aws-sdk-s3 1.138.0 → 1.141.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (42) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +20 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-s3/bucket.rb +423 -93
  5. data/lib/aws-sdk-s3/bucket_acl.rb +9 -9
  6. data/lib/aws-sdk-s3/bucket_cors.rb +12 -12
  7. data/lib/aws-sdk-s3/bucket_lifecycle.rb +12 -12
  8. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +12 -12
  9. data/lib/aws-sdk-s3/bucket_logging.rb +9 -9
  10. data/lib/aws-sdk-s3/bucket_notification.rb +3 -3
  11. data/lib/aws-sdk-s3/bucket_policy.rb +58 -14
  12. data/lib/aws-sdk-s3/bucket_request_payment.rb +9 -9
  13. data/lib/aws-sdk-s3/bucket_tagging.rb +12 -12
  14. data/lib/aws-sdk-s3/bucket_versioning.rb +27 -27
  15. data/lib/aws-sdk-s3/bucket_website.rb +12 -12
  16. data/lib/aws-sdk-s3/client.rb +5639 -2553
  17. data/lib/aws-sdk-s3/client_api.rb +97 -16
  18. data/lib/aws-sdk-s3/customizations.rb +5 -0
  19. data/lib/aws-sdk-s3/endpoint_parameters.rb +32 -0
  20. data/lib/aws-sdk-s3/endpoint_provider.rb +82 -0
  21. data/lib/aws-sdk-s3/endpoints.rb +440 -0
  22. data/lib/aws-sdk-s3/express_credentials.rb +55 -0
  23. data/lib/aws-sdk-s3/express_credentials_cache.rb +30 -0
  24. data/lib/aws-sdk-s3/express_credentials_provider.rb +36 -0
  25. data/lib/aws-sdk-s3/file_downloader.rb +0 -1
  26. data/lib/aws-sdk-s3/multipart_file_uploader.rb +0 -1
  27. data/lib/aws-sdk-s3/multipart_stream_uploader.rb +0 -1
  28. data/lib/aws-sdk-s3/multipart_upload.rb +70 -24
  29. data/lib/aws-sdk-s3/multipart_upload_part.rb +164 -43
  30. data/lib/aws-sdk-s3/object.rb +1496 -248
  31. data/lib/aws-sdk-s3/object_acl.rb +31 -19
  32. data/lib/aws-sdk-s3/object_summary.rb +1366 -272
  33. data/lib/aws-sdk-s3/object_version.rb +304 -57
  34. data/lib/aws-sdk-s3/plugins/endpoints.rb +13 -2
  35. data/lib/aws-sdk-s3/plugins/express_session_auth.rb +90 -0
  36. data/lib/aws-sdk-s3/plugins/location_constraint.rb +3 -1
  37. data/lib/aws-sdk-s3/plugins/md5s.rb +2 -1
  38. data/lib/aws-sdk-s3/presigner.rb +2 -2
  39. data/lib/aws-sdk-s3/resource.rb +83 -11
  40. data/lib/aws-sdk-s3/types.rb +4261 -1238
  41. data/lib/aws-sdk-s3.rb +1 -1
  42. metadata +11 -7
@@ -229,7 +229,15 @@ module Aws::S3
229
229
  # bucket.create({
230
230
  # acl: "private", # accepts private, public-read, public-read-write, authenticated-read
231
231
  # create_bucket_configuration: {
232
- # location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-southeast-1, ap-southeast-2, ap-southeast-3, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2, ap-south-2, eu-south-2
232
+ # location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-south-2, ap-southeast-1, ap-southeast-2, ap-southeast-3, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-south-2, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
233
+ # location: {
234
+ # type: "AvailabilityZone", # accepts AvailabilityZone
235
+ # name: "LocationNameAsString",
236
+ # },
237
+ # bucket: {
238
+ # data_redundancy: "SingleAvailabilityZone", # accepts SingleAvailabilityZone
239
+ # type: "Directory", # accepts Directory
240
+ # },
233
241
  # },
234
242
  # grant_full_control: "GrantFullControl",
235
243
  # grant_read: "GrantRead",
@@ -242,42 +250,87 @@ module Aws::S3
242
250
  # @param [Hash] options ({})
243
251
  # @option options [String] :acl
244
252
  # The canned ACL to apply to the bucket.
253
+ #
254
+ # <note markdown="1"> This functionality is not supported for directory buckets.
255
+ #
256
+ # </note>
245
257
  # @option options [Types::CreateBucketConfiguration] :create_bucket_configuration
246
258
  # The configuration information for the bucket.
247
259
  # @option options [String] :grant_full_control
248
260
  # Allows grantee the read, write, read ACP, and write ACP permissions on
249
261
  # the bucket.
262
+ #
263
+ # <note markdown="1"> This functionality is not supported for directory buckets.
264
+ #
265
+ # </note>
250
266
  # @option options [String] :grant_read
251
267
  # Allows grantee to list the objects in the bucket.
268
+ #
269
+ # <note markdown="1"> This functionality is not supported for directory buckets.
