported by Amazon S3 on Outposts.
949
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
950
+ #
951
+ # * This functionality is not supported for Amazon S3 on Outposts.
952
+ #
953
+ # </note>
734
954
  # @option options [String] :grant_write_acp
735
955
  # Allows grantee to write the ACL for the applicable object.
736
956
  #
737
- # This action is not supported by Amazon S3 on Outposts.
957
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
958
+ #
959
+ # * This functionality is not supported for Amazon S3 on Outposts.
960
+ #
961
+ # </note>
738
962
  # @option options [Hash<String,String>] :metadata
739
963
  # A map of metadata to store with the object in S3.
740
964
  # @option options [String] :metadata_directive
741
965
  # Specifies whether the metadata is copied from the source object or
742
- # replaced with metadata provided in the request.
966
+ # replaced with metadata that's provided in the request. When copying
967
+ # an object, you can preserve all metadata (the default) or specify new
968
+ # metadata. If this header isn’t specified, `COPY` is the default
969
+ # behavior.
970
+ #
971
+ # **General purpose bucket** - For general purpose buckets, when you
972
+ # grant permissions, you can use the `s3:x-amz-metadata-directive`
973
+ # condition key to enforce certain metadata behavior when objects are
974
+ # uploaded. For more information, see [Amazon S3 condition key
975
+ # examples][1] in the *Amazon S3 User Guide*.
976
+ #
977
+ # <note markdown="1"> `x-amz-website-redirect-location` is unique to each object and is not
978
+ # copied when using the `x-amz-metadata-directive` header. To copy the
979
+ # value, you must specify `x-amz-website-redirect-location` in the
980
+ # request header.
981
+ #
982
+ # </note>
983
+ #
984
+ #
985
+ #
986
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html
743
987
  # @option options [String] :tagging_directive
744
- # Specifies whether the object tag-set are copied from the source object
745
- # or replaced with tag-set provided in the request.
988
+ # Specifies whether the object tag-set is copied from the source object
989
+ # or replaced with the tag-set that's provided in the request.
990
+ #
991
+ # The default value is `COPY`.
992
+ #
993
+ # <note markdown="1"> **Directory buckets** - For directory buckets in a `CopyObject`
994
+ # operation, only the empty tag-set is supported. Any requests that
995
+ # attempt to write non-empty tags into directory buckets will receive a
996
+ # `501 Not Implemented` status code. When the destination bucket is a
997
+ # directory bucket, you will receive a `501 Not Implemented` response in
998
+ # any of the following situations:
999
+ #
1000
+ # * When you attempt to `COPY` the tag-set from an S3 source object that
1001
+ # has non-empty tags.
1002
+ #
1003
+ # * When you attempt to `REPLACE` the tag-set of a source object and set
1004
+ # a non-empty value to `x-amz-tagging`.
1005
+ #
1006
+ # * When you don't set the `x-amz-tagging-directive` header and the
1007
+ # source object has non-empty tags. This is because the default value
1008
+ # of `x-amz-tagging-directive` is `COPY`.
1009
+ #
1010
+ # Because only the empty tag-set is supported for directory buckets in a
1011
+ # `CopyObject` operation, the following situations are allowed:
1012
+ #
1013
+ # * When you attempt to `COPY` the tag-set from a directory bucket
1014
+ # source object that has no tags to a general purpose bucket. It
1015
+ # copies an empty tag-set to the destination object.
1016
+ #
1017
+ # * When you attempt to `REPLACE` the tag-set of a directory bucket
1018
+ # source object and set the `x-amz-tagging` value of the directory
1019
+ # bucket destination object to empty.
1020
+ #
1021
+ # * When you attempt to `REPLACE` the tag-set of a general purpose
1022
+ # bucket source object that has non-empty tags and set the
1023
+ # `x-amz-tagging` value of the directory bucket destination object to
1024
+ # empty.
1025
+ #
1026
+ # * When you attempt to `REPLACE` the tag-set of a directory bucket
1027
+ # source object and don't set the `x-amz-tagging` value of the
1028
+ # directory bucket destination object. This is because the default
1029
+ # value of `x-amz-tagging` is the empty value.
1030
+ #
1031
+ # </note>
746
1032
  # @option options [String] :server_side_encryption
747
1033
  # The server-side encryption algorithm used when storing this object in
748
1034
  # Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
1035
+ # Unrecognized or unsupported values won’t write a destination object
1036
+ # and will receive a `400 Bad Request` response.
1037
+ #
1038
+ # Amazon S3 automatically encrypts all new objects that are copied to an
1039
+ # S3 bucket. When copying an object, if you don't specify encryption
1040
+ # information in your copy request, the encryption setting of the target
1041
+ # object is set to the default encryption configuration of the
1042
+ # destination bucket. By default, all buckets have a base level of
1043
+ # encryption configuration that uses server-side encryption with Amazon
1044
+ # S3 managed keys (SSE-S3). If the destination bucket has a default
1045
+ # encryption configuration that uses server-side encryption with Key
1046
+ # Management Service (KMS) keys (SSE-KMS), dual-layer server-side
1047
+ # encryption with Amazon Web Services KMS keys (DSSE-KMS), or
1048
+ # server-side encryption with customer-provided encryption keys (SSE-C),
1049
+ # Amazon S3 uses the corresponding KMS key, or a customer-provided key
1050
+ # to encrypt the target object copy.
1051
+ #
1052
+ # When you perform a `CopyObject` operation, if you want to use a
1053
+ # different type of encryption setting for the target object, you can
1054
+ # specify appropriate encryption-related headers to encrypt the target
1055
+ # object with an Amazon S3 managed key, a KMS key, or a
1056
+ # customer-provided key. If the encryption setting in your request is
1057
+ # different from the default encryption configuration of the destination
1058
+ # bucket, the encryption setting in your request takes precedence.
1059
+ #
1060
+ # With server-side encryption, Amazon S3 encrypts your data as it writes
1061
+ # your data to disks in its data centers and decrypts the data when you
1062
+ # access it. For more information about server-side encryption, see
1063
+ # [Using Server-Side Encryption][1] in the *Amazon S3 User Guide*.
1064
+ #
1065
+ # <note markdown="1"> For directory buckets, only server-side encryption with Amazon S3
1066
+ # managed keys (SSE-S3) (`AES256`) is supported.
1067
+ #
1068
+ # </note>
1069
+ #
1070
+ #
1071
+ #
1072
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
749
1073
  # @option options [String] :storage_class
750
1074
  # If the `x-amz-storage-class` header is not used, the copied object
751
- # will be stored in the STANDARD Storage Class by default. The STANDARD
752
- # storage class provides high durability and high availability.
753
- # Depending on performance needs, you can specify a different Storage
754
- # Class. Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For
755
- # more information, see [Storage Classes][1] in the *Amazon S3 User
756
- # Guide*.
1075
+ # will be stored in the `STANDARD` Storage Class by default. The
1076
+ # `STANDARD` storage class provides high durability and high
1077
+ # availability. Depending on performance needs, you can specify a
1078
+ # different Storage Class.
1079
+ #
1080
+ # <note markdown="1"> * <b>Directory buckets </b> - For directory buckets, only the S3
1081
+ # Express One Zone storage class is supported to store newly created
1082
+ # objects. Unsupported storage class values won't write a destination
1083
+ # object and will respond with the HTTP status code `400 Bad Request`.
1084
+ #
1085
+ # * <b>Amazon S3 on Outposts </b> - S3 on Outposts only uses the
1086
+ # `OUTPOSTS` Storage Class.
1087
+ #
1088
+ # </note>
1089
+ #
1090
+ # You can use the `CopyObject` action to change the storage class of an
1091
+ # object that is already stored in Amazon S3 by using the
1092
+ # `x-amz-storage-class` header. For more information, see [Storage
1093
+ # Classes][1] in the *Amazon S3 User Guide*.
1094
+ #
1095
+ # Before using an object as a source object for the copy operation, you
1096
+ # must restore a copy of it if it meets any of the following conditions:
1097
+ #
1098
+ # * The storage class of the source object is `GLACIER` or
1099
+ # `DEEP_ARCHIVE`.
1100
+ #
1101
+ # * The storage class of the source object is `INTELLIGENT_TIERING` and
1102
+ # it's [S3 Intelligent-Tiering access tier][2] is `Archive Access` or
1103
+ # `Deep Archive Access`.
1104
+ #
1105
+ # For more information, see [RestoreObject][3] and [Copying Objects][4]
1106
+ # in the *Amazon S3 User Guide*.
757
1107
  #
758
1108
  #
759
1109
  #
760
1110
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
1111
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering-overview.html#intel-tiering-tier-definition
1112
+ # [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html
1113
+ # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectsExamples.html
761
1114
  # @option options [String] :website_redirect_location
762
- # If the bucket is configured as a website, redirects requests for this
763
- # object to another object in the same bucket or to an external URL.
764
- # Amazon S3 stores the value of this header in the object metadata. This
765
- # value is unique to each object and is not copied when using the
766
- # `x-amz-metadata-directive` header. Instead, you may opt to provide
767
- # this header in combination with the directive.
1115
+ # If the destination bucket is configured as a website, redirects
1116
+ # requests for this object copy to another object in the same bucket or
1117
+ # to an external URL. Amazon S3 stores the value of this header in the
1118
+ # object metadata. This value is unique to each object and is not copied
1119
+ # when using the `x-amz-metadata-directive` header. Instead, you may opt
1120
+ # to provide this header in combination with the
1121
+ # `x-amz-metadata-directive` header.
1122
+ #
1123
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1124
+ #
1125
+ # </note>
768
1126
  # @option options [String] :sse_customer_algorithm
769
- # Specifies the algorithm to use to when encrypting the object (for
770
- # example, AES256).
1127
+ # Specifies the algorithm to use when encrypting the object (for
1128
+ # example, `AES256`).
1129
+ #
1130
+ # When you perform a `CopyObject` operation, if you want to use a
1131
+ # different type of encryption setting for the target object, you can
1132
+ # specify appropriate encryption-related headers to encrypt the target
1133
+ # object with an Amazon S3 managed key, a KMS key, or a
1134
+ # customer-provided key. If the encryption setting in your request is
1135
+ # different from the default encryption configuration of the destination
1136
+ # bucket, the encryption setting in your request takes precedence.
1137
+ #
1138
+ # <note markdown="1"> This functionality is not supported when the destination bucket is a
1139
+ # directory bucket.
1140
+ #
1141
+ # </note>
771
1142
  # @option options [String] :sse_customer_key
772
1143
  # Specifies the customer-provided encryption key for Amazon S3 to use in
773
1144
  # encrypting data. This value is used to store the object and then it is
774
- # discarded; Amazon S3 does not store the encryption key. The key must
1145
+ # discarded. Amazon S3 does not store the encryption key. The key must
775
1146
  # be appropriate for use with the algorithm specified in the
776
1147
  # `x-amz-server-side-encryption-customer-algorithm` header.
1148
+ #
1149
+ # <note markdown="1"> This functionality is not supported when the destination bucket is a
1150
+ # directory bucket.
