aws-sdk-s3 1.30.0 → 1.114.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (100) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +903 -0
  3. data/LICENSE.txt +202 -0
  4. data/VERSION +1 -0
  5. data/lib/aws-sdk-s3/arn/access_point_arn.rb +69 -0
  6. data/lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb +68 -0
  7. data/lib/aws-sdk-s3/arn/object_lambda_arn.rb +69 -0
  8. data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +74 -0
  9. data/lib/aws-sdk-s3/bucket.rb +377 -77
  10. data/lib/aws-sdk-s3/bucket_acl.rb +57 -14
  11. data/lib/aws-sdk-s3/bucket_cors.rb +67 -13
  12. data/lib/aws-sdk-s3/bucket_lifecycle.rb +54 -15
  13. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +56 -15
  14. data/lib/aws-sdk-s3/bucket_logging.rb +52 -15
  15. data/lib/aws-sdk-s3/bucket_notification.rb +44 -15
  16. data/lib/aws-sdk-s3/bucket_policy.rb +51 -13
  17. data/lib/aws-sdk-s3/bucket_region_cache.rb +2 -0
  18. data/lib/aws-sdk-s3/bucket_request_payment.rb +51 -12
  19. data/lib/aws-sdk-s3/bucket_tagging.rb +59 -13
  20. data/lib/aws-sdk-s3/bucket_versioning.rb +118 -12
  21. data/lib/aws-sdk-s3/bucket_website.rb +66 -13
  22. data/lib/aws-sdk-s3/client.rb +9016 -669
  23. data/lib/aws-sdk-s3/client_api.rb +786 -2
  24. data/lib/aws-sdk-s3/customizations/bucket.rb +59 -16
  25. data/lib/aws-sdk-s3/customizations/multipart_upload.rb +2 -0
  26. data/lib/aws-sdk-s3/customizations/object.rb +200 -62
  27. data/lib/aws-sdk-s3/customizations/object_summary.rb +5 -0
  28. data/lib/aws-sdk-s3/customizations/types/list_object_versions_output.rb +2 -0
  29. data/lib/aws-sdk-s3/customizations.rb +4 -1
  30. data/lib/aws-sdk-s3/encryption/client.rb +23 -6
  31. data/lib/aws-sdk-s3/encryption/decrypt_handler.rb +71 -29
  32. data/lib/aws-sdk-s3/encryption/default_cipher_provider.rb +43 -5
  33. data/lib/aws-sdk-s3/encryption/default_key_provider.rb +2 -0
  34. data/lib/aws-sdk-s3/encryption/encrypt_handler.rb +13 -2
  35. data/lib/aws-sdk-s3/encryption/errors.rb +2 -0
  36. data/lib/aws-sdk-s3/encryption/io_auth_decrypter.rb +2 -0
  37. data/lib/aws-sdk-s3/encryption/io_decrypter.rb +11 -3
  38. data/lib/aws-sdk-s3/encryption/io_encrypter.rb +2 -0
  39. data/lib/aws-sdk-s3/encryption/key_provider.rb +2 -0
  40. data/lib/aws-sdk-s3/encryption/kms_cipher_provider.rb +34 -3
  41. data/lib/aws-sdk-s3/encryption/materials.rb +8 -6
  42. data/lib/aws-sdk-s3/encryption/utils.rb +25 -0
  43. data/lib/aws-sdk-s3/encryption.rb +4 -0
  44. data/lib/aws-sdk-s3/encryptionV2/client.rb +566 -0
  45. data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +222 -0
  46. data/lib/aws-sdk-s3/encryptionV2/default_cipher_provider.rb +170 -0
  47. data/lib/aws-sdk-s3/encryptionV2/default_key_provider.rb +40 -0
  48. data/lib/aws-sdk-s3/encryptionV2/encrypt_handler.rb +65 -0
  49. data/lib/aws-sdk-s3/encryptionV2/errors.rb +37 -0
  50. data/lib/aws-sdk-s3/encryptionV2/io_auth_decrypter.rb +58 -0
  51. data/lib/aws-sdk-s3/encryptionV2/io_decrypter.rb +37 -0
  52. data/lib/aws-sdk-s3/encryptionV2/io_encrypter.rb +73 -0
  53. data/lib/aws-sdk-s3/encryptionV2/key_provider.rb +31 -0
  54. data/lib/aws-sdk-s3/encryptionV2/kms_cipher_provider.rb +169 -0
  55. data/lib/aws-sdk-s3/encryptionV2/materials.rb +60 -0
  56. data/lib/aws-sdk-s3/encryptionV2/utils.rb +103 -0
  57. data/lib/aws-sdk-s3/encryption_v2.rb +23 -0
  58. data/lib/aws-sdk-s3/errors.rb +123 -1
  59. data/lib/aws-sdk-s3/event_streams.rb +20 -7
  60. data/lib/aws-sdk-s3/file_downloader.rb +17 -10
  61. data/lib/aws-sdk-s3/file_part.rb +11 -6
  62. data/lib/aws-sdk-s3/file_uploader.rb +33 -14
  63. data/lib/aws-sdk-s3/legacy_signer.rb +17 -25
  64. data/lib/aws-sdk-s3/multipart_file_uploader.rb +78 -19
  65. data/lib/aws-sdk-s3/multipart_stream_uploader.rb +20 -7
  66. data/lib/aws-sdk-s3/multipart_upload.rb +178 -28
  67. data/lib/aws-sdk-s3/multipart_upload_error.rb +2 -0
  68. data/lib/aws-sdk-s3/multipart_upload_part.rb +236 -43
  69. data/lib/aws-sdk-s3/object.rb +848 -162
  70. data/lib/aws-sdk-s3/object_acl.rb +81 -20
  71. data/lib/aws-sdk-s3/object_copier.rb +2 -0
  72. data/lib/aws-sdk-s3/object_multipart_copier.rb +2 -0
  73. data/lib/aws-sdk-s3/object_summary.rb +615 -144
  74. data/lib/aws-sdk-s3/object_version.rb +161 -68
  75. data/lib/aws-sdk-s3/plugins/accelerate.rb +38 -38
  76. data/lib/aws-sdk-s3/plugins/arn.rb +254 -0
  77. data/lib/aws-sdk-s3/plugins/bucket_dns.rb +8 -8
  78. data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +25 -3
  79. data/lib/aws-sdk-s3/plugins/dualstack.rb +38 -33
  80. data/lib/aws-sdk-s3/plugins/expect_100_continue.rb +4 -4
  81. data/lib/aws-sdk-s3/plugins/get_bucket_location_fix.rb +3 -1
  82. data/lib/aws-sdk-s3/plugins/http_200_errors.rb +11 -3
  83. data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +73 -0
  84. data/lib/aws-sdk-s3/plugins/location_constraint.rb +2 -0
  85. data/lib/aws-sdk-s3/plugins/md5s.rb +34 -30
  86. data/lib/aws-sdk-s3/plugins/object_lambda_endpoint.rb +25 -0
  87. data/lib/aws-sdk-s3/plugins/redirects.rb +2 -0
  88. data/lib/aws-sdk-s3/plugins/s3_host_id.rb +2 -0
  89. data/lib/aws-sdk-s3/plugins/s3_signer.rb +95 -36
  90. data/lib/aws-sdk-s3/plugins/skip_whole_multipart_get_checksums.rb +31 -0
  91. data/lib/aws-sdk-s3/plugins/sse_cpk.rb +3 -1
  92. data/lib/aws-sdk-s3/plugins/streaming_retry.rb +139 -0
  93. data/lib/aws-sdk-s3/plugins/url_encoded_keys.rb +2 -0
  94. data/lib/aws-sdk-s3/presigned_post.rb +110 -51
  95. data/lib/aws-sdk-s3/presigner.rb +168 -66
  96. data/lib/aws-sdk-s3/resource.rb +41 -5
  97. data/lib/aws-sdk-s3/types.rb +8652 -1146
  98. data/lib/aws-sdk-s3/waiters.rb +67 -1
  99. data/lib/aws-sdk-s3.rb +12 -6
  100. metadata +38 -13
@@ -1,11 +1,14 @@
1
+ # frozen_string_literal: true
2
+
1
3
  # WARNING ABOUT GENERATED CODE
2
4
  #
3
5
  # This file is generated. See the contributing guide for more information:
4
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
5
7
  #
6
8
  # WARNING ABOUT GENERATED CODE
7
9
 
8
10
  module Aws::S3
11
+
9
12
  class ObjectSummary
10
13
 
11
14
  extend Aws::Deprecations
@@ -24,6 +27,7 @@ module Aws::S3
24
27
  @key = extract_key(args, options)
25
28
  @data = options.delete(:data)
26
29
  @client = options.delete(:client) || Client.new(options)
30
+ @waiter_block_warned = false
27
31
  end
28
32
 
29
33
  # @!group Read-Only Attributes
@@ -38,16 +42,45 @@ module Aws::S3
38
42
  @key
39
43
  end
40
44
 
45
+ # Creation date of the object.
