aws-sdk-s3 1.159.0 → 1.163.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-s3/bucket.rb +120 -43
- data/lib/aws-sdk-s3/client.rb +1105 -389
- data/lib/aws-sdk-s3/client_api.rb +8 -0
- data/lib/aws-sdk-s3/endpoints.rb +99 -396
- data/lib/aws-sdk-s3/object.rb +336 -129
- data/lib/aws-sdk-s3/object_summary.rb +324 -109
- data/lib/aws-sdk-s3/object_version.rb +14 -8
- data/lib/aws-sdk-s3/plugins/endpoints.rb +10 -1
- data/lib/aws-sdk-s3/types.rb +644 -306
- data/lib/aws-sdk-s3.rb +1 -1
- data/sig/client.rbs +10 -1
- data/sig/resource.rbs +1 -0
- data/sig/types.rbs +10 -2
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: afd4c360870e136ada49d27ff23a992d83e10cf8086d49fa60e4109a83befc49
|
4
|
+
data.tar.gz: 74b212aa39f93b6233b2aaa1dfcd647339745c8ad5e54fa26ee341040c27bc22
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 86ea94d75b351388571d07466ea49d5243f70a31c7688d18047acb746ede2d81703ba5225a58eb221430304de7bb483ca70e6d31eaa89feb3b1b4a12e830cbb6
|
7
|
+
data.tar.gz: 1aca70a5ee0e958587aa59e255ef5a2ddbce7e61f466fca44ae482d8703965d0ec30b46e6f58f76c9c97b2590f86a25d34e7aed4c81a59191442461b8641c39b
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,26 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.163.0 (2024-09-18)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Added SSE-KMS support for directory buckets.
|
8
|
+
|
9
|
+
1.162.0 (2024-09-11)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
13
|
+
|
14
|
+
1.161.0 (2024-09-10)
|
15
|
+
------------------
|
16
|
+
|
17
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
18
|
+
|
19
|
+
1.160.0 (2024-09-03)
|
20
|
+
------------------
|
21
|
+
|
22
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
23
|
+
|
4
24
|
1.159.0 (2024-08-20)
