aws-sdk-s3 1.171.0 → 1.209.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 958d9e96cdee4392a5c72351830f6eb3708ff4b6f352165ebfe413e027821064
-  data.tar.gz: 6e8acf39da2fb4c9ad2829da587d6948af8e15b9fa4635ea716c60355fb44e5f
+  metadata.gz: 96d905ca855eb2dbe7fc73b47740d9b107cd13d54248e50cd04c42c9b1cbec06
+  data.tar.gz: f47c0a2b631896eb327368850ba7b2d8e57cbfb4b31ac910b197488bc699deda
 SHA512:
-  metadata.gz: 22f2eac6252417eb3b8c66c4cd2379051858591524baff178cd9f9711bca49d2027e9e59847374b27d20af4b85b6ff61a20350a9115ba2fb043b0c490be7646d
-  data.tar.gz: 7976310bf6f27fd27a3247d63c56365163f2a976d65b56d040bc85874777eafad26311715b8f8bdab504e7229800e89c7e6efeaa7942e4fa258d4fb21a528d7e
+  metadata.gz: 491de1ec6c39f3a6b85fe3da244ad15f30865e44ca357289a8edbeffefe08eeb3794626827293c45e0c5365864db4eebcbec64b757ea287c3176feb5b69299ac
+  data.tar.gz: cb89af8f3d16403d37cbcab90b9b51de1c859bfe8eb689eededbbfd8efdbffc580acd16f2a7594bf75916497cac959325436562bcb2f5b90ec1a600f40765cf1

