aws-sdk-s3 1.182.0 → 1.198.0

data/lib/aws-sdk-s3/client.rb

@@ -137,8 +137,8 @@ module Aws::S3
     #     class name or an instance of a plugin class.
     #
     #   @option options [required, Aws::CredentialProvider] :credentials
-    #     Your AWS credentials. This can be an instance of any one of the
-    #     following classes:
+    #     Your AWS credentials used for authentication. This can be any class that includes and implements
+    #     `Aws::CredentialProvider`, or instance of any one of the following classes:
     #
     #     * `Aws::Credentials` - Used for configuring static, non-refreshing
     #       credentials.
@@ -166,22 +166,24 @@ module Aws::S3
     #     * `Aws::CognitoIdentityCredentials` - Used for loading credentials
     #       from the Cognito Identity service.
     #
-    #     When `:credentials` are not configured directly, the following
-    #     locations will be searched for credentials:
+    #     When `:credentials` are not configured directly, the following locations will be searched for credentials:
     #
     #     * `Aws.config[:credentials]`
+    #
     #     * The `:access_key_id`, `:secret_access_key`, `:session_token`, and
     #       `:account_id` options.
-    #     * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY'],
-    #       ENV['AWS_SESSION_TOKEN'], and ENV['AWS_ACCOUNT_ID']
+    #
+    #     * `ENV['AWS_ACCESS_KEY_ID']`, `ENV['AWS_SECRET_ACCESS_KEY']`,
+    #       `ENV['AWS_SESSION_TOKEN']`, and `ENV['AWS_ACCOUNT_ID']`.
+    #
     #     * `~/.aws/credentials`
+    #
     #     * `~/.aws/config`
-    #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
-    #       are very aggressive. Construct and pass an instance of
-    #       `Aws::InstanceProfileCredentials` or `Aws::ECSCredentials` to
-    #       enable retries and extended timeouts. Instance profile credential
-    #       fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
-    #       to true.
+    #
+    #     * EC2/ECS IMDS instance profile - When used by default, the timeouts are very aggressive.
+    #       Construct and pass an instance of `Aws::InstanceProfileCredentials` or `Aws::ECSCredentials` to
+    #       enable retries and extended timeouts. Instance profile credential fetching can be disabled by
+    #       setting `ENV['AWS_EC2_METADATA_DISABLED']` to `true`.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -219,6 +221,11 @@ module Aws::S3
     #     When false, the request will raise a `RetryCapacityNotAvailableError` and will
     #     not retry instead of sleeping.
     #
+    #   @option options [Array<String>] :auth_scheme_preference
+    #     A list of preferred authentication schemes to use when making a request. Supported values are:
+    #     `sigv4`, `sigv4a`, `httpBearerAuth`, and `noAuth`. When set using `ENV['AWS_AUTH_SCHEME_PREFERENCE']` or in
+    #     shared config as `auth_scheme_preference`, the value should be a comma-separated list.
+    #
     #   @option options [Boolean] :client_side_monitoring (false)
     #     When `true`, client-side metrics will be collected for all API requests from
     #     this client.
@@ -256,8 +263,7 @@ module Aws::S3
     #     accepted modes and the configuration defaults that are included.
     #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
-    #     Set to true to disable SDK automatically adding host prefix
-    #     to default service endpoint when available.
+    #     When `true`, the SDK will not prepend the modeled host prefix to the endpoint.
     #
     #   @option options [Boolean] :disable_request_compression (false)
     #     When set to 'true' the request body will not be compressed
@@ -334,8 +340,8 @@ module Aws::S3
     #     When an EventStream or Proc object is provided, it will be used as callback for each chunk of event stream response received along the way.
     #
     #   @option options [String] :profile ("default")
-    #     Used when loading credentials from the shared credentials file
-    #     at HOME/.aws/credentials.  When not specified, 'default' is used.
+    #     Used when loading credentials from the shared credentials file at `HOME/.aws/credentials`.
+    #     When not specified, 'default' is used.
     #
     #   @option options [String] :request_checksum_calculation ("when_supported")
     #     Determines when a checksum will be calculated for request payloads. Values are:
@@ -467,8 +473,8 @@ module Aws::S3
     #     `Aws::Telemetry::OTelProvider` for telemetry provider.
     #
     #   @option options [Aws::TokenProvider] :token_provider
-    #     A Bearer Token Provider. This can be an instance of any one of the
-    #     following classes:
+    #     Your Bearer token used for authentication. This can be any class that includes and implements
+    #     `Aws::TokenProvider`, or instance of any one of the following classes:
     #
     #     * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
     #       tokens.
@@ -669,19 +675,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -946,19 +953,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -1263,7 +1271,7 @@ module Aws::S3
     #   resp.checksum_sha1 #=> String
     #   resp.checksum_sha256 #=> String
     #   resp.checksum_type #=> String, one of "COMPOSITE", "FULL_OBJECT"
-    #   resp.server_side_encryption #=> String, one of "AES256", "aws:kms", "aws:kms:dsse"
+    #   resp.server_side_encryption #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
     #   resp.version_id #=> String
     #   resp.ssekms_key_id #=> String
     #   resp.bucket_key_enabled #=> Boolean
@@ -1278,6 +1286,20 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # Creates a copy of an object that is already stored in Amazon S3.
     #
     # <note markdown="1"> You can store individual objects of up to 5 TB in Amazon S3. You
@@ -1516,19 +1538,20 @@ module Aws::S3
     #
     #    </note>
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -1912,6 +1935,14 @@ module Aws::S3
     #     key is the same customer managed key that you specified for the
     #     directory bucket's default encryption configuration.
     #
+    #   * <b>S3 access points for Amazon FSx </b> - When accessing data stored
+    #     in Amazon FSx file systems using S3 access points, the only valid
+    #     server side encryption option is `aws:fsx`. All Amazon FSx file
+    #     systems have encryption configured by default and are encrypted at
+    #     rest. Data is automatically encrypted before being written to the
+    #     file system, and automatically decrypted as it is read. These
+    #     processes are handled transparently by Amazon FSx.
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
@@ -1927,10 +1958,12 @@ module Aws::S3
     #   availability. Depending on performance needs, you can specify a
     #   different Storage Class.
     #
-    #   <note markdown="1"> * <b>Directory buckets </b> - For directory buckets, only the S3
-    #     Express One Zone storage class is supported to store newly created
-    #     objects. Unsupported storage class values won't write a destination
-    #     object and will respond with the HTTP status code `400 Bad Request`.
+    #   <note markdown="1"> * <b>Directory buckets </b> - Directory buckets only support
+    #     `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in
+    #     Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent
+    #     Access storage class) in Dedicated Local Zones. Unsupported storage
+    #     class values won't write a destination object and will respond with
+    #     the HTTP status code `400 Bad Request`.
     #
     #   * <b>Amazon S3 on Outposts </b> - S3 on Outposts only uses the
     #     `OUTPOSTS` Storage Class.
@@ -2293,8 +2326,8 @@ module Aws::S3
     #     },
     #     metadata_directive: "COPY", # accepts COPY, REPLACE
     #     tagging_directive: "COPY", # accepts COPY, REPLACE
-    #     server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
+    #     server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -2327,7 +2360,7 @@ module Aws::S3
     #   resp.expiration #=> String
     #   resp.copy_source_version_id #=> String
     #   resp.version_id #=> String
-    #   resp.server_side_encryption #=> String, one of "AES256", "aws:kms", "aws:kms:dsse"
+    #   resp.server_side_encryption #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
     #   resp.sse_customer_algorithm #=> String
     #   resp.sse_customer_key_md5 #=> String
     #   resp.ssekms_key_id #=> String
@@ -2344,6 +2377,33 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This action creates an Amazon S3 bucket. To create an Amazon S3 on
     # Outposts bucket, see [ `CreateBucket` ][1].
     #
@@ -2599,35 +2659,36 @@ module Aws::S3
     # @return [Types::CreateBucketOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateBucketOutput#location #location} => String
+    #   * {Types::CreateBucketOutput#bucket_arn #bucket_arn} => String
     #
     #
-    # @example Example: To create a bucket 
+    # @example Example: To create a bucket in a specific region
     #
-    #   # The following example creates a bucket.
+    #   # The following example creates a bucket. The request specifies an AWS region where to create the bucket.
     #
     #   resp = client.create_bucket({
     #     bucket: "examplebucket", 
+    #     create_bucket_configuration: {
+    #       location_constraint: "eu-west-1", 
+    #     }, 
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     location: "/examplebucket", 
+    #     location: "http://examplebucket.<Region>.s3.amazonaws.com/", 
     #   }
     #
-    # @example Example: To create a bucket in a specific region
+    # @example Example: To create a bucket 
     #
-    #   # The following example creates a bucket. The request specifies an AWS region where to create the bucket.
+    #   # The following example creates a bucket.
     #
     #   resp = client.create_bucket({
     #     bucket: "examplebucket", 
-    #     create_bucket_configuration: {
-    #       location_constraint: "eu-west-1", 
-    #     }, 
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     location: "http://examplebucket.<Region>.s3.amazonaws.com/", 
+    #     location: "/examplebucket", 
     #   }
     #
     # @example Request syntax with placeholder values
@@ -2645,6 +2706,12 @@ module Aws::S3
     #         data_redundancy: "SingleAvailabilityZone", # accepts SingleAvailabilityZone, SingleLocalZone
     #         type: "Directory", # accepts Directory
     #       },
+    #       tags: [
+    #         {
+    #           key: "ObjectKey", # required
+    #           value: "Value", # required
+    #         },
+    #       ],
     #     },
     #     grant_full_control: "GrantFullControl",
     #     grant_read: "GrantRead",
@@ -2658,6 +2725,7 @@ module Aws::S3
     # @example Response structure
     #
     #   resp.location #=> String
+    #   resp.bucket_arn #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateBucket AWS API Documentation
     #
@@ -2668,8 +2736,8 @@ module Aws::S3
       req.send_request(options)
     end
 
-    # Creates a metadata table configuration for a general purpose bucket.
-    # For more information, see [Accelerating data discovery with S3
+    # Creates an S3 Metadata V2 metadata configuration for a general purpose
+    # bucket. For more information, see [Accelerating data discovery with S3
     # Metadata][1] in the *Amazon S3 User Guide*.
     #
     # Permissions
@@ -2678,14 +2746,31 @@ module Aws::S3
     #   more information, see [Setting up permissions for configuring
     #   metadata tables][2] in the *Amazon S3 User Guide*.
     #
+    #   If you want to encrypt your metadata tables with server-side
+    #   encryption with Key Management Service (KMS) keys (SSE-KMS), you
+    #   need additional permissions in your KMS key policy. For more
+    #   information, see [ Setting up permissions for configuring metadata
+    #   tables][2] in the *Amazon S3 User Guide*.
+    #
     #   If you also want to integrate your table bucket with Amazon Web
     #   Services analytics services so that you can query your metadata
     #   table, you need additional permissions. For more information, see [
     #   Integrating Amazon S3 Tables with Amazon Web Services analytics
     #   services][3] in the *Amazon S3 User Guide*.
     #
+    #   To query your metadata tables, you need additional permissions. For
+    #   more information, see [ Permissions for querying metadata tables][4]
+    #   in the *Amazon S3 User Guide*.
+    #
     #   * `s3:CreateBucketMetadataTableConfiguration`
     #
+    #     <note markdown="1"> The IAM policy action name is the same for the V1 and V2 API
+    #     operations.
+    #
+    #      </note>
+    #
+    #   * `s3tables:CreateTableBucket`
+    #
     #   * `s3tables:CreateNamespace`
     #
     #   * `s3tables:GetTable`
@@ -2694,24 +2779,150 @@ module Aws::S3
     #
     #   * `s3tables:PutTablePolicy`
     #
+    #   * `s3tables:PutTableEncryption`
+    #
+    #   * `kms:DescribeKey`
+    #
     # The following operations are related to
-    # `CreateBucketMetadataTableConfiguration`:
+    # `CreateBucketMetadataConfiguration`:
     #
-    # * [DeleteBucketMetadataTableConfiguration][4]
+    # * [DeleteBucketMetadataConfiguration][5]
     #
-    # * [GetBucketMetadataTableConfiguration][5]
+    # * [GetBucketMetadataConfiguration][6]
+    #
+    # * [UpdateBucketMetadataInventoryTableConfiguration][7]
+    #
+    # * [UpdateBucketMetadataJournalTableConfiguration][8]
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html
     # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html
     # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-integrating-aws.html
-    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataTableConfiguration.html
-    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataTableConfiguration.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-bucket-query-permissions.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataConfiguration.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataConfiguration.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataInventoryTableConfiguration.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataJournalTableConfiguration.html
+    #
+    # @option params [required, String] :bucket
+    #   The general purpose bucket that you want to create the metadata
+    #   configuration for.
+    #
+    # @option params [String] :content_md5
+    #   The `Content-MD5` header for the metadata configuration.
+    #
+    # @option params [String] :checksum_algorithm
+    #   The checksum algorithm to use with your metadata configuration.
+    #
+    # @option params [required, Types::MetadataConfiguration] :metadata_configuration
+    #   The contents of your metadata configuration.
+    #
+    # @option params [String] :expected_bucket_owner
+    #   The expected owner of the general purpose bucket that corresponds to
+    #   your metadata configuration.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_bucket_metadata_configuration({
+    #     bucket: "BucketName", # required
+    #     content_md5: "ContentMD5",
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
+    #     metadata_configuration: { # required
+    #       journal_table_configuration: { # required
+    #         record_expiration: { # required
+    #           expiration: "ENABLED", # required, accepts ENABLED, DISABLED
+    #           days: 1,
+    #         },
+    #         encryption_configuration: {
+    #           sse_algorithm: "aws:kms", # required, accepts aws:kms, AES256
+    #           kms_key_arn: "KmsKeyArn",
+    #         },
+    #       },
+    #       inventory_table_configuration: {
+    #         configuration_state: "ENABLED", # required, accepts ENABLED, DISABLED
+    #         encryption_configuration: {
+    #           sse_algorithm: "aws:kms", # required, accepts aws:kms, AES256
+    #           kms_key_arn: "KmsKeyArn",
+    #         },
+    #       },
+    #     },
+    #     expected_bucket_owner: "AccountId",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateBucketMetadataConfiguration AWS API Documentation
+    #
+    # @overload create_bucket_metadata_configuration(params = {})
+    # @param [Hash] params ({})
+    def create_bucket_metadata_configuration(params = {}, options = {})
+      req = build_request(:create_bucket_metadata_configuration, params)
+      req.send_request(options)
+    end
+
+    # We recommend that you create your S3 Metadata configurations by using
+    # the V2 [CreateBucketMetadataConfiguration][1] API operation. We no
+    # longer recommend using the V1 `CreateBucketMetadataTableConfiguration`
+    # API operation.