1151
+ #
1152
+ # </note>
777
1153
  # @option options [String] :sse_customer_key_md5
778
1154
  # Specifies the 128-bit MD5 digest of the encryption key according to
779
1155
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
780
1156
  # ensure that the encryption key was transmitted without error.
1157
+ #
1158
+ # <note markdown="1"> This functionality is not supported when the destination bucket is a
1159
+ # directory bucket.
1160
+ #
1161
+ # </note>
781
1162
  # @option options [String] :ssekms_key_id
782
1163
  # Specifies the KMS ID (Key ID, Key ARN, or Key Alias) to use for object
783
1164
  # encryption. All GET and PUT requests for an object protected by KMS
@@ -786,63 +1167,179 @@ module Aws::S3
786
1167
  # SDKs and Amazon Web Services CLI, see [Specifying the Signature
787
1168
  # Version in Request Authentication][1] in the *Amazon S3 User Guide*.
788
1169
  #
1170
+ # <note markdown="1"> This functionality is not supported when the destination bucket is a
1171
+ # directory bucket.
1172
+ #
1173
+ # </note>
1174
+ #
789
1175
  #
790
1176
  #
791
1177
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
792
1178
  # @option options [String] :ssekms_encryption_context
793
1179
  # Specifies the Amazon Web Services KMS Encryption Context to use for
794
1180
  # object encryption. The value of this header is a base64-encoded UTF-8
795
- # string holding JSON with the encryption context key-value pairs.
1181
+ # string holding JSON with the encryption context key-value pairs. This
1182
+ # value must be explicitly added to specify encryption context for
1183
+ # `CopyObject` requests.
1184
+ #
1185
+ # <note markdown="1"> This functionality is not supported when the destination bucket is a
1186
+ # directory bucket.
1187
+ #
1188
+ # </note>
796
1189
  # @option options [Boolean] :bucket_key_enabled
797
1190
  # Specifies whether Amazon S3 should use an S3 Bucket Key for object
798
1191
  # encryption with server-side encryption using Key Management Service
799
- # (KMS) keys (SSE-KMS). Setting this header to `true` causes Amazon S3
800
- # to use an S3 Bucket Key for object encryption with SSE-KMS.
1192
+ # (KMS) keys (SSE-KMS). If a target object uses SSE-KMS, you can enable
1193
+ # an S3 Bucket Key for the object.
801
1194
  #
802
- # Specifying this header with a COPY action doesn’t affect bucket-level
803
- # settings for S3 Bucket Key.
1195
+ # Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
1196
+ # for object encryption with SSE-KMS. Specifying this header with a COPY
1197
+ # action doesn’t affect bucket-level settings for S3 Bucket Key.
1198
+ #
1199
+ # For more information, see [Amazon S3 Bucket Keys][1] in the *Amazon S3
1200
+ # User Guide*.
1201
+ #
1202
+ # <note markdown="1"> This functionality is not supported when the destination bucket is a
1203
+ # directory bucket.
1204
+ #
1205
+ # </note>
1206
+ #
1207
+ #
1208
+ #
1209
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html
804
1210
  # @option options [String] :copy_source_sse_customer_algorithm
805
1211
  # Specifies the algorithm to use when decrypting the source object (for
806
- # example, AES256).
1212
+ # example, `AES256`).
1213
+ #
1214
+ # If the source object for the copy is stored in Amazon S3 using SSE-C,
1215
+ # you must provide the necessary encryption information in your request
1216
+ # so that Amazon S3 can decrypt the object for copying.
1217
+ #
1218
+ # <note markdown="1"> This functionality is not supported when the source object is in a
1219
+ # directory bucket.
1220
+ #
1221
+ # </note>
807
1222
  # @option options [String] :copy_source_sse_customer_key
808
1223
  # Specifies the customer-provided encryption key for Amazon S3 to use to
809
1224
  # decrypt the source object. The encryption key provided in this header
810
- # must be one that was used when the source object was created.
1225
+ # must be the same one that was used when the source object was created.
1226
+ #
1227
+ # If the source object for the copy is stored in Amazon S3 using SSE-C,
1228
+ # you must provide the necessary encryption information in your request
1229
+ # so that Amazon S3 can decrypt the object for copying.
1230
+ #
1231
+ # <note markdown="1"> This functionality is not supported when the source object is in a
1232
+ # directory bucket.
1233
+ #
1234
+ # </note>
811
1235
  # @option options [String] :copy_source_sse_customer_key_md5
812
1236
  # Specifies the 128-bit MD5 digest of the encryption key according to
813
1237
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
814
1238
  # ensure that the encryption key was transmitted without error.
1239
+ #
1240
+ # If the source object for the copy is stored in Amazon S3 using SSE-C,
1241
+ # you must provide the necessary encryption information in your request
1242
+ # so that Amazon S3 can decrypt the object for copying.
1243
+ #
1244
+ # <note markdown="1"> This functionality is not supported when the source object is in a
1245
+ # directory bucket.
1246
+ #
1247
+ # </note>
815
1248
  # @option options [String] :request_payer
816
1249
  # Confirms that the requester knows that they will be charged for the
817
1250
  # request. Bucket owners need not specify this parameter in their
818
- # requests. If either the source or destination Amazon S3 bucket has
819
- # Requester Pays enabled, the requester will pay for corresponding
820
- # charges to copy the object. For information about downloading objects
821
- # from Requester Pays buckets, see [Downloading Objects in Requester
822
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
1251
+ # requests. If either the source or destination S3 bucket has Requester
1252
+ # Pays enabled, the requester will pay for corresponding charges to copy
1253
+ # the object. For information about downloading objects from Requester
1254
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1255
+ # in the *Amazon S3 User Guide*.
1256
+ #
1257
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1258
+ #
1259
+ # </note>
823
1260
  #
824
1261
  #
825
1262
  #
826
1263
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
827
1264
  # @option options [String] :tagging
828
- # The tag-set for the object destination object this value must be used
829
- # in conjunction with the `TaggingDirective`. The tag-set must be
830
- # encoded as URL Query parameters.
1265
+ # The tag-set for the object copy in the destination bucket. This value
1266
+ # must be used in conjunction with the `x-amz-tagging-directive` if you
1267
+ # choose `REPLACE` for the `x-amz-tagging-directive`. If you choose
1268
+ # `COPY` for the `x-amz-tagging-directive`, you don't need to set the
1269
+ # `x-amz-tagging` header, because the tag-set will be copied from the
1270
+ # source object directly. The tag-set must be encoded as URL Query
1271
+ # parameters.
1272
+ #
1273
+ # The default value is the empty value.
1274
+ #
1275
+ # <note markdown="1"> **Directory buckets** - For directory buckets in a `CopyObject`
1276
+ # operation, only the empty tag-set is supported. Any requests that
1277
+ # attempt to write non-empty tags into directory buckets will receive a
1278
+ # `501 Not Implemented` status code. When the destination bucket is a
1279
+ # directory bucket, you will receive a `501 Not Implemented` response in
1280
+ # any of the following situations:
1281
+ #
1282
+ # * When you attempt to `COPY` the tag-set from an S3 source object that
1283
+ # has non-empty tags.
1284
+ #
1285
+ # * When you attempt to `REPLACE` the tag-set of a source object and set
1286
+ # a non-empty value to `x-amz-tagging`.
1287
+ #
1288
+ # * When you don't set the `x-amz-tagging-directive` header and the
1289
+ # source object has non-empty tags. This is because the default value
1290
+ # of `x-amz-tagging-directive` is `COPY`.
1291
+ #
1292
+ # Because only the empty tag-set is supported for directory buckets in a
1293
+ # `CopyObject` operation, the following situations are allowed:
1294
+ #
1295
+ # * When you attempt to `COPY` the tag-set from a directory bucket
1296
+ # source object that has no tags to a general purpose bucket. It
1297
+ # copies an empty tag-set to the destination object.
1298
+ #
1299
+ # * When you attempt to `REPLACE` the tag-set of a directory bucket
1300
+ # source object and set the `x-amz-tagging` value of the directory
1301
+ # bucket destination object to empty.
1302
+ #
1303
+ # * When you attempt to `REPLACE` the tag-set of a general purpose
1304
+ # bucket source object that has non-empty tags and set the
1305
+ # `x-amz-tagging` value of the directory bucket destination object to
1306
+ # empty.
1307
+ #
1308
+ # * When you attempt to `REPLACE` the tag-set of a directory bucket
1309
+ # source object and don't set the `x-amz-tagging` value of the
1310
+ # directory bucket destination object. This is because the default
1311
+ # value of `x-amz-tagging` is the empty value.
1312
+ #
1313
+ # </note>
831
1314
  # @option options [String] :object_lock_mode
832
- # The Object Lock mode that you want to apply to the copied object.
1315
+ # The Object Lock mode that you want to apply to the object copy.
1316
+ #
1317
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1318
+ #
1319
+ # </note>
833
1320
  # @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
834
- # The date and time when you want the copied object's Object Lock to
1321
+ # The date and time when you want the Object Lock of the object copy to
835
1322
  # expire.
1323
+ #
1324
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1325
+ #
1326
+ # </note>
836
1327
  # @option options [String] :object_lock_legal_hold_status
837
- # Specifies whether you want to apply a legal hold to the copied object.
1328
+ # Specifies whether you want to apply a legal hold to the object copy.
1329
+ #
1330
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1331
+ #
1332
+ # </note>
838
1333
  # @option options [String] :expected_bucket_owner
839
1334
  # The account ID of the expected destination bucket owner. If the
840
- # destination bucket is owned by a different account, the request fails
841
- # with the HTTP status code `403 Forbidden` (access denied).
1335
+ # account ID that you provide does not match the actual owner of the
1336
+ # destination bucket, the request fails with the HTTP status code `403
1337
+ # Forbidden` (access denied).
842
1338
  # @option options [String] :expected_source_bucket_owner
843
- # The account ID of the expected source bucket owner. If the source
844
- # bucket is owned by a different account, the request fails with the
845
- # HTTP status code `403 Forbidden` (access denied).
1339
+ # The account ID of the expected source bucket owner. If the account ID
1340
+ # that you provide does not match the actual owner of the source bucket,
1341
+ # the request fails with the HTTP status code `403 Forbidden` (access
1342
+ # denied).
