aws-sdk-s3 1.189.1 → 1.190.0

data/lib/aws-sdk-s3/client.rb

@@ -1279,6 +1279,20 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # Creates a copy of an object that is already stored in Amazon S3.
     #
     # <note markdown="1"> You can store individual objects of up to 5 TB in Amazon S3. You
@@ -2348,6 +2362,33 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This action creates an Amazon S3 bucket. To create an Amazon S3 on
     # Outposts bucket, see [ `CreateBucket` ][1].
     #
@@ -2756,6 +2797,20 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # This action initiates a multipart upload and returns an upload ID.
     # This upload ID is used to associate all of the parts in the specific
     # multipart upload. You specify this upload ID in each of your
@@ -4400,6 +4455,11 @@ module Aws::S3
     # @option params [required, String] :id
     #   The ID used to identify the S3 Intelligent-Tiering configuration.
     #
+    # @option params [String] :expected_bucket_owner
+    #   The account ID of the expected bucket owner. If the account ID that
+    #   you provide does not match the actual owner of the bucket, the request
+    #   fails with the HTTP status code `403 Forbidden` (access denied).
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -4407,6 +4467,7 @@ module Aws::S3
     #   resp = client.delete_bucket_intelligent_tiering_configuration({
     #     bucket: "BucketName", # required
     #     id: "IntelligentTieringId", # required
+    #     expected_bucket_owner: "AccountId",
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration AWS API Documentation
@@ -6067,6 +6128,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -6532,6 +6606,11 @@ module Aws::S3
     # @option params [required, String] :id
     #   The ID used to identify the S3 Intelligent-Tiering configuration.
     #
+    # @option params [String] :expected_bucket_owner
+    #   The account ID of the expected bucket owner. If the account ID that
+    #   you provide does not match the actual owner of the bucket, the request
+    #   fails with the HTTP status code `403 Forbidden` (access denied).
+    #
     # @return [Types::GetBucketIntelligentTieringConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::GetBucketIntelligentTieringConfigurationOutput#intelligent_tiering_configuration #intelligent_tiering_configuration} => Types::IntelligentTieringConfiguration
@@ -6541,6 +6620,7 @@ module Aws::S3
     #   resp = client.get_bucket_intelligent_tiering_configuration({
     #     bucket: "BucketName", # required
     #     id: "IntelligentTieringId", # required
+    #     expected_bucket_owner: "AccountId",
     #   })
     #
     # @example Response structure
@@ -7051,6 +7131,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -7514,6 +7607,21 @@ module Aws::S3
     # permission. For more information about Amazon S3 permissions, see
     # [Specifying permissions in a policy][1].
     #
+    # <note markdown="1"> A bucket doesn't have `OwnershipControls` settings in the following
+    # cases:
+    #
+    #  * The bucket was created before the `BucketOwnerEnforced` ownership
+    #   setting was introduced and you've never explicitly applied this
+    #   value
+    #
+    # * You've manually deleted the bucket ownership control value using
+    #   the `DeleteBucketOwnershipControls` API operation.
+    #
+    #  By default, Amazon S3 sets `OwnershipControls` for all newly created
+    # buckets.
+    #
+    #  </note>
+    #
     # For information about Amazon S3 Object Ownership, see [Using Object
     # Ownership][2].
     #
@@ -10700,6 +10808,7 @@ module Aws::S3
     #   * {Types::HeadObjectOutput#request_charged #request_charged} => String
     #   * {Types::HeadObjectOutput#replication_status #replication_status} => String
     #   * {Types::HeadObjectOutput#parts_count #parts_count} => Integer
+    #   * {Types::HeadObjectOutput#tag_count #tag_count} => Integer
     #   * {Types::HeadObjectOutput#object_lock_mode #object_lock_mode} => String
     #   * {Types::HeadObjectOutput#object_lock_retain_until_date #object_lock_retain_until_date} => Time
     #   * {Types::HeadObjectOutput#object_lock_legal_hold_status #object_lock_legal_hold_status} => String
@@ -10790,6 +10899,7 @@ module Aws::S3
     #   resp.request_charged #=> String, one of "requester"
     #   resp.replication_status #=> String, one of "COMPLETE", "PENDING", "FAILED", "REPLICA", "COMPLETED"
     #   resp.parts_count #=> Integer
+    #   resp.tag_count #=> Integer
     #   resp.object_lock_mode #=> String, one of "GOVERNANCE", "COMPLIANCE"
     #   resp.object_lock_retain_until_date #=> Time
     #   resp.object_lock_legal_hold_status #=> String, one of "ON", "OFF"
@@ -10960,6 +11070,11 @@ module Aws::S3
     #   The `ContinuationToken` that represents a placeholder from where this
     #   request should begin.
     #
+    # @option params [String] :expected_bucket_owner
+    #   The account ID of the expected bucket owner. If the account ID that
+    #   you provide does not match the actual owner of the bucket, the request
+    #   fails with the HTTP status code `403 Forbidden` (access denied).
