aws-sdk-s3 1.176.1 → 1.180.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +22 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-s3/bucket.rb +50 -39
  5. data/lib/aws-sdk-s3/bucket_acl.rb +6 -5
  6. data/lib/aws-sdk-s3/bucket_cors.rb +6 -5
  7. data/lib/aws-sdk-s3/bucket_lifecycle.rb +2 -2
  8. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +3 -3
  9. data/lib/aws-sdk-s3/bucket_logging.rb +2 -2
  10. data/lib/aws-sdk-s3/bucket_policy.rb +10 -9
  11. data/lib/aws-sdk-s3/bucket_request_payment.rb +3 -3
  12. data/lib/aws-sdk-s3/bucket_tagging.rb +3 -3
  13. data/lib/aws-sdk-s3/bucket_versioning.rb +9 -9
  14. data/lib/aws-sdk-s3/bucket_website.rb +3 -3
  15. data/lib/aws-sdk-s3/client.rb +698 -538
  16. data/lib/aws-sdk-s3/client_api.rb +34 -2
  17. data/lib/aws-sdk-s3/endpoint_provider.rb +260 -277
  18. data/lib/aws-sdk-s3/file_downloader.rb +4 -21
  19. data/lib/aws-sdk-s3/multipart_file_uploader.rb +31 -13
  20. data/lib/aws-sdk-s3/multipart_upload.rb +48 -6
  21. data/lib/aws-sdk-s3/multipart_upload_part.rb +52 -36
  22. data/lib/aws-sdk-s3/object.rb +142 -110
  23. data/lib/aws-sdk-s3/object_acl.rb +4 -4
  24. data/lib/aws-sdk-s3/object_summary.rb +97 -80
  25. data/lib/aws-sdk-s3/object_version.rb +22 -18
  26. data/lib/aws-sdk-s3/plugins/checksum_algorithm.rb +31 -0
  27. data/lib/aws-sdk-s3/plugins/express_session_auth.rb +11 -20
  28. data/lib/aws-sdk-s3/plugins/md5s.rb +10 -71
  29. data/lib/aws-sdk-s3/presigner.rb +4 -5
  30. data/lib/aws-sdk-s3/resource.rb +1 -1
  31. data/lib/aws-sdk-s3/types.rb +1017 -671
  32. data/lib/aws-sdk-s3.rb +1 -1
  33. data/sig/bucket.rbs +4 -3
  34. data/sig/bucket_acl.rbs +1 -1
  35. data/sig/bucket_cors.rbs +1 -1
  36. data/sig/bucket_lifecycle.rbs +1 -1
  37. data/sig/bucket_lifecycle_configuration.rbs +1 -1
  38. data/sig/bucket_logging.rbs +1 -1
  39. data/sig/bucket_policy.rbs +1 -1
  40. data/sig/bucket_request_payment.rbs +1 -1
  41. data/sig/bucket_tagging.rbs +1 -1
  42. data/sig/bucket_versioning.rbs +3 -3
  43. data/sig/bucket_website.rbs +1 -1
  44. data/sig/client.rbs +52 -31
  45. data/sig/multipart_upload.rbs +8 -1
  46. data/sig/multipart_upload_part.rbs +5 -1
  47. data/sig/object.rbs +13 -5
  48. data/sig/object_acl.rbs +1 -1
  49. data/sig/object_summary.rbs +11 -6
  50. data/sig/object_version.rbs +5 -2
  51. data/sig/resource.rbs +3 -1
  52. data/sig/types.rbs +63 -34
  53. metadata +5 -5
  54. data/lib/aws-sdk-s3/plugins/skip_whole_multipart_get_checksums.rb +0 -31
@@ -134,14 +134,14 @@ module Aws::S3
134
134
  data[:content_length]
135
135
  end
136
136
 
137
- # The base64-encoded, 32-bit CRC-32 checksum of the object. This will
138
- # only be present if it was uploaded with the object. When you use an
139
- # API operation on an object that was uploaded using multipart uploads,
140
- # this value may not be a direct checksum value of the full object.