846
1343
  # @return [Types::CopyObjectOutput]
847
1344
  def copy_from(options = {})
848
1345
  options = options.merge(
@@ -870,16 +1367,29 @@ module Aws::S3
870
1367
  # space, and the value that is displayed on your authentication device.
871
1368
  # Required to permanently delete a versioned object if versioning is
872
1369
  # configured with MFA delete enabled.
1370
+ #
1371
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1372
+ #
1373
+ # </note>
873
1374
  # @option options [String] :version_id
874
- # VersionId used to reference a specific version of the object.
1375
+ # Version ID used to reference a specific version of the object.
1376
+ #
1377
+ # <note markdown="1"> For directory buckets in this API operation, only the `null` value of
1378
+ # the version ID is supported.
1379
+ #
1380
+ # </note>
875
1381
  # @option options [String] :request_payer
876
1382
  # Confirms that the requester knows that they will be charged for the
877
1383
  # request. Bucket owners need not specify this parameter in their
878
- # requests. If either the source or destination Amazon S3 bucket has
879
- # Requester Pays enabled, the requester will pay for corresponding
880
- # charges to copy the object. For information about downloading objects
881
- # from Requester Pays buckets, see [Downloading Objects in Requester
882
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
1384
+ # requests. If either the source or destination S3 bucket has Requester
1385
+ # Pays enabled, the requester will pay for corresponding charges to copy
1386
+ # the object. For information about downloading objects from Requester
1387
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1388
+ # in the *Amazon S3 User Guide*.
1389
+ #
1390
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1391
+ #
1392
+ # </note>
883
1393
  #
884
1394
  #
885
1395
  #
@@ -888,10 +1398,14 @@ module Aws::S3
888
1398
  # Indicates whether S3 Object Lock should bypass Governance-mode
889
1399
  # restrictions to process this operation. To use this header, you must
890
1400
  # have the `s3:BypassGovernanceRetention` permission.
1401
+ #
1402
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1403
+ #
1404
+ # </note>
891
1405
  # @option options [String] :expected_bucket_owner
892
- # The account ID of the expected bucket owner. If the bucket is owned by
893
- # a different account, the request fails with the HTTP status code `403
894
- # Forbidden` (access denied).
1406
+ # The account ID of the expected bucket owner. If the account ID that
1407
+ # you provide does not match the actual owner of the bucket, the request
1408
+ # fails with the HTTP status code `403 Forbidden` (access denied).
895
1409
  # @return [Types::DeleteObjectOutput]
896
1410
  def delete(options = {})
897
1411
  options = options.merge(
@@ -930,18 +1444,64 @@ module Aws::S3
930
1444
  # @param [Hash] options ({})
931
1445
  # @option options [String] :if_match
932
1446
  # Return the object only if its entity tag (ETag) is the same as the one
933
- # specified; otherwise, return a 412 (precondition failed) error.
1447
+ # specified in this header; otherwise, return a `412 Precondition
1448
+ # Failed` error.
1449
+ #
1450
+ # If both of the `If-Match` and `If-Unmodified-Since` headers are
1451
+ # present in the request as follows: `If-Match` condition evaluates to
1452
+ # `true`, and; `If-Unmodified-Since` condition evaluates to `false`;
1453
+ # then, S3 returns `200 OK` and the data requested.
1454
+ #
1455
+ # For more information about conditional requests, see [RFC 7232][1].
1456
+ #
1457
+ #
1458
+ #
1459
+ # [1]: https://tools.ietf.org/html/rfc7232
934
1460
  # @option options [Time,DateTime,Date,Integer,String] :if_modified_since
935
1461
  # Return the object only if it has been modified since the specified
936
- # time; otherwise, return a 304 (not modified) error.
1462
+ # time; otherwise, return a `304 Not Modified` error.
1463
+ #
1464
+ # If both of the `If-None-Match` and `If-Modified-Since` headers are
1465
+ # present in the request as follows:` If-None-Match` condition evaluates
1466
+ # to `false`, and; `If-Modified-Since` condition evaluates to `true`;
1467
+ # then, S3 returns `304 Not Modified` status code.
1468
+ #
1469
+ # For more information about conditional requests, see [RFC 7232][1].
1470
+ #
1471
+ #
1472
+ #
1473
+ # [1]: https://tools.ietf.org/html/rfc7232
937
1474
  # @option options [String] :if_none_match
938
1475
  # Return the object only if its entity tag (ETag) is different from the
939
- # one specified; otherwise, return a 304 (not modified) error.
1476
+ # one specified in this header; otherwise, return a `304 Not Modified`
1477
+ # error.
1478
+ #
1479
+ # If both of the `If-None-Match` and `If-Modified-Since` headers are
1480
+ # present in the request as follows:` If-None-Match` condition evaluates
1481
+ # to `false`, and; `If-Modified-Since` condition evaluates to `true`;
1482
+ # then, S3 returns `304 Not Modified` HTTP status code.
1483
+ #
1484
+ # For more information about conditional requests, see [RFC 7232][1].
1485
+ #
1486
+ #
1487
+ #
1488
+ # [1]: https://tools.ietf.org/html/rfc7232
940
1489
  # @option options [Time,DateTime,Date,Integer,String] :if_unmodified_since
941
1490
  # Return the object only if it has not been modified since the specified
942
- # time; otherwise, return a 412 (precondition failed) error.
1491
+ # time; otherwise, return a `412 Precondition Failed` error.
1492
+ #
1493
+ # If both of the `If-Match` and `If-Unmodified-Since` headers are
1494
+ # present in the request as follows: `If-Match` condition evaluates to
1495
+ # `true`, and; `If-Unmodified-Since` condition evaluates to `false`;
1496
+ # then, S3 returns `200 OK` and the data requested.
1497
+ #
1498
+ # For more information about conditional requests, see [RFC 7232][1].
1499
+ #
1500
+ #
1501
+ #
1502
+ # [1]: https://tools.ietf.org/html/rfc7232
943
1503
  # @option options [String] :range
944
- # Downloads the specified range bytes of an object. For more information
1504
+ # Downloads the specified byte range of an object. For more information
945
1505
  # about the HTTP Range header, see
946
1506
  # [https://www.rfc-editor.org/rfc/rfc9110.html#name-range][1].
947
1507
  #
@@ -956,7 +1516,7 @@ module Aws::S3
956
1516
  # @option options [String] :response_cache_control
957
1517
  # Sets the `Cache-Control` header of the response.
958
1518
  # @option options [String] :response_content_disposition
959
- # Sets the `Content-Disposition` header of the response
1519
+ # Sets the `Content-Disposition` header of the response.
960
1520
  # @option options [String] :response_content_encoding
961
1521
  # Sets the `Content-Encoding` header of the response.
962
1522
  # @option options [String] :response_content_language
@@ -966,28 +1526,127 @@ module Aws::S3
966
1526
  # @option options [Time,DateTime,Date,Integer,String] :response_expires
967
1527
  # Sets the `Expires` header of the response.
968
1528
  # @option options [String] :version_id
969
- # VersionId used to reference a specific version of the object.
1529
+ # Version ID used to reference a specific version of the object.
1530
+ #
1531
+ # By default, the `GetObject` operation returns the current version of
1532
+ # an object. To return a different version, use the `versionId`
1533
+ # subresource.
1534
+ #
1535
+ # <note markdown="1"> * If you include a `versionId` in your request header, you must have
1536
+ # the `s3:GetObjectVersion` permission to access a specific version of
1537
+ # an object. The `s3:GetObject` permission is not required in this
1538
+ # scenario.
1539
+ #
1540
+ # * If you request the current version of an object without a specific
1541
+ # `versionId` in the request header, only the `s3:GetObject`
1542
+ # permission is required. The `s3:GetObjectVersion` permission is not
1543
+ # required in this scenario.
1544
+ #
1545
+ # * **Directory buckets** - S3 Versioning isn't enabled and supported
1546
+ # for directory buckets. For this API operation, only the `null` value
1547
+ # of the version ID is supported by directory buckets. You can only
1548
+ # specify `null` to the `versionId` query parameter in the request.
1549
+ #
1550
+ # </note>
1551
+ #
1552
+ # For more information about versioning, see [PutBucketVersioning][1].
1553
+ #
1554
+ #
1555
+ #
1556
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html
970
1557
  # @option options [String] :sse_customer_algorithm
971
- # Specifies the algorithm to use to when decrypting the object (for
972
- # example, AES256).
973
- # @option options [String] :sse_customer_key
974
- # Specifies the customer-provided encryption key for Amazon S3 used to
975
- # encrypt the data. This value is used to decrypt the object when
976
- # recovering it and must match the one used when storing the data. The
977
- # key must be appropriate for use with the algorithm specified in the
978
- # `x-amz-server-side-encryption-customer-algorithm` header.
979
- # @option options [String] :sse_customer_key_md5
980
- # Specifies the 128-bit MD5 digest of the encryption key according to
981
- # RFC 1321. Amazon S3 uses this header for a message integrity check to
982
- # ensure that the encryption key was transmitted without error.
983
- # @option options [String] :request_payer
984
- # Confirms that the requester knows that they will be charged for the
985
- # request. Bucket owners need not specify this parameter in their
986
- # requests. If either the source or destination Amazon S3 bucket has
987
- # Requester Pays enabled, the requester will pay for corresponding
988
- # charges to copy the object. For information about downloading objects
989
- # from Requester Pays buckets, see [Downloading Objects in Requester
990
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
1558
+ # Specifies the algorithm to use when decrypting the object (for
1559
+ # example, `AES256`).
1560
+ #
1561
+ # If you encrypt an object by using server-side encryption with
1562
+ # customer-provided encryption keys (SSE-C) when you store the object in
1563
+ # Amazon S3, then when you GET the object, you must use the following
1564
+ # headers:
1565
+ #
1566
+ # * `x-amz-server-side-encryption-customer-algorithm`
1567
+ #
1568
+ # * `x-amz-server-side-encryption-customer-key`
1569
+ #
1570
+ # * `x-amz-server-side-encryption-customer-key-MD5`
1571
+ #
1572
+ # For more information about SSE-C, see [Server-Side Encryption (Using
1573
+ # Customer-Provided Encryption Keys)][1] in the *Amazon S3 User Guide*.
1574
+ #
1575
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1576
+ #
1577
+ # </note>
1578
+ #
1579
+ #
1580
+ #
1581
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html
1582
+ # @option options [String] :sse_customer_key
1583
+ # Specifies the customer-provided encryption key that you originally
1584
+ # provided for Amazon S3 to encrypt the data before storing it. This
1585
+ # value is used to decrypt the object when recovering it and must match
1586
+ # the one used when storing the data. The key must be appropriate for
1587
+ # use with the algorithm specified in the
1588
+ # `x-amz-server-side-encryption-customer-algorithm` header.