|
5
25
|
------------------
|
6
26
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.163.0
|
data/lib/aws-sdk-s3/bucket.rb
CHANGED
@@ -773,25 +773,65 @@ module Aws::S3
|
|
773
773
|
# object in Amazon S3 (for example, `AES256`, `aws:kms`,
|
774
774
|
# `aws:kms:dsse`).
|
775
775
|
#
|
776
|
-
# <b>General purpose buckets </b> - You have four mutually exclusive
|
777
|
-
#
|
778
|
-
#
|
779
|
-
#
|
780
|
-
#
|
781
|
-
#
|
782
|
-
#
|
783
|
-
#
|
784
|
-
#
|
785
|
-
#
|
786
|
-
#
|
787
|
-
#
|
788
|
-
# <b>Directory buckets </b> - For directory buckets, only
|
789
|
-
#
|
790
|
-
#
|
776
|
+
# * <b>General purpose buckets </b> - You have four mutually exclusive
|
777
|
+
# options to protect data using server-side encryption in Amazon S3,
|
778
|
+
# depending on how you choose to manage the encryption keys.
|
779
|
+
# Specifically, the encryption key options are Amazon S3 managed keys
|
780
|
+
# (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), and
|
781
|
+
# customer-provided keys (SSE-C). Amazon S3 encrypts data with
|
782
|
+
# server-side encryption by using Amazon S3 managed keys (SSE-S3) by
|
783
|
+
# default. You can optionally tell Amazon S3 to encrypt data at rest
|
784
|
+
# by using server-side encryption with other key options. For more
|
785
|
+
# information, see [Using Server-Side Encryption][1] in the *Amazon S3
|
786
|
+
# User Guide*.
|
787
|
+
#
|
788
|
+
# * <b>Directory buckets </b> - For directory buckets, there are only
|
789
|
+
# two supported options for server-side encryption: server-side
|
790
|
+
# encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and
|
791
|
+
# server-side encryption with KMS keys (SSE-KMS) (`aws:kms`). We
|
792
|
+
# recommend that the bucket's default encryption uses the desired
|
793
|
+
# encryption configuration and you don't override the bucket default
|
794
|
+
# encryption in your `CreateSession` requests or `PUT` object
|
795
|
+
# requests. Then, new objects are automatically encrypted with the
|
796
|
+
# desired encryption settings. For more information, see [Protecting
|
797
|
+
# data with server-side encryption][2] in the *Amazon S3 User Guide*.
|
798
|
+
# For more information about the encryption overriding behaviors in
|
799
|
+
# directory buckets, see [Specifying server-side encryption with KMS
|
800
|
+
# for new object uploads][3].
|
801
|
+
#
|
802
|
+
# In the Zonal endpoint API calls (except [CopyObject][4] and
|
803
|
+
# [UploadPartCopy][5]) using the REST API, the encryption request
|
804
|
+
# headers must match the encryption settings that are specified in the
|
805
|
+
# `CreateSession` request. You can't override the values of the
|
806
|
+
# encryption settings (`x-amz-server-side-encryption`,
|
807
|
+
# `x-amz-server-side-encryption-aws-kms-key-id`,
|
808
|
+
# `x-amz-server-side-encryption-context`, and
|
809
|
+
# `x-amz-server-side-encryption-bucket-key-enabled`) that are
|
810
|
+
# specified in the `CreateSession` request. You don't need to
|
811
|
+
# explicitly specify these encryption settings values in Zonal
|
812
|
+
# endpoint API calls, and Amazon S3 will use the encryption settings
|
813
|
+
# values from the `CreateSession` request to protect new objects in
|
814
|
+
# the directory bucket.
|
815
|
+
#
|
816
|
+
# <note markdown="1"> When you use the CLI or the Amazon Web Services SDKs, for
|
817
|
+
# `CreateSession`, the session token refreshes automatically to avoid
|
818
|
+
# service interruptions when a session expires. The CLI or the Amazon
|
819
|
+
# Web Services SDKs use the bucket's default encryption configuration
|
820
|
+
# for the `CreateSession` request. It's not supported to override the
|
821
|
+
# encryption settings values in the `CreateSession` request. So in the
|
822
|
+
# Zonal endpoint API calls (except [CopyObject][4] and
|
823
|
+
# [UploadPartCopy][5]), the encryption request headers must match the
|
824
|
+
# default encryption configuration of the directory bucket.
|
825
|
+
#
|
826
|
+
# </note>
|
791
827
|
#
|
792
828
|
#
|
793
829
|
#
|
794
830
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
|
831
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html
|
832
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html
|
833
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
|
834
|
+
# [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html
|
795
835
|
# @option options [String] :storage_class
|
796
836
|
# By default, Amazon S3 uses the STANDARD Storage Class to store newly
|
797
837
|
# created objects. The STANDARD storage class provides high durability
|
@@ -865,44 +905,81 @@ module Aws::S3
|
|
865
905
|
#
|
866
906
|
# </note>
|
867
907
|
# @option options [String] :ssekms_key_id
|
868
|
-
#
|
869
|
-
#
|
870
|
-
#
|
871
|
-
#
|
872
|
-
#
|
873
|
-
#
|
874
|
-
# x-amz-server-side-encryption
|
875
|
-
#
|
876
|
-
#
|
877
|
-
#
|
908
|
+
# Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for
|
909
|
+
# object encryption. If the KMS key doesn't exist in the same account
|
910
|
+
# that's issuing the command, you must use the full Key ARN not the Key
|