41
46
  # @return [Time]
42
47
  def last_modified
43
48
  data[:last_modified]
44
49
  end
45
50
 
51
+ # The entity tag is a hash of the object. The ETag reflects changes only
52
+ # to the contents of an object, not its metadata. The ETag may or may
53
+ # not be an MD5 digest of the object data. Whether or not it is depends
54
+ # on how the object was created and how it is encrypted as described
55
+ # below:
56
+ #
57
+ # * Objects created by the PUT Object, POST Object, or Copy operation,
58
+ # or through the Amazon Web Services Management Console, and are
59
+ # encrypted by SSE-S3 or plaintext, have ETags that are an MD5 digest
60
+ # of their object data.
61
+ #
62
+ # * Objects created by the PUT Object, POST Object, or Copy operation,
63
+ # or through the Amazon Web Services Management Console, and are
64
+ # encrypted by SSE-C or SSE-KMS, have ETags that are not an MD5 digest
65
+ # of their object data.
66
+ #
67
+ # * If an object is created by either the Multipart Upload or Part Copy
68
+ # operation, the ETag is not an MD5 digest, regardless of the method
69
+ # of encryption. If an object is larger than 16 MB, the Amazon Web
70
+ # Services Management Console will upload or copy that object as a
71
+ # Multipart Upload, and therefore the ETag will not be an MD5 digest.
46
72
  # @return [String]
47
73
  def etag
48
74
  data[:etag]
49
75
  end
50
76
 
77
+ # The algorithm that was used to create a checksum of the object.
78
+ # @return [Array<String>]
79
+ def checksum_algorithm
80
+ data[:checksum_algorithm]
81
+ end
82
+
83
+ # Size in bytes of the object
51
84
  # @return [Integer]
52
85
  def size
53
86
  data[:size]
@@ -59,6 +92,7 @@ module Aws::S3
59
92
  data[:storage_class]
60
93
  end
61
94
 
95
+ # The owner of the object
62
96
  # @return [Types::Owner]
63
97
  def owner
64
98
  data[:owner]
@@ -114,10 +148,10 @@ module Aws::S3
114
148
  # @option options [Proc] :before_attempt
115
149
  # @option options [Proc] :before_wait
116
150
  # @return [ObjectSummary]
117
- def wait_until_exists(options = {})
151
+ def wait_until_exists(options = {}, &block)
118
152
  options, params = separate_params_and_options(options)
119
153
  waiter = Waiters::ObjectExists.new(options)
120
- yield_waiter_and_warn(waiter, &Proc.new) if block_given?
154
+ yield_waiter_and_warn(waiter, &block) if block_given?
121
155
  waiter.wait(params.merge(bucket: @bucket_name,
122
156
  key: @key))
123
157
  ObjectSummary.new({
@@ -133,10 +167,10 @@ module Aws::S3
133
167
  # @option options [Proc] :before_attempt
134
168
  # @option options [Proc] :before_wait
135
169
  # @return [ObjectSummary]
136
- def wait_until_not_exists(options = {})
170
+ def wait_until_not_exists(options = {}, &block)
137
171
  options, params = separate_params_and_options(options)
138
172
  waiter = Waiters::ObjectNotExists.new(options)
139
- yield_waiter_and_warn(waiter, &Proc.new) if block_given?
173
+ yield_waiter_and_warn(waiter, &block) if block_given?
140
174
  waiter.wait(params.merge(bucket: @bucket_name,
141
175
  key: @key))
142
176
  ObjectSummary.new({
@@ -151,7 +185,8 @@ module Aws::S3
151
185
  # Waiter polls an API operation until a resource enters a desired
152
186
  # state.
153
187
  #
154
- # @note The waiting operation is performed on a copy. The original resource remains unchanged
188
+ # @note The waiting operation is performed on a copy. The original resource
189
+ # remains unchanged.
155
190
  #
156
191
  # ## Basic Usage
157
192
  #
@@ -164,13 +199,15 @@ module Aws::S3
164
199
  #
165
200
  # ## Example
166
201
  #
167
- # instance.wait_until(max_attempts:10, delay:5) {|instance| instance.state.name == 'running' }
202
+ # instance.wait_until(max_attempts:10, delay:5) do |instance|
203
+ # instance.state.name == 'running'
204
+ # end
168
205
  #
169
206
  # ## Configuration
170
207
  #
171
208
  # You can configure the maximum number of polling attempts, and the
172
- # delay (in seconds) between each polling attempt. The waiting condition is set
173
- # by passing a block to {#wait_until}:
209
+ # delay (in seconds) between each polling attempt. The waiting condition is
210
+ # set by passing a block to {#wait_until}:
174
211
  #
175
212
  # # poll for ~25 seconds
176
213
  # resource.wait_until(max_attempts:5,delay:5) {|resource|...}
@@ -201,17 +238,16 @@ module Aws::S3
201
238
  # # resource did not enter the desired state in time
202
239
  # end
203
240
  #
241
+ # @yieldparam [Resource] resource to be used in the waiting condition.
204
242
  #
205
- # @yield param [Resource] resource to be used in the waiting condition
206
- #
207
- # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter terminates
208
- # because the waiter has entered a state that it will not transition
209
- # out of, preventing success.
243
+ # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter
244
+ # terminates because the waiter has entered a state that it will not
245
+ # transition out of, preventing success.
210
246
  #
211
247
  # yet successful.
212
248
  #
213
- # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is encountered
214
- # while polling for a resource that is not expected.
249
+ # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is
250
+ # encountered while polling for a resource that is not expected.
215
251
  #
216
252
  # @raise [NotImplementedError] Raised when the resource does not
217
253
  #
@@ -248,6 +284,7 @@ module Aws::S3
248
284
  # object_summary.copy_from({
249
285
  # acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
250
286
  # cache_control: "CacheControl",
287
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
251
288
  # content_disposition: "ContentDisposition",
252
289
  # content_encoding: "ContentEncoding",
253
290
  # content_language: "ContentLanguage",
@@ -268,12 +305,14 @@ module Aws::S3
268
305
  # metadata_directive: "COPY", # accepts COPY, REPLACE
269
306
  # tagging_directive: "COPY", # accepts COPY, REPLACE
270
307
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
271
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER
308
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
272
309
  # website_redirect_location: "WebsiteRedirectLocation",
273
310
  # sse_customer_algorithm: "SSECustomerAlgorithm",
274
311
  # sse_customer_key: "SSECustomerKey",
275
312
  # sse_customer_key_md5: "SSECustomerKeyMD5",
276
313
  # ssekms_key_id: "SSEKMSKeyId",
314
+ # ssekms_encryption_context: "SSEKMSEncryptionContext",
315
+ # bucket_key_enabled: false,
277
316
  # copy_source_sse_customer_algorithm: "CopySourceSSECustomerAlgorithm",
278
317
  # copy_source_sse_customer_key: "CopySourceSSECustomerKey",
279
318
  # copy_source_sse_customer_key_md5: "CopySourceSSECustomerKeyMD5",
@@ -282,12 +321,24 @@ module Aws::S3
282
321
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
283
322
  # object_lock_retain_until_date: Time.now,
284
323
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
324
+ # expected_bucket_owner: "AccountId",
325
+ # expected_source_bucket_owner: "AccountId",
285
326
  # })
286
327
  # @param [Hash] options ({})
287
328
  # @option options [String] :acl
288
329
  # The canned ACL to apply to the object.
330
+ #
331
+ # This action is not supported by Amazon S3 on Outposts.