1589
+ #
1590
+ # If you encrypt an object by using server-side encryption with
1591
+ # customer-provided encryption keys (SSE-C) when you store the object in
1592
+ # Amazon S3, then when you GET the object, you must use the following
1593
+ # headers:
1594
+ #
1595
+ # * `x-amz-server-side-encryption-customer-algorithm`
1596
+ #
1597
+ # * `x-amz-server-side-encryption-customer-key`
1598
+ #
1599
+ # * `x-amz-server-side-encryption-customer-key-MD5`
1600
+ #
1601
+ # For more information about SSE-C, see [Server-Side Encryption (Using
1602
+ # Customer-Provided Encryption Keys)][1] in the *Amazon S3 User Guide*.
1603
+ #
1604
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1605
+ #
1606
+ # </note>
1607
+ #
1608
+ #
1609
+ #
1610
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html
1611
+ # @option options [String] :sse_customer_key_md5
1612
+ # Specifies the 128-bit MD5 digest of the customer-provided encryption
1613
+ # key according to RFC 1321. Amazon S3 uses this header for a message
1614
+ # integrity check to ensure that the encryption key was transmitted
1615
+ # without error.
1616
+ #
1617
+ # If you encrypt an object by using server-side encryption with
1618
+ # customer-provided encryption keys (SSE-C) when you store the object in
1619
+ # Amazon S3, then when you GET the object, you must use the following
1620
+ # headers:
1621
+ #
1622
+ # * `x-amz-server-side-encryption-customer-algorithm`
1623
+ #
1624
+ # * `x-amz-server-side-encryption-customer-key`
1625
+ #
1626
+ # * `x-amz-server-side-encryption-customer-key-MD5`
1627
+ #
1628
+ # For more information about SSE-C, see [Server-Side Encryption (Using
1629
+ # Customer-Provided Encryption Keys)][1] in the *Amazon S3 User Guide*.
1630
+ #
1631
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1632
+ #
1633
+ # </note>
1634
+ #
1635
+ #
1636
+ #
1637
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html
1638
+ # @option options [String] :request_payer
1639
+ # Confirms that the requester knows that they will be charged for the
1640
+ # request. Bucket owners need not specify this parameter in their
1641
+ # requests. If either the source or destination S3 bucket has Requester
1642
+ # Pays enabled, the requester will pay for corresponding charges to copy
1643
+ # the object. For information about downloading objects from Requester
1644
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1645
+ # in the *Amazon S3 User Guide*.
1646
+ #
1647
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1648
+ #
1649
+ # </note>
991
1650
  #
992
1651
  #
993
1652
  #
@@ -998,9 +1657,9 @@ module Aws::S3
998
1657
  # for the part specified. Useful for downloading just a part of an
999
1658
  # object.
1000
1659
  # @option options [String] :expected_bucket_owner
1001
- # The account ID of the expected bucket owner. If the bucket is owned by
1002
- # a different account, the request fails with the HTTP status code `403
1003
- # Forbidden` (access denied).
1660
+ # The account ID of the expected bucket owner. If the account ID that
1661
+ # you provide does not match the actual owner of the bucket, the request
1662
+ # fails with the HTTP status code `403 Forbidden` (access denied).
1004
1663
  # @option options [String] :checksum_mode
1005
1664
  # To retrieve the checksum, this mode must be enabled.
1006
1665
  # @return [Types::GetObjectOutput]
@@ -1033,7 +1692,7 @@ module Aws::S3
1033
1692
  # "MetadataKey" => "MetadataValue",
1034
1693
  # },
1035
1694
  # server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
1036
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
1695
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
1037
1696
  # website_redirect_location: "WebsiteRedirectLocation",
1038
1697
  # sse_customer_algorithm: "SSECustomerAlgorithm",
1039
1698
  # sse_customer_key: "SSECustomerKey",
@@ -1051,9 +1710,29 @@ module Aws::S3
1051
1710
  # })
1052
1711
  # @param [Hash] options ({})
1053
1712
  # @option options [String] :acl
1054
- # The canned ACL to apply to the object.
1713
+ # The canned ACL to apply to the object. Amazon S3 supports a set of
1714
+ # predefined ACLs, known as *canned ACLs*. Each canned ACL has a
1715
+ # predefined set of grantees and permissions. For more information, see
1716
+ # [Canned ACL][1] in the *Amazon S3 User Guide*.
1717
+ #
1718
+ # By default, all objects are private. Only the owner has full access
1719
+ # control. When uploading an object, you can grant access permissions to
1720
+ # individual Amazon Web Services accounts or to predefined groups
1721
+ # defined by Amazon S3. These permissions are then added to the access
1722
+ # control list (ACL) on the new object. For more information, see [Using
1723
+ # ACLs][2]. One way to grant the permissions using the request headers
1724
+ # is to specify a canned ACL with the `x-amz-acl` request header.
1725
+ #
1726
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
1727
+ #
1728
+ # * This functionality is not supported for Amazon S3 on Outposts.
1055
1729
  #
1056
- # This action is not supported by Amazon S3 on Outposts.
1730
+ # </note>
1731
+ #
1732
+ #
1733
+ #
1734
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
1735
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html
1057
1736
  # @option options [String] :cache_control
1058
1737
  # Specifies caching behavior along the request/reply chain.
1059
1738
  # @option options [String] :content_disposition
@@ -1062,41 +1741,292 @@ module Aws::S3
1062
1741
  # Specifies what content encodings have been applied to the object and
1063
1742
  # thus what decoding mechanisms must be applied to obtain the media-type
1064
1743
  # referenced by the Content-Type header field.
1744
+ #
1745
+ # <note markdown="1"> For directory buckets, only the `aws-chunked` value is supported in
1746
+ # this header field.
1747
+ #
1748
+ # </note>
1065
1749
  # @option options [String] :content_language
1066
- # The language the content is in.
1750
+ # The language that the content is in.
1067
1751
  # @option options [String] :content_type
1068
1752
  # A standard MIME type describing the format of the object data.
1069
1753
  # @option options [Time,DateTime,Date,Integer,String] :expires
1070
1754
  # The date and time at which the object is no longer cacheable.
1071
1755
  # @option options [String] :grant_full_control
1072
- # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
1073
- # object.
1756
+ # Specify access permissions explicitly to give the grantee READ,
1757
+ # READ\_ACP, and WRITE\_ACP permissions on the object.
1758
+ #
1759
+ # By default, all objects are private. Only the owner has full access
1760
+ # control. When uploading an object, you can use this header to
1761
+ # explicitly grant access permissions to specific Amazon Web Services
1762
+ # accounts or groups. This header maps to specific permissions that
1763
+ # Amazon S3 supports in an ACL. For more information, see [Access
1764
+ # Control List (ACL) Overview][1] in the *Amazon S3 User Guide*.
1765
+ #
1766
+ # You specify each grantee as a type=value pair, where the type is one
1767
+ # of the following:
1768
+ #
1769
+ # * `id` – if the value specified is the canonical user ID of an Amazon
1770
+ # Web Services account
1771
+ #
1772
+ # * `uri` – if you are granting permissions to a predefined group
1773
+ #
1774
+ # * `emailAddress` – if the value specified is the email address of an
1775
+ # Amazon Web Services account
1776
+ #
1777
+ # <note markdown="1"> Using email addresses to specify a grantee is only supported in the
1778
+ # following Amazon Web Services Regions:
1779
+ #
1780
+ # * US East (N. Virginia)
1781
+ #
1782
+ # * US West (N. California)
1783
+ #
1784
+ # * US West (Oregon)
1785
+ #
1786
+ # * Asia Pacific (Singapore)
1787
+ #
1788
+ # * Asia Pacific (Sydney)
1789
+ #
1790
+ # * Asia Pacific (Tokyo)
1074
1791
  #
1075
- # This action is not supported by Amazon S3 on Outposts.
1792
+ # * Europe (Ireland)
1793
+ #
1794
+ # * South America (São Paulo)
1795
+ #
1796
+ # For a list of all the Amazon S3 supported Regions and endpoints, see
1797
+ # [Regions and Endpoints][2] in the Amazon Web Services General
1798
+ # Reference.
1799
+ #
1800
+ # </note>
1801
+ #
1802
+ # For example, the following `x-amz-grant-read` header grants the Amazon
1803
+ # Web Services accounts identified by account IDs permissions to read
1804
+ # object data and its metadata:
1805
+ #
1806
+ # `x-amz-grant-read: id="11112222333", id="444455556666" `
1807
+ #
1808
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
1809
+ #
1810
+ # * This functionality is not supported for Amazon S3 on Outposts.
1811
+ #
1812
+ # </note>
1813
+ #
1814
+ #
1815
+ #
1816
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
1817
+ # [2]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
1076
1818
  # @option options [String] :grant_read
1077
- # Allows grantee to read the object data and its metadata.
1819
+ # Specify access permissions explicitly to allow grantee to read the
1820
+ # object data and its metadata.
1821
+ #
1822
+ # By default, all objects are private. Only the owner has full access
1823
+ # control. When uploading an object, you can use this header to
1824
+ # explicitly grant access permissions to specific Amazon Web Services
1825
+ # accounts or groups. This header maps to specific permissions that
1826
+ # Amazon S3 supports in an ACL. For more information, see [Access
1827
+ # Control List (ACL) Overview][1] in the *Amazon S3 User Guide*.
1828
+ #
1829
+ # You specify each grantee as a type=value pair, where the type is one
1830
+ # of the following:
1831
+ #
1832
+ # * `id` – if the value specified is the canonical user ID of an Amazon
1833
+ # Web Services account
1834
+ #
1835
+ # * `uri` – if you are granting permissions to a predefined group
1836
+ #
1837
+ # * `emailAddress` – if the value specified is the email address of an
1838
+ # Amazon Web Services account
1839
+ #
1840
+ # <note markdown="1"> Using email addresses to specify a grantee is only supported in the
1841
+ # following Amazon Web Services Regions:
1842
+ #
1843
+ # * US East (N. Virginia)
1844
+ #
1845
+ # * US West (N. California)
1846
+ #
1847
+ # * US West (Oregon)
1078
1848
  #
1079
- # This action is not supported by Amazon S3 on Outposts.
1849
+ # * Asia Pacific (Singapore)
1850
+ #
1851
+ # * Asia Pacific (Sydney)
1852
+ #
1853
+ # * Asia Pacific (Tokyo)
1854
+ #
1855
+ # * Europe (Ireland)
1856
+ #
1857
+ # * South America (São Paulo)
1858
+ #
1859
+ # For a list of all the Amazon S3 supported Regions and endpoints, see
1860
+ # [Regions and Endpoints][2] in the Amazon Web Services General
1861
+ # Reference.
1862
+ #
1863
+ # </note>
1864
+ #
1865
+ # For example, the following `x-amz-grant-read` header grants the Amazon
1866
+ # Web Services accounts identified by account IDs permissions to read
1867
+ # object data and its metadata:
1868
+ #
1869
+ # `x-amz-grant-read: id="11112222333", id="444455556666" `
1870
+ #
1871
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
1872
+ #
1873
+ # * This functionality is not supported for Amazon S3 on Outposts.