270
+ #
271
+ # </note>
252
272
  # @option options [String] :grant_read_acp
253
273
  # Allows grantee to read the bucket ACL.
274
+ #
275
+ # <note markdown="1"> This functionality is not supported for directory buckets.
276
+ #
277
+ # </note>
254
278
  # @option options [String] :grant_write
255
279
  # Allows grantee to create new objects in the bucket.
256
280
  #
257
281
  # For the bucket and object owners of existing objects, also allows
258
282
  # deletions and overwrites of those objects.
283
+ #
284
+ # <note markdown="1"> This functionality is not supported for directory buckets.
285
+ #
286
+ # </note>
259
287
  # @option options [String] :grant_write_acp
260
288
  # Allows grantee to write the ACL for the applicable bucket.
289
+ #
290
+ # <note markdown="1"> This functionality is not supported for directory buckets.
291
+ #
292
+ # </note>
261
293
  # @option options [Boolean] :object_lock_enabled_for_bucket
262
294
  # Specifies whether you want S3 Object Lock to be enabled for the new
263
295
  # bucket.
296
+ #
297
+ # <note markdown="1"> This functionality is not supported for directory buckets.
298
+ #
299
+ # </note>
264
300
  # @option options [String] :object_ownership
265
301
  # The container element for object ownership for a bucket's ownership
266
302
  # controls.
267
303
  #
268
- # BucketOwnerPreferred - Objects uploaded to the bucket change ownership
269
- # to the bucket owner if the objects are uploaded with the
304
+ # `BucketOwnerPreferred` - Objects uploaded to the bucket change
305
+ # ownership to the bucket owner if the objects are uploaded with the
270
306
  # `bucket-owner-full-control` canned ACL.
271
307
  #
272
- # ObjectWriter - The uploading account will own the object if the object
273
- # is uploaded with the `bucket-owner-full-control` canned ACL.
308
+ # `ObjectWriter` - The uploading account will own the object if the
309
+ # object is uploaded with the `bucket-owner-full-control` canned ACL.
310
+ #
311
+ # `BucketOwnerEnforced` - Access control lists (ACLs) are disabled and
312
+ # no longer affect permissions. The bucket owner automatically owns and
313
+ # has full control over every object in the bucket. The bucket only
314
+ # accepts PUT requests that don't specify an ACL or specify bucket
315
+ # owner full control ACLs (such as the predefined
316
+ # `bucket-owner-full-control` canned ACL or a custom ACL in XML format
317
+ # that grants the same permissions).
318
+ #
319
+ # By default, `ObjectOwnership` is set to `BucketOwnerEnforced` and ACLs
320
+ # are disabled. We recommend keeping ACLs disabled, except in uncommon
321
+ # use cases where you must control access for each object individually.
322
+ # For more information about S3 Object Ownership, see [Controlling
323
+ # ownership of objects and disabling ACLs for your bucket][1] in the
324
+ # *Amazon S3 User Guide*.
325
+ #
326
+ # <note markdown="1"> This functionality is not supported for directory buckets. Directory
327
+ # buckets use the bucket owner enforced setting for S3 Object Ownership.
328
+ #
329
+ # </note>
330
+ #
274
331
  #
275
- # BucketOwnerEnforced - Access control lists (ACLs) are disabled and no
276
- # longer affect permissions. The bucket owner automatically owns and has
277
- # full control over every object in the bucket. The bucket only accepts
278
- # PUT requests that don't specify an ACL or bucket owner full control
279
- # ACLs, such as the `bucket-owner-full-control` canned ACL or an
280
- # equivalent form of this ACL expressed in the XML format.
332
+ #
333
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
281
334
  # @return [Types::CreateBucketOutput]
282
335
  def create(options = {})
283
336
  options = options.merge(bucket: @name)
@@ -294,9 +347,15 @@ module Aws::S3
294
347
  # })
295
348
  # @param [Hash] options ({})
296
349
  # @option options [String] :expected_bucket_owner
297
- # The account ID of the expected bucket owner. If the bucket is owned by
298
- # a different account, the request fails with the HTTP status code `403
299
- # Forbidden` (access denied).
350
+ # The account ID of the expected bucket owner. If the account ID that
351
+ # you provide does not match the actual owner of the bucket, the request
352
+ # fails with the HTTP status code `403 Forbidden` (access denied).
353
+ #
354
+ # <note markdown="1"> For directory buckets, this header is not supported in this API
355
+ # operation. If you specify this header, the request fails with the HTTP
356
+ # status code `501 Not Implemented`.