141
- # Instead, it's a calculation based on the checksum values of each
142
- # individual part. For more information about how checksums are
143
- # calculated with multipart uploads, see [ Checking object integrity][1]
144
- # in the *Amazon S3 User Guide*.
137
+ # The Base64 encoded, 32-bit `CRC-32 checksum` of the object. This
138
+ # checksum is only be present if the checksum was uploaded with the
139
+ # object. When you use an API operation on an object that was uploaded
140
+ # using multipart uploads, this value may not be a direct checksum value
141
+ # of the full object. Instead, it's a calculation based on the checksum
142
+ # values of each individual part. For more information about how
143
+ # checksums are calculated with multipart uploads, see [ Checking object
144
+ # integrity][1] in the *Amazon S3 User Guide*.
145
145
  #
146
146
  #
147
147
  #
@@ -151,14 +151,14 @@ module Aws::S3
151
151
  data[:checksum_crc32]
152
152
  end
153
153
 
154
- # The base64-encoded, 32-bit CRC-32C checksum of the object. This will
155
- # only be present if it was uploaded with the object. When you use an
156
- # API operation on an object that was uploaded using multipart uploads,
157
- # this value may not be a direct checksum value of the full object.
158
- # Instead, it's a calculation based on the checksum values of each
159
- # individual part. For more information about how checksums are
160
- # calculated with multipart uploads, see [ Checking object integrity][1]
161
- # in the *Amazon S3 User Guide*.
154
+ # The Base64 encoded, 32-bit `CRC-32C` checksum of the object. This
155
+ # checksum is only present if the checksum was uploaded with the object.
156
+ # When you use an API operation on an object that was uploaded using
157
+ # multipart uploads, this value may not be a direct checksum value of
158
+ # the full object. Instead, it's a calculation based on the checksum
159
+ # values of each individual part. For more information about how
160
+ # checksums are calculated with multipart uploads, see [ Checking object
161
+ # integrity][1] in the *Amazon S3 User Guide*.
162
162
  #
163
163
  #
164
164
  #
@@ -168,14 +168,26 @@ module Aws::S3
168
168
  data[:checksum_crc32c]
169
169
  end
170
170
 
171
- # The base64-encoded, 160-bit SHA-1 digest of the object. This will only
172
- # be present if it was uploaded with the object. When you use the API
173
- # operation on an object that was uploaded using multipart uploads, this
174
- # value may not be a direct checksum value of the full object. Instead,
175
- # it's a calculation based on the checksum values of each individual
176
- # part. For more information about how checksums are calculated with
177
- # multipart uploads, see [ Checking object integrity][1] in the *Amazon
178
- # S3 User Guide*.
171
+ # The Base64 encoded, 64-bit `CRC-64NVME` checksum of the object. For
172
+ # more information, see [Checking object integrity in the Amazon S3 User
173
+ # Guide][1].
174
+ #
175
+ #
176
+ #
177
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
178
+ # @return [String]
179
+ def checksum_crc64nvme
180
+ data[:checksum_crc64nvme]
181
+ end
182
+
183
+ # The Base64 encoded, 160-bit `SHA-1` digest of the object. This will
184
+ # only be present if the object was uploaded with the object. When you
185
+ # use the API operation on an object that was uploaded using multipart
186
+ # uploads, this value may not be a direct checksum value of the full
187
+ # object. Instead, it's a calculation based on the checksum values of
188
+ # each individual part. For more information about how checksums are
189
+ # calculated with multipart uploads, see [ Checking object integrity][1]
190
+ # in the *Amazon S3 User Guide*.
179
191
  #
180
192
  #
181
193
  #
@@ -185,12 +197,12 @@ module Aws::S3
185
197
  data[:checksum_sha1]
186
198
  end
187
199
 
188
- # The base64-encoded, 256-bit SHA-256 digest of the object. This will
189
- # only be present if it was uploaded with the object. When you use an
190
- # API operation on an object that was uploaded using multipart uploads,
191
- # this value may not be a direct checksum value of the full object.