data/CHANGELOG.md

@@ -1,6 +1,243 @@
 Unreleased Changes
 ------------------
 
+1.209.0 (2025-12-23)
+------------------
+
+* Feature - Add additional validation to Outpost bucket names.
+
+1.208.0 (2025-12-16)
+------------------
+
+* Feature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.
+
+1.207.0 (2025-12-15)
+------------------
+
+* Feature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.
+
+1.206.0 (2025-12-02)
+------------------
+
+* Feature - New S3 Storage Class FSX_ONTAP
+
+1.205.0 (2025-11-20)
+------------------
+
+* Feature - Enable / Disable ABAC on a general purpose bucket.
+
+1.204.0 (2025-11-19)
+------------------
+
+* Feature - Adds support for blocking SSE-C writes to general purpose buckets.
+
+1.203.1 (2025-11-10)
+------------------
+
+* Issue - Deprecated `:checksum_mode` parameter in `FileDownloader#download`. When set to "DISABLED", a deprecation warning is issued and the parameter is ignored. Use `:response_checksum_validation` on the S3 client instead to control checksum validation behavior.
+
+1.203.0 (2025-11-05)
+------------------
+
+* Feature - Launch IPv6 dual-stack support for S3 Express
+
+1.202.0 (2025-10-28)
+------------------
+
+* Feature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.
+
+1.201.0 (2025-10-21)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+* Issue - Fix multipart upload to respect `request_checksum_calculation` `when_required` mode.
+
+1.200.0 (2025-10-15)
+------------------
+
+* Feature - Add lightweight thread pool executor for multipart `download_file`, `upload_file` and `upload_stream`.
+
+* Feature - Add custom executor support for `Aws::S3::TransferManager`.
+
+1.199.1 (2025-09-25)
+------------------
+
+* Issue - Update `TransferManager#download_file` and `Object#download_file` documentation regarding temporary file usage and failure handling for different destination types.
+
+1.199.0 (2025-09-08)
+------------------
+
+* Feature - This release includes backward compatibility work on the "Expires" parameter.
+
+1.198.0 (2025-08-26)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+* Issue - Fix multipart `download_file` to support `Pathname`, `File` and `Tempfile` objects as download destinations.
+
+1.197.0 (2025-08-19)
+------------------
+
+* Issue - When multipart stream uploader fails to complete multipart upload, it calls abort multipart upload.
+
+* Issue - For `Aws::S3::Object` class, the following methods have been deprecated: `download_file`, `upload_file` and `upload_stream`. Use `Aws::S3::TransferManager` instead.
+
+* Feature - Add `Aws::S3::TransferManager`, a S3 transfer utility that provides upload/download capabilities with automatic multipart handling, progress tracking, and handling of large files. 
+
+1.196.1 (2025-08-05)
+------------------
+
+* Issue - Add range validation to multipart download to ensure all parts are successfully processed.
+
+* Issue - When multipart uploader fails to complete multipart upload, it calls abort multipart upload.
+
+* Issue - Clean up partially downloaded file on multipart `download_file` failure while preserving existing file.
+
+1.196.0 (2025-08-04)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.195.0 (2025-07-31)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.194.0 (2025-07-21)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.193.0 (2025-07-15)
+------------------
+
+* Feature - Amazon S3 Metadata live inventory tables provide a queryable inventory of all the objects in your general purpose bucket so that you can determine the latest state of your data. To help minimize your storage costs, use journal table record expiration to set a retention period for your records.
+
+1.192.0 (2025-07-02)
+------------------
+
+* Feature - Added support for directory bucket creation with tags and bucket ARN retrieval in CreateBucket, ListDirectoryBuckets, and HeadBucket operations
+
+1.191.0 (2025-06-25)
+------------------
+
+* Feature - Adds support for additional server-side encryption mode and storage class values for accessing Amazon FSx data from Amazon S3 using S3 Access Points
+
+1.190.0 (2025-06-18)
+------------------
+
+* Feature - Added support for renaming objects within the same bucket using the new RenameObject API.
+
+1.189.1 (2025-06-10)
+------------------
+
+* Issue - Only load required `cgi` modules for Ruby 3.5.
+
+1.189.0 (2025-06-02)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.188.0 (2025-05-29)
+------------------
+
+* Feature - Adding checksum support for S3 PutBucketOwnershipControls API.
+
+1.187.0 (2025-05-28)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+* Issue - Signal data in http response listeners prior to writing, so that data can be inspected or verified before potential mutation.
+
+1.186.1 (2025-05-15)
+------------------
+* Issue - Abort multipart download if object is modified during download.
+
+1.186.0 (2025-05-12)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.185.0 (2025-05-01)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.184.0 (2025-04-28)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.183.0 (2025-03-31)
+------------------
+
+* Feature - Amazon S3 adds support for S3 Access Points for directory buckets in AWS Dedicated Local Zones
+
+1.182.0 (2025-02-18)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.181.0 (2025-02-14)
+------------------
+
+* Feature - Added support for Content-Range header in HeadObject response.
+
+1.180.0 (2025-02-06)
+------------------
+
+* Feature - Updated list of the valid AWS Region values for the LocationConstraint parameter for general purpose buckets.
+
+1.179.0 (2025-01-29)
+------------------
+
+* Feature - Change the type of MpuObjectSize in CompleteMultipartUploadRequest from int to long.
+
+1.178.0 (2025-01-15)
+------------------
+
+* Feature - This change enhances integrity protections for new SDK requests to S3. S3 SDKs now support the CRC64NVME checksum algorithm, full object checksums for multipart S3 objects, and new default integrity protections for S3 requests.
+
+* Feature - Default to using `CRC32` checksum validation for S3 uploads and downloads.
+
+1.177.0 (2025-01-03)
+------------------
+
+* Feature - This change is only for updating the model regexp of CopySource which is not for validation but only for documentation and user guide change.
+
+1.176.1 (2024-12-12)
+------------------
+
+* Issue - Do not normalize object keys when calling `presigned_url` or `presigned_request`.
+
+1.176.0 (2024-12-03)
+------------------
+
+* Feature - Amazon S3 Metadata stores object metadata in read-only, fully managed Apache Iceberg metadata tables that you can query. You can create metadata table configurations for S3 general purpose buckets.
+
+1.175.0 (2024-12-02)
+------------------
+
+* Feature - Amazon S3 introduces support for AWS Dedicated Local Zones
+
+1.174.0 (2024-11-25)
+------------------
+
+* Feature - Amazon Simple Storage Service / Features: Add support for ETag based conditional writes in PutObject and CompleteMultiPartUpload APIs to prevent unintended object modifications.
+
+1.173.0 (2024-11-21)
+------------------
+
+* Feature - Add support for conditional deletes for the S3 DeleteObject and DeleteObjects APIs. Add support for write offset bytes option used to append to objects with the S3 PutObject API.
+
+1.172.0 (2024-11-18)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.171.0 (2024-11-14)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.171.0
+1.209.0

data/lib/aws-sdk-s3/bucket.rb

@@ -49,6 +49,23 @@ module Aws::S3
       data[:bucket_region]
     end
 
+    # The Amazon Resource Name (ARN) of the S3 bucket. ARNs uniquely
+    # identify Amazon Web Services resources across all of Amazon Web
+    # Services.
+    #
+    # <note markdown="1"> This parameter is only supported for S3 directory buckets. For more
+    # information, see [Using tags with directory buckets][1].
+    #
+    #  </note>
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-tagging.html
+    # @return [String]
+    def bucket_arn
+      data[:bucket_arn]
+    end
+
     # @!endgroup
 