289
332
  # @option options [String] :cache_control
290
333
  # Specifies caching behavior along the request/reply chain.
334
+ # @option options [String] :checksum_algorithm
335
+ # Indicates the algorithm you want Amazon S3 to use to create the
336
+ # checksum for the object. For more information, see [Checking object
337
+ # integrity][1] in the *Amazon S3 User Guide*.
338
+ #
339
+ #
340
+ #
341
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
291
342
  # @option options [String] :content_disposition
292
343
  # Specifies presentational information for the object.
293
344
  # @option options [String] :content_encoding
@@ -299,8 +350,51 @@ module Aws::S3
299
350
  # @option options [String] :content_type
300
351
  # A standard MIME type describing the format of the object data.
301
352
  # @option options [required, String] :copy_source
302
- # The name of the source bucket and key name of the source object,
303
- # separated by a slash (/). Must be URL-encoded.
353
+ # Specifies the source object for the copy operation. You specify the
354
+ # value in one of two formats, depending on whether you want to access
355
+ # the source object through an [access point][1]\:
356
+ #
357
+ # * For objects not accessed through an access point, specify the name
358
+ # of the source bucket and the key of the source object, separated by
359
+ # a slash (/). For example, to copy the object `reports/january.pdf`
360
+ # from the bucket `awsexamplebucket`, use
361
+ # `awsexamplebucket/reports/january.pdf`. The value must be
362
+ # URL-encoded.
363
+ #
364
+ # * For objects accessed through access points, specify the Amazon
365
+ # Resource Name (ARN) of the object as accessed through the access
366
+ # point, in the format
367
+ # `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`.
368
+ # For example, to copy the object `reports/january.pdf` through access
369
+ # point `my-access-point` owned by account `123456789012` in Region
370
+ # `us-west-2`, use the URL encoding of
371
+ # `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
372
+ # The value must be URL encoded.
373
+ #
374
+ # <note markdown="1"> Amazon S3 supports copy operations using access points only when the
375
+ # source and destination buckets are in the same Amazon Web Services
376
+ # Region.
377
+ #
378
+ # </note>
379
+ #
380
+ # Alternatively, for objects accessed through Amazon S3 on Outposts,
381
+ # specify the ARN of the object as accessed in the format
382
+ # `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/object/<key>`.
383
+ # For example, to copy the object `reports/january.pdf` through
384
+ # outpost `my-outpost` owned by account `123456789012` in Region
385
+ # `us-west-2`, use the URL encoding of
386
+ # `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`.
387
+ # The value must be URL-encoded.
388
+ #
389
+ # To copy a specific version of an object, append
390
+ # `?versionId=<version-id>` to the value (for example,
391
+ # `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
392
+ # If you don't specify a version ID, Amazon S3 copies the latest
393
+ # version of the source object.
394
+ #
395
+ #
396
+ #
397
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html
304
398
  # @option options [String] :copy_source_if_match
305
399
  # Copies the object if its entity tag (ETag) matches the specified tag.
306
400
  # @option options [Time,DateTime,Date,Integer,String] :copy_source_if_modified_since
@@ -316,12 +410,20 @@ module Aws::S3
316
410
  # @option options [String] :grant_full_control
317
411
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
318
412
  # object.
413
+ #
414
+ # This action is not supported by Amazon S3 on Outposts.
319
415
  # @option options [String] :grant_read
320
416
  # Allows grantee to read the object data and its metadata.
417
+ #
418
+ # This action is not supported by Amazon S3 on Outposts.
321
419
  # @option options [String] :grant_read_acp
322
420
  # Allows grantee to read the object ACL.
421
+ #
422
+ # This action is not supported by Amazon S3 on Outposts.
323
423
  # @option options [String] :grant_write_acp
324
424
  # Allows grantee to write the ACL for the applicable object.
425
+ #
426
+ # This action is not supported by Amazon S3 on Outposts.
325
427
  # @option options [Hash<String,String>] :metadata
326
428
  # A map of metadata to store with the object in S3.
327
429
  # @option options [String] :metadata_directive
@@ -331,36 +433,63 @@ module Aws::S3
331
433
  # Specifies whether the object tag-set are copied from the source object
332
434
  # or replaced with tag-set provided in the request.
333
435
  # @option options [String] :server_side_encryption
334
- # The Server-side encryption algorithm used when storing this object in
335
- # S3 (e.g., AES256, aws:kms).
436
+ # The server-side encryption algorithm used when storing this object in
437
+ # Amazon S3 (for example, AES256, aws:kms).
336
438
  # @option options [String] :storage_class
337
- # The type of storage to use for the object. Defaults to 'STANDARD'.
439
+ # By default, Amazon S3 uses the STANDARD Storage Class to store newly
440
+ # created objects. The STANDARD storage class provides high durability
441
+ # and high availability. Depending on performance needs, you can specify
442
+ # a different Storage Class. Amazon S3 on Outposts only uses the
443
+ # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
444
+ # in the *Amazon S3 User Guide*.
445
+ #
446
+ #
447
+ #
448
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
338
449
  # @option options [String] :website_redirect_location
339
450
  # If the bucket is configured as a website, redirects requests for this
340
451
  # object to another object in the same bucket or to an external URL.
341
452
  # Amazon S3 stores the value of this header in the object metadata.
342
453
  # @option options [String] :sse_customer_algorithm
343
- # Specifies the algorithm to use to when encrypting the object (e.g.,
344
- # AES256).
454
+ # Specifies the algorithm to use to when encrypting the object (for
455
+ # example, AES256).
345
456
  # @option options [String] :sse_customer_key
346
457
  # Specifies the customer-provided encryption key for Amazon S3 to use in
347
458
  # encrypting data. This value is used to store the object and then it is
348
- # discarded; Amazon does not store the encryption key. The key must be
349
- # appropriate for use with the algorithm specified in the
350
- # x-amz-server-side​-encryption​-customer-algorithm header.
459
+ # discarded; Amazon S3 does not store the encryption key. The key must
460
+ # be appropriate for use with the algorithm specified in the
461
+ # `x-amz-server-side-encryption-customer-algorithm` header.
351
462
  # @option options [String] :sse_customer_key_md5
352
463
  # Specifies the 128-bit MD5 digest of the encryption key according to
353
464
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
354
- # ensure the encryption key was transmitted without error.
465
+ # ensure that the encryption key was transmitted without error.
355
466
  # @option options [String] :ssekms_key_id
356
- # Specifies the AWS KMS key ID to use for object encryption. All GET and
357
- # PUT requests for an object protected by AWS KMS will fail if not made
358
- # via SSL or using SigV4. Documentation on configuring any of the
359
- # officially supported AWS SDKs and CLI can be found at
360
- # http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
467
+ # Specifies the Amazon Web Services KMS key ID to use for object
468
+ # encryption. All GET and PUT requests for an object protected by Amazon
469
+ # Web Services KMS will fail if not made via SSL or using SigV4. For
470
+ # information about configuring using any of the officially supported
471
+ # Amazon Web Services SDKs and Amazon Web Services CLI, see [Specifying
472
+ # the Signature Version in Request Authentication][1] in the *Amazon S3
473
+ # User Guide*.