+    #
+    #  If you created your S3 Metadata configuration before July 15, 2025,
+    # we
+    # recommend that you delete and re-create your configuration by using
+    # [CreateBucketMetadataConfiguration][1] so that you can expire journal
+    # table records and create a live inventory table.
+    #
+    # Creates a V1 S3 Metadata configuration for a general purpose bucket.
+    # For more information, see [Accelerating data discovery with S3
+    # Metadata][2] in the *Amazon S3 User Guide*.
+    #
+    # Permissions
+    #
+    # : To use this operation, you must have the following permissions. For
+    #   more information, see [Setting up permissions for configuring
+    #   metadata tables][3] in the *Amazon S3 User Guide*.
+    #
+    #   If you want to encrypt your metadata tables with server-side
+    #   encryption with Key Management Service (KMS) keys (SSE-KMS), you
+    #   need additional permissions. For more information, see [ Setting up
+    #   permissions for configuring metadata tables][3] in the *Amazon S3
+    #   User Guide*.
+    #
+    #   If you also want to integrate your table bucket with Amazon Web
+    #   Services analytics services so that you can query your metadata
+    #   table, you need additional permissions. For more information, see [
+    #   Integrating Amazon S3 Tables with Amazon Web Services analytics
+    #   services][4] in the *Amazon S3 User Guide*.
+    #
+    #   * `s3:CreateBucketMetadataTableConfiguration`
+    #
+    #   * `s3tables:CreateNamespace`
+    #
+    #   * `s3tables:GetTable`
+    #
+    #   * `s3tables:CreateTable`
+    #
+    #   * `s3tables:PutTablePolicy`
+    #
+    # The following operations are related to
+    # `CreateBucketMetadataTableConfiguration`:
+    #
+    # * [DeleteBucketMetadataTableConfiguration][5]
+    #
+    # * [GetBucketMetadataTableConfiguration][6]
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-integrating-aws.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataTableConfiguration.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataTableConfiguration.html
     #
     # @option params [required, String] :bucket
     #   The general purpose bucket that you want to create the metadata table
-    #   configuration in.
+    #   configuration for.
     #
     # @option params [String] :content_md5
     #   The `Content-MD5` header for the metadata table configuration.
@@ -2723,8 +2934,8 @@ module Aws::S3
     #   The contents of your metadata table configuration.
     #
     # @option params [String] :expected_bucket_owner
-    #   The expected owner of the general purpose bucket that contains your
-    #   metadata table configuration.
+    #   The expected owner of the general purpose bucket that corresponds to
+    #   your metadata table configuration.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -2752,6 +2963,20 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # This action initiates a multipart upload and returns an upload ID.
     # This upload ID is used to associate all of the parts in the specific
     # multipart upload. You specify this upload ID in each of your
@@ -3047,19 +3272,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -3367,7 +3593,7 @@ module Aws::S3
     #
     # @option params [String] :server_side_encryption
     #   The server-side encryption algorithm used when you store this object
-    #   in Amazon S3 (for example, `AES256`, `aws:kms`).
+    #   in Amazon S3 or Amazon FSx.
     #
     #   * <b>Directory buckets </b> - For directory buckets, there are only
     #     two supported options for server-side encryption: server-side
@@ -3409,6 +3635,14 @@ module Aws::S3
     #
     #      </note>
     #
+    #   * <b>S3 access points for Amazon FSx </b> - When accessing data stored
+    #     in Amazon FSx file systems using S3 access points, the only valid
+    #     server side encryption option is `aws:fsx`. All Amazon FSx file
+    #     systems have encryption configured by default and are encrypted at
+    #     rest. Data is automatically encrypted before being written to the
+    #     file system, and automatically decrypted as it is read. These
+    #     processes are handled transparently by Amazon FSx.
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html
@@ -3423,8 +3657,9 @@ module Aws::S3
     #   a different Storage Class. For more information, see [Storage
     #   Classes][1] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> * For directory buckets, only the S3 Express One Zone storage class is
-    #     supported to store newly created objects.
+    #   <note markdown="1"> * Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One
+    #     Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3
+    #     One Zone-Infrequent Access storage class) in Dedicated Local Zones.
     #
     #   * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
     #
@@ -3665,8 +3900,8 @@ module Aws::S3
     #     metadata: {
     #       "MetadataKey" => "MetadataValue",
     #     },
-    #     server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
+    #     server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -3691,7 +3926,7 @@ module Aws::S3
     #   resp.bucket #=> String
     #   resp.key #=> String
     #   resp.upload_id #=> String
-    #   resp.server_side_encryption #=> String, one of "AES256", "aws:kms", "aws:kms:dsse"
+    #   resp.server_side_encryption #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
     #   resp.sse_customer_algorithm #=> String
     #   resp.sse_customer_key_md5 #=> String
     #   resp.ssekms_key_id #=> String
@@ -3898,6 +4133,14 @@ module Aws::S3
     #   SSE-S3. For more information, see [Protecting data with server-side
     #   encryption][1] in the *Amazon S3 User Guide*.
     #
+    #   <b>S3 access points for Amazon FSx </b> - When accessing data stored
+    #   in Amazon FSx file systems using S3 access points, the only valid
+    #   server side encryption option is `aws:fsx`. All Amazon FSx file
+    #   systems have encryption configured by default and are encrypted at
+    #   rest. Data is automatically encrypted before being written to the file
+    #   system, and automatically decrypted as it is read. These processes are
+    #   handled transparently by Amazon FSx.
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html
@@ -3978,7 +4221,7 @@ module Aws::S3
     #   resp = client.create_session({
     #     session_mode: "ReadOnly", # accepts ReadOnly, ReadWrite
     #     bucket: "BucketName", # required
-    #     server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
+    #     server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
     #     ssekms_key_id: "SSEKMSKeyId",
     #     ssekms_encryption_context: "SSEKMSEncryptionContext",
     #     bucket_key_enabled: false,
@@ -3986,7 +4229,7 @@ module Aws::S3
     #
     # @example Response structure
     #
-    #   resp.server_side_encryption #=> String, one of "AES256", "aws:kms", "aws:kms:dsse"
+    #   resp.server_side_encryption #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
     #   resp.ssekms_key_id #=> String
     #   resp.ssekms_encryption_context #=> String
     #   resp.bucket_key_enabled #=> Boolean
@@ -4394,6 +4637,11 @@ module Aws::S3
     # @option params [required, String] :id
     #   The ID used to identify the S3 Intelligent-Tiering configuration.
     #
+    # @option params [String] :expected_bucket_owner
+    #   The account ID of the expected bucket owner. If the account ID that
+    #   you provide does not match the actual owner of the bucket, the request
+    #   fails with the HTTP status code `403 Forbidden` (access denied).
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -4401,6 +4649,7 @@ module Aws::S3
     #   resp = client.delete_bucket_intelligent_tiering_configuration({
     #     bucket: "BucketName", # required
     #     id: "IntelligentTieringId", # required
+    #     expected_bucket_owner: "AccountId",
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration AWS API Documentation
@@ -4416,7 +4665,7 @@ module Aws::S3
     #
     #  </note>
     #
-    # Deletes an inventory configuration (identified by the inventory ID)
+    # Deletes an S3 Inventory configuration (identified by the inventory ID)
     # from the bucket.
     #
     # To use this operation, you must have permissions to perform the
@@ -4587,10 +4836,18 @@ module Aws::S3
       req.send_request(options)
     end
 
-    # Deletes a metadata table configuration from a general purpose bucket.
+    # Deletes an S3 Metadata configuration from a general purpose bucket.
     # For more information, see [Accelerating data discovery with S3
     # Metadata][1] in the *Amazon S3 User Guide*.
     #
+    # <note markdown="1"> You can use the V2 `DeleteBucketMetadataConfiguration` API operation
+    # with V1 or V2 metadata configurations. However, if you try to use the
+    # V1 `DeleteBucketMetadataTableConfiguration` API operation with V2
+    # configurations, you will receive an HTTP `405 Method Not Allowed`
+    # error.
+    #
+    #  </note>
+    #
     # Permissions
     #
     # : To use this operation, you must have the
@@ -4598,19 +4855,107 @@ module Aws::S3
     #   information, see [Setting up permissions for configuring metadata
     #   tables][2] in the *Amazon S3 User Guide*.
     #
+    #   <note markdown="1"> The IAM policy action name is the same for the V1 and V2 API
+    #   operations.
+    #
+    #    </note>
+    #
     # The following operations are related to
-    # `DeleteBucketMetadataTableConfiguration`:
+    # `DeleteBucketMetadataConfiguration`:
+    #
+    # * [CreateBucketMetadataConfiguration][3]
+    #
+    # * [GetBucketMetadataConfiguration][4]
     #
-    # * [CreateBucketMetadataTableConfiguration][3]
+    # * [UpdateBucketMetadataInventoryTableConfiguration][5]
     #
-    # * [GetBucketMetadataTableConfiguration][4]
+    # * [UpdateBucketMetadataJournalTableConfiguration][6]
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html
     # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html
-    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataTableConfiguration.html
-    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataTableConfiguration.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataConfiguration.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataInventoryTableConfiguration.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataJournalTableConfiguration.html
+    #
+    # @option params [required, String] :bucket
+    #   The general purpose bucket that you want to remove the metadata
+    #   configuration from.
+    #
+    # @option params [String] :expected_bucket_owner
+    #   The expected bucket owner of the general purpose bucket that you want
+    #   to remove the metadata table configuration from.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_bucket_metadata_configuration({
+    #     bucket: "BucketName", # required
+    #     expected_bucket_owner: "AccountId",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketMetadataConfiguration AWS API Documentation
+    #
+    # @overload delete_bucket_metadata_configuration(params = {})
+    # @param [Hash] params ({})
+    def delete_bucket_metadata_configuration(params = {}, options = {})
+      req = build_request(:delete_bucket_metadata_configuration, params)
+      req.send_request(options)
+    end
+
+    # We recommend that you delete your S3 Metadata configurations by using
+    # the V2 [DeleteBucketMetadataTableConfiguration][1] API operation. We
+    # no longer recommend using the V1
+    # `DeleteBucketMetadataTableConfiguration` API operation.
+    #
+    #  If you created your S3 Metadata configuration before July 15, 2025,
+    # we
+    # recommend that you delete and re-create your configuration by using
+    # [CreateBucketMetadataConfiguration][2] so that you can expire journal
+    # table records and create a live inventory table.
+    #
+    # Deletes a V1 S3 Metadata configuration from a general purpose bucket.
+    # For more information, see [Accelerating data discovery with S3
+    # Metadata][3] in the *Amazon S3 User Guide*.
+    #
+    # <note markdown="1"> You can use the V2 `DeleteBucketMetadataConfiguration` API operation
+    # with V1 or V2 metadata table configurations. However, if you try to
+    # use the V1 `DeleteBucketMetadataTableConfiguration` API operation with
+    # V2 configurations, you will receive an HTTP `405 Method Not Allowed`
+    # error.
+    #
+    #  Make sure that you update your processes to use the new V2 API
+    # operations (`CreateBucketMetadataConfiguration`,
+    # `GetBucketMetadataConfiguration`, and
+    # `DeleteBucketMetadataConfiguration`) instead of the V1 API operations.
+    #
+    #  </note>
+    #
+    # Permissions
+    #
+    # : To use this operation, you must have the
+    #   `s3:DeleteBucketMetadataTableConfiguration` permission. For more
+    #   information, see [Setting up permissions for configuring metadata
+    #   tables][4] in the *Amazon S3 User Guide*.
+    #
+    # The following operations are related to
+    # `DeleteBucketMetadataTableConfiguration`:
+    #
+    # * [CreateBucketMetadataTableConfiguration][5]
+    #
+    # * [GetBucketMetadataTableConfiguration][6]
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataTableConfiguration.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataTableConfiguration.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataTableConfiguration.html
     #
     # @option params [required, String] :bucket
     #   The general purpose bucket that you want to remove the metadata table
@@ -5213,19 +5558,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -5346,6 +5692,15 @@ module Aws::S3
     #   * {Types::DeleteObjectOutput#request_charged #request_charged} => String
     #
     #
+    # @example Example: To delete an object (from a non-versioned bucket)
+    #
+    #   # The following example deletes an object from a non-versioned bucket.
+    #
+    #   resp = client.delete_object({
+    #     bucket: "ExampleBucket", 
+    #     key: "HappyFace.jpg", 
+    #   })
+    #
     # @example Example: To delete an object
     #
     #   # The following example deletes an object from an S3 bucket.
@@ -5359,15 +5714,6 @@ module Aws::S3
     #   {
     #   }
     #
-    # @example Example: To delete an object (from a non-versioned bucket)
-    #
-    #   # The following example deletes an object from a non-versioned bucket.
-    #
-    #   resp = client.delete_object({
-    #     bucket: "ExampleBucket", 
-    #     key: "HappyFace.jpg", 
-    #   })
-    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.delete_object({
@@ -5427,11 +5773,13 @@ module Aws::S3
     # @option params [required, String] :bucket
     #   The bucket name containing the objects from which to remove the tags.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -5655,19 +6003,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -5786,22 +6135,20 @@ module Aws::S3
     #   * {Types::DeleteObjectsOutput#errors #errors} => Array&lt;Types::Error&gt;
     #
     #
-    # @example Example: To delete multiple object versions from a versioned bucket
+    # @example Example: To delete multiple objects from a versioned bucket
     #
-    #   # The following example deletes objects from a bucket. The request specifies object versions. S3 deletes specific object
-    #   # versions and returns the key and versions of deleted objects in the response.
+    #   # The following example deletes objects from a bucket. The bucket is versioned, and the request does not specify the
+    #   # object version to delete. In this case, all versions remain in the bucket and S3 adds a delete marker.
