aws-sdk-s3 1.136.0 → 1.176.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +250 -1
- data/VERSION +1 -1
- data/lib/aws-sdk-s3/access_grants_credentials.rb +57 -0
- data/lib/aws-sdk-s3/access_grants_credentials_provider.rb +250 -0
- data/lib/aws-sdk-s3/bucket.rb +671 -139
- data/lib/aws-sdk-s3/bucket_acl.rb +12 -12
- data/lib/aws-sdk-s3/bucket_cors.rb +16 -16
- data/lib/aws-sdk-s3/bucket_lifecycle.rb +21 -16
- data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +74 -17
- data/lib/aws-sdk-s3/bucket_logging.rb +19 -12
- data/lib/aws-sdk-s3/bucket_notification.rb +6 -6
- data/lib/aws-sdk-s3/bucket_policy.rb +62 -18
- data/lib/aws-sdk-s3/bucket_region_cache.rb +9 -5
- data/lib/aws-sdk-s3/bucket_request_payment.rb +12 -12
- data/lib/aws-sdk-s3/bucket_tagging.rb +16 -16
- data/lib/aws-sdk-s3/bucket_versioning.rb +32 -32
- data/lib/aws-sdk-s3/bucket_website.rb +16 -16
- data/lib/aws-sdk-s3/client.rb +7597 -2823
- data/lib/aws-sdk-s3/client_api.rb +288 -22
- data/lib/aws-sdk-s3/customizations/bucket.rb +1 -1
- data/lib/aws-sdk-s3/customizations/errors.rb +15 -2
- data/lib/aws-sdk-s3/customizations/object.rb +11 -5
- data/lib/aws-sdk-s3/customizations/object_summary.rb +5 -0
- data/lib/aws-sdk-s3/customizations/object_version.rb +13 -0
- data/lib/aws-sdk-s3/customizations.rb +25 -31
- data/lib/aws-sdk-s3/encryption/client.rb +2 -2
- data/lib/aws-sdk-s3/encryption/kms_cipher_provider.rb +2 -2
- data/lib/aws-sdk-s3/encryptionV2/client.rb +2 -2
- data/lib/aws-sdk-s3/encryptionV2/kms_cipher_provider.rb +2 -2
- data/lib/aws-sdk-s3/endpoint_parameters.rb +53 -18
- data/lib/aws-sdk-s3/endpoint_provider.rb +125 -6
- data/lib/aws-sdk-s3/endpoints.rb +545 -1261
- data/lib/aws-sdk-s3/errors.rb +47 -0
- data/lib/aws-sdk-s3/express_credentials.rb +55 -0
- data/lib/aws-sdk-s3/express_credentials_provider.rb +59 -0
- data/lib/aws-sdk-s3/file_downloader.rb +1 -2
- data/lib/aws-sdk-s3/file_uploader.rb +1 -1
- data/lib/aws-sdk-s3/multipart_file_uploader.rb +4 -4
- data/lib/aws-sdk-s3/multipart_stream_uploader.rb +6 -5
- data/lib/aws-sdk-s3/multipart_upload.rb +139 -36
- data/lib/aws-sdk-s3/multipart_upload_part.rb +175 -54
- data/lib/aws-sdk-s3/object.rb +1923 -313
- data/lib/aws-sdk-s3/object_acl.rb +34 -22
- data/lib/aws-sdk-s3/object_copier.rb +1 -1
- data/lib/aws-sdk-s3/object_multipart_copier.rb +10 -8
- data/lib/aws-sdk-s3/object_summary.rb +1690 -250
- data/lib/aws-sdk-s3/object_version.rb +397 -67
- data/lib/aws-sdk-s3/plugins/access_grants.rb +178 -0
- data/lib/aws-sdk-s3/plugins/endpoints.rb +32 -208
- data/lib/aws-sdk-s3/plugins/express_session_auth.rb +97 -0
- data/lib/aws-sdk-s3/plugins/http_200_errors.rb +55 -18
- data/lib/aws-sdk-s3/plugins/location_constraint.rb +3 -1
- data/lib/aws-sdk-s3/plugins/md5s.rb +2 -1
- data/lib/aws-sdk-s3/plugins/s3_signer.rb +7 -2
- data/lib/aws-sdk-s3/presigner.rb +5 -2
- data/lib/aws-sdk-s3/resource.rb +121 -22
- data/lib/aws-sdk-s3/types.rb +5960 -1526
- data/lib/aws-sdk-s3.rb +35 -31
- data/sig/bucket.rbs +221 -0
- data/sig/bucket_acl.rbs +78 -0
- data/sig/bucket_cors.rbs +69 -0
- data/sig/bucket_lifecycle.rbs +88 -0
- data/sig/bucket_lifecycle_configuration.rbs +115 -0
- data/sig/bucket_logging.rbs +76 -0
- data/sig/bucket_notification.rbs +114 -0
- data/sig/bucket_policy.rbs +59 -0
- data/sig/bucket_request_payment.rbs +54 -0
- data/sig/bucket_tagging.rbs +65 -0
- data/sig/bucket_versioning.rbs +77 -0
- data/sig/bucket_website.rbs +93 -0
- data/sig/client.rbs +2450 -0
- data/sig/customizations/bucket.rbs +19 -0
- data/sig/customizations/object.rbs +38 -0
- data/sig/customizations/object_summary.rbs +35 -0
- data/sig/errors.rbs +42 -0
- data/sig/multipart_upload.rbs +113 -0
- data/sig/multipart_upload_part.rbs +105 -0
- data/sig/object.rbs +448 -0
- data/sig/object_acl.rbs +86 -0
- data/sig/object_summary.rbs +340 -0
- data/sig/object_version.rbs +140 -0
- data/sig/resource.rbs +132 -0
- data/sig/types.rbs +2682 -0
- data/sig/waiters.rbs +95 -0
- metadata +44 -11
data/lib/aws-sdk-s3/object.rb
CHANGED
@@ -45,6 +45,10 @@ module Aws::S3
|
|
45
45
|
# Specifies whether the object retrieved was (true) or was not (false) a
|
46
46
|
# Delete Marker. If false, this response header does not appear in the
|
47
47
|
# response.
|
48
|
+
#
|
49
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
50
|
+
#
|
51
|
+
# </note>
|
48
52
|
# @return [Boolean]
|
49
53
|
def delete_marker
|
50
54
|
data[:delete_marker]
|
@@ -56,10 +60,21 @@ module Aws::S3
|
|
56
60
|
data[:accept_ranges]
|
57
61
|
end
|
58
62
|
|
59
|
-
# If the object expiration is configured (see
|
60
|
-
#
|
61
|
-
# `rule-id` key-value pairs
|
62
|
-
# value of the `rule-id` is
|
63
|
+
# If the object expiration is configured (see [
|
64
|
+
# `PutBucketLifecycleConfiguration` ][1]), the response includes this
|
65
|
+
# header. It includes the `expiry-date` and `rule-id` key-value pairs
|
66
|
+
# providing object expiration information. The value of the `rule-id` is
|
67
|
+
# URL-encoded.
|
68
|
+
#
|
69
|
+
# <note markdown="1"> Object expiration information is not returned in directory buckets and
|
70
|
+
# this header returns the value "`NotImplemented`" in all responses
|
71
|
+
# for directory buckets.
|
72
|
+
#
|
73
|
+
# </note>
|
74
|
+
#
|
75
|
+
#
|
76
|
+
#
|
77
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html
|
63
78
|
# @return [String]
|
64
79
|
def expiration
|
65
80
|
data[:expiration]
|
@@ -82,6 +97,12 @@ module Aws::S3
|
|
82
97
|
# For more information about archiving objects, see [Transitioning
|
83
98
|
# Objects: General Considerations][2].
|
84
99
|
#
|
100
|
+
# <note markdown="1"> This functionality is not supported for directory buckets. Only the S3
|
101
|
+
# Express One Zone storage class is supported by directory buckets to
|
102
|
+
# store objects.
|
103
|
+
#
|
104
|
+
# </note>
|
105
|
+
#
|
85
106
|
#
|
86
107
|
#
|
87
108
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html
|
@@ -92,12 +113,16 @@ module Aws::S3
|
|
92
113
|
end
|
93
114
|
|
94
115
|
# The archive state of the head object.
|
116
|
+
#
|
117
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
118
|
+
#
|
119
|
+
# </note>
|
95
120
|
# @return [String]
|
96
121
|
def archive_status
|
97
122
|
data[:archive_status]
|
98
123
|
end
|
99
124
|
|
100
|
-
#
|
125
|
+
# Date and time when the object was last modified.
|
101
126
|
# @return [Time]
|
102
127
|
def last_modified
|
103
128
|
data[:last_modified]
|
@@ -109,11 +134,14 @@ module Aws::S3
|
|
109
134
|
data[:content_length]
|
110
135
|
end
|
111
136
|
|
112
|
-
# The base64-encoded, 32-bit
|
113
|
-
# only be present if it was uploaded with the object.
|
114
|
-
#
|
115
|
-
#
|
116
|
-
#
|
137
|
+
# The base64-encoded, 32-bit CRC-32 checksum of the object. This will
|
138
|
+
# only be present if it was uploaded with the object. When you use an
|
139
|
+
# API operation on an object that was uploaded using multipart uploads,
|
140
|
+
# this value may not be a direct checksum value of the full object.
|
141
|
+
# Instead, it's a calculation based on the checksum values of each
|
142
|
+
# individual part. For more information about how checksums are
|
143
|
+
# calculated with multipart uploads, see [ Checking object integrity][1]
|
144
|
+
# in the *Amazon S3 User Guide*.
|
117
145
|
#
|
118
146
|
#
|
119
147
|
#
|
@@ -123,11 +151,14 @@ module Aws::S3
|
|
123
151
|
data[:checksum_crc32]
|
124
152
|
end
|
125
153
|
|
126
|
-
# The base64-encoded, 32-bit
|
127
|
-
# only be present if it was uploaded with the object.
|
128
|
-
#
|
129
|
-
#
|
130
|
-
#
|
154
|
+
# The base64-encoded, 32-bit CRC-32C checksum of the object. This will
|
155
|
+
# only be present if it was uploaded with the object. When you use an
|
156
|
+
# API operation on an object that was uploaded using multipart uploads,
|
157
|
+
# this value may not be a direct checksum value of the full object.
|
158
|
+
# Instead, it's a calculation based on the checksum values of each
|
159
|
+
# individual part. For more information about how checksums are
|
160
|
+
# calculated with multipart uploads, see [ Checking object integrity][1]
|
161
|
+
# in the *Amazon S3 User Guide*.
|
131
162
|
#
|
132
163
|
#
|
133
164
|
#
|
@@ -138,10 +169,13 @@ module Aws::S3
|
|
138
169
|
end
|
139
170
|
|
140
171
|
# The base64-encoded, 160-bit SHA-1 digest of the object. This will only
|
141
|
-
# be present if it was uploaded with the object.
|
142
|
-
#
|
143
|
-
#
|
144
|
-
#
|
172
|
+
# be present if it was uploaded with the object. When you use the API
|
173
|
+
# operation on an object that was uploaded using multipart uploads, this
|
174
|
+
# value may not be a direct checksum value of the full object. Instead,
|
175
|
+
# it's a calculation based on the checksum values of each individual
|
176
|
+
# part. For more information about how checksums are calculated with
|
177
|
+
# multipart uploads, see [ Checking object integrity][1] in the *Amazon
|
178
|
+
# S3 User Guide*.
|
145
179
|
#
|
146
180
|
#
|
147
181
|
#
|
@@ -152,10 +186,13 @@ module Aws::S3
|
|
152
186
|
end
|
153
187
|
|
154
188
|
# The base64-encoded, 256-bit SHA-256 digest of the object. This will
|
155
|
-
# only be present if it was uploaded with the object.
|
156
|
-
#
|
157
|
-
#
|
158
|
-
#
|
189
|
+
# only be present if it was uploaded with the object. When you use an
|
190
|
+
# API operation on an object that was uploaded using multipart uploads,
|
191
|
+
# this value may not be a direct checksum value of the full object.
|
192
|
+
# Instead, it's a calculation based on the checksum values of each
|
193
|
+
# individual part. For more information about how checksums are
|
194
|
+
# calculated with multipart uploads, see [ Checking object integrity][1]
|
195
|
+
# in the *Amazon S3 User Guide*.
|
159
196
|
#
|
160
197
|
#
|
161
198
|
#
|
@@ -177,12 +214,20 @@ module Aws::S3
|
|
177
214
|
# API like SOAP that supports more flexible metadata than the REST API.
|
178
215
|
# For example, using SOAP, you can create metadata whose values are not
|
179
216
|
# legal HTTP headers.
|
217
|
+
#
|
218
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
219
|
+
#
|
220
|
+
# </note>
|
180
221
|
# @return [Integer]
|
181
222
|
def missing_meta
|
182
223
|
data[:missing_meta]
|
183
224
|
end
|
184
225
|
|
185
|
-
# Version of the object.
|
226
|
+
# Version ID of the object.
|
227
|
+
#
|
228
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
229
|
+
#
|
230
|
+
# </note>
|
186
231
|
# @return [String]
|
187
232
|
def version_id
|
188
233
|
data[:version_id]
|
@@ -200,7 +245,7 @@ module Aws::S3
|
|
200
245
|
data[:content_disposition]
|
201
246
|
end
|
202
247
|
|
203
|
-
#
|
248
|
+
# Indicates what content encodings have been applied to the object and
|
204
249
|
# thus what decoding mechanisms must be applied to obtain the media-type
|
205
250
|
# referenced by the Content-Type header field.
|
206
251
|
# @return [String]
|
@@ -234,13 +279,17 @@ module Aws::S3
|
|
234
279
|
# If the bucket is configured as a website, redirects requests for this
|
235
280
|
# object to another object in the same bucket or to an external URL.
|
236
281
|
# Amazon S3 stores the value of this header in the object metadata.
|
282
|
+
#
|
283
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
284
|
+
#
|
285
|
+
# </note>
|
237
286
|
# @return [String]
|
238
287
|
def website_redirect_location
|
239
288
|
data[:website_redirect_location]
|
240
289
|
end
|
241
290
|
|
242
|
-
# The server-side encryption algorithm used when
|
243
|
-
# Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
|
291
|
+
# The server-side encryption algorithm used when you store this object
|
292
|
+
# in Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
|
244
293
|
# @return [String]
|
245
294
|
def server_side_encryption
|
246
295
|
data[:server_side_encryption]
|
@@ -253,25 +302,32 @@ module Aws::S3
|
|
253
302
|
end
|
254
303
|
|
255
304
|
# If server-side encryption with a customer-provided encryption key was
|
256
|
-
# requested, the response will include this header
|
257
|
-
# encryption algorithm used.
|
305
|
+
# requested, the response will include this header to confirm the
|
306
|
+
# encryption algorithm that's used.
|
307
|
+
#
|
308
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
309
|
+
#
|
310
|
+
# </note>
|
258
311
|
# @return [String]
|
259
312
|
def sse_customer_algorithm
|
260
313
|
data[:sse_customer_algorithm]
|
261
314
|
end
|
262
315
|
|
263
316
|
# If server-side encryption with a customer-provided encryption key was
|
264
|
-
# requested, the response will include this header to provide
|
265
|
-
# message integrity verification of the customer-provided
|
266
|
-
# key.
|
317
|
+
# requested, the response will include this header to provide the
|
318
|
+
# round-trip message integrity verification of the customer-provided
|
319
|
+
# encryption key.
|
320
|
+
#
|
321
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
322
|
+
#
|
323
|
+
# </note>
|
267
324
|
# @return [String]
|
268
325
|
def sse_customer_key_md5
|
269
326
|
data[:sse_customer_key_md5]
|
270
327
|
end
|
271
328
|
|
272
|
-
# If present,
|
273
|
-
#
|
274
|
-
# object.
|
329
|
+
# If present, indicates the ID of the KMS key that was used for object
|
330
|
+
# encryption.
|
275
331
|
# @return [String]
|
276
332
|
def ssekms_key_id
|
277
333
|
data[:ssekms_key_id]
|
@@ -290,6 +346,11 @@ module Aws::S3
|
|
290
346
|
#
|
291
347
|
# For more information, see [Storage Classes][1].
|
292
348
|
#
|
349
|
+
# <note markdown="1"> <b>Directory buckets </b> - Only the S3 Express One Zone storage class
|
350
|
+
# is supported by directory buckets to store objects.
|
351
|
+
#
|
352
|
+
# </note>
|
353
|
+
#
|
293
354
|
#
|
294
355
|
#
|
295
356
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
|
@@ -300,6 +361,10 @@ module Aws::S3
|
|
300
361
|
|
301
362
|
# If present, indicates that the requester was successfully charged for
|
302
363
|
# the request.
|
364
|
+
#
|
365
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
366
|
+
#
|
367
|
+
# </note>
|
303
368
|
# @return [String]
|
304
369
|
def request_charged
|
305
370
|
data[:request_charged]
|
@@ -342,6 +407,10 @@ module Aws::S3
|
|
342
407
|
#
|
343
408
|
# For more information, see [Replication][1].
|
344
409
|
#
|
410
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
411
|
+
#
|
412
|
+
# </note>
|
413
|
+
#
|
345
414
|
#
|
346
415
|
#
|
347
416
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html
|
@@ -363,6 +432,10 @@ module Aws::S3
|
|
363
432
|
# `s3:GetObjectRetention` permission. For more information about S3
|
364
433
|
# Object Lock, see [Object Lock][1].
|
365
434
|
#
|
435
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
436
|
+
#
|
437
|
+
# </note>
|
438
|
+
#
|
366
439
|
#
|
367
440
|
#
|
368
441
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
|
@@ -374,6 +447,10 @@ module Aws::S3
|
|
374
447
|
# The date and time when the Object Lock retention period expires. This
|
375
448
|
# header is only returned if the requester has the
|
376
449
|
# `s3:GetObjectRetention` permission.
|
450
|
+
#
|
451
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
452
|
+
#
|
453
|
+
# </note>
|
377
454
|
# @return [Time]
|
378
455
|
def object_lock_retain_until_date
|
379
456
|
data[:object_lock_retain_until_date]
|
@@ -385,6 +462,10 @@ module Aws::S3
|
|
385
462
|
# specified version of this object has never had a legal hold applied.
|
386
463
|
# For more information about S3 Object Lock, see [Object Lock][1].
|
387
464
|
#
|
465
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
466
|
+
#
|
467
|
+
# </note>
|
468
|
+
#
|
388
469
|
#
|
389
470
|
#
|
390
471
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
|
@@ -407,7 +488,7 @@ module Aws::S3
|
|
407
488
|
#
|
408
489
|
# @return [self]
|
409
490
|
def load
|
410
|
-
resp = Aws::Plugins::UserAgent.
|
491
|
+
resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
411
492
|
@client.head_object(
|
412
493
|
bucket: @bucket_name,
|
413
494
|
key: @key
|
@@ -457,7 +538,7 @@ module Aws::S3
|
|
457
538
|
options, params = separate_params_and_options(options)
|
458
539
|
waiter = Waiters::ObjectExists.new(options)
|
459
540
|
yield_waiter_and_warn(waiter, &block) if block_given?
|
460
|
-
Aws::Plugins::UserAgent.
|
541
|
+
Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
461
542
|
waiter.wait(params.merge(bucket: @bucket_name,
|
462
543
|
key: @key))
|
463
544
|
end
|
@@ -478,7 +559,7 @@ module Aws::S3
|
|
478
559
|
options, params = separate_params_and_options(options)
|
479
560
|
waiter = Waiters::ObjectNotExists.new(options)
|
480
561
|
yield_waiter_and_warn(waiter, &block) if block_given?
|
481
|
-
Aws::Plugins::UserAgent.
|
562
|
+
Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
482
563
|
waiter.wait(params.merge(bucket: @bucket_name,
|
483
564
|
key: @key))
|
484
565
|
end
|
@@ -583,7 +664,7 @@ module Aws::S3
|
|
583
664
|
:retry
|
584
665
|
end
|
585
666
|
end
|
586
|
-
Aws::Plugins::UserAgent.
