RubyGems - aws-sdk-s3 - Versions diffs - 1.158.0 → 1.160.0 - Mend

aws-sdk-s3 1.158.0 → 1.160.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +10 -0
data/VERSION +1 -1
data/lib/aws-sdk-s3/bucket.rb +19 -0
data/lib/aws-sdk-s3/client.rb +324 -209
data/lib/aws-sdk-s3/client_api.rb +2 -0
data/lib/aws-sdk-s3/multipart_upload.rb +20 -0
data/lib/aws-sdk-s3/object.rb +36 -4
data/lib/aws-sdk-s3/object_summary.rb +28 -0
data/lib/aws-sdk-s3/object_version.rb +17 -4
data/lib/aws-sdk-s3/types.rb +106 -6
data/lib/aws-sdk-s3.rb +1 -1
data/sig/bucket.rbs +1 -0
data/sig/client.rbs +3 -0
data/sig/multipart_upload.rbs +1 -0
data/sig/object.rbs +1 -0
data/sig/object_summary.rbs +1 -0
data/sig/resource.rbs +1 -0
data/sig/types.rbs +2 -0
metadata +4 -4

data/lib/aws-sdk-s3/client.rb CHANGED Viewed

@@ -32,6 +32,7 @@ require 'aws-sdk-core/plugins/checksum_algorithm.rb'
 require 'aws-sdk-core/plugins/request_compression.rb'
 require 'aws-sdk-core/plugins/defaults_mode.rb'
 require 'aws-sdk-core/plugins/recursion_detection.rb'
+require 'aws-sdk-core/plugins/telemetry.rb'
 require 'aws-sdk-core/plugins/sign.rb'
 require 'aws-sdk-core/plugins/protocols/rest_xml.rb'
 require 'aws-sdk-s3/plugins/accelerate.rb'
@@ -104,6 +105,7 @@ module Aws::S3
     add_plugin(Aws::Plugins::RequestCompression)
     add_plugin(Aws::Plugins::DefaultsMode)
     add_plugin(Aws::Plugins::RecursionDetection)
+    add_plugin(Aws::Plugins::Telemetry)
     add_plugin(Aws::Plugins::Sign)
     add_plugin(Aws::Plugins::Protocols::RestXml)
     add_plugin(Aws::S3::Plugins::Accelerate)
@@ -432,6 +434,16 @@ module Aws::S3
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Aws::Telemetry::TelemetryProviderBase] :telemetry_provider (Aws::Telemetry::NoOpTelemetryProvider)
+    #     Allows you to provide a telemetry provider, which is used to
+    #     emit telemetry data. By default, uses `NoOpTelemetryProvider` which
+    #     will not record or emit any telemetry data. The SDK supports the
+    #     following telemetry providers:
+    #
+    #     * OpenTelemetry (OTel) - To use the OTel provider, install and require the
+    #     `opentelemetry-sdk` gem and then, pass in an instance of a
+    #     `Aws::Telemetry::OTelProvider` for telemetry provider.
+    #
     #   @option options [Aws::TokenProvider] :token_provider
     #     A Bearer Token Provider. This can be an instance of any one of the
     #     following classes:
@@ -797,6 +809,12 @@ module Aws::S3
     #     interruptions when a session expires. For more information about
     #     authorization, see [ `CreateSession` ][7].
     #
+    #   * If you provide an [additional checksum value][8] in your
+    #     `MultipartUpload` requests and the object is encrypted with Key
+    #     Management Service, you must have permission to use the
+    #     `kms:Decrypt` action for the `CompleteMultipartUpload` request to
+    #     succeed.
+    #
     # Special errors
     # : * Error Code: `EntityTooSmall`
     #
@@ -836,15 +854,15 @@ module Aws::S3
     #
     # The following operations are related to `CompleteMultipartUpload`:
     #
-    # * [CreateMultipartUpload][8]
+    # * [CreateMultipartUpload][9]
     #
     # * [UploadPart][1]
     #
-    # * [AbortMultipartUpload][9]
+    # * [AbortMultipartUpload][10]
     #
-    # * [ListParts][10]
+    # * [ListParts][11]
     #
-    # * [ListMultipartUploads][11]
+    # * [ListMultipartUploads][12]
     #
     #
     #
@@ -855,10 +873,11 @@ module Aws::S3
     # [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html
     # [6]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html
     # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html
-    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html
-    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html
-    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html
-    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html
+    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html
+    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html
+    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html
     #
     # @option params [required, String] :bucket
     #   Name of the bucket to which the multipart upload was initiated.
@@ -979,6 +998,26 @@ module Aws::S3
     #   you provide does not match the actual owner of the bucket, the request
     #   fails with the HTTP status code `403 Forbidden` (access denied).
     #
+    # @option params [String] :if_none_match
+    #   Uploads the object only if the object key name does not already exist
+    #   in the bucket specified. Otherwise, Amazon S3 returns a `412
+    #   Precondition Failed` error.