357
+ #
358
+ # </note>
300
359
  # @return [EmptyStructure]
301
360
  def delete(options = {})
302
361
  options = options.merge(bucket: @name)
@@ -332,14 +391,35 @@ module Aws::S3
332
391
  # space, and the value that is displayed on your authentication device.
333
392
  # Required to permanently delete a versioned object if versioning is
334
393
  # configured with MFA delete enabled.
394
+ #
395
+ # When performing the `DeleteObjects` operation on an MFA delete enabled
396
+ # bucket, which attempts to delete the specified versioned objects, you
397
+ # must include an MFA token. If you don't provide an MFA token, the
398
+ # entire request will fail, even if there are non-versioned objects that
399
+ # you are trying to delete. If you provide an invalid token, whether
400
+ # there are versioned object keys in the request or not, the entire
401
+ # Multi-Object Delete request will fail. For information about MFA
402
+ # Delete, see [ MFA Delete][1] in the *Amazon S3 User Guide*.
403
+ #
404
+ # <note markdown="1"> This functionality is not supported for directory buckets.
405
+ #
406
+ # </note>
407
+ #
408
+ #
409
+ #
410
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete
335
411
  # @option options [String] :request_payer
336
412
  # Confirms that the requester knows that they will be charged for the
337
413
  # request. Bucket owners need not specify this parameter in their
338
- # requests. If either the source or destination Amazon S3 bucket has
339
- # Requester Pays enabled, the requester will pay for corresponding
340
- # charges to copy the object. For information about downloading objects
341
- # from Requester Pays buckets, see [Downloading Objects in Requester
342
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
414
+ # requests. If either the source or destination S3 bucket has Requester
415
+ # Pays enabled, the requester will pay for corresponding charges to copy
416
+ # the object. For information about downloading objects from Requester
417
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
418
+ # in the *Amazon S3 User Guide*.
419
+ #
420
+ # <note markdown="1"> This functionality is not supported for directory buckets.
421
+ #
422
+ # </note>
343
423
  #
344
424
  #
345
425
  #
@@ -348,25 +428,45 @@ module Aws::S3
348
428
  # Specifies whether you want to delete this object even if it has a
349
429
  # Governance-type Object Lock in place. To use this header, you must
350
430
  # have the `s3:BypassGovernanceRetention` permission.
431
+ #
432
+ # <note markdown="1"> This functionality is not supported for directory buckets.
433
+ #
434
+ # </note>
351
435
  # @option options [String] :expected_bucket_owner
352
- # The account ID of the expected bucket owner. If the bucket is owned by
353
- # a different account, the request fails with the HTTP status code `403
354
- # Forbidden` (access denied).
436
+ # The account ID of the expected bucket owner. If the account ID that
437
+ # you provide does not match the actual owner of the bucket, the request
438
+ # fails with the HTTP status code `403 Forbidden` (access denied).
355
439
  # @option options [String] :checksum_algorithm
356
440
  # Indicates the algorithm used to create the checksum for the object
357
- # when using the SDK. This header will not provide any additional
358
- # functionality if not using the SDK. When sending this header, there
359
- # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
360
- # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
361
- # `400 Bad Request`. For more information, see [Checking object
362
- # integrity][1] in the *Amazon S3 User Guide*.
441
+ # when you use the SDK. This header will not provide any additional
442
+ # functionality if you don't use the SDK. When you send this header,
443
+ # there must be a corresponding `x-amz-checksum-algorithm ` or
444
+ # `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request
445
+ # with the HTTP status code `400 Bad Request`.
446
+ #
447
+ # For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with
448
+ # the supported algorithm from the following list:
449
+ #
450
+ # * CRC32
451
+ #
452
+ # * CRC32C
453
+ #
454
+ # * SHA1
455
+ #
456
+ # * SHA256
457
+ #
458
+ # For more information, see [Checking object integrity][1] in the
459
+ # *Amazon S3 User Guide*.
460
+ #
461
+ # If the individual checksum value you provide through
462
+ # `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
463
+ # set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
464
+ # provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
465
+ # that matches the provided value in `x-amz-checksum-algorithm `.
363
466
  #
364
467
  # If you provide an individual checksum, Amazon S3 ignores any provided
365
468
  # `ChecksumAlgorithm` parameter.
366
469
  #
367
- # This checksum algorithm must be the same for all parts and it match
368
- # the checksum value supplied in the `CreateMultipartUpload` request.
369
- #
370
470
  #
371
471
  #
372
472
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
@@ -406,7 +506,7 @@ module Aws::S3
406
506
  # "MetadataKey" => "MetadataValue",
407
507
  # },
408
508
  # server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
409
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW
509
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
410
510
  # website_redirect_location: "WebsiteRedirectLocation",
411
511
  # sse_customer_algorithm: "SSECustomerAlgorithm",
412
512
  # sse_customer_key: "SSECustomerKey",
@@ -424,13 +524,41 @@ module Aws::S3
424
524
  # @param [Hash] options ({})
425
525
  # @option options [String] :acl
426
526
  # The canned ACL to apply to the object. For more information, see
427
- # [Canned ACL][1].
527
+ # [Canned ACL][1] in the *Amazon S3 User Guide*.
528
+ #
529
+ # When adding a new object, you can use headers to grant ACL-based
530
+ # permissions to individual Amazon Web Services accounts or to
531
+ # predefined groups defined by Amazon S3. These permissions are then
532
+ # added to the ACL on the object. By default, all objects are private.