|
667
|
+
Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
587
668
|
Aws::Waiters::Waiter.new(options).wait({})
|
588
669
|
end
|
589
670
|
end
|
@@ -616,7 +697,7 @@ module Aws::S3
|
|
616
697
|
# metadata_directive: "COPY", # accepts COPY, REPLACE
|
617
698
|
# tagging_directive: "COPY", # accepts COPY, REPLACE
|
618
699
|
# server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
|
619
|
-
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
|
700
|
+
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
|
620
701
|
# website_redirect_location: "WebsiteRedirectLocation",
|
621
702
|
# sse_customer_algorithm: "SSECustomerAlgorithm",
|
622
703
|
# sse_customer_key: "SSECustomerKey",
|
@@ -637,40 +718,98 @@ module Aws::S3
|
|
637
718
|
# })
|
638
719
|
# @param [Hash] options ({})
|
639
720
|
# @option options [String] :acl
|
640
|
-
# The canned ACL to apply to the object.
|
721
|
+
# The canned access control list (ACL) to apply to the object.
|
722
|
+
#
|
723
|
+
# When you copy an object, the ACL metadata is not preserved and is set
|
724
|
+
# to `private` by default. Only the owner has full access control. To
|
725
|
+
# override the default ACL setting, specify a new ACL when you generate
|
726
|
+
# a copy request. For more information, see [Using ACLs][1].
|
727
|
+
#
|
728
|
+
# If the destination bucket that you're copying objects to uses the
|
729
|
+
# bucket owner enforced setting for S3 Object Ownership, ACLs are
|
730
|
+
# disabled and no longer affect permissions. Buckets that use this
|
731
|
+
# setting only accept `PUT` requests that don't specify an ACL or `PUT`
|
732
|
+
# requests that specify bucket owner full control ACLs, such as the
|
733
|
+
# `bucket-owner-full-control` canned ACL or an equivalent form of this
|
734
|
+
# ACL expressed in the XML format. For more information, see
|
735
|
+
# [Controlling ownership of objects and disabling ACLs][2] in the
|
736
|
+
# *Amazon S3 User Guide*.
|
737
|
+
#
|
738
|
+
# <note markdown="1"> * If your destination bucket uses the bucket owner enforced setting
|
739
|
+
# for Object Ownership, all objects written to the bucket by any
|
740
|
+
# account will be owned by the bucket owner.
|
741
|
+
#
|
742
|
+
# * This functionality is not supported for directory buckets.
|
743
|
+
#
|
744
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
745
|
+
#
|
746
|
+
# </note>
|
747
|
+
#
|
641
748
|
#
|
642
|
-
#
|
749
|
+
#
|
750
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html
|
751
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
|
643
752
|
# @option options [String] :cache_control
|
644
|
-
# Specifies caching behavior along the request/reply chain.
|
753
|
+
# Specifies the caching behavior along the request/reply chain.
|
645
754
|
# @option options [String] :checksum_algorithm
|
646
|
-
# Indicates the algorithm you want Amazon S3 to use to create the
|
755
|
+
# Indicates the algorithm that you want Amazon S3 to use to create the
|
647
756
|
# checksum for the object. For more information, see [Checking object
|
648
757
|
# integrity][1] in the *Amazon S3 User Guide*.
|
649
758
|
#
|
759
|
+
# When you copy an object, if the source object has a checksum, that
|
760
|
+
# checksum value will be copied to the new object by default. If the
|
761
|
+
# `CopyObject` request does not include this `x-amz-checksum-algorithm`
|
762
|
+
# header, the checksum algorithm will be copied from the source object
|
763
|
+
# to the destination object (if it's present on the source object). You
|
764
|
+
# can optionally specify a different checksum algorithm to use with the
|
765
|
+
# `x-amz-checksum-algorithm` header. Unrecognized or unsupported values
|
766
|
+
# will respond with the HTTP status code `400 Bad Request`.
|
767
|
+
#
|
768
|
+
# <note markdown="1"> For directory buckets, when you use Amazon Web Services SDKs, `CRC32`
|
769
|
+
# is the default checksum algorithm that's used for performance.
|
770
|
+
#
|
771
|
+
# </note>
|
772
|
+
#
|
650
773
|
#
|
651
774
|
#
|
652
775
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
|
653
776
|
# @option options [String] :content_disposition
|
654
|
-
# Specifies presentational information for the object.
|
777
|
+
# Specifies presentational information for the object. Indicates whether
|
778
|
+
# an object should be displayed in a web browser or downloaded as a
|
779
|
+
# file. It allows specifying the desired filename for the downloaded
|
780
|
+
# file.
|
655
781
|
# @option options [String] :content_encoding
|
656
782
|
# Specifies what content encodings have been applied to the object and
|
657
783
|
# thus what decoding mechanisms must be applied to obtain the media-type
|
658
784
|
# referenced by the Content-Type header field.
|
785
|
+
#
|
786
|
+
# <note markdown="1"> For directory buckets, only the `aws-chunked` value is supported in
|
787
|
+
# this header field.
|
788
|
+
#
|
789
|
+
# </note>
|
659
790
|
# @option options [String] :content_language
|
660
791
|
# The language the content is in.
|
661
792
|
# @option options [String] :content_type
|
662
|
-
# A standard MIME type
|
793
|
+
# A standard MIME type that describes the format of the object data.
|
663
794
|
# @option options [required, String] :copy_source
|
664
|
-
# Specifies the source object for the copy operation.
|
665
|
-
#
|
666
|
-
# the
|
795
|
+
# Specifies the source object for the copy operation. The source object
|
796
|
+
# can be up to 5 GB. If the source object is an object that was uploaded
|
797
|
+
# by using a multipart upload, the object copy will be a single part
|
798
|
+
# object after the source object is copied to the destination bucket.
|
799
|
+
#
|
800
|
+
# You specify the value of the copy source in one of two formats,
|
801
|
+
# depending on whether you want to access the source object through an
|
802
|
+
# [access point][1]:
|
667
803
|
#
|
668
804
|
# * For objects not accessed through an access point, specify the name
|
669
805
|
# of the source bucket and the key of the source object, separated by
|
670
806
|
# a slash (/). For example, to copy the object `reports/january.pdf`
|
671
|
-
# from the bucket `awsexamplebucket`, use
|
807
|
+
# from the general purpose bucket `awsexamplebucket`, use
|
672
808
|
# `awsexamplebucket/reports/january.pdf`. The value must be
|
673
|
-
# URL-encoded.
|
809
|
+
# URL-encoded. To copy the object `reports/january.pdf` from the
|
810
|
+
# directory bucket `awsexamplebucket--use1-az5--x-s3`, use
|
811
|
+
# `awsexamplebucket--use1-az5--x-s3/reports/january.pdf`. The value
|
812
|
+
# must be URL-encoded.
|
674
813
|
#
|
675
814
|
# * For objects accessed through access points, specify the Amazon
|
676
815
|
# Resource Name (ARN) of the object as accessed through the access
|
@@ -682,9 +821,11 @@ module Aws::S3
|
|
682
821
|
# `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
|
683
822
|
# The value must be URL encoded.
|
684
823
|
#
|
685
|
-
# <note markdown="1"> Amazon S3 supports copy operations using
|
686
|
-
#
|
687
|
-
#
|
824
|
+
# <note markdown="1"> * Amazon S3 supports copy operations using Access points only when
|
825
|
+
# the source and destination buckets are in the same Amazon Web
|
826
|
+
# Services Region.
|
827
|
+
#
|
828
|
+
# * Access points are not supported by directory buckets.
|
688
829
|
#
|
689
830
|
# </note>
|
690
831
|
#
|
@@ -697,159 +838,567 @@ module Aws::S3
|
|
697
838
|
# `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`.
|
698
839
|
# The value must be URL-encoded.
|
699
840
|
#
|
700
|
-
#
|
701
|
-
#
|
841
|
+
# If your source bucket versioning is enabled, the `x-amz-copy-source`
|
842
|
+
# header by default identifies the current version of an object to copy.
|
843
|
+
# If the current version is a delete marker, Amazon S3 behaves as if the
|
844
|
+
# object was deleted. To copy a different version, use the `versionId`
|
845
|
+
# query parameter. Specifically, append `?versionId=<version-id>` to the
|
846
|
+
# value (for example,
|
702
847
|
# `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
|
703
848
|
# If you don't specify a version ID, Amazon S3 copies the latest
|
704
849
|
# version of the source object.
|
705
850
|
#
|
851
|
+
# If you enable versioning on the destination bucket, Amazon S3
|
852
|
+
# generates a unique version ID for the copied object. This version ID
|
853
|
+
# is different from the version ID of the source object. Amazon S3
|
854
|
+
# returns the version ID of the copied object in the `x-amz-version-id`
|
855
|
+
# response header in the response.
|
856
|
+
#
|
857
|
+
# If you do not enable versioning or suspend it on the destination
|
858
|
+
# bucket, the version ID that Amazon S3 generates in the
|
859
|
+
# `x-amz-version-id` response header is always null.
|
860
|
+
#
|
861
|
+
# <note markdown="1"> **Directory buckets** - S3 Versioning isn't enabled and supported for
|
862
|
+
# directory buckets.
|
863
|
+
#
|
864
|
+
# </note>
|
865
|
+
#
|
706
866
|
#
|
707
867
|
#
|
708
868
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html
|
709
869
|
# @option options [String] :copy_source_if_match
|
710
870
|
# Copies the object if its entity tag (ETag) matches the specified tag.
|
871
|
+
#
|
872
|
+
# If both the `x-amz-copy-source-if-match` and
|
873
|
+
# `x-amz-copy-source-if-unmodified-since` headers are present in the
|
874
|
+
# request and evaluate as follows, Amazon S3 returns `200 OK` and copies
|
875
|
+
# the data:
|
876
|
+
#
|
877
|
+
# * `x-amz-copy-source-if-match` condition evaluates to true
|
878
|
+
#
|
879
|
+
# * `x-amz-copy-source-if-unmodified-since` condition evaluates to false
|
711
880
|
# @option options [Time,DateTime,Date,Integer,String] :copy_source_if_modified_since
|
712
881
|
# Copies the object if it has been modified since the specified time.
|
882
|
+
#
|
883
|
+
# If both the `x-amz-copy-source-if-none-match` and
|
884
|
+
# `x-amz-copy-source-if-modified-since` headers are present in the
|
885
|
+
# request and evaluate as follows, Amazon S3 returns the `412
|
886
|
+
# Precondition Failed` response code:
|
887
|
+
#
|
888
|
+
# * `x-amz-copy-source-if-none-match` condition evaluates to false
|
889
|
+
#
|
890
|
+
# * `x-amz-copy-source-if-modified-since` condition evaluates to true
|
713
891
|
# @option options [String] :copy_source_if_none_match
|
714
892
|
# Copies the object if its entity tag (ETag) is different than the
|
715
893
|
# specified ETag.
|
894
|
+
#
|
895
|
+
# If both the `x-amz-copy-source-if-none-match` and
|
896
|
+
# `x-amz-copy-source-if-modified-since` headers are present in the
|
897
|
+
# request and evaluate as follows, Amazon S3 returns the `412
|
898
|
+
# Precondition Failed` response code:
|
899
|
+
#
|
900
|
+
# * `x-amz-copy-source-if-none-match` condition evaluates to false
|
901
|
+
#
|
902
|
+
# * `x-amz-copy-source-if-modified-since` condition evaluates to true
|
716
903
|
# @option options [Time,DateTime,Date,Integer,String] :copy_source_if_unmodified_since
|
717
904
|
# Copies the object if it hasn't been modified since the specified
|
718
905
|
# time.
|
906
|
+
#
|
907
|
+
# If both the `x-amz-copy-source-if-match` and
|
908
|
+
# `x-amz-copy-source-if-unmodified-since` headers are present in the
|
909
|
+
# request and evaluate as follows, Amazon S3 returns `200 OK` and copies
|
910
|
+
# the data:
|
911
|
+
#
|
912
|
+
# * `x-amz-copy-source-if-match` condition evaluates to true
|
913
|
+
#
|
914
|
+
# * `x-amz-copy-source-if-unmodified-since` condition evaluates to false
|
719
915
|
# @option options [Time,DateTime,Date,Integer,String] :expires
|
720
916
|
# The date and time at which the object is no longer cacheable.
|
721
917
|
# @option options [String] :grant_full_control
|
722
918
|
# Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
|
723
919
|
# object.
|
724
920
|
#
|
725
|
-
# This
|
921
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
922
|
+
#
|
923
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
924
|
+
#
|
925
|
+
# </note>
|
726
926
|
# @option options [String] :grant_read
|
727
927
|
# Allows grantee to read the object data and its metadata.
|
728
928
|
#
|
729
|
-
# This
|
929
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
930
|
+
#
|
931
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
932
|
+
#
|
933
|
+
# </note>
|
730
934
|
# @option options [String] :grant_read_acp
|
731
935
|
# Allows grantee to read the object ACL.
|
732
936
|
#
|
733
|
-
# This
|
937
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
938
|
+
#
|
939
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
940
|
+
#
|
941
|
+
# </note>
|
734
942
|
# @option options [String] :grant_write_acp
|
735
943
|
# Allows grantee to write the ACL for the applicable object.
|
736
944
|
#
|
737
|
-
# This
|
945
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
946
|
+
#
|
947
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
948
|
+
#
|
949
|
+
# </note>
|
738
950
|
# @option options [Hash<String,String>] :metadata
|
739
951
|
# A map of metadata to store with the object in S3.
|
740
952
|
# @option options [String] :metadata_directive
|
741
953
|
# Specifies whether the metadata is copied from the source object or
|
742
|
-
# replaced with metadata provided in the request.
|
954
|
+
# replaced with metadata that's provided in the request. When copying
|
955
|
+
# an object, you can preserve all metadata (the default) or specify new
|
956
|
+
# metadata. If this header isn’t specified, `COPY` is the default
|
957
|
+
# behavior.
|
958
|
+
#
|
959
|
+
# **General purpose bucket** - For general purpose buckets, when you
|
960
|
+
# grant permissions, you can use the `s3:x-amz-metadata-directive`
|
961
|
+
# condition key to enforce certain metadata behavior when objects are
|
962
|
+
# uploaded. For more information, see [Amazon S3 condition key
|
963
|
+
# examples][1] in the *Amazon S3 User Guide*.
|
964
|
+
#
|
965
|
+
# <note markdown="1"> `x-amz-website-redirect-location` is unique to each object and is not
|
966
|
+
# copied when using the `x-amz-metadata-directive` header. To copy the
|
967
|
+
# value, you must specify `x-amz-website-redirect-location` in the
|
968
|
+
# request header.
|
969
|
+
#
|
970
|
+
# </note>
|
971
|
+
#
|
972
|
+
#
|
973
|
+
#
|
974
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html
|
743
975
|
# @option options [String] :tagging_directive
|
744
|
-
# Specifies whether the object tag-set
|
745
|
-
# or replaced with tag-set provided in the request.
|
976
|
+
# Specifies whether the object tag-set is copied from the source object
|
977
|
+
# or replaced with the tag-set that's provided in the request.
|
978
|
+
#
|
979
|
+
# The default value is `COPY`.
|
980
|
+
#
|
981
|
+
# <note markdown="1"> **Directory buckets** - For directory buckets in a `CopyObject`
|
982
|
+
# operation, only the empty tag-set is supported. Any requests that
|
983
|
+
# attempt to write non-empty tags into directory buckets will receive a
|
984
|
+
# `501 Not Implemented` status code. When the destination bucket is a
|
985
|
+
# directory bucket, you will receive a `501 Not Implemented` response in
|
986
|
+
# any of the following situations:
|
987
|
+
#
|
988
|
+
# * When you attempt to `COPY` the tag-set from an S3 source object that
|
989
|
+
# has non-empty tags.
|
990
|
+
#
|
991
|
+
# * When you attempt to `REPLACE` the tag-set of a source object and set
|
992
|
+
# a non-empty value to `x-amz-tagging`.
|
993
|
+
#
|
994
|
+
# * When you don't set the `x-amz-tagging-directive` header and the
|
995
|
+
# source object has non-empty tags. This is because the default value
|
996
|
+
# of `x-amz-tagging-directive` is `COPY`.
|
997
|
+
#
|
998
|
+
# Because only the empty tag-set is supported for directory buckets in a
|
999
|
+
# `CopyObject` operation, the following situations are allowed:
|
1000
|
+
#
|
1001
|
+
# * When you attempt to `COPY` the tag-set from a directory bucket
|
1002
|
+
# source object that has no tags to a general purpose bucket. It
|
1003
|
+
# copies an empty tag-set to the destination object.
|
1004
|
+
#
|
1005
|
+
# * When you attempt to `REPLACE` the tag-set of a directory bucket
|
1006
|
+
# source object and set the `x-amz-tagging` value of the directory
|
1007
|
+
# bucket destination object to empty.
|
1008
|
+
#
|
1009
|
+
# * When you attempt to `REPLACE` the tag-set of a general purpose
|
1010
|
+
# bucket source object that has non-empty tags and set the
|
1011
|
+
# `x-amz-tagging` value of the directory bucket destination object to
|
1012
|
+
# empty.
|
1013
|
+
#
|
1014
|
+
# * When you attempt to `REPLACE` the tag-set of a directory bucket
|
1015
|
+
# source object and don't set the `x-amz-tagging` value of the
|
1016
|
+
# directory bucket destination object. This is because the default
|
1017
|
+
# value of `x-amz-tagging` is the empty value.
|
1018
|
+
#
|
1019
|
+
# </note>
|
746
1020
|
# @option options [String] :server_side_encryption
|
747
1021
|
# The server-side encryption algorithm used when storing this object in
|
748
|
-
# Amazon S3
|
1022
|
+
# Amazon S3. Unrecognized or unsupported values won’t write a
|
1023
|
+
# destination object and will receive a `400 Bad Request` response.
|
1024
|
+
#
|
1025
|
+
# Amazon S3 automatically encrypts all new objects that are copied to an
|
1026
|
+
# S3 bucket. When copying an object, if you don't specify encryption
|
1027
|
+
# information in your copy request, the encryption setting of the target
|
1028
|
+
# object is set to the default encryption configuration of the
|
1029
|
+
# destination bucket. By default, all buckets have a base level of
|
1030
|
+
# encryption configuration that uses server-side encryption with Amazon
|
1031
|
+
# S3 managed keys (SSE-S3). If the destination bucket has a different
|
1032
|
+
# default encryption configuration, Amazon S3 uses the corresponding
|
1033
|
+
# encryption key to encrypt the target object copy.
|
1034
|
+
#
|
1035
|
+
# With server-side encryption, Amazon S3 encrypts your data as it writes
|
1036
|
+
# your data to disks in its data centers and decrypts the data when you
|
1037
|
+
# access it. For more information about server-side encryption, see
|
1038
|
+
# [Using Server-Side Encryption][1] in the *Amazon S3 User Guide*.
|
1039
|
+
#
|
1040
|
+
# <b>General purpose buckets </b>
|
1041
|
+
#
|
1042
|
+
# * For general purpose buckets, there are the following supported
|
1043
|
+
# options for server-side encryption: server-side encryption with Key
|
1044
|
+
# Management Service (KMS) keys (SSE-KMS), dual-layer server-side
|
1045
|
+
# encryption with Amazon Web Services KMS keys (DSSE-KMS), and
|
1046
|
+
# server-side encryption with customer-provided encryption keys
|
1047
|
+
# (SSE-C). Amazon S3 uses the corresponding KMS key, or a
|
1048
|
+
# customer-provided key to encrypt the target object copy.
|
1049
|
+
#
|
1050
|
+
# * When you perform a `CopyObject` operation, if you want to use a
|
1051
|
+
# different type of encryption setting for the target object, you can
|
1052
|
+
# specify appropriate encryption-related headers to encrypt the target
|
1053
|
+
# object with an Amazon S3 managed key, a KMS key, or a
|
1054
|
+
# customer-provided key. If the encryption setting in your request is
|
1055
|
+
# different from the default encryption configuration of the
|
1056
|
+
# destination bucket, the encryption setting in your request takes
|
1057
|
+
# precedence.
|
1058
|
+
#
|
1059
|
+
# <b>Directory buckets </b>
|
1060
|
+
#
|
1061
|
+
# * For directory buckets, there are only two supported options for
|
1062
|
+
# server-side encryption: server-side encryption with Amazon S3
|
1063
|
+
# managed keys (SSE-S3) (`AES256`) and server-side encryption with KMS
|
1064
|
+
# keys (SSE-KMS) (`aws:kms`). We recommend that the bucket's default
|
1065
|
+
# encryption uses the desired encryption configuration and you don't
|
1066
|
+
# override the bucket default encryption in your `CreateSession`
|
1067
|
+
# requests or `PUT` object requests. Then, new objects are
|
1068
|
+
# automatically encrypted with the desired encryption settings. For
|
1069
|
+
# more information, see [Protecting data with server-side
|
1070
|
+
# encryption][2] in the *Amazon S3 User Guide*. For more information
|
1071
|
+
# about the encryption overriding behaviors in directory buckets, see
|
1072
