aws-sdk-s3 1.203.1 → 1.205.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-s3/client.rb +292 -103
- data/lib/aws-sdk-s3/client_api.rb +59 -0
- data/lib/aws-sdk-s3/endpoints.rb +26 -0
- data/lib/aws-sdk-s3/types.rb +193 -6
- data/lib/aws-sdk-s3.rb +1 -1
- data/sig/client.rbs +27 -1
- data/sig/types.rbs +31 -0
- metadata +1 -1
data/lib/aws-sdk-s3/client.rb
CHANGED
|
@@ -5405,7 +5405,14 @@ module Aws::S3
|
|
|
5405
5405
|
#
|
|
5406
5406
|
# </note>
|
|
5407
5407
|
#
|
|
5408
|
-
# Deletes
|
|
5408
|
+
# Deletes tags from the general purpose bucket if attribute based access
|
|
5409
|
+
# control (ABAC) is not enabled for the bucket. When you [enable ABAC
|
|
5410
|
+
# for a general purpose bucket][1], you can no longer use this operation
|
|
5411
|
+
# for that bucket and must use [UntagResource][2] instead.
|
|
5412
|
+
#
|
|
5413
|
+
# if ABAC is not enabled for the bucket. When you [enable ABAC for a
|
|
5414
|
+
# general purpose bucket][1], you can no longer use this operation for
|
|
5415
|
+
# that bucket and must use [UntagResource][2] instead.
|
|
5409
5416
|
#
|
|
5410
5417
|
# To use this operation, you must have permission to perform the
|
|
5411
5418
|
# `s3:PutBucketTagging` action. By default, the bucket owner has this
|
|
@@ -5413,9 +5420,9 @@ module Aws::S3
|
|
|
5413
5420
|
#
|
|
5414
5421
|
# The following operations are related to `DeleteBucketTagging`:
|
|
5415
5422
|
#
|
|
5416
|
-
# * [GetBucketTagging][
|
|
5423
|
+
# * [GetBucketTagging][3]
|
|
5417
5424
|
#
|
|
5418
|
-
# * [PutBucketTagging][
|
|
5425
|
+
# * [PutBucketTagging][4]
|
|
5419
5426
|
#
|
|
5420
5427
|
# You must URL encode any signed header values that contain spaces. For
|
|
5421
5428
|
# example, if your header value is `my file.txt`, containing two spaces
|
|
@@ -5423,8 +5430,10 @@ module Aws::S3
|
|
|
5423
5430
|
#
|
|
5424
5431
|
#
|
|
5425
5432
|
#
|
|
5426
|
-
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
5427
|
-
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
5433
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html
|
|
5434
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UntagResource.html
|
|
5435
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html
|
|
5436
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html
|
|
5428
5437
|
#
|
|
5429
5438
|
# @option params [required, String] :bucket
|
|
5430
5439
|
# The bucket that has the tag set to be removed.
|
|
@@ -5613,6 +5622,12 @@ module Aws::S3
|
|
|
5613
5622
|
# * <b> <code>s3:DeleteObjectVersion</code> </b> - To delete a
|
|
5614
5623
|
# specific version of an object from a versioning-enabled bucket,
|
|
5615
5624
|
# you must have the `s3:DeleteObjectVersion` permission.
|
|
5625
|
+
#
|
|
5626
|
+
# <note markdown="1"> If the `s3:DeleteObject` or `s3:DeleteObjectVersion` permissions
|
|
5627
|
+
# are explicitly denied in your bucket policy, attempts to delete
|
|
5628
|
+
# any unversioned objects result in a `403 Access Denied` error.
|
|
5629
|
+
#
|
|
5630
|
+
# </note>
|
|
5616
5631
|
# * **Directory bucket permissions** - To grant access to this API
|
|
5617
5632
|
# operation on a directory bucket, we recommend that you use the [
|
|
5618
5633
|
# `CreateSession` ][8] API operation for session-based
|
|
@@ -6052,6 +6067,12 @@ module Aws::S3
|
|
|
6052
6067
|
# * <b> <code>s3:DeleteObjectVersion</code> </b> - To delete a
|
|
6053
6068
|
# specific version of an object from a versioning-enabled bucket,
|
|
6054
6069
|
# you must specify the `s3:DeleteObjectVersion` permission.
|
|
6070
|
+
#
|
|
6071
|
+
# <note markdown="1"> If the `s3:DeleteObject` or `s3:DeleteObjectVersion` permissions
|
|
6072
|
+
# are explicitly denied in your bucket policy, attempts to delete
|
|
6073
|
+
# any unversioned objects result in a `403 Access Denied` error.
|
|
6074
|
+
#
|
|
6075
|
+
# </note>
|
|
6055
6076
|
# * **Directory bucket permissions** - To grant access to this API
|
|
6056
6077
|
# operation on a directory bucket, we recommend that you use the [
|
|
6057
6078
|
# `CreateSession` ][4] API operation for session-based
|
|
@@ -6436,6 +6457,49 @@ module Aws::S3
|
|
|
6436
6457
|
req.send_request(options)