533
+ # Only the owner has full access control. For more information, see
534
+ # [Access Control List (ACL) Overview][2] and [Managing ACLs Using the
535
+ # REST API][3] in the *Amazon S3 User Guide*.
536
+ #
537
+ # If the bucket that you're uploading objects to uses the bucket owner
538
+ # enforced setting for S3 Object Ownership, ACLs are disabled and no
539
+ # longer affect permissions. Buckets that use this setting only accept
540
+ # PUT requests that don't specify an ACL or PUT requests that specify
541
+ # bucket owner full control ACLs, such as the
542
+ # `bucket-owner-full-control` canned ACL or an equivalent form of this
543
+ # ACL expressed in the XML format. PUT requests that contain other ACLs
544
+ # (for example, custom grants to certain Amazon Web Services accounts)
545
+ # fail and return a `400` error with the error code
546
+ # `AccessControlListNotSupported`. For more information, see [
547
+ # Controlling ownership of objects and disabling ACLs][4] in the *Amazon
548
+ # S3 User Guide*.
428
549
  #
429
- # This action is not supported by Amazon S3 on Outposts.
550
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
551
+ #
552
+ # * This functionality is not supported for Amazon S3 on Outposts.
553
+ #
554
+ # </note>
430
555
  #
431
556
  #
432
557
  #
433
558
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
559
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
560
+ # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html
561
+ # [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
434
562
  # @option options [String, StringIO, File] :body
435
563
  # Object data.
436
564
  # @option options [String] :cache_control
@@ -477,9 +605,21 @@ module Aws::S3
477
605
  # information about REST request authentication, see [REST
478
606
  # Authentication][1].
479
607
  #
608
+ # <note markdown="1"> The `Content-MD5` header is required for any request to upload an
609
+ # object with a retention period configured using Amazon S3 Object Lock.
610
+ # For more information about Amazon S3 Object Lock, see [Amazon S3
611
+ # Object Lock Overview][2] in the *Amazon S3 User Guide*.
612
+ #
613
+ # </note>
614
+ #
615
+ # <note markdown="1"> This functionality is not supported for directory buckets.
616
+ #
617
+ # </note>
618
+ #
480
619
  #
481
620
  #
482
621
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html
622
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html
483
623
  # @option options [String] :content_type
484
624
  # A standard MIME type describing the format of the contents. For more
485
625
  # information, see
@@ -490,15 +630,36 @@ module Aws::S3
490
630
  # [1]: https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type
491
631
  # @option options [String] :checksum_algorithm
492
632
  # Indicates the algorithm used to create the checksum for the object
493
- # when using the SDK. This header will not provide any additional
494
- # functionality if not using the SDK. When sending this header, there
495
- # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
496
- # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
497
- # `400 Bad Request`. For more information, see [Checking object
498
- # integrity][1] in the *Amazon S3 User Guide*.
633
+ # when you use the SDK. This header will not provide any additional
634
+ # functionality if you don't use the SDK. When you send this header,
635
+ # there must be a corresponding `x-amz-checksum-algorithm ` or
636
+ # `x-amz-trailer` header sent. Otherwise, Amazon S3 fails the request
637
+ # with the HTTP status code `400 Bad Request`.
499
638
  #
500
- # If you provide an individual checksum, Amazon S3 ignores any provided
501
- # `ChecksumAlgorithm` parameter.
639
+ # For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with
640
+ # the supported algorithm from the following list:
641
+ #
642
+ # * CRC32
643
+ #
644
+ # * CRC32C
645
+ #
646
+ # * SHA1
647
+ #
648
+ # * SHA256
649
+ #
650
+ # For more information, see [Checking object integrity][1] in the
651
+ # *Amazon S3 User Guide*.
652
+ #
653
+ # If the individual checksum value you provide through
654
+ # `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
655
+ # set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
656
+ # provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
657
+ # that matches the provided value in `x-amz-checksum-algorithm `.
658
+ #
659
+ # <note markdown="1"> For directory buckets, when you use Amazon Web Services SDKs, `CRC32`
660
+ # is the default checksum algorithm that's used for performance.
661
+ #
662
+ # </note>
502
663
  #
503
664
  #
504
665
  #
@@ -555,33 +716,76 @@ module Aws::S3
555
716
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
556
717
  # object.
557
718
  #
558
- # This action is not supported by Amazon S3 on Outposts.
719
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
720
+ #
721
+ # * This functionality is not supported for Amazon S3 on Outposts.
722
+ #
723
+ # </note>
559
724
  # @option options [String] :grant_read
560
725
  # Allows grantee to read the object data and its metadata.
561
726
  #
562
- # This action is not supported by Amazon S3 on Outposts.
727
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
728
+ #
729
+ # * This functionality is not supported for Amazon S3 on Outposts.
730
+ #
731
+ # </note>
563
732
  # @option options [String] :grant_read_acp
564
733
  # Allows grantee to read the object ACL.
565
734
  #
566
- # This action is not supported by Amazon S3 on Outposts.