     # @return [Client]
@@ -237,15 +254,21 @@ module Aws::S3
     #   bucket.create({
     #     acl: "private", # accepts private, public-read, public-read-write, authenticated-read
     #     create_bucket_configuration: {
-    #       location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-south-2, ap-southeast-1, ap-southeast-2, ap-southeast-3, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-south-2, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
+    #       location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-south-2, ap-southeast-1, ap-southeast-2, ap-southeast-3, ap-southeast-4, ap-southeast-5, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-central-2, eu-north-1, eu-south-1, eu-south-2, eu-west-1, eu-west-2, eu-west-3, il-central-1, me-central-1, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
     #       location: {
-    #         type: "AvailabilityZone", # accepts AvailabilityZone
+    #         type: "AvailabilityZone", # accepts AvailabilityZone, LocalZone
     #         name: "LocationNameAsString",
     #       },
     #       bucket: {
-    #         data_redundancy: "SingleAvailabilityZone", # accepts SingleAvailabilityZone
+    #         data_redundancy: "SingleAvailabilityZone", # accepts SingleAvailabilityZone, SingleLocalZone
     #         type: "Directory", # accepts Directory
     #       },
+    #       tags: [
+    #         {
+    #           key: "ObjectKey", # required
+    #           value: "Value", # required
+    #         },
+    #       ],
     #     },
     #     grant_full_control: "GrantFullControl",
     #     grant_read: "GrantRead",
@@ -381,6 +404,9 @@ module Aws::S3
     #         {
     #           key: "ObjectKey", # required
     #           version_id: "ObjectVersionId",
+    #           etag: "ETag",
+    #           last_modified_time: Time.now,
+    #           size: 1,
     #         },
     #       ],
     #       quiet: false,
@@ -389,7 +415,7 @@ module Aws::S3
     #     request_payer: "requester", # accepts requester
     #     bypass_governance_retention: false,
     #     expected_bucket_owner: "AccountId",
-    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
     #   })
     # @param [Hash] options ({})
     # @option options [required, Types::Delete] :delete
@@ -459,6 +485,8 @@ module Aws::S3
     #
     #   * `CRC32C`
     #
+    #   * `CRC64NVME`
+    #
     #   * `SHA1`
     #
     #   * `SHA256`
@@ -468,9 +496,8 @@ module Aws::S3
     #
     #   If the individual checksum value you provide through
     #   `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
-    #   set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
-    #   provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
-    #   that matches the provided value in `x-amz-checksum-algorithm `.
+    #   set through `x-amz-sdk-checksum-algorithm`, Amazon S3 fails the
+    #   request with a `BadDigest` error.
     #
     #   If you provide an individual checksum, Amazon S3 ignores any provided
     #   `ChecksumAlgorithm` parameter.
@@ -499,23 +526,26 @@ module Aws::S3
     #     content_length: 1,
     #     content_md5: "ContentMD5",
     #     content_type: "ContentType",
-    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
     #     checksum_crc32: "ChecksumCRC32",
     #     checksum_crc32c: "ChecksumCRC32C",
+    #     checksum_crc64nvme: "ChecksumCRC64NVME",
     #     checksum_sha1: "ChecksumSHA1",
     #     checksum_sha256: "ChecksumSHA256",
     #     expires: Time.now,
+    #     if_match: "IfMatch",
     #     if_none_match: "IfNoneMatch",
     #     grant_full_control: "GrantFullControl",
     #     grant_read: "GrantRead",
     #     grant_read_acp: "GrantReadACP",
     #     grant_write_acp: "GrantWriteACP",
     #     key: "ObjectKey", # required
+    #     write_offset_bytes: 1,
     #     metadata: {
     #       "MetadataKey" => "MetadataValue",
     #     },
-    #     server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
+    #     server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS, FSX_ONTAP
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -606,7 +636,7 @@ module Aws::S3
     #
     #   [1]: https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length
     # @option options [String] :content_md5
-    #   The base64-encoded 128-bit MD5 digest of the message (without the
+    #   The Base64 encoded 128-bit `MD5` digest of the message (without the
     #   headers) according to RFC 1864. This header can be used as a message
     #   integrity check to verify that the data is the same data that was
     #   originally sent. Although it is optional, we recommend using the
@@ -653,6 +683,8 @@ module Aws::S3
     #
     #   * `CRC32C`
     #
+    #   * `CRC64NVME`
+    #
     #   * `SHA1`
     #
     #   * `SHA256`
@@ -662,9 +694,8 @@ module Aws::S3
     #
     #   If the individual checksum value you provide through
     #   `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
-    #   set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
-    #   provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
-    #   that matches the provided value in `x-amz-checksum-algorithm `.
+    #   set through `x-amz-sdk-checksum-algorithm`, Amazon S3 fails the