+    #
+    #   If a conflicting operation occurs during the upload S3 returns a `409
+    #   ConditionalRequestConflict` response. On a 409 failure you should
+    #   re-initiate the multipart upload with `CreateMultipartUpload` and
+    #   re-upload each part.
+    #
+    #   Expects the '*' (asterisk) character.
+    #
+    #   For more information about conditional requests, see [RFC 7232][1], or
+    #   [Conditional requests][2] in the *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://tools.ietf.org/html/rfc7232
+    #   [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html
+    #
     # @option params [String] :sse_customer_algorithm
     #   The server-side encryption (SSE) algorithm used to encrypt the object.
     #   This parameter is required only when the object was created using a
@@ -1094,6 +1133,7 @@ module Aws::S3
     #     checksum_sha256: "ChecksumSHA256",
     #     request_payer: "requester", # accepts requester
     #     expected_bucket_owner: "AccountId",
+    #     if_none_match: "IfNoneMatch",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
     #     sse_customer_key_md5: "SSECustomerKeyMD5",
@@ -2470,24 +2510,23 @@ module Aws::S3
     #   Version 4)][5] in the *Amazon S3 User Guide*.
     #
     # Permissions
-    # : * **General purpose bucket permissions** - For information about the
-    #     permissions required to use the multipart upload API, see
-    #     [Multipart upload and permissions][6] in the *Amazon S3 User
-    #     Guide*.
-    #
-    #     To perform a multipart upload with encryption by using an Amazon
-    #     Web Services KMS key, the requester must have permission to the
-    #     `kms:Decrypt` and `kms:GenerateDataKey*` actions on the key. These
-    #     permissions are required because Amazon S3 must decrypt and read
-    #     data from the encrypted file parts before it completes the
-    #     multipart upload. For more information, see [Multipart upload API
-    #     and permissions][7] and [Protecting data using server-side
-    #     encryption with Amazon Web Services KMS][8] in the *Amazon S3 User
-    #     Guide*.
+    # : * **General purpose bucket permissions** - To perform a multipart
+    #     upload with encryption using an Key Management Service (KMS) KMS
+    #     key, the requester must have permission to the `kms:Decrypt` and
+    #     `kms:GenerateDataKey` actions on the key. The requester must also
+    #     have permissions for the `kms:GenerateDataKey` action for the
+    #     `CreateMultipartUpload` API. Then, the requester needs permissions
+    #     for the `kms:Decrypt` action on the `UploadPart` and
+    #     `UploadPartCopy` APIs. These permissions are required because
+    #     Amazon S3 must decrypt and read data from the encrypted file parts
+    #     before it completes the multipart upload. For more information,
+    #     see [Multipart upload API and permissions][6] and [Protecting data
+    #     using server-side encryption with Amazon Web Services KMS][7] in
+    #     the *Amazon S3 User Guide*.
     #
     #   * **Directory bucket permissions** - To grant access to this API
     #     operation on a directory bucket, we recommend that you use the [
-    #     `CreateSession` ][9] API operation for session-based
+    #     `CreateSession` ][8] API operation for session-based
     #     authorization. Specifically, you grant the
     #     `s3express:CreateSession` permission to the directory bucket in a
     #     bucket policy or an IAM identity-based policy. Then, you make the
@@ -2498,7 +2537,7 @@ module Aws::S3
     #     token for use. Amazon Web Services CLI or SDKs create session and
     #     refresh the session token automatically to avoid service
     #     interruptions when a session expires. For more information about
-    #     authorization, see [ `CreateSession` ][9].
+    #     authorization, see [ `CreateSession` ][8].
     #
     # Encryption
     # : * **General purpose buckets** - Server-side encryption is for data
@@ -2525,7 +2564,7 @@ module Aws::S3
     #     the destination bucket, the encryption setting in your request
     #     takes precedence. If you choose to provide your own encryption
     #     key, the request headers you provide in [UploadPart][1] and
-    #     [UploadPartCopy][10] requests must match the headers you used in
+    #     [UploadPartCopy][9] requests must match the headers you used in
     #     the `CreateMultipartUpload` request.
     #
     #     * Use KMS keys (SSE-KMS) that include the Amazon Web Services
@@ -2551,9 +2590,9 @@ module Aws::S3
     #         actions on the key. These permissions are required because
     #         Amazon S3 must decrypt and read data from the encrypted file
     #         parts before it completes the multipart upload. For more
-    #         information, see [Multipart upload API and permissions][7] and
+    #         information, see [Multipart upload API and permissions][6] and
     #         [Protecting data using server-side encryption with Amazon Web
-    #         Services KMS][8] in the *Amazon S3 User Guide*.
+    #         Services KMS][7] in the *Amazon S3 User Guide*.
     #
     #       * If your Identity and Access Management (IAM) user or role is
     #         in the same Amazon Web Services account as the KMS key, then
@@ -2568,13 +2607,13 @@ module Aws::S3
     #         For information about configuring any of the officially
     #         supported Amazon Web Services SDKs and Amazon Web Services
     #         CLI, see [Specifying the Signature Version in Request
-    #         Authentication][11] in the *Amazon S3 User Guide*.