735
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
736
+ #
737
+ # * This functionality is not supported for Amazon S3 on Outposts.
738
+ #
739
+ # </note>
567
740
  # @option options [String] :grant_write_acp
568
741
  # Allows grantee to write the ACL for the applicable object.
569
742
  #
570
- # This action is not supported by Amazon S3 on Outposts.
743
+ # <note markdown="1"> * This functionality is not supported for directory buckets.
744
+ #
745
+ # * This functionality is not supported for Amazon S3 on Outposts.
746
+ #
747
+ # </note>
571
748
  # @option options [required, String] :key
572
749
  # Object key for which the PUT action was initiated.
573
750
  # @option options [Hash<String,String>] :metadata
574
751
  # A map of metadata to store with the object in S3.
575
752
  # @option options [String] :server_side_encryption
576
- # The server-side encryption algorithm used when storing this object in
577
- # Amazon S3 (for example, `AES256`, `aws:kms`, `aws:kms:dsse`).
753
+ # The server-side encryption algorithm that was used when you store this
754
+ # object in Amazon S3 (for example, `AES256`, `aws:kms`,
755
+ # `aws:kms:dsse`).
756
+ #
757
+ # <b>General purpose buckets </b> - You have four mutually exclusive
758
+ # options to protect data using server-side encryption in Amazon S3,
759
+ # depending on how you choose to manage the encryption keys.
760
+ # Specifically, the encryption key options are Amazon S3 managed keys
761
+ # (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), and
762
+ # customer-provided keys (SSE-C). Amazon S3 encrypts data with
763
+ # server-side encryption by using Amazon S3 managed keys (SSE-S3) by
764
+ # default. You can optionally tell Amazon S3 to encrypt data at rest by
765
+ # using server-side encryption with other key options. For more
766
+ # information, see [Using Server-Side Encryption][1] in the *Amazon S3
767
+ # User Guide*.
768
+ #
769
+ # <b>Directory buckets </b> - For directory buckets, only the
770
+ # server-side encryption with Amazon S3 managed keys (SSE-S3) (`AES256`)
771
+ # value is supported.
772
+ #
773
+ #
774
+ #
775
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
578
776
  # @option options [String] :storage_class
579
777
  # By default, Amazon S3 uses the STANDARD Storage Class to store newly
580
778
  # created objects. The STANDARD storage class provides high durability
581
779
  # and high availability. Depending on performance needs, you can specify
582
- # a different Storage Class. Amazon S3 on Outposts only uses the
583
- # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
584
- # in the *Amazon S3 User Guide*.
780
+ # a different Storage Class. For more information, see [Storage
781
+ # Classes][1] in the *Amazon S3 User Guide*.
782
+ #
783
+ # <note markdown="1"> * For directory buckets, only the S3 Express One Zone storage class is
784
+ # supported to store newly created objects.
785
+ #
786
+ # * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
787
+ #
788
+ # </note>
585
789
  #
586
790
  #
587
791
  #
@@ -590,7 +794,8 @@ module Aws::S3
590
794
  # If the bucket is configured as a website, redirects requests for this
591
795
  # object to another object in the same bucket or to an external URL.
592
796
  # Amazon S3 stores the value of this header in the object metadata. For
593
- # information about object metadata, see [Object Key and Metadata][1].
797
+ # information about object metadata, see [Object Key and Metadata][1] in
798
+ # the *Amazon S3 User Guide*.
594
799
  #
595
800
  # In the following example, the request header sets the redirect to an
596
801
  # object (anotherPage.html) in the same bucket:
@@ -604,7 +809,11 @@ module Aws::S3
604
809
  #
605
810
  # For more information about website hosting in Amazon S3, see [Hosting
606
811
  # Websites on Amazon S3][2] and [How to Configure Website Page
607
- # Redirects][3].
812
+ # Redirects][3] in the *Amazon S3 User Guide*.
813
+ #
814
+ # <note markdown="1"> This functionality is not supported for directory buckets.
815
+ #
816
+ # </note>
608
817
  #
609
818
  #
610
819
  #
@@ -612,18 +821,30 @@ module Aws::S3
612
821
  # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html
613
822
  # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html
614
823
  # @option options [String] :sse_customer_algorithm
615
- # Specifies the algorithm to use to when encrypting the object (for
616
- # example, AES256).
824
+ # Specifies the algorithm to use when encrypting the object (for
825
+ # example, `AES256`).
826
+ #
827
+ # <note markdown="1"> This functionality is not supported for directory buckets.
828
+ #
829
+ # </note>
617
830
  # @option options [String] :sse_customer_key
618
831
  # Specifies the customer-provided encryption key for Amazon S3 to use in
619
832
  # encrypting data. This value is used to store the object and then it is
620
833
  # discarded; Amazon S3 does not store the encryption key. The key must
621
834
  # be appropriate for use with the algorithm specified in the
622
835
  # `x-amz-server-side-encryption-customer-algorithm` header.
836
+ #
837
+ # <note markdown="1"> This functionality is not supported for directory buckets.