     #
     #   resp = client.delete_objects({
     #     bucket: "examplebucket", 
     #     delete: {
     #       objects: [
     #         {
-    #           key: "HappyFace.jpg", 
-    #           version_id: "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b", 
+    #           key: "objectkey1", 
     #         }, 
     #         {
-    #           key: "HappyFace.jpg", 
-    #           version_id: "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd", 
+    #           key: "objectkey2", 
     #         }, 
     #       ], 
     #       quiet: false, 
@@ -5812,30 +6159,34 @@ module Aws::S3
     #   {
     #     deleted: [
     #       {
-    #         key: "HappyFace.jpg", 
-    #         version_id: "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd", 
+    #         delete_marker: true, 
+    #         delete_marker_version_id: "A._w1z6EFiCF5uhtQMDal9JDkID9tQ7F", 
+    #         key: "objectkey1", 
     #       }, 
     #       {
-    #         key: "HappyFace.jpg", 
-    #         version_id: "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b", 
+    #         delete_marker: true, 
+    #         delete_marker_version_id: "iOd_ORxhkKe_e8G8_oSGxt2PjsCZKlkt", 
+    #         key: "objectkey2", 
     #       }, 
     #     ], 
     #   }
     #
-    # @example Example: To delete multiple objects from a versioned bucket
+    # @example Example: To delete multiple object versions from a versioned bucket
     #
-    #   # The following example deletes objects from a bucket. The bucket is versioned, and the request does not specify the
-    #   # object version to delete. In this case, all versions remain in the bucket and S3 adds a delete marker.
+    #   # The following example deletes objects from a bucket. The request specifies object versions. S3 deletes specific object
+    #   # versions and returns the key and versions of deleted objects in the response.
     #
     #   resp = client.delete_objects({
     #     bucket: "examplebucket", 
     #     delete: {
     #       objects: [
     #         {
-    #           key: "objectkey1", 
+    #           key: "HappyFace.jpg", 
+    #           version_id: "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b", 
     #         }, 
     #         {
-    #           key: "objectkey2", 
+    #           key: "HappyFace.jpg", 
+    #           version_id: "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd", 
     #         }, 
     #       ], 
     #       quiet: false, 
@@ -5846,14 +6197,12 @@ module Aws::S3
     #   {
     #     deleted: [
     #       {
-    #         delete_marker: true, 
-    #         delete_marker_version_id: "A._w1z6EFiCF5uhtQMDal9JDkID9tQ7F", 
-    #         key: "objectkey1", 
+    #         key: "HappyFace.jpg", 
+    #         version_id: "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd", 
     #       }, 
     #       {
-    #         delete_marker: true, 
-    #         delete_marker_version_id: "iOd_ORxhkKe_e8G8_oSGxt2PjsCZKlkt", 
-    #         key: "objectkey2", 
+    #         key: "HappyFace.jpg", 
+    #         version_id: "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b", 
     #       }, 
     #     ], 
     #   }
@@ -6057,6 +6406,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -6460,7 +6822,7 @@ module Aws::S3
     # @example Response structure
     #
     #   resp.server_side_encryption_configuration.rules #=> Array
-    #   resp.server_side_encryption_configuration.rules[0].apply_server_side_encryption_by_default.sse_algorithm #=> String, one of "AES256", "aws:kms", "aws:kms:dsse"
+    #   resp.server_side_encryption_configuration.rules[0].apply_server_side_encryption_by_default.sse_algorithm #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
     #   resp.server_side_encryption_configuration.rules[0].apply_server_side_encryption_by_default.kms_master_key_id #=> String
     #   resp.server_side_encryption_configuration.rules[0].bucket_key_enabled #=> Boolean
     #
@@ -6522,6 +6884,11 @@ module Aws::S3
     # @option params [required, String] :id
     #   The ID used to identify the S3 Intelligent-Tiering configuration.
     #
+    # @option params [String] :expected_bucket_owner
+    #   The account ID of the expected bucket owner. If the account ID that
+    #   you provide does not match the actual owner of the bucket, the request
+    #   fails with the HTTP status code `403 Forbidden` (access denied).
+    #
     # @return [Types::GetBucketIntelligentTieringConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::GetBucketIntelligentTieringConfigurationOutput#intelligent_tiering_configuration #intelligent_tiering_configuration} => Types::IntelligentTieringConfiguration
@@ -6531,6 +6898,7 @@ module Aws::S3
     #   resp = client.get_bucket_intelligent_tiering_configuration({
     #     bucket: "BucketName", # required
     #     id: "IntelligentTieringId", # required
+    #     expected_bucket_owner: "AccountId",
     #   })
     #
     # @example Response structure
@@ -6561,7 +6929,7 @@ module Aws::S3
     #
     #  </note>
     #
-    # Returns an inventory configuration (identified by the inventory
+    # Returns an S3 Inventory configuration (identified by the inventory
     # configuration ID) from the bucket.
     #
     # To use this operation, you must have permissions to perform the
@@ -7041,6 +7409,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -7100,10 +7481,18 @@ module Aws::S3
       req.send_request(options)
     end
 
-    # Retrieves the metadata table configuration for a general purpose
-    # bucket. For more information, see [Accelerating data discovery with S3
+    # Retrieves the S3 Metadata configuration for a general purpose bucket.
+    # For more information, see [Accelerating data discovery with S3
     # Metadata][1] in the *Amazon S3 User Guide*.
     #
+    # <note markdown="1"> You can use the V2 `GetBucketMetadataConfiguration` API operation with
+    # V1 or V2 metadata configurations. However, if you try to use the V1
+    # `GetBucketMetadataTableConfiguration` API operation with V2
+    # configurations, you will receive an HTTP `405 Method Not Allowed`
+    # error.
+    #
+    #  </note>
+    #
     # Permissions
     #
     # : To use this operation, you must have the
@@ -7111,29 +7500,138 @@ module Aws::S3
     #   information, see [Setting up permissions for configuring metadata
     #   tables][2] in the *Amazon S3 User Guide*.
     #
+    #   <note markdown="1"> The IAM policy action name is the same for the V1 and V2 API
+    #   operations.
+    #
+    #    </note>
+    #
     # The following operations are related to
-    # `GetBucketMetadataTableConfiguration`:
+    # `GetBucketMetadataConfiguration`:
+    #
+    # * [CreateBucketMetadataConfiguration][3]
     #
-    # * [CreateBucketMetadataTableConfiguration][3]
+    # * [DeleteBucketMetadataConfiguration][4]
     #
-    # * [DeleteBucketMetadataTableConfiguration][4]
+    # * [UpdateBucketMetadataInventoryTableConfiguration][5]
+    #
+    # * [UpdateBucketMetadataJournalTableConfiguration][6]
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html
     # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html
-    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataTableConfiguration.html
-    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataTableConfiguration.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataConfiguration.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataInventoryTableConfiguration.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataJournalTableConfiguration.html
     #
     # @option params [required, String] :bucket
-    #   The general purpose bucket that contains the metadata table
+    #   The general purpose bucket that corresponds to the metadata
     #   configuration that you want to retrieve.
     #
     # @option params [String] :expected_bucket_owner
     #   The expected owner of the general purpose bucket that you want to
-    #   retrieve the metadata table configuration from.
+    #   retrieve the metadata table configuration for.
     #
-    # @return [Types::GetBucketMetadataTableConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    # @return [Types::GetBucketMetadataConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetBucketMetadataConfigurationOutput#get_bucket_metadata_configuration_result #get_bucket_metadata_configuration_result} => Types::GetBucketMetadataConfigurationResult
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_bucket_metadata_configuration({
+    #     bucket: "BucketName", # required
+    #     expected_bucket_owner: "AccountId",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.destination_result.table_bucket_type #=> String, one of "aws", "customer"
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.destination_result.table_bucket_arn #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.destination_result.table_namespace #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.journal_table_configuration_result.table_status #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.journal_table_configuration_result.error.error_code #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.journal_table_configuration_result.error.error_message #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.journal_table_configuration_result.table_name #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.journal_table_configuration_result.table_arn #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.journal_table_configuration_result.record_expiration.expiration #=> String, one of "ENABLED", "DISABLED"
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.journal_table_configuration_result.record_expiration.days #=> Integer
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.inventory_table_configuration_result.configuration_state #=> String, one of "ENABLED", "DISABLED"
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.inventory_table_configuration_result.table_status #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.inventory_table_configuration_result.error.error_code #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.inventory_table_configuration_result.error.error_message #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.inventory_table_configuration_result.table_name #=> String
+    #   resp.get_bucket_metadata_configuration_result.metadata_configuration_result.inventory_table_configuration_result.table_arn #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketMetadataConfiguration AWS API Documentation
+    #
+    # @overload get_bucket_metadata_configuration(params = {})
+    # @param [Hash] params ({})
+    def get_bucket_metadata_configuration(params = {}, options = {})
+      req = build_request(:get_bucket_metadata_configuration, params)
+      req.send_request(options)
+    end
+
+    # We recommend that you retrieve your S3 Metadata configurations by
+    # using the V2 [GetBucketMetadataTableConfiguration][1] API operation.
+    # We no longer recommend using the V1
+    # `GetBucketMetadataTableConfiguration` API operation.
+    #
+    #  If you created your S3 Metadata configuration before July 15, 2025,
+    # we
+    # recommend that you delete and re-create your configuration by using
+    # [CreateBucketMetadataConfiguration][2] so that you can expire journal
+    # table records and create a live inventory table.
+    #
+    # Retrieves the V1 S3 Metadata configuration for a general purpose
+    # bucket. For more information, see [Accelerating data discovery with S3
+    # Metadata][3] in the *Amazon S3 User Guide*.
+    #
+    # <note markdown="1"> You can use the V2 `GetBucketMetadataConfiguration` API operation with
+    # V1 or V2 metadata table configurations. However, if you try to use the
+    # V1 `GetBucketMetadataTableConfiguration` API operation with V2
+    # configurations, you will receive an HTTP `405 Method Not Allowed`
+    # error.
+    #
+    #  Make sure that you update your processes to use the new V2 API
+    # operations (`CreateBucketMetadataConfiguration`,
+    # `GetBucketMetadataConfiguration`, and
+    # `DeleteBucketMetadataConfiguration`) instead of the V1 API operations.
+    #
+    #  </note>
+    #
+    # Permissions
+    #
+    # : To use this operation, you must have the
+    #   `s3:GetBucketMetadataTableConfiguration` permission. For more
+    #   information, see [Setting up permissions for configuring metadata
+    #   tables][4] in the *Amazon S3 User Guide*.
+    #
+    # The following operations are related to
+    # `GetBucketMetadataTableConfiguration`:
+    #
+    # * [CreateBucketMetadataTableConfiguration][5]
+    #
+    # * [DeleteBucketMetadataTableConfiguration][6]
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataTableConfiguration.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataTableConfiguration.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataTableConfiguration.html
+    #
+    # @option params [required, String] :bucket
+    #   The general purpose bucket that corresponds to the metadata table
+    #   configuration that you want to retrieve.
+    #
+    # @option params [String] :expected_bucket_owner
+    #   The expected owner of the general purpose bucket that you want to
+    #   retrieve the metadata table configuration for.
+    #
+    # @return [Types::GetBucketMetadataTableConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::GetBucketMetadataTableConfigurationOutput#get_bucket_metadata_table_configuration_result #get_bucket_metadata_table_configuration_result} => Types::GetBucketMetadataTableConfigurationResult
     #
@@ -7504,6 +8002,21 @@ module Aws::S3
     # permission. For more information about Amazon S3 permissions, see
     # [Specifying permissions in a policy][1].
     #
+    # <note markdown="1"> A bucket doesn't have `OwnershipControls` settings in the following
+    # cases:
+    #
+    #  * The bucket was created before the `BucketOwnerEnforced` ownership
+    #   setting was introduced and you've never explicitly applied this
+    #   value
+    #
+    # * You've manually deleted the bucket ownership control value using
+    #   the `DeleteBucketOwnershipControls` API operation.
+    #
+    #  By default, Amazon S3 sets `OwnershipControls` for all newly created
+    # buckets.
+    #
+    #  </note>
+    #
     # For information about Amazon S3 Object Ownership, see [Using Object
     # Ownership][2].
     #
@@ -7659,8 +8172,7 @@ module Aws::S3
     #   `InvalidAccessPointAliasError` is returned. For more information about
     #   `InvalidAccessPointAliasError`, see [List of Error Codes][2].
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -7888,7 +8400,7 @@ module Aws::S3
     #   resp.replication_configuration.rules[0].existing_object_replication.status #=> String, one of "Enabled", "Disabled"
     #   resp.replication_configuration.rules[0].destination.bucket #=> String
     #   resp.replication_configuration.rules[0].destination.account #=> String
-    #   resp.replication_configuration.rules[0].destination.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"
+    #   resp.replication_configuration.rules[0].destination.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE", "FSX_OPENZFS"
     #   resp.replication_configuration.rules[0].destination.access_control_translation.owner #=> String, one of "Destination"
     #   resp.replication_configuration.rules[0].destination.encryption_configuration.replica_kms_key_id #=> String
     #   resp.replication_configuration.rules[0].destination.replication_time.status #=> String, one of "Enabled", "Disabled"
@@ -8316,10 +8828,12 @@ module Aws::S3
     #   objects, see [Restoring Archived Objects][7] in the *Amazon S3 User
     #   Guide*.
     #
-    #   <b>Directory buckets </b> - For directory buckets, only the S3
-    #   Express One Zone storage class is supported to store newly created
-    #   objects. Unsupported storage class values won't write a destination
-    #   object and will respond with the HTTP status code `400 Bad Request`.
+    #   <b>Directory buckets </b> - Directory buckets only support
+    #   `EXPRESS_ONEZONE` (the S3 Express One Zone storage class) in
+    #   Availability Zones and `ONEZONE_IA` (the S3 One Zone-Infrequent
+    #   Access storage class) in Dedicated Local Zones. Unsupported storage
+    #   class values won't write a destination object and will respond with
+    #   the HTTP status code `400 Bad Request`.