+    #
     # @return [Types::ListBucketIntelligentTieringConfigurationsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ListBucketIntelligentTieringConfigurationsOutput#is_truncated #is_truncated} => Boolean
@@ -10972,6 +11087,7 @@ module Aws::S3
     #   resp = client.list_bucket_intelligent_tiering_configurations({
     #     bucket: "BucketName", # required
     #     continuation_token: "Token",
+    #     expected_bucket_owner: "AccountId",
     #   })
     #
     # @example Response structure
@@ -11206,6 +11322,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -11432,6 +11561,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # This operation lists in-progress multipart uploads in a bucket. An
     # in-progress multipart upload is a multipart upload that has been
     # initiated by the `CreateMultipartUpload` request, but has not yet been
@@ -11878,6 +12020,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -12118,6 +12273,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -12701,6 +12869,19 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will stop
+    # returning `DisplayName`. Update your applications to use canonical IDs
+    # (unique identifier for Amazon Web Services accounts), Amazon Web
+    # Services account ID (12 digit identifier) or IAM ARNs (full resource
+    # naming) as a direct replacement of `DisplayName`.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # Lists the parts that have been uploaded for a specific multipart
     # upload.
     #
@@ -13129,6 +13310,20 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -13235,7 +13430,10 @@ module Aws::S3
     # Grantee Values
     #
     # : You can specify the person (grantee) to whom you're assigning
-    #   access rights (using request elements) in the following ways:
+    #   access rights (using request elements) in the following ways. For
+    #   examples of how to specify these grantee values in JSON format, see
+    #   the Amazon Web Services CLI example in [ Enabling Amazon S3 server
+    #   access logging][6] in the *Amazon S3 User Guide*.
     #
     #   * By the person's ID:
     #
@@ -13285,11 +13483,11 @@ module Aws::S3
     #
     # The following operations are related to `PutBucketAcl`:
     #
-    # * [CreateBucket][6]
+    # * [CreateBucket][7]
     #
-    # * [DeleteBucket][7]
+    # * [DeleteBucket][8]
     #
-    # * [GetObjectAcl][8]
+    # * [GetObjectAcl][9]
     #
     #
     #
@@ -13298,9 +13496,10 @@ module Aws::S3
     # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
     # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
     # [5]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
-    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html
     #
     # @option params [String] :acl
     #   The canned ACL to apply to the bucket.
@@ -14051,6 +14250,11 @@ module Aws::S3
     # @option params [required, String] :id
     #   The ID used to identify the S3 Intelligent-Tiering configuration.
     #
+    # @option params [String] :expected_bucket_owner
+    #   The account ID of the expected bucket owner. If the account ID that
+    #   you provide does not match the actual owner of the bucket, the request
+    #   fails with the HTTP status code `403 Forbidden` (access denied).
+    #
     # @option params [required, Types::IntelligentTieringConfiguration] :intelligent_tiering_configuration
     #   Container for S3 Intelligent-Tiering configuration.
     #
@@ -14061,6 +14265,7 @@ module Aws::S3
     #   resp = client.put_bucket_intelligent_tiering_configuration({
     #     bucket: "BucketName", # required
     #     id: "IntelligentTieringId", # required
+    #     expected_bucket_owner: "AccountId",
     #     intelligent_tiering_configuration: { # required
     #       id: "IntelligentTieringId", # required
     #       filter: {
@@ -14699,6 +14904,20 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -14722,7 +14941,10 @@ module Aws::S3
     # Grantee Values
     #
     # : You can specify the person (grantee) to whom you're assigning
-    #   access rights (by using request elements) in the following ways:
+    #   access rights (by using request elements) in the following ways. For
+    #   examples of how to specify these grantee values in JSON format, see
+    #   the Amazon Web Services CLI example in [ Enabling Amazon S3 server
+    #   access logging][2] in the *Amazon S3 User Guide*.
     #
     #   * By the person's ID:
     #
@@ -14753,30 +14975,31 @@ module Aws::S3
     # />`
     #
     # For more information about server access logging, see [Server Access
-    # Logging][2] in the *Amazon S3 User Guide*.
+    # Logging][3] in the *Amazon S3 User Guide*.
     #
-    # For more information about creating a bucket, see [CreateBucket][3].
+    # For more information about creating a bucket, see [CreateBucket][4].
     # For more information about returning the logging status of a bucket,
-    # see [GetBucketLogging][4].
+    # see [GetBucketLogging][5].