+    #   request with a `BadDigest` error.
     #
     #   <note markdown="1"> The `Content-MD5` or `x-amz-sdk-checksum-algorithm` header is required
     #   for any request to upload an object with a retention period configured
@@ -684,7 +715,7 @@ module Aws::S3
     # @option options [String] :checksum_crc32
     #   This header can be used as a data integrity check to verify that the
     #   data received is the same data that was originally sent. This header
-    #   specifies the base64-encoded, 32-bit CRC-32 checksum of the object.
+    #   specifies the Base64 encoded, 32-bit `CRC32` checksum of the object.
     #   For more information, see [Checking object integrity][1] in the
     #   *Amazon S3 User Guide*.
     #
@@ -694,17 +725,28 @@ module Aws::S3
     # @option options [String] :checksum_crc32c
     #   This header can be used as a data integrity check to verify that the
     #   data received is the same data that was originally sent. This header
-    #   specifies the base64-encoded, 32-bit CRC-32C checksum of the object.
+    #   specifies the Base64 encoded, 32-bit `CRC32C` checksum of the object.
     #   For more information, see [Checking object integrity][1] in the
     #   *Amazon S3 User Guide*.
     #
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
+    # @option options [String] :checksum_crc64nvme
+    #   This header can be used as a data integrity check to verify that the
+    #   data received is the same data that was originally sent. This header
+    #   specifies the Base64 encoded, 64-bit `CRC64NVME` checksum of the
+    #   object. The `CRC64NVME` checksum is always a full object checksum. For
+    #   more information, see [Checking object integrity in the Amazon S3 User
+    #   Guide][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
     # @option options [String] :checksum_sha1
     #   This header can be used as a data integrity check to verify that the
     #   data received is the same data that was originally sent. This header
-    #   specifies the base64-encoded, 160-bit SHA-1 digest of the object. For
+    #   specifies the Base64 encoded, 160-bit `SHA1` digest of the object. For
     #   more information, see [Checking object integrity][1] in the *Amazon S3
     #   User Guide*.
     #
@@ -714,7 +756,7 @@ module Aws::S3
     # @option options [String] :checksum_sha256
     #   This header can be used as a data integrity check to verify that the
     #   data received is the same data that was originally sent. This header
-    #   specifies the base64-encoded, 256-bit SHA-256 digest of the object.
+    #   specifies the Base64 encoded, 256-bit `SHA256` digest of the object.
     #   For more information, see [Checking object integrity][1] in the
     #   *Amazon S3 User Guide*.
     #
@@ -729,6 +771,25 @@ module Aws::S3
     #
     #
     #   [1]: https://www.rfc-editor.org/rfc/rfc7234#section-5.3
+    # @option options [String] :if_match
+    #   Uploads the object only if the ETag (entity tag) value provided during
+    #   the WRITE operation matches the ETag of the object in S3. If the ETag
+    #   values do not match, the operation returns a `412 Precondition Failed`
+    #   error.
+    #
+    #   If a conflicting operation occurs during the upload S3 returns a `409
+    #   ConditionalRequestConflict` response. On a 409 failure you should
+    #   fetch the object's ETag and retry the upload.
+    #
+    #   Expects the ETag value as a string.
+    #
+    #   For more information about conditional requests, see [RFC 7232][1], or
+    #   [Conditional requests][2] in the *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://tools.ietf.org/html/rfc7232
+    #   [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html
     # @option options [String] :if_none_match
     #   Uploads the object only if the object key name does not already exist
     #   in the bucket specified. Otherwise, Amazon S3 returns a `412
@@ -782,12 +843,21 @@ module Aws::S3
     #    </note>
     # @option options [required, String] :key
     #   Object key for which the PUT action was initiated.
+    # @option options [Integer] :write_offset_bytes
+    #   Specifies the offset for appending data to existing objects in bytes.
+    #   The offset must be equal to the size of the existing object being
+    #   appended to. If no object exists, setting this header to 0 will create
+    #   a new object.
+    #
+    #   <note markdown="1"> This functionality is only supported for objects in the Amazon S3
+    #   Express One Zone storage class in directory buckets.
+    #
+    #    </note>
     # @option options [Hash<String,String>] :metadata
     #   A map of metadata to store with the object in S3.
     # @option options [String] :server_side_encryption
     #   The server-side encryption algorithm that was used when you store this
-    #   object in Amazon S3 (for example, `AES256`, `aws:kms`,
-    #   `aws:kms:dsse`).
+    #   object in Amazon S3 or Amazon FSx.
     #
     #   * <b>General purpose buckets </b> - You have four mutually exclusive
     #     options to protect data using server-side encryption in Amazon S3,
@@ -841,6 +911,14 @@ module Aws::S3
     #
     #      </note>
     #