1874
+ #
1875
+ # </note>
1876
+ #
1877
+ #
1878
+ #
1879
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
1880
+ # [2]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
1080
1881
  # @option options [String] :grant_read_acp
1081
- # Allows grantee to read the object ACL.
1882
+ # Specify access permissions explicitly to allows grantee to read the
1883
+ # object ACL.
1884
+ #
1885
+ # By default, all objects are private. Only the owner has full access
1886
+ # control. When uploading an object, you can use this header to
1887
+ # explicitly grant access permissions to specific Amazon Web Services
1888
+ # accounts or groups. This header maps to specific permissions that
1889
+ # Amazon S3 supports in an ACL. For more information, see [Access
1890
+ # Control List (ACL) Overview][1] in the *Amazon S3 User Guide*.
1891
+ #
1892
+ # You specify each grantee as a type=value pair, where the type is one
1893
+ # of the following:
1894
+ #
1895
+ # * `id` – if the value specified is the canonical user ID of an Amazon
1896
+ # Web Services account
1897
+ #
1898
+ # * `uri` – if you are granting permissions to a predefined group
1899
+ #
1900
+ # * `emailAddress` – if the value specified is the email address of an
1901
+ # Amazon Web Services account
1902
+ #
1903
+ # <note markdown="1"> Using email addresses to specify a grantee is only supported in the
1904
+ # following Amazon Web Services Regions:
1082
1905
  #
1083
- # This action is not supported by Amazon S3 on Outposts.
1906
+ # * US East (N. Virginia)
1907
+ #
1908
+ # * US West (N. California)
1909
+ #
1910
+ # * US West (Oregon)
1911
+ #
1912
+ # * Asia Pacific (Singapore)
1913
+ #
1914
+ # * Asia Pacific (Sydney)
1915
+ #
1916
+ # * Asia Pacific (Tokyo)
1917
+ #
1918
+ # * Europe (Ireland)
1919
+ #
1920
+ # * South America (São Paulo)
1921
+ #
1922
+ # For a list of all the Amazon S3 supported Regions and endpoints, see
1923
+ # [Regions and Endpoints][2] in the Amazon Web Services General
1924
+ # Reference.
1925
+ #
1926
+ # </note>
1927
+ #
1928
+ # For example, the following `x-amz-grant-read` header grants the Amazon
1929
+ # Web Services accounts identified by account IDs permissions to read
1930
+ # object data and its metadata:
1931
+ #
1932
+ # `x-amz-grant-read: id="11112222333", id="444455556666" `
1933
+ #
1934
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
1935
+ #
1936
+ # * This functionality is not supported for Amazon S3 on Outposts.
1937
+ #
1938
+ # </note>
1939
+ #
1940
+ #
1941
+ #
1942
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
1943
+ # [2]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
1084
1944
  # @option options [String] :grant_write_acp
1085
- # Allows grantee to write the ACL for the applicable object.
1945
+ # Specify access permissions explicitly to allows grantee to allow
1946
+ # grantee to write the ACL for the applicable object.
1947
+ #
1948
+ # By default, all objects are private. Only the owner has full access
1949
+ # control. When uploading an object, you can use this header to
1950
+ # explicitly grant access permissions to specific Amazon Web Services
1951
+ # accounts or groups. This header maps to specific permissions that
1952
+ # Amazon S3 supports in an ACL. For more information, see [Access
1953
+ # Control List (ACL) Overview][1] in the *Amazon S3 User Guide*.
1954
+ #
1955
+ # You specify each grantee as a type=value pair, where the type is one
1956
+ # of the following:
1957
+ #
1958
+ # * `id` – if the value specified is the canonical user ID of an Amazon
1959
+ # Web Services account
1086
1960
  #
1087
- # This action is not supported by Amazon S3 on Outposts.
1961
+ # * `uri` if you are granting permissions to a predefined group
1962
+ #
1963
+ # * `emailAddress` – if the value specified is the email address of an
1964
+ # Amazon Web Services account
1965
+ #
1966
+ # <note markdown="1"> Using email addresses to specify a grantee is only supported in the
1967
+ # following Amazon Web Services Regions:
1968
+ #
1969
+ # * US East (N. Virginia)
1970
+ #
1971
+ # * US West (N. California)
1972
+ #
1973
+ # * US West (Oregon)
1974
+ #
1975
+ # * Asia Pacific (Singapore)
1976
+ #
1977
+ # * Asia Pacific (Sydney)
1978
+ #
1979
+ # * Asia Pacific (Tokyo)
1980
+ #
1981
+ # * Europe (Ireland)
1982
+ #
1983
+ # * South America (São Paulo)
1984
+ #
1985
+ # For a list of all the Amazon S3 supported Regions and endpoints, see
1986
+ # [Regions and Endpoints][2] in the Amazon Web Services General
1987
+ # Reference.
1988
+ #
1989
+ # </note>
1990
+ #
1991
+ # For example, the following `x-amz-grant-read` header grants the Amazon
1992
+ # Web Services accounts identified by account IDs permissions to read
1993
+ # object data and its metadata:
1994
+ #
1995
+ # `x-amz-grant-read: id="11112222333", id="444455556666" `
1996
+ #
1997
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
1998
+ #
1999
+ # * This functionality is not supported for Amazon S3 on Outposts.
2000
+ #
2001
+ # </note>
2002
+ #
2003
+ #
2004
+ #
2005
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
2006
+ # [2]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
1088
2007
  # @option options [Hash<String,String>] :metadata
1089
2008
  # A map of metadata to store with the object in S3.
1090
2009
  # @option options [String] :server_side_encryption
1091
- # The server-side encryption algorithm used when storing this object in
1092
- # Amazon S3 (for example, `AES256`, `aws:kms`).
2010
+ # The server-side encryption algorithm used when you store this object
2011
+ # in Amazon S3 (for example, `AES256`, `aws:kms`).
2012
+ #
2013
+ # <note markdown="1"> For directory buckets, only server-side encryption with Amazon S3
2014
+ # managed keys (SSE-S3) (`AES256`) is supported.
2015
+ #
2016
+ # </note>
1093
2017
  # @option options [String] :storage_class
1094
2018
  # By default, Amazon S3 uses the STANDARD Storage Class to store newly
1095
2019
  # created objects. The STANDARD storage class provides high durability
1096
2020
  # and high availability. Depending on performance needs, you can specify
1097
- # a different Storage Class. Amazon S3 on Outposts only uses the
1098
- # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
1099
- # in the *Amazon S3 User Guide*.
2021
+ # a different Storage Class. For more information, see [Storage
2022
+ # Classes][1] in the *Amazon S3 User Guide*.
2023
+ #
2024
+ # <note markdown="1"> * For directory buckets, only the S3 Express One Zone storage class is
2025
+ # supported to store newly created objects.
2026
+ #
2027
+ # * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
2028
+ #
2029
+ # </note>
1100
2030
  #
1101
2031
  #
1102
2032
  #
@@ -1105,35 +2035,51 @@ module Aws::S3
1105
2035
  # If the bucket is configured as a website, redirects requests for this
1106
2036
  # object to another object in the same bucket or to an external URL.
1107
2037
  # Amazon S3 stores the value of this header in the object metadata.
2038
+ #
2039
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2040
+ #
2041
+ # </note>
1108
2042
  # @option options [String] :sse_customer_algorithm
1109
- # Specifies the algorithm to use to when encrypting the object (for
2043
+ # Specifies the algorithm to use when encrypting the object (for
1110
2044
  # example, AES256).
2045
+ #
2046
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2047
+ #
2048
+ # </note>
1111
2049
  # @option options [String] :sse_customer_key
1112
2050
  # Specifies the customer-provided encryption key for Amazon S3 to use in
1113
2051
  # encrypting data. This value is used to store the object and then it is
1114
2052
  # discarded; Amazon S3 does not store the encryption key. The key must
1115
2053
  # be appropriate for use with the algorithm specified in the
1116
2054
  # `x-amz-server-side-encryption-customer-algorithm` header.
2055
+ #
2056
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2057
+ #
2058
+ # </note>
1117
2059
  # @option options [String] :sse_customer_key_md5
1118
- # Specifies the 128-bit MD5 digest of the encryption key according to
1119
- # RFC 1321. Amazon S3 uses this header for a message integrity check to
1120
- # ensure that the encryption key was transmitted without error.
2060
+ # Specifies the 128-bit MD5 digest of the customer-provided encryption
2061
+ # key according to RFC 1321. Amazon S3 uses this header for a message
2062
+ # integrity check to ensure that the encryption key was transmitted
2063
+ # without error.
2064
+ #
2065
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2066
+ #
2067
+ # </note>
1121
2068
  # @option options [String] :ssekms_key_id
1122
2069
  # Specifies the ID (Key ID, Key ARN, or Key Alias) of the symmetric
1123
- # encryption customer managed key to use for object encryption. All GET
1124
- # and PUT requests for an object protected by KMS will fail if they're
1125
- # not made via SSL or using SigV4. For information about configuring any
1126
- # of the officially supported Amazon Web Services SDKs and Amazon Web
1127
- # Services CLI, see [Specifying the Signature Version in Request
1128
- # Authentication][1] in the *Amazon S3 User Guide*.
2070
+ # encryption customer managed key to use for object encryption.
1129
2071
  #
2072
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1130
2073
  #
1131
- #
1132
- # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
2074
+ # </note>
1133
2075
  # @option options [String] :ssekms_encryption_context
1134
2076
  # Specifies the Amazon Web Services KMS Encryption Context to use for
1135
2077
  # object encryption. The value of this header is a base64-encoded UTF-8
1136
2078
  # string holding JSON with the encryption context key-value pairs.
2079
+ #
2080
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2081
+ #
2082
+ # </note>
1137
2083
  # @option options [Boolean] :bucket_key_enabled
1138
2084
  # Specifies whether Amazon S3 should use an S3 Bucket Key for object
1139
2085
  # encryption with server-side encryption using Key Management Service
@@ -1142,14 +2088,22 @@ module Aws::S3
1142
2088
  #
1143
2089
  # Specifying this header with an object action doesn’t affect
1144
2090
  # bucket-level settings for S3 Bucket Key.
2091
+ #
2092
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2093
+ #
2094
+ # </note>
1145
2095
  # @option options [String] :request_payer
1146
2096
  # Confirms that the requester knows that they will be charged for the
1147
2097
  # request. Bucket owners need not specify this parameter in their
1148
- # requests. If either the source or destination Amazon S3 bucket has
1149
- # Requester Pays enabled, the requester will pay for corresponding
1150
- # charges to copy the object. For information about downloading objects
1151
- # from Requester Pays buckets, see [Downloading Objects in Requester
1152
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
2098
+ # requests. If either the source or destination S3 bucket has Requester
2099
+ # Pays enabled, the requester will pay for corresponding charges to copy
2100
+ # the object. For information about downloading objects from Requester
2101
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
2102
+ # in the *Amazon S3 User Guide*.