     #
     # The following operations are related to `PutBucketLogging`:
     #
-    # * [PutObject][5]
+    # * [PutObject][6]
     #
-    # * [DeleteBucket][6]
+    # * [DeleteBucket][7]
     #
-    # * [CreateBucket][3]
+    # * [CreateBucket][4]
     #
-    # * [GetBucketLogging][4]
+    # * [GetBucketLogging][5]
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general
-    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html
-    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
-    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html
-    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
     #
     # @option params [required, String] :bucket
     #   The name of the bucket for which to set the logging parameters.
@@ -16360,6 +16583,20 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # End of support notice: Beginning October 1, 2025, Amazon S3 will
+    # discontinue support for creating new Email Grantee Access Control
+    # Lists (ACL). Email Grantee ACLs created prior to this date will
+    # continue to work and remain accessible through the Amazon Web Services
+    # Management Console, Command Line Interface (CLI), SDKs, and REST API.
+    # However, you will no longer be able to create new Email Grantee ACLs.
+    #
+    #  This change affects the following Amazon Web Services Regions: US
+    # East
+    # (N. Virginia) Region, US West (N. California) Region, US West (Oregon)
+    # Region, Asia Pacific (Singapore) Region, Asia Pacific (Sydney) Region,
+    # Asia Pacific (Tokyo) Region, Europe (Ireland) Region, and South
+    # America (São Paulo) Region.
+    #
     # Adds an object to a bucket.
     #
     # <note markdown="1"> * Amazon S3 never adds partial objects; if you receive a success
@@ -17479,7 +17716,10 @@ module Aws::S3
     # Grantee Values
     #
     # : You can specify the person (grantee) to whom you're assigning
-    #   access rights (using request elements) in the following ways:
+    #   access rights (using request elements) in the following ways. For
+    #   examples of how to specify these grantee values in JSON format, see
+    #   the Amazon Web Services CLI example in [ Enabling Amazon S3 server
+    #   access logging][6] in the *Amazon S3 User Guide*.
     #
     #   * By the person's ID:
     #
@@ -17535,9 +17775,9 @@ module Aws::S3
     #
     # The following operations are related to `PutObjectAcl`:
     #
-    # * [CopyObject][6]
+    # * [CopyObject][7]
     #
-    # * [GetObject][7]
+    # * [GetObject][8]
     #
     #
     #
@@ -17546,8 +17786,9 @@ module Aws::S3
     # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
     # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
     # [5]: https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
     #
     # @option params [String] :acl
     #   The canned ACL to apply to the object. For more information, see
@@ -18433,6 +18674,175 @@ module Aws::S3
       req.send_request(options)
     end
 
+    # Renames an existing object in a directory bucket that uses the S3
+    # Express One Zone storage class. You can use `RenameObject` by
+    # specifying an existing object’s name as the source and the new name of
+    # the object as the destination within the same directory bucket.
+    #
+    # <note markdown="1"> `RenameObject` is only supported for objects stored in the S3 Express
+    # One Zone storage class.
+    #
+    #  </note>
+    #
+    # To prevent overwriting an object, you can use the `If-None-Match`
+    # conditional header.
+    #
+    # * **If-None-Match** - Renames the object only if an object with the
+    #   specified name does not already exist in the directory bucket. If
+    #   you don't want to overwrite an existing object, you can add the
+    #   `If-None-Match` conditional header with the value `‘*’` in the
+    #   `RenameObject` request. Amazon S3 then returns a `412 Precondition
+    #   Failed` error if the object with the specified name already exists.
+    #   For more information, see [RFC 7232][1].
+    #
+    # ^
+    #
+    # Permissions
+    #
+    # : To grant access to the `RenameObject` operation on a directory
+    #   bucket, we recommend that you use the `CreateSession` operation for
+    #   session-based authorization. Specifically, you grant the
+    #   `s3express:CreateSession` permission to the directory bucket in a
+    #   bucket policy or an IAM identity-based policy. Then, you make the
+    #   `CreateSession` API call on the directory bucket to obtain a session
+    #   token. With the session token in your request header, you can make
+    #   API requests to this operation. After the session token expires, you
+    #   make another `CreateSession` API call to generate a new session
+    #   token for use. The Amazon Web Services CLI and SDKs will create and
+    #   manage your session including refreshing the session token
+    #   automatically to avoid service interruptions when a session expires.
+    #   In your bucket policy, you can specify the `s3express:SessionMode`
+    #   condition key to control who can create a `ReadWrite` or `ReadOnly`
+    #   session. A `ReadWrite` session is required for executing all the
+    #   Zonal endpoint API operations, including `RenameObject`. For more
+    #   information about authorization, see [ `CreateSession` ][2]. To
+    #   learn more about Zonal endpoint APT operations, see [Authorizing
+    #   Zonal endpoint API operations with CreateSession][3] in the *Amazon
+    #   S3 User Guide*.