192
- # Instead, it's a calculation based on the checksum values of each
193
- # individual part. For more information about how checksums are
200
+ # The Base64 encoded, 256-bit `SHA-256` digest of the object. This will
201
+ # only be present if the object was uploaded with the object. When you
202
+ # use an API operation on an object that was uploaded using multipart
203
+ # uploads, this value may not be a direct checksum value of the full
204
+ # object. Instead, it's a calculation based on the checksum values of
205
+ # each individual part. For more information about how checksums are
194
206
  # calculated with multipart uploads, see [ Checking object integrity][1]
195
207
  # in the *Amazon S3 User Guide*.
196
208
  #
@@ -202,6 +214,21 @@ module Aws::S3
202
214
  data[:checksum_sha256]
203
215
  end
204
216
 
217
+ # The checksum type, which determines how part-level checksums are
218
+ # combined to create an object-level checksum for multipart objects. You
219
+ # can use this header response to verify that the checksum type that is
220
+ # received is the same checksum type that was specified in
221
+ # `CreateMultipartUpload` request. For more information, see [Checking
222
+ # object integrity in the Amazon S3 User Guide][1].
223
+ #
224
+ #
225
+ #
226
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
227
+ # @return [String]
228
+ def checksum_type
229
+ data[:checksum_type]
230
+ end
231
+
205
232
  # An entity tag (ETag) is an opaque identifier assigned by a web server
206
233
  # to a specific version of a resource found at a URL.
207
234
  # @return [String]
@@ -676,7 +703,7 @@ module Aws::S3
676
703
  # object.copy_from({
677
704
  # acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
678
705
  # cache_control: "CacheControl",
679
- # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
706
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
680
707
  # content_disposition: "ContentDisposition",
681
708
  # content_encoding: "ContentEncoding",
682
709
  # content_language: "ContentLanguage",
@@ -1192,20 +1219,17 @@ module Aws::S3
1192
1219
  # Signature Version in Request Authentication][1] in the *Amazon S3 User
1193
1220
  # Guide*.
1194
1221
  #
1195
- # **Directory buckets** - If you specify `x-amz-server-side-encryption`
1196
- # with `aws:kms`, the ` x-amz-server-side-encryption-aws-kms-key-id`
1197
- # header is implicitly assigned the ID of the KMS symmetric encryption
1198
- # customer managed key that's configured for your directory bucket's
1199
- # default encryption setting. If you want to specify the `
1200
- # x-amz-server-side-encryption-aws-kms-key-id` header explicitly, you
1201
- # can only specify it with the ID (Key ID or Key ARN) of the KMS
1202
- # customer managed key that's configured for your directory bucket's
1203
- # default encryption setting. Otherwise, you get an HTTP `400 Bad
1204
- # Request` error. Only use the key ID or key ARN. The key alias format
1205
- # of the KMS key isn't supported. Your SSE-KMS configuration can only
1206
- # support 1 [customer managed key][2] per directory bucket for the
1207
- # lifetime of the bucket. The [Amazon Web Services managed key][3]
1208
- # (`aws/s3`) isn't supported.
1222
+ # **Directory buckets** - To encrypt data using SSE-KMS, it's
1223
+ # recommended to specify the `x-amz-server-side-encryption` header to
1224
+ # `aws:kms`. Then, the `x-amz-server-side-encryption-aws-kms-key-id`
1225
+ # header implicitly uses the bucket's default KMS customer managed key
1226
+ # ID. If you want to explicitly set the `
1227
+ # x-amz-server-side-encryption-aws-kms-key-id` header, it must match the
1228
+ # bucket's default customer managed key (using key ID or ARN, not
1229
+ # alias). Your SSE-KMS configuration can only support 1 [customer
1230
+ # managed key][2] per directory bucket's lifetime. The [Amazon Web
1231
+ # Services managed key][3] (`aws/s3`) isn't supported. Incorrect key
1232
+ # specification results in an HTTP `400 Bad Request` error.