|
|
6437
6458
|
end
|
|
6438
6459
|
|
|
6460
|
+
# Returns the attribute-based access control (ABAC) property of the
|
|
6461
|
+
# general purpose bucket. If the bucket ABAC is enabled, you can use
|
|
6462
|
+
# tags for bucket access control. For more information, see [Enabling
|
|
6463
|
+
# ABAC in general purpose buckets][1]. Whether ABAC is enabled or
|
|
6464
|
+
# disabled, you can use tags for cost tracking. For more information,
|
|
6465
|
+
# see [Using tags with S3 general purpose buckets][2].
|
|
6466
|
+
#
|
|
6467
|
+
#
|
|
6468
|
+
#
|
|
6469
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html
|
|
6470
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging.html
|
|
6471
|
+
#
|
|
6472
|
+
# @option params [required, String] :bucket
|
|
6473
|
+
# The name of the general purpose bucket.
|
|
6474
|
+
#
|
|
6475
|
+
# @option params [String] :expected_bucket_owner
|
|
6476
|
+
# The Amazon Web Services account ID of the general purpose bucket's
|
|
6477
|
+
# owner.
|
|
6478
|
+
#
|
|
6479
|
+
# @return [Types::GetBucketAbacOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
6480
|
+
#
|
|
6481
|
+
# * {Types::GetBucketAbacOutput#abac_status #abac_status} => Types::AbacStatus
|
|
6482
|
+
#
|
|
6483
|
+
# @example Request syntax with placeholder values
|
|
6484
|
+
#
|
|
6485
|
+
# resp = client.get_bucket_abac({
|
|
6486
|
+
# bucket: "BucketName", # required
|
|
6487
|
+
# expected_bucket_owner: "AccountId",
|
|
6488
|
+
# })
|
|
6489
|
+
#
|
|
6490
|
+
# @example Response structure
|
|
6491
|
+
#
|
|
6492
|
+
# resp.abac_status.status #=> String, one of "Enabled", "Disabled"
|
|
6493
|
+
#
|
|
6494
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketAbac AWS API Documentation
|
|
6495
|
+
#
|
|
6496
|
+
# @overload get_bucket_abac(params = {})
|
|
6497
|
+
# @param [Hash] params ({})
|
|
6498
|
+
def get_bucket_abac(params = {}, options = {})
|
|
6499
|
+
req = build_request(:get_bucket_abac, params)
|
|
6500
|
+
req.send_request(options)