|
+
# [Specifying server-side encryption with KMS for new object
|
1073
|
+
# uploads][3].
|
1074
|
+
#
|
1075
|
+
# * To encrypt new object copies to a directory bucket with SSE-KMS, we
|
1076
|
+
# recommend you specify SSE-KMS as the directory bucket's default
|
1077
|
+
# encryption configuration with a KMS key (specifically, a [customer
|
1078
|
+
# managed key][4]). The [Amazon Web Services managed key][5]
|
1079
|
+
# (`aws/s3`) isn't supported. Your SSE-KMS configuration can only
|
1080
|
+
# support 1 [customer managed key][4] per directory bucket for the
|
1081
|
+
# lifetime of the bucket. After you specify a customer managed key for
|
1082
|
+
# SSE-KMS, you can't override the customer managed key for the
|
1083
|
+
# bucket's SSE-KMS configuration. Then, when you perform a
|
1084
|
+
# `CopyObject` operation and want to specify server-side encryption
|
1085
|
+
# settings for new object copies with SSE-KMS in the
|
1086
|
+
# encryption-related request headers, you must ensure the encryption
|
1087
|
+
# key is the same customer managed key that you specified for the
|
1088
|
+
# directory bucket's default encryption configuration.
|
1089
|
+
#
|
1090
|
+
#
|
1091
|
+
#
|
1092
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
|
1093
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html
|
1094
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html
|
1095
|
+
# [4]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
|
1096
|
+
# [5]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
|
749
1097
|
# @option options [String] :storage_class
|
750
1098
|
# If the `x-amz-storage-class` header is not used, the copied object
|
751
|
-
# will be stored in the STANDARD Storage Class by default. The
|
752
|
-
# storage class provides high durability and high
|
753
|
-
# Depending on performance needs, you can specify a
|
754
|
-
#
|
755
|
-
#
|
756
|
-
#
|
1099
|
+
# will be stored in the `STANDARD` Storage Class by default. The
|
1100
|
+
# `STANDARD` storage class provides high durability and high
|
1101
|
+
# availability. Depending on performance needs, you can specify a
|
1102
|
+
# different Storage Class.
|
1103
|
+
#
|
1104
|
+
# <note markdown="1"> * <b>Directory buckets </b> - For directory buckets, only the S3
|
1105
|
+
# Express One Zone storage class is supported to store newly created
|
1106
|
+
# objects. Unsupported storage class values won't write a destination
|
1107
|
+
# object and will respond with the HTTP status code `400 Bad Request`.
|
1108
|
+
#
|
1109
|
+
# * <b>Amazon S3 on Outposts </b> - S3 on Outposts only uses the
|
1110
|
+
# `OUTPOSTS` Storage Class.
|
1111
|
+
#
|
1112
|
+
# </note>
|
1113
|
+
#
|
1114
|
+
# You can use the `CopyObject` action to change the storage class of an
|
1115
|
+
# object that is already stored in Amazon S3 by using the
|
1116
|
+
# `x-amz-storage-class` header. For more information, see [Storage
|
1117
|
+
# Classes][1] in the *Amazon S3 User Guide*.
|
1118
|
+
#
|
1119
|
+
# Before using an object as a source object for the copy operation, you
|
1120
|
+
# must restore a copy of it if it meets any of the following conditions:
|
1121
|
+
#
|
1122
|
+
# * The storage class of the source object is `GLACIER` or
|
1123
|
+
# `DEEP_ARCHIVE`.
|
1124
|
+
#
|
1125
|
+
# * The storage class of the source object is `INTELLIGENT_TIERING` and
|
1126
|
+
# it's [S3 Intelligent-Tiering access tier][2] is `Archive Access` or
|
1127
|
+
# `Deep Archive Access`.
|
1128
|
+
#
|
1129
|
+
# For more information, see [RestoreObject][3] and [Copying Objects][4]
|
1130
|
+
# in the *Amazon S3 User Guide*.
|
757
1131
|
#
|
758
1132
|
#
|
759
1133
|
#
|
760
1134
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
|
1135
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering-overview.html#intel-tiering-tier-definition
|
1136
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html
|
1137
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectsExamples.html
|
761
1138
|
# @option options [String] :website_redirect_location
|
762
|
-
# If the bucket is configured as a website, redirects
|
763
|
-
# object to another object in the same bucket or
|
764
|
-
# Amazon S3 stores the value of this header in the
|
765
|
-
# value is unique to each object and is not copied
|
766
|
-
# `x-amz-metadata-directive` header. Instead, you may opt
|
767
|
-
# this header in combination with the
|
1139
|
+
# If the destination bucket is configured as a website, redirects
|
1140
|
+
# requests for this object copy to another object in the same bucket or
|
1141
|
+
# to an external URL. Amazon S3 stores the value of this header in the
|
1142
|
+
# object metadata. This value is unique to each object and is not copied
|
1143
|
+
# when using the `x-amz-metadata-directive` header. Instead, you may opt
|
1144
|
+
# to provide this header in combination with the
|
1145
|
+
# `x-amz-metadata-directive` header.
|
1146
|
+
#
|
1147
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1148
|
+
#
|
1149
|
+
# </note>
|
768
1150
|
# @option options [String] :sse_customer_algorithm
|
769
|
-
# Specifies the algorithm to use
|
770
|
-
# example, AES256).
|
1151
|
+
# Specifies the algorithm to use when encrypting the object (for
|
1152
|
+
# example, `AES256`).
|
1153
|
+
#
|
1154
|
+
# When you perform a `CopyObject` operation, if you want to use a
|
1155
|
+
# different type of encryption setting for the target object, you can
|
1156
|
+
# specify appropriate encryption-related headers to encrypt the target
|
1157
|
+
# object with an Amazon S3 managed key, a KMS key, or a
|
1158
|
+
# customer-provided key. If the encryption setting in your request is
|
1159
|
+
# different from the default encryption configuration of the destination
|
1160
|
+
# bucket, the encryption setting in your request takes precedence.
|
1161
|
+
#
|
1162
|
+
# <note markdown="1"> This functionality is not supported when the destination bucket is a
|
1163
|
+
# directory bucket.
|
1164
|
+
#
|
1165
|
+
# </note>
|
771
1166
|
# @option options [String] :sse_customer_key
|
772
1167
|
# Specifies the customer-provided encryption key for Amazon S3 to use in
|
773
1168
|
# encrypting data. This value is used to store the object and then it is
|
774
|
-
# discarded
|
1169
|
+
# discarded. Amazon S3 does not store the encryption key. The key must
|
775
1170
|
# be appropriate for use with the algorithm specified in the
|
776
1171
|
# `x-amz-server-side-encryption-customer-algorithm` header.
|
1172
|
+
#
|
1173
|
+
# <note markdown="1"> This functionality is not supported when the destination bucket is a
|
1174
|
+
# directory bucket.
|
1175
|
+
#
|
1176
|
+
# </note>
|
777
1177
|
# @option options [String] :sse_customer_key_md5
|
778
1178
|
# Specifies the 128-bit MD5 digest of the encryption key according to
|
779
1179
|
# RFC 1321. Amazon S3 uses this header for a message integrity check to
|
780
1180
|
# ensure that the encryption key was transmitted without error.
|
1181
|
+
#
|
1182
|
+
# <note markdown="1"> This functionality is not supported when the destination bucket is a
|
1183
|
+
# directory bucket.
|
1184
|
+
#
|
1185
|
+
# </note>
|
781
1186
|
# @option options [String] :ssekms_key_id
|
782
|
-
# Specifies the KMS ID (Key ID, Key ARN, or Key Alias) to use for
|
783
|
-
# encryption. All GET and PUT requests for an object protected by
|
784
|
-
# will fail if they're not made via SSL or using SigV4. For
|
785
|
-
# about configuring any of the officially supported Amazon
|
786
|
-
# SDKs and Amazon Web Services CLI, see [Specifying the
|
787
|
-
# Version in Request Authentication][1] in the *Amazon S3 User
|
1187
|
+
# Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for
|
1188
|
+
# object encryption. All GET and PUT requests for an object protected by
|
1189
|
+
# KMS will fail if they're not made via SSL or using SigV4. For
|
1190
|
+
# information about configuring any of the officially supported Amazon
|
1191
|
+
# Web Services SDKs and Amazon Web Services CLI, see [Specifying the
|
1192
|
+
# Signature Version in Request Authentication][1] in the *Amazon S3 User
|
1193
|
+
# Guide*.
|
1194
|
+
#
|
1195
|
+
# **Directory buckets** - If you specify `x-amz-server-side-encryption`
|
1196
|
+
# with `aws:kms`, the ` x-amz-server-side-encryption-aws-kms-key-id`
|
1197
|
+
# header is implicitly assigned the ID of the KMS symmetric encryption
|
1198
|
+
# customer managed key that's configured for your directory bucket's
|
1199
|
+
# default encryption setting. If you want to specify the `
|
1200
|
+
# x-amz-server-side-encryption-aws-kms-key-id` header explicitly, you
|
1201
|
+
# can only specify it with the ID (Key ID or Key ARN) of the KMS
|
1202
|
+
# customer managed key that's configured for your directory bucket's
|
1203
|
+
# default encryption setting. Otherwise, you get an HTTP `400 Bad
|
1204
|
+
# Request` error. Only use the key ID or key ARN. The key alias format
|
1205
|
+
# of the KMS key isn't supported. Your SSE-KMS configuration can only
|
1206
|
+
# support 1 [customer managed key][2] per directory bucket for the
|
1207
|
+
# lifetime of the bucket. The [Amazon Web Services managed key][3]
|
1208
|
+
# (`aws/s3`) isn't supported.
|
788
1209
|
#
|
789
1210
|
#
|
790
1211
|
#
|
791
1212
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
|
1213
|
+
# [2]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
|
1214
|
+
# [3]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
|
792
1215
|
# @option options [String] :ssekms_encryption_context
|
793
|
-
# Specifies the Amazon Web Services KMS Encryption Context
|
794
|
-
#
|
795
|
-
#
|
1216
|
+
# Specifies the Amazon Web Services KMS Encryption Context as an
|
1217
|
+
# additional encryption context to use for the destination object
|
1218
|
+
# encryption. The value of this header is a base64-encoded UTF-8 string
|
1219
|
+
# holding JSON with the encryption context key-value pairs.
|
1220
|
+
#
|
1221
|
+
# **General purpose buckets** - This value must be explicitly added to
|
1222
|
+
# specify encryption context for `CopyObject` requests if you want an
|
1223
|
+
# additional encryption context for your destination object. The
|
1224
|
+
# additional encryption context of the source object won't be copied to
|
1225
|
+
# the destination object. For more information, see [Encryption
|
1226
|
+
# context][1] in the *Amazon S3 User Guide*.
|
1227
|
+
#
|
1228
|
+
# **Directory buckets** - You can optionally provide an explicit
|
1229
|
+
# encryption context value. The value must match the default encryption
|
1230
|
+
# context - the bucket Amazon Resource Name (ARN). An additional
|
1231
|
+
# encryption context value is not supported.
|
1232
|
+
#
|
1233
|
+
#
|
1234
|
+
#
|
1235
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html#encryption-context
|
796
1236
|
# @option options [Boolean] :bucket_key_enabled
|
797
1237
|
# Specifies whether Amazon S3 should use an S3 Bucket Key for object
|
798
1238
|
# encryption with server-side encryption using Key Management Service
|
799
|
-
# (KMS) keys (SSE-KMS).
|
800
|
-
#
|
1239
|
+
# (KMS) keys (SSE-KMS). If a target object uses SSE-KMS, you can enable
|
1240
|
+
# an S3 Bucket Key for the object.
|
1241
|
+
#
|
1242
|
+
# Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
|
1243
|
+
# for object encryption with SSE-KMS. Specifying this header with a COPY
|
1244
|
+
# action doesn’t affect bucket-level settings for S3 Bucket Key.
|
801
1245
|
#
|
802
|
-
#
|
803
|
-
#
|
1246
|
+
# For more information, see [Amazon S3 Bucket Keys][1] in the *Amazon S3
|
1247
|
+
# User Guide*.
|
1248
|
+
#
|
1249
|
+
# <note markdown="1"> **Directory buckets** - S3 Bucket Keys aren't supported, when you
|
1250
|
+
# copy SSE-KMS encrypted objects from general purpose buckets to
|
1251
|
+
# directory buckets, from directory buckets to general purpose buckets,
|
1252
|
+
# or between directory buckets, through [CopyObject][2]. In this case,
|
1253
|
+
# Amazon S3 makes a call to KMS every time a copy request is made for a
|
1254
|
+
# KMS-encrypted object.
|
1255
|
+
#
|
1256
|
+
# </note>
|
1257
|
+
#
|
1258
|
+
#
|
1259
|
+
#
|
1260
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html
|
1261
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
|
804
1262
|
# @option options [String] :copy_source_sse_customer_algorithm
|
805
1263
|
# Specifies the algorithm to use when decrypting the source object (for
|
806
|
-
# example, AES256).
|
1264
|
+
# example, `AES256`).
|
1265
|
+
#
|
1266
|
+
# If the source object for the copy is stored in Amazon S3 using SSE-C,
|
1267
|
+
# you must provide the necessary encryption information in your request
|
1268
|
+
# so that Amazon S3 can decrypt the object for copying.
|
1269
|
+
#
|
1270
|
+
# <note markdown="1"> This functionality is not supported when the source object is in a
|
1271
|
+
# directory bucket.
|
1272
|
+
#
|
1273
|
+
# </note>
|
807
1274
|
# @option options [String] :copy_source_sse_customer_key
|
808
1275
|
# Specifies the customer-provided encryption key for Amazon S3 to use to
|
809
1276
|
# decrypt the source object. The encryption key provided in this header
|
810
|
-
# must be one that was used when the source object was created.
|
1277
|
+
# must be the same one that was used when the source object was created.
|
1278
|
+
#
|
1279
|
+
# If the source object for the copy is stored in Amazon S3 using SSE-C,
|
1280
|
+
# you must provide the necessary encryption information in your request
|
1281
|
+
# so that Amazon S3 can decrypt the object for copying.
|
1282
|
+
#
|
1283
|
+
# <note markdown="1"> This functionality is not supported when the source object is in a
|
1284
|
+
# directory bucket.
|
1285
|
+
#
|
1286
|
+
# </note>
|
811
1287
|
# @option options [String] :copy_source_sse_customer_key_md5
|
812
1288
|
# Specifies the 128-bit MD5 digest of the encryption key according to
|
813
1289
|
# RFC 1321. Amazon S3 uses this header for a message integrity check to
|
814
1290
|
# ensure that the encryption key was transmitted without error.
|
1291
|
+
#
|
1292
|
+
# If the source object for the copy is stored in Amazon S3 using SSE-C,
|
1293
|
+
# you must provide the necessary encryption information in your request
|
1294
|
+
# so that Amazon S3 can decrypt the object for copying.
|
1295
|
+
#
|
1296
|
+
# <note markdown="1"> This functionality is not supported when the source object is in a
|
1297
|
+
# directory bucket.
|
1298
|
+
#
|
1299
|
+
# </note>
|
815
1300
|
# @option options [String] :request_payer
|
816
1301
|
# Confirms that the requester knows that they will be charged for the
|
817
1302
|
# request. Bucket owners need not specify this parameter in their
|
818
|
-
# requests. If either the source or destination
|
819
|
-
#
|
820
|
-
#
|
821
|
-
#
|
822
|
-
#
|
1303
|
+
# requests. If either the source or destination S3 bucket has Requester
|
1304
|
+
# Pays enabled, the requester will pay for corresponding charges to copy
|
1305
|
+
# the object. For information about downloading objects from Requester
|
1306
|
+
# Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
|
1307
|
+
# in the *Amazon S3 User Guide*.
|
1308
|
+
#
|
1309
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1310
|
+
#
|
1311
|
+
# </note>
|
823
1312
|
#
|
824
1313
|
#
|
825
1314
|
#
|
826
1315
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
|
827
1316
|
# @option options [String] :tagging
|
828
|
-
# The tag-set for the object
|
829
|
-
# in conjunction with the `
|
830
|
-
#
|
1317
|
+
# The tag-set for the object copy in the destination bucket. This value
|
1318
|
+
# must be used in conjunction with the `x-amz-tagging-directive` if you
|
1319
|
+
# choose `REPLACE` for the `x-amz-tagging-directive`. If you choose
|
1320
|
+
# `COPY` for the `x-amz-tagging-directive`, you don't need to set the
|
1321
|
+
# `x-amz-tagging` header, because the tag-set will be copied from the
|
1322
|
+
# source object directly. The tag-set must be encoded as URL Query
|
1323
|
+
# parameters.
|
1324
|
+
#
|
1325
|
+
# The default value is the empty value.
|
1326
|
+
#
|
1327
|
+
# <note markdown="1"> **Directory buckets** - For directory buckets in a `CopyObject`
|
1328
|
+
# operation, only the empty tag-set is supported. Any requests that
|
1329
|
+
# attempt to write non-empty tags into directory buckets will receive a
|
1330
|
+
# `501 Not Implemented` status code. When the destination bucket is a
|
1331
|
+
# directory bucket, you will receive a `501 Not Implemented` response in
|
1332
|
+
# any of the following situations:
|
1333
|
+
#
|
1334
|
+
# * When you attempt to `COPY` the tag-set from an S3 source object that
|
1335
|
+
# has non-empty tags.
|
1336
|
+
#
|
1337
|
+
# * When you attempt to `REPLACE` the tag-set of a source object and set
|
1338
|
+
# a non-empty value to `x-amz-tagging`.
|
1339
|
+
#
|
1340
|
+
# * When you don't set the `x-amz-tagging-directive` header and the
|
1341
|
+
# source object has non-empty tags. This is because the default value
|
1342
|
+
# of `x-amz-tagging-directive` is `COPY`.
|
1343
|
+
#
|
1344
|
+
# Because only the empty tag-set is supported for directory buckets in a
|
1345
|
+
# `CopyObject` operation, the following situations are allowed:
|
1346
|
+
#
|
1347
|
+
# * When you attempt to `COPY` the tag-set from a directory bucket
|
1348
|
+
# source object that has no tags to a general purpose bucket. It
|
1349
|
+
# copies an empty tag-set to the destination object.
|
1350
|
+
#
|
1351
|
+
# * When you attempt to `REPLACE` the tag-set of a directory bucket
|
1352
|
+
# source object and set the `x-amz-tagging` value of the directory
|
1353
|
+
# bucket destination object to empty.
|
1354
|
+
#
|
1355
|
+
# * When you attempt to `REPLACE` the tag-set of a general purpose
|
1356
|
+
# bucket source object that has non-empty tags and set the
|
1357
|
+
# `x-amz-tagging` value of the directory bucket destination object to
|
1358
|
+
# empty.
|
1359
|
+
#
|
1360
|
+
# * When you attempt to `REPLACE` the tag-set of a directory bucket
|
1361
|
+
# source object and don't set the `x-amz-tagging` value of the
|
1362
|
+
# directory bucket destination object. This is because the default
|
1363
|
+
# value of `x-amz-tagging` is the empty value.
|
1364
|
+
#
|
1365
|
+
# </note>
|
831
1366
|
# @option options [String] :object_lock_mode
|
832
|
-
# The Object Lock mode that you want to apply to the
|
1367
|
+
# The Object Lock mode that you want to apply to the object copy.
|
1368
|
+
#
|
1369
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1370
|
+
#
|
1371
|
+
# </note>
|
833
1372
|
# @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
|
834
|
-
# The date and time when you want the
|
1373
|
+
# The date and time when you want the Object Lock of the object copy to
|
835
1374
|
# expire.
|
1375
|
+
#
|
1376
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1377
|
+
#
|
1378
|
+
# </note>
|
836
1379
|
# @option options [String] :object_lock_legal_hold_status
|
837
|
-
# Specifies whether you want to apply a legal hold to the
|
1380
|
+
# Specifies whether you want to apply a legal hold to the object copy.
|
1381
|
+
#
|
1382
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1383
|
+
#
|
1384
|
+
# </note>
|
838
1385
|
# @option options [String] :expected_bucket_owner
|
839
1386
|
# The account ID of the expected destination bucket owner. If the
|
840
|
-
#
|
841
|
-
# with the HTTP status code `403
|
1387
|
+
# account ID that you provide does not match the actual owner of the
|
1388
|
+
# destination bucket, the request fails with the HTTP status code `403
|
1389
|
+
# Forbidden` (access denied).
|
842
1390
|
# @option options [String] :expected_source_bucket_owner
|
843
|
-
# The account ID of the expected source bucket owner. If the
|
844
|
-
#
|
845
|
-
# HTTP status code `403 Forbidden` (access
|
1391
|
+
# The account ID of the expected source bucket owner. If the account ID
|
1392
|
+
# that you provide does not match the actual owner of the source bucket,
|
1393
|
+
# the request fails with the HTTP status code `403 Forbidden` (access
|
1394
|
+
# denied).
|
846
1395
|
# @return [Types::CopyObjectOutput]
|
847
1396
|
def copy_from(options = {})
|
848
1397
|
options = options.merge(
|
849
1398
|
bucket: @bucket_name,
|
850
1399
|
key: @key
|
851
1400
|
)
|
852
|
-
resp = Aws::Plugins::UserAgent.