+    #         Authentication][10] in the *Amazon S3 User Guide*.
     #
     #        </note>
     #
     #       For more information about server-side encryption with KMS keys
     #       (SSE-KMS), see [Protecting Data Using Server-Side Encryption
-    #       with KMS keys][8] in the *Amazon S3 User Guide*.
+    #       with KMS keys][7] in the *Amazon S3 User Guide*.
     #
     #     * Use customer-provided encryption keys (SSE-C) – If you want to
     #       manage your own encryption keys, provide all the following
@@ -2589,7 +2628,7 @@ module Aws::S3
     #       For more information about server-side encryption with
     #       customer-provided encryption keys (SSE-C), see [ Protecting data
     #       using server-side encryption with customer-provided encryption
-    #       keys (SSE-C)][12] in the *Amazon S3 User Guide*.
+    #       keys (SSE-C)][11] in the *Amazon S3 User Guide*.
     #
     #   * **Directory buckets** -For directory buckets, only server-side
     #     encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) is
@@ -2604,13 +2643,13 @@ module Aws::S3
     #
     # * [UploadPart][1]
     #
-    # * [CompleteMultipartUpload][13]
+    # * [CompleteMultipartUpload][12]
     #
-    # * [AbortMultipartUpload][14]
+    # * [AbortMultipartUpload][13]
     #
-    # * [ListParts][15]
+    # * [ListParts][14]
     #
-    # * [ListMultipartUploads][16]
+    # * [ListMultipartUploads][15]
     #
     #
     #
@@ -2619,17 +2658,16 @@ module Aws::S3
     # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config
     # [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html
     # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions
-    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html
-    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html
-    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html
-    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
-    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html
-    # [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html
-    # [14]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html
-    # [15]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html
-    # [16]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html
+    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
+    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html
+    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html
+    # [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html
+    # [14]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html
+    # [15]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html
     #
     # @option params [String] :acl
     #   The canned ACL to apply to the object. Amazon S3 supports a set of
@@ -4634,35 +4672,35 @@ module Aws::S3
     #   * {Types::DeleteObjectTaggingOutput#version_id #version_id} => String
     #
     #
-    # @example Example: To remove tag set from an object
+    # @example Example: To remove tag set from an object version
     #
-    #   # The following example removes tag set associated with the specified object. If the bucket is versioning enabled, the
-    #   # operation removes tag set from the latest object version.
+    #   # The following example removes tag set associated with the specified object version. The request specifies both the
+    #   # object key and object version.
     #
     #   resp = client.delete_object_tagging({
     #     bucket: "examplebucket",
     #     key: "HappyFace.jpg",
+    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     version_id: "null",
+    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
     #   }
     #
-    # @example Example: To remove tag set from an object version
+    # @example Example: To remove tag set from an object
     #
-    #   # The following example removes tag set associated with the specified object version. The request specifies both the
-    #   # object key and object version.
+    #   # The following example removes tag set associated with the specified object. If the bucket is versioning enabled, the
+    #   # operation removes tag set from the latest object version.
     #
     #   resp = client.delete_object_tagging({
     #     bucket: "examplebucket",
     #     key: "HappyFace.jpg",
-    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
+    #     version_id: "null",
     #   }
     #
     # @example Request syntax with placeholder values
@@ -7679,6 +7717,15 @@ module Aws::S3
     # @option params [String] :checksum_mode
     #   To retrieve the checksum, this mode must be enabled.
     #
+    #   In addition, if you enable checksum mode and the object is uploaded
+    #   with a [checksum][1] and encrypted with an Key Management Service
+    #   (KMS) key, you must have permission to use the `kms:Decrypt` action to
+    #   retrieve the checksum.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html
+    #
     # @return [Types::GetObjectOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::GetObjectOutput#body #body} => IO
@@ -8762,49 +8809,49 @@ module Aws::S3
     #   * {Types::GetObjectTaggingOutput#tag_set #tag_set} => Array&lt;Types::Tag&gt;
     #
     #
-    # @example Example: To retrieve tag set of a specific object version
+    # @example Example: To retrieve tag set of an object
     #
-    #   # The following example retrieves tag set of an object. The request specifies object version.
+    #   # The following example retrieves tag set of an object.
     #
     #   resp = client.get_object_tagging({
     #     bucket: "examplebucket",
-    #     key: "exampleobject",
-    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
+    #     key: "HappyFace.jpg",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     tag_set: [
     #       {
-    #         key: "Key1",
-    #         value: "Value1",
+    #         key: "Key4",
+    #         value: "Value4",
+    #       },
+    #       {
+    #         key: "Key3",
+    #         value: "Value3",
     #       },
     #     ],
-    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
+    #     version_id: "null",
     #   }
     #
-    # @example Example: To retrieve tag set of an object
+    # @example Example: To retrieve tag set of a specific object version
     #
-    #   # The following example retrieves tag set of an object.
+    #   # The following example retrieves tag set of an object. The request specifies object version.