|
|
6501
|
+
end
|
|
6502
|
+
|
|
6439
6503
|
# <note markdown="1"> This operation is not supported for directory buckets.
|
|
6440
6504
|
#
|
|
6441
6505
|
# </note>
|
|
@@ -6865,17 +6929,19 @@ module Aws::S3
|
|
|
6865
6929
|
|
|
6866
6930
|
# Returns the default encryption configuration for an Amazon S3 bucket.
|
|
6867
6931
|
# By default, all buckets have a default encryption configuration that
|
|
6868
|
-
# uses server-side encryption with Amazon S3 managed keys (SSE-S3).
|
|
6932
|
+
# uses server-side encryption with Amazon S3 managed keys (SSE-S3). This
|
|
6933
|
+
# operation also returns the [BucketKeyEnabled][1] and
|
|
6934
|
+
# [BlockedEncryptionTypes][2] statuses.
|
|
6869
6935
|
#
|
|
6870
6936
|
# <note markdown="1"> * **General purpose buckets** - For information about the bucket
|
|
6871
6937
|
# default encryption feature, see [Amazon S3 Bucket Default
|
|
6872
|
-
# Encryption][
|
|
6938
|
+
# Encryption][3] in the *Amazon S3 User Guide*.
|
|
6873
6939
|
#
|
|
6874
6940
|
# * **Directory buckets** - For directory buckets, there are only two
|
|
6875
6941
|
# supported options for server-side encryption: SSE-S3 and SSE-KMS.
|
|
6876
6942
|
# For information about the default encryption configuration in
|
|
6877
6943
|
# directory buckets, see [Setting default server-side encryption
|
|
6878
|
-
# behavior for directory buckets][
|
|
6944
|
+
# behavior for directory buckets][4].
|
|
6879
6945
|
#
|
|
6880
6946
|
# </note>
|
|
6881
6947
|
#
|
|
@@ -6885,8 +6951,8 @@ module Aws::S3
|
|
|
6885
6951
|
# policy. The bucket owner has this permission by default. The
|
|
6886
6952
|
# bucket owner can grant this permission to others. For more
|
|
6887
6953
|
# information about permissions, see [Permissions Related to Bucket
|
|
6888
|
-
# Operations][
|
|
6889
|
-
# Resources][
|
|
6954
|
+
# Operations][5] and [Managing Access Permissions to Your Amazon S3
|
|
6955
|
+
# Resources][6].
|
|
6890
6956
|
#
|
|
6891
6957
|
# * **Directory bucket permissions** - To grant access to this API
|
|
6892
6958
|
# operation, you must have the
|
|
@@ -6896,7 +6962,7 @@ module Aws::S3
|
|
|
6896
6962
|
# only be performed by the Amazon Web Services account that owns the
|
|
6897
6963
|
# resource. For more information about directory bucket policies and
|
|
6898
6964
|
# permissions, see [Amazon Web Services Identity and Access
|
|
6899
|
-
# Management (IAM) for S3 Express One Zone][
|
|
6965
|
+
# Management (IAM) for S3 Express One Zone][7] in the *Amazon S3
|
|
6900
6966
|
# User Guide*.
|
|
6901
6967
|
#
|
|
6902
6968
|
# HTTP Host header syntax
|
|
@@ -6906,9 +6972,9 @@ module Aws::S3
|
|
|
6906
6972
|
#
|
|
6907
6973
|
# The following operations are related to `GetBucketEncryption`:
|
|
6908
6974
|
#
|
|
6909
|
-
# * [PutBucketEncryption][
|
|
6975
|
+
# * [PutBucketEncryption][8]
|
|
6910
6976
|
#
|
|
6911
|
-
# * [DeleteBucketEncryption][
|
|
6977
|
+
# * [DeleteBucketEncryption][9]
|
|
6912
6978
|
#
|
|
6913
6979
|
# You must URL encode any signed header values that contain spaces. For
|
|
6914
6980
|
# example, if your header value is `my file.txt`, containing two spaces
|
|
@@ -6916,13 +6982,15 @@ module Aws::S3
|
|
|
6916
6982
|
#
|
|
6917
6983
|
#
|
|
6918
6984
|
#
|
|
6919
|
-
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
6920
|
-
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
6921
|
-
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/
|
|
6922
|
-
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-
|
|
6923
|
-
# [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/
|
|
6924
|
-
# [6]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
6925
|
-
# [7]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
6985
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_BucketKeyEnabled.html
|
|
6986
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_BlockedEncryptionTypes.html
|
|
6987
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html
|
|
6988
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-bucket-encryption.html
|
|
6989
|
+
# [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources
|
|
6990
|
+
# [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html
|
|
6991
|
+
# [7]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html
|
|
6992
|
+
# [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html
|
|
6993
|
+
# [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html
|
|
6926
6994
|
#
|
|
6927
6995
|
# @option params [required, String] :bucket
|
|
6928
6996
|
# The name of the bucket from which the server-side encryption
|
|
@@ -6971,6 +7039,8 @@ module Aws::S3
|
|
|
6971
7039
|
# resp.server_side_encryption_configuration.rules[0].apply_server_side_encryption_by_default.sse_algorithm #=> String, one of "AES256", "aws:fsx", "aws:kms", "aws:kms:dsse"
|
|
6972
7040
|
# resp.server_side_encryption_configuration.rules[0].apply_server_side_encryption_by_default.kms_master_key_id #=> String
|
|
6973
7041
|
# resp.server_side_encryption_configuration.rules[0].bucket_key_enabled #=> Boolean
|
|
7042
|
+
# resp.server_side_encryption_configuration.rules[0].blocked_encryption_types.encryption_type #=> Array
|
|
7043
|
+
# resp.server_side_encryption_configuration.rules[0].blocked_encryption_types.encryption_type[0] #=> String, one of "NONE", "SSE-C"
|
|
6974
7044
|
#
|
|
6975
7045
|
# @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketEncryption AWS API Documentation
|
|
6976
7046
|
#
|
|
@@ -8411,7 +8481,7 @@ module Aws::S3
|
|
|
8411
8481
|
#
|
|
8412
8482
|
# resp.to_h outputs the following:
|
|
8413
8483
|
# {
|
|
8414
|
-
# policy: "{\"Version\":\"2008-10-17\"
|
|
8484
|
+
# policy: "{\"Version\":\"2008-10-17\",&TCX5-2025-waiver;\"Id\":\"LogPolicy\",\"Statement\":[{\"Sid\":\"Enables the log delivery group to publish logs to your bucket \",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"111122223333\"},\"Action\":[\"s3:GetBucketAcl\",\"s3:GetObjectAcl\",\"s3:PutObject\"],\"Resource\":[\"arn:aws:s3:::policytest1/*\",\"arn:aws:s3:::policytest1\"]}]}",
|
|
8415
8485
|
# }
|
|
8416
8486
|
#
|
|
8417
8487
|
# @example Request syntax with placeholder values
|
|
@@ -8704,7 +8774,11 @@ module Aws::S3
|
|
|
8704
8774
|
#
|
|
8705
8775
|
# </note>
|
|
8706
8776
|
#
|
|
8707
|
-
# Returns the tag set associated with the bucket.
|
|
8777
|
+
# Returns the tag set associated with the general purpose bucket.
|
|
8778
|
+
#
|
|
8779
|
+
# if ABAC is not enabled for the bucket. When you [enable ABAC for a
|
|
8780
|
+
# general purpose bucket][1], you can no longer use this operation for
|
|
8781
|
+
# that bucket and must use [ListTagsForResource][2] instead.
|
|
8708
8782
|
#
|
|
8709
8783
|
# To use this operation, you must have permission to perform the
|
|
8710
8784
|
# `s3:GetBucketTagging` action. By default, the bucket owner has this
|
|
@@ -8720,9 +8794,9 @@ module Aws::S3
|
|
|
8720
8794
|
#
|
|
8721
8795
|
# The following operations are related to `GetBucketTagging`:
|
|
8722
8796
|
#
|
|
8723
|
-
# * [PutBucketTagging][
|
|
8797
|
+
# * [PutBucketTagging][3]
|
|
8724
8798
|
#
|
|
8725
|
-
# * [DeleteBucketTagging][
|
|
8799
|
+
# * [DeleteBucketTagging][4]
|
|
8726
8800
|
#
|
|
8727
8801
|
# You must URL encode any signed header values that contain spaces. For
|
|
8728
8802
|
# example, if your header value is `my file.txt`, containing two spaces
|
|
@@ -8730,8 +8804,10 @@ module Aws::S3
|
|
|
8730
8804
|
#
|
|
8731
8805
|
#
|
|
8732
8806
|
#
|
|
8733
|
-
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
8734
|
-
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
8807
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html
|
|
8808
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListTagsForResource.html
|
|
8809
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html
|
|
8810
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html
|
|
8735
8811
|
#
|
|
8736
8812
|
# @option params [required, String] :bucket
|
|
8737
8813
|
# The name of the bucket for which to get the tagging information.
|
|
@@ -13970,6 +14046,83 @@ module Aws::S3
|
|
|
13970
14046
|
req.send_request(options)