911
|
+
# ID.
|
912
|
+
#
|
913
|
+
# **General purpose buckets** - If you specify
|
914
|
+
# `x-amz-server-side-encryption` with `aws:kms` or `aws:kms:dsse`, this
|
915
|
+
# header specifies the ID (Key ID, Key ARN, or Key Alias) of the KMS key
|
916
|
+
# to use. If you specify `x-amz-server-side-encryption:aws:kms` or
|
917
|
+
# `x-amz-server-side-encryption:aws:kms:dsse`, but do not provide
|
918
|
+
# `x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
|
919
|
+
# Amazon Web Services managed key (`aws/s3`) to protect the data.
|
920
|
+
#
|
921
|
+
# **Directory buckets** - If you specify `x-amz-server-side-encryption`
|
922
|
+
# with `aws:kms`, you must specify the `
|
923
|
+
# x-amz-server-side-encryption-aws-kms-key-id` header with the ID (Key
|
924
|
+
# ID or Key ARN) of the KMS symmetric encryption customer managed key to
|
925
|
+
# use. Otherwise, you get an HTTP `400 Bad Request` error. Only use the
|
926
|
+
# key ID or key ARN. The key alias format of the KMS key isn't
|
927
|
+
# supported. Your SSE-KMS configuration can only support 1 [customer
|
928
|
+
# managed key][1] per directory bucket for the lifetime of the bucket.
|
929
|
+
# [Amazon Web Services managed key][2] (`aws/s3`) isn't supported.
|
930
|
+
#
|
931
|
+
#
|
932
|
+
#
|
933
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
|
934
|
+
# [2]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
|
935
|
+
# @option options [String] :ssekms_encryption_context
|
936
|
+
# Specifies the Amazon Web Services KMS Encryption Context as an
|
937
|
+
# additional encryption context to use for object encryption. The value
|
938
|
+
# of this header is a Base64-encoded string of a UTF-8 encoded JSON,
|
939
|
+
# which contains the encryption context as key-value pairs. This value
|
940
|
+
# is stored as object metadata and automatically gets passed on to
|
941
|
+
# Amazon Web Services KMS for future `GetObject` operations on this
|
942
|
+
# object.
|
878
943
|
#
|
879
|
-
#
|
944
|
+
# **General purpose buckets** - This value must be explicitly added
|
945
|
+
# during `CopyObject` operations if you want an additional encryption
|
946
|
+
# context for your object. For more information, see [Encryption
|
947
|
+
# context][1] in the *Amazon S3 User Guide*.
|
880
948
|
#
|
881
|
-
#
|
882
|
-
#
|
883
|
-
#
|
884
|
-
#
|
885
|
-
# string holding JSON with the encryption context key-value pairs. This
|
886
|
-
# value is stored as object metadata and automatically gets passed on to
|
887
|
-
# Amazon Web Services KMS for future `GetObject` or `CopyObject`
|
888
|
-
# operations on this object. This value must be explicitly added during
|
889
|
-
# `CopyObject` operations.
|
949
|
+
# **Directory buckets** - You can optionally provide an explicit
|
950
|
+
# encryption context value. The value must match the default encryption
|
951
|
+
# context - the bucket Amazon Resource Name (ARN). An additional
|
952
|
+
# encryption context value is not supported.
|
890
953
|
#
|
891
|
-
# <note markdown="1"> This functionality is not supported for directory buckets.
|
892
954
|
#
|
893
|
-
#
|
955
|
+
#
|
956
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html#encryption-context
|
894
957
|
# @option options [Boolean] :bucket_key_enabled
|
895
958
|
# Specifies whether Amazon S3 should use an S3 Bucket Key for object
|
896
959
|
# encryption with server-side encryption using Key Management Service
|
897
|
-
# (KMS) keys (SSE-KMS).
|
898
|
-
# to use an S3 Bucket Key for object encryption with SSE-KMS.
|
960
|
+
# (KMS) keys (SSE-KMS).
|
899
961
|
#
|
900
|
-
#
|
901
|
-
#
|
962
|
+
# **General purpose buckets** - Setting this header to `true` causes
|
963
|
+
# Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.
|
964
|
+
# Also, specifying this header with a PUT action doesn't affect
|
965
|
+
# bucket-level settings for S3 Bucket Key.
|
902
966
|
#
|
903
|
-
#
|
967
|
+
# **Directory buckets** - S3 Bucket Keys are always enabled for `GET`
|
968
|
+
# and `PUT` operations in a directory bucket and can’t be disabled. S3
|
969
|
+
# Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects
|
970
|
+
# from general purpose buckets to directory buckets, from directory
|
971
|
+
# buckets to general purpose buckets, or between directory buckets,
|
972
|
+
# through [CopyObject][1], [UploadPartCopy][2], [the Copy operation in
|
973
|
+
# Batch Operations][3], or [the import jobs][4]. In this case, Amazon S3
|
974
|
+
# makes a call to KMS every time a copy request is made for a
|
975
|
+
# KMS-encrypted object.
|
904
976
|
#
|
905
|
-
#
|
977
|
+
#
|
978
|
+
#
|
979
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
|
980
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html
|
981
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops
|
982
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job
|
906
983
|
# @option options [String] :request_payer
|
907
984
|
# Confirms that the requester knows that they will be charged for the
|
908
985
|
# request. Bucket owners need not specify this parameter in their
|