2103
+ #
2104
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2105
+ #
2106
+ # </note>
1153
2107
  #
1154
2108
  #
1155
2109
  #
@@ -1157,20 +2111,36 @@ module Aws::S3
1157
2111
  # @option options [String] :tagging
1158
2112
  # The tag-set for the object. The tag-set must be encoded as URL Query
1159
2113
  # parameters.
2114
+ #
2115
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2116
+ #
2117
+ # </note>
1160
2118
  # @option options [String] :object_lock_mode
1161
2119
  # Specifies the Object Lock mode that you want to apply to the uploaded
1162
2120
  # object.
2121
+ #
2122
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2123
+ #
2124
+ # </note>
1163
2125
  # @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
1164
2126
  # Specifies the date and time when you want the Object Lock to expire.
2127
+ #
2128
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2129
+ #
2130
+ # </note>
1165
2131
  # @option options [String] :object_lock_legal_hold_status
1166
2132
  # Specifies whether you want to apply a legal hold to the uploaded
1167
2133
  # object.
2134
+ #
2135
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2136
+ #
2137
+ # </note>
1168
2138
  # @option options [String] :expected_bucket_owner
1169
- # The account ID of the expected bucket owner. If the bucket is owned by
1170
- # a different account, the request fails with the HTTP status code `403
1171
- # Forbidden` (access denied).
2139
+ # The account ID of the expected bucket owner. If the account ID that
2140
+ # you provide does not match the actual owner of the bucket, the request
2141
+ # fails with the HTTP status code `403 Forbidden` (access denied).
1172
2142
  # @option options [String] :checksum_algorithm
1173
- # Indicates the algorithm you want Amazon S3 to use to create the
2143
+ # Indicates the algorithm that you want Amazon S3 to use to create the
1174
2144
  # checksum for the object. For more information, see [Checking object
1175
2145
  # integrity][1] in the *Amazon S3 User Guide*.
1176
2146
  #
@@ -1220,7 +2190,7 @@ module Aws::S3
1220
2190
  # "MetadataKey" => "MetadataValue",
1221
2191
  # },
1222
2192
  # server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
1223
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
2193
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
1224
2194
  # website_redirect_location: "WebsiteRedirectLocation",
1225
2195
  # sse_customer_algorithm: "SSECustomerAlgorithm",
1226
2196
  # sse_customer_key: "SSECustomerKey",
@@ -1238,13 +2208,41 @@ module Aws::S3
1238
2208
  # @param [Hash] options ({})
1239
2209
  # @option options [String] :acl
1240
2210
  # The canned ACL to apply to the object. For more information, see
1241
- # [Canned ACL][1].
2211
+ # [Canned ACL][1] in the *Amazon S3 User Guide*.
2212
+ #
2213
+ # When adding a new object, you can use headers to grant ACL-based
2214
+ # permissions to individual Amazon Web Services accounts or to
2215
+ # predefined groups defined by Amazon S3. These permissions are then
2216
+ # added to the ACL on the object. By default, all objects are private.
2217
+ # Only the owner has full access control. For more information, see
2218
+ # [Access Control List (ACL) Overview][2] and [Managing ACLs Using the
2219
+ # REST API][3] in the *Amazon S3 User Guide*.
2220
+ #
2221
+ # If the bucket that you're uploading objects to uses the bucket owner
2222
+ # enforced setting for S3 Object Ownership, ACLs are disabled and no
2223
+ # longer affect permissions. Buckets that use this setting only accept
2224
+ # PUT requests that don't specify an ACL or PUT requests that specify
2225
+ # bucket owner full control ACLs, such as the
2226
+ # `bucket-owner-full-control` canned ACL or an equivalent form of this
2227
+ # ACL expressed in the XML format. PUT requests that contain other ACLs
2228
+ # (for example, custom grants to certain Amazon Web Services accounts)
2229
+ # fail and return a `400` error with the error code
2230
+ # `AccessControlListNotSupported`. For more information, see [
2231
+ # Controlling ownership of objects and disabling ACLs][4] in the *Amazon
2232
+ # S3 User Guide*.
2233
+ #
2234
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
2235
+ #
2236
+ # * This functionality is not supported for Amazon S3 on Outposts.
1242
2237
  #
1243
- # This action is not supported by Amazon S3 on Outposts.
2238
+ # </note>
1244
2239
  #
1245
2240
  #
1246
2241
  #
1247
2242
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
2243
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
2244
+ # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html
2245
+ # [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
1248
2246
  # @option options [String, StringIO, File] :body
1249
2247
  # Object data.
1250
2248
  # @option options [String] :cache_control
@@ -1291,9 +2289,21 @@ module Aws::S3
1291
2289
  # information about REST request authentication, see [REST
1292
2290
  # Authentication][1].
1293
2291
  #
2292
+ # <note markdown="1"> The `Content-MD5` header is required for any request to upload an
2293
+ # object with a retention period configured using Amazon S3 Object Lock.
2294
+ # For more information about Amazon S3 Object Lock, see [Amazon S3
2295
+ # Object Lock Overview][2] in the *Amazon S3 User Guide*.
2296
+ #
2297
+ # </note>
2298
+ #
2299
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2300
+ #
2301
+ # </note>
2302
+ #
1294
2303
  #
1295
2304
  #
1296
2305
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html
2306
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html
1297
2307
  # @option options [String] :content_type
1298
2308
  # A standard MIME type describing the format of the contents. For more
1299
2309
  # information, see
@@ -1304,15 +2314,36 @@ module Aws::S3
1304
2314
  # [1]: https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type
1305
2315
  # @option options [String] :checksum_algorithm
1306
2316
  # Indicates the algorithm used to create the checksum for the object
1307
- # when using the SDK. This header will not provide any additional
1308
- # functionality if not using the SDK. When sending this header, there
1309
- # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
1310
- # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
1311
- # `400 Bad Request`. For more information, see [Checking object
1312
- # integrity][1] in the *Amazon S3 User Guide*.
2317
+ # when you use the SDK. This header will not provide any additional
2318
+ # functionality if you don't use the SDK. When you send this header,
2319
+ # there must be a corresponding `x-amz-checksum-algorithm ` or
2320
+ # `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request
2321
+ # with the HTTP status code `400 Bad Request`.
1313
2322
  #
1314
- # If you provide an individual checksum, Amazon S3 ignores any provided
1315
- # `ChecksumAlgorithm` parameter.
2323
+ # For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with
2324
+ # the supported algorithm from the following list:
2325
+ #
2326
+ # * CRC32
2327
+ #
2328
+ # * CRC32C
2329
+ #
2330
+ # * SHA1
2331
+ #
2332
+ # * SHA256
2333
+ #
2334
+ # For more information, see [Checking object integrity][1] in the
2335
+ # *Amazon S3 User Guide*.
2336
+ #
2337
+ # If the individual checksum value you provide through
2338
+ # `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
2339
+ # set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
2340
+ # provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
2341
+ # that matches the provided value in `x-amz-checksum-algorithm `.
2342
+ #
2343
+ # <note markdown="1"> For directory buckets, when you use Amazon Web Services SDKs, `CRC32`
2344
+ # is the default checksum algorithm that's used for performance.
2345
+ #
2346
+ # </note>
1316
2347
  #
1317
2348
  #
1318
2349
  #
@@ -1369,31 +2400,74 @@ module Aws::S3
1369
2400
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
1370
2401
  # object.
1371
2402
  #
1372
- # This action is not supported by Amazon S3 on Outposts.
2403
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
2404
+ #
2405
+ # * This functionality is not supported for Amazon S3 on Outposts.
2406
+ #
2407
+ # </note>
1373
2408
  # @option options [String] :grant_read
1374
2409
  # Allows grantee to read the object data and its metadata.
1375
2410
  #
1376
- # This action is not supported by Amazon S3 on Outposts.
2411
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
2412
+ #
2413
+ # * This functionality is not supported for Amazon S3 on Outposts.
2414
+ #
2415
+ # </note>
1377
2416
  # @option options [String] :grant_read_acp
1378
2417
  # Allows grantee to read the object ACL.
1379
2418
  #
1380
- # This action is not supported by Amazon S3 on Outposts.
2419
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
2420
+ #
2421
+ # * This functionality is not supported for Amazon S3 on Outposts.
2422
+ #
2423
+ # </note>
1381
2424
  # @option options [String] :grant_write_acp
1382
2425
  # Allows grantee to write the ACL for the applicable object.
1383
2426
  #
1384
- # This action is not supported by Amazon S3 on Outposts.
2427
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
2428
+ #
2429
+ # * This functionality is not supported for Amazon S3 on Outposts.
2430
+ #
2431
+ # </note>
1385
2432
  # @option options [Hash<String,String>] :metadata
1386
2433
  # A map of metadata to store with the object in S3.
1387
2434
  # @option options [String] :server_side_encryption
1388
- # The server-side encryption algorithm used when storing this object in
1389
- # Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
2435
+ # The server-side encryption algorithm that was used when you store this
2436
+ # object in Amazon S3 (for example, `AES256`, `aws:kms`,
2437
+ # `aws:kms:dsse`).
2438
+ #
2439
+ # <b>General purpose buckets </b> - You have four mutually exclusive
2440
+ # options to protect data using server-side encryption in Amazon S3,
2441
+ # depending on how you choose to manage the encryption keys.
2442
+ # Specifically, the encryption key options are Amazon S3 managed keys
2443
+ # (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), and
2444
+ # customer-provided keys (SSE-C). Amazon S3 encrypts data with
2445
+ # server-side encryption by using Amazon S3 managed keys (SSE-S3) by
2446
+ # default. You can optionally tell Amazon S3 to encrypt data at rest by
2447
+ # using server-side encryption with other key options. For more
2448
+ # information, see [Using Server-Side Encryption][1] in the *Amazon S3
2449
+ # User Guide*.
2450
+ #
2451
+ # <b>Directory buckets </b> - For directory buckets, only the
2452
+ # server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`)
2453
+ # value is supported.
2454
+ #
2455
+ #
2456
+ #
2457
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
1390
2458
  # @option options [String] :storage_class
1391
2459
  # By default, Amazon S3 uses the STANDARD Storage Class to store newly
1392
2460
  # created objects. The STANDARD storage class provides high durability
1393
2461
  # and high availability. Depending on performance needs, you can specify
1394
- # a different Storage Class. Amazon S3 on Outposts only uses the
1395
- # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
1396
- # in the *Amazon S3 User Guide*.