|
|
13971
14047
|
end
|
|
13972
14048
|
|
|
14049
|
+
# Sets the attribute-based access control (ABAC) property of the general
|
|
14050
|
+
# purpose bucket. When you enable ABAC, you can use tags for bucket
|
|
14051
|
+
# access control. Additionally, when ABAC is enabled, you must use the
|
|
14052
|
+
# [TagResource][1], [UntagResource][2], and [ListTagsForResource][3]
|
|
14053
|
+
# actions to manage bucket tags, and you can nolonger use the
|
|
14054
|
+
# [PutBucketTagging][4] and [DeleteBucketTagging][5] actions to tag the
|
|
14055
|
+
# bucket. You must also have the correct permissions for these actions.
|
|
14056
|
+
# For more information, see [Enabling ABAC in general purpose
|
|
14057
|
+
# buckets][6].
|
|
14058
|
+
#
|
|
14059
|
+
#
|
|
14060
|
+
#
|
|
14061
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_TagResource.html
|
|
14062
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UntagResource.html
|
|
14063
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListTagsForResource.html
|
|
14064
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html
|
|
14065
|
+
# [5]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html
|
|
14066
|
+
# [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html
|
|
14067
|
+
#
|
|
14068
|
+
# @option params [required, String] :bucket
|
|
14069
|
+
# The name of the general purpose bucket.
|
|
14070
|
+
#
|
|
14071
|
+
# @option params [String] :content_md5
|
|
14072
|
+
# The MD5 hash of the `PutBucketAbac` request body.
|
|
14073
|
+
#
|
|
14074
|
+
# For requests made using the Amazon Web Services Command Line Interface
|
|
14075
|
+
# (CLI) or Amazon Web Services SDKs, this field is calculated
|
|
14076
|
+
# automatically.
|
|
14077
|
+
#
|
|
14078
|
+
# @option params [String] :checksum_algorithm
|
|
14079
|
+
# Indicates the algorithm that you want Amazon S3 to use to create the
|
|
14080
|
+
# checksum. For more information, see [ Checking object integrity][1] in
|
|
14081
|
+
# the *Amazon S3 User Guide*.
|
|
14082
|
+
#
|
|
14083
|
+
#
|
|
14084
|
+
#
|
|
14085
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
|
|
14086
|
+
#
|
|
14087
|
+
# @option params [String] :expected_bucket_owner
|
|
14088
|
+
# The Amazon Web Services account ID of the general purpose bucket's
|
|
14089
|
+
# owner.
|
|
14090
|
+
#
|
|
14091
|
+
# @option params [required, Types::AbacStatus] :abac_status
|
|
14092
|
+
# The ABAC status of the general purpose bucket. When ABAC is enabled
|
|
14093
|
+
# for the general purpose bucket, you can use tags to manage access to
|
|
14094
|
+
# the general purpose buckets as well as for cost tracking purposes.
|
|
14095
|
+
# When ABAC is disabled for the general purpose buckets, you can only
|
|
14096
|
+
# use tags for cost tracking purposes. For more information, see [Using
|
|
14097
|
+
# tags with S3 general purpose buckets][1].
|
|
14098
|
+
#
|
|
14099
|
+
#
|
|
14100
|
+
#
|
|
14101
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging.html
|
|
14102
|
+
#
|
|
14103
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
14104
|
+
#
|
|
14105
|
+
# @example Request syntax with placeholder values
|
|
14106
|
+
#
|
|
14107
|
+
# resp = client.put_bucket_abac({
|
|
14108
|
+
# bucket: "BucketName", # required
|
|
14109
|
+
# content_md5: "ContentMD5",
|
|
14110
|
+
# checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME
|
|
14111
|
+
# expected_bucket_owner: "AccountId",
|
|
14112
|
+
# abac_status: { # required
|
|
14113
|
+
# status: "Enabled", # accepts Enabled, Disabled
|
|
14114
|
+
# },
|
|
14115
|
+
# })
|
|
14116
|
+
#
|
|
14117
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketAbac AWS API Documentation
|
|
14118
|
+
#
|
|
14119
|
+
# @overload put_bucket_abac(params = {})
|
|
14120
|
+
# @param [Hash] params ({})
|
|
14121
|
+
def put_bucket_abac(params = {}, options = {})
|
|
14122
|
+
req = build_request(:put_bucket_abac, params)
|
|
14123
|
+
req.send_request(options)