474
+ #
475
+ #
476
+ #
477
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
478
+ # @option options [String] :ssekms_encryption_context
479
+ # Specifies the Amazon Web Services KMS Encryption Context to use for
480
+ # object encryption. The value of this header is a base64-encoded UTF-8
481
+ # string holding JSON with the encryption context key-value pairs.
482
+ # @option options [Boolean] :bucket_key_enabled
483
+ # Specifies whether Amazon S3 should use an S3 Bucket Key for object
484
+ # encryption with server-side encryption using AWS KMS (SSE-KMS).
485
+ # Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
486
+ # for object encryption with SSE-KMS.
487
+ #
488
+ # Specifying this header with a COPY action doesn’t affect bucket-level
489
+ # settings for S3 Bucket Key.
361
490
  # @option options [String] :copy_source_sse_customer_algorithm
362
- # Specifies the algorithm to use when decrypting the source object
363
- # (e.g., AES256).
491
+ # Specifies the algorithm to use when decrypting the source object (for
492
+ # example, AES256).
364
493
  # @option options [String] :copy_source_sse_customer_key
365
494
  # Specifies the customer-provided encryption key for Amazon S3 to use to
366
495
  # decrypt the source object. The encryption key provided in this header
@@ -368,24 +497,36 @@ module Aws::S3
368
497
  # @option options [String] :copy_source_sse_customer_key_md5
369
498
  # Specifies the 128-bit MD5 digest of the encryption key according to
370
499
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
371
- # ensure the encryption key was transmitted without error.
500
+ # ensure that the encryption key was transmitted without error.
372
501
  # @option options [String] :request_payer
373
- # Confirms that the requester knows that she or he will be charged for
374
- # the request. Bucket owners need not specify this parameter in their
375
- # requests. Documentation on downloading objects from requester pays
376
- # buckets can be found at
377
- # http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
502
+ # Confirms that the requester knows that they will be charged for the
503
+ # request. Bucket owners need not specify this parameter in their
504
+ # requests. For information about downloading objects from Requester
505
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
506
+ # in the *Amazon S3 User Guide*.
507
+ #
508
+ #
509
+ #
510
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
378
511
  # @option options [String] :tagging
379
512
  # The tag-set for the object destination object this value must be used
380
- # in conjunction with the TaggingDirective. The tag-set must be encoded
381
- # as URL Query parameters
513
+ # in conjunction with the `TaggingDirective`. The tag-set must be
514
+ # encoded as URL Query parameters.
382
515
  # @option options [String] :object_lock_mode
383
516
  # The Object Lock mode that you want to apply to the copied object.
384
517
  # @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
385
518
  # The date and time when you want the copied object's Object Lock to
386
519
  # expire.
387
520
  # @option options [String] :object_lock_legal_hold_status
388
- # Specifies whether you want to apply a Legal Hold to the copied object.
521
+ # Specifies whether you want to apply a legal hold to the copied object.
522
+ # @option options [String] :expected_bucket_owner
523
+ # The account ID of the expected destination bucket owner. If the
524
+ # destination bucket is owned by a different account, the request fails
525
+ # with the HTTP status code `403 Forbidden` (access denied).
526
+ # @option options [String] :expected_source_bucket_owner
527
+ # The account ID of the expected source bucket owner. If the source
528
+ # bucket is owned by a different account, the request fails with the
529
+ # HTTP status code `403 Forbidden` (access denied).
389
530
  # @return [Types::CopyObjectOutput]
390
531
  def copy_from(options = {})
391
532
  options = options.merge(
@@ -403,22 +544,34 @@ module Aws::S3
403
544
  # version_id: "ObjectVersionId",
404
545
  # request_payer: "requester", # accepts requester
405
546
  # bypass_governance_retention: false,
547
+ # expected_bucket_owner: "AccountId",
406
548
  # })
407
549
  # @param [Hash] options ({})
408
550
  # @option options [String] :mfa
409
551
  # The concatenation of the authentication device's serial number, a
410
552
  # space, and the value that is displayed on your authentication device.
553
+ # Required to permanently delete a versioned object if versioning is
554
+ # configured with MFA delete enabled.
411
555
  # @option options [String] :version_id
412
556
  # VersionId used to reference a specific version of the object.
413
557
  # @option options [String] :request_payer
414
- # Confirms that the requester knows that she or he will be charged for
415
- # the request. Bucket owners need not specify this parameter in their
416
- # requests. Documentation on downloading objects from requester pays
417
- # buckets can be found at
418
- # http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
558
+ # Confirms that the requester knows that they will be charged for the
559
+ # request. Bucket owners need not specify this parameter in their
560
+ # requests. For information about downloading objects from Requester
561
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
562
+ # in the *Amazon S3 User Guide*.
563
+ #
564
+ #
565
+ #
566
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
419
567
  # @option options [Boolean] :bypass_governance_retention
420
568
  # Indicates whether S3 Object Lock should bypass Governance-mode
421
- # restrictions to process this operation.
569
+ # restrictions to process this operation. To use this header, you must
570
+ # have the `s3:BypassGovernanceRetention` permission.
571
+ # @option options [String] :expected_bucket_owner
572
+ # The account ID of the expected bucket owner. If the bucket is owned by
573
+ # a different account, the request fails with the HTTP status code `403
574
+ # Forbidden` (access denied).
422
575
  # @return [Types::DeleteObjectOutput]
423
576
  def delete(options = {})
424
577
  options = options.merge(
@@ -449,62 +602,83 @@ module Aws::S3
449
602
  # sse_customer_key_md5: "SSECustomerKeyMD5",
450
603
  # request_payer: "requester", # accepts requester
451
604
  # part_number: 1,
605
+ # expected_bucket_owner: "AccountId",
606
+ # checksum_mode: "ENABLED", # accepts ENABLED
452
607
  # })
453
608
  # @param [Hash] options ({})
454
609
  # @option options [String] :if_match
455
610
  # Return the object only if its entity tag (ETag) is the same as the one
456
- # specified, otherwise return a 412 (precondition failed).
611
+ # specified; otherwise, return a 412 (precondition failed) error.
457
612
  # @option options [Time,DateTime,Date,Integer,String] :if_modified_since
458
613
  # Return the object only if it has been modified since the specified
459
- # time, otherwise return a 304 (not modified).
614
+ # time; otherwise, return a 304 (not modified) error.
460
615
  # @option options [String] :if_none_match
461
616
  # Return the object only if its entity tag (ETag) is different from the
462
- # one specified, otherwise return a 304 (not modified).
617
+ # one specified; otherwise, return a 304 (not modified) error.
463
618
  # @option options [Time,DateTime,Date,Integer,String] :if_unmodified_since
464
619
  # Return the object only if it has not been modified since the specified
465
- # time, otherwise return a 412 (precondition failed).
620
+ # time; otherwise, return a 412 (precondition failed) error.
466
621
  # @option options [String] :range
467
622
  # Downloads the specified range bytes of an object. For more information
468
- # about the HTTP Range header, go to
469
- # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.
623
+ # about the HTTP Range header, see
624
+ # [https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35][1].
625
+ #
626
+ # <note markdown="1"> Amazon S3 doesn't support retrieving multiple ranges of data per
627
+ # `GET` request.
628
+ #
629
+ # </note>
630
+ #
631
+ #
632
+ #
633
+ # [1]: https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
470
634
  # @option options [String] :response_cache_control
471
- # Sets the Cache-Control header of the response.
635
+ # Sets the `Cache-Control` header of the response.