     #
     # Encryption
     #
@@ -8417,11 +8931,13 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -8434,8 +8950,7 @@ module Aws::S3
     #   takes the form
     #   *AccessPointName*-*AccountId*.s3-object-lambda.*Region*.amazonaws.com.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -8739,49 +9254,49 @@ module Aws::S3
     #   * {Types::GetObjectOutput#object_lock_legal_hold_status #object_lock_legal_hold_status} => String
     #
     #
-    # @example Example: To retrieve an object
+    # @example Example: To retrieve a byte range of an object 
     #
-    #   # The following example retrieves an object for an S3 bucket.
+    #   # The following example retrieves an object for an S3 bucket. The request specifies the range header to retrieve a
+    #   # specific byte range.
     #
     #   resp = client.get_object({
     #     bucket: "examplebucket", 
-    #     key: "HappyFace.jpg", 
+    #     key: "SampleFile.txt", 
+    #     range: "bytes=0-9", 
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     accept_ranges: "bytes", 
-    #     content_length: 3191, 
-    #     content_type: "image/jpeg", 
-    #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"", 
-    #     last_modified: Time.parse("2016-12-15T01:19:41.000Z"), 
+    #     content_length: 10, 
+    #     content_range: "bytes 0-9/43", 
+    #     content_type: "text/plain", 
+    #     etag: "\"0d94420ffd0bc68cd3d152506b97a9cc\"", 
+    #     last_modified: Time.parse("2014-10-09T22:57:28.000Z"), 
     #     metadata: {
     #     }, 
-    #     tag_count: 2, 
     #     version_id: "null", 
     #   }
     #
-    # @example Example: To retrieve a byte range of an object 
+    # @example Example: To retrieve an object
     #
-    #   # The following example retrieves an object for an S3 bucket. The request specifies the range header to retrieve a
-    #   # specific byte range.
+    #   # The following example retrieves an object for an S3 bucket.
     #
     #   resp = client.get_object({
     #     bucket: "examplebucket", 
-    #     key: "SampleFile.txt", 
-    #     range: "bytes=0-9", 
+    #     key: "HappyFace.jpg", 
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     accept_ranges: "bytes", 
-    #     content_length: 10, 
-    #     content_range: "bytes 0-9/43", 
-    #     content_type: "text/plain", 
-    #     etag: "\"0d94420ffd0bc68cd3d152506b97a9cc\"", 
-    #     last_modified: Time.parse("2014-10-09T22:57:28.000Z"), 
+    #     content_length: 3191, 
+    #     content_type: "image/jpeg", 
+    #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"", 
+    #     last_modified: Time.parse("2016-12-15T01:19:41.000Z"), 
     #     metadata: {
     #     }, 
+    #     tag_count: 2, 
     #     version_id: "null", 
     #   }
     #
@@ -8867,14 +9382,14 @@ module Aws::S3
     #   resp.expires #=> Time
     #   resp.expires_string #=> String
     #   resp.website_redirect_location #=> String
-    #   resp.server_side_encryption #=> String, one of "AES256", "aws:kms", "aws:kms:dsse"
+    #   resp.server_side_encryption #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
     #   resp.metadata #=> Hash
     #   resp.metadata["MetadataKey"] #=> String
     #   resp.sse_customer_algorithm #=> String
     #   resp.sse_customer_key_md5 #=> String
     #   resp.ssekms_key_id #=> String
     #   resp.bucket_key_enabled #=> Boolean
-    #   resp.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"
+    #   resp.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE", "FSX_OPENZFS"
     #   resp.request_charged #=> String, one of "requester"
     #   resp.replication_status #=> String, one of "COMPLETE", "PENDING", "FAILED", "REPLICA", "COMPLETED"
     #   resp.parts_count #=> Integer
@@ -8939,11 +9454,13 @@ module Aws::S3
     #   The bucket name that contains the object for which to get the ACL
     #   information.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -9076,12 +9593,12 @@ module Aws::S3
       req.send_request(options)
     end
 
-    # Retrieves all the metadata from an object without returning the object
-    # itself. This operation is useful if you're interested only in an
-    # object's metadata.
+    # Retrieves all of the metadata from an object without returning the
+    # object itself. This operation is useful if you're interested only in
+    # an object's metadata.
     #
     # `GetObjectAttributes` combines the functionality of `HeadObject` and
-    # `ListParts`. All of the data returned with each of those individual
+    # `ListParts`. All of the data returned with both of those individual
     # calls can be returned with a single call to `GetObjectAttributes`.
     #
     # <note markdown="1"> **Directory buckets** - For directory buckets, you must make requests
@@ -9100,16 +9617,23 @@ module Aws::S3
     # Permissions
     # : * **General purpose bucket permissions** - To use
     #     `GetObjectAttributes`, you must have READ access to the object.
-    #     The permissions that you need to use this operation depend on
-    #     whether the bucket is versioned. If the bucket is versioned, you
-    #     need both the `s3:GetObjectVersion` and
-    #     `s3:GetObjectVersionAttributes` permissions for this operation. If
-    #     the bucket is not versioned, you need the `s3:GetObject` and
-    #     `s3:GetObjectAttributes` permissions. For more information, see
-    #     [Specifying Permissions in a Policy][3] in the *Amazon S3 User
-    #     Guide*. If the object that you request does not exist, the error
-    #     Amazon S3 returns depends on whether you also have the
-    #     `s3:ListBucket` permission.
+    #
+    #     The other permissions that you need to use this operation depend
+    #     on whether the bucket is versioned and if a version ID is passed
+    #     in the `GetObjectAttributes` request.
+    #
+    #     * If you pass a version ID in your request, you need both the
+    #       `s3:GetObjectVersion` and `s3:GetObjectVersionAttributes`
+    #       permissions.
+    #
+    #     * If you do not pass a version ID in your request, you need the
+    #       `s3:GetObject` and `s3:GetObjectAttributes` permissions.
+    #     For more information, see [Specifying Permissions in a Policy][3]
+    #     in the *Amazon S3 User Guide*.
+    #
+    #     If the object that you request does not exist, the error Amazon S3
+    #     returns depends on whether you also have the `s3:ListBucket`
+    #     permission.
     #
     #     * If you have the `s3:ListBucket` permission on the bucket, Amazon
     #       S3 returns an HTTP status code `404 Not Found` ("no such key")
@@ -9153,12 +9677,12 @@ module Aws::S3
     #
     #    </note>
     #
-    #   If you encrypt an object by using server-side encryption with
-    #   customer-provided encryption keys (SSE-C) when you store the object
-    #   in Amazon S3, then when you retrieve the metadata from the object,
-    #   you must use the following headers to provide the encryption key for
-    #   the server to be able to retrieve the object's metadata. The
-    #   headers are:
+    #   If you encrypted an object when you stored the object in Amazon S3
+    #   by using server-side encryption with customer-provided encryption
+    #   keys (SSE-C), then when you retrieve the metadata from the object,
+    #   you must use the following headers. These headers provide the server
+    #   with the encryption key required to retrieve the object's metadata.
+    #   The headers are:
     #
     #   * `x-amz-server-side-encryption-customer-algorithm`
     #
@@ -9272,19 +9796,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -9317,11 +9842,23 @@ module Aws::S3
     #    </note>
     #
     # @option params [Integer] :max_parts
-    #   Sets the maximum number of parts to return.
+    #   Sets the maximum number of parts to return. For more information, see
+    #   [Uploading and copying objects using multipart upload in Amazon S3
+    #   ][1] in the *Amazon Simple Storage Service user guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html
     #
     # @option params [Integer] :part_number_marker
     #   Specifies the part after which listing should begin. Only parts with
-    #   higher part numbers will be listed.
+    #   higher part numbers will be listed. For more information, see
+    #   [Uploading and copying objects using multipart upload in Amazon S3
+    #   ][1] in the *Amazon Simple Storage Service user guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html
     #
     # @option params [String] :sse_customer_algorithm
     #   Specifies the algorithm to use when encrypting the object (for
@@ -9431,7 +9968,7 @@ module Aws::S3
     #   resp.object_parts.parts[0].checksum_crc64nvme #=> String
     #   resp.object_parts.parts[0].checksum_sha1 #=> String
     #   resp.object_parts.parts[0].checksum_sha256 #=> String
-    #   resp.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"
+    #   resp.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE", "FSX_OPENZFS"
     #   resp.object_size #=> Integer
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectAttributes AWS API Documentation
@@ -9467,11 +10004,13 @@ module Aws::S3
     #   The bucket name containing the object whose legal hold status you want
     #   to retrieve.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -9562,11 +10101,13 @@ module Aws::S3
     # @option params [required, String] :bucket
     #   The bucket whose Object Lock configuration you want to retrieve.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -9633,11 +10174,13 @@ module Aws::S3
     #   The bucket name containing the object whose retention settings you
     #   want to retrieve.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -9745,11 +10288,13 @@ module Aws::S3
     #   The bucket name containing the object for which to get the tagging
     #   information.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -10143,11 +10688,13 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -10161,8 +10708,7 @@ module Aws::S3
     #   `InvalidAccessPointAliasError` is returned. For more information about
     #   `InvalidAccessPointAliasError`, see [List of Error Codes][3].
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -10189,6 +10735,7 @@ module Aws::S3
     #
     # @return [Types::HeadBucketOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
+    #   * {Types::HeadBucketOutput#bucket_arn #bucket_arn} => String
     #   * {Types::HeadBucketOutput#bucket_location_type #bucket_location_type} => String
     #   * {Types::HeadBucketOutput#bucket_location_name #bucket_location_name} => String
     #   * {Types::HeadBucketOutput#bucket_region #bucket_region} => String
@@ -10212,6 +10759,7 @@ module Aws::S3
     #
     # @example Response structure
     #
+    #   resp.bucket_arn #=> String
     #   resp.bucket_location_type #=> String, one of "AvailabilityZone", "LocalZone"
     #   resp.bucket_location_name #=> String
     #   resp.bucket_region #=> String
@@ -10403,19 +10951,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -10656,6 +11205,7 @@ module Aws::S3
     #   * {Types::HeadObjectOutput#request_charged #request_charged} => String
     #   * {Types::HeadObjectOutput#replication_status #replication_status} => String
     #   * {Types::HeadObjectOutput#parts_count #parts_count} => Integer
+    #   * {Types::HeadObjectOutput#tag_count #tag_count} => Integer
     #   * {Types::HeadObjectOutput#object_lock_mode #object_lock_mode} => String
     #   * {Types::HeadObjectOutput#object_lock_retain_until_date #object_lock_retain_until_date} => Time
     #   * {Types::HeadObjectOutput#object_lock_legal_hold_status #object_lock_legal_hold_status} => String
@@ -10735,17 +11285,18 @@ module Aws::S3
     #   resp.expires #=> Time
     #   resp.expires_string #=> String
     #   resp.website_redirect_location #=> String
-    #   resp.server_side_encryption #=> String, one of "AES256", "aws:kms", "aws:kms:dsse"
+    #   resp.server_side_encryption #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
     #   resp.metadata #=> Hash
     #   resp.metadata["MetadataKey"] #=> String
     #   resp.sse_customer_algorithm #=> String
     #   resp.sse_customer_key_md5 #=> String
     #   resp.ssekms_key_id #=> String
     #   resp.bucket_key_enabled #=> Boolean
-    #   resp.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"
+    #   resp.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE", "FSX_OPENZFS"
     #   resp.request_charged #=> String, one of "requester"
     #   resp.replication_status #=> String, one of "COMPLETE", "PENDING", "FAILED", "REPLICA", "COMPLETED"
     #   resp.parts_count #=> Integer
+    #   resp.tag_count #=> Integer
     #   resp.object_lock_mode #=> String, one of "GOVERNANCE", "COMPLIANCE"
     #   resp.object_lock_retain_until_date #=> Time
     #   resp.object_lock_legal_hold_status #=> String, one of "ON", "OFF"
@@ -10916,6 +11467,11 @@ module Aws::S3
     #   The `ContinuationToken` that represents a placeholder from where this
     #   request should begin.
     #
+    # @option params [String] :expected_bucket_owner
+    #   The account ID of the expected bucket owner. If the account ID that
+    #   you provide does not match the actual owner of the bucket, the request
+    #   fails with the HTTP status code `403 Forbidden` (access denied).
+    #
     # @return [Types::ListBucketIntelligentTieringConfigurationsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ListBucketIntelligentTieringConfigurationsOutput#is_truncated #is_truncated} => Boolean
@@ -10928,6 +11484,7 @@ module Aws::S3
     #   resp = client.list_bucket_intelligent_tiering_configurations({
     #     bucket: "BucketName", # required
     #     continuation_token: "Token",
+    #     expected_bucket_owner: "AccountId",
     #   })
     #
     # @example Response structure
@@ -10962,7 +11519,7 @@ module Aws::S3
     #
     #  </note>
     #
-    # Returns a list of inventory configurations for the bucket. You can
+    # Returns a list of S3 Inventory configurations for the bucket. You can
     # have up to 1,000 analytics configurations per bucket.
     #
     # This action supports list pagination and does not return more than 100
@@ -11162,6 +11719,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -11286,6 +11856,7 @@ module Aws::S3
     #   resp.buckets[0].name #=> String
     #   resp.buckets[0].creation_date #=> Time
     #   resp.buckets[0].bucket_region #=> String
+    #   resp.buckets[0].bucket_arn #=> String
     #   resp.owner.display_name #=> String
     #   resp.owner.id #=> String
     #   resp.continuation_token #=> String
@@ -11377,6 +11948,7 @@ module Aws::S3
     #   resp.buckets[0].name #=> String
     #   resp.buckets[0].creation_date #=> Time
     #   resp.buckets[0].bucket_region #=> String
+    #   resp.buckets[0].bucket_arn #=> String
     #   resp.continuation_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListDirectoryBuckets AWS API Documentation
@@ -11388,6 +11960,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # This operation lists in-progress multipart uploads in a bucket. An
     # in-progress multipart upload is a multipart upload that has been
     # initiated by the `CreateMultipartUpload` request, but has not yet been
@@ -11522,19 +12107,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -11563,6 +12149,9 @@ module Aws::S3
     #   beginning of the key. The keys that are grouped under `CommonPrefixes`
     #   result element are not returned elsewhere in the response.
     #
+    #   `CommonPrefixes` is filtered out from results if it is not
+    #   lexicographically greater than the key-marker.