|
|
14124
|
+
end
|
|
14125
|
+
|
|
13973
14126
|
# <note markdown="1"> This operation is not supported for directory buckets.
|
|
13974
14127
|
#
|
|
13975
14128
|
# </note>
|
|
@@ -14712,7 +14865,8 @@ module Aws::S3
|
|
|
14712
14865
|
end
|
|
14713
14866
|
|
|
14714
14867
|
# This operation configures default encryption and Amazon S3 Bucket Keys
|
|
14715
|
-
# for an existing bucket.
|
|
14868
|
+
# for an existing bucket. You can also [block encryption types][1] using
|
|
14869
|
+
# this operation.
|
|
14716
14870
|
#
|
|
14717
14871
|
# <note markdown="1"> <b>Directory buckets </b> - For directory buckets, you must make
|
|
14718
14872
|
# requests for this API operation to the Regional endpoint. These
|
|
@@ -14720,9 +14874,9 @@ module Aws::S3
|
|
|
14720
14874
|
# `https://s3express-control.region-code.amazonaws.com/bucket-name `.
|
|
14721
14875
|
# Virtual-hosted-style requests aren't supported. For more information
|
|
14722
14876
|
# about endpoints in Availability Zones, see [Regional and Zonal
|
|
14723
|
-
# endpoints for directory buckets in Availability Zones][
|
|
14877
|
+
# endpoints for directory buckets in Availability Zones][2] in the
|
|
14724
14878
|
# *Amazon S3 User Guide*. For more information about endpoints in Local
|
|
14725
|
-
# Zones, see [Concepts for directory buckets in Local Zones][
|
|
14879
|
+
# Zones, see [Concepts for directory buckets in Local Zones][3] in the
|
|
14726
14880
|
# *Amazon S3 User Guide*.
|
|
14727
14881
|
#
|
|
14728
14882
|
# </note>
|
|
@@ -14737,12 +14891,12 @@ module Aws::S3
|
|
|
14737
14891
|
# keys (SSE-KMS) or dual-layer server-side encryption with Amazon
|
|
14738
14892
|
# Web Services KMS keys (DSSE-KMS). If you specify default
|
|
14739
14893
|
# encryption by using SSE-KMS, you can also configure [Amazon S3
|
|
14740
|
-
# Bucket Keys][
|
|
14741
|
-
# encryption feature, see [Amazon S3 Bucket Default Encryption][
|
|
14894
|
+
# Bucket Keys][4]. For information about the bucket default
|
|
14895
|
+
# encryption feature, see [Amazon S3 Bucket Default Encryption][5]
|
|
14742
14896
|
# in the *Amazon S3 User Guide*.
|
|
14743
14897
|
#
|
|
14744
14898
|
# * If you use PutBucketEncryption to set your [default bucket
|
|
14745
|
-
# encryption][
|
|
14899
|
+
# encryption][5] to SSE-KMS, you should verify that your KMS key ID
|
|
14746
14900
|
# is correct. Amazon S3 doesn't validate the KMS key ID provided in
|
|
14747
14901
|
# PutBucketEncryption requests.
|
|
14748
14902
|
# * <b>Directory buckets </b> - You can optionally configure default
|
|
@@ -14756,28 +14910,28 @@ module Aws::S3
|
|
|
14756
14910
|
# encrypted with the desired encryption settings. For more
|
|
14757
14911
|
# information about the encryption overriding behaviors in directory
|
|
14758
14912
|
# buckets, see [Specifying server-side encryption with KMS for new
|
|
14759
|
-
# object uploads][
|
|
14913
|
+
# object uploads][6].
|
|
14760
14914
|
#
|
|
14761
14915
|
# * Your SSE-KMS configuration can only support 1 [customer managed
|
|
14762
|
-
# key][
|
|
14763
|
-
# managed key][
|
|
14916
|
+
# key][7] per directory bucket's lifetime. The [Amazon Web Services
|
|
14917
|
+
# managed key][8] (`aws/s3`) isn't supported.
|
|
14764
14918
|
#
|
|
14765
14919
|
# * S3 Bucket Keys are always enabled for `GET` and `PUT` operations
|
|
14766
14920
|
# in a directory bucket and can’t be disabled. S3 Bucket Keys
|
|
14767
14921
|
# aren't supported, when you copy SSE-KMS encrypted objects from
|
|
14768
14922
|
# general purpose buckets to directory buckets, from directory
|
|
14769
14923
|
# buckets to general purpose buckets, or between directory buckets,
|
|
14770
|
-
# through [CopyObject][
|
|
14771
|
-
# in Batch Operations][
|
|
14924
|
+
# through [CopyObject][9], [UploadPartCopy][10], [the Copy operation
|
|
14925
|
+
# in Batch Operations][11], or [the import jobs][12]. In this case,
|
|
14772
14926
|
# Amazon S3 makes a call to KMS every time a copy request is made
|
|
14773
14927
|
# for a KMS-encrypted object.
|
|
14774
14928
|
#
|
|
14775
|
-
# * When you specify an [KMS customer managed key][
|
|
14929
|
+
# * When you specify an [KMS customer managed key][7] for encryption
|
|
14776
14930
|
# in your directory bucket, only use the key ID or key ARN. The key
|
|
14777
14931
|
# alias format of the KMS key isn't supported.
|
|
14778
14932
|
#
|
|
14779
14933
|
# * For directory buckets, if you use PutBucketEncryption to set your
|
|
14780
|
-
# [default bucket encryption][
|
|
14934
|
+
# [default bucket encryption][5] to SSE-KMS, Amazon S3 validates the
|
|
14781
14935
|
# KMS key ID provided in PutBucketEncryption requests.
|
|
14782
14936
|
#
|
|
14783
14937
|
# </note>
|
|
@@ -14790,7 +14944,7 @@ module Aws::S3
|
|
|
14790
14944
|
#
|
|
14791
14945
|
# Also, this action requires Amazon Web Services Signature Version 4.
|
|
14792
14946
|
# For more information, see [ Authenticating Requests (Amazon Web
|
|
14793
|
-
# Services Signature Version 4)][
|
|
14947
|
+
# Services Signature Version 4)][13].
|
|
14794
14948
|
#
|
|
14795
14949
|
# Permissions
|
|
14796
14950
|
# : * **General purpose bucket permissions** - The
|
|
@@ -14798,8 +14952,8 @@ module Aws::S3
|
|
|
14798
14952
|
# policy. The bucket owner has this permission by default. The
|
|
14799
14953
|
# bucket owner can grant this permission to others. For more
|
|
14800
14954
|
# information about permissions, see [Permissions Related to Bucket
|
|
14801
|
-
# Operations][
|
|
14802
|
-
# Resources][
|
|
14955
|
+
# Operations][14] and [Managing Access Permissions to Your Amazon S3
|
|
14956
|
+
# Resources][15] in the *Amazon S3 User Guide*.
|
|
14803
14957
|
#
|
|
14804
14958
|
# * **Directory bucket permissions** - To grant access to this API
|
|
14805
14959
|
# operation, you must have the
|
|
@@ -14809,7 +14963,7 @@ module Aws::S3
|
|
|
14809
14963
|
# only be performed by the Amazon Web Services account that owns the
|
|
14810
14964
|
# resource. For more information about directory bucket policies and
|
|
14811
14965
|
# permissions, see [Amazon Web Services Identity and Access
|
|
14812
|
-
# Management (IAM) for S3 Express One Zone][
|
|
14966
|
+
# Management (IAM) for S3 Express One Zone][16] in the *Amazon S3
|
|
14813
14967
|
# User Guide*.
|
|
14814
14968
|
#
|
|
14815
14969
|
# To set a directory bucket default encryption with SSE-KMS, you
|
|
@@ -14824,9 +14978,9 @@ module Aws::S3
|
|
|
14824
14978
|
#
|
|
14825
14979
|
# The following operations are related to `PutBucketEncryption`:
|
|
14826
14980
|
#
|
|
14827
|
-
# * [GetBucketEncryption][
|
|
14981
|
+
# * [GetBucketEncryption][17]
|
|
14828
14982
|
#
|
|
14829
|
-
# * [DeleteBucketEncryption][
|
|
14983
|
+
# * [DeleteBucketEncryption][18]
|
|
14830
14984
|
#
|
|
14831
14985
|
# You must URL encode any signed header values that contain spaces. For
|
|
14832
14986
|
# example, if your header value is `my file.txt`, containing two spaces
|
|
@@ -14834,23 +14988,24 @@ module Aws::S3
|
|
|
14834
14988
|
#
|
|
14835
14989
|
#
|
|
14836
14990
|
#
|
|
14837
|
-
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
14838
|
-
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/
|
|
14839
|
-
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
14840
|
-
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-
|
|
14841
|
-
# [5]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
14842
|
-
# [6]: https://docs.aws.amazon.com/
|
|
14843
|
-
# [7]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#
|
|
14844
|
-
# [8]: https://docs.aws.amazon.com/
|
|
14845
|
-
# [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
14846
|
-
# [10]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
14847
|
-
# [11]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/
|
|
14848
|
-
# [12]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
14849
|
-
# [13]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
14850
|
-
# [14]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-
|
|
14851
|
-
# [15]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-
|
|
14852
|
-
# [16]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
14853
|
-
# [17]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
14991
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_BlockedEncryptionTypes.html