|
1401
|
+
resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
853
1402
|
@client.copy_object(options)
|
854
1403
|
end
|
855
1404
|
resp.data
|
@@ -863,6 +1412,9 @@ module Aws::S3
|
|
863
1412
|
# request_payer: "requester", # accepts requester
|
864
1413
|
# bypass_governance_retention: false,
|
865
1414
|
# expected_bucket_owner: "AccountId",
|
1415
|
+
# if_match: "IfMatch",
|
1416
|
+
# if_match_last_modified_time: Time.now,
|
1417
|
+
# if_match_size: 1,
|
866
1418
|
# })
|
867
1419
|
# @param [Hash] options ({})
|
868
1420
|
# @option options [String] :mfa
|
@@ -870,16 +1422,29 @@ module Aws::S3
|
|
870
1422
|
# space, and the value that is displayed on your authentication device.
|
871
1423
|
# Required to permanently delete a versioned object if versioning is
|
872
1424
|
# configured with MFA delete enabled.
|
1425
|
+
#
|
1426
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1427
|
+
#
|
1428
|
+
# </note>
|
873
1429
|
# @option options [String] :version_id
|
874
|
-
#
|
1430
|
+
# Version ID used to reference a specific version of the object.
|
1431
|
+
#
|
1432
|
+
# <note markdown="1"> For directory buckets in this API operation, only the `null` value of
|
1433
|
+
# the version ID is supported.
|
1434
|
+
#
|
1435
|
+
# </note>
|
875
1436
|
# @option options [String] :request_payer
|
876
1437
|
# Confirms that the requester knows that they will be charged for the
|
877
1438
|
# request. Bucket owners need not specify this parameter in their
|
878
|
-
# requests. If either the source or destination
|
879
|
-
#
|
880
|
-
#
|
881
|
-
#
|
882
|
-
#
|
1439
|
+
# requests. If either the source or destination S3 bucket has Requester
|
1440
|
+
# Pays enabled, the requester will pay for corresponding charges to copy
|
1441
|
+
# the object. For information about downloading objects from Requester
|
1442
|
+
# Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
|
1443
|
+
# in the *Amazon S3 User Guide*.
|
1444
|
+
#
|
1445
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1446
|
+
#
|
1447
|
+
# </note>
|
883
1448
|
#
|
884
1449
|
#
|
885
1450
|
#
|
@@ -888,17 +1453,61 @@ module Aws::S3
|
|
888
1453
|
# Indicates whether S3 Object Lock should bypass Governance-mode
|
889
1454
|
# restrictions to process this operation. To use this header, you must
|
890
1455
|
# have the `s3:BypassGovernanceRetention` permission.
|
1456
|
+
#
|
1457
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1458
|
+
#
|
1459
|
+
# </note>
|
891
1460
|
# @option options [String] :expected_bucket_owner
|
892
|
-
# The account ID of the expected bucket owner. If the
|
893
|
-
#
|
894
|
-
# Forbidden` (access denied).
|
1461
|
+
# The account ID of the expected bucket owner. If the account ID that
|
1462
|
+
# you provide does not match the actual owner of the bucket, the request
|
1463
|
+
# fails with the HTTP status code `403 Forbidden` (access denied).
|
1464
|
+
# @option options [String] :if_match
|
1465
|
+
# The `If-Match` header field makes the request method conditional on
|
1466
|
+
# ETags. If the ETag value does not match, the operation returns a `412
|
1467
|
+
# Precondition Failed` error. If the ETag matches or if the object
|
1468
|
+
# doesn't exist, the operation will return a `204 Success (No Content)
|
1469
|
+
# response`.
|
1470
|
+
#
|
1471
|
+
# For more information about conditional requests, see [RFC 7232][1].
|
1472
|
+
#
|
1473
|
+
# <note markdown="1"> This functionality is only supported for directory buckets.
|
1474
|
+
#
|
1475
|
+
# </note>
|
1476
|
+
#
|
1477
|
+
#
|
1478
|
+
#
|
1479
|
+
# [1]: https://docs.aws.amazon.com/https:/tools.ietf.org/html/rfc7232
|
1480
|
+
# @option options [Time,DateTime,Date,Integer,String] :if_match_last_modified_time
|
1481
|
+
# If present, the object is deleted only if its modification times
|
1482
|
+
# matches the provided `Timestamp`. If the `Timestamp` values do not
|
1483
|
+
# match, the operation returns a `412 Precondition Failed` error. If the
|
1484
|
+
# `Timestamp` matches or if the object doesn’t exist, the operation
|
1485
|
+
# returns a `204 Success (No Content)` response.
|
1486
|
+
#
|
1487
|
+
# <note markdown="1"> This functionality is only supported for directory buckets.
|
1488
|
+
#
|
1489
|
+
# </note>
|
1490
|
+
# @option options [Integer] :if_match_size
|
1491
|
+
# If present, the object is deleted only if its size matches the
|
1492
|
+
# provided size in bytes. If the `Size` value does not match, the
|
1493
|
+
# operation returns a `412 Precondition Failed` error. If the `Size`
|
1494
|
+
# matches or if the object doesn’t exist, the operation returns a `204
|
1495
|
+
# Success (No Content)` response.
|
1496
|
+
#
|
1497
|
+
# <note markdown="1"> This functionality is only supported for directory buckets.
|
1498
|
+
#
|
1499
|
+
# </note>
|
1500
|
+
#
|
1501
|
+
# You can use the `If-Match`, `x-amz-if-match-last-modified-time` and
|
1502
|
+
# `x-amz-if-match-size` conditional headers in conjunction with
|
1503
|
+
# each-other or individually.
|
895
1504
|
# @return [Types::DeleteObjectOutput]
|
896
1505
|
def delete(options = {})
|
897
1506
|
options = options.merge(
|
898
1507
|
bucket: @bucket_name,
|
899
1508
|
key: @key
|
900
1509
|
)
|
901
|
-
resp = Aws::Plugins::UserAgent.
|
1510
|
+
resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
902
1511
|
@client.delete_object(options)
|
903
1512
|
end
|
904
1513
|
resp.data
|
@@ -930,18 +1539,64 @@ module Aws::S3
|
|
930
1539
|
# @param [Hash] options ({})
|
931
1540
|
# @option options [String] :if_match
|
932
1541
|
# Return the object only if its entity tag (ETag) is the same as the one
|
933
|
-
# specified; otherwise, return a 412
|
1542
|
+
# specified in this header; otherwise, return a `412 Precondition
|
1543
|
+
# Failed` error.
|
1544
|
+
#
|
1545
|
+
# If both of the `If-Match` and `If-Unmodified-Since` headers are
|
1546
|
+
# present in the request as follows: `If-Match` condition evaluates to
|
1547
|
+
# `true`, and; `If-Unmodified-Since` condition evaluates to `false`;
|
1548
|
+
# then, S3 returns `200 OK` and the data requested.
|
1549
|
+
#
|
1550
|
+
# For more information about conditional requests, see [RFC 7232][1].
|
1551
|
+
#
|
1552
|
+
#
|
1553
|
+
#
|
1554
|
+
# [1]: https://tools.ietf.org/html/rfc7232
|
934
1555
|
# @option options [Time,DateTime,Date,Integer,String] :if_modified_since
|
935
1556
|
# Return the object only if it has been modified since the specified
|
936
|
-
# time; otherwise, return a 304
|
1557
|
+
# time; otherwise, return a `304 Not Modified` error.
|
1558
|
+
#
|
1559
|
+
# If both of the `If-None-Match` and `If-Modified-Since` headers are
|
1560
|
+
# present in the request as follows:` If-None-Match` condition evaluates
|
1561
|
+
# to `false`, and; `If-Modified-Since` condition evaluates to `true`;
|
1562
|
+
# then, S3 returns `304 Not Modified` status code.
|
1563
|
+
#
|
1564
|
+
# For more information about conditional requests, see [RFC 7232][1].
|
1565
|
+
#
|
1566
|
+
#
|
1567
|
+
#
|
1568
|
+
# [1]: https://tools.ietf.org/html/rfc7232
|
937
1569
|
# @option options [String] :if_none_match
|
938
1570
|
# Return the object only if its entity tag (ETag) is different from the
|
939
|
-
# one specified; otherwise, return a 304
|
1571
|
+
# one specified in this header; otherwise, return a `304 Not Modified`
|
1572
|
+
# error.
|
1573
|
+
#
|
1574
|
+
# If both of the `If-None-Match` and `If-Modified-Since` headers are
|
1575
|
+
# present in the request as follows:` If-None-Match` condition evaluates
|
1576
|
+
# to `false`, and; `If-Modified-Since` condition evaluates to `true`;
|
1577
|
+
# then, S3 returns `304 Not Modified` HTTP status code.
|
1578
|
+
#
|
1579
|
+
# For more information about conditional requests, see [RFC 7232][1].
|
1580
|
+
#
|
1581
|
+
#
|
1582
|
+
#
|
1583
|
+
# [1]: https://tools.ietf.org/html/rfc7232
|
940
1584
|
# @option options [Time,DateTime,Date,Integer,String] :if_unmodified_since
|
941
1585
|
# Return the object only if it has not been modified since the specified
|
942
|
-
# time; otherwise, return a 412
|
1586
|
+
# time; otherwise, return a `412 Precondition Failed` error.
|
1587
|
+
#
|
1588
|
+
# If both of the `If-Match` and `If-Unmodified-Since` headers are
|
1589
|
+
# present in the request as follows: `If-Match` condition evaluates to
|
1590
|
+
# `true`, and; `If-Unmodified-Since` condition evaluates to `false`;
|
1591
|
+
# then, S3 returns `200 OK` and the data requested.
|
1592
|
+
#
|
1593
|
+
# For more information about conditional requests, see [RFC 7232][1].
|
1594
|
+
#
|
1595
|
+
#
|
1596
|
+
#
|
1597
|
+
# [1]: https://tools.ietf.org/html/rfc7232
|
943
1598
|
# @option options [String] :range
|
944
|
-
# Downloads the specified range
|
1599
|
+
# Downloads the specified byte range of an object. For more information
|
945
1600
|
# about the HTTP Range header, see
|
946
1601
|
# [https://www.rfc-editor.org/rfc/rfc9110.html#name-range][1].
|
947
1602
|
#
|
@@ -956,7 +1611,7 @@ module Aws::S3
|
|
956
1611
|
# @option options [String] :response_cache_control
|
957
1612
|
# Sets the `Cache-Control` header of the response.
|
958
1613
|
# @option options [String] :response_content_disposition
|
959
|
-
# Sets the `Content-Disposition` header of the response
|
1614
|
+
# Sets the `Content-Disposition` header of the response.
|
960
1615
|
# @option options [String] :response_content_encoding
|
961
1616
|
# Sets the `Content-Encoding` header of the response.
|
962
1617
|
# @option options [String] :response_content_language
|
@@ -966,50 +1621,158 @@ module Aws::S3
|
|
966
1621
|
# @option options [Time,DateTime,Date,Integer,String] :response_expires
|
967
1622
|
# Sets the `Expires` header of the response.
|
968
1623
|
# @option options [String] :version_id
|
969
|
-
#
|
970
|
-
# @option options [String] :sse_customer_algorithm
|
971
|
-
# Specifies the algorithm to use to when decrypting the object (for
|
972
|
-
# example, AES256).
|
973
|
-
# @option options [String] :sse_customer_key
|
974
|
-
# Specifies the customer-provided encryption key for Amazon S3 used to
|
975
|
-
# encrypt the data. This value is used to decrypt the object when
|
976
|
-
# recovering it and must match the one used when storing the data. The
|
977
|
-
# key must be appropriate for use with the algorithm specified in the
|
978
|
-
# `x-amz-server-side-encryption-customer-algorithm` header.
|
979
|
-
# @option options [String] :sse_customer_key_md5
|
980
|
-
# Specifies the 128-bit MD5 digest of the encryption key according to
|
981
|
-
# RFC 1321. Amazon S3 uses this header for a message integrity check to
|
982
|
-
# ensure that the encryption key was transmitted without error.
|
983
|
-
# @option options [String] :request_payer
|
984
|
-
# Confirms that the requester knows that they will be charged for the
|
985
|
-
# request. Bucket owners need not specify this parameter in their
|
986
|
-
# requests. If either the source or destination Amazon S3 bucket has
|
987
|
-
# Requester Pays enabled, the requester will pay for corresponding
|
988
|
-
# charges to copy the object. For information about downloading objects
|
989
|
-
# from Requester Pays buckets, see [Downloading Objects in Requester
|
990
|
-
# Pays Buckets][1] in the *Amazon S3 User Guide*.
|
1624
|
+
# Version ID used to reference a specific version of the object.
|
991
1625
|
#
|
1626
|
+
# By default, the `GetObject` operation returns the current version of
|
1627
|
+
# an object. To return a different version, use the `versionId`
|
1628
|
+
# subresource.
|
992
1629
|
#
|
1630
|
+
# <note markdown="1"> * If you include a `versionId` in your request header, you must have
|
1631
|
+
# the `s3:GetObjectVersion` permission to access a specific version of
|
1632
|
+
# an object. The `s3:GetObject` permission is not required in this
|
1633
|
+
# scenario.
|
993
1634
|
#
|
994
|
-
#
|
995
|
-
#
|
996
|
-
#
|
997
|
-
#
|
998
|
-
#
|
999
|
-
#
|
1635
|
+
# * If you request the current version of an object without a specific
|
1636
|
+
# `versionId` in the request header, only the `s3:GetObject`
|
1637
|
+
# permission is required. The `s3:GetObjectVersion` permission is not
|
1638
|
+
# required in this scenario.
|
1639
|
+
#
|
1640
|
+
# * **Directory buckets** - S3 Versioning isn't enabled and supported
|
1641
|
+
# for directory buckets. For this API operation, only the `null` value
|
1642
|
+
# of the version ID is supported by directory buckets. You can only
|
1643
|
+
# specify `null` to the `versionId` query parameter in the request.
|
1644
|
+
#
|
1645
|
+
# </note>
|
1646
|
+
#
|
1647
|
+
# For more information about versioning, see [PutBucketVersioning][1].
|
1648
|
+
#
|
1649
|
+
#
|
1650
|
+
#
|
1651
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html
|
1652
|
+
# @option options [String] :sse_customer_algorithm
|
1653
|
+
# Specifies the algorithm to use when decrypting the object (for
|
1654
|
+
# example, `AES256`).
|
1655
|
+
#
|
1656
|
+
# If you encrypt an object by using server-side encryption with
|
1657
|
+
# customer-provided encryption keys (SSE-C) when you store the object in
|
1658
|
+
# Amazon S3, then when you GET the object, you must use the following
|
1659
|
+
# headers:
|
1660
|
+
#
|
1661
|
+
# * `x-amz-server-side-encryption-customer-algorithm`
|
1662
|
+
#
|
1663
|
+
# * `x-amz-server-side-encryption-customer-key`
|
1664
|
+
#
|
1665
|
+
# * `x-amz-server-side-encryption-customer-key-MD5`
|
1666
|
+
#
|
1667
|
+
# For more information about SSE-C, see [Server-Side Encryption (Using
|
1668
|
+
# Customer-Provided Encryption Keys)][1] in the *Amazon S3 User Guide*.
|
1669
|
+
#
|
1670
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1671
|
+
#
|
1672
|
+
# </note>
|
1673
|
+
#
|
1674
|
+
#
|
1675
|
+
#
|
1676
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html
|
1677
|
+
# @option options [String] :sse_customer_key
|
1678
|
+
# Specifies the customer-provided encryption key that you originally
|
1679
|
+
# provided for Amazon S3 to encrypt the data before storing it. This
|
1680
|
+
# value is used to decrypt the object when recovering it and must match
|
1681
|
+
# the one used when storing the data. The key must be appropriate for
|
1682
|
+
# use with the algorithm specified in the
|
1683
|
+
# `x-amz-server-side-encryption-customer-algorithm` header.
|
1684
|
+
#
|
1685
|
+
# If you encrypt an object by using server-side encryption with
|
1686
|
+
# customer-provided encryption keys (SSE-C) when you store the object in
|
1687
|
+
# Amazon S3, then when you GET the object, you must use the following
|
1688
|
+
# headers:
|
1689
|
+
#
|
1690
|
+
# * `x-amz-server-side-encryption-customer-algorithm`
|
1691
|
+
#
|
1692
|
+
# * `x-amz-server-side-encryption-customer-key`
|
1693
|
+
#
|
1694
|
+
# * `x-amz-server-side-encryption-customer-key-MD5`
|
1695
|
+
#
|
1696
|
+
# For more information about SSE-C, see [Server-Side Encryption (Using
|
1697
|
+
# Customer-Provided Encryption Keys)][1] in the *Amazon S3 User Guide*.
|
1698
|
+
#
|
1699
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1700
|
+
#
|
1701
|
+
# </note>
|
1702
|
+
#
|
1703
|
+
#
|
1704
|
+
#
|
1705
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html
|
1706
|
+
# @option options [String] :sse_customer_key_md5
|
1707
|
+
# Specifies the 128-bit MD5 digest of the customer-provided encryption
|
1708
|
+
# key according to RFC 1321. Amazon S3 uses this header for a message
|
1709
|
+
# integrity check to ensure that the encryption key was transmitted
|
1710
|
+
# without error.
|
1711
|
+
#
|
1712
|
+
# If you encrypt an object by using server-side encryption with
|
1713
|
+
# customer-provided encryption keys (SSE-C) when you store the object in
|
1714
|
+
# Amazon S3, then when you GET the object, you must use the following
|
1715
|
+
# headers:
|
1716
|
+
#
|
1717
|
+
# * `x-amz-server-side-encryption-customer-algorithm`
|
1718
|
+
#
|
1719
|
+
# * `x-amz-server-side-encryption-customer-key`
|
1720
|
+
#
|
1721
|
+
# * `x-amz-server-side-encryption-customer-key-MD5`
|
1722
|
+
#
|
1723
|
+
# For more information about SSE-C, see [Server-Side Encryption (Using
|
1724
|
+
# Customer-Provided Encryption Keys)][1] in the *Amazon S3 User Guide*.
|
1725
|
+
#
|
1726
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1727
|
+
#
|
1728
|
+
# </note>
|
1729
|
+
#
|
1730
|
+
#
|
1731
|
+
#
|
1732
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html
|
1733
|
+
# @option options [String] :request_payer
|
1734
|
+
# Confirms that the requester knows that they will be charged for the
|
1735
|
+
# request. Bucket owners need not specify this parameter in their
|
1736
|
+
# requests. If either the source or destination S3 bucket has Requester
|
1737
|
+
# Pays enabled, the requester will pay for corresponding charges to copy
|
1738
|
+
# the object. For information about downloading objects from Requester
|
1739
|
+
# Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
|
1740
|
+
# in the *Amazon S3 User Guide*.
|
1741
|
+
#
|
1742
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1743
|
+
#
|
1744
|
+
# </note>
|
1745
|
+
#
|
1746
|
+
#
|
1747
|
+
#
|
1748
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
|
1749
|
+
# @option options [Integer] :part_number
|
1750
|
+
# Part number of the object being read. This is a positive integer
|
1751
|
+
# between 1 and 10,000. Effectively performs a 'ranged' GET request
|
1752
|
+
# for the part specified. Useful for downloading just a part of an
|
1753
|
+
# object.
|
1000
1754
|
# @option options [String] :expected_bucket_owner
|
1001
|
-
# The account ID of the expected bucket owner. If the
|
1002
|
-
#
|
1003
|
-
# Forbidden` (access denied).
|
1755
|
+
# The account ID of the expected bucket owner. If the account ID that
|
1756
|
+
# you provide does not match the actual owner of the bucket, the request
|
1757
|
+
# fails with the HTTP status code `403 Forbidden` (access denied).
|
1004
1758
|
# @option options [String] :checksum_mode
|
1005
1759
|
# To retrieve the checksum, this mode must be enabled.
|
1760
|
+
#
|
1761
|
+
# **General purpose buckets** - In addition, if you enable checksum mode
|
1762
|
+
# and the object is uploaded with a [checksum][1] and encrypted with an
|
1763
|
+
# Key Management Service (KMS) key, you must have permission to use the
|
1764
|
+
# `kms:Decrypt` action to retrieve the checksum.
|
1765
|
+
#
|
1766
|
+
#
|
1767
|
+
#
|
1768
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html
|
1006
1769
|
# @return [Types::GetObjectOutput]
|
1007
1770
|
def get(options = {}, &block)
|
1008
1771
|
options = options.merge(
|
1009
1772
|
bucket: @bucket_name,
|
1010
1773
|
key: @key
|
1011
1774
|
)
|
1012
|
-
resp = Aws::Plugins::UserAgent.