     #
     #   resp = client.get_object_tagging({
     #     bucket: "examplebucket",
-    #     key: "HappyFace.jpg",
+    #     key: "exampleobject",
+    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     tag_set: [
     #       {
-    #         key: "Key4",
-    #         value: "Value4",
-    #       },
-    #       {
-    #         key: "Key3",
-    #         value: "Value3",
+    #         key: "Key1",
+    #         value: "Value1",
     #       },
     #     ],
-    #     version_id: "null",
+    #     version_id: "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI",
     #   }
     #
     # @example Request syntax with placeholder values
@@ -9540,10 +9587,14 @@ module Aws::S3
     # @option params [String] :checksum_mode
     #   To retrieve the checksum, this parameter must be enabled.
     #
-    #   In addition, if you enable `ChecksumMode` and the object is encrypted
-    #   with Amazon Web Services Key Management Service (Amazon Web Services
-    #   KMS), you must have permission to use the `kms:Decrypt` action for the
-    #   request to succeed.
+    #   In addition, if you enable checksum mode and the object is uploaded
+    #   with a [checksum][1] and encrypted with an Key Management Service
+    #   (KMS) key, you must have permission to use the `kms:Decrypt` action to
+    #   retrieve the checksum.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html
     #
     # @return [Types::HeadObjectOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -15313,6 +15364,25 @@ module Aws::S3
     #
     #   [1]: https://www.rfc-editor.org/rfc/rfc7234#section-5.3
     #
+    # @option params [String] :if_none_match
+    #   Uploads the object only if the object key name does not already exist
+    #   in the bucket specified. Otherwise, Amazon S3 returns a `412
+    #   Precondition Failed` error.
+    #
+    #   If a conflicting operation occurs during the upload S3 returns a `409
+    #   ConditionalRequestConflict` response. On a 409 failure you should
+    #   retry the upload.
+    #
+    #   Expects the '*' (asterisk) character.
+    #
+    #   For more information about conditional requests, see [RFC 7232][1], or
+    #   [Conditional requests][2] in the *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://tools.ietf.org/html/rfc7232
+    #   [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html
+    #
     # @option params [String] :grant_full_control
     #   Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
     #   object.
@@ -15576,6 +15646,26 @@ module Aws::S3
     #   * {Types::PutObjectOutput#request_charged #request_charged} => String
     #
     #
+    # @example Example: To upload an object (specify optional headers)
+    #
+    #   # The following example uploads an object. The request specifies optional request headers to directs S3 to use specific
+    #   # storage class and use server-side encryption.
+    #
+    #   resp = client.put_object({
+    #     body: "HappyFace.jpg",
+    #     bucket: "examplebucket",
+    #     key: "HappyFace.jpg",
+    #     server_side_encryption: "AES256",
+    #     storage_class: "STANDARD_IA",
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
+    #     server_side_encryption: "AES256",
+    #     version_id: "CG612hodqujkf8FaaNfp8U..FIhLROcp",
+    #   }
+    #
     # @example Example: To create an object.
     #
     #   # The following example creates an object. If the bucket is versioning enabled, S3 returns version ID in response.
@@ -15592,62 +15682,57 @@ module Aws::S3
     #     version_id: "Bvq0EDKxOcXLJXNo_Lkz37eM3R4pfzyQ",
     #   }
     #
-    # @example Example: To upload an object (specify optional headers)
+    # @example Example: To upload an object
     #
-    #   # The following example uploads an object. The request specifies optional request headers to directs S3 to use specific
-    #   # storage class and use server-side encryption.
+    #   # The following example uploads an object to a versioning-enabled bucket. The source file is specified using Windows file
+    #   # syntax. S3 returns VersionId of the newly created object.
     #
     #   resp = client.put_object({
     #     body: "HappyFace.jpg",
     #     bucket: "examplebucket",
     #     key: "HappyFace.jpg",
-    #     server_side_encryption: "AES256",
-    #     storage_class: "STANDARD_IA",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
-    #     server_side_encryption: "AES256",
-    #     version_id: "CG612hodqujkf8FaaNfp8U..FIhLROcp",
+    #     version_id: "tpf3zF08nBplQK1XLOefGskR7mGDwcDk",
     #   }
     #
-    # @example Example: To upload an object and specify canned ACL.
+    # @example Example: To upload an object and specify optional tags
     #
-    #   # The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ
-    #   # access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.
+    #   # The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore
+    #   # S3 returns version ID of the newly created object.
     #
     #   resp = client.put_object({
-    #     acl: "authenticated-read",
-    #     body: "filetoupload",
+    #     body: "c:\\HappyFace.jpg",
     #     bucket: "examplebucket",
-    #     key: "exampleobject",
+    #     key: "HappyFace.jpg",
+    #     tagging: "key1=value1&key2=value2",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
-    #     version_id: "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr",
+    #     version_id: "psM2sYY4.o1501dSx8wMvnkOzSBB.V4a",
     #   }
     #
-    # @example Example: To upload an object and specify server-side encryption and object tags
+    # @example Example: To upload an object and specify canned ACL.
     #
-    #   # The following example uploads an object. The request specifies the optional server-side encryption option. The request
-    #   # also specifies optional object tags. If the bucket is versioning enabled, S3 returns version ID in response.