+    #
     #   <note markdown="1"> **Directory buckets** - For directory buckets, `/` is the only
     #   supported delimiter.
     #
@@ -11688,97 +12277,97 @@ module Aws::S3
     # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
     #
     #
-    # @example Example: To list in-progress multipart uploads on a bucket
+    # @example Example: List next set of multipart uploads when previous result is truncated
     #
-    #   # The following example lists in-progress multipart uploads on a specific bucket.
+    #   # The following example specifies the upload-id-marker and key-marker from previous truncated response to retrieve next
+    #   # setup of multipart uploads.
     #
     #   resp = client.list_multipart_uploads({
     #     bucket: "examplebucket", 
+    #     key_marker: "nextkeyfrompreviousresponse", 
+    #     max_uploads: 2, 
+    #     upload_id_marker: "valuefrompreviousresponse", 
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
+    #     bucket: "acl1", 
+    #     is_truncated: true, 
+    #     key_marker: "", 
+    #     max_uploads: 2, 
+    #     next_key_marker: "someobjectkey", 
+    #     next_upload_id_marker: "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--", 
+    #     upload_id_marker: "", 
     #     uploads: [
     #       {
     #         initiated: Time.parse("2014-05-01T05:40:58.000Z"), 
     #         initiator: {
-    #           display_name: "display-name", 
+    #           display_name: "ownder-display-name", 
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc", 
     #         }, 
     #         key: "JavaFile", 
     #         owner: {
-    #           display_name: "display-name", 
-    #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc", 
+    #           display_name: "mohanataws", 
+    #           id: "852b113e7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc", 
     #         }, 
     #         storage_class: "STANDARD", 
-    #         upload_id: "examplelUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--", 
+    #         upload_id: "gZ30jIqlUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--", 
     #       }, 
     #       {
     #         initiated: Time.parse("2014-05-01T05:41:27.000Z"), 
     #         initiator: {
-    #           display_name: "display-name", 
+    #           display_name: "ownder-display-name", 
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc", 
     #         }, 
     #         key: "JavaFile", 
     #         owner: {
-    #           display_name: "display-name", 
+    #           display_name: "ownder-display-name", 
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc", 
     #         }, 
     #         storage_class: "STANDARD", 
-    #         upload_id: "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--", 
+    #         upload_id: "b7tZSqIlo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--", 
     #       }, 
     #     ], 
     #   }
     #
-    # @example Example: List next set of multipart uploads when previous result is truncated
+    # @example Example: To list in-progress multipart uploads on a bucket
     #
-    #   # The following example specifies the upload-id-marker and key-marker from previous truncated response to retrieve next
-    #   # setup of multipart uploads.
+    #   # The following example lists in-progress multipart uploads on a specific bucket.
     #
     #   resp = client.list_multipart_uploads({
     #     bucket: "examplebucket", 
-    #     key_marker: "nextkeyfrompreviousresponse", 
-    #     max_uploads: 2, 
-    #     upload_id_marker: "valuefrompreviousresponse", 
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     bucket: "acl1", 
-    #     is_truncated: true, 
-    #     key_marker: "", 
-    #     max_uploads: 2, 
-    #     next_key_marker: "someobjectkey", 
-    #     next_upload_id_marker: "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--", 
-    #     upload_id_marker: "", 
     #     uploads: [
     #       {
     #         initiated: Time.parse("2014-05-01T05:40:58.000Z"), 
     #         initiator: {
-    #           display_name: "ownder-display-name", 
+    #           display_name: "display-name", 
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc", 
     #         }, 
     #         key: "JavaFile", 
     #         owner: {
-    #           display_name: "mohanataws", 
-    #           id: "852b113e7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc", 
+    #           display_name: "display-name", 
+    #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc", 
     #         }, 
     #         storage_class: "STANDARD", 
-    #         upload_id: "gZ30jIqlUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--", 
+    #         upload_id: "examplelUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--", 
     #       }, 
     #       {
     #         initiated: Time.parse("2014-05-01T05:41:27.000Z"), 
     #         initiator: {
-    #           display_name: "ownder-display-name", 
+    #           display_name: "display-name", 
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc", 
     #         }, 
     #         key: "JavaFile", 
     #         owner: {
-    #           display_name: "ownder-display-name", 
+    #           display_name: "display-name", 
     #           id: "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc", 
     #         }, 
     #         storage_class: "STANDARD", 
-    #         upload_id: "b7tZSqIlo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--", 
+    #         upload_id: "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--", 
     #       }, 
     #     ], 
     #   }
@@ -11812,7 +12401,7 @@ module Aws::S3
     #   resp.uploads[0].upload_id #=> String
     #   resp.uploads[0].key #=> String
     #   resp.uploads[0].initiated #=> Time
-    #   resp.uploads[0].storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"
+    #   resp.uploads[0].storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE", "FSX_OPENZFS"
     #   resp.uploads[0].owner.display_name #=> String
     #   resp.uploads[0].owner.id #=> String
     #   resp.uploads[0].initiator.id #=> String
@@ -11833,6 +12422,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -11880,6 +12482,9 @@ module Aws::S3
     #   the `max-keys` limitation. These keys are not returned elsewhere in
     #   the response.
     #
+    #   `CommonPrefixes` is filtered out from results if it is not
+    #   lexicographically greater than the key-marker.
+    #
     # @option params [String] :encoding_type
     #   Encoding type used by Amazon S3 to encode the [object keys][1] in the
     #   response. Responses are encoded only in UTF-8. An object key can
@@ -12073,6 +12678,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -12120,19 +12738,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -12154,6 +12773,9 @@ module Aws::S3
     # @option params [String] :delimiter
     #   A delimiter is a character that you use to group keys.
     #
+    #   `CommonPrefixes` is filtered out from results if it is not
+    #   lexicographically greater than the key-marker.
+    #
     # @option params [String] :encoding_type
     #   Encoding type used by Amazon S3 to encode the [object keys][1] in the
     #   response. Responses are encoded only in UTF-8. An object key can
@@ -12285,7 +12907,7 @@ module Aws::S3
     #   resp.contents[0].checksum_algorithm[0] #=> String, one of "CRC32", "CRC32C", "SHA1", "SHA256", "CRC64NVME"
     #   resp.contents[0].checksum_type #=> String, one of "COMPOSITE", "FULL_OBJECT"
     #   resp.contents[0].size #=> Integer
-    #   resp.contents[0].storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "GLACIER", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"
+    #   resp.contents[0].storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "GLACIER", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE", "FSX_OPENZFS"
     #   resp.contents[0].owner.display_name #=> String
     #   resp.contents[0].owner.id #=> String
     #   resp.contents[0].restore_status.is_restore_in_progress #=> Boolean
@@ -12413,19 +13035,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -12447,6 +13070,9 @@ module Aws::S3
     # @option params [String] :delimiter
     #   A delimiter is a character that you use to group keys.
     #
+    #   `CommonPrefixes` is filtered out from results if it is not
+    #   lexicographically greater than the `StartAfter` value.
+    #
     #   <note markdown="1"> * **Directory buckets** - For directory buckets, `/` is the only
     #     supported delimiter.
     #
@@ -12627,7 +13253,7 @@ module Aws::S3
     #   resp.contents[0].checksum_algorithm[0] #=> String, one of "CRC32", "CRC32C", "SHA1", "SHA256", "CRC64NVME"
     #   resp.contents[0].checksum_type #=> String, one of "COMPOSITE", "FULL_OBJECT"
     #   resp.contents[0].size #=> Integer
-    #   resp.contents[0].storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "GLACIER", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"
+    #   resp.contents[0].storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "GLACIER", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE", "FSX_OPENZFS"
     #   resp.contents[0].owner.display_name #=> String
     #   resp.contents[0].owner.id #=> String
     #   resp.contents[0].restore_status.is_restore_in_progress #=> Boolean
@@ -12654,6 +13280,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # Lists the parts that have been uploaded for a specific multipart
     # upload.
     #
@@ -12760,19 +13399,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -12968,7 +13608,7 @@ module Aws::S3
     #   resp.initiator.display_name #=> String
     #   resp.owner.display_name #=> String
     #   resp.owner.id #=> String
-    #   resp.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE"
+    #   resp.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE", "FSX_OPENZFS"
     #   resp.request_charged #=> String, one of "requester"
     #   resp.checksum_algorithm #=> String, one of "CRC32", "CRC32C", "SHA1", "SHA256", "CRC64NVME"
     #   resp.checksum_type #=> String, one of "COMPOSITE", "FULL_OBJECT"
@@ -13081,6 +13721,20 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -13187,7 +13841,10 @@ module Aws::S3
     # Grantee Values
     #
     # : You can specify the person (grantee) to whom you're assigning
-    #   access rights (using request elements) in the following ways:
+    #   access rights (using request elements) in the following ways. For
+    #   examples of how to specify these grantee values in JSON format, see
+    #   the Amazon Web Services CLI example in [ Enabling Amazon S3 server
+    #   access logging][6] in the *Amazon S3 User Guide*.
     #
     #   * By the person's ID:
     #
@@ -13237,11 +13894,11 @@ module Aws::S3
     #
     # The following operations are related to `PutBucketAcl`:
     #
-    # * [CreateBucket][6]
+    # * [CreateBucket][7]
     #
-    # * [DeleteBucket][7]
+    # * [DeleteBucket][8]
     #
-    # * [GetObjectAcl][8]
+    # * [GetObjectAcl][9]
     #
     #
     #
@@ -13250,9 +13907,10 @@ module Aws::S3
     # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
     # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
     # [5]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
-    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html
     #
     # @option params [String] :acl
     #   The canned ACL to apply to the bucket.
@@ -13906,7 +14564,7 @@ module Aws::S3
     #       rules: [ # required
     #         {
     #           apply_server_side_encryption_by_default: {
-    #             sse_algorithm: "AES256", # required, accepts AES256, aws:kms, aws:kms:dsse
+    #             sse_algorithm: "AES256", # required, accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
     #             kms_master_key_id: "SSEKMSKeyId",
     #           },
     #           bucket_key_enabled: false,
@@ -14003,6 +14661,11 @@ module Aws::S3
     # @option params [required, String] :id
     #   The ID used to identify the S3 Intelligent-Tiering configuration.
     #
+    # @option params [String] :expected_bucket_owner
+    #   The account ID of the expected bucket owner. If the account ID that
+    #   you provide does not match the actual owner of the bucket, the request
+    #   fails with the HTTP status code `403 Forbidden` (access denied).
+    #
     # @option params [required, Types::IntelligentTieringConfiguration] :intelligent_tiering_configuration
     #   Container for S3 Intelligent-Tiering configuration.
     #
@@ -14013,6 +14676,7 @@ module Aws::S3
     #   resp = client.put_bucket_intelligent_tiering_configuration({
     #     bucket: "BucketName", # required
     #     id: "IntelligentTieringId", # required
+    #     expected_bucket_owner: "AccountId",
     #     intelligent_tiering_configuration: { # required
     #       id: "IntelligentTieringId", # required
     #       filter: {
@@ -14054,7 +14718,7 @@ module Aws::S3
     #
     #  </note>
     #
-    # This implementation of the `PUT` action adds an inventory
+    # This implementation of the `PUT` action adds an S3 Inventory
     # configuration (identified by the inventory ID) to the bucket. You can
     # have up to 1,000 inventory configurations per bucket.
     #
@@ -14651,6 +15315,20 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -14674,7 +15352,10 @@ module Aws::S3
     # Grantee Values
     #
     # : You can specify the person (grantee) to whom you're assigning
-    #   access rights (by using request elements) in the following ways:
+    #   access rights (by using request elements) in the following ways. For
+    #   examples of how to specify these grantee values in JSON format, see
+    #   the Amazon Web Services CLI example in [ Enabling Amazon S3 server
+    #   access logging][2] in the *Amazon S3 User Guide*.
     #
     #   * By the person's ID:
     #
@@ -14705,30 +15386,31 @@ module Aws::S3
     # />`
     #
     # For more information about server access logging, see [Server Access
-    # Logging][2] in the *Amazon S3 User Guide*.
+    # Logging][3] in the *Amazon S3 User Guide*.
     #
-    # For more information about creating a bucket, see [CreateBucket][3].
+    # For more information about creating a bucket, see [CreateBucket][4].
     # For more information about returning the logging status of a bucket,
-    # see [GetBucketLogging][4].
+    # see [GetBucketLogging][5].
     #
     # The following operations are related to `PutBucketLogging`:
     #
-    # * [PutObject][5]
+    # * [PutObject][6]
     #
-    # * [DeleteBucket][6]
+    # * [DeleteBucket][7]
     #
-    # * [CreateBucket][3]
+    # * [CreateBucket][4]
     #
-    # * [GetBucketLogging][4]
+    # * [GetBucketLogging][5]
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general
-    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html
-    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
-    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html
-    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
     #
     # @option params [required, String] :bucket
     #   The name of the bucket for which to set the logging parameters.
@@ -15251,6 +15933,22 @@ module Aws::S3
     #   The `OwnershipControls` (BucketOwnerEnforced, BucketOwnerPreferred, or
     #   ObjectWriter) that you want to apply to this Amazon S3 bucket.
     #
+    # @option params [String] :checksum_algorithm
+    #   Indicates the algorithm used to create the checksum for the object
+    #   when you use the SDK. This header will not provide any additional
+    #   functionality if you don't use the SDK. When you send this header,
+    #   there must be a corresponding `x-amz-checksum-algorithm ` header sent.
+    #   Otherwise, Amazon S3 fails the request with the HTTP status code `400
+    #   Bad Request`. For more information, see [Checking object integrity][1]
+    #   in the *Amazon S3 User Guide*.
+    #
+    #   If you provide an individual checksum, Amazon S3 ignores any provided
+    #   `ChecksumAlgorithm` parameter.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -15266,6 +15964,7 @@ module Aws::S3
     #         },
     #       ],
     #     },
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketOwnershipControls AWS API Documentation
@@ -15683,7 +16382,7 @@ module Aws::S3
     #           destination: { # required
     #             bucket: "BucketName", # required
     #             account: "AccountId",
-    #             storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
+    #             storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
     #             access_control_translation: {
     #               owner: "Destination", # required, accepts Destination
     #             },
@@ -16295,6 +16994,20 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # Adds an object to a bucket.