472
636
  # @option options [String] :response_content_disposition
473
- # Sets the Content-Disposition header of the response
637
+ # Sets the `Content-Disposition` header of the response
474
638
  # @option options [String] :response_content_encoding
475
- # Sets the Content-Encoding header of the response.
639
+ # Sets the `Content-Encoding` header of the response.
476
640
  # @option options [String] :response_content_language
477
- # Sets the Content-Language header of the response.
641
+ # Sets the `Content-Language` header of the response.
478
642
  # @option options [String] :response_content_type
479
- # Sets the Content-Type header of the response.
643
+ # Sets the `Content-Type` header of the response.
480
644
  # @option options [Time,DateTime,Date,Integer,String] :response_expires
481
- # Sets the Expires header of the response.
645
+ # Sets the `Expires` header of the response.
482
646
  # @option options [String] :version_id
483
647
  # VersionId used to reference a specific version of the object.
484
648
  # @option options [String] :sse_customer_algorithm
485
- # Specifies the algorithm to use to when encrypting the object (e.g.,
486
- # AES256).
649
+ # Specifies the algorithm to use to when decrypting the object (for
650
+ # example, AES256).
487
651
  # @option options [String] :sse_customer_key
488
- # Specifies the customer-provided encryption key for Amazon S3 to use in
489
- # encrypting data. This value is used to store the object and then it is
490
- # discarded; Amazon does not store the encryption key. The key must be
491
- # appropriate for use with the algorithm specified in the
492
- # x-amz-server-side​-encryption​-customer-algorithm header.
652
+ # Specifies the customer-provided encryption key for Amazon S3 used to
653
+ # encrypt the data. This value is used to decrypt the object when
654
+ # recovering it and must match the one used when storing the data. The
655
+ # key must be appropriate for use with the algorithm specified in the
656
+ # `x-amz-server-side-encryption-customer-algorithm` header.
493
657
  # @option options [String] :sse_customer_key_md5
494
658
  # Specifies the 128-bit MD5 digest of the encryption key according to
495
659
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
496
- # ensure the encryption key was transmitted without error.
660
+ # ensure that the encryption key was transmitted without error.
497
661
  # @option options [String] :request_payer
498
- # Confirms that the requester knows that she or he will be charged for
499
- # the request. Bucket owners need not specify this parameter in their
500
- # requests. Documentation on downloading objects from requester pays
501
- # buckets can be found at
502
- # http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
662
+ # Confirms that the requester knows that they will be charged for the
663
+ # request. Bucket owners need not specify this parameter in their
664
+ # requests. For information about downloading objects from Requester
665
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
666
+ # in the *Amazon S3 User Guide*.
667
+ #
668
+ #
669
+ #
670
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
503
671
  # @option options [Integer] :part_number
504
672
  # Part number of the object being read. This is a positive integer
505
673
  # between 1 and 10,000. Effectively performs a 'ranged' GET request
506
674
  # for the part specified. Useful for downloading just a part of an
507
675
  # object.
676
+ # @option options [String] :expected_bucket_owner
677
+ # The account ID of the expected bucket owner. If the bucket is owned by
678
+ # a different account, the request fails with the HTTP status code `403
679
+ # Forbidden` (access denied).
680
+ # @option options [String] :checksum_mode
681
+ # To retrieve the checksum, this mode must be enabled.
508
682
  # @return [Types::GetObjectOutput]
509
683
  def get(options = {}, &block)
510
684
  options = options.merge(
@@ -533,21 +707,27 @@ module Aws::S3
533
707
  # "MetadataKey" => "MetadataValue",
534
708
  # },
535
709
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
536
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER
710
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
537
711
  # website_redirect_location: "WebsiteRedirectLocation",
538
712
  # sse_customer_algorithm: "SSECustomerAlgorithm",
539
713
  # sse_customer_key: "SSECustomerKey",
540
714
  # sse_customer_key_md5: "SSECustomerKeyMD5",
541
715
  # ssekms_key_id: "SSEKMSKeyId",
716
+ # ssekms_encryption_context: "SSEKMSEncryptionContext",
717
+ # bucket_key_enabled: false,
542
718
  # request_payer: "requester", # accepts requester
543
719
  # tagging: "TaggingHeader",
544
720
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
545
721
  # object_lock_retain_until_date: Time.now,
546
722
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
723
+ # expected_bucket_owner: "AccountId",
724
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
547
725
  # })
548
726
  # @param [Hash] options ({})
549
727
  # @option options [String] :acl
550
728
  # The canned ACL to apply to the object.
729
+ #
730
+ # This action is not supported by Amazon S3 on Outposts.
551
731
  # @option options [String] :cache_control
552
732
  # Specifies caching behavior along the request/reply chain.
553
733
  # @option options [String] :content_disposition
@@ -565,59 +745,110 @@ module Aws::S3
565
745
  # @option options [String] :grant_full_control
566
746
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
567
747
  # object.
748
+ #
749
+ # This action is not supported by Amazon S3 on Outposts.
568
750
  # @option options [String] :grant_read
569
751
  # Allows grantee to read the object data and its metadata.
752
+ #
753
+ # This action is not supported by Amazon S3 on Outposts.
570
754
  # @option options [String] :grant_read_acp
571
755
  # Allows grantee to read the object ACL.
756
+ #
757
+ # This action is not supported by Amazon S3 on Outposts.
572
758
  # @option options [String] :grant_write_acp
573
759
  # Allows grantee to write the ACL for the applicable object.
760
+ #
761
+ # This action is not supported by Amazon S3 on Outposts.
574
762
  # @option options [Hash<String,String>] :metadata
575
763
  # A map of metadata to store with the object in S3.
576
764
  # @option options [String] :server_side_encryption
577
- # The Server-side encryption algorithm used when storing this object in
578
- # S3 (e.g., AES256, aws:kms).
765
+ # The server-side encryption algorithm used when storing this object in
766
+ # Amazon S3 (for example, AES256, aws:kms).
579
767
  # @option options [String] :storage_class
580
- # The type of storage to use for the object. Defaults to 'STANDARD'.
768
+ # By default, Amazon S3 uses the STANDARD Storage Class to store newly
769
+ # created objects. The STANDARD storage class provides high durability
770
+ # and high availability. Depending on performance needs, you can specify
771
+ # a different Storage Class. Amazon S3 on Outposts only uses the
772
+ # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
773
+ # in the *Amazon S3 User Guide*.
774
+ #
775
+ #
776
+ #
777
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
581
778
  # @option options [String] :website_redirect_location
582
779
  # If the bucket is configured as a website, redirects requests for this
583
780
  # object to another object in the same bucket or to an external URL.
584
781
  # Amazon S3 stores the value of this header in the object metadata.
585
782
  # @option options [String] :sse_customer_algorithm
586
- # Specifies the algorithm to use to when encrypting the object (e.g.,
587
- # AES256).
783
+ # Specifies the algorithm to use to when encrypting the object (for
784
+ # example, AES256).
588
785
  # @option options [String] :sse_customer_key
589
786
  # Specifies the customer-provided encryption key for Amazon S3 to use in
590
787
  # encrypting data. This value is used to store the object and then it is
591
- # discarded; Amazon does not store the encryption key. The key must be
592
- # appropriate for use with the algorithm specified in the
593
- # x-amz-server-side​-encryption​-customer-algorithm header.
788
+ # discarded; Amazon S3 does not store the encryption key. The key must
789
+ # be appropriate for use with the algorithm specified in the
790
+ # `x-amz-server-side-encryption-customer-algorithm` header.
594
791
  # @option options [String] :sse_customer_key_md5
595
792
  # Specifies the 128-bit MD5 digest of the encryption key according to
596
793
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
597
- # ensure the encryption key was transmitted without error.
794
+ # ensure that the encryption key was transmitted without error.