+    #   # The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ
+    #   # access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.
     #
     #   resp = client.put_object({
+    #     acl: "authenticated-read",
     #     body: "filetoupload",
     #     bucket: "examplebucket",
     #     key: "exampleobject",
-    #     server_side_encryption: "AES256",
-    #     tagging: "key1=value1&key2=value2",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
-    #     server_side_encryption: "AES256",
-    #     version_id: "Ri.vC6qVlA4dEnjgRV4ZHsHoFIjqEMNt",
+    #     version_id: "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr",
     #   }
     #
     # @example Example: To upload object and specify user-defined metadata
@@ -15671,39 +15756,24 @@ module Aws::S3
     #     version_id: "pSKidl4pHBiNwukdbcPXAIs.sshFFOc0",
     #   }
     #
-    # @example Example: To upload an object
-    #
-    #   # The following example uploads an object to a versioning-enabled bucket. The source file is specified using Windows file
-    #   # syntax. S3 returns VersionId of the newly created object.
-    #
-    #   resp = client.put_object({
-    #     body: "HappyFace.jpg",
-    #     bucket: "examplebucket",
-    #     key: "HappyFace.jpg",
-    #   })
-    #
-    #   resp.to_h outputs the following:
-    #   {
-    #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
-    #     version_id: "tpf3zF08nBplQK1XLOefGskR7mGDwcDk",
-    #   }
-    #
-    # @example Example: To upload an object and specify optional tags
+    # @example Example: To upload an object and specify server-side encryption and object tags
     #
-    #   # The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore
-    #   # S3 returns version ID of the newly created object.
+    #   # The following example uploads an object. The request specifies the optional server-side encryption option. The request
+    #   # also specifies optional object tags. If the bucket is versioning enabled, S3 returns version ID in response.
     #
     #   resp = client.put_object({
-    #     body: "c:\\HappyFace.jpg",
+    #     body: "filetoupload",
     #     bucket: "examplebucket",
-    #     key: "HappyFace.jpg",
+    #     key: "exampleobject",
+    #     server_side_encryption: "AES256",
     #     tagging: "key1=value1&key2=value2",
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"",
-    #     version_id: "psM2sYY4.o1501dSx8wMvnkOzSBB.V4a",
+    #     server_side_encryption: "AES256",
+    #     version_id: "Ri.vC6qVlA4dEnjgRV4ZHsHoFIjqEMNt",
     #   }
     #
     # @example Streaming a file from disk
@@ -15731,6 +15801,7 @@ module Aws::S3
     #     checksum_sha1: "ChecksumSHA1",
     #     checksum_sha256: "ChecksumSHA256",
     #     expires: Time.now,
+    #     if_none_match: "IfNoneMatch",
     #     grant_full_control: "GrantFullControl",
     #     grant_read: "GrantRead",
     #     grant_read_acp: "GrantReadACP",
@@ -16830,6 +16901,10 @@ module Aws::S3
     #
     #  </note>
     #
+    # The `SELECT` job type for the RestoreObject operation is no longer
+    # available to new customers. Existing customers of Amazon S3 Select can
+    # continue to use the feature as usual. [Learn more][1]
+    #
     # Restores an archived copy of an object back into Amazon S3
     #
     # This functionality is not supported for Amazon S3 on Outposts.
@@ -16843,11 +16918,11 @@ module Aws::S3
     # For more information about the `S3` structure in the request body, see
     # the following:
     #
-    # * [PutObject][1]
+    # * [PutObject][2]
     #
-    # * [Managing Access with ACLs][2] in the *Amazon S3 User Guide*
+    # * [Managing Access with ACLs][3] in the *Amazon S3 User Guide*
     #
-    # * [Protecting Data Using Server-Side Encryption][3] in the *Amazon S3
+    # * [Protecting Data Using Server-Side Encryption][4] in the *Amazon S3
     #   User Guide*
     #
     # Permissions
@@ -16856,8 +16931,8 @@ module Aws::S3
     #   `s3:RestoreObject` action. The bucket owner has this permission by
     #   default and can grant this permission to others. For more
     #   information about permissions, see [Permissions Related to Bucket
-    #   Subresource Operations][4] and [Managing Access Permissions to Your
-    #   Amazon S3 Resources][5] in the *Amazon S3 User Guide*.
+    #   Subresource Operations][5] and [Managing Access Permissions to Your
+    #   Amazon S3 Resources][6] in the *Amazon S3 User Guide*.
     #
     # Restoring objects
     #
@@ -16920,11 +16995,11 @@ module Aws::S3
     #
     #   For more information about archive retrieval options and provisioned
     #   capacity for `Expedited` data access, see [Restoring Archived
-    #   Objects][6] in the *Amazon S3 User Guide*.
+    #   Objects][7] in the *Amazon S3 User Guide*.