     #
     # <note markdown="1"> * Amazon S3 never adds partial objects; if you receive a success
@@ -16491,19 +17204,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -16802,8 +17516,7 @@ module Aws::S3
     #
     # @option params [String] :server_side_encryption
     #   The server-side encryption algorithm that was used when you store this
-    #   object in Amazon S3 (for example, `AES256`, `aws:kms`,
-    #   `aws:kms:dsse`).
+    #   object in Amazon S3 or Amazon FSx.
     #
     #   * <b>General purpose buckets </b> - You have four mutually exclusive
     #     options to protect data using server-side encryption in Amazon S3,
@@ -16857,6 +17570,14 @@ module Aws::S3
     #
     #      </note>
     #
+    #   * <b>S3 access points for Amazon FSx </b> - When accessing data stored
+    #     in Amazon FSx file systems using S3 access points, the only valid
+    #     server side encryption option is `aws:fsx`. All Amazon FSx file
+    #     systems have encryption configured by default and are encrypted at
+    #     rest. Data is automatically encrypted before being written to the
+    #     file system, and automatically decrypted as it is read. These
+    #     processes are handled transparently by Amazon FSx.
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
@@ -16872,8 +17593,9 @@ module Aws::S3
     #   a different Storage Class. For more information, see [Storage
     #   Classes][1] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> * For directory buckets, only the S3 Express One Zone storage class is
-    #     supported to store newly created objects.
+    #   <note markdown="1"> * Directory buckets only support `EXPRESS_ONEZONE` (the S3 Express One
+    #     Zone storage class) in Availability Zones and `ONEZONE_IA` (the S3
+    #     One Zone-Infrequent Access storage class) in Dedicated Local Zones.
     #
     #   * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
     #
@@ -17102,6 +17824,24 @@ module Aws::S3
     #   * {Types::PutObjectOutput#request_charged #request_charged} => String
     #
     #
+    # @example Example: To upload an object and specify canned ACL.
+    #
+    #   # The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ
+    #   # access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.
+    #
+    #   resp = client.put_object({
+    #     acl: "authenticated-read", 
+    #     body: "filetoupload", 
+    #     bucket: "examplebucket", 
+    #     key: "exampleobject", 
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"", 
+    #     version_id: "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr", 
+    #   }
+    #
     # @example Example: To upload an object
     #
     #   # The following example uploads an object to a versioning-enabled bucket. The source file is specified using Windows file
@@ -17139,29 +17879,13 @@ module Aws::S3
     #     version_id: "CG612hodqujkf8FaaNfp8U..FIhLROcp", 
     #   }
     #
-    # @example Example: To create an object.
+    # @example Example: To upload an object and specify optional tags
     #
-    #   # The following example creates an object. If the bucket is versioning enabled, S3 returns version ID in response.
+    #   # The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore
+    #   # S3 returns version ID of the newly created object.
     #
     #   resp = client.put_object({
-    #     body: "filetoupload", 
-    #     bucket: "examplebucket", 
-    #     key: "objectkey", 
-    #   })
-    #
-    #   resp.to_h outputs the following:
-    #   {
-    #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"", 
-    #     version_id: "Bvq0EDKxOcXLJXNo_Lkz37eM3R4pfzyQ", 
-    #   }
-    #
-    # @example Example: To upload an object and specify optional tags
-    #
-    #   # The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore
-    #   # S3 returns version ID of the newly created object.
-    #
-    #   resp = client.put_object({
-    #     body: "c:\\HappyFace.jpg", 
+    #     body: "c:\\HappyFace.jpg", 
     #     bucket: "examplebucket", 
     #     key: "HappyFace.jpg", 
     #     tagging: "key1=value1&key2=value2", 
@@ -17214,22 +17938,20 @@ module Aws::S3
     #     version_id: "pSKidl4pHBiNwukdbcPXAIs.sshFFOc0", 
     #   }
     #
-    # @example Example: To upload an object and specify canned ACL.
+    # @example Example: To create an object.
     #
-    #   # The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ
-    #   # access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.
+    #   # The following example creates an object. If the bucket is versioning enabled, S3 returns version ID in response.
     #
     #   resp = client.put_object({
-    #     acl: "authenticated-read", 
     #     body: "filetoupload", 
     #     bucket: "examplebucket", 
-    #     key: "exampleobject", 
+    #     key: "objectkey", 
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     etag: "\"6805f2cfc46c0f04559748bb039d69ae\"", 
-    #     version_id: "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr", 
+    #     version_id: "Bvq0EDKxOcXLJXNo_Lkz37eM3R4pfzyQ", 
     #   }
     #
     # @example Streaming a file from disk
@@ -17269,8 +17991,8 @@ module Aws::S3
     #     metadata: {
     #       "MetadataKey" => "MetadataValue",
     #     },
-    #     server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
+    #     server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -17296,7 +18018,7 @@ module Aws::S3
     #   resp.checksum_sha1 #=> String
     #   resp.checksum_sha256 #=> String
     #   resp.checksum_type #=> String, one of "COMPOSITE", "FULL_OBJECT"
-    #   resp.server_side_encryption #=> String, one of "AES256", "aws:kms", "aws:kms:dsse"
+    #   resp.server_side_encryption #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
     #   resp.version_id #=> String
     #   resp.sse_customer_algorithm #=> String
     #   resp.sse_customer_key_md5 #=> String
@@ -17412,7 +18134,10 @@ module Aws::S3
     # Grantee Values
     #
     # : You can specify the person (grantee) to whom you're assigning
-    #   access rights (using request elements) in the following ways:
+    #   access rights (using request elements) in the following ways. For
+    #   examples of how to specify these grantee values in JSON format, see
+    #   the Amazon Web Services CLI example in [ Enabling Amazon S3 server
+    #   access logging][6] in the *Amazon S3 User Guide*.
     #
     #   * By the person's ID:
     #
@@ -17468,9 +18193,9 @@ module Aws::S3
     #
     # The following operations are related to `PutObjectAcl`:
     #
-    # * [CopyObject][6]
+    # * [CopyObject][7]
     #
-    # * [GetObject][7]
+    # * [GetObject][8]
     #
     #
     #
@@ -17479,8 +18204,9 @@ module Aws::S3
     # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
     # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
     # [5]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
     #
     # @option params [String] :acl
     #   The canned ACL to apply to the object. For more information, see
@@ -17498,11 +18224,13 @@ module Aws::S3
     #   The bucket name that contains the object to which you want to attach
     #   the ACL.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -17701,11 +18429,13 @@ module Aws::S3
     #   The bucket name containing the object that you want to place a legal
     #   hold on.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -17942,11 +18672,13 @@ module Aws::S3
     #   The bucket name that contains the object you want to apply this Object
     #   Retention configuration to.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -18107,11 +18839,13 @@ module Aws::S3
     # @option params [required, String] :bucket
     #   The bucket name containing the object.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -18358,6 +19092,179 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # Renames an existing object in a directory bucket that uses the S3
+    # Express One Zone storage class. You can use `RenameObject` by
+    # specifying an existing object’s name as the source and the new name of
+    # the object as the destination within the same directory bucket.
+    #
+    # <note markdown="1"> `RenameObject` is only supported for objects stored in the S3 Express
+    # One Zone storage class.
+    #
+    #  </note>
+    #
+    # To prevent overwriting an object, you can use the `If-None-Match`
+    # conditional header.
+    #
+    # * **If-None-Match** - Renames the object only if an object with the
+    #   specified name does not already exist in the directory bucket. If
+    #   you don't want to overwrite an existing object, you can add the
+    #   `If-None-Match` conditional header with the value `‘*’` in the
+    #   `RenameObject` request. Amazon S3 then returns a `412 Precondition
+    #   Failed` error if the object with the specified name already exists.
+    #   For more information, see [RFC 7232][1].
+    #
+    # ^
+    #
+    # Permissions
+    #
+    # : To grant access to the `RenameObject` operation on a directory
+    #   bucket, we recommend that you use the `CreateSession` operation for
+    #   session-based authorization. Specifically, you grant the
+    #   `s3express:CreateSession` permission to the directory bucket in a
+    #   bucket policy or an IAM identity-based policy. Then, you make the
+    #   `CreateSession` API call on the directory bucket to obtain a session
+    #   token. With the session token in your request header, you can make
+    #   API requests to this operation. After the session token expires, you
+    #   make another `CreateSession` API call to generate a new session
+    #   token for use. The Amazon Web Services CLI and SDKs will create and
+    #   manage your session including refreshing the session token
+    #   automatically to avoid service interruptions when a session expires.
+    #   In your bucket policy, you can specify the `s3express:SessionMode`
+    #   condition key to control who can create a `ReadWrite` or `ReadOnly`
+    #   session. A `ReadWrite` session is required for executing all the
+    #   Zonal endpoint API operations, including `RenameObject`. For more
+    #   information about authorization, see [ `CreateSession` ][2]. To
+    #   learn more about Zonal endpoint API operations, see [Authorizing
+    #   Zonal endpoint API operations with CreateSession][3] in the *Amazon
+    #   S3 User Guide*.
+    #
+    # HTTP Host header syntax
+    #
+    # : <b>Directory buckets </b> - The HTTP Host header syntax is `
+    #   Bucket-name.s3express-zone-id.region-code.amazonaws.com`.
+    #
+    #
+    #
+    # [1]: https://datatracker.ietf.org/doc/rfc7232/
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-create-session.html
+    #
+    # @option params [required, String] :bucket
+    #   The bucket name of the directory bucket containing the object.
+    #
+    #   You must use virtual-hosted-style requests in the format
+    #   `Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style
+    #   requests are not supported. Directory bucket names must be unique in
+    #   the chosen Availability Zone. Bucket names must follow the format
+    #   `bucket-base-name--zone-id--x-s3 ` (for example,
+    #   `amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket
+    #   naming restrictions, see [Directory bucket naming rules][1] in the
+    #   *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html
+    #
+    # @option params [required, String] :key
+    #   Key name of the object to rename.
+    #
+    # @option params [required, String] :rename_source
+    #   Specifies the source for the rename operation. The value must be URL
+    #   encoded.
+    #
+    # @option params [String] :destination_if_match
+    #   Renames the object only if the ETag (entity tag) value provided during
+    #   the operation matches the ETag of the object in S3. The `If-Match`
+    #   header field makes the request method conditional on ETags. If the
+    #   ETag values do not match, the operation returns a `412 Precondition
+    #   Failed` error.
+    #
+    #   Expects the ETag value as a string.
+    #
+    # @option params [String] :destination_if_none_match
+    #   Renames the object only if the destination does not already exist in
+    #   the specified directory bucket. If the object does exist when you send
+    #   a request with `If-None-Match:*`, the S3 API will return a `412
+    #   Precondition Failed` error, preventing an overwrite. The
+    #   `If-None-Match` header prevents overwrites of existing data by
+    #   validating that there's not an object with the same key name already
+    #   in your directory bucket.
+    #
+    #   Expects the `*` character (asterisk).
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :destination_if_modified_since
+    #   Renames the object if the destination exists and if it has been
+    #   modified since the specified time.
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :destination_if_unmodified_since
+    #   Renames the object if it hasn't been modified since the specified
+    #   time.
+    #
+    # @option params [String] :source_if_match
+    #   Renames the object if the source exists and if its entity tag (ETag)
+    #   matches the specified ETag.
+    #
+    # @option params [String] :source_if_none_match
+    #   Renames the object if the source exists and if its entity tag (ETag)
+    #   is different than the specified ETag. If an asterisk (`*`) character
+    #   is provided, the operation will fail and return a `412 Precondition
+    #   Failed` error.
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :source_if_modified_since
+    #   Renames the object if the source exists and if it has been modified
+    #   since the specified time.
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :source_if_unmodified_since
+    #   Renames the object if the source exists and hasn't been modified
+    #   since the specified time.
+    #
+    # @option params [String] :client_token
+    #   A unique string with a max of 64 ASCII characters in the ASCII range
+    #   of 33 - 126.
+    #
+    #   <note markdown="1"> `RenameObject` supports idempotency using a client token. To make an
+    #   idempotent API request using `RenameObject`, specify a client token in
+    #   the request. You should not reuse the same client token for other API
+    #   requests. If you retry a request that completed successfully using the
+    #   same client token and the same parameters, the retry succeeds without
+    #   performing any further actions. If you retry a successful request
+    #   using the same client token, but one or more of the parameters are
+    #   different, the retry fails and an `IdempotentParameterMismatch` error
+    #   is returned.
+    #
+    #    </note>
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.rename_object({
+    #     bucket: "BucketName", # required
+    #     key: "ObjectKey", # required
+    #     rename_source: "RenameSource", # required
+    #     destination_if_match: "IfMatch",
+    #     destination_if_none_match: "IfNoneMatch",
+    #     destination_if_modified_since: Time.now,
+    #     destination_if_unmodified_since: Time.now,
+    #     source_if_match: "RenameSourceIfMatch",
+    #     source_if_none_match: "RenameSourceIfNoneMatch",
+    #     source_if_modified_since: Time.now,
+    #     source_if_unmodified_since: Time.now,
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/RenameObject AWS API Documentation
+    #
+    # @overload rename_object(params = {})
+    # @param [Hash] params ({})
+    def rename_object(params = {}, options = {})
+      req = build_request(:rename_object, params)
+      req.send_request(options)
+    end
+
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -18393,20 +19300,19 @@ module Aws::S3
     #
     # Restoring objects
     #
-    # : Objects that you archive to the S3 Glacier Flexible Retrieval
-    #   Flexible Retrieval or S3 Glacier Deep Archive storage class, and S3
-    #   Intelligent-Tiering Archive or S3 Intelligent-Tiering Deep Archive
-    #   tiers, are not accessible in real time. For objects in the S3
-    #   Glacier Flexible Retrieval Flexible Retrieval or S3 Glacier Deep
-    #   Archive storage classes, you must first initiate a restore request,
-    #   and then wait until a temporary copy of the object is available. If
-    #   you want a permanent copy of the object, create a copy of it in the
-    #   Amazon S3 Standard storage class in your S3 bucket. To access an
-    #   archived object, you must restore the object for the duration
-    #   (number of days) that you specify. For objects in the Archive Access
-    #   or Deep Archive Access tiers of S3 Intelligent-Tiering, you must
-    #   first initiate a restore request, and then wait until the object is
-    #   moved into the Frequent Access tier.