598
795
  # @option options [String] :ssekms_key_id
599
- # Specifies the AWS KMS key ID to use for object encryption. All GET and
600
- # PUT requests for an object protected by AWS KMS will fail if not made
601
- # via SSL or using SigV4. Documentation on configuring any of the
602
- # officially supported AWS SDKs and CLI can be found at
603
- # http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
796
+ # Specifies the ID of the symmetric customer managed key to use for
797
+ # object encryption. All GET and PUT requests for an object protected by
798
+ # Amazon Web Services KMS will fail if not made via SSL or using SigV4.
799
+ # For information about configuring using any of the officially
800
+ # supported Amazon Web Services SDKs and Amazon Web Services CLI, see
801
+ # [Specifying the Signature Version in Request Authentication][1] in the
802
+ # *Amazon S3 User Guide*.
803
+ #
804
+ #
805
+ #
806
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
807
+ # @option options [String] :ssekms_encryption_context
808
+ # Specifies the Amazon Web Services KMS Encryption Context to use for
809
+ # object encryption. The value of this header is a base64-encoded UTF-8
810
+ # string holding JSON with the encryption context key-value pairs.
811
+ # @option options [Boolean] :bucket_key_enabled
812
+ # Specifies whether Amazon S3 should use an S3 Bucket Key for object
813
+ # encryption with server-side encryption using AWS KMS (SSE-KMS).
814
+ # Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
815
+ # for object encryption with SSE-KMS.
816
+ #
817
+ # Specifying this header with an object action doesn’t affect
818
+ # bucket-level settings for S3 Bucket Key.
604
819
  # @option options [String] :request_payer
605
- # Confirms that the requester knows that she or he will be charged for
606
- # the request. Bucket owners need not specify this parameter in their
607
- # requests. Documentation on downloading objects from requester pays
608
- # buckets can be found at
609
- # http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
820
+ # Confirms that the requester knows that they will be charged for the
821
+ # request. Bucket owners need not specify this parameter in their
822
+ # requests. For information about downloading objects from Requester
823
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
824
+ # in the *Amazon S3 User Guide*.
825
+ #
826
+ #
827
+ #
828
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
610
829
  # @option options [String] :tagging
611
830
  # The tag-set for the object. The tag-set must be encoded as URL Query
612
- # parameters
831
+ # parameters.
613
832
  # @option options [String] :object_lock_mode
614
833
  # Specifies the Object Lock mode that you want to apply to the uploaded
615
834
  # object.
616
835
  # @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
617
836
  # Specifies the date and time when you want the Object Lock to expire.
618
837
  # @option options [String] :object_lock_legal_hold_status
619
- # Specifies whether you want to apply a Legal Hold to the uploaded
838
+ # Specifies whether you want to apply a legal hold to the uploaded
620
839
  # object.
840
+ # @option options [String] :expected_bucket_owner
841
+ # The account ID of the expected bucket owner. If the bucket is owned by
842
+ # a different account, the request fails with the HTTP status code `403
843
+ # Forbidden` (access denied).
844
+ # @option options [String] :checksum_algorithm
845
+ # Indicates the algorithm you want Amazon S3 to use to create the
846
+ # checksum for the object. For more information, see [Checking object
847
+ # integrity][1] in the *Amazon S3 User Guide*.
848
+ #
849
+ #
850
+ #
851
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
621
852
  # @return [MultipartUpload]
622
853
  def initiate_multipart_upload(options = {})
623
854
  options = options.merge(
@@ -645,6 +876,11 @@ module Aws::S3
645
876
  # content_length: 1,
646
877
  # content_md5: "ContentMD5",
647
878
  # content_type: "ContentType",
879
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
880
+ # checksum_crc32: "ChecksumCRC32",
881
+ # checksum_crc32c: "ChecksumCRC32C",
882
+ # checksum_sha1: "ChecksumSHA1",
883
+ # checksum_sha256: "ChecksumSHA256",
648
884
  # expires: Time.now,
649
885
  # grant_full_control: "GrantFullControl",
650
886
  # grant_read: "GrantRead",
@@ -654,87 +890,254 @@ module Aws::S3
654
890
  # "MetadataKey" => "MetadataValue",
655
891
  # },
656
892
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
657
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER
893
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
658
894
  # website_redirect_location: "WebsiteRedirectLocation",
659
895
  # sse_customer_algorithm: "SSECustomerAlgorithm",
660
896
  # sse_customer_key: "SSECustomerKey",
661
897
  # sse_customer_key_md5: "SSECustomerKeyMD5",
662
898
  # ssekms_key_id: "SSEKMSKeyId",
899
+ # ssekms_encryption_context: "SSEKMSEncryptionContext",
900
+ # bucket_key_enabled: false,
663
901
  # request_payer: "requester", # accepts requester
664
902
  # tagging: "TaggingHeader",
665
903
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
666
904
  # object_lock_retain_until_date: Time.now,
667
905
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
906
+ # expected_bucket_owner: "AccountId",
668
907
  # })
669
908
  # @param [Hash] options ({})
670
909
  # @option options [String] :acl
671
- # The canned ACL to apply to the object.
672
- # @option options [String, IO] :body
910
+ # The canned ACL to apply to the object. For more information, see
911
+ # [Canned ACL][1].
912
+ #
913
+ # This action is not supported by Amazon S3 on Outposts.
914
+ #
915
+ #
916
+ #
917
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
918
+ # @option options [String, StringIO, File] :body
673
919
  # Object data.
674
920
  # @option options [String] :cache_control
675
- # Specifies caching behavior along the request/reply chain.
921
+ # Can be used to specify caching behavior along the request/reply chain.
922
+ # For more information, see
923
+ # [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9][1].
924
+ #
925
+ #
926
+ #
927
+ # [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9
676
928
  # @option options [String] :content_disposition
677
- # Specifies presentational information for the object.
929
+ # Specifies presentational information for the object. For more
930
+ # information, see
931
+ # [http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1][1].
932
+ #
933
+ #
934
+ #
935
+ # [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1
678
936
  # @option options [String] :content_encoding
679
937
  # Specifies what content encodings have been applied to the object and
680
938
  # thus what decoding mechanisms must be applied to obtain the media-type
681
- # referenced by the Content-Type header field.
939
+ # referenced by the Content-Type header field. For more information, see
940
+ # [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11][1].
941
+ #
942
+ #
943
+ #
944
+ # [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11
682
945
  # @option options [String] :content_language
683
946
  # The language the content is in.
684
947
  # @option options [Integer] :content_length
685
948
  # Size of the body in bytes. This parameter is useful when the size of
686
- # the body cannot be determined automatically.
949
+ # the body cannot be determined automatically. For more information, see
950
+ # [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13][1].
951
+ #
952
+ #
953
+ #
954
+ # [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13
687
955
  # @option options [String] :content_md5
688
- # The base64-encoded 128-bit MD5 digest of the part data.
956
+ # The base64-encoded 128-bit MD5 digest of the message (without the
957
+ # headers) according to RFC 1864. This header can be used as a message
958
+ # integrity check to verify that the data is the same data that was
959
+ # originally sent. Although it is optional, we recommend using the
960
+ # Content-MD5 mechanism as an end-to-end integrity check. For more
961
+ # information about REST request authentication, see [REST
962
+ # Authentication][1].
963
+ #
964
+ #
965
+ #
966
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html
689
967
  # @option options [String] :content_type
690
- # A standard MIME type describing the format of the object data.
968
+ # A standard MIME type describing the format of the contents. For more
969
+ # information, see
970
+ # [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17][1].
971
+ #
972
+ #
973
+ #
974
+ # [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17
975
+ # @option options [String] :checksum_algorithm
976
+ # Indicates the algorithm used to create the checksum for the object
977
+ # when using the SDK. This header will not provide any additional
978
+ # functionality if not using the SDK. When sending this header, there
979
+ # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
980
+ # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
981
+ # `400 Bad Request`. For more information, see [Checking object
982
+ # integrity][1] in the *Amazon S3 User Guide*.