+    #   * <b>S3 access points for Amazon FSx </b> - When accessing data stored
+    #     in Amazon FSx file systems using S3 access points, the only valid
+    #     server side encryption option is `aws:fsx`. All Amazon FSx file
+    #     systems have encryption configured by default and are encrypted at
+    #     rest. Data is automatically encrypted before being written to the
+    #     file system, and automatically decrypted as it is read. These
+    #     processes are handled transparently by Amazon FSx.
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
@@ -855,8 +933,9 @@ module Aws::S3
     #   a different Storage Class. For more information, see [Storage
     #   Classes][1] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> * For directory buckets, only the S3 Express One Zone storage class is
-    #     supported to store newly created objects.
+    #   <note markdown="1"> * Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One
+    #     Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3
+    #     One Zone-Infrequent Access storage class) in Dedicated Local Zones.
     #
     #   * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
     #
@@ -934,20 +1013,17 @@ module Aws::S3
     #   `x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
     #   Amazon Web Services managed key (`aws/s3`) to protect the data.
     #
-    #   **Directory buckets** - If you specify `x-amz-server-side-encryption`
-    #   with `aws:kms`, the ` x-amz-server-side-encryption-aws-kms-key-id`
-    #   header is implicitly assigned the ID of the KMS symmetric encryption
-    #   customer managed key that's configured for your directory bucket's
-    #   default encryption setting. If you want to specify the `
-    #   x-amz-server-side-encryption-aws-kms-key-id` header explicitly, you
-    #   can only specify it with the ID (Key ID or Key ARN) of the KMS
-    #   customer managed key that's configured for your directory bucket's
-    #   default encryption setting. Otherwise, you get an HTTP `400 Bad
-    #   Request` error. Only use the key ID or key ARN. The key alias format
-    #   of the KMS key isn't supported. Your SSE-KMS configuration can only
-    #   support 1 [customer managed key][1] per directory bucket for the
-    #   lifetime of the bucket. The [Amazon Web Services managed key][2]
-    #   (`aws/s3`) isn't supported.
+    #   **Directory buckets** - To encrypt data using SSE-KMS, it's
+    #   recommended to specify the `x-amz-server-side-encryption` header to
+    #   `aws:kms`. Then, the `x-amz-server-side-encryption-aws-kms-key-id`
+    #   header implicitly uses the bucket's default KMS customer managed key
+    #   ID. If you want to explicitly set the `
+    #   x-amz-server-side-encryption-aws-kms-key-id` header, it must match the
+    #   bucket's default customer managed key (using key ID or ARN, not
+    #   alias). Your SSE-KMS configuration can only support 1 [customer
+    #   managed key][1] per directory bucket's lifetime. The [Amazon Web
+    #   Services managed key][2] (`aws/s3`) isn't supported. Incorrect key
+    #   specification results in an HTTP `400 Bad Request` error.
     #
     #
     #
@@ -956,7 +1032,7 @@ module Aws::S3
     # @option options [String] :ssekms_encryption_context
     #   Specifies the Amazon Web Services KMS Encryption Context as an
     #   additional encryption context to use for object encryption. The value
-    #   of this header is a Base64-encoded string of a UTF-8 encoded JSON,
+    #   of this header is a Base64 encoded string of a UTF-8 encoded JSON,
     #   which contains the encryption context as key-value pairs. This value
     #   is stored as object metadata and automatically gets passed on to
     #   Amazon Web Services KMS for future `GetObject` operations on this
@@ -1130,6 +1206,9 @@ module Aws::S3
     #   beginning of the key. The keys that are grouped under `CommonPrefixes`
     #   result element are not returned elsewhere in the response.
     #
+    #   `CommonPrefixes` is filtered out from results if it is not
+    #   lexicographically greater than the key-marker.
+    #
     #   <note markdown="1"> **Directory buckets** - For directory buckets, `/` is the only
     #   supported delimiter.
     #
@@ -1286,6 +1365,9 @@ module Aws::S3
     #   in `CommonPrefixes`. These groups are counted as one result against
     #   the `max-keys` limitation. These keys are not returned elsewhere in
     #   the response.
+    #
+    #   `CommonPrefixes` is filtered out from results if it is not
+    #   lexicographically greater than the key-marker.
     # @option options [String] :encoding_type
     #   Encoding type used by Amazon S3 to encode the [object keys][1] in the
     #   response. Responses are encoded only in UTF-8. An object key can
@@ -1381,6 +1463,9 @@ module Aws::S3
     # @option options [String] :delimiter
     #   A delimiter is a character that you use to group keys.
     #
+    #   `CommonPrefixes` is filtered out from results if it is not
+    #   lexicographically greater than the `StartAfter` value.
+    #
     #   <note markdown="1"> * **Directory buckets** - For directory buckets, `/` is the only
     #     supported delimiter.
     #