|
|
14992
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html
|
|
14993
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html
|
|
14994
|
+
# [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html
|
|
14995
|
+
# [5]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html
|
|
14996
|
+
# [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-specifying-kms-encryption.html
|
|
14997
|
+
# [7]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
|
|
14998
|
+
# [8]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
|
|
14999
|
+
# [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
|
|
15000
|
+
# [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html
|
|
15001
|
+
# [11]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops
|
|
15002
|
+
# [12]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-import-job
|
|
15003
|
+
# [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
|
|
15004
|
+
# [14]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources
|
|
15005
|
+
# [15]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html
|
|
15006
|
+
# [16]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html
|
|
15007
|
+
# [17]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html
|
|
15008
|
+
# [18]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html
|
|
14854
15009
|
#
|
|
14855
15010
|
# @option params [required, String] :bucket
|
|
14856
15011
|
# Specifies default encryption for a bucket using server-side encryption
|
|
@@ -14934,6 +15089,9 @@ module Aws::S3
|
|
|
14934
15089
|
# kms_master_key_id: "SSEKMSKeyId",
|
|
14935
15090
|
# },
|
|
14936
15091
|
# bucket_key_enabled: false,
|
|
15092
|
+
# blocked_encryption_types: {
|
|
15093
|
+
# encryption_type: ["NONE"], # accepts NONE, SSE-C
|
|
15094
|
+
# },
|
|
14937
15095
|
# },
|
|
14938
15096
|
# ],
|
|
14939
15097
|
# },
|
|
@@ -16930,7 +17088,15 @@ module Aws::S3
|
|
|
16930
17088
|
#
|
|
16931
17089
|
# </note>
|
|
16932
17090
|
#
|
|
16933
|
-
# Sets the tags for a bucket
|
|
17091
|
+
# Sets the tags for a general purpose bucket if attribute based access
|
|
17092
|
+
# control (ABAC) is not enabled for the bucket. When you [enable ABAC
|
|
17093
|
+
# for a general purpose bucket][1], you can no longer use this operation
|
|
17094
|
+
# for that bucket and must use the [TagResource][2] or
|
|
17095
|
+
# [UntagResource][3] operations instead.
|
|
17096
|
+
#
|
|
17097
|
+
# if ABAC is not enabled for the bucket. When you [enable ABAC for a
|
|
17098
|
+
# general purpose bucket][1], you can no longer use this operation for
|
|
17099
|
+
# that bucket and must use [TagResource][2] instead.
|
|
16934
17100
|
#
|
|
16935
17101
|
# Use tags to organize your Amazon Web Services bill to reflect your own
|
|
16936
17102
|
# cost structure. To do this, sign up to get your Amazon Web Services
|
|
@@ -16940,8 +17106,8 @@ module Aws::S3
|
|
|
16940
17106
|
# several resources with a specific application name, and then organize
|
|
16941
17107
|
# your billing information to see the total cost of that application
|
|
16942
17108
|
# across several services. For more information, see [Cost Allocation
|
|
16943
|
-
# and Tagging][
|
|
16944
|
-
# Tags][
|
|
17109
|
+
# and Tagging][4] and [Using Cost Allocation in Amazon S3 Bucket
|
|
17110
|
+
# Tags][5].
|
|
16945
17111
|
#
|
|
16946
17112
|
# <note markdown="1"> When this operation sets the tags for a bucket, it will overwrite any
|
|
16947
17113
|
# current tags the bucket already has. You cannot use this operation to
|
|
@@ -16953,16 +17119,16 @@ module Aws::S3
|
|
|
16953
17119
|
# `s3:PutBucketTagging` action. The bucket owner has this permission by
|
|
16954
17120
|
# default and can grant this permission to others. For more information
|
|
16955
17121
|
# about permissions, see [Permissions Related to Bucket Subresource
|
|
16956
|
-
# Operations][
|
|
16957
|
-
# Resources][
|
|
17122
|
+
# Operations][6] and [Managing Access Permissions to Your Amazon S3
|
|
17123
|
+
# Resources][7].
|
|
16958
17124
|
#
|
|
16959
17125
|
# `PutBucketTagging` has the following special errors. For more Amazon
|
|
16960
|
-
# S3 errors see, [Error Responses][
|
|
17126
|
+
# S3 errors see, [Error Responses][8].
|
|
16961
17127
|
#
|
|
16962
17128
|
# * `InvalidTag` - The tag provided was not a valid tag. This error can
|
|
16963
17129
|
# occur if the tag did not pass input validation. For more
|
|
16964
17130
|
# information, see [Using Cost Allocation in Amazon S3 Bucket
|
|
16965
|
-
# Tags][
|
|
17131
|
+
# Tags][5].
|
|
16966
17132
|
#
|
|
16967
17133
|
# * `MalformedXML` - The XML provided does not match the schema.
|
|
16968
17134
|
#
|
|
@@ -16974,9 +17140,9 @@ module Aws::S3
|
|
|
16974
17140
|
#
|
|
16975
17141
|
# The following operations are related to `PutBucketTagging`:
|
|
16976
17142
|
#
|
|
16977
|
-
# * [GetBucketTagging][
|
|
17143
|
+
# * [GetBucketTagging][9]
|
|
16978
17144
|
#
|
|
16979
|
-