983
+ #
984
+ # If you provide an individual checksum, Amazon S3 ignores any provided
985
+ # `ChecksumAlgorithm` parameter.
986
+ #
987
+ #
988
+ #
989
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
990
+ # @option options [String] :checksum_crc32
991
+ # This header can be used as a data integrity check to verify that the
992
+ # data received is the same data that was originally sent. This header
993
+ # specifies the base64-encoded, 32-bit CRC32 checksum of the object. For
994
+ # more information, see [Checking object integrity][1] in the *Amazon S3
995
+ # User Guide*.
996
+ #
997
+ #
998
+ #
999
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
1000
+ # @option options [String] :checksum_crc32c
1001
+ # This header can be used as a data integrity check to verify that the
1002
+ # data received is the same data that was originally sent. This header
1003
+ # specifies the base64-encoded, 32-bit CRC32C checksum of the object.
1004
+ # For more information, see [Checking object integrity][1] in the
1005
+ # *Amazon S3 User Guide*.
1006
+ #
1007
+ #
1008
+ #
1009
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
1010
+ # @option options [String] :checksum_sha1
1011
+ # This header can be used as a data integrity check to verify that the
1012
+ # data received is the same data that was originally sent. This header
1013
+ # specifies the base64-encoded, 160-bit SHA-1 digest of the object. For
1014
+ # more information, see [Checking object integrity][1] in the *Amazon S3
1015
+ # User Guide*.
1016
+ #
1017
+ #
1018
+ #
1019
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
1020
+ # @option options [String] :checksum_sha256
1021
+ # This header can be used as a data integrity check to verify that the
1022
+ # data received is the same data that was originally sent. This header
1023
+ # specifies the base64-encoded, 256-bit SHA-256 digest of the object.
1024
+ # For more information, see [Checking object integrity][1] in the
1025
+ # *Amazon S3 User Guide*.
1026
+ #
1027
+ #
1028
+ #
1029
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
691
1030
  # @option options [Time,DateTime,Date,Integer,String] :expires
692
- # The date and time at which the object is no longer cacheable.
1031
+ # The date and time at which the object is no longer cacheable. For more
1032
+ # information, see
1033
+ # [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21][1].
1034
+ #
1035
+ #
1036
+ #
1037
+ # [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21
693
1038
  # @option options [String] :grant_full_control
694
1039
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
695
1040
  # object.
1041
+ #
1042
+ # This action is not supported by Amazon S3 on Outposts.
696
1043
  # @option options [String] :grant_read
697
1044
  # Allows grantee to read the object data and its metadata.
1045
+ #
1046
+ # This action is not supported by Amazon S3 on Outposts.
698
1047
  # @option options [String] :grant_read_acp
699
1048
  # Allows grantee to read the object ACL.
1049
+ #
1050
+ # This action is not supported by Amazon S3 on Outposts.
700
1051
  # @option options [String] :grant_write_acp
701
1052
  # Allows grantee to write the ACL for the applicable object.
1053
+ #
1054
+ # This action is not supported by Amazon S3 on Outposts.
702
1055
  # @option options [Hash<String,String>] :metadata
703
1056
  # A map of metadata to store with the object in S3.
704
1057
  # @option options [String] :server_side_encryption
705
- # The Server-side encryption algorithm used when storing this object in
706
- # S3 (e.g., AES256, aws:kms).
1058
+ # The server-side encryption algorithm used when storing this object in
1059
+ # Amazon S3 (for example, AES256, aws:kms).
707
1060
  # @option options [String] :storage_class
708
- # The type of storage to use for the object. Defaults to 'STANDARD'.
1061
+ # By default, Amazon S3 uses the STANDARD Storage Class to store newly
1062
+ # created objects. The STANDARD storage class provides high durability
1063
+ # and high availability. Depending on performance needs, you can specify
1064
+ # a different Storage Class. Amazon S3 on Outposts only uses the
1065
+ # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
1066
+ # in the *Amazon S3 User Guide*.
1067
+ #
1068
+ #
1069
+ #
1070
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
709
1071
  # @option options [String] :website_redirect_location
710
1072
  # If the bucket is configured as a website, redirects requests for this
711
1073
  # object to another object in the same bucket or to an external URL.
712
- # Amazon S3 stores the value of this header in the object metadata.
1074
+ # Amazon S3 stores the value of this header in the object metadata. For
1075
+ # information about object metadata, see [Object Key and Metadata][1].
1076
+ #
1077
+ # In the following example, the request header sets the redirect to an
1078
+ # object (anotherPage.html) in the same bucket:
1079
+ #
1080
+ # `x-amz-website-redirect-location: /anotherPage.html`
1081
+ #
1082
+ # In the following example, the request header sets the object redirect
1083
+ # to another website:
1084
+ #
1085
+ # `x-amz-website-redirect-location: http://www.example.com/`
1086
+ #
1087
+ # For more information about website hosting in Amazon S3, see [Hosting
1088
+ # Websites on Amazon S3][2] and [How to Configure Website Page
1089
+ # Redirects][3].
1090
+ #
1091
+ #
1092
+ #
1093
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
1094
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html
1095
+ # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html
713
1096
  # @option options [String] :sse_customer_algorithm
714
- # Specifies the algorithm to use to when encrypting the object (e.g.,
715
- # AES256).
1097
+ # Specifies the algorithm to use to when encrypting the object (for
1098
+ # example, AES256).
716
1099
  # @option options [String] :sse_customer_key
717
1100
  # Specifies the customer-provided encryption key for Amazon S3 to use in
718
1101
  # encrypting data. This value is used to store the object and then it is
719
- # discarded; Amazon does not store the encryption key. The key must be
720
- # appropriate for use with the algorithm specified in the
721
- # x-amz-server-side​-encryption​-customer-algorithm header.
1102
+ # discarded; Amazon S3 does not store the encryption key. The key must
1103
+ # be appropriate for use with the algorithm specified in the
1104
+ # `x-amz-server-side-encryption-customer-algorithm` header.
722
1105
  # @option options [String] :sse_customer_key_md5
723
1106
  # Specifies the 128-bit MD5 digest of the encryption key according to
724
1107
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
725
- # ensure the encryption key was transmitted without error.
1108
+ # ensure that the encryption key was transmitted without error.
726
1109
  # @option options [String] :ssekms_key_id
727
- # Specifies the AWS KMS key ID to use for object encryption. All GET and
728
- # PUT requests for an object protected by AWS KMS will fail if not made
729
- # via SSL or using SigV4. Documentation on configuring any of the
730
- # officially supported AWS SDKs and CLI can be found at
731
- # http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
1110
+ # If `x-amz-server-side-encryption` is present and has the value of
1111
+ # `aws:kms`, this header specifies the ID of the Amazon Web Services Key
1112
+ # Management Service (Amazon Web Services KMS) symmetrical customer
1113
+ # managed key that was used for the object. If you specify
1114
+ # `x-amz-server-side-encryption:aws:kms`, but do not provide`
1115
+ # x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
1116
+ # Amazon Web Services managed key to protect the data. If the KMS key
1117
+ # does not exist in the same account issuing the command, you must use
1118
+ # the full ARN and not just the ID.
1119
+ # @option options [String] :ssekms_encryption_context
1120
+ # Specifies the Amazon Web Services KMS Encryption Context to use for
1121
+ # object encryption. The value of this header is a base64-encoded UTF-8
1122
+ # string holding JSON with the encryption context key-value pairs.
1123
+ # @option options [Boolean] :bucket_key_enabled
1124
+ # Specifies whether Amazon S3 should use an S3 Bucket Key for object
1125
+ # encryption with server-side encryption using AWS KMS (SSE-KMS).
1126
+ # Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
1127
+ # for object encryption with SSE-KMS.