838
+ #
839
+ # </note>
623
840
  # @option options [String] :sse_customer_key_md5
624
841
  # Specifies the 128-bit MD5 digest of the encryption key according to
625
842
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
626
843
  # ensure that the encryption key was transmitted without error.
844
+ #
845
+ # <note markdown="1"> This functionality is not supported for directory buckets.
846
+ #
847
+ # </note>
627
848
  # @option options [String] :ssekms_key_id
628
849
  # If `x-amz-server-side-encryption` has a valid value of `aws:kms` or
629
850
  # `aws:kms:dsse`, this header specifies the ID (Key ID, Key ARN, or Key
@@ -635,6 +856,10 @@ module Aws::S3
635
856
  # Amazon Web Services managed key (`aws/s3`) to protect the data. If the
636
857
  # KMS key does not exist in the same account that's issuing the
637
858
  # command, you must use the full ARN and not just the ID.
859
+ #
860
+ # <note markdown="1"> This functionality is not supported for directory buckets.
861
+ #
862
+ # </note>
638
863
  # @option options [String] :ssekms_encryption_context
639
864
  # Specifies the Amazon Web Services KMS Encryption Context to use for
640
865
  # object encryption. The value of this header is a base64-encoded UTF-8
@@ -642,7 +867,11 @@ module Aws::S3
642
867
  # value is stored as object metadata and automatically gets passed on to
643
868
  # Amazon Web Services KMS for future `GetObject` or `CopyObject`
644
869
  # operations on this object. This value must be explicitly added during
645
- # CopyObject operations.
870
+ # `CopyObject` operations.
871
+ #
872
+ # <note markdown="1"> This functionality is not supported for directory buckets.
873
+ #
874
+ # </note>
646
875
  # @option options [Boolean] :bucket_key_enabled
647
876
  # Specifies whether Amazon S3 should use an S3 Bucket Key for object
648
877
  # encryption with server-side encryption using Key Management Service
@@ -651,14 +880,22 @@ module Aws::S3
651
880
  #
652
881
  # Specifying this header with a PUT action doesn’t affect bucket-level
653
882
  # settings for S3 Bucket Key.
883
+ #
884
+ # <note markdown="1"> This functionality is not supported for directory buckets.
885
+ #
886
+ # </note>
654
887
  # @option options [String] :request_payer
655
888
  # Confirms that the requester knows that they will be charged for the
656
889
  # request. Bucket owners need not specify this parameter in their
657
- # requests. If either the source or destination Amazon S3 bucket has
658
- # Requester Pays enabled, the requester will pay for corresponding
659
- # charges to copy the object. For information about downloading objects
660
- # from Requester Pays buckets, see [Downloading Objects in Requester
661
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
890
+ # requests. If either the source or destination S3 bucket has Requester
891
+ # Pays enabled, the requester will pay for corresponding charges to copy
892
+ # the object. For information about downloading objects from Requester
893
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
894
+ # in the *Amazon S3 User Guide*.
895
+ #
896
+ # <note markdown="1"> This functionality is not supported for directory buckets.
897
+ #
898
+ # </note>
662
899
  #
663
900
  #
664
901
  #
@@ -666,22 +903,39 @@ module Aws::S3
666
903
  # @option options [String] :tagging
667
904
  # The tag-set for the object. The tag-set must be encoded as URL Query
668
905
  # parameters. (For example, "Key1=Value1")
906
+ #
907
+ # <note markdown="1"> This functionality is not supported for directory buckets.
908
+ #
909
+ # </note>
669
910
  # @option options [String] :object_lock_mode
670
911
  # The Object Lock mode that you want to apply to this object.
912
+ #
913
+ # <note markdown="1"> This functionality is not supported for directory buckets.
914
+ #
915
+ # </note>
671
916
  # @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
672
917
  # The date and time when you want this object's Object Lock to expire.
673
918
  # Must be formatted as a timestamp parameter.
919
+ #
920
+ # <note markdown="1"> This functionality is not supported for directory buckets.
921
+ #
922
+ # </note>
674
923
  # @option options [String] :object_lock_legal_hold_status
675
924
  # Specifies whether a legal hold will be applied to this object. For
676
- # more information about S3 Object Lock, see [Object Lock][1].
925
+ # more information about S3 Object Lock, see [Object Lock][1] in the
926
+ # *Amazon S3 User Guide*.
927
+ #
928
+ # <note markdown="1"> This functionality is not supported for directory buckets.
929
+ #
930
+ # </note>
677
931
  #
678
932
  #
679
933
  #
680
934
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
681
935
  # @option options [String] :expected_bucket_owner
682
- # The account ID of the expected bucket owner. If the bucket is owned by
683
- # a different account, the request fails with the HTTP status code `403
684
- # Forbidden` (access denied).
936
+ # The account ID of the expected bucket owner. If the account ID that
937
+ # you provide does not match the actual owner of the bucket, the request
938
+ # fails with the HTTP status code `403 Forbidden` (access denied).