2462
+ # a different Storage Class. For more information, see [Storage
2463
+ # Classes][1] in the *Amazon S3 User Guide*.
2464
+ #
2465
+ # <note markdown="1"> * For directory buckets, only the S3 Express One Zone storage class is
2466
+ # supported to store newly created objects.
2467
+ #
2468
+ # * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
2469
+ #
2470
+ # </note>
1397
2471
  #
1398
2472
  #
1399
2473
  #
@@ -1402,7 +2476,8 @@ module Aws::S3
1402
2476
  # If the bucket is configured as a website, redirects requests for this
1403
2477
  # object to another object in the same bucket or to an external URL.
1404
2478
  # Amazon S3 stores the value of this header in the object metadata. For
1405
- # information about object metadata, see [Object Key and Metadata][1].
2479
+ # information about object metadata, see [Object Key and Metadata][1] in
2480
+ # the *Amazon S3 User Guide*.
1406
2481
  #
1407
2482
  # In the following example, the request header sets the redirect to an
1408
2483
  # object (anotherPage.html) in the same bucket:
@@ -1416,7 +2491,11 @@ module Aws::S3
1416
2491
  #
1417
2492
  # For more information about website hosting in Amazon S3, see [Hosting
1418
2493
  # Websites on Amazon S3][2] and [How to Configure Website Page
1419
- # Redirects][3].
2494
+ # Redirects][3] in the *Amazon S3 User Guide*.
2495
+ #
2496
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2497
+ #
2498
+ # </note>
1420
2499
  #
1421
2500
  #
1422
2501
  #
@@ -1424,18 +2503,30 @@ module Aws::S3
1424
2503
  # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html
1425
2504
  # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html
1426
2505
  # @option options [String] :sse_customer_algorithm
1427
- # Specifies the algorithm to use to when encrypting the object (for
1428
- # example, AES256).
2506
+ # Specifies the algorithm to use when encrypting the object (for
2507
+ # example, `AES256`).
2508
+ #
2509
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2510
+ #
2511
+ # </note>
1429
2512
  # @option options [String] :sse_customer_key
1430
2513
  # Specifies the customer-provided encryption key for Amazon S3 to use in
1431
2514
  # encrypting data. This value is used to store the object and then it is
1432
2515
  # discarded; Amazon S3 does not store the encryption key. The key must
1433
2516
  # be appropriate for use with the algorithm specified in the
1434
2517
  # `x-amz-server-side-encryption-customer-algorithm` header.
2518
+ #
2519
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2520
+ #
2521
+ # </note>
1435
2522
  # @option options [String] :sse_customer_key_md5
1436
2523
  # Specifies the 128-bit MD5 digest of the encryption key according to
1437
2524
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
1438
2525
  # ensure that the encryption key was transmitted without error.
2526
+ #
2527
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2528
+ #
2529
+ # </note>
1439
2530
  # @option options [String] :ssekms_key_id
1440
2531
  # If `x-amz-server-side-encryption` has a valid value of `aws:kms` or
1441
2532
  # `aws:kms:dsse`, this header specifies the ID (Key ID, Key ARN, or Key
@@ -1447,13 +2538,22 @@ module Aws::S3
1447
2538
  # Amazon Web Services managed key (`aws/s3`) to protect the data. If the
1448
2539
  # KMS key does not exist in the same account that's issuing the
1449
2540
  # command, you must use the full ARN and not just the ID.
2541
+ #
2542
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2543
+ #
2544
+ # </note>
1450
2545
  # @option options [String] :ssekms_encryption_context
1451
2546
  # Specifies the Amazon Web Services KMS Encryption Context to use for
1452
2547
  # object encryption. The value of this header is a base64-encoded UTF-8
1453
2548
  # string holding JSON with the encryption context key-value pairs. This
1454
2549
  # value is stored as object metadata and automatically gets passed on to
1455
2550
  # Amazon Web Services KMS for future `GetObject` or `CopyObject`
1456
- # operations on this object.
2551
+ # operations on this object. This value must be explicitly added during
2552
+ # `CopyObject` operations.
2553
+ #
2554
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2555
+ #
2556
+ # </note>
1457
2557
  # @option options [Boolean] :bucket_key_enabled
1458
2558
  # Specifies whether Amazon S3 should use an S3 Bucket Key for object
1459
2559
  # encryption with server-side encryption using Key Management Service
@@ -1462,14 +2562,22 @@ module Aws::S3
1462
2562
  #
1463
2563
  # Specifying this header with a PUT action doesn’t affect bucket-level
1464
2564
  # settings for S3 Bucket Key.
2565
+ #
2566
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2567
+ #
2568
+ # </note>
1465
2569
  # @option options [String] :request_payer
1466
2570
  # Confirms that the requester knows that they will be charged for the
1467
2571
  # request. Bucket owners need not specify this parameter in their
1468
- # requests. If either the source or destination Amazon S3 bucket has
1469
- # Requester Pays enabled, the requester will pay for corresponding
1470
- # charges to copy the object. For information about downloading objects
1471
- # from Requester Pays buckets, see [Downloading Objects in Requester
1472
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
2572
+ # requests. If either the source or destination S3 bucket has Requester
2573
+ # Pays enabled, the requester will pay for corresponding charges to copy
2574
+ # the object. For information about downloading objects from Requester
2575
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
2576
+ # in the *Amazon S3 User Guide*.
2577
+ #
2578
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2579
+ #
2580
+ # </note>
1473
2581
  #
1474
2582
  #
1475
2583
  #
@@ -1477,22 +2585,39 @@ module Aws::S3
1477
2585
  # @option options [String] :tagging
1478
2586
  # The tag-set for the object. The tag-set must be encoded as URL Query
1479
2587
  # parameters. (For example, "Key1=Value1")
2588
+ #
2589
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2590
+ #
2591
+ # </note>
1480
2592
  # @option options [String] :object_lock_mode
1481
2593
  # The Object Lock mode that you want to apply to this object.
2594
+ #
2595
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2596
+ #
2597
+ # </note>
1482
2598
  # @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
1483
2599
  # The date and time when you want this object's Object Lock to expire.
1484
2600
  # Must be formatted as a timestamp parameter.
2601
+ #
2602
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2603
+ #
2604
+ # </note>
1485
2605
  # @option options [String] :object_lock_legal_hold_status
1486
2606
  # Specifies whether a legal hold will be applied to this object. For
1487
- # more information about S3 Object Lock, see [Object Lock][1].
2607
+ # more information about S3 Object Lock, see [Object Lock][1] in the
2608
+ # *Amazon S3 User Guide*.
2609
+ #
2610
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2611
+ #
2612
+ # </note>
1488
2613
  #
1489
2614
  #
1490
2615
  #
1491
2616
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
1492
2617
  # @option options [String] :expected_bucket_owner
1493
- # The account ID of the expected bucket owner. If the bucket is owned by
1494
- # a different account, the request fails with the HTTP status code `403
1495
- # Forbidden` (access denied).
2618
+ # The account ID of the expected bucket owner. If the account ID that
2619
+ # you provide does not match the actual owner of the bucket, the request
2620
+ # fails with the HTTP status code `403 Forbidden` (access denied).
1496
2621
  # @return [Types::PutObjectOutput]
1497
2622
  def put(options = {})
1498
2623
  options = options.merge(
@@ -1586,7 +2711,7 @@ module Aws::S3
1586
2711
  # value: "MetadataValue",
1587
2712
  # },
1588
2713
  # ],
1589
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
2714
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
1590
2715
  # },
1591
2716
  # },
1592
2717
  # },
@@ -1602,23 +2727,27 @@ module Aws::S3
1602
2727
  # @option options [String] :request_payer
1603
2728
  # Confirms that the requester knows that they will be charged for the
1604
2729
  # request. Bucket owners need not specify this parameter in their
1605
- # requests. If either the source or destination Amazon S3 bucket has
1606
- # Requester Pays enabled, the requester will pay for corresponding
1607
- # charges to copy the object. For information about downloading objects
1608
- # from Requester Pays buckets, see [Downloading Objects in Requester
1609
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
2730
+ # requests. If either the source or destination S3 bucket has Requester
2731
+ # Pays enabled, the requester will pay for corresponding charges to copy
2732
+ # the object. For information about downloading objects from Requester
2733
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
2734
+ # in the *Amazon S3 User Guide*.
2735
+ #
2736
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2737
+ #
2738
+ # </note>
1610
2739
  #
1611
2740
  #
1612
2741
  #
1613
2742
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1614
2743
  # @option options [String] :checksum_algorithm
1615
2744
  # Indicates the algorithm used to create the checksum for the object
1616
- # when using the SDK. This header will not provide any additional
1617
- # functionality if not using the SDK. When sending this header, there
1618
- # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
1619
- # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
1620
- # `400 Bad Request`. For more information, see [Checking object
1621
- # integrity][1] in the *Amazon S3 User Guide*.
2745
+ # when you use the SDK. This header will not provide any additional
2746
+ # functionality if you don't use the SDK. When you send this header,
2747
+ # there must be a corresponding `x-amz-checksum` or `x-amz-trailer`
2748
+ # header sent. Otherwise, Amazon S3 fails the request with the HTTP
2749
+ # status code `400 Bad Request`. For more information, see [Checking
2750
+ # object integrity][1] in the *Amazon S3 User Guide*.
1622
2751
  #
1623
2752
  # If you provide an individual checksum, Amazon S3 ignores any provided
1624
2753
  # `ChecksumAlgorithm` parameter.
@@ -1627,9 +2756,9 @@ module Aws::S3
1627
2756
  #
1628
2757
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
1629
2758
  # @option options [String] :expected_bucket_owner
1630
- # The account ID of the expected bucket owner. If the bucket is owned by
1631
- # a different account, the request fails with the HTTP status code `403
1632
- # Forbidden` (access denied).
2759
+ # The account ID of the expected bucket owner. If the account ID that
2760
+ # you provide does not match the actual owner of the bucket, the request
2761
+ # fails with the HTTP status code `403 Forbidden` (access denied).
1633
2762
  # @return [Types::RestoreObjectOutput]
1634
2763
  def restore_object(options = {})
1635
2764
  options = options.merge(
@@ -1663,43 +2792,124 @@ module Aws::S3
1663
2792
  # @option options [String] :if_match
1664
2793
  # Return the object only if its entity tag (ETag) is the same as the one
1665
2794
  # specified; otherwise, return a 412 (precondition failed) error.
2795
+ #
2796
+ # If both of the `If-Match` and `If-Unmodified-Since` headers are
2797
+ # present in the request as follows:
2798
+ #
2799
+ # * `If-Match` condition evaluates to `true`, and;
2800
+ #
2801
+ # * `If-Unmodified-Since` condition evaluates to `false`;
2802
+ #
2803
+ # Then Amazon S3 returns `200 OK` and the data requested.