+    #
+    # HTTP Host header syntax
+    #
+    # : <b>Directory buckets </b> - The HTTP Host header syntax is `
+    #   Bucket-name.s3express-zone-id.region-code.amazonaws.com`.
+    #
+    #
+    #
+    # [1]: https://datatracker.ietf.org/doc/rfc7232/
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-create-session.html
+    #
+    # @option params [required, String] :bucket
+    #   The bucket name of the directory bucket containing the object.
+    #
+    #   You must use virtual-hosted-style requests in the format
+    #   `Bucket-name.s3express-zone-id.region-code.amazonaws.com`. Path-style
+    #   requests are not supported. Directory bucket names must be unique in
+    #   the chosen Availability Zone. Bucket names must follow the format
+    #   `bucket-base-name--zone-id--x-s3 ` (for example,
+    #   `amzn-s3-demo-bucket--usw2-az1--x-s3`). For information about bucket
+    #   naming restrictions, see [Directory bucket naming rules][1] in the
+    #   *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html
+    #
+    # @option params [required, String] :key
+    #   Key name of the object to rename.
+    #
+    # @option params [required, String] :rename_source
+    #   Specifies the source for the rename operation. The value must be URL
+    #   encoded.
+    #
+    # @option params [String] :destination_if_match
+    #   Renames the object only if the ETag (entity tag) value provided during
+    #   the operation matches the ETag of the object in S3. The `If-Match`
+    #   header field makes the request method conditional on ETags. If the
+    #   ETag values do not match, the operation returns a `412 Precondition
+    #   Failed` error.
+    #
+    #   Expects the ETag value as a string.
+    #
+    # @option params [String] :destination_if_none_match
+    #   Renames the object only if the destination does not already exist in
+    #   the specified directory bucket. If the object does exist when you send
+    #   a request with `If-None-Match:*`, the S3 API will return a `412
+    #   Precondition Failed` error, preventing an overwrite. The
+    #   `If-None-Match` header prevents overwrites of existing data by
+    #   validating that there's not an object with the same key name already
+    #   in your directory bucket.
+    #
+    #   Expects the `*` character (asterisk).
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :destination_if_modified_since
+    #   Renames the object if the destination exists and if it has been
+    #   modified since the specified time.
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :destination_if_unmodified_since
+    #   Renames the object if it hasn't been modified since the specified
+    #   time.
+    #
+    # @option params [String] :source_if_match
+    #   Renames the object if the source exists and if its entity tag (ETag)
+    #   matches the specified ETag.
+    #
+    # @option params [String] :source_if_none_match
+    #   Renames the object if the source exists and if its entity tag (ETag)
+    #   is different than the specified ETag. If an asterisk (`*`) character
+    #   is provided, the operation will fail and return a `412 Precondition
+    #   Failed` error.
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :source_if_modified_since
+    #   Renames the object if the source exists and if it has been modified
+    #   since the specified time.
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :source_if_unmodified_since
+    #   Renames the object if the source exists and hasn't been modified
+    #   since the specified time.
+    #
+    # @option params [String] :client_token
+    #   A unique string with a max of 64 ASCII characters in the ASCII range
+    #   of 33 - 126. `RenameObject` supports idempotency using a client token.
+    #   To make an idempotent API request using `RenameObject`, specify a
+    #   client token in the request. You should not reuse the same client
+    #   token for other API requests. If you retry a request that completed
+    #   successfully using the same client token and the same parameters, the
+    #   retry succeeds without performing any further actions. If you retry a
+    #   successful request using the same client token, but one or more of the
+    #   parameters are different, the retry fails and an
+    #   `IdempotentParameterMismatch` error is returned.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.rename_object({
+    #     bucket: "BucketName", # required
+    #     key: "ObjectKey", # required
+    #     rename_source: "RenameSource", # required
+    #     destination_if_match: "IfMatch",
+    #     destination_if_none_match: "IfNoneMatch",
+    #     destination_if_modified_since: Time.now,
+    #     destination_if_unmodified_since: Time.now,
+    #     source_if_match: "RenameSourceIfMatch",
+    #     source_if_none_match: "RenameSourceIfNoneMatch",
+    #     source_if_modified_since: Time.now,
+    #     source_if_unmodified_since: Time.now,
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/RenameObject AWS API Documentation
+    #
+    # @overload rename_object(params = {})
+    # @param [Hash] params ({})
+    def rename_object(params = {}, options = {})
+      req = build_request(:rename_object, params)
+      req.send_request(options)
+    end
+
     # <note markdown="1"> This operation is not supported for directory buckets.
     #
     #  </note>
@@ -20722,7 +21132,7 @@ module Aws::S3
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-s3'
-      context[:gem_version] = '1.189.1'
+      context[:gem_version] = '1.190.0'
       Seahorse::Client::Request.new(handlers, context)
     end