|
1775
|
+
resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
1013
1776
|
@client.get_object(options, &block)
|
1014
1777
|
end
|
1015
1778
|
resp.data
|
@@ -1033,7 +1796,7 @@ module Aws::S3
|
|
1033
1796
|
# "MetadataKey" => "MetadataValue",
|
1034
1797
|
# },
|
1035
1798
|
# server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
|
1036
|
-
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
|
1799
|
+
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
|
1037
1800
|
# website_redirect_location: "WebsiteRedirectLocation",
|
1038
1801
|
# sse_customer_algorithm: "SSECustomerAlgorithm",
|
1039
1802
|
# sse_customer_key: "SSECustomerKey",
|
@@ -1051,9 +1814,29 @@ module Aws::S3
|
|
1051
1814
|
# })
|
1052
1815
|
# @param [Hash] options ({})
|
1053
1816
|
# @option options [String] :acl
|
1054
|
-
# The canned ACL to apply to the object.
|
1817
|
+
# The canned ACL to apply to the object. Amazon S3 supports a set of
|
1818
|
+
# predefined ACLs, known as *canned ACLs*. Each canned ACL has a
|
1819
|
+
# predefined set of grantees and permissions. For more information, see
|
1820
|
+
# [Canned ACL][1] in the *Amazon S3 User Guide*.
|
1821
|
+
#
|
1822
|
+
# By default, all objects are private. Only the owner has full access
|
1823
|
+
# control. When uploading an object, you can grant access permissions to
|
1824
|
+
# individual Amazon Web Services accounts or to predefined groups
|
1825
|
+
# defined by Amazon S3. These permissions are then added to the access
|
1826
|
+
# control list (ACL) on the new object. For more information, see [Using
|
1827
|
+
# ACLs][2]. One way to grant the permissions using the request headers
|
1828
|
+
# is to specify a canned ACL with the `x-amz-acl` request header.
|
1829
|
+
#
|
1830
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
1831
|
+
#
|
1832
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
1833
|
+
#
|
1834
|
+
# </note>
|
1835
|
+
#
|
1055
1836
|
#
|
1056
|
-
#
|
1837
|
+
#
|
1838
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
|
1839
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html
|
1057
1840
|
# @option options [String] :cache_control
|
1058
1841
|
# Specifies caching behavior along the request/reply chain.
|
1059
1842
|
# @option options [String] :content_disposition
|
@@ -1062,41 +1845,334 @@ module Aws::S3
|
|
1062
1845
|
# Specifies what content encodings have been applied to the object and
|
1063
1846
|
# thus what decoding mechanisms must be applied to obtain the media-type
|
1064
1847
|
# referenced by the Content-Type header field.
|
1848
|
+
#
|
1849
|
+
# <note markdown="1"> For directory buckets, only the `aws-chunked` value is supported in
|
1850
|
+
# this header field.
|
1851
|
+
#
|
1852
|
+
# </note>
|
1065
1853
|
# @option options [String] :content_language
|
1066
|
-
# The language the content is in.
|
1854
|
+
# The language that the content is in.
|
1067
1855
|
# @option options [String] :content_type
|
1068
1856
|
# A standard MIME type describing the format of the object data.
|
1069
1857
|
# @option options [Time,DateTime,Date,Integer,String] :expires
|
1070
1858
|
# The date and time at which the object is no longer cacheable.
|
1071
1859
|
# @option options [String] :grant_full_control
|
1072
|
-
#
|
1073
|
-
# object.
|
1860
|
+
# Specify access permissions explicitly to give the grantee READ,
|
1861
|
+
# READ\_ACP, and WRITE\_ACP permissions on the object.
|
1862
|
+
#
|
1863
|
+
# By default, all objects are private. Only the owner has full access
|
1864
|
+
# control. When uploading an object, you can use this header to
|
1865
|
+
# explicitly grant access permissions to specific Amazon Web Services
|
1866
|
+
# accounts or groups. This header maps to specific permissions that
|
1867
|
+
# Amazon S3 supports in an ACL. For more information, see [Access
|
1868
|
+
# Control List (ACL) Overview][1] in the *Amazon S3 User Guide*.
|
1869
|
+
#
|
1870
|
+
# You specify each grantee as a type=value pair, where the type is one
|
1871
|
+
# of the following:
|
1872
|
+
#
|
1873
|
+
# * `id` – if the value specified is the canonical user ID of an Amazon
|
1874
|
+
# Web Services account
|
1875
|
+
#
|
1876
|
+
# * `uri` – if you are granting permissions to a predefined group
|
1074
1877
|
#
|
1075
|
-
#
|
1878
|
+
# * `emailAddress` – if the value specified is the email address of an
|
1879
|
+
# Amazon Web Services account
|
1880
|
+
#
|
1881
|
+
# <note markdown="1"> Using email addresses to specify a grantee is only supported in the
|
1882
|
+
# following Amazon Web Services Regions:
|
1883
|
+
#
|
1884
|
+
# * US East (N. Virginia)
|
1885
|
+
#
|
1886
|
+
# * US West (N. California)
|
1887
|
+
#
|
1888
|
+
# * US West (Oregon)
|
1889
|
+
#
|
1890
|
+
# * Asia Pacific (Singapore)
|
1891
|
+
#
|
1892
|
+
# * Asia Pacific (Sydney)
|
1893
|
+
#
|
1894
|
+
# * Asia Pacific (Tokyo)
|
1895
|
+
#
|
1896
|
+
# * Europe (Ireland)
|
1897
|
+
#
|
1898
|
+
# * South America (São Paulo)
|
1899
|
+
#
|
1900
|
+
# For a list of all the Amazon S3 supported Regions and endpoints, see
|
1901
|
+
# [Regions and Endpoints][2] in the Amazon Web Services General
|
1902
|
+
# Reference.
|
1903
|
+
#
|
1904
|
+
# </note>
|
1905
|
+
#
|
1906
|
+
# For example, the following `x-amz-grant-read` header grants the Amazon
|
1907
|
+
# Web Services accounts identified by account IDs permissions to read
|
1908
|
+
# object data and its metadata:
|
1909
|
+
#
|
1910
|
+
# `x-amz-grant-read: id="11112222333", id="444455556666" `
|
1911
|
+
#
|
1912
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
1913
|
+
#
|
1914
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
1915
|
+
#
|
1916
|
+
# </note>
|
1917
|
+
#
|
1918
|
+
#
|
1919
|
+
#
|
1920
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
|
1921
|
+
# [2]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
|
1076
1922
|
# @option options [String] :grant_read
|
1077
|
-
#
|
1923
|
+
# Specify access permissions explicitly to allow grantee to read the
|
1924
|
+
# object data and its metadata.
|
1925
|
+
#
|
1926
|
+
# By default, all objects are private. Only the owner has full access
|
1927
|
+
# control. When uploading an object, you can use this header to
|
1928
|
+
# explicitly grant access permissions to specific Amazon Web Services
|
1929
|
+
# accounts or groups. This header maps to specific permissions that
|
1930
|
+
# Amazon S3 supports in an ACL. For more information, see [Access
|
1931
|
+
# Control List (ACL) Overview][1] in the *Amazon S3 User Guide*.
|
1932
|
+
#
|
1933
|
+
# You specify each grantee as a type=value pair, where the type is one
|
1934
|
+
# of the following:
|
1935
|
+
#
|
1936
|
+
# * `id` – if the value specified is the canonical user ID of an Amazon
|
1937
|
+
# Web Services account
|
1938
|
+
#
|
1939
|
+
# * `uri` – if you are granting permissions to a predefined group
|
1940
|
+
#
|
1941
|
+
# * `emailAddress` – if the value specified is the email address of an
|
1942
|
+
# Amazon Web Services account
|
1078
1943
|
#
|
1079
|
-
#
|
1944
|
+
# <note markdown="1"> Using email addresses to specify a grantee is only supported in the
|
1945
|
+
# following Amazon Web Services Regions:
|
1946
|
+
#
|
1947
|
+
# * US East (N. Virginia)
|
1948
|
+
#
|
1949
|
+
# * US West (N. California)
|
1950
|
+
#
|
1951
|
+
# * US West (Oregon)
|
1952
|
+
#
|
1953
|
+
# * Asia Pacific (Singapore)
|
1954
|
+
#
|
1955
|
+
# * Asia Pacific (Sydney)
|
1956
|
+
#
|
1957
|
+
# * Asia Pacific (Tokyo)
|
1958
|
+
#
|
1959
|
+
# * Europe (Ireland)
|
1960
|
+
#
|
1961
|
+
# * South America (São Paulo)
|
1962
|
+
#
|
1963
|
+
# For a list of all the Amazon S3 supported Regions and endpoints, see
|
1964
|
+
# [Regions and Endpoints][2] in the Amazon Web Services General
|
1965
|
+
# Reference.
|
1966
|
+
#
|
1967
|
+
# </note>
|
1968
|
+
#
|
1969
|
+
# For example, the following `x-amz-grant-read` header grants the Amazon
|
1970
|
+
# Web Services accounts identified by account IDs permissions to read
|
1971
|
+
# object data and its metadata:
|
1972
|
+
#
|
1973
|
+
# `x-amz-grant-read: id="11112222333", id="444455556666" `
|
1974
|
+
#
|
1975
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
1976
|
+
#
|
1977
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
1978
|
+
#
|
1979
|
+
# </note>
|
1980
|
+
#
|
1981
|
+
#
|
1982
|
+
#
|
1983
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
|
1984
|
+
# [2]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
|
1080
1985
|
# @option options [String] :grant_read_acp
|
1081
|
-
#
|
1986
|
+
# Specify access permissions explicitly to allows grantee to read the
|
1987
|
+
# object ACL.
|
1988
|
+
#
|
1989
|
+
# By default, all objects are private. Only the owner has full access
|
1990
|
+
# control. When uploading an object, you can use this header to
|
1991
|
+
# explicitly grant access permissions to specific Amazon Web Services
|
1992
|
+
# accounts or groups. This header maps to specific permissions that
|
1993
|
+
# Amazon S3 supports in an ACL. For more information, see [Access
|
1994
|
+
# Control List (ACL) Overview][1] in the *Amazon S3 User Guide*.
|
1995
|
+
#
|
1996
|
+
# You specify each grantee as a type=value pair, where the type is one
|
1997
|
+
# of the following:
|
1998
|
+
#
|
1999
|
+
# * `id` – if the value specified is the canonical user ID of an Amazon
|
2000
|
+
# Web Services account
|
2001
|
+
#
|
2002
|
+
# * `uri` – if you are granting permissions to a predefined group
|
2003
|
+
#
|
2004
|
+
# * `emailAddress` – if the value specified is the email address of an
|
2005
|
+
# Amazon Web Services account
|
2006
|
+
#
|
2007
|
+
# <note markdown="1"> Using email addresses to specify a grantee is only supported in the
|
2008
|
+
# following Amazon Web Services Regions:
|
2009
|
+
#
|
2010
|
+
# * US East (N. Virginia)
|
1082
2011
|
#
|
1083
|
-
#
|
2012
|
+
# * US West (N. California)
|
2013
|
+
#
|
2014
|
+
# * US West (Oregon)
|
2015
|
+
#
|
2016
|
+
# * Asia Pacific (Singapore)
|
2017
|
+
#
|
2018
|
+
# * Asia Pacific (Sydney)
|
2019
|
+
#
|
2020
|
+
# * Asia Pacific (Tokyo)
|
2021
|
+
#
|
2022
|
+
# * Europe (Ireland)
|
2023
|
+
#
|
2024
|
+
# * South America (São Paulo)
|
2025
|
+
#
|
2026
|
+
# For a list of all the Amazon S3 supported Regions and endpoints, see
|
2027
|
+
# [Regions and Endpoints][2] in the Amazon Web Services General
|
2028
|
+
# Reference.
|
2029
|
+
#
|
2030
|
+
# </note>
|
2031
|
+
#
|
2032
|
+
# For example, the following `x-amz-grant-read` header grants the Amazon
|
2033
|
+
# Web Services accounts identified by account IDs permissions to read
|
2034
|
+
# object data and its metadata:
|
2035
|
+
#
|
2036
|
+
# `x-amz-grant-read: id="11112222333", id="444455556666" `
|
2037
|
+
#
|
2038
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
2039
|
+
#
|
2040
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
2041
|
+
#
|
2042
|
+
# </note>
|
2043
|
+
#
|
2044
|
+
#
|
2045
|
+
#
|
2046
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
|
2047
|
+
# [2]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
|
1084
2048
|
# @option options [String] :grant_write_acp
|
1085
|
-
#
|
2049
|
+
# Specify access permissions explicitly to allows grantee to allow
|
2050
|
+
# grantee to write the ACL for the applicable object.
|
2051
|
+
#
|
2052
|
+
# By default, all objects are private. Only the owner has full access
|
2053
|
+
# control. When uploading an object, you can use this header to
|
2054
|
+
# explicitly grant access permissions to specific Amazon Web Services
|
2055
|
+
# accounts or groups. This header maps to specific permissions that
|
2056
|
+
# Amazon S3 supports in an ACL. For more information, see [Access
|
2057
|
+
# Control List (ACL) Overview][1] in the *Amazon S3 User Guide*.
|
2058
|
+
#
|
2059
|
+
# You specify each grantee as a type=value pair, where the type is one
|
2060
|
+
# of the following:
|
2061
|
+
#
|
2062
|
+
# * `id` – if the value specified is the canonical user ID of an Amazon
|
2063
|
+
# Web Services account
|
2064
|
+
#
|
2065
|
+
# * `uri` – if you are granting permissions to a predefined group
|
2066
|
+
#
|
2067
|
+
# * `emailAddress` – if the value specified is the email address of an
|
2068
|
+
# Amazon Web Services account
|
2069
|
+
#
|
2070
|
+
# <note markdown="1"> Using email addresses to specify a grantee is only supported in the
|
2071
|
+
# following Amazon Web Services Regions:
|
2072
|
+
#
|
2073
|
+
# * US East (N. Virginia)
|
2074
|
+
#
|
2075
|
+
# * US West (N. California)
|
1086
2076
|
#
|
1087
|
-
#
|
2077
|
+
# * US West (Oregon)
|
2078
|
+
#
|
2079
|
+
# * Asia Pacific (Singapore)
|
2080
|
+
#
|
2081
|
+
# * Asia Pacific (Sydney)
|
2082
|
+
#
|
2083
|
+
# * Asia Pacific (Tokyo)
|
2084
|
+
#
|
2085
|
+
# * Europe (Ireland)
|
2086
|
+
#
|
2087
|
+
# * South America (São Paulo)
|
2088
|
+
#
|
2089
|
+
# For a list of all the Amazon S3 supported Regions and endpoints, see
|
2090
|
+
# [Regions and Endpoints][2] in the Amazon Web Services General
|
2091
|
+
# Reference.
|
2092
|
+
#
|
2093
|
+
# </note>
|
2094
|
+
#
|
2095
|
+
# For example, the following `x-amz-grant-read` header grants the Amazon
|
2096
|
+
# Web Services accounts identified by account IDs permissions to read
|
2097
|
+
# object data and its metadata:
|
2098
|
+
#
|
2099
|
+
# `x-amz-grant-read: id="11112222333", id="444455556666" `
|
2100
|
+
#
|
2101
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
2102
|
+
#
|
2103
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
2104
|
+
#
|
2105
|
+
# </note>
|
2106
|
+
#
|
2107
|
+
#
|
2108
|
+
#
|
2109
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
|
2110
|
+
# [2]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
|
1088
2111
|
# @option options [Hash<String,String>] :metadata
|
1089
2112
|
# A map of metadata to store with the object in S3.
|
1090
2113
|
# @option options [String] :server_side_encryption
|
1091
|
-
# The server-side encryption algorithm used when
|
1092
|
-
# Amazon S3 (for example, `AES256`, `aws:kms`).
|
2114
|
+
# The server-side encryption algorithm used when you store this object
|
2115
|
+
# in Amazon S3 (for example, `AES256`, `aws:kms`).
|
2116
|
+
#
|
2117
|
+
# * <b>Directory buckets </b> - For directory buckets, there are only
|
2118
|
+
# two supported options for server-side encryption: server-side
|
2119
|
+
# encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and
|
2120
|
+
# server-side encryption with KMS keys (SSE-KMS) (`aws:kms`). We
|
2121
|
+
# recommend that the bucket's default encryption uses the desired
|
2122
|
+
# encryption configuration and you don't override the bucket default
|
2123
|
+
# encryption in your `CreateSession` requests or `PUT` object
|
2124
|
+
# requests. Then, new objects are automatically encrypted with the
|
2125
|
+
# desired encryption settings. For more information, see [Protecting
|
2126
|
+
# data with server-side encryption][1] in the *Amazon S3 User Guide*.
|
2127
|
+
# For more information about the encryption overriding behaviors in
|
2128
|
+
# directory buckets, see [Specifying server-side encryption with KMS
|
2129
|
+
# for new object uploads][2].
|
2130
|
+
#
|
2131
|
+
# In the Zonal endpoint API calls (except [CopyObject][3] and
|
2132
|
+
# [UploadPartCopy][4]) using the REST API, the encryption request
|
2133
|
+
# headers must match the encryption settings that are specified in the
|
2134
|
+
# `CreateSession` request. You can't override the values of the
|
2135
|
+
# encryption settings (`x-amz-server-side-encryption`,
|
2136
|
+
# `x-amz-server-side-encryption-aws-kms-key-id`,
|
2137
|
+
# `x-amz-server-side-encryption-context`, and
|
2138
|
+
# `x-amz-server-side-encryption-bucket-key-enabled`) that are
|
2139
|
+
# specified in the `CreateSession` request. You don't need to
|
2140
|
+
# explicitly specify these encryption settings values in Zonal
|
2141
|
+
# endpoint API calls, and Amazon S3 will use the encryption settings
|
2142
|
+
# values from the `CreateSession` request to protect new objects in
|
2143
|
+
# the directory bucket.
|
2144
|
+
#
|
2145
|
+
# <note markdown="1"> When you use the CLI or the Amazon Web Services SDKs, for
|
2146
|
+
# `CreateSession`, the session token refreshes automatically to avoid
|
2147
|
+
# service interruptions when a session expires. The CLI or the Amazon
|
2148
|
+
# Web Services SDKs use the bucket's default encryption configuration
|
2149
|
+
# for the `CreateSession` request. It's not supported to override the
|
2150
|
+
# encryption settings values in the `CreateSession` request. So in the
|
2151
|
+
# Zonal endpoint API calls (except [CopyObject][3] and
|
2152
|
+
# [UploadPartCopy][4]), the encryption request headers must match the
|
2153
|
+
# default encryption configuration of the directory bucket.
|
2154
|
+
#
|
2155
|
+
# </note>
|
2156
|
+
#
|
2157
|
+
#
|
2158
|
+
#
|
2159
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html
|
2160
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html
|
2161
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
|
2162
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html
|
1093
2163
|
# @option options [String] :storage_class
|
1094
2164
|
# By default, Amazon S3 uses the STANDARD Storage Class to store newly
|
1095
2165
|
# created objects. The STANDARD storage class provides high durability
|
1096
2166
|
# and high availability. Depending on performance needs, you can specify
|
1097
|
-
# a different Storage Class.
|
1098
|
-
#
|
1099
|
-
#
|
2167
|
+
# a different Storage Class. For more information, see [Storage
|