# * [DeleteBucketTagging][
|
|
17145
|
+
# * [DeleteBucketTagging][10]
|
|
16980
17146
|
#
|
|
16981
17147
|
# You must URL encode any signed header values that contain spaces. For
|
|
16982
17148
|
# example, if your header value is `my file.txt`, containing two spaces
|
|
@@ -16984,13 +17150,16 @@ module Aws::S3
|
|
|
16984
17150
|
#
|
|
16985
17151
|
#
|
|
16986
17152
|
#
|
|
16987
|
-
# [1]: https://docs.aws.amazon.com/
|
|
16988
|
-
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
16989
|
-
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
16990
|
-
# [4]: https://docs.aws.amazon.com/
|
|
16991
|
-
# [5]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
16992
|
-
# [6]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
16993
|
-
# [7]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
17153
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html
|
|
17154
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_TagResource.html
|
|
17155
|
+
# [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_UntagResource.html
|
|
17156
|
+
# [4]: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html
|
|
17157
|
+
# [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html
|
|
17158
|
+
# [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources
|
|
17159
|
+
# [7]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html
|
|
17160
|
+
# [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html
|
|
17161
|
+
# [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html
|
|
17162
|
+
# [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html
|
|
16994
17163
|
#
|
|
16995
17164
|
# @option params [required, String] :bucket
|
|
16996
17165
|
# The bucket name.
|
|
@@ -20850,6 +21019,15 @@ module Aws::S3
|
|
|
20850
21019
|
# Multipart request. For more information, see
|
|
20851
21020
|
# [CreateMultipartUpload][2].
|
|
20852
21021
|
#
|
|
21022
|
+
# <note markdown="1"> If you have server-side encryption with customer-provided keys
|
|
21023
|
+
# (SSE-C) blocked for your general purpose bucket, you will get an
|
|
21024
|
+
# HTTP 403 Access Denied error when you specify the SSE-C request
|
|
21025
|
+
# headers while writing new data to your bucket. For more
|
|
21026
|
+
# information, see [Blocking or unblocking SSE-C for a general
|
|
21027
|
+
# purpose bucket][12].
|
|
21028
|
+
#
|
|
21029
|
+
# </note>
|
|
21030
|
+
#
|
|
20853
21031
|
# If you request server-side encryption using a customer-provided
|
|
20854
21032
|
# encryption key (SSE-C) in your initiate multipart upload request,
|
|
20855
21033
|
# you must provide identical encryption information in each part
|
|
@@ -20860,7 +21038,7 @@ module Aws::S3
|
|
|
20860
21038
|
# * x-amz-server-side-encryption-customer-key
|
|
20861
21039
|
#
|
|
20862
21040
|
# * x-amz-server-side-encryption-customer-key-MD5
|
|
20863
|
-
# For more information, see [Using Server-Side Encryption][
|
|
21041
|
+
# For more information, see [Using Server-Side Encryption][13] in
|
|
20864
21042
|
# the *Amazon S3 User Guide*.
|
|
20865
21043
|
#
|
|
20866
21044
|
# * <b>Directory buckets </b> - For directory buckets, there are only
|
|
@@ -20888,13 +21066,13 @@ module Aws::S3
|
|
|
20888
21066
|
#
|
|
20889
21067
|
# * [CreateMultipartUpload][2]
|
|
20890
21068
|
#
|
|
20891
|
-
# * [CompleteMultipartUpload][
|
|
21069
|
+
# * [CompleteMultipartUpload][14]
|
|
20892
21070
|
#
|
|
20893
|
-
# * [AbortMultipartUpload][
|
|
21071
|
+
# * [AbortMultipartUpload][15]
|
|
20894
21072
|
#
|
|
20895
|
-
# * [ListParts][
|
|
21073
|
+
# * [ListParts][16]
|
|
20896
21074
|
#
|
|
20897
|
-
# * [ListMultipartUploads][
|
|
21075
|
+
# * [ListMultipartUploads][17]
|
|
20898
21076
|
#
|
|
20899
21077
|
# You must URL encode any signed header values that contain spaces. For
|
|
20900
21078
|
# example, if your header value is `my file.txt`, containing two spaces
|
|
@@ -20913,11 +21091,12 @@ module Aws::S3
|
|
|
20913
21091
|
# [9]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions
|
|
20914
21092
|
# [10]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html
|
|
20915
21093
|
# [11]: https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html
|
|
20916
|
-
# [12]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
20917
|
-
# [13]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
20918
|
-
# [14]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
20919
|
-
# [15]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
20920
|
-
# [16]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
21094
|
+
# [12]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html
|
|
21095
|
+
# [13]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
|
|
21096
|
+
# [14]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html
|
|
21097
|
+
# [15]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html
|
|
21098
|
+
# [16]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html
|
|
21099
|
+