data/lib/aws-sdk-s3/bucket_acl.rb

@@ -34,7 +34,7 @@ module Aws::S3
       @bucket_name
     end
 
-    # Container for the bucket owner's display name and ID.
+    # Container for the bucket owner's ID.
     # @return [Types::Owner]
     def owner
       data[:owner]
@@ -207,7 +207,7 @@ module Aws::S3
     #       },
     #     },
     #     content_md5: "ContentMD5",
-    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
     #     grant_full_control: "GrantFullControl",
     #     grant_read: "GrantRead",
     #     grant_read_acp: "GrantReadACP",
@@ -222,9 +222,10 @@ module Aws::S3
     #   Contains the elements that set the ACL permissions for an object per
     #   grantee.
     # @option options [String] :content_md5
-    #   The base64-encoded 128-bit MD5 digest of the data. This header must be
-    #   used as a message integrity check to verify that the request body was
-    #   not corrupted in transit. For more information, go to [RFC 1864.][1]
+    #   The Base64 encoded 128-bit `MD5` digest of the data. This header must
+    #   be used as a message integrity check to verify that the request body
+    #   was not corrupted in transit. For more information, go to [RFC
+    #   1864.][1]
     #
     #   For requests made using the Amazon Web Services Command Line Interface
     #   (CLI) or Amazon Web Services SDKs, this field is calculated
@@ -234,7 +235,7 @@ module Aws::S3
     #
     #   [1]: http://www.ietf.org/rfc/rfc1864.txt
     # @option options [String] :checksum_algorithm
-    #   Indicates the algorithm used to create the checksum for the object
+    #   Indicates the algorithm used to create the checksum for the request
     #   when you use the SDK. This header will not provide any additional
     #   functionality if you don't use the SDK. When you send this header,
     #   there must be a corresponding `x-amz-checksum` or `x-amz-trailer`

data/lib/aws-sdk-s3/bucket_cors.rb

@@ -214,7 +214,7 @@ module Aws::S3
     #       ],
     #     },
     #     content_md5: "ContentMD5",
-    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
     #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
@@ -227,9 +227,10 @@ module Aws::S3
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html
     # @option options [String] :content_md5
-    #   The base64-encoded 128-bit MD5 digest of the data. This header must be
-    #   used as a message integrity check to verify that the request body was
-    #   not corrupted in transit. For more information, go to [RFC 1864.][1]
+    #   The Base64 encoded 128-bit `MD5` digest of the data. This header must
+    #   be used as a message integrity check to verify that the request body
+    #   was not corrupted in transit. For more information, go to [RFC
+    #   1864.][1]
     #
     #   For requests made using the Amazon Web Services Command Line Interface
     #   (CLI) or Amazon Web Services SDKs, this field is calculated
@@ -239,7 +240,7 @@ module Aws::S3
     #
     #   [1]: http://www.ietf.org/rfc/rfc1864.txt
     # @option options [String] :checksum_algorithm
-    #   Indicates the algorithm used to create the checksum for the object
+    #   Indicates the algorithm used to create the checksum for the request
     #   when you use the SDK. This header will not provide any additional
     #   functionality if you don't use the SDK. When you send this header,
     #   there must be a corresponding `x-amz-checksum` or `x-amz-trailer`