685
939
  # @return [Object]
686
940
  def put_object(options = {})
687
941
  options = options.merge(bucket: @name)
@@ -758,6 +1012,11 @@ module Aws::S3
758
1012
  # don't specify the prefix parameter, then the substring starts at the
759
1013
  # beginning of the key. The keys that are grouped under `CommonPrefixes`
760
1014
  # result element are not returned elsewhere in the response.
1015
+ #
1016
+ # <note markdown="1"> **Directory buckets** - For directory buckets, `/` is the only
1017
+ # supported delimiter.
1018
+ #
1019
+ # </note>
761
1020
  # @option options [String] :encoding_type
762
1021
  # Requests Amazon S3 to encode the object keys in the response and
763
1022
  # specifies the encoding method to use. An object key can contain any
@@ -766,22 +1025,43 @@ module Aws::S3
766
1025
  # characters that are not supported in XML 1.0, you can add this
767
1026
  # parameter to request that Amazon S3 encode the keys in the response.
768
1027
  # @option options [String] :key_marker
769
- # Together with `upload-id-marker`, this parameter specifies the
770
- # multipart upload after which listing should begin.
1028
+ # Specifies the multipart upload after which listing should begin.
771
1029
  #
772
- # If `upload-id-marker` is not specified, only the keys
773
- # lexicographically greater than the specified `key-marker` will be
774
- # included in the list.
1030
+ # <note markdown="1"> * **General purpose buckets** - For general purpose buckets,
1031
+ # `key-marker` is an object key. Together with `upload-id-marker`,
1032
+ # this parameter specifies the multipart upload after which listing
1033
+ # should begin.
775
1034
  #
776
- # If `upload-id-marker` is specified, any multipart uploads for a key
777
- # equal to the `key-marker` might also be included, provided those
778
- # multipart uploads have upload IDs lexicographically greater than the
779
- # specified `upload-id-marker`.
1035
+ # If `upload-id-marker` is not specified, only the keys
1036
+ # lexicographically greater than the specified `key-marker` will be
1037
+ # included in the list.
1038
+ #
1039
+ # If `upload-id-marker` is specified, any multipart uploads for a key
1040
+ # equal to the `key-marker` might also be included, provided those
1041
+ # multipart uploads have upload IDs lexicographically greater than the
1042
+ # specified `upload-id-marker`.
1043
+ #
1044
+ # * **Directory buckets** - For directory buckets, `key-marker` is
1045
+ # obfuscated and isn't a real object key. The `upload-id-marker`
1046
+ # parameter isn't supported by directory buckets. To list the
1047
+ # additional multipart uploads, you only need to set the value of
1048
+ # `key-marker` to the `NextKeyMarker` value from the previous
1049
+ # response.
1050
+ #
1051
+ # In the `ListMultipartUploads` response, the multipart uploads
1052
+ # aren't sorted lexicographically based on the object keys.
1053
+ #
1054
+ # </note>
780
1055
  # @option options [String] :prefix
781
1056
  # Lists in-progress uploads only for those keys that begin with the
782
1057
  # specified prefix. You can use prefixes to separate a bucket into
783
1058
  # different grouping of keys. (You can think of using `prefix` to make
784
1059
  # groups in the same way that you'd use a folder in a file system.)
1060
+ #
1061
+ # <note markdown="1"> **Directory buckets** - For directory buckets, only prefixes that end
1062
+ # in a delimiter (`/`) are supported.
1063
+ #
1064
+ # </note>
785
1065
  # @option options [String] :upload_id_marker
786
1066
  # Together with key-marker, specifies the multipart upload after which
787
1067
  # listing should begin. If key-marker is not specified, the
@@ -789,18 +1069,26 @@ module Aws::S3
789
1069
  # uploads for a key equal to the key-marker might be included in the
790
1070
  # list only if they have an upload ID lexicographically greater than the
791
1071
  # specified `upload-id-marker`.
1072
+ #
1073
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1074
+ #
1075
+ # </note>
792
1076
  # @option options [String] :expected_bucket_owner
793
- # The account ID of the expected bucket owner. If the bucket is owned by
794
- # a different account, the request fails with the HTTP status code `403
795
- # Forbidden` (access denied).
1077
+ # The account ID of the expected bucket owner. If the account ID that
1078
+ # you provide does not match the actual owner of the bucket, the request
1079
+ # fails with the HTTP status code `403 Forbidden` (access denied).
796
1080
  # @option options [String] :request_payer
797
1081
  # Confirms that the requester knows that they will be charged for the
798
1082
  # request. Bucket owners need not specify this parameter in their
799
- # requests. If either the source or destination Amazon S3 bucket has
800
- # Requester Pays enabled, the requester will pay for corresponding
801
- # charges to copy the object. For information about downloading objects
802
- # from Requester Pays buckets, see [Downloading Objects in Requester
803
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
1083
+ # requests. If either the source or destination S3 bucket has Requester
1084
+ # Pays enabled, the requester will pay for corresponding charges to copy
1085
+ # the object. For information about downloading objects from Requester
1086
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1087
+ # in the *Amazon S3 User Guide*.