     #
     #   You can use Amazon S3 restore speed upgrade to change the restore
     #   speed to a faster speed while it is in progress. For more
-    #   information, see [ Upgrading the speed of an in-progress restore][7]
+    #   information, see [ Upgrading the speed of an in-progress restore][8]
     #   in the *Amazon S3 User Guide*.
     #
     #   To get the status of object restoration, you can send a `HEAD`
@@ -16932,7 +17007,7 @@ module Aws::S3
     #   provides information about the restoration status, in the response.
     #   You can use Amazon S3 event notifications to notify you when a
     #   restore is initiated or completed. For more information, see
-    #   [Configuring Amazon S3 Event Notifications][8] in the *Amazon S3
+    #   [Configuring Amazon S3 Event Notifications][9] in the *Amazon S3
     #   User Guide*.
     #
     #   After restoring an archived object, you can update the restoration
@@ -16948,8 +17023,8 @@ module Aws::S3
     #   restore an object copy for 10 days, but the object is scheduled to
     #   expire in 3 days, Amazon S3 deletes the object in 3 days. For more
     #   information about lifecycle configuration, see
-    #   [PutBucketLifecycleConfiguration][9] and [Object Lifecycle
-    #   Management][10] in *Amazon S3 User Guide*.
+    #   [PutBucketLifecycleConfiguration][10] and [Object Lifecycle
+    #   Management][11] in *Amazon S3 User Guide*.
     #
     # Responses
     #
@@ -16987,23 +17062,24 @@ module Aws::S3
     #
     # The following operations are related to `RestoreObject`:
     #
-    # * [PutBucketLifecycleConfiguration][9]
+    # * [PutBucketLifecycleConfiguration][10]
     #
-    # * [GetBucketNotificationConfiguration][11]
+    # * [GetBucketNotificationConfiguration][12]
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
-    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html
-    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
-    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources
-    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html#restoring-objects-upgrade-tier.title.html
-    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html
-    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html
-    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html
-    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html
+    # [1]: http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html#restoring-objects-upgrade-tier.title.html
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html
+    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html
+    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html
+    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html
     #
     # @option params [required, String] :bucket
     #   The bucket name containing the object to restore.
@@ -17215,6 +17291,10 @@ module Aws::S3
     #
     #  </note>
     #
+    # The SelectObjectContent operation is no longer available to new
+    # customers. Existing customers of Amazon S3 Select can continue to use
+    # the operation as usual. [Learn more][1]
+    #
     # This action filters the contents of an Amazon S3 object based on a
     # simple structured query language (SQL) statement. In the request,
     # along with the SQL expression, you must also specify a data
@@ -17226,7 +17306,7 @@ module Aws::S3
     # This functionality is not supported for Amazon S3 on Outposts.
     #
     # For more information about Amazon S3 Select, see [Selecting Content
-    # from Objects][1] and [SELECT Command][2] in the *Amazon S3 User
+    # from Objects][2] and [SELECT Command][3] in the *Amazon S3 User
     # Guide*.
     #
     #
@@ -17236,7 +17316,7 @@ module Aws::S3
     # : You must have the `s3:GetObject` permission for this
     #   operation. Amazon S3 Select does not support anonymous access. For
     #   more information about permissions, see [Specifying Permissions in a
-    #   Policy][3] in the *Amazon S3 User Guide*.
+    #   Policy][4] in the *Amazon S3 User Guide*.
     #
     # Object Data Formats
     #
@@ -17261,31 +17341,31 @@ module Aws::S3
     #
     #     For objects that are encrypted with customer-provided encryption
     #     keys (SSE-C), you must use HTTPS, and you must use the headers
-    #     that are documented in the [GetObject][4]. For more information
+    #     that are documented in the [GetObject][5]. For more information
     #     about SSE-C, see [Server-Side Encryption (Using Customer-Provided
-    #     Encryption Keys)][5] in the *Amazon S3 User Guide*.
+    #     Encryption Keys)][6] in the *Amazon S3 User Guide*.
     #
     #     For objects that are encrypted with Amazon S3 managed keys
     #     (SSE-S3) and Amazon Web Services KMS keys (SSE-KMS), server-side
     #     encryption is handled transparently, so you don't need to specify
     #     anything. For more information about server-side encryption,
     #     including SSE-S3 and SSE-KMS, see [Protecting Data Using
-    #     Server-Side Encryption][6] in the *Amazon S3 User Guide*.
+    #     Server-Side Encryption][7] in the *Amazon S3 User Guide*.
     #
     # Working with the Response Body
     #
     # : Given the response size is unknown, Amazon S3 Select streams the
     #   response as a series of messages and includes a `Transfer-Encoding`
     #   header with `chunked` as its value in the response. For more
-    #   information, see [Appendix: SelectObjectContent Response][7].
+    #   information, see [Appendix: SelectObjectContent Response][8].
     #
     # GetObject Support
     #
     # : The `SelectObjectContent` action does not support the following
-    #   `GetObject` functionality. For more information, see [GetObject][4].
+    #   `GetObject` functionality. For more information, see [GetObject][5].