2168
|
+
# Classes][1] in the *Amazon S3 User Guide*.
|
2169
|
+
#
|
2170
|
+
# <note markdown="1"> * For directory buckets, only the S3 Express One Zone storage class is
|
2171
|
+
# supported to store newly created objects.
|
2172
|
+
#
|
2173
|
+
# * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
|
2174
|
+
#
|
2175
|
+
# </note>
|
1100
2176
|
#
|
1101
2177
|
#
|
1102
2178
|
#
|
@@ -1105,51 +2181,117 @@ module Aws::S3
|
|
1105
2181
|
# If the bucket is configured as a website, redirects requests for this
|
1106
2182
|
# object to another object in the same bucket or to an external URL.
|
1107
2183
|
# Amazon S3 stores the value of this header in the object metadata.
|
2184
|
+
#
|
2185
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2186
|
+
#
|
2187
|
+
# </note>
|
1108
2188
|
# @option options [String] :sse_customer_algorithm
|
1109
|
-
# Specifies the algorithm to use
|
2189
|
+
# Specifies the algorithm to use when encrypting the object (for
|
1110
2190
|
# example, AES256).
|
2191
|
+
#
|
2192
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2193
|
+
#
|
2194
|
+
# </note>
|
1111
2195
|
# @option options [String] :sse_customer_key
|
1112
2196
|
# Specifies the customer-provided encryption key for Amazon S3 to use in
|
1113
2197
|
# encrypting data. This value is used to store the object and then it is
|
1114
2198
|
# discarded; Amazon S3 does not store the encryption key. The key must
|
1115
2199
|
# be appropriate for use with the algorithm specified in the
|
1116
2200
|
# `x-amz-server-side-encryption-customer-algorithm` header.
|
1117
|
-
# @option options [String] :sse_customer_key_md5
|
1118
|
-
# Specifies the 128-bit MD5 digest of the encryption key according to
|
1119
|
-
# RFC 1321. Amazon S3 uses this header for a message integrity check to
|
1120
|
-
# ensure that the encryption key was transmitted without error.
|
1121
|
-
# @option options [String] :ssekms_key_id
|
1122
|
-
# Specifies the ID (Key ID, Key ARN, or Key Alias) of the symmetric
|
1123
|
-
# encryption customer managed key to use for object encryption. All GET
|
1124
|
-
# and PUT requests for an object protected by KMS will fail if they're
|
1125
|
-
# not made via SSL or using SigV4. For information about configuring any
|
1126
|
-
# of the officially supported Amazon Web Services SDKs and Amazon Web
|
1127
|
-
# Services CLI, see [Specifying the Signature Version in Request
|
1128
|
-
# Authentication][1] in the *Amazon S3 User Guide*.
|
1129
2201
|
#
|
2202
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
1130
2203
|
#
|
2204
|
+
# </note>
|
2205
|
+
# @option options [String] :sse_customer_key_md5
|
2206
|
+
# Specifies the 128-bit MD5 digest of the customer-provided encryption
|
2207
|
+
# key according to RFC 1321. Amazon S3 uses this header for a message
|
2208
|
+
# integrity check to ensure that the encryption key was transmitted
|
2209
|
+
# without error.
|
1131
2210
|
#
|
1132
|
-
#
|
2211
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2212
|
+
#
|
2213
|
+
# </note>
|
2214
|
+
# @option options [String] :ssekms_key_id
|
2215
|
+
# Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for
|
2216
|
+
# object encryption. If the KMS key doesn't exist in the same account
|
2217
|
+
# that's issuing the command, you must use the full Key ARN not the Key
|
2218
|
+
# ID.
|
2219
|
+
#
|
2220
|
+
# **General purpose buckets** - If you specify
|
2221
|
+
# `x-amz-server-side-encryption` with `aws:kms` or `aws:kms:dsse`, this
|
2222
|
+
# header specifies the ID (Key ID, Key ARN, or Key Alias) of the KMS key
|
2223
|
+
# to use. If you specify `x-amz-server-side-encryption:aws:kms` or
|
2224
|
+
# `x-amz-server-side-encryption:aws:kms:dsse`, but do not provide
|
2225
|
+
# `x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
|
2226
|
+
# Amazon Web Services managed key (`aws/s3`) to protect the data.
|
2227
|
+
#
|
2228
|
+
# **Directory buckets** - If you specify `x-amz-server-side-encryption`
|
2229
|
+
# with `aws:kms`, the ` x-amz-server-side-encryption-aws-kms-key-id`
|
2230
|
+
# header is implicitly assigned the ID of the KMS symmetric encryption
|
2231
|
+
# customer managed key that's configured for your directory bucket's
|
2232
|
+
# default encryption setting. If you want to specify the `
|
2233
|
+
# x-amz-server-side-encryption-aws-kms-key-id` header explicitly, you
|
2234
|
+
# can only specify it with the ID (Key ID or Key ARN) of the KMS
|
2235
|
+
# customer managed key that's configured for your directory bucket's
|
2236
|
+
# default encryption setting. Otherwise, you get an HTTP `400 Bad
|
2237
|
+
# Request` error. Only use the key ID or key ARN. The key alias format
|
2238
|
+
# of the KMS key isn't supported. Your SSE-KMS configuration can only
|
2239
|
+
# support 1 [customer managed key][1] per directory bucket for the
|
2240
|
+
# lifetime of the bucket. The [Amazon Web Services managed key][2]
|
2241
|
+
# (`aws/s3`) isn't supported.
|
2242
|
+
#
|
2243
|
+
#
|
2244
|
+
#
|
2245
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
|
2246
|
+
# [2]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
|
1133
2247
|
# @option options [String] :ssekms_encryption_context
|
1134
2248
|
# Specifies the Amazon Web Services KMS Encryption Context to use for
|
1135
|
-
# object encryption. The value of this header is a
|
1136
|
-
#
|
2249
|
+
# object encryption. The value of this header is a Base64-encoded string
|
2250
|
+
# of a UTF-8 encoded JSON, which contains the encryption context as
|
2251
|
+
# key-value pairs.
|
2252
|
+
#
|
2253
|
+
# **Directory buckets** - You can optionally provide an explicit
|
2254
|
+
# encryption context value. The value must match the default encryption
|
2255
|
+
# context - the bucket Amazon Resource Name (ARN). An additional
|
2256
|
+
# encryption context value is not supported.
|
1137
2257
|
# @option options [Boolean] :bucket_key_enabled
|
1138
2258
|
# Specifies whether Amazon S3 should use an S3 Bucket Key for object
|
1139
2259
|
# encryption with server-side encryption using Key Management Service
|
1140
|
-
# (KMS) keys (SSE-KMS).
|
1141
|
-
# to use an S3 Bucket Key for object encryption with SSE-KMS.
|
2260
|
+
# (KMS) keys (SSE-KMS).
|
1142
2261
|
#
|
1143
|
-
#
|
2262
|
+
# **General purpose buckets** - Setting this header to `true` causes
|
2263
|
+
# Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.
|
2264
|
+
# Also, specifying this header with a PUT action doesn't affect
|
1144
2265
|
# bucket-level settings for S3 Bucket Key.
|
2266
|
+
#
|
2267
|
+
# **Directory buckets** - S3 Bucket Keys are always enabled for `GET`
|
2268
|
+
# and `PUT` operations in a directory bucket and can’t be disabled. S3
|
2269
|
+
# Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects
|
2270
|
+
# from general purpose buckets to directory buckets, from directory
|
2271
|
+
# buckets to general purpose buckets, or between directory buckets,
|
2272
|
+
# through [CopyObject][1], [UploadPartCopy][2], [the Copy operation in
|
2273
|
+
# Batch Operations][3], or [the import jobs][4]. In this case, Amazon S3
|
2274
|
+
# makes a call to KMS every time a copy request is made for a
|
2275
|
+
# KMS-encrypted object.
|
2276
|
+
#
|
2277
|
+
#
|
2278
|
+
#
|
2279
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
|
2280
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html
|
2281
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops
|
2282
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job
|
1145
2283
|
# @option options [String] :request_payer
|
1146
2284
|
# Confirms that the requester knows that they will be charged for the
|
1147
2285
|
# request. Bucket owners need not specify this parameter in their
|
1148
|
-
# requests. If either the source or destination
|
1149
|
-
#
|
1150
|
-
#
|
1151
|
-
#
|
1152
|
-
#
|
2286
|
+
# requests. If either the source or destination S3 bucket has Requester
|
2287
|
+
# Pays enabled, the requester will pay for corresponding charges to copy
|
2288
|
+
# the object. For information about downloading objects from Requester
|
2289
|
+
# Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
|
2290
|
+
# in the *Amazon S3 User Guide*.
|
2291
|
+
#
|
2292
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2293
|
+
#
|
2294
|
+
# </note>
|
1153
2295
|
#
|
1154
2296
|
#
|
1155
2297
|
#
|
@@ -1157,20 +2299,36 @@ module Aws::S3
|
|
1157
2299
|
# @option options [String] :tagging
|
1158
2300
|
# The tag-set for the object. The tag-set must be encoded as URL Query
|
1159
2301
|
# parameters.
|
2302
|
+
#
|
2303
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2304
|
+
#
|
2305
|
+
# </note>
|
1160
2306
|
# @option options [String] :object_lock_mode
|
1161
2307
|
# Specifies the Object Lock mode that you want to apply to the uploaded
|
1162
2308
|
# object.
|
2309
|
+
#
|
2310
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2311
|
+
#
|
2312
|
+
# </note>
|
1163
2313
|
# @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
|
1164
2314
|
# Specifies the date and time when you want the Object Lock to expire.
|
2315
|
+
#
|
2316
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2317
|
+
#
|
2318
|
+
# </note>
|
1165
2319
|
# @option options [String] :object_lock_legal_hold_status
|
1166
2320
|
# Specifies whether you want to apply a legal hold to the uploaded
|
1167
2321
|
# object.
|
2322
|
+
#
|
2323
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2324
|
+
#
|
2325
|
+
# </note>
|
1168
2326
|
# @option options [String] :expected_bucket_owner
|
1169
|
-
# The account ID of the expected bucket owner. If the
|
1170
|
-
#
|
1171
|
-
# Forbidden` (access denied).
|
2327
|
+
# The account ID of the expected bucket owner. If the account ID that
|
2328
|
+
# you provide does not match the actual owner of the bucket, the request
|
2329
|
+
# fails with the HTTP status code `403 Forbidden` (access denied).
|
1172
2330
|
# @option options [String] :checksum_algorithm
|
1173
|
-
# Indicates the algorithm you want Amazon S3 to use to create the
|
2331
|
+
# Indicates the algorithm that you want Amazon S3 to use to create the
|
1174
2332
|
# checksum for the object. For more information, see [Checking object
|
1175
2333
|
# integrity][1] in the *Amazon S3 User Guide*.
|
1176
2334
|
#
|
@@ -1183,7 +2341,7 @@ module Aws::S3
|
|
1183
2341
|
bucket: @bucket_name,
|
1184
2342
|
key: @key
|
1185
2343
|
)
|
1186
|
-
resp = Aws::Plugins::UserAgent.
|
2344
|
+
resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
1187
2345
|
@client.create_multipart_upload(options)
|
1188
2346
|
end
|
1189
2347
|
MultipartUpload.new(
|
@@ -1212,15 +2370,18 @@ module Aws::S3
|
|
1212
2370
|
# checksum_sha1: "ChecksumSHA1",
|
1213
2371
|
# checksum_sha256: "ChecksumSHA256",
|
1214
2372
|
# expires: Time.now,
|
2373
|
+
# if_match: "IfMatch",
|
2374
|
+
# if_none_match: "IfNoneMatch",
|
1215
2375
|
# grant_full_control: "GrantFullControl",
|
1216
2376
|
# grant_read: "GrantRead",
|
1217
2377
|
# grant_read_acp: "GrantReadACP",
|
1218
2378
|
# grant_write_acp: "GrantWriteACP",
|
2379
|
+
# write_offset_bytes: 1,
|
1219
2380
|
# metadata: {
|
1220
2381
|
# "MetadataKey" => "MetadataValue",
|
1221
2382
|
# },
|
1222
2383
|
# server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
|
1223
|
-
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
|
2384
|
+
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
|
1224
2385
|
# website_redirect_location: "WebsiteRedirectLocation",
|
1225
2386
|
# sse_customer_algorithm: "SSECustomerAlgorithm",
|
1226
2387
|
# sse_customer_key: "SSECustomerKey",
|
@@ -1238,13 +2399,41 @@ module Aws::S3
|
|
1238
2399
|
# @param [Hash] options ({})
|
1239
2400
|
# @option options [String] :acl
|
1240
2401
|
# The canned ACL to apply to the object. For more information, see
|
1241
|
-
# [Canned ACL][1]
|
2402
|
+
# [Canned ACL][1] in the *Amazon S3 User Guide*.
|
2403
|
+
#
|
2404
|
+
# When adding a new object, you can use headers to grant ACL-based
|
2405
|
+
# permissions to individual Amazon Web Services accounts or to
|
2406
|
+
# predefined groups defined by Amazon S3. These permissions are then
|
2407
|
+
# added to the ACL on the object. By default, all objects are private.
|
2408
|
+
# Only the owner has full access control. For more information, see
|
2409
|
+
# [Access Control List (ACL) Overview][2] and [Managing ACLs Using the
|
2410
|
+
# REST API][3] in the *Amazon S3 User Guide*.
|
2411
|
+
#
|
2412
|
+
# If the bucket that you're uploading objects to uses the bucket owner
|
2413
|
+
# enforced setting for S3 Object Ownership, ACLs are disabled and no
|
2414
|
+
# longer affect permissions. Buckets that use this setting only accept
|
2415
|
+
# PUT requests that don't specify an ACL or PUT requests that specify
|
2416
|
+
# bucket owner full control ACLs, such as the
|
2417
|
+
# `bucket-owner-full-control` canned ACL or an equivalent form of this
|
2418
|
+
# ACL expressed in the XML format. PUT requests that contain other ACLs
|
2419
|
+
# (for example, custom grants to certain Amazon Web Services accounts)
|
2420
|
+
# fail and return a `400` error with the error code
|
2421
|
+
# `AccessControlListNotSupported`. For more information, see [
|
2422
|
+
# Controlling ownership of objects and disabling ACLs][4] in the *Amazon
|
2423
|
+
# S3 User Guide*.
|
2424
|
+
#
|
2425
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
2426
|
+
#
|
2427
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
1242
2428
|
#
|
1243
|
-
#
|
2429
|
+
# </note>
|
1244
2430
|
#
|
1245
2431
|
#
|
1246
2432
|
#
|
1247
2433
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
|
2434
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
|
2435
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html
|
2436
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
|
1248
2437
|
# @option options [String, StringIO, File] :body
|
1249
2438
|
# Object data.
|
1250
2439
|
# @option options [String] :cache_control
|
@@ -1291,9 +2480,22 @@ module Aws::S3
|
|
1291
2480
|
# information about REST request authentication, see [REST
|
1292
2481
|
# Authentication][1].
|
1293
2482
|
#
|
2483
|
+
# <note markdown="1"> The `Content-MD5` or `x-amz-sdk-checksum-algorithm` header is required
|
2484
|
+
# for any request to upload an object with a retention period configured
|
2485
|
+
# using Amazon S3 Object Lock. For more information, see [Uploading
|
2486
|
+
# objects to an Object Lock enabled bucket ][2] in the *Amazon S3 User
|
2487
|
+
# Guide*.
|
2488
|
+
#
|
2489
|
+
# </note>
|
2490
|
+
#
|
2491
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2492
|
+
#
|
2493
|
+
# </note>
|
2494
|
+
#
|
1294
2495
|
#
|
1295
2496
|
#
|
1296
2497
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html
|
2498
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-put-object
|
1297
2499
|
# @option options [String] :content_type
|
1298
2500
|
# A standard MIME type describing the format of the contents. For more
|
1299
2501
|
# information, see
|
@@ -1304,25 +2506,53 @@ module Aws::S3
|
|
1304
2506
|
# [1]: https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type
|
1305
2507
|
# @option options [String] :checksum_algorithm
|
1306
2508
|
# Indicates the algorithm used to create the checksum for the object
|
1307
|
-
# when
|
1308
|
-
# functionality if
|
1309
|
-
# must be a corresponding `x-amz-checksum` or
|
1310
|
-
# sent. Otherwise, Amazon S3 fails the request
|
1311
|
-
# `400 Bad Request`.
|
1312
|
-
# integrity][1] in the *Amazon S3 User Guide*.
|
2509
|
+
# when you use the SDK. This header will not provide any additional
|
2510
|
+
# functionality if you don't use the SDK. When you send this header,
|
2511
|
+
# there must be a corresponding `x-amz-checksum-algorithm ` or
|
2512
|
+
# `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request
|
2513
|
+
# with the HTTP status code `400 Bad Request`.
|
1313
2514
|
#
|
1314
|
-
#
|
1315
|
-
#
|
2515
|
+
# For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with
|
2516
|
+
# the supported algorithm from the following list:
|
2517
|
+
#
|
2518
|
+
# * `CRC32`
|
2519
|
+
#
|
2520
|
+
# * `CRC32C`
|
2521
|
+
#
|
2522
|
+
# * `SHA1`
|
2523
|
+
#
|
2524
|
+
# * `SHA256`
|
2525
|
+
#
|
2526
|
+
# For more information, see [Checking object integrity][1] in the
|
2527
|
+
# *Amazon S3 User Guide*.
|
2528
|
+
#
|
2529
|
+
# If the individual checksum value you provide through
|
2530
|
+
# `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
|
2531
|
+
# set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
|
2532
|
+
# provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
|
2533
|
+
# that matches the provided value in `x-amz-checksum-algorithm `.
|
2534
|
+
#
|
2535
|
+
# <note markdown="1"> The `Content-MD5` or `x-amz-sdk-checksum-algorithm` header is required
|
2536
|
+
# for any request to upload an object with a retention period configured
|
2537
|
+
# using Amazon S3 Object Lock. For more information, see [Uploading
|
2538
|
+
# objects to an Object Lock enabled bucket ][2] in the *Amazon S3 User
|
2539
|
+
# Guide*.
|
2540
|
+
#
|
2541
|
+
# </note>
|
2542
|
+
#
|
2543
|
+
# For directory buckets, when you use Amazon Web Services SDKs, `CRC32`
|
2544
|
+
# is the default checksum algorithm that's used for performance.
|
1316
2545
|
#
|
1317
2546
|
#
|
1318
2547
|
#
|
1319
2548
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
|
2549
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-managing.html#object-lock-put-object