# [17]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html
|
|
20921
21100
|
#
|
|
20922
21101
|
# @option params [String, StringIO, File] :body
|
|
20923
21102
|
# Object data.
|
|
@@ -21316,12 +21495,21 @@ module Aws::S3
|
|
|
21316
21495
|
# the `UploadPartCopy` operation, see [CopyObject][13] and
|
|
21317
21496
|
# [UploadPart][2].
|
|
21318
21497
|
#
|
|
21498
|
+
# <note markdown="1"> If you have server-side encryption with customer-provided keys
|
|
21499
|
+
# (SSE-C) blocked for your general purpose bucket, you will get an
|
|
21500
|
+
# HTTP 403 Access Denied error when you specify the SSE-C request
|
|
21501
|
+
# headers while writing new data to your bucket. For more
|
|
21502
|
+
# information, see [Blocking or unblocking SSE-C for a general
|
|
21503
|
+
# purpose bucket][14].
|
|
21504
|
+
#
|
|
21505
|
+
# </note>
|
|
21506
|
+
#
|
|
21319
21507
|
# * <b>Directory buckets </b> - For directory buckets, there are only
|
|
21320
21508
|
# two supported options for server-side encryption: server-side
|
|
21321
21509
|
# encryption with Amazon S3 managed keys (SSE-S3) (`AES256`) and
|
|
21322
21510
|
# server-side encryption with KMS keys (SSE-KMS) (`aws:kms`). For
|
|
21323
21511
|
# more information, see [Protecting data with server-side
|
|
21324
|
-
# encryption][
|
|
21512
|
+
# encryption][15] in the *Amazon S3 User Guide*.
|
|
21325
21513
|
#
|
|
21326
21514
|
# <note markdown="1"> For directory buckets, when you perform a `CreateMultipartUpload`
|
|
21327
21515
|
# operation and an `UploadPartCopy` operation, the request headers
|
|
@@ -21333,7 +21521,7 @@ module Aws::S3
|
|
|
21333
21521
|
# S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted
|
|
21334
21522
|
# objects from general purpose buckets to directory buckets, from
|
|
21335
21523
|
# directory buckets to general purpose buckets, or between directory
|
|
21336
|
-
# buckets, through [UploadPartCopy][
|
|
21524
|
+
# buckets, through [UploadPartCopy][16]. In this case, Amazon S3
|
|
21337
21525
|
# makes a call to KMS every time a copy request is made for a
|
|
21338
21526
|
# KMS-encrypted object.
|
|
21339
21527
|
#
|
|
@@ -21359,17 +21547,17 @@ module Aws::S3
|
|
|
21359
21547
|
#
|
|
21360
21548
|
# The following operations are related to `UploadPartCopy`:
|
|
21361
21549
|
#
|
|
21362
|
-
# * [CreateMultipartUpload][
|
|
21550
|
+
# * [CreateMultipartUpload][17]
|
|
21363
21551
|
#
|
|
21364
21552
|
# * [UploadPart][2]
|
|
21365
21553
|
#
|
|
21366
|
-
# * [CompleteMultipartUpload][
|
|
21554
|
+
# * [CompleteMultipartUpload][18]
|
|
21367
21555
|
#
|
|
21368
|
-
# * [AbortMultipartUpload][
|
|
21556
|
+
# * [AbortMultipartUpload][19]
|
|
21369
21557
|
#
|
|
21370
|
-
# * [ListParts][
|
|
21558
|
+
# * [ListParts][20]
|
|
21371
21559
|
#
|
|
21372
|
-
# * [ListMultipartUploads][
|
|
21560
|
+
# * [ListMultipartUploads][21]
|
|
21373
21561
|
#
|
|
21374
21562
|
# You must URL encode any signed header values that contain spaces. For
|
|
21375
21563
|
# example, if your header value is `my file.txt`, containing two spaces
|
|
@@ -21390,13 +21578,14 @@ module Aws::S3
|
|
|
21390
21578
|
# [11]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html
|
|
21391
21579
|
# [12]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html
|
|
21392
21580
|
# [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html
|
|
21393
|
-
# [14]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/
|
|
21394
|
-
# [15]: https://docs.aws.amazon.com/AmazonS3/latest/
|
|
21395
|
-
# [16]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
21396
|
-
# [17]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
21397
|
-
# [18]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
21398
|
-
# [19]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
21399
|
-
# [20]: https://docs.aws.amazon.com/AmazonS3/latest/API/
|
|
21581
|
+
# [14]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html
|
|
21582
|
+
# [15]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html
|
|
21583
|
+
# [16]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html
|
|
21584
|
+
# [17]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html
|
|
21585
|
+
# [18]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html
|
|
21586
|
+
# [19]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html
|
|
21587
|
+
# [20]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html
|
|
21588
|
+
# [21]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html
|
|
21400
21589
|
#
|
|
21401
21590
|
# @option params [required, String] :bucket
|
|
21402
21591
|
# The bucket name.
|
|
@@ -22224,7 +22413,7 @@ module Aws::S3
|
|
|
22224
22413
|
tracer: tracer
|
|
22225
22414
|
)
|
|
22226
22415
|
context[:gem_name] = 'aws-sdk-s3'
|
|
22227
|
-
context[:gem_version] = '1.
|
|
22416
|
+
context[:gem_version] = '1.205.0'
|
|
22228
22417
|
Seahorse::Client::Request.new(handlers, context)
|
|
22229
22418
|
end
|
|
22230
22419
|
|