+    # : Objects that you archive to the S3 Glacier Flexible Retrieval or S3
+    #   Glacier Deep Archive storage class, and S3 Intelligent-Tiering
+    #   Archive or S3 Intelligent-Tiering Deep Archive tiers, are not
+    #   accessible in real time. For objects in the S3 Glacier Flexible
+    #   Retrieval or S3 Glacier Deep Archive storage classes, you must first
+    #   initiate a restore request, and then wait until a temporary copy of
+    #   the object is available. If you want a permanent copy of the object,
+    #   create a copy of it in the Amazon S3 Standard storage class in your
+    #   S3 bucket. To access an archived object, you must restore the object
+    #   for the duration (number of days) that you specify. For objects in
+    #   the Archive Access or Deep Archive Access tiers of S3
+    #   Intelligent-Tiering, you must first initiate a restore request, and
+    #   then wait until the object is moved into the Frequent Access tier.
     #
     #   To restore a specific object version, you can provide a version ID.
     #   If you don't provide a version ID, Amazon S3 restores the current
@@ -18417,38 +19323,37 @@ module Aws::S3
     #   request body:
     #
     #   * `Expedited` - Expedited retrievals allow you to quickly access
-    #     your data stored in the S3 Glacier Flexible Retrieval Flexible
-    #     Retrieval storage class or S3 Intelligent-Tiering Archive tier
-    #     when occasional urgent requests for restoring archives are
-    #     required. For all but the largest archived objects (250 MB+), data
-    #     accessed using Expedited retrievals is typically made available
-    #     within 1–5 minutes. Provisioned capacity ensures that retrieval
-    #     capacity for Expedited retrievals is available when you need it.
-    #     Expedited retrievals and provisioned capacity are not available
-    #     for objects stored in the S3 Glacier Deep Archive storage class or
-    #     S3 Intelligent-Tiering Deep Archive tier.
+    #     your data stored in the S3 Glacier Flexible Retrieval storage
+    #     class or S3 Intelligent-Tiering Archive tier when occasional
+    #     urgent requests for restoring archives are required. For all but
+    #     the largest archived objects (250 MB+), data accessed using
+    #     Expedited retrievals is typically made available within 1–5
+    #     minutes. Provisioned capacity ensures that retrieval capacity for
+    #     Expedited retrievals is available when you need it. Expedited
+    #     retrievals and provisioned capacity are not available for objects
+    #     stored in the S3 Glacier Deep Archive storage class or S3
+    #     Intelligent-Tiering Deep Archive tier.
     #
     #   * `Standard` - Standard retrievals allow you to access any of your
     #     archived objects within several hours. This is the default option
     #     for retrieval requests that do not specify the retrieval option.
     #     Standard retrievals typically finish within 3–5 hours for objects
-    #     stored in the S3 Glacier Flexible Retrieval Flexible Retrieval
-    #     storage class or S3 Intelligent-Tiering Archive tier. They
-    #     typically finish within 12 hours for objects stored in the S3
-    #     Glacier Deep Archive storage class or S3 Intelligent-Tiering Deep
-    #     Archive tier. Standard retrievals are free for objects stored in
-    #     S3 Intelligent-Tiering.
+    #     stored in the S3 Glacier Flexible Retrieval storage class or S3
+    #     Intelligent-Tiering Archive tier. They typically finish within 12
+    #     hours for objects stored in the S3 Glacier Deep Archive storage
+    #     class or S3 Intelligent-Tiering Deep Archive tier. Standard
+    #     retrievals are free for objects stored in S3 Intelligent-Tiering.
     #
     #   * `Bulk` - Bulk retrievals free for objects stored in the S3 Glacier
     #     Flexible Retrieval and S3 Intelligent-Tiering storage classes,
     #     enabling you to retrieve large amounts, even petabytes, of data at
     #     no cost. Bulk retrievals typically finish within 5–12 hours for
-    #     objects stored in the S3 Glacier Flexible Retrieval Flexible
-    #     Retrieval storage class or S3 Intelligent-Tiering Archive tier.
-    #     Bulk retrievals are also the lowest-cost retrieval option when
-    #     restoring objects from S3 Glacier Deep Archive. They typically
-    #     finish within 48 hours for objects stored in the S3 Glacier Deep
-    #     Archive storage class or S3 Intelligent-Tiering Deep Archive tier.
+    #     objects stored in the S3 Glacier Flexible Retrieval storage class
+    #     or S3 Intelligent-Tiering Archive tier. Bulk retrievals are also
+    #     the lowest-cost retrieval option when restoring objects from S3
+    #     Glacier Deep Archive. They typically finish within 48 hours for
+    #     objects stored in the S3 Glacier Deep Archive storage class or S3
+    #     Intelligent-Tiering Deep Archive tier.
     #
     #   For more information about archive retrieval options and provisioned
     #   capacity for `Expedited` data access, see [Restoring Archived
@@ -18539,11 +19444,13 @@ module Aws::S3
     # @option params [required, String] :bucket
     #   The bucket name containing the object to restore.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
@@ -18688,7 +19595,7 @@ module Aws::S3
     #           bucket_name: "BucketName", # required
     #           prefix: "LocationPrefix", # required
     #           encryption: {
-    #             encryption_type: "AES256", # required, accepts AES256, aws:kms, aws:kms:dsse
+    #             encryption_type: "AES256", # required, accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
     #             kms_key_id: "SSEKMSKeyId",
     #             kms_context: "KMSContext",
     #           },
@@ -18719,7 +19626,7 @@ module Aws::S3
     #               value: "MetadataValue",
     #             },
     #           ],
-    #           storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
+    #           storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
     #         },
     #       },
     #     },
@@ -18940,122 +19847,128 @@ module Aws::S3
     #
     # @example EventStream Operation Example
     #
-    #   You can process the event once it arrives immediately, or wait until the
-    #   full response is complete and iterate through the eventstream enumerator.
-    #
-    #   To interact with event immediately, you need to register #select_object_content
-    #   with callbacks. Callbacks can be registered for specific events or for all
-    #   events, including error events.
-    #
-    #   Callbacks can be passed into the `:event_stream_handler` option or within a
-    #   block statement attached to the #select_object_content call directly. Hybrid
-    #   pattern of both is also supported.
-    #
-    #   `:event_stream_handler` option takes in either a Proc object or
-    #   Aws::S3::EventStreams::SelectObjectContentEventStream object.
-    #
-    #   Usage pattern a): Callbacks with a block attached to #select_object_content
-    #     Example for registering callbacks for all event types and an error event
-    #
-    #     client.select_object_content( # params input# ) do |stream|
-    #       stream.on_error_event do |event|
-    #         # catch unmodeled error event in the stream
-    #         raise event
-    #         # => Aws::Errors::EventError
-    #         # event.event_type => :error
-    #         # event.error_code => String
-    #         # event.error_message => String
-    #       end
-    #
-    #       stream.on_event do |event|
-    #         # process all events arrive
-    #         puts event.event_type
-    #         ...
-    #       end
-    #
+    #   # You can process the event once it arrives immediately, or wait until the
+    #   # full response is complete and iterate through the eventstream enumerator.
+    #
+    #   # To interact with event immediately, you need to register select_object_content
+    #   # with callbacks. Callbacks can be registered for specific events or for all
+    #   # events, including error events.
+    #
+    #   # Callbacks can be passed into the `:event_stream_handler` option or within a
+    #   # block statement attached to the #select_object_content call directly. Hybrid
+    #   # pattern of both is also supported.
+    #
+    #   # `:event_stream_handler` option takes in either a Proc object or
+    #   # Aws::S3::EventStreams::SelectObjectContentEventStream object.
+    #
+    #   # Usage pattern a): Callbacks with a block attached to #select_object_content
+    #   # Example for registering callbacks for all event types and an error event
+    #   client.select_object_content(
+    #     # params input
+    #   ) do |stream|
+    #     stream.on_error_event do |event|
+    #       # catch unmodeled error event in the stream
+    #       raise event
+    #       # => Aws::Errors::EventError
+    #       # event.event_type => :error
+    #       # event.error_code => String
+    #       # event.error_message => String
     #     end
     #
-    #   Usage pattern b): Pass in `:event_stream_handler` for #select_object_content
-    #
-    #     1) Create a Aws::S3::EventStreams::SelectObjectContentEventStream object
-    #     Example for registering callbacks with specific events
+    #     stream.on_event do |event|
+    #       # process all events arrive
+    #       puts event.event_type
+    #       # ...
+    #     end
+    #   end
     #
-    #       handler = Aws::S3::EventStreams::SelectObjectContentEventStream.new
-    #       handler.on_records_event do |event|
-    #         event # => Aws::S3::Types::Records
-    #       end
-    #       handler.on_stats_event do |event|
-    #         event # => Aws::S3::Types::Stats
-    #       end
-    #       handler.on_progress_event do |event|
-    #         event # => Aws::S3::Types::Progress
-    #       end
-    #       handler.on_cont_event do |event|
-    #         event # => Aws::S3::Types::Cont
-    #       end
-    #       handler.on_end_event do |event|
-    #         event # => Aws::S3::Types::End
-    #       end
+    #   # Usage pattern b): Pass in `:event_stream_handler` for #select_object_content
+    #   #  1) Create a Aws::S3::EventStreams::SelectObjectContentEventStream object
+    #   #  Example for registering callbacks with specific events
     #
-    #     client.select_object_content( # params input #, event_stream_handler: handler)
+    #   handler = Aws::S3::EventStreams::SelectObjectContentEventStream.new
+    #   handler.on_records_event do |event|
+    #     event # => Aws::S3::Types::Records
+    #   end
+    #   handler.on_stats_event do |event|
+    #     event # => Aws::S3::Types::Stats
+    #   end
+    #   handler.on_progress_event do |event|
+    #     event # => Aws::S3::Types::Progress
+    #   end
+    #   handler.on_cont_event do |event|
+    #     event # => Aws::S3::Types::Cont
+    #   end
+    #   handler.on_end_event do |event|
+    #     event # => Aws::S3::Types::End
+    #   end
     #
-    #     2) Use a Ruby Proc object
-    #     Example for registering callbacks with specific events
+    #   client.select_object_content(
+    #     # params inputs
+    #     event_stream_handler: handler
+    #   )
     #
-    #     handler = Proc.new do |stream|
-    #       stream.on_records_event do |event|
-    #         event # => Aws::S3::Types::Records
-    #       end
-    #       stream.on_stats_event do |event|
-    #         event # => Aws::S3::Types::Stats
-    #       end
-    #       stream.on_progress_event do |event|
-    #         event # => Aws::S3::Types::Progress
-    #       end
-    #       stream.on_cont_event do |event|
-    #         event # => Aws::S3::Types::Cont
-    #       end
-    #       stream.on_end_event do |event|
-    #         event # => Aws::S3::Types::End
-    #       end
+    #   #  2) Use a Ruby Proc object
+    #   #  Example for registering callbacks with specific events
+    #   handler = Proc.new do |stream|
+    #     stream.on_records_event do |event|
+    #       event # => Aws::S3::Types::Records
     #     end
+    #     stream.on_stats_event do |event|
+    #       event # => Aws::S3::Types::Stats
+    #     end
+    #     stream.on_progress_event do |event|
+    #       event # => Aws::S3::Types::Progress
+    #     end
+    #     stream.on_cont_event do |event|
+    #       event # => Aws::S3::Types::Cont
+    #     end
+    #     stream.on_end_event do |event|
+    #       event # => Aws::S3::Types::End
+    #     end
+    #   end
     #
-    #     client.select_object_content( # params input #, event_stream_handler: handler)
-    #
-    #   Usage pattern c): Hybrid pattern of a) and b)
+    #   client.select_object_content(
+    #     # params inputs
+    #     event_stream_handler: handler
+    #   )
     #
-    #       handler = Aws::S3::EventStreams::SelectObjectContentEventStream.new
-    #       handler.on_records_event do |event|
-    #         event # => Aws::S3::Types::Records
-    #       end
-    #       handler.on_stats_event do |event|
-    #         event # => Aws::S3::Types::Stats
-    #       end
-    #       handler.on_progress_event do |event|
-    #         event # => Aws::S3::Types::Progress
-    #       end
-    #       handler.on_cont_event do |event|
-    #         event # => Aws::S3::Types::Cont
-    #       end
-    #       handler.on_end_event do |event|
-    #         event # => Aws::S3::Types::End
-    #       end
+    #   #  Usage pattern c): Hybrid pattern of a) and b)
+    #   handler = Aws::S3::EventStreams::SelectObjectContentEventStream.new
+    #   handler.on_records_event do |event|
+    #     event # => Aws::S3::Types::Records
+    #   end
+    #   handler.on_stats_event do |event|
+    #     event # => Aws::S3::Types::Stats
+    #   end
+    #   handler.on_progress_event do |event|
+    #     event # => Aws::S3::Types::Progress
+    #   end
+    #   handler.on_cont_event do |event|
+    #     event # => Aws::S3::Types::Cont
+    #   end
+    #   handler.on_end_event do |event|
+    #     event # => Aws::S3::Types::End
+    #   end
     #
-    #     client.select_object_content( # params input #, event_stream_handler: handler) do |stream|
-    #       stream.on_error_event do |event|
-    #         # catch unmodeled error event in the stream
-    #         raise event
-    #         # => Aws::Errors::EventError
-    #         # event.event_type => :error
-    #         # event.error_code => String
-    #         # event.error_message => String
-    #       end
+    #   client.select_object_content(
+    #     # params input
+    #     event_stream_handler: handler
+    #   ) do |stream|
+    #     stream.on_error_event do |event|
+    #       # catch unmodeled error event in the stream
+    #       raise event
+    #       # => Aws::Errors::EventError
+    #       # event.event_type => :error
+    #       # event.error_code => String
+    #       # event.error_message => String
     #     end
+    #   end
     #
-    #   You can also iterate through events after the response complete.
-    #
-    #   Events are available at resp.payload # => Enumerator
-    #   For parameter input example, please refer to following request syntax
+    #   # You can also iterate through events after the response complete.
+    #   # Events are available at
+    #   resp.payload # => Enumerator
+    #   # For parameter input example, please refer to following request syntax.