|
1320
2550
|
# @option options [String] :checksum_crc32
|
1321
2551
|
# This header can be used as a data integrity check to verify that the
|
1322
2552
|
# data received is the same data that was originally sent. This header
|
1323
|
-
# specifies the base64-encoded, 32-bit
|
1324
|
-
# more information, see [Checking object integrity][1] in the
|
1325
|
-
# User Guide*.
|
2553
|
+
# specifies the base64-encoded, 32-bit CRC-32 checksum of the object.
|
2554
|
+
# For more information, see [Checking object integrity][1] in the
|
2555
|
+
# *Amazon S3 User Guide*.
|
1326
2556
|
#
|
1327
2557
|
#
|
1328
2558
|
#
|
@@ -1330,7 +2560,7 @@ module Aws::S3
|
|
1330
2560
|
# @option options [String] :checksum_crc32c
|
1331
2561
|
# This header can be used as a data integrity check to verify that the
|
1332
2562
|
# data received is the same data that was originally sent. This header
|
1333
|
-
# specifies the base64-encoded, 32-bit
|
2563
|
+
# specifies the base64-encoded, 32-bit CRC-32C checksum of the object.
|
1334
2564
|
# For more information, see [Checking object integrity][1] in the
|
1335
2565
|
# *Amazon S3 User Guide*.
|
1336
2566
|
#
|
@@ -1365,35 +2595,165 @@ module Aws::S3
|
|
1365
2595
|
#
|
1366
2596
|
#
|
1367
2597
|
# [1]: https://www.rfc-editor.org/rfc/rfc7234#section-5.3
|
2598
|
+
# @option options [String] :if_match
|
2599
|
+
# Uploads the object only if the ETag (entity tag) value provided during
|
2600
|
+
# the WRITE operation matches the ETag of the object in S3. If the ETag
|
2601
|
+
# values do not match, the operation returns a `412 Precondition Failed`
|
2602
|
+
# error.
|
2603
|
+
#
|
2604
|
+
# If a conflicting operation occurs during the upload S3 returns a `409
|
2605
|
+
# ConditionalRequestConflict` response. On a 409 failure you should
|
2606
|
+
# fetch the object's ETag and retry the upload.
|
2607
|
+
#
|
2608
|
+
# Expects the ETag value as a string.
|
2609
|
+
#
|
2610
|
+
# For more information about conditional requests, see [RFC 7232][1], or
|
2611
|
+
# [Conditional requests][2] in the *Amazon S3 User Guide*.
|
2612
|
+
#
|
2613
|
+
#
|
2614
|
+
#
|
2615
|
+
# [1]: https://tools.ietf.org/html/rfc7232
|
2616
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html
|
2617
|
+
# @option options [String] :if_none_match
|
2618
|
+
# Uploads the object only if the object key name does not already exist
|
2619
|
+
# in the bucket specified. Otherwise, Amazon S3 returns a `412
|
2620
|
+
# Precondition Failed` error.
|
2621
|
+
#
|
2622
|
+
# If a conflicting operation occurs during the upload S3 returns a `409
|
2623
|
+
# ConditionalRequestConflict` response. On a 409 failure you should
|
2624
|
+
# retry the upload.
|
2625
|
+
#
|
2626
|
+
# Expects the '*' (asterisk) character.
|
2627
|
+
#
|
2628
|
+
# For more information about conditional requests, see [RFC 7232][1], or
|
2629
|
+
# [Conditional requests][2] in the *Amazon S3 User Guide*.
|
2630
|
+
#
|
2631
|
+
#
|
2632
|
+
#
|
2633
|
+
# [1]: https://tools.ietf.org/html/rfc7232
|
2634
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html
|
1368
2635
|
# @option options [String] :grant_full_control
|
1369
2636
|
# Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
|
1370
2637
|
# object.
|
1371
2638
|
#
|
1372
|
-
# This
|
2639
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
2640
|
+
#
|
2641
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
2642
|
+
#
|
2643
|
+
# </note>
|
1373
2644
|
# @option options [String] :grant_read
|
1374
2645
|
# Allows grantee to read the object data and its metadata.
|
1375
2646
|
#
|
1376
|
-
# This
|
2647
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
2648
|
+
#
|
2649
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
2650
|
+
#
|
2651
|
+
# </note>
|
1377
2652
|
# @option options [String] :grant_read_acp
|
1378
2653
|
# Allows grantee to read the object ACL.
|
1379
2654
|
#
|
1380
|
-
# This
|
2655
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
2656
|
+
#
|
2657
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
2658
|
+
#
|
2659
|
+
# </note>
|
1381
2660
|
# @option options [String] :grant_write_acp
|
1382
2661
|
# Allows grantee to write the ACL for the applicable object.
|
1383
2662
|
#
|
1384
|
-
# This
|
2663
|
+
# <note markdown="1"> * This functionality is not supported for directory buckets.
|
2664
|
+
#
|
2665
|
+
# * This functionality is not supported for Amazon S3 on Outposts.
|
2666
|
+
#
|
2667
|
+
# </note>
|
2668
|
+
# @option options [Integer] :write_offset_bytes
|
2669
|
+
# Specifies the offset for appending data to existing objects in bytes.
|
2670
|
+
# The offset must be equal to the size of the existing object being
|
2671
|
+
# appended to. If no object exists, setting this header to 0 will create
|
2672
|
+
# a new object.
|
2673
|
+
#
|
2674
|
+
# <note markdown="1"> This functionality is only supported for objects in the Amazon S3
|
2675
|
+
# Express One Zone storage class in directory buckets.
|
2676
|
+
#
|
2677
|
+
# </note>
|
1385
2678
|
# @option options [Hash<String,String>] :metadata
|
1386
2679
|
# A map of metadata to store with the object in S3.
|
1387
2680
|
# @option options [String] :server_side_encryption
|
1388
|
-
# The server-side encryption algorithm used when
|
1389
|
-
# Amazon S3 (for example, `AES256`, `aws:kms`,
|
2681
|
+
# The server-side encryption algorithm that was used when you store this
|
2682
|
+
# object in Amazon S3 (for example, `AES256`, `aws:kms`,
|
2683
|
+
# `aws:kms:dsse`).
|
2684
|
+
#
|
2685
|
+
# * <b>General purpose buckets </b> - You have four mutually exclusive
|
2686
|
+
# options to protect data using server-side encryption in Amazon S3,
|
2687
|
+
# depending on how you choose to manage the encryption keys.
|
2688
|
+
# Specifically, the encryption key options are Amazon S3 managed keys
|
2689
|
+
# (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), and
|
2690
|
+
# customer-provided keys (SSE-C). Amazon S3 encrypts data with
|
2691
|
+
# server-side encryption by using Amazon S3 managed keys (SSE-S3) by
|
2692
|
+
# default. You can optionally tell Amazon S3 to encrypt data at rest
|
2693
|
+
# by using server-side encryption with other key options. For more
|
2694
|
+
# information, see [Using Server-Side Encryption][1] in the *Amazon S3
|
2695
|
+
# User Guide*.
|
2696
|
+
#
|
2697
|
+
# * <b>Directory buckets </b> - For directory buckets, there are only
|
2698
|
+
# two supported options for server-side encryption: server-side
|
2699
|
+
# encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and
|
2700
|
+
# server-side encryption with KMS keys (SSE-KMS) (`aws:kms`). We
|
2701
|
+
# recommend that the bucket's default encryption uses the desired
|
2702
|
+
# encryption configuration and you don't override the bucket default
|
2703
|
+
# encryption in your `CreateSession` requests or `PUT` object
|
2704
|
+
# requests. Then, new objects are automatically encrypted with the
|
2705
|
+
# desired encryption settings. For more information, see [Protecting
|
2706
|
+
# data with server-side encryption][2] in the *Amazon S3 User Guide*.
|
2707
|
+
# For more information about the encryption overriding behaviors in
|
2708
|
+
# directory buckets, see [Specifying server-side encryption with KMS
|
2709
|
+
# for new object uploads][3].
|
2710
|
+
#
|
2711
|
+
# In the Zonal endpoint API calls (except [CopyObject][4] and
|
2712
|
+
# [UploadPartCopy][5]) using the REST API, the encryption request
|
2713
|
+
# headers must match the encryption settings that are specified in the
|
2714
|
+
# `CreateSession` request. You can't override the values of the
|
2715
|
+
# encryption settings (`x-amz-server-side-encryption`,
|
2716
|
+
# `x-amz-server-side-encryption-aws-kms-key-id`,
|
2717
|
+
# `x-amz-server-side-encryption-context`, and
|
2718
|
+
# `x-amz-server-side-encryption-bucket-key-enabled`) that are
|
2719
|
+
# specified in the `CreateSession` request. You don't need to
|
2720
|
+
# explicitly specify these encryption settings values in Zonal
|
2721
|
+
# endpoint API calls, and Amazon S3 will use the encryption settings
|
2722
|
+
# values from the `CreateSession` request to protect new objects in
|
2723
|
+
# the directory bucket.
|
2724
|
+
#
|
2725
|
+
# <note markdown="1"> When you use the CLI or the Amazon Web Services SDKs, for
|
2726
|
+
# `CreateSession`, the session token refreshes automatically to avoid
|
2727
|
+
# service interruptions when a session expires. The CLI or the Amazon
|
2728
|
+
# Web Services SDKs use the bucket's default encryption configuration
|
2729
|
+
# for the `CreateSession` request. It's not supported to override the
|
2730
|
+
# encryption settings values in the `CreateSession` request. So in the
|
2731
|
+
# Zonal endpoint API calls (except [CopyObject][4] and
|
2732
|
+
# [UploadPartCopy][5]), the encryption request headers must match the
|
2733
|
+
# default encryption configuration of the directory bucket.
|
2734
|
+
#
|
2735
|
+
# </note>
|
2736
|
+
#
|
2737
|
+
#
|
2738
|
+
#
|
2739
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
|
2740
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html
|
2741
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html
|
2742
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
|
2743
|
+
# [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html
|
1390
2744
|
# @option options [String] :storage_class
|
1391
2745
|
# By default, Amazon S3 uses the STANDARD Storage Class to store newly
|
1392
2746
|
# created objects. The STANDARD storage class provides high durability
|
1393
2747
|
# and high availability. Depending on performance needs, you can specify
|
1394
|
-
# a different Storage Class.
|
1395
|
-
#
|
1396
|
-
#
|
2748
|
+
# a different Storage Class. For more information, see [Storage
|
2749
|
+
# Classes][1] in the *Amazon S3 User Guide*.
|
2750
|
+
#
|
2751
|
+
# <note markdown="1"> * For directory buckets, only the S3 Express One Zone storage class is
|
2752
|
+
# supported to store newly created objects.
|
2753
|
+
#
|
2754
|
+
# * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
|
2755
|
+
#
|
2756
|
+
# </note>
|
1397
2757
|
#
|
1398
2758
|
#
|
1399
2759
|
#
|
@@ -1402,7 +2762,8 @@ module Aws::S3
|
|
1402
2762
|
# If the bucket is configured as a website, redirects requests for this
|
1403
2763
|
# object to another object in the same bucket or to an external URL.
|
1404
2764
|
# Amazon S3 stores the value of this header in the object metadata. For
|
1405
|
-
# information about object metadata, see [Object Key and Metadata][1]
|
2765
|
+
# information about object metadata, see [Object Key and Metadata][1] in
|
2766
|
+
# the *Amazon S3 User Guide*.
|
1406
2767
|
#
|
1407
2768
|
# In the following example, the request header sets the redirect to an
|
1408
2769
|
# object (anotherPage.html) in the same bucket:
|
@@ -1416,7 +2777,11 @@ module Aws::S3
|
|
1416
2777
|
#
|
1417
2778
|
# For more information about website hosting in Amazon S3, see [Hosting
|
1418
2779
|
# Websites on Amazon S3][2] and [How to Configure Website Page
|
1419
|
-
# Redirects][3]
|
2780
|
+
# Redirects][3] in the *Amazon S3 User Guide*.
|
2781
|
+
#
|
2782
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2783
|
+
#
|
2784
|
+
# </note>
|
1420
2785
|
#
|
1421
2786
|
#
|
1422
2787
|
#
|
@@ -1424,52 +2789,123 @@ module Aws::S3
|
|
1424
2789
|
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html
|
1425
2790
|
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html
|
1426
2791
|
# @option options [String] :sse_customer_algorithm
|
1427
|
-
# Specifies the algorithm to use
|
1428
|
-
# example, AES256).
|
2792
|
+
# Specifies the algorithm to use when encrypting the object (for
|
2793
|
+
# example, `AES256`).
|
2794
|
+
#
|
2795
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2796
|
+
#
|
2797
|
+
# </note>
|
1429
2798
|
# @option options [String] :sse_customer_key
|
1430
2799
|
# Specifies the customer-provided encryption key for Amazon S3 to use in
|
1431
2800
|
# encrypting data. This value is used to store the object and then it is
|
1432
2801
|
# discarded; Amazon S3 does not store the encryption key. The key must
|
1433
2802
|
# be appropriate for use with the algorithm specified in the
|
1434
2803
|
# `x-amz-server-side-encryption-customer-algorithm` header.
|
2804
|
+
#
|
2805
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2806
|
+
#
|
2807
|
+
# </note>
|
1435
2808
|
# @option options [String] :sse_customer_key_md5
|
1436
2809
|
# Specifies the 128-bit MD5 digest of the encryption key according to
|
1437
2810
|
# RFC 1321. Amazon S3 uses this header for a message integrity check to
|
1438
2811
|
# ensure that the encryption key was transmitted without error.
|
2812
|
+
#
|
2813
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2814
|
+
#
|
2815
|
+
# </note>
|
1439
2816
|
# @option options [String] :ssekms_key_id
|
1440
|
-
#
|
1441
|
-
#
|
1442
|
-
#
|
1443
|
-
#
|
1444
|
-
#
|
1445
|
-
#
|
1446
|
-
# x-amz-server-side-encryption
|
1447
|
-
#
|
1448
|
-
#
|
1449
|
-
#
|
2817
|
+
# Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for
|
2818
|
+
# object encryption. If the KMS key doesn't exist in the same account
|
2819
|
+
# that's issuing the command, you must use the full Key ARN not the Key
|
2820
|
+
# ID.
|
2821
|
+
#
|
2822
|
+
# **General purpose buckets** - If you specify
|
2823
|
+
# `x-amz-server-side-encryption` with `aws:kms` or `aws:kms:dsse`, this
|
2824
|
+
# header specifies the ID (Key ID, Key ARN, or Key Alias) of the KMS key
|
2825
|
+
# to use. If you specify `x-amz-server-side-encryption:aws:kms` or
|
2826
|
+
# `x-amz-server-side-encryption:aws:kms:dsse`, but do not provide
|
2827
|
+
# `x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
|
2828
|
+
# Amazon Web Services managed key (`aws/s3`) to protect the data.
|
2829
|
+
#
|
2830
|
+
# **Directory buckets** - If you specify `x-amz-server-side-encryption`
|
2831
|
+
# with `aws:kms`, the ` x-amz-server-side-encryption-aws-kms-key-id`
|
2832
|
+
# header is implicitly assigned the ID of the KMS symmetric encryption
|
2833
|
+
# customer managed key that's configured for your directory bucket's
|
2834
|
+
# default encryption setting. If you want to specify the `
|
2835
|
+
# x-amz-server-side-encryption-aws-kms-key-id` header explicitly, you
|
2836
|
+
# can only specify it with the ID (Key ID or Key ARN) of the KMS
|
2837
|
+
# customer managed key that's configured for your directory bucket's
|
2838
|
+
# default encryption setting. Otherwise, you get an HTTP `400 Bad
|
2839
|
+
# Request` error. Only use the key ID or key ARN. The key alias format
|
2840
|
+
# of the KMS key isn't supported. Your SSE-KMS configuration can only
|
2841
|
+
# support 1 [customer managed key][1] per directory bucket for the
|
2842
|
+
# lifetime of the bucket. The [Amazon Web Services managed key][2]
|
2843
|
+
# (`aws/s3`) isn't supported.
|
2844
|
+
#
|
2845
|
+
#
|
2846
|
+
#
|
2847
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
|
2848
|
+
# [2]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
|
1450
2849
|
# @option options [String] :ssekms_encryption_context
|
1451
|
-
# Specifies the Amazon Web Services KMS Encryption Context
|
1452
|
-
#
|
1453
|
-
#
|
1454
|
-
#
|
1455
|
-
#
|
1456
|
-
# operations on this
|
2850
|
+
# Specifies the Amazon Web Services KMS Encryption Context as an
|
2851
|
+
# additional encryption context to use for object encryption. The value
|
2852
|
+
# of this header is a Base64-encoded string of a UTF-8 encoded JSON,
|
2853
|
+
# which contains the encryption context as key-value pairs. This value
|
2854
|
+
# is stored as object metadata and automatically gets passed on to
|
2855
|
+
# Amazon Web Services KMS for future `GetObject` operations on this
|
2856
|
+
# object.
|
2857
|
+
#
|
2858
|
+
# **General purpose buckets** - This value must be explicitly added
|
2859
|
+
# during `CopyObject` operations if you want an additional encryption
|
2860
|
+
# context for your object. For more information, see [Encryption
|
2861
|
+
# context][1] in the *Amazon S3 User Guide*.
|
2862
|
+
#
|
2863
|
+
# **Directory buckets** - You can optionally provide an explicit
|
2864
|
+
# encryption context value. The value must match the default encryption
|
2865
|
+
# context - the bucket Amazon Resource Name (ARN). An additional
|
2866
|
+
# encryption context value is not supported.
|
2867
|
+
#
|
2868
|
+
#
|
2869
|
+
#
|
2870
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html#encryption-context
|
1457
2871
|
# @option options [Boolean] :bucket_key_enabled
|
1458
2872
|
# Specifies whether Amazon S3 should use an S3 Bucket Key for object
|
1459
2873
|
# encryption with server-side encryption using Key Management Service
|
1460
|
-
# (KMS) keys (SSE-KMS).
|
1461
|
-
#
|
2874
|
+
# (KMS) keys (SSE-KMS).
|
2875
|
+
#
|
2876
|
+
# **General purpose buckets** - Setting this header to `true` causes
|
2877
|
+
# Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.
|
2878
|
+
# Also, specifying this header with a PUT action doesn't affect
|
2879
|
+
# bucket-level settings for S3 Bucket Key.
|
2880
|
+
#
|
2881
|
+
# **Directory buckets** - S3 Bucket Keys are always enabled for `GET`
|
2882
|
+
# and `PUT` operations in a directory bucket and can’t be disabled. S3
|
2883
|
+
# Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects
|
2884
|
+
# from general purpose buckets to directory buckets, from directory
|
2885
|
+
# buckets to general purpose buckets, or between directory buckets,
|
2886
|
+
# through [CopyObject][1], [UploadPartCopy][2], [the Copy operation in
|
2887
|
+
# Batch Operations][3], or [the import jobs][4]. In this case, Amazon S3
|
2888
|
+
# makes a call to KMS every time a copy request is made for a
|
2889
|
+
# KMS-encrypted object.
|
1462
2890
|
#
|
1463
|
-
#
|
1464
|
-
#
|
2891
|
+
#
|
2892
|
+
#
|
2893
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
|
2894
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html
|
2895
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops
|
2896
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job
|
1465
2897
|
# @option options [String] :request_payer
|
1466
2898
|
# Confirms that the requester knows that they will be charged for the
|
1467
2899
|
# request. Bucket owners need not specify this parameter in their
|
1468
|
-
# requests. If either the source or destination
|
1469
|
-
#
|
1470
|
-
#
|
1471
|
-
#
|
1472
|
-
#
|
2900
|
+
# requests. If either the source or destination S3 bucket has Requester
|
2901
|
+
# Pays enabled, the requester will pay for corresponding charges to copy
|
2902
|
+
# the object. For information about downloading objects from Requester
|
2903
|
+
# Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
|
2904
|
+
# in the *Amazon S3 User Guide*.
|
2905
|
+
#
|
2906
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2907
|
+
#
|
2908
|
+
# </note>
|
1473
2909
|
#
|
1474
2910
|
#
|
1475
2911
|
#
|
@@ -1477,29 +2913,46 @@ module Aws::S3
|
|
1477
2913
|
# @option options [String] :tagging
|
1478
2914
|
# The tag-set for the object. The tag-set must be encoded as URL Query
|
1479
2915
|
# parameters. (For example, "Key1=Value1")
|
2916
|
+
#
|
2917
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2918
|
+
#
|
2919
|
+
# </note>
|
1480
2920
|
# @option options [String] :object_lock_mode
|
1481
2921
|
# The Object Lock mode that you want to apply to this object.
|
2922
|
+
#
|
2923
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2924
|
+
#
|
2925
|
+
# </note>
|
1482
2926
|
# @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
|
1483
2927
|
# The date and time when you want this object's Object Lock to expire.
|
1484
2928
|
# Must be formatted as a timestamp parameter.
|
2929
|
+
#
|
2930
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2931
|
+
#
|
2932
|
+
# </note>
|
1485
2933
|
# @option options [String] :object_lock_legal_hold_status
|
1486
2934
|
# Specifies whether a legal hold will be applied to this object. For
|
1487
|
-
# more information about S3 Object Lock, see [Object Lock][1]
|
2935
|
+
# more information about S3 Object Lock, see [Object Lock][1] in the
|
2936
|
+
# *Amazon S3 User Guide*.
|
2937
|
+
#
|
2938
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
2939
|
+
#
|
2940
|
+
# </note>
|
1488
2941
|
#
|
1489
2942
|
#
|
1490
2943
|
#
|
1491
2944
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
|
1492
2945
|
# @option options [String] :expected_bucket_owner
|
1493
|
-
# The account ID of the expected bucket owner. If the
|
1494
|
-
#
|
1495
|
-
# Forbidden` (access denied).
|
2946
|
+
# The account ID of the expected bucket owner. If the account ID that
|
2947
|
+
# you provide does not match the actual owner of the bucket, the request
|
2948
|
+
# fails with the HTTP status code `403 Forbidden` (access denied).
|
1496
2949
|
# @return [Types::PutObjectOutput]
|
1497
2950
|
def put(options = {})
|
1498
2951
|
options = options.merge(
|
1499
2952
|
bucket: @bucket_name,
|
1500
2953
|
key: @key
|
1501
2954
|
)
|
1502
|
-
resp = Aws::Plugins::UserAgent.