1209
1233
  #
1210
1234
  #
1211
1235
  #
@@ -1476,7 +1500,7 @@ module Aws::S3
1476
1500
  #
1477
1501
  #
1478
1502
  #
1479
- # [1]: https://docs.aws.amazon.com/https:/tools.ietf.org/html/rfc7232
1503
+ # [1]: https://tools.ietf.org/html/rfc7232
1480
1504
  # @option options [Time,DateTime,Date,Integer,String] :if_match_last_modified_time
1481
1505
  # If present, the object is deleted only if its modification times
1482
1506
  # matches the provided `Timestamp`. If the `Timestamp` values do not
@@ -1757,15 +1781,6 @@ module Aws::S3
1757
1781
  # fails with the HTTP status code `403 Forbidden` (access denied).
1758
1782
  # @option options [String] :checksum_mode
1759
1783
  # To retrieve the checksum, this mode must be enabled.
1760
- #
1761
- # **General purpose buckets** - In addition, if you enable checksum mode
1762
- # and the object is uploaded with a [checksum][1] and encrypted with an
1763
- # Key Management Service (KMS) key, you must have permission to use the
1764
- # `kms:Decrypt` action to retrieve the checksum.
1765
- #
1766
- #
1767
- #
1768
- # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html
1769
1784
  # @return [Types::GetObjectOutput]
1770
1785
  def get(options = {}, &block)
1771
1786
  options = options.merge(
@@ -1810,7 +1825,8 @@ module Aws::S3
1810
1825
  # object_lock_retain_until_date: Time.now,
1811
1826
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
1812
1827
  # expected_bucket_owner: "AccountId",
1813
- # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
1828
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
1829
+ # checksum_type: "COMPOSITE", # accepts COMPOSITE, FULL_OBJECT
1814
1830
  # })
1815
1831
  # @param [Hash] options ({})
1816
1832
  # @option options [String] :acl
@@ -2225,20 +2241,17 @@ module Aws::S3
2225
2241
  # `x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
2226
2242
  # Amazon Web Services managed key (`aws/s3`) to protect the data.
2227
2243
  #
2228
- # **Directory buckets** - If you specify `x-amz-server-side-encryption`
2229
- # with `aws:kms`, the ` x-amz-server-side-encryption-aws-kms-key-id`
2230
- # header is implicitly assigned the ID of the KMS symmetric encryption
2231
- # customer managed key that's configured for your directory bucket's
2232
- # default encryption setting. If you want to specify the `
2233
- # x-amz-server-side-encryption-aws-kms-key-id` header explicitly, you
2234
- # can only specify it with the ID (Key ID or Key ARN) of the KMS
2235
- # customer managed key that's configured for your directory bucket's
2236
- # default encryption setting. Otherwise, you get an HTTP `400 Bad
2237
- # Request` error. Only use the key ID or key ARN. The key alias format
2238
- # of the KMS key isn't supported. Your SSE-KMS configuration can only
2239
- # support 1 [customer managed key][1] per directory bucket for the
2240
- # lifetime of the bucket. The [Amazon Web Services managed key][2]
2241
- # (`aws/s3`) isn't supported.
2244
+ # **Directory buckets** - To encrypt data using SSE-KMS, it's
2245
+ # recommended to specify the `x-amz-server-side-encryption` header to
2246
+ # `aws:kms`. Then, the `x-amz-server-side-encryption-aws-kms-key-id`
2247
+ # header implicitly uses the bucket's default KMS customer managed key
2248
+ # ID. If you want to explicitly set the `
2249
+ # x-amz-server-side-encryption-aws-kms-key-id` header, it must match the
2250
+ # bucket's default customer managed key (using key ID or ARN, not
2251
+ # alias). Your SSE-KMS configuration can only support 1 [customer
2252
+ # managed key][1] per directory bucket's lifetime. The [Amazon Web
2253
+ # Services managed key][2] (`aws/s3`) isn't supported. Incorrect key
2254
+ # specification results in an HTTP `400 Bad Request` error.
2242
2255
  #
2243
2256
  #
2244
2257
  #
@@ -2246,7 +2259,7 @@ module Aws::S3
2246
2259
  # [2]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
2247
2260
  # @option options [String] :ssekms_encryption_context
2248
2261
  # Specifies the Amazon Web Services KMS Encryption Context to use for
2249
- # object encryption. The value of this header is a Base64-encoded string
2262
+ # object encryption. The value of this header is a Base64 encoded string
2250
2263
  # of a UTF-8 encoded JSON, which contains the encryption context as
2251
2264
  # key-value pairs.
2252
2265
  #
@@ -2335,6 +2348,14 @@ module Aws::S3
2335
2348
  #
2336
2349
  #
2337
2350
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
2351
+ # @option options [String] :checksum_type
2352
+ # Indicates the checksum type that you want Amazon S3 to use to
2353
+ # calculate the object’s checksum value. For more information, see
2354
+ # [Checking object integrity in the Amazon S3 User Guide][1].