1088
+ #
1089
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1090
+ #
1091
+ # </note>
804
1092
  #
805
1093
  #
806
1094
  #
@@ -886,17 +1174,21 @@ module Aws::S3
886
1174
  # @option options [String] :version_id_marker
887
1175
  # Specifies the object version you want to start listing from.
888
1176
  # @option options [String] :expected_bucket_owner
889
- # The account ID of the expected bucket owner. If the bucket is owned by
890
- # a different account, the request fails with the HTTP status code `403
891
- # Forbidden` (access denied).
1177
+ # The account ID of the expected bucket owner. If the account ID that
1178
+ # you provide does not match the actual owner of the bucket, the request
1179
+ # fails with the HTTP status code `403 Forbidden` (access denied).
892
1180
  # @option options [String] :request_payer
893
1181
  # Confirms that the requester knows that they will be charged for the
894
1182
  # request. Bucket owners need not specify this parameter in their
895
- # requests. If either the source or destination Amazon S3 bucket has
896
- # Requester Pays enabled, the requester will pay for corresponding
897
- # charges to copy the object. For information about downloading objects
898
- # from Requester Pays buckets, see [Downloading Objects in Requester
899
- # Pays Buckets][1] in the *Amazon S3 User Guide*.
1183
+ # requests. If either the source or destination S3 bucket has Requester
1184
+ # Pays enabled, the requester will pay for corresponding charges to copy
1185
+ # the object. For information about downloading objects from Requester
1186
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1187
+ # in the *Amazon S3 User Guide*.
1188
+ #
1189
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1190
+ #
1191
+ # </note>
900
1192
  #
901
1193
  #
902
1194
  #
@@ -943,29 +1235,67 @@ module Aws::S3
943
1235
  # @param [Hash] options ({})
944
1236
  # @option options [String] :delimiter
945
1237
  # A delimiter is a character that you use to group keys.
1238
+ #
1239
+ # <note markdown="1"> * **Directory buckets** - For directory buckets, `/` is the only
1240
+ # supported delimiter.
1241
+ #
1242
+ # * <b>Directory buckets </b> - When you query `ListObjectsV2` with a
1243
+ # delimiter during in-progress multipart uploads, the `CommonPrefixes`
1244
+ # response parameter contains the prefixes that are associated with
1245
+ # the in-progress multipart uploads. For more information about
1246
+ # multipart uploads, see [Multipart Upload Overview][1] in the *Amazon
1247
+ # S3 User Guide*.
1248
+ #
1249
+ # </note>
1250
+ #
1251
+ #
1252
+ #
1253
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html
946
1254
  # @option options [String] :encoding_type
947
1255
  # Encoding type used by Amazon S3 to encode object keys in the response.
948
1256
  # @option options [String] :prefix
949
1257
  # Limits the response to keys that begin with the specified prefix.
1258
+ #
1259
+ # <note markdown="1"> **Directory buckets** - For directory buckets, only prefixes that end
1260
+ # in a delimiter (`/`) are supported.
1261
+ #
1262
+ # </note>
950
1263
  # @option options [Boolean] :fetch_owner
951
1264
  # The owner field is not present in `ListObjectsV2` by default. If you
952
1265
  # want to return the owner field with each key in the result, then set
953
1266
  # the `FetchOwner` field to `true`.
1267
+ #
1268
+ # <note markdown="1"> **Directory buckets** - For directory buckets, the bucket owner is
1269
+ # returned as the object owner for all objects.
1270
+ #
1271
+ # </note>
954
1272
  # @option options [String] :start_after
955
1273
  # StartAfter is where you want Amazon S3 to start listing from. Amazon
956
1274
  # S3 starts listing after this specified key. StartAfter can be any key
957
1275
  # in the bucket.
1276
+ #
1277
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1278
+ #
1279
+ # </note>
958
1280
  # @option options [String] :request_payer
959
1281
  # Confirms that the requester knows that she or he will be charged for
960
1282
  # the list objects request in V2 style. Bucket owners need not specify
961
1283
  # this parameter in their requests.
1284
+ #
1285
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1286
+ #
1287
+ # </note>
962
1288
  # @option options [String] :expected_bucket_owner
963
- # The account ID of the expected bucket owner. If the bucket is owned by
964
- # a different account, the request fails with the HTTP status code `403
965
- # Forbidden` (access denied).
1289
+ # The account ID of the expected bucket owner. If the account ID that
1290
+ # you provide does not match the actual owner of the bucket, the request
1291
+ # fails with the HTTP status code `403 Forbidden` (access denied).
966
1292
  # @option options [Array<String>] :optional_object_attributes
967
1293
  # Specifies the optional fields that you want returned in the response.
968
1294
  # Fields that you do not specify are not returned.
1295
+ #
1296
+ # <note markdown="1"> This functionality is not supported for directory buckets.
1297
+ #
1298
+ # </note>
969
1299
  # @return [ObjectSummary::Collection]
970
1300
  def objects(options = {})
971
1301
  batches = Enumerator.new do |y|