1128
+ #
1129
+ # Specifying this header with a PUT action doesn’t affect bucket-level
1130
+ # settings for S3 Bucket Key.
732
1131
  # @option options [String] :request_payer
733
- # Confirms that the requester knows that she or he will be charged for
734
- # the request. Bucket owners need not specify this parameter in their
735
- # requests. Documentation on downloading objects from requester pays
736
- # buckets can be found at
737
- # http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1132
+ # Confirms that the requester knows that they will be charged for the
1133
+ # request. Bucket owners need not specify this parameter in their
1134
+ # requests. For information about downloading objects from Requester
1135
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1136
+ # in the *Amazon S3 User Guide*.
1137
+ #
1138
+ #
1139
+ #
1140
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
738
1141
  # @option options [String] :tagging
739
1142
  # The tag-set for the object. The tag-set must be encoded as URL Query
740
1143
  # parameters. (For example, "Key1=Value1")
@@ -742,8 +1145,18 @@ module Aws::S3
742
1145
  # The Object Lock mode that you want to apply to this object.
743
1146
  # @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
744
1147
  # The date and time when you want this object's Object Lock to expire.
1148
+ # Must be formatted as a timestamp parameter.
745
1149
  # @option options [String] :object_lock_legal_hold_status
746
- # The Legal Hold status that you want to apply to the specified object.
1150
+ # Specifies whether a legal hold will be applied to this object. For
1151
+ # more information about S3 Object Lock, see [Object Lock][1].
1152
+ #
1153
+ #
1154
+ #
1155
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
1156
+ # @option options [String] :expected_bucket_owner
1157
+ # The account ID of the expected bucket owner. If the bucket is owned by
1158
+ # a different account, the request fails with the HTTP status code `403
1159
+ # Forbidden` (access denied).
747
1160
  # @return [Types::PutObjectOutput]
748
1161
  def put(options = {})
749
1162
  options = options.merge(
@@ -835,22 +1248,48 @@ module Aws::S3
835
1248
  # value: "MetadataValue",
836
1249
  # },
837
1250
  # ],
838
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER
1251
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
839
1252
  # },
840
1253
  # },
841
1254
  # },
842
1255
  # request_payer: "requester", # accepts requester
1256
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
1257
+ # expected_bucket_owner: "AccountId",
843
1258
  # })
844
1259
  # @param [Hash] options ({})
845
1260
  # @option options [String] :version_id
1261
+ # VersionId used to reference a specific version of the object.
846
1262
  # @option options [Types::RestoreRequest] :restore_request
847
1263
  # Container for restore job parameters.
848
1264
  # @option options [String] :request_payer
849
- # Confirms that the requester knows that she or he will be charged for
850
- # the request. Bucket owners need not specify this parameter in their
851
- # requests. Documentation on downloading objects from requester pays
852
- # buckets can be found at
853
- # http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1265
+ # Confirms that the requester knows that they will be charged for the
1266
+ # request. Bucket owners need not specify this parameter in their
1267
+ # requests. For information about downloading objects from Requester
1268
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1269
+ # in the *Amazon S3 User Guide*.
1270
+ #
1271
+ #
1272
+ #
1273
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1274
+ # @option options [String] :checksum_algorithm
1275
+ # Indicates the algorithm used to create the checksum for the object
1276
+ # when using the SDK. This header will not provide any additional
1277
+ # functionality if not using the SDK. When sending this header, there
1278
+ # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
1279
+ # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
1280
+ # `400 Bad Request`. For more information, see [Checking object
1281
+ # integrity][1] in the *Amazon S3 User Guide*.
1282
+ #
1283
+ # If you provide an individual checksum, Amazon S3 ignores any provided
1284
+ # `ChecksumAlgorithm` parameter.
1285
+ #
1286
+ #
1287
+ #
1288
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
1289
+ # @option options [String] :expected_bucket_owner
1290
+ # The account ID of the expected bucket owner. If the bucket is owned by
1291
+ # a different account, the request fails with the HTTP status code `403
1292
+ # Forbidden` (access denied).
854
1293
  # @return [Types::RestoreObjectOutput]
855
1294
  def restore_object(options = {})
856
1295
  options = options.merge(
@@ -947,8 +1386,8 @@ module Aws::S3
947
1386
 
948
1387
  def yield_waiter_and_warn(waiter, &block)
949
1388
  if !@waiter_block_warned
950
- msg = "pass options to configure the waiter; "
951
- msg << "yielding the waiter is deprecated"
1389
+ msg = "pass options to configure the waiter; "\
1390
+ "yielding the waiter is deprecated"
952
1391
  warn(msg)
953
1392
  @waiter_block_warned = true
954
1393
  end
@@ -956,7 +1395,9 @@ module Aws::S3
956
1395
  end
957
1396
 
958
1397
  def separate_params_and_options(options)
959
- opts = Set.new([:client, :max_attempts, :delay, :before_attempt, :before_wait])
1398
+ opts = Set.new(
1399
+ [:client, :max_attempts, :delay, :before_attempt, :before_wait]
1400
+ )
960
1401
  waiter_opts = {}
961
1402
  waiter_params = {}
962
1403
  options.each_pair do |key, value|
@@ -980,21 +1421,51 @@ module Aws::S3
980
1421
  # mfa: "MFA",
981
1422
  # request_payer: "requester", # accepts requester
982
1423
  # bypass_governance_retention: false,
1424
+ # expected_bucket_owner: "AccountId",
1425
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
983
1426
  # })
984
1427
  # @param options ({})
985
1428
  # @option options [String] :mfa
986
1429
  # The concatenation of the authentication device's serial number, a
987
1430
  # space, and the value that is displayed on your authentication device.
1431
+ # Required to permanently delete a versioned object if versioning is
1432
+ # configured with MFA delete enabled.
988
1433
  # @option options [String] :request_payer
989
- # Confirms that the requester knows that she or he will be charged for
990
- # the request. Bucket owners need not specify this parameter in their
991
- # requests. Documentation on downloading objects from requester pays
992
- # buckets can be found at
993
- # http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1434
+ # Confirms that the requester knows that they will be charged for the
1435
+ # request. Bucket owners need not specify this parameter in their
1436
+ # requests. For information about downloading objects from Requester
1437
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1438
+ # in the *Amazon S3 User Guide*.
1439
+ #
1440
+ #
1441
+ #
1442
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
994
1443
  # @option options [Boolean] :bypass_governance_retention
995
1444
  # Specifies whether you want to delete this object even if it has a
996
- # Governance-type Object Lock in place. You must have sufficient
997
- # permissions to perform this operation.
1445
+ # Governance-type Object Lock in place. To use this header, you must
1446
+ # have the `s3:BypassGovernanceRetention` permission.
1447
+ # @option options [String] :expected_bucket_owner
1448
+ # The account ID of the expected bucket owner. If the bucket is owned by
1449
+ # a different account, the request fails with the HTTP status code `403
1450
+ # Forbidden` (access denied).
1451
+ # @option options [String] :checksum_algorithm
1452
+ # Indicates the algorithm used to create the checksum for the object
1453
+ # when using the SDK. This header will not provide any additional
1454
+ # functionality if not using the SDK. When sending this header, there
1455
+ # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
1456
+ # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
1457
+ # `400 Bad Request`. For more information, see [Checking object
1458
+ # integrity][1] in the *Amazon S3 User Guide*.
1459
+ #
1460
+ # If you provide an individual checksum, Amazon S3 ignores any provided
1461
+ # `ChecksumAlgorithm` parameter.
1462
+ #
1463
+ # This checksum algorithm must be the same for all parts and it match
1464
+ # the checksum value supplied in the `CreateMultipartUpload` request.
1465
+ #
1466
+ #
1467
+ #
1468
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
998
1469
  # @return [void]
999
1470
  def batch_delete!(options = {})
1000
1471
  batch_enum.each do |batch|