2355
+ #
2356
+ #
2357
+ #
2358
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
2338
2359
  # @return [MultipartUpload]
2339
2360
  def initiate_multipart_upload(options = {})
2340
2361
  options = options.merge(
@@ -2364,9 +2385,10 @@ module Aws::S3
2364
2385
  # content_length: 1,
2365
2386
  # content_md5: "ContentMD5",
2366
2387
  # content_type: "ContentType",
2367
- # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
2388
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
2368
2389
  # checksum_crc32: "ChecksumCRC32",
2369
2390
  # checksum_crc32c: "ChecksumCRC32C",
2391
+ # checksum_crc64nvme: "ChecksumCRC64NVME",
2370
2392
  # checksum_sha1: "ChecksumSHA1",
2371
2393
  # checksum_sha256: "ChecksumSHA256",
2372
2394
  # expires: Time.now,
@@ -2472,7 +2494,7 @@ module Aws::S3
2472
2494
  #
2473
2495
  # [1]: https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length
2474
2496
  # @option options [String] :content_md5
2475
- # The base64-encoded 128-bit MD5 digest of the message (without the
2497
+ # The Base64 encoded 128-bit `MD5` digest of the message (without the
2476
2498
  # headers) according to RFC 1864. This header can be used as a message
2477
2499
  # integrity check to verify that the data is the same data that was
2478
2500
  # originally sent. Although it is optional, we recommend using the
@@ -2515,22 +2537,23 @@ module Aws::S3
2515
2537
  # For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with
2516
2538
  # the supported algorithm from the following list:
2517
2539
  #
2518
- # * `CRC32`
2540
+ # * `CRC-32`
2541
+ #
2542
+ # * `CRC-32C`
2519
2543
  #
2520
- # * `CRC32C`
2544
+ # * `CRC-64NVME`
2521
2545
  #
2522
- # * `SHA1`
2546
+ # * `SHA-1`
2523
2547
  #
2524
- # * `SHA256`
2548
+ # * `SHA-256`
2525
2549
  #
2526
2550
  # For more information, see [Checking object integrity][1] in the
2527
2551
  # *Amazon S3 User Guide*.
2528
2552
  #
2529
2553
  # If the individual checksum value you provide through
2530
2554
  # `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
2531
- # set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
2532
- # provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
2533
- # that matches the provided value in `x-amz-checksum-algorithm `.
2555
+ # set through `x-amz-sdk-checksum-algorithm`, Amazon S3 fails the
2556
+ # request with a `BadDigest` error.
2534
2557
  #
2535
2558
  # <note markdown="1"> The `Content-MD5` or `x-amz-sdk-checksum-algorithm` header is required
2536
2559
  # for any request to upload an object with a retention period configured
@@ -2550,7 +2573,7 @@ module Aws::S3
2550
2573
  # @option options [String] :checksum_crc32
2551
2574
  # This header can be used as a data integrity check to verify that the
2552
2575
  # data received is the same data that was originally sent. This header
2553
- # specifies the base64-encoded, 32-bit CRC-32 checksum of the object.
2576
+ # specifies the Base64 encoded, 32-bit `CRC-32` checksum of the object.
2554
2577
  # For more information, see [Checking object integrity][1] in the
2555
2578
  # *Amazon S3 User Guide*.
2556
2579
  #
@@ -2560,19 +2583,30 @@ module Aws::S3
2560
2583
  # @option options [String] :checksum_crc32c
2561
2584
  # This header can be used as a data integrity check to verify that the
2562
2585
  # data received is the same data that was originally sent. This header
2563
- # specifies the base64-encoded, 32-bit CRC-32C checksum of the object.