     #
     #   * `Range`: Although you can specify a scan range for an Amazon S3
-    #     Select request (see [SelectObjectContentRequest - ScanRange][8] in
+    #     Select request (see [SelectObjectContentRequest - ScanRange][9] in
     #     the request parameters), you cannot specify the range of bytes of
     #     an object to return.
     #
@@ -17296,36 +17376,37 @@ module Aws::S3
     #     storage classes, nor objects in the `ARCHIVE_ACCESS` or
     #     `DEEP_ARCHIVE_ACCESS` access tiers of the `INTELLIGENT_TIERING`
     #     storage class. For more information about storage classes, see
-    #     [Using Amazon S3 storage classes][9] in the *Amazon S3 User
+    #     [Using Amazon S3 storage classes][10] in the *Amazon S3 User
     #     Guide*.
     #
     # Special Errors
     #
     # : For a list of special errors for this operation, see [List of SELECT
-    #   Object Content Error Codes][10]
+    #   Object Content Error Codes][11]
     #
     # The following operations are related to `SelectObjectContent`:
     #
-    # * [GetObject][4]
+    # * [GetObject][5]
     #
-    # * [GetBucketLifecycleConfiguration][11]
+    # * [GetBucketLifecycleConfiguration][12]
     #
-    # * [PutBucketLifecycleConfiguration][12]
+    # * [PutBucketLifecycleConfiguration][13]
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/selecting-content-from-objects.html
-    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-glacier-select-sql-reference-select.html
-    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html
-    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
-    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/RESTSelectObjectAppendix.html
-    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_SelectObjectContent.html#AmazonS3-SelectObjectContent-request-ScanRange
-    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html
-    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#SelectObjectContentErrorCodeList
-    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html
-    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html
+    # [1]: http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/selecting-content-from-objects.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-glacier-select-sql-reference-select.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/RESTSelectObjectAppendix.html
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_SelectObjectContent.html#AmazonS3-SelectObjectContent-request-ScanRange
+    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html
+    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#SelectObjectContentErrorCodeList
+    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html
+    # [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html
     #
     # @option params [required, String] :bucket
     #   The S3 bucket.
@@ -17672,14 +17753,27 @@ module Aws::S3
     #  </note>
     #
     # Permissions
-    # : * **General purpose bucket permissions** - For information on the
-    #     permissions required to use the multipart upload API, see
-    #     [Multipart Upload and Permissions][6] in the *Amazon S3 User
-    #     Guide*.
+    # : * **General purpose bucket permissions** - To perform a multipart
+    #     upload with encryption using an Key Management Service key, the
+    #     requester must have permission to the `kms:Decrypt` and
+    #     `kms:GenerateDataKey` actions on the key. The requester must also
+    #     have permissions for the `kms:GenerateDataKey` action for the
+    #     `CreateMultipartUpload` API. Then, the requester needs permissions
+    #     for the `kms:Decrypt` action on the `UploadPart` and
+    #     `UploadPartCopy` APIs.
+    #
+    #     These permissions are required because Amazon S3 must decrypt and
+    #     read data from the encrypted file parts before it completes the
+    #     multipart upload. For more information about KMS permissions, see
+    #     [Protecting data using server-side encryption with KMS][6] in the
+    #     *Amazon S3 User Guide*. For information about the permissions
+    #     required to use the multipart upload API, see [Multipart upload
+    #     and permissions][7] and [Multipart upload API and permissions][8]
+    #     in the *Amazon S3 User Guide*.
     #
     #   * **Directory bucket permissions** - To grant access to this API
     #     operation on a directory bucket, we recommend that you use the [
-    #     `CreateSession` ][7] API operation for session-based
+    #     `CreateSession` ][9] API operation for session-based
     #     authorization. Specifically, you grant the
     #     `s3express:CreateSession` permission to the directory bucket in a
     #     bucket policy or an IAM identity-based policy. Then, you make the
@@ -17690,7 +17784,7 @@ module Aws::S3
     #     token for use. Amazon Web Services CLI or SDKs create session and
     #     refresh the session token automatically to avoid service
     #     interruptions when a session expires. For more information about
-    #     authorization, see [ `CreateSession` ][7].
+    #     authorization, see [ `CreateSession` ][9].
     #
     # Data integrity
     #
@@ -17702,7 +17796,7 @@ module Aws::S3
     #   then Amazon Web Services S3 uses the `x-amz-content-sha256` header
     #   as a checksum instead of `Content-MD5`. For more information see
     #   [Authenticating Requests: Using the Authorization Header (Amazon Web
-    #   Services Signature Version 4)][8].
+    #   Services Signature Version 4)][10].