2804
+ #
2805
+ # For more information about conditional requests, see [RFC 7232][1].
2806
+ #
2807
+ #
2808
+ #
2809
+ # [1]: https://tools.ietf.org/html/rfc7232
1666
2810
  # @option options [Time,DateTime,Date,Integer,String] :if_modified_since
1667
2811
  # Return the object only if it has been modified since the specified
1668
2812
  # time; otherwise, return a 304 (not modified) error.
2813
+ #
2814
+ # If both of the `If-None-Match` and `If-Modified-Since` headers are
2815
+ # present in the request as follows:
2816
+ #
2817
+ # * `If-None-Match` condition evaluates to `false`, and;
2818
+ #
2819
+ # * `If-Modified-Since` condition evaluates to `true`;
2820
+ #
2821
+ # Then Amazon S3 returns the `304 Not Modified` response code.
2822
+ #
2823
+ # For more information about conditional requests, see [RFC 7232][1].
2824
+ #
2825
+ #
2826
+ #
2827
+ # [1]: https://tools.ietf.org/html/rfc7232
1669
2828
  # @option options [String] :if_none_match
1670
2829
  # Return the object only if its entity tag (ETag) is different from the
1671
2830
  # one specified; otherwise, return a 304 (not modified) error.
2831
+ #
2832
+ # If both of the `If-None-Match` and `If-Modified-Since` headers are
2833
+ # present in the request as follows:
2834
+ #
2835
+ # * `If-None-Match` condition evaluates to `false`, and;
2836
+ #
2837
+ # * `If-Modified-Since` condition evaluates to `true`;
2838
+ #
2839
+ # Then Amazon S3 returns the `304 Not Modified` response code.
2840
+ #
2841
+ # For more information about conditional requests, see [RFC 7232][1].
2842
+ #
2843
+ #
2844
+ #
2845
+ # [1]: https://tools.ietf.org/html/rfc7232
1672
2846
  # @option options [Time,DateTime,Date,Integer,String] :if_unmodified_since
1673
2847
  # Return the object only if it has not been modified since the specified
1674
2848
  # time; otherwise, return a 412 (precondition failed) error.
2849
+ #
2850
+ # If both of the `If-Match` and `If-Unmodified-Since` headers are
2851
+ # present in the request as follows:
2852
+ #
2853
+ # * `If-Match` condition evaluates to `true`, and;
2854
+ #
2855
+ # * `If-Unmodified-Since` condition evaluates to `false`;
2856
+ #
2857
+ # Then Amazon S3 returns `200 OK` and the data requested.
2858
+ #
2859
+ # For more information about conditional requests, see [RFC 7232][1].
2860
+ #
2861
+ #
2862
+ #
2863
+ # [1]: https://tools.ietf.org/html/rfc7232
1675
2864
  # @option options [String] :range
1676
2865
  # HeadObject returns only the metadata for an object. If the Range is
1677
2866
  # satisfiable, only the `ContentLength` is affected in the response. If
1678
2867
  # the Range is not satisfiable, S3 returns a `416 - Requested Range Not
1679
2868
  # Satisfiable` error.
1680
2869
  # @option options [String] :version_id
1681
- # VersionId used to reference a specific version of the object.
2870
+ # Version ID used to reference a specific version of the object.
2871
+ #
2872
+ # <note markdown="1"> For directory buckets in this API operation, only the `null` value of
2873
+ # the version ID is supported.
2874
+ #
2875
+ # </note>
1682
2876
  # @option options [String] :sse_customer_algorithm
1683
- # Specifies the algorithm to use to when encrypting the object (for
2877
+ # Specifies the algorithm to use when encrypting the object (for
1684
2878
  # example, AES256).
2879
+ #
2880
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2881
+ #
2882
+ # </note>
1685
2883
  # @option options [String] :sse_customer_key
1686
2884
  # Specifies the customer-provided encryption key for Amazon S3 to use in
1687
2885
  # encrypting data. This value is used to store the object and then it is
1688
2886
  # discarded; Amazon S3 does not store the encryption key. The key must
1689
2887
  # be appropriate for use with the algorithm specified in the
1690
2888
  # `x-amz-server-side-encryption-customer-algorithm` header.
2889
+ #
2890
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2891
+ #
2892
+ # </note>
1691
2893
  # @option options [String] :sse_customer_key_md5
1692
2894
  # Specifies the 128-bit MD5 digest of the encryption key according to
1693
2895
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
1694
2896
  # ensure that the encryption key was transmitted without error.
2897
+ #
2898
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2899
+ #
2900
+ # </note>
1695
2901
  # @option options [String] :request_payer
1696
2902
  # Confirms that the requester knows that they will be charged for the
1697
2903
  # request. Bucket owners need not specify this parameter in their
1698
- # requests. If either the source or destination Amazon S3 bucket has
1699
- # Requester Pays enabled, the requester will pay for corresponding
1700
- # charges to copy the object. For information about downloading objects
1701
- # from Requester Pays buckets, see [Downloading Objects in Requester
1702
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
2904
+ # requests. If either the source or destination S3 bucket has Requester
2905
+ # Pays enabled, the requester will pay for corresponding charges to copy
2906
+ # the object. For information about downloading objects from Requester
2907
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
2908
+ # in the *Amazon S3 User Guide*.
2909
+ #
2910
+ # <note markdown="1"> This functionality is not supported for directory buckets.
2911
+ #
2912
+ # </note>
1703
2913
  #
1704
2914
  #
1705
2915
  #
@@ -1710,9 +2920,9 @@ module Aws::S3
1710
2920
  # for the part specified. Useful querying about the size of the part and
1711
2921
  # the number of parts in this object.
1712
2922
  # @option options [String] :expected_bucket_owner
1713
- # The account ID of the expected bucket owner. If the bucket is owned by
1714
- # a different account, the request fails with the HTTP status code `403
1715
- # Forbidden` (access denied).
2923
+ # The account ID of the expected bucket owner. If the account ID that
2924
+ # you provide does not match the actual owner of the bucket, the request
2925
+ # fails with the HTTP status code `403 Forbidden` (access denied).
1716
2926
  # @option options [String] :checksum_mode
1717
2927
  # To retrieve the checksum, this parameter must be enabled.
1718
2928
  #
@@ -1853,14 +3063,35 @@ module Aws::S3
1853
3063
  # space, and the value that is displayed on your authentication device.
1854
3064
  # Required to permanently delete a versioned object if versioning is
1855
3065
  # configured with MFA delete enabled.
3066
+ #
3067
+ # When performing the `DeleteObjects` operation on an MFA delete enabled
3068
+ # bucket, which attempts to delete the specified versioned objects, you
3069
+ # must include an MFA token. If you don't provide an MFA token, the
3070
+ # entire request will fail, even if there are non-versioned objects that
3071
+ # you are trying to delete. If you provide an invalid token, whether
3072
+ # there are versioned object keys in the request or not, the entire
3073
+ # Multi-Object Delete request will fail. For information about MFA
3074
+ # Delete, see [ MFA Delete][1] in the *Amazon S3 User Guide*.
3075
+ #
3076
+ # <note markdown="1"> This functionality is not supported for directory buckets.
3077
+ #
3078
+ # </note>
3079
+ #
3080
+ #
3081
+ #
3082
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete
1856
3083
  # @option options [String] :request_payer
1857
3084
  # Confirms that the requester knows that they will be charged for the
1858
3085
  # request. Bucket owners need not specify this parameter in their
1859
- # requests. If either the source or destination Amazon S3 bucket has
1860
- # Requester Pays enabled, the requester will pay for corresponding
1861
- # charges to copy the object. For information about downloading objects
1862
- # from Requester Pays buckets, see [Downloading Objects in Requester
1863
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
3086
+ # requests. If either the source or destination S3 bucket has Requester
3087
+ # Pays enabled, the requester will pay for corresponding charges to copy
3088
+ # the object. For information about downloading objects from Requester
3089
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
3090
+ # in the *Amazon S3 User Guide*.
3091
+ #
3092
+ # <note markdown="1"> This functionality is not supported for directory buckets.
3093
+ #
3094
+ # </note>
1864
3095
  #
1865
3096
  #
1866
3097
  #
@@ -1869,25 +3100,45 @@ module Aws::S3
1869
3100
  # Specifies whether you want to delete this object even if it has a
1870
3101
  # Governance-type Object Lock in place. To use this header, you must
1871
3102
  # have the `s3:BypassGovernanceRetention` permission.
3103
+ #
3104
+ # <note markdown="1"> This functionality is not supported for directory buckets.
3105
+ #
3106
+ # </note>
1872
3107
  # @option options [String] :expected_bucket_owner
1873
- # The account ID of the expected bucket owner. If the bucket is owned by
1874
- # a different account, the request fails with the HTTP status code `403
1875
- # Forbidden` (access denied).
3108
+ # The account ID of the expected bucket owner. If the account ID that
3109
+ # you provide does not match the actual owner of the bucket, the request
3110
+ # fails with the HTTP status code `403 Forbidden` (access denied).
1876
3111
  # @option options [String] :checksum_algorithm
1877
3112
  # Indicates the algorithm used to create the checksum for the object
1878
- # when using the SDK. This header will not provide any additional
1879
- # functionality if not using the SDK. When sending this header, there
1880
- # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
1881
- # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
1882
- # `400 Bad Request`. For more information, see [Checking object
1883
- # integrity][1] in the *Amazon S3 User Guide*.
3113
+ # when you use the SDK. This header will not provide any additional
3114
+ # functionality if you don't use the SDK. When you send this header,
3115
+ # there must be a corresponding `x-amz-checksum-algorithm ` or
3116
+ # `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request
3117
+ # with the HTTP status code `400 Bad Request`.
3118
+ #
3119
+ # For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with
3120
+ # the supported algorithm from the following list:
3121
+ #
3122
+ # * CRC32
3123
+ #
3124
+ # * CRC32C
3125
+ #
3126
+ # * SHA1
3127
+ #
3128
+ # * SHA256
3129
+ #
3130
+ # For more information, see [Checking object integrity][1] in the
3131
+ # *Amazon S3 User Guide*.
3132
+ #
3133
+ # If the individual checksum value you provide through
3134
+ # `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
3135
+ # set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
3136
+ # provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
3137
+ # that matches the provided value in `x-amz-checksum-algorithm `.
1884
3138
  #
1885
3139
  # If you provide an individual checksum, Amazon S3 ignores any provided
1886
3140
  # `ChecksumAlgorithm` parameter.
1887
3141
  #
1888
- # This checksum algorithm must be the same for all parts and it match
1889
- # the checksum value supplied in the `CreateMultipartUpload` request.
1890
- #
1891
3142
  #
1892
3143
  #
1893
3144
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html