2586
+ # specifies the Base64 encoded, 32-bit `CRC-32C` checksum of the object.
2564
2587
  # For more information, see [Checking object integrity][1] in the
2565
2588
  # *Amazon S3 User Guide*.
2566
2589
  #
2567
2590
  #
2568
2591
  #
2569
2592
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
2593
+ # @option options [String] :checksum_crc64nvme
2594
+ # This header can be used as a data integrity check to verify that the
2595
+ # data received is the same data that was originally sent. This header
2596
+ # specifies the Base64 encoded, 64-bit `CRC-64NVME` checksum of the
2597
+ # object. The `CRC-64NVME` checksum is always a full object checksum.
2598
+ # For more information, see [Checking object integrity in the Amazon S3
2599
+ # User Guide][1].
2600
+ #
2601
+ #
2602
+ #
2603
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
2570
2604
  # @option options [String] :checksum_sha1
2571
2605
  # This header can be used as a data integrity check to verify that the
2572
2606
  # data received is the same data that was originally sent. This header
2573
- # specifies the base64-encoded, 160-bit SHA-1 digest of the object. For
2574
- # more information, see [Checking object integrity][1] in the *Amazon S3
2575
- # User Guide*.
2607
+ # specifies the Base64 encoded, 160-bit `SHA-1` digest of the object.
2608
+ # For more information, see [Checking object integrity][1] in the
2609
+ # *Amazon S3 User Guide*.
2576
2610
  #
2577
2611
  #
2578
2612
  #
@@ -2580,7 +2614,7 @@ module Aws::S3
2580
2614
  # @option options [String] :checksum_sha256
2581
2615
  # This header can be used as a data integrity check to verify that the
2582
2616
  # data received is the same data that was originally sent. This header
2583
- # specifies the base64-encoded, 256-bit SHA-256 digest of the object.
2617
+ # specifies the Base64 encoded, 256-bit `SHA-256` digest of the object.
2584
2618
  # For more information, see [Checking object integrity][1] in the
2585
2619
  # *Amazon S3 User Guide*.
2586
2620
  #
@@ -2827,20 +2861,17 @@ module Aws::S3
2827
2861
  # `x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
2828
2862
  # Amazon Web Services managed key (`aws/s3`) to protect the data.
2829
2863
  #
2830
- # **Directory buckets** - If you specify `x-amz-server-side-encryption`
2831
- # with `aws:kms`, the ` x-amz-server-side-encryption-aws-kms-key-id`
2832
- # header is implicitly assigned the ID of the KMS symmetric encryption
2833
- # customer managed key that's configured for your directory bucket's
2834
- # default encryption setting. If you want to specify the `
2835
- # x-amz-server-side-encryption-aws-kms-key-id` header explicitly, you
2836
- # can only specify it with the ID (Key ID or Key ARN) of the KMS
2837
- # customer managed key that's configured for your directory bucket's
2838
- # default encryption setting. Otherwise, you get an HTTP `400 Bad
2839
- # Request` error. Only use the key ID or key ARN. The key alias format
2840
- # of the KMS key isn't supported. Your SSE-KMS configuration can only
2841
- # support 1 [customer managed key][1] per directory bucket for the
2842
- # lifetime of the bucket. The [Amazon Web Services managed key][2]
2843
- # (`aws/s3`) isn't supported.
2864
+ # **Directory buckets** - To encrypt data using SSE-KMS, it's
2865
+ # recommended to specify the `x-amz-server-side-encryption` header to
2866
+ # `aws:kms`. Then, the `x-amz-server-side-encryption-aws-kms-key-id`
2867
+ # header implicitly uses the bucket's default KMS customer managed key
2868
+ # ID. If you want to explicitly set the `
2869
+ # x-amz-server-side-encryption-aws-kms-key-id` header, it must match the
2870
+ # bucket's default customer managed key (using key ID or ARN, not
2871
+ # alias). Your SSE-KMS configuration can only support 1 [customer
2872
+ # managed key][1] per directory bucket's lifetime. The [Amazon Web
2873
+ # Services managed key][2] (`aws/s3`) isn't supported. Incorrect key
2874
+ # specification results in an HTTP `400 Bad Request` error.