     #
     #   <note markdown="1"> **Directory buckets** - MD5 is not supported by directory buckets.
     #   You can use checksum algorithms to check object integrity.
@@ -17747,7 +17841,7 @@ module Aws::S3
     #     encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) is
     #     supported.
     #
-    #   For more information, see [Using Server-Side Encryption][9] in the
+    #   For more information, see [Using Server-Side Encryption][11] in the
     #   *Amazon S3 User Guide*.
     #
     # Special errors
@@ -17770,13 +17864,13 @@ module Aws::S3
     #
     # * [CreateMultipartUpload][2]
     #
-    # * [CompleteMultipartUpload][10]
+    # * [CompleteMultipartUpload][12]
     #
-    # * [AbortMultipartUpload][11]
+    # * [AbortMultipartUpload][13]
     #
-    # * [ListParts][12]
+    # * [ListParts][14]
     #
-    # * [ListMultipartUploads][13]
+    # * [ListMultipartUploads][15]
     #
     #
     #
@@ -17785,14 +17879,16 @@ module Aws::S3
     # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/qfacts.html
     # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html
     # [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html
-    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html
-    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
-    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html
-    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html
-    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html
-    # [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html
+    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html
+    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
+    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html
+    # [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html
+    # [14]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html
+    # [15]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html
     #
     # @option params [String, StringIO, File] :body
     #   Object data.
@@ -18125,9 +18221,21 @@ module Aws::S3
     #       have the <b> <code>s3:PutObject</code> </b> permission to write
     #       the object copy to the destination bucket.
     #
-    #     For information about permissions required to use the multipart
-    #     upload API, see [Multipart upload API and permissions][7] in the
-    #     *Amazon S3 User Guide*.
+    #     * To perform a multipart upload with encryption using an Key
+    #       Management Service key, the requester must have permission to
+    #       the `kms:Decrypt` and `kms:GenerateDataKey` actions on the key.
+    #       The requester must also have permissions for the
+    #       `kms:GenerateDataKey` action for the `CreateMultipartUpload`
+    #       API. Then, the requester needs permissions for the `kms:Decrypt`
+    #       action on the `UploadPart` and `UploadPartCopy` APIs. These
+    #       permissions are required because Amazon S3 must decrypt and read
+    #       data from the encrypted file parts before it completes the
+    #       multipart upload. For more information about KMS permissions,
+    #       see [Protecting data using server-side encryption with KMS][7]
+    #       in the *Amazon S3 User Guide*. For information about the
+    #       permissions required to use the multipart upload API, see
+    #       [Multipart upload and permissions][8] and [Multipart upload API
+    #       and permissions][9] in the *Amazon S3 User Guide*.
     #
     #   * **Directory bucket permissions** - You must have permissions in a
     #     bucket policy or an IAM identity-based policy based on the source
@@ -18148,14 +18256,14 @@ module Aws::S3
     #       set to `ReadOnly` on the copy destination.
     #
     #     For example policies, see [Example bucket policies for S3 Express
-    #     One Zone][8] and [Amazon Web Services Identity and Access
+    #     One Zone][10] and [Amazon Web Services Identity and Access
     #     Management (IAM) identity-based policies for S3 Express One
-    #     Zone][9] in the *Amazon S3 User Guide*.
+    #     Zone][11] in the *Amazon S3 User Guide*.
     #
     # Encryption
     # : * <b>General purpose buckets </b> - For information about using
     #     server-side encryption with customer-provided encryption keys with
-    #     the `UploadPartCopy` operation, see [CopyObject][10] and
+    #     the `UploadPartCopy` operation, see [CopyObject][12] and
     #     [UploadPart][2].
     #
     #   * <b>Directory buckets </b> - For directory buckets, only
@@ -18185,17 +18293,17 @@ module Aws::S3
     #
     # The following operations are related to `UploadPartCopy`:
     #
-    # * [CreateMultipartUpload][11]
+    # * [CreateMultipartUpload][13]
     #
     # * [UploadPart][2]
     #
-    # * [CompleteMultipartUpload][12]
+    # * [CompleteMultipartUpload][14]
     #
-    # * [AbortMultipartUpload][13]
+    # * [AbortMultipartUpload][15]
     #
-    # * [ListParts][14]
+    # * [ListParts][16]
     #
-    # * [ListMultipartUploads][15]
+    # * [ListMultipartUploads][17]
     #
     #
     #
@@ -18205,15 +18313,17 @@ module Aws::S3
     # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectOperations.html
     # [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html
     # [6]: https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions
-    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html
-    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html
-    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
-    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html
-    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html
-    # [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html
-    # [14]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html
-    # [15]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions
+    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html
+    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html
+    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
+    # [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html
+    # [14]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html
+    # [15]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html
+    # [16]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html
+    # [17]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html
     #
     # @option params [required, String] :bucket
     #   The bucket name.
@@ -18987,14 +19097,19 @@ module Aws::S3
     # @api private
     def build_request(operation_name, params = {})
       handlers = @handlers.for(operation_name)
+      tracer = config.telemetry_provider.tracer_provider.tracer(
+        Aws::Telemetry.module_to_tracer_name('Aws::S3')
+      )
       context = Seahorse::Client::RequestContext.new(
         operation_name: operation_name,
         operation: config.api.operation(operation_name),
         client: self,
         params: params,
-        config: config)
+        config: config,
+        tracer: tracer
+      )
       context[:gem_name] = 'aws-sdk-s3'
-      context[:gem_version] = '1.158.0'
+      context[:gem_version] = '1.160.0'
       Seahorse::Client::Request.new(handlers, context)
     end