     #
     # @example Request syntax with placeholder values
     #
@@ -19108,26 +20021,26 @@ module Aws::S3
     #
     # @example Response structure
     #
-    #   All events are available at resp.payload:
+    #   # All events are available at resp.payload:
     #   resp.payload #=> Enumerator
     #   resp.payload.event_types #=> [:records, :stats, :progress, :cont, :end]
     #
-    #   For :records event available at #on_records_event callback and response eventstream enumerator:
+    #   # For :records event available at #on_records_event callback and response eventstream enumerator:
     #   event.payload #=> IO
     #
-    #   For :stats event available at #on_stats_event callback and response eventstream enumerator:
+    #   # For :stats event available at #on_stats_event callback and response eventstream enumerator:
     #   event.details.bytes_scanned #=> Integer
     #   event.details.bytes_processed #=> Integer
     #   event.details.bytes_returned #=> Integer
     #
-    #   For :progress event available at #on_progress_event callback and response eventstream enumerator:
+    #   # For :progress event available at #on_progress_event callback and response eventstream enumerator:
     #   event.details.bytes_scanned #=> Integer
     #   event.details.bytes_processed #=> Integer
     #   event.details.bytes_returned #=> Integer
     #
-    #   For :cont event available at #on_cont_event callback and response eventstream enumerator:
+    #   # For :cont event available at #on_cont_event callback and response eventstream enumerator:
     #    #=> EmptyStruct
-    #   For :end event available at #on_end_event callback and response eventstream enumerator:
+    #   # For :end event available at #on_end_event callback and response eventstream enumerator:
     #    #=> EmptyStruct
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/SelectObjectContent AWS API Documentation
@@ -19157,6 +20070,182 @@ module Aws::S3
       req.send_request(options, &block)
     end
 
+    # Enables or disables a live inventory table for an S3 Metadata
+    # configuration on a general purpose bucket. For more information, see
+    # [Accelerating data discovery with S3 Metadata][1] in the *Amazon S3
+    # User Guide*.
+    #
+    # Permissions
+    #
+    # : To use this operation, you must have the following permissions. For
+    #   more information, see [Setting up permissions for configuring
+    #   metadata tables][2] in the *Amazon S3 User Guide*.
+    #
+    #   If you want to encrypt your inventory table with server-side
+    #   encryption with Key Management Service (KMS) keys (SSE-KMS), you
+    #   need additional permissions in your KMS key policy. For more
+    #   information, see [ Setting up permissions for configuring metadata
+    #   tables][2] in the *Amazon S3 User Guide*.
+    #
+    #   * `s3:UpdateBucketMetadataInventoryTableConfiguration`
+    #
+    #   * `s3tables:CreateTableBucket`
+    #
+    #   * `s3tables:CreateNamespace`
+    #
+    #   * `s3tables:GetTable`
+    #
+    #   * `s3tables:CreateTable`
+    #
+    #   * `s3tables:PutTablePolicy`
+    #
+    #   * `s3tables:PutTableEncryption`
+    #
+    #   * `kms:DescribeKey`
+    #
+    # The following operations are related to
+    # `UpdateBucketMetadataInventoryTableConfiguration`:
+    #
+    # * [CreateBucketMetadataConfiguration][3]
+    #
+    # * [DeleteBucketMetadataConfiguration][4]
+    #
+    # * [GetBucketMetadataConfiguration][5]
+    #
+    # * [UpdateBucketMetadataJournalTableConfiguration][6]
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataConfiguration.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataConfiguration.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataJournalTableConfiguration.html
+    #
+    # @option params [required, String] :bucket
+    #   The general purpose bucket that corresponds to the metadata
+    #   configuration that you want to enable or disable an inventory table
+    #   for.
+    #
+    # @option params [String] :content_md5
+    #   The `Content-MD5` header for the inventory table configuration.
+    #
+    # @option params [String] :checksum_algorithm
+    #   The checksum algorithm to use with your inventory table configuration.
+    #
+    # @option params [required, Types::InventoryTableConfigurationUpdates] :inventory_table_configuration
+    #   The contents of your inventory table configuration.
+    #
+    # @option params [String] :expected_bucket_owner
+    #   The expected owner of the general purpose bucket that corresponds to
+    #   the metadata table configuration that you want to enable or disable an
+    #   inventory table for.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_bucket_metadata_inventory_table_configuration({
+    #     bucket: "BucketName", # required
+    #     content_md5: "ContentMD5",
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
+    #     inventory_table_configuration: { # required
+    #       configuration_state: "ENABLED", # required, accepts ENABLED, DISABLED
+    #       encryption_configuration: {
+    #         sse_algorithm: "aws:kms", # required, accepts aws:kms, AES256
+    #         kms_key_arn: "KmsKeyArn",
+    #       },
+    #     },
+    #     expected_bucket_owner: "AccountId",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/UpdateBucketMetadataInventoryTableConfiguration AWS API Documentation
+    #
+    # @overload update_bucket_metadata_inventory_table_configuration(params = {})
+    # @param [Hash] params ({})
+    def update_bucket_metadata_inventory_table_configuration(params = {}, options = {})
+      req = build_request(:update_bucket_metadata_inventory_table_configuration, params)
+      req.send_request(options)
+    end
+
+    # Enables or disables journal table record expiration for an S3 Metadata
+    # configuration on a general purpose bucket. For more information, see
+    # [Accelerating data discovery with S3 Metadata][1] in the *Amazon S3
+    # User Guide*.
+    #
+    # Permissions
+    #
+    # : To use this operation, you must have the
+    #   `s3:UpdateBucketMetadataJournalTableConfiguration` permission. For
+    #   more information, see [Setting up permissions for configuring
+    #   metadata tables][2] in the *Amazon S3 User Guide*.
+    #
+    # The following operations are related to
+    # `UpdateBucketMetadataJournalTableConfiguration`:
+    #
+    # * [CreateBucketMetadataConfiguration][3]
+    #
+    # * [DeleteBucketMetadataConfiguration][4]
+    #
+    # * [GetBucketMetadataConfiguration][5]
+    #
+    # * [UpdateBucketMetadataInventoryTableConfiguration][6]
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetadataConfiguration.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetadataConfiguration.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UpdateBucketMetadataInventoryTableConfiguration.html
+    #
+    # @option params [required, String] :bucket
+    #   The general purpose bucket that corresponds to the metadata
+    #   configuration that you want to enable or disable journal table record
+    #   expiration for.
+    #
+    # @option params [String] :content_md5
+    #   The `Content-MD5` header for the journal table configuration.
+    #
+    # @option params [String] :checksum_algorithm
+    #   The checksum algorithm to use with your journal table configuration.
+    #
+    # @option params [required, Types::JournalTableConfigurationUpdates] :journal_table_configuration
+    #   The contents of your journal table configuration.
+    #
+    # @option params [String] :expected_bucket_owner
+    #   The expected owner of the general purpose bucket that corresponds to
+    #   the metadata table configuration that you want to enable or disable
+    #   journal table record expiration for.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_bucket_metadata_journal_table_configuration({
+    #     bucket: "BucketName", # required
+    #     content_md5: "ContentMD5",
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
+    #     journal_table_configuration: { # required
+    #       record_expiration: { # required
+    #         expiration: "ENABLED", # required, accepts ENABLED, DISABLED
+    #         days: 1,
+    #       },
+    #     },
+    #     expected_bucket_owner: "AccountId",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/UpdateBucketMetadataJournalTableConfiguration AWS API Documentation
+    #
+    # @overload update_bucket_metadata_journal_table_configuration(params = {})
+    # @param [Hash] params ({})
+    def update_bucket_metadata_journal_table_configuration(params = {}, options = {})
+      req = build_request(:update_bucket_metadata_journal_table_configuration, params)
+      req.send_request(options)
+    end
+
     # Uploads a part in a multipart upload.
     #
     # <note markdown="1"> In this operation, you provide new data as a part of an object in your
@@ -19365,19 +20454,20 @@ module Aws::S3
     #   naming restrictions, see [Directory bucket naming rules][1] in the
     #   *Amazon S3 User Guide*.
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -19605,7 +20695,7 @@ module Aws::S3
     #
     # @example Response structure
     #
-    #   resp.server_side_encryption #=> String, one of "AES256", "aws:kms", "aws:kms:dsse"
+    #   resp.server_side_encryption #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
     #   resp.etag #=> String
     #   resp.checksum_crc32 #=> String
     #   resp.checksum_crc32c #=> String
@@ -19844,19 +20934,20 @@ module Aws::S3
     #
     #    </note>
     #
-    #   **Access points** - When you use this action with an access point, you
-    #   must provide the alias of the access point in place of the bucket name
-    #   or specify the access point ARN. When using the access point ARN, you
-    #   must direct requests to the access point hostname. The access point
-    #   hostname takes the form
+    #   **Access points** - When you use this action with an access point for
+    #   general purpose buckets, you must provide the alias of the access
+    #   point in place of the bucket name or specify the access point ARN.
+    #   When you use this action with an access point for directory buckets,
+    #   you must provide the access point name in place of the bucket name.
+    #   When using the access point ARN, you must direct requests to the
+    #   access point hostname. The access point hostname takes the form
     #   *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
     #   When using this action with an access point through the Amazon Web
     #   Services SDKs, you provide the access point ARN in place of the bucket
     #   name. For more information about access point ARNs, see [Using access
     #   points][2] in the *Amazon S3 User Guide*.
     #
-    #   <note markdown="1"> Access points and Object Lambda access points are not supported by
-    #   directory buckets.
+    #   <note markdown="1"> Object Lambda access points are not supported by directory buckets.
     #
     #    </note>
     #
@@ -20115,45 +21206,45 @@ module Aws::S3
     #   * {Types::UploadPartCopyOutput#request_charged #request_charged} => String
     #
     #
-    # @example Example: To upload a part by copying byte range from an existing object as data source
+    # @example Example: To upload a part by copying data from an existing object as data source
     #
-    #   # The following example uploads a part of a multipart upload by copying a specified byte range from an existing object as
-    #   # data source.
+    #   # The following example uploads a part of a multipart upload by copying data from an existing object as data source.
     #
     #   resp = client.upload_part_copy({
     #     bucket: "examplebucket", 
     #     copy_source: "/bucketname/sourceobjectkey", 
-    #     copy_source_range: "bytes=1-100000", 
     #     key: "examplelargeobject", 
-    #     part_number: 2, 
+    #     part_number: 1, 
     #     upload_id: "exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--", 
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     copy_part_result: {
-    #       etag: "\"65d16d19e65a7508a51f043180edcc36\"", 
-    #       last_modified: Time.parse("2016-12-29T21:44:28.000Z"), 
+    #       etag: "\"b0c6f0e7e054ab8fa2536a2677f8734d\"", 
+    #       last_modified: Time.parse("2016-12-29T21:24:43.000Z"), 
     #     }, 
     #   }
     #
-    # @example Example: To upload a part by copying data from an existing object as data source
+    # @example Example: To upload a part by copying byte range from an existing object as data source
     #
-    #   # The following example uploads a part of a multipart upload by copying data from an existing object as data source.
+    #   # The following example uploads a part of a multipart upload by copying a specified byte range from an existing object as
+    #   # data source.
     #
     #   resp = client.upload_part_copy({
     #     bucket: "examplebucket", 
     #     copy_source: "/bucketname/sourceobjectkey", 
+    #     copy_source_range: "bytes=1-100000", 
     #     key: "examplelargeobject", 
-    #     part_number: 1, 
+    #     part_number: 2, 
     #     upload_id: "exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--", 
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
     #     copy_part_result: {
-    #       etag: "\"b0c6f0e7e054ab8fa2536a2677f8734d\"", 
-    #       last_modified: Time.parse("2016-12-29T21:24:43.000Z"), 
+    #       etag: "\"65d16d19e65a7508a51f043180edcc36\"", 
+    #       last_modified: Time.parse("2016-12-29T21:44:28.000Z"), 
     #     }, 
     #   }
     #
@@ -20191,7 +21282,7 @@ module Aws::S3
     #   resp.copy_part_result.checksum_crc64nvme #=> String
     #   resp.copy_part_result.checksum_sha1 #=> String
     #   resp.copy_part_result.checksum_sha256 #=> String
-    #   resp.server_side_encryption #=> String, one of "AES256", "aws:kms", "aws:kms:dsse"
+    #   resp.server_side_encryption #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
     #   resp.sse_customer_algorithm #=> String
     #   resp.sse_customer_key_md5 #=> String
     #   resp.ssekms_key_id #=> String
@@ -20500,19 +21591,30 @@ module Aws::S3
     #
     # @option params [String] :request_charged
     #   If present, indicates that the requester was successfully charged for
-    #   the request.
+    #   the request. For more information, see [Using Requester Pays buckets
+    #   for storage transfers and usage][1] in the *Amazon Simple Storage
+    #   Service user guide*.
     #
     #   <note markdown="1"> This functionality is not supported for directory buckets.
     #
     #    </note>
     #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html
+    #
     # @option params [String] :restore
     #   Provides information about object restoration operation and expiration
     #   time of the restored object copy.
     #
     # @option params [String] :server_side_encryption
     #   The server-side encryption algorithm used when storing requested
-    #   object in Amazon S3 (for example, AES256, `aws:kms`).
+    #   object in Amazon S3 or Amazon FSx.
+    #
+    #   <note markdown="1"> When accessing data stored in Amazon FSx file systems using S3 access
+    #   points, the only valid server side encryption option is `aws:fsx`.
+    #
+    #    </note>
     #
     # @option params [String] :sse_customer_algorithm
     #   Encryption algorithm used if server-side encryption with a
@@ -20596,11 +21698,11 @@ module Aws::S3
     #     replication_status: "COMPLETE", # accepts COMPLETE, PENDING, FAILED, REPLICA, COMPLETED
     #     request_charged: "requester", # accepts requester
     #     restore: "Restore",
-    #     server_side_encryption: "AES256", # accepts AES256, aws:kms, aws:kms:dsse
+    #     server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     ssekms_key_id: "SSEKMSKeyId",
     #     sse_customer_key_md5: "SSECustomerKeyMD5",
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS
     #     tag_count: 1,
     #     version_id: "ObjectVersionId",
     #     bucket_key_enabled: false,
@@ -20633,7 +21735,7 @@ module Aws::S3
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-s3'
-      context[:gem_version] = '1.182.0'
+      context[:gem_version] = '1.198.0'
       Seahorse::Client::Request.new(handlers, context)
     end