2844
2875
  #
2845
2876
  #
2846
2877
  #
@@ -2849,7 +2880,7 @@ module Aws::S3
2849
2880
  # @option options [String] :ssekms_encryption_context
2850
2881
  # Specifies the Amazon Web Services KMS Encryption Context as an
2851
2882
  # additional encryption context to use for object encryption. The value
2852
- # of this header is a Base64-encoded string of a UTF-8 encoded JSON,
2883
+ # of this header is a Base64 encoded string of a UTF-8 encoded JSON,
2853
2884
  # which contains the encryption context as key-value pairs. This value
2854
2885
  # is stored as object metadata and automatically gets passed on to
2855
2886
  # Amazon Web Services KMS for future `GetObject` operations on this
@@ -3044,7 +3075,7 @@ module Aws::S3
3044
3075
  # },
3045
3076
  # },
3046
3077
  # request_payer: "requester", # accepts requester
3047
- # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
3078
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
3048
3079
  # expected_bucket_owner: "AccountId",
3049
3080
  # })
3050
3081
  # @param [Hash] options ({})
@@ -3411,7 +3442,7 @@ module Aws::S3
3411
3442
  # request_payer: "requester", # accepts requester
3412
3443
  # bypass_governance_retention: false,
3413
3444
  # expected_bucket_owner: "AccountId",
3414
- # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
3445
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
3415
3446
  # })
3416
3447
  # @param options ({})
3417
3448
  # @option options [String] :mfa
@@ -3475,22 +3506,23 @@ module Aws::S3
3475
3506
  # For the `x-amz-checksum-algorithm ` header, replace ` algorithm ` with
3476
3507
  # the supported algorithm from the following list:
3477
3508
  #
3478
- # * `CRC32`
3509
+ # * `CRC-32`
3510
+ #
3511
+ # * `CRC-32C`
3479
3512
  #
3480
- # * `CRC32C`
3513
+ # * `CRC-64NVME`
3481
3514
  #
3482
- # * `SHA1`
3515
+ # * `SHA-1`
3483
3516
  #
3484
- # * `SHA256`
3517
+ # * `SHA-256`
3485
3518
  #
3486
3519
  # For more information, see [Checking object integrity][1] in the
3487
3520
  # *Amazon S3 User Guide*.
3488
3521
  #
3489
3522
  # If the individual checksum value you provide through
3490
3523
  # `x-amz-checksum-algorithm ` doesn't match the checksum algorithm you
3491
- # set through `x-amz-sdk-checksum-algorithm`, Amazon S3 ignores any
3492
- # provided `ChecksumAlgorithm` parameter and uses the checksum algorithm
3493
- # that matches the provided value in `x-amz-checksum-algorithm `.
3524
+ # set through `x-amz-sdk-checksum-algorithm`, Amazon S3 fails the
3525
+ # request with a `BadDigest` error.
3494
3526
  #
3495
3527
  # If you provide an individual checksum, Amazon S3 ignores any provided
3496
3528
  # `ChecksumAlgorithm` parameter.
@@ -229,7 +229,7 @@ module Aws::S3
229
229
  # },
230
230
  # },
231
231
  # content_md5: "ContentMD5",
232
- # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
232
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
233
233
  # grant_full_control: "GrantFullControl",
234
234
  # grant_read: "GrantRead",
235
235
  # grant_read_acp: "GrantReadACP",
@@ -251,9 +251,9 @@ module Aws::S3
251
251
  # Contains the elements that set the ACL permissions for an object per
252
252
  # grantee.
253
253
  # @option options [String] :content_md5
254
- # The base64-encoded 128-bit MD5 digest of the data. This header must be
255
- # used as a message integrity check to verify that the request body was
256
- # not corrupted in transit. For more information, go to [RFC
254
+ # The Base64 encoded 128-bit `MD5` digest of the data. This header must
255
+ # be used as a message integrity check to verify that the request body
256
+ # was not corrupted in transit. For more information, go to [RFC
257
257
  # 1864.&gt;][1]
258
258
  #
259
259
  # For requests made using the Amazon Web Services Command Line Interface