|
2955
|
+
resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
1503
2956
|
@client.put_object(options)
|
1504
2957
|
end
|
1505
2958
|
resp.data
|
@@ -1586,7 +3039,7 @@ module Aws::S3
|
|
1586
3039
|
# value: "MetadataValue",
|
1587
3040
|
# },
|
1588
3041
|
# ],
|
1589
|
-
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
|
3042
|
+
# storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
|
1590
3043
|
# },
|
1591
3044
|
# },
|
1592
3045
|
# },
|
@@ -1602,23 +3055,27 @@ module Aws::S3
|
|
1602
3055
|
# @option options [String] :request_payer
|
1603
3056
|
# Confirms that the requester knows that they will be charged for the
|
1604
3057
|
# request. Bucket owners need not specify this parameter in their
|
1605
|
-
# requests. If either the source or destination
|
1606
|
-
#
|
1607
|
-
#
|
1608
|
-
#
|
1609
|
-
#
|
3058
|
+
# requests. If either the source or destination S3 bucket has Requester
|
3059
|
+
# Pays enabled, the requester will pay for corresponding charges to copy
|
3060
|
+
# the object. For information about downloading objects from Requester
|
3061
|
+
# Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
|
3062
|
+
# in the *Amazon S3 User Guide*.
|
3063
|
+
#
|
3064
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
3065
|
+
#
|
3066
|
+
# </note>
|
1610
3067
|
#
|
1611
3068
|
#
|
1612
3069
|
#
|
1613
3070
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
|
1614
3071
|
# @option options [String] :checksum_algorithm
|
1615
3072
|
# Indicates the algorithm used to create the checksum for the object
|
1616
|
-
# when
|
1617
|
-
# functionality if
|
1618
|
-
# must be a corresponding `x-amz-checksum` or `x-amz-trailer`
|
1619
|
-
# sent. Otherwise, Amazon S3 fails the request with the HTTP
|
1620
|
-
# `400 Bad Request`. For more information, see [Checking
|
1621
|
-
# integrity][1] in the *Amazon S3 User Guide*.
|
3073
|
+
# when you use the SDK. This header will not provide any additional
|
3074
|
+
# functionality if you don't use the SDK. When you send this header,
|
3075
|
+
# there must be a corresponding `x-amz-checksum` or `x-amz-trailer`
|
3076
|
+
# header sent. Otherwise, Amazon S3 fails the request with the HTTP
|
3077
|
+
# status code `400 Bad Request`. For more information, see [Checking
|
3078
|
+
# object integrity][1] in the *Amazon S3 User Guide*.
|
1622
3079
|
#
|
1623
3080
|
# If you provide an individual checksum, Amazon S3 ignores any provided
|
1624
3081
|
# `ChecksumAlgorithm` parameter.
|
@@ -1627,16 +3084,16 @@ module Aws::S3
|
|
1627
3084
|
#
|
1628
3085
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
|
1629
3086
|
# @option options [String] :expected_bucket_owner
|
1630
|
-
# The account ID of the expected bucket owner. If the
|
1631
|
-
#
|
1632
|
-
# Forbidden` (access denied).
|
3087
|
+
# The account ID of the expected bucket owner. If the account ID that
|
3088
|
+
# you provide does not match the actual owner of the bucket, the request
|
3089
|
+
# fails with the HTTP status code `403 Forbidden` (access denied).
|
1633
3090
|
# @return [Types::RestoreObjectOutput]
|
1634
3091
|
def restore_object(options = {})
|
1635
3092
|
options = options.merge(
|
1636
3093
|
bucket: @bucket_name,
|
1637
3094
|
key: @key
|
1638
3095
|
)
|
1639
|
-
resp = Aws::Plugins::UserAgent.
|
3096
|
+
resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
1640
3097
|
@client.restore_object(options)
|
1641
3098
|
end
|
1642
3099
|
resp.data
|
@@ -1650,6 +3107,12 @@ module Aws::S3
|
|
1650
3107
|
# if_none_match: "IfNoneMatch",
|
1651
3108
|
# if_unmodified_since: Time.now,
|
1652
3109
|
# range: "Range",
|
3110
|
+
# response_cache_control: "ResponseCacheControl",
|
3111
|
+
# response_content_disposition: "ResponseContentDisposition",
|
3112
|
+
# response_content_encoding: "ResponseContentEncoding",
|
3113
|
+
# response_content_language: "ResponseContentLanguage",
|
3114
|
+
# response_content_type: "ResponseContentType",
|
3115
|
+
# response_expires: Time.now,
|
1653
3116
|
# version_id: "ObjectVersionId",
|
1654
3117
|
# sse_customer_algorithm: "SSECustomerAlgorithm",
|
1655
3118
|
# sse_customer_key: "SSECustomerKey",
|
@@ -1663,43 +3126,136 @@ module Aws::S3
|
|
1663
3126
|
# @option options [String] :if_match
|
1664
3127
|
# Return the object only if its entity tag (ETag) is the same as the one
|
1665
3128
|
# specified; otherwise, return a 412 (precondition failed) error.
|
3129
|
+
#
|
3130
|
+
# If both of the `If-Match` and `If-Unmodified-Since` headers are
|
3131
|
+
# present in the request as follows:
|
3132
|
+
#
|
3133
|
+
# * `If-Match` condition evaluates to `true`, and;
|
3134
|
+
#
|
3135
|
+
# * `If-Unmodified-Since` condition evaluates to `false`;
|
3136
|
+
#
|
3137
|
+
# Then Amazon S3 returns `200 OK` and the data requested.
|
3138
|
+
#
|
3139
|
+
# For more information about conditional requests, see [RFC 7232][1].
|
3140
|
+
#
|
3141
|
+
#
|
3142
|
+
#
|
3143
|
+
# [1]: https://tools.ietf.org/html/rfc7232
|
1666
3144
|
# @option options [Time,DateTime,Date,Integer,String] :if_modified_since
|
1667
3145
|
# Return the object only if it has been modified since the specified
|
1668
3146
|
# time; otherwise, return a 304 (not modified) error.
|
3147
|
+
#
|
3148
|
+
# If both of the `If-None-Match` and `If-Modified-Since` headers are
|
3149
|
+
# present in the request as follows:
|
3150
|
+
#
|
3151
|
+
# * `If-None-Match` condition evaluates to `false`, and;
|
3152
|
+
#
|
3153
|
+
# * `If-Modified-Since` condition evaluates to `true`;
|
3154
|
+
#
|
3155
|
+
# Then Amazon S3 returns the `304 Not Modified` response code.
|
3156
|
+
#
|
3157
|
+
# For more information about conditional requests, see [RFC 7232][1].
|
3158
|
+
#
|
3159
|
+
#
|
3160
|
+
#
|
3161
|
+
# [1]: https://tools.ietf.org/html/rfc7232
|
1669
3162
|
# @option options [String] :if_none_match
|
1670
3163
|
# Return the object only if its entity tag (ETag) is different from the
|
1671
3164
|
# one specified; otherwise, return a 304 (not modified) error.
|
3165
|
+
#
|
3166
|
+
# If both of the `If-None-Match` and `If-Modified-Since` headers are
|
3167
|
+
# present in the request as follows:
|
3168
|
+
#
|
3169
|
+
# * `If-None-Match` condition evaluates to `false`, and;
|
3170
|
+
#
|
3171
|
+
# * `If-Modified-Since` condition evaluates to `true`;
|
3172
|
+
#
|
3173
|
+
# Then Amazon S3 returns the `304 Not Modified` response code.
|
3174
|
+
#
|
3175
|
+
# For more information about conditional requests, see [RFC 7232][1].
|
3176
|
+
#
|
3177
|
+
#
|
3178
|
+
#
|
3179
|
+
# [1]: https://tools.ietf.org/html/rfc7232
|
1672
3180
|
# @option options [Time,DateTime,Date,Integer,String] :if_unmodified_since
|
1673
3181
|
# Return the object only if it has not been modified since the specified
|
1674
3182
|
# time; otherwise, return a 412 (precondition failed) error.
|
3183
|
+
#
|
3184
|
+
# If both of the `If-Match` and `If-Unmodified-Since` headers are
|
3185
|
+
# present in the request as follows:
|
3186
|
+
#
|
3187
|
+
# * `If-Match` condition evaluates to `true`, and;
|
3188
|
+
#
|
3189
|
+
# * `If-Unmodified-Since` condition evaluates to `false`;
|
3190
|
+
#
|
3191
|
+
# Then Amazon S3 returns `200 OK` and the data requested.
|
3192
|
+
#
|
3193
|
+
# For more information about conditional requests, see [RFC 7232][1].
|
3194
|
+
#
|
3195
|
+
#
|
3196
|
+
#
|
3197
|
+
# [1]: https://tools.ietf.org/html/rfc7232
|
1675
3198
|
# @option options [String] :range
|
1676
3199
|
# HeadObject returns only the metadata for an object. If the Range is
|
1677
3200
|
# satisfiable, only the `ContentLength` is affected in the response. If
|
1678
3201
|
# the Range is not satisfiable, S3 returns a `416 - Requested Range Not
|
1679
3202
|
# Satisfiable` error.
|
3203
|
+
# @option options [String] :response_cache_control
|
3204
|
+
# Sets the `Cache-Control` header of the response.
|
3205
|
+
# @option options [String] :response_content_disposition
|
3206
|
+
# Sets the `Content-Disposition` header of the response.
|
3207
|
+
# @option options [String] :response_content_encoding
|
3208
|
+
# Sets the `Content-Encoding` header of the response.
|
3209
|
+
# @option options [String] :response_content_language
|
3210
|
+
# Sets the `Content-Language` header of the response.
|
3211
|
+
# @option options [String] :response_content_type
|
3212
|
+
# Sets the `Content-Type` header of the response.
|
3213
|
+
# @option options [Time,DateTime,Date,Integer,String] :response_expires
|
3214
|
+
# Sets the `Expires` header of the response.
|
1680
3215
|
# @option options [String] :version_id
|
1681
|
-
#
|
3216
|
+
# Version ID used to reference a specific version of the object.
|
3217
|
+
#
|
3218
|
+
# <note markdown="1"> For directory buckets in this API operation, only the `null` value of
|
3219
|
+
# the version ID is supported.
|
3220
|
+
#
|
3221
|
+
# </note>
|
1682
3222
|
# @option options [String] :sse_customer_algorithm
|
1683
|
-
# Specifies the algorithm to use
|
3223
|
+
# Specifies the algorithm to use when encrypting the object (for
|
1684
3224
|
# example, AES256).
|
3225
|
+
#
|
3226
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
3227
|
+
#
|
3228
|
+
# </note>
|
1685
3229
|
# @option options [String] :sse_customer_key
|
1686
3230
|
# Specifies the customer-provided encryption key for Amazon S3 to use in
|
1687
3231
|
# encrypting data. This value is used to store the object and then it is
|
1688
3232
|
# discarded; Amazon S3 does not store the encryption key. The key must
|
1689
3233
|
# be appropriate for use with the algorithm specified in the
|
1690
3234
|
# `x-amz-server-side-encryption-customer-algorithm` header.
|
3235
|
+
#
|
3236
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
3237
|
+
#
|
3238
|
+
# </note>
|
1691
3239
|
# @option options [String] :sse_customer_key_md5
|
1692
3240
|
# Specifies the 128-bit MD5 digest of the encryption key according to
|
1693
3241
|
# RFC 1321. Amazon S3 uses this header for a message integrity check to
|
1694
3242
|
# ensure that the encryption key was transmitted without error.
|
3243
|
+
#
|
3244
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
3245
|
+
#
|
3246
|
+
# </note>
|
1695
3247
|
# @option options [String] :request_payer
|
1696
3248
|
# Confirms that the requester knows that they will be charged for the
|
1697
3249
|
# request. Bucket owners need not specify this parameter in their
|
1698
|
-
# requests. If either the source or destination
|
1699
|
-
#
|
1700
|
-
#
|
1701
|
-
#
|
1702
|
-
#
|
3250
|
+
# requests. If either the source or destination S3 bucket has Requester
|
3251
|
+
# Pays enabled, the requester will pay for corresponding charges to copy
|
3252
|
+
# the object. For information about downloading objects from Requester
|
3253
|
+
# Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
|
3254
|
+
# in the *Amazon S3 User Guide*.
|
3255
|
+
#
|
3256
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
3257
|
+
#
|
3258
|
+
# </note>
|
1703
3259
|
#
|
1704
3260
|
#
|
1705
3261
|
#
|
@@ -1710,23 +3266,33 @@ module Aws::S3
|
|
1710
3266
|
# for the part specified. Useful querying about the size of the part and
|
1711
3267
|
# the number of parts in this object.
|
1712
3268
|
# @option options [String] :expected_bucket_owner
|
1713
|
-
# The account ID of the expected bucket owner. If the
|
1714
|
-
#
|
1715
|
-
# Forbidden` (access denied).
|
3269
|
+
# The account ID of the expected bucket owner. If the account ID that
|
3270
|
+
# you provide does not match the actual owner of the bucket, the request
|
3271
|
+
# fails with the HTTP status code `403 Forbidden` (access denied).
|
1716
3272
|
# @option options [String] :checksum_mode
|
1717
3273
|
# To retrieve the checksum, this parameter must be enabled.
|
1718
3274
|
#
|
1719
|
-
#
|
1720
|
-
#
|
1721
|
-
# KMS), you must have permission to use the
|
1722
|
-
#
|
3275
|
+
# **General purpose buckets** - If you enable checksum mode and the
|
3276
|
+
# object is uploaded with a [checksum][1] and encrypted with an Key
|
3277
|
+
# Management Service (KMS) key, you must have permission to use the
|
3278
|
+
# `kms:Decrypt` action to retrieve the checksum.
|
3279
|
+
#
|
3280
|
+
# **Directory buckets** - If you enable `ChecksumMode` and the object is
|
3281
|
+
# encrypted with Amazon Web Services Key Management Service (Amazon Web
|
3282
|
+
# Services KMS), you must also have the `kms:GenerateDataKey` and
|
3283
|
+
# `kms:Decrypt` permissions in IAM identity-based policies and KMS key
|
3284
|
+
# policies for the KMS key to retrieve the checksum of the object.
|
3285
|
+
#
|
3286
|
+
#
|
3287
|
+
#
|
3288
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html
|
1723
3289
|
# @return [Types::HeadObjectOutput]
|
1724
3290
|
def head(options = {})
|
1725
3291
|
options = options.merge(
|
1726
3292
|
bucket: @bucket_name,
|
1727
3293
|
key: @key
|
1728
3294
|
)
|
1729
|
-
resp = Aws::Plugins::UserAgent.
|
3295
|
+
resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
1730
3296
|
@client.head_object(options)
|
1731
3297
|
end
|
1732
3298
|
resp.data
|
@@ -1853,14 +3419,35 @@ module Aws::S3
|
|
1853
3419
|
# space, and the value that is displayed on your authentication device.
|
1854
3420
|
# Required to permanently delete a versioned object if versioning is
|
1855
3421
|
# configured with MFA delete enabled.
|
3422
|
+
#
|
3423
|
+
# When performing the `DeleteObjects` operation on an MFA delete enabled
|
3424
|
+
# bucket, which attempts to delete the specified versioned objects, you
|
3425
|
+
# must include an MFA token. If you don't provide an MFA token, the
|
3426
|
+
# entire request will fail, even if there are non-versioned objects that
|
3427
|
+
# you are trying to delete. If you provide an invalid token, whether
|
3428
|
+
# there are versioned object keys in the request or not, the entire
|
3429
|
+
# Multi-Object Delete request will fail. For information about MFA
|
3430
|
+
# Delete, see [ MFA Delete][1] in the *Amazon S3 User Guide*.
|
3431
|
+
#
|
3432
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
3433
|
+
#
|
3434
|
+
# </note>
|
3435
|
+
#
|
3436
|
+
#
|
3437
|
+
#
|
3438
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete
|
1856
3439
|
# @option options [String] :request_payer
|
1857
3440
|
# Confirms that the requester knows that they will be charged for the
|
1858
3441
|
# request. Bucket owners need not specify this parameter in their
|
1859
|
-
# requests. If either the source or destination
|
1860
|
-
#
|
1861
|
-
#
|
1862
|
-
#
|
1863
|
-
#
|
3442
|
+
# requests. If either the source or destination S3 bucket has Requester
|
3443
|
+
# Pays enabled, the requester will pay for corresponding charges to copy
|
3444
|
+
# the object. For information about downloading objects from Requester
|
3445
|
+
# Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
|
3446
|
+
# in the *Amazon S3 User Guide*.
|
3447
|
+
#
|
3448
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
3449
|
+
#
|
3450
|
+
# </note>
|
1864
3451
|
#
|
1865
3452
|
#
|
1866
3453
|
#
|
@@ -1869,25 +3456,45 @@ module Aws::S3
|
|
1869
3456
|
# Specifies whether you want to delete this object even if it has a
|
1870
3457
|
# Governance-type Object Lock in place. To use this header, you must
|
1871
3458
|
# have the `s3:BypassGovernanceRetention` permission.
|
3459
|
+
#
|
3460
|
+
# <note markdown="1"> This functionality is not supported for directory buckets.
|
3461
|
+
#
|
3462
|
+
# </note>
|
1872
3463
|
# @option options [String] :expected_bucket_owner
|
1873
|
-
# The account ID of the expected bucket owner. If the
|
1874
|
-
#
|
1875
|
-
# Forbidden` (access denied).
|
3464
|
+
# The account ID of the expected bucket owner. If the account ID that
|
3465
|
+
# you provide does not match the actual owner of the bucket, the request
|
3466
|
+
# fails with the HTTP status code `403 Forbidden` (access denied).
|
1876
3467
|
# @option options [String] :checksum_algorithm
|
1877
3468
|
# Indicates the algorithm used to create the checksum for the object
|
1878
|
-
# when
|
1879
|
-
# functionality if
|
1880
|
-
# must be a corresponding `x-amz-checksum` or
|
1881
|
-
# sent. Otherwise, Amazon S3 fails the request
|
1882
|
-
# `400 Bad Request`.
|
1883
|
-
#
|
3469
|
+
# when you use the SDK. This header will not provide any additional
|
3470
|
+
# functionality if you don't use the SDK. When you send this header,
|
3471
|
+
# there must be a corresponding `x-amz-checksum-algorithm ` or
|
3472
|
+
# `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request
|
3473
|
+
# with the HTTP status code `400 Bad Request`.
|
3474
|
+
#
|
3475
|
+
# For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with
|
3476
|
+
# the supported algorithm from the following list:
|
3477
|
+
#
|
3478
|
+
# * `CRC32`
|
3479
|
+
#
|
3480
|
+
# * `CRC32C`
|
3481
|
+
#
|
3482
|
+
# * `SHA1`
|
3483
|
+
#
|
3484
|
+
# * `SHA256`
|
3485
|
+
#
|
3486
|
+
# For more information, see [Checking object integrity][1] in the
|
3487
|
+
# *Amazon S3 User Guide*.
|
3488
|
+
#
|
3489
|
+
# If the individual checksum value you provide through
|
3490
|
+
# `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
|
3491
|
+
# set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
|
3492
|
+
# provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
|
3493
|
+
# that matches the provided value in `x-amz-checksum-algorithm `.
|
1884
3494
|
#
|
1885
3495
|
# If you provide an individual checksum, Amazon S3 ignores any provided
|
1886
3496
|
# `ChecksumAlgorithm` parameter.
|
1887
3497
|
#
|
1888
|
-
# This checksum algorithm must be the same for all parts and it match
|
1889
|
-
# the checksum value supplied in the `CreateMultipartUpload` request.
|
1890
|
-
#
|
1891
3498
|
#
|
1892
3499
|
#
|
1893
3500
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
|
@@ -1903,7 +3510,7 @@ module Aws::S3
|
|
1903
3510
|
key: item.key
|
1904
3511
|
}
|
1905
3512
|
end
|
1906
|
-
Aws::Plugins::UserAgent.
|
3513
|
+
Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
|
1907
3514
|
batch[0].client.delete_objects(params)
|
1908
3515
|
end
|
1909
3516
|
end
|
@@ -1915,3 +3522,6 @@ module Aws::S3
|
|
1915
3522
|
end
|
1916
3523
|
end
|
1917
3524
|
end
|
3525
|
+
|
3526
|
+
# Load customizations if they exist
|
3527
|
+
require 'aws-sdk-s3/customizations/object'
|