aws-sdk-s3 1.75.0 → 1.83.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. checksums.yaml +4 -4
  2. data/lib/aws-sdk-s3.rb +3 -2
  3. data/lib/aws-sdk-s3/arn/access_point_arn.rb +62 -0
  4. data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +71 -0
  5. data/lib/aws-sdk-s3/bucket.rb +56 -7
  6. data/lib/aws-sdk-s3/bucket_acl.rb +5 -0
  7. data/lib/aws-sdk-s3/bucket_cors.rb +12 -1
  8. data/lib/aws-sdk-s3/bucket_lifecycle.rb +12 -1
  9. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +12 -1
  10. data/lib/aws-sdk-s3/bucket_logging.rb +5 -0
  11. data/lib/aws-sdk-s3/bucket_notification.rb +5 -0
  12. data/lib/aws-sdk-s3/bucket_policy.rb +12 -1
  13. data/lib/aws-sdk-s3/bucket_request_payment.rb +5 -0
  14. data/lib/aws-sdk-s3/bucket_tagging.rb +12 -1
  15. data/lib/aws-sdk-s3/bucket_versioning.rb +15 -0
  16. data/lib/aws-sdk-s3/bucket_website.rb +12 -1
  17. data/lib/aws-sdk-s3/client.rb +2127 -678
  18. data/lib/aws-sdk-s3/client_api.rb +148 -0
  19. data/lib/aws-sdk-s3/customizations/bucket.rb +7 -4
  20. data/lib/aws-sdk-s3/customizations/object.rb +4 -3
  21. data/lib/aws-sdk-s3/encryption.rb +2 -0
  22. data/lib/aws-sdk-s3/encryption/client.rb +11 -0
  23. data/lib/aws-sdk-s3/encryption/decrypt_handler.rb +64 -29
  24. data/lib/aws-sdk-s3/encryption/default_cipher_provider.rb +41 -5
  25. data/lib/aws-sdk-s3/encryption/encrypt_handler.rb +5 -5
  26. data/lib/aws-sdk-s3/encryption/io_decrypter.rb +7 -6
  27. data/lib/aws-sdk-s3/encryption/kms_cipher_provider.rb +32 -3
  28. data/lib/aws-sdk-s3/encryption/utils.rb +23 -0
  29. data/lib/aws-sdk-s3/encryptionV2/client.rb +201 -23
  30. data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +40 -12
  31. data/lib/aws-sdk-s3/encryptionV2/default_cipher_provider.rb +77 -10
  32. data/lib/aws-sdk-s3/encryptionV2/default_key_provider.rb +2 -0
  33. data/lib/aws-sdk-s3/encryptionV2/encrypt_handler.rb +7 -4
  34. data/lib/aws-sdk-s3/encryptionV2/errors.rb +24 -0
  35. data/lib/aws-sdk-s3/encryptionV2/io_auth_decrypter.rb +2 -0
  36. data/lib/aws-sdk-s3/encryptionV2/io_decrypter.rb +2 -0
  37. data/lib/aws-sdk-s3/encryptionV2/io_encrypter.rb +2 -0
  38. data/lib/aws-sdk-s3/encryptionV2/key_provider.rb +2 -0
  39. data/lib/aws-sdk-s3/encryptionV2/kms_cipher_provider.rb +90 -20
  40. data/lib/aws-sdk-s3/encryptionV2/materials.rb +2 -0
  41. data/lib/aws-sdk-s3/encryptionV2/utils.rb +2 -15
  42. data/lib/aws-sdk-s3/encryption_v2.rb +4 -1
  43. data/lib/aws-sdk-s3/file_uploader.rb +1 -1
  44. data/lib/aws-sdk-s3/multipart_upload.rb +15 -0
  45. data/lib/aws-sdk-s3/multipart_upload_part.rb +64 -7
  46. data/lib/aws-sdk-s3/object.rb +158 -19
  47. data/lib/aws-sdk-s3/object_acl.rb +13 -0
  48. data/lib/aws-sdk-s3/object_summary.rb +171 -17
  49. data/lib/aws-sdk-s3/object_version.rb +27 -3
  50. data/lib/aws-sdk-s3/plugins/arn.rb +187 -0
  51. data/lib/aws-sdk-s3/plugins/bucket_dns.rb +0 -2
  52. data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +1 -1
  53. data/lib/aws-sdk-s3/plugins/s3_signer.rb +29 -7
  54. data/lib/aws-sdk-s3/presigned_post.rb +1 -0
  55. data/lib/aws-sdk-s3/presigner.rb +3 -2
  56. data/lib/aws-sdk-s3/resource.rb +1 -1
  57. data/lib/aws-sdk-s3/types.rb +1616 -222
  58. metadata +7 -5
  59. data/lib/aws-sdk-s3/plugins/bucket_arn.rb +0 -212
@@ -22,7 +22,7 @@ module Aws
22
22
  # @return [Client]
23
23
  attr_reader :client
24
24
 
25
- # @return [Integer] Files larger than this in bytes are uploaded
25
+ # @return [Integer] Files larger than or equal to this in bytes are uploaded
26
26
  # using a {MultipartFileUploader}.
27
27
  attr_reader :multipart_threshold
28
28
 
@@ -220,6 +220,7 @@ module Aws::S3
220
220
  #
221
221
  # multipart_upload.abort({
222
222
  # request_payer: "requester", # accepts requester
223
+ # expected_bucket_owner: "AccountId",
223
224
  # })
224
225
  # @param [Hash] options ({})
225
226
  # @option options [String] :request_payer
@@ -232,6 +233,10 @@ module Aws::S3
232
233
  #
233
234
  #
234
235
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
236
+ # @option options [String] :expected_bucket_owner
237
+ # The account id of the expected bucket owner. If the bucket is owned by
238
+ # a different account, the request will fail with an HTTP `403 (Access
239
+ # Denied)` error.
235
240
  # @return [Types::AbortMultipartUploadOutput]
236
241
  def abort(options = {})
237
242
  options = options.merge(
@@ -255,6 +260,7 @@ module Aws::S3
255
260
  # ],
256
261
  # },
257
262
  # request_payer: "requester", # accepts requester
263
+ # expected_bucket_owner: "AccountId",
258
264
  # })
259
265
  # @param [Hash] options ({})
260
266
  # @option options [Types::CompletedMultipartUpload] :multipart_upload
@@ -269,6 +275,10 @@ module Aws::S3
269
275
  #
270
276
  #
271
277
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
278
+ # @option options [String] :expected_bucket_owner
279
+ # The account id of the expected bucket owner. If the bucket is owned by
280
+ # a different account, the request will fail with an HTTP `403 (Access
281
+ # Denied)` error.
272
282
  # @return [Object]
273
283
  def complete(options = {})
274
284
  options = options.merge(
@@ -311,6 +321,7 @@ module Aws::S3
311
321
  #
312
322
  # parts = multipart_upload.parts({
313
323
  # request_payer: "requester", # accepts requester
324
+ # expected_bucket_owner: "AccountId",
314
325
  # })
315
326
  # @param [Hash] options ({})
316
327
  # @option options [String] :request_payer
@@ -323,6 +334,10 @@ module Aws::S3
323
334
  #
324
335
  #
325
336
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
337
+ # @option options [String] :expected_bucket_owner
338
+ # The account id of the expected bucket owner. If the bucket is owned by
339
+ # a different account, the request will fail with an HTTP `403 (Access
340
+ # Denied)` error.
326
341
  # @return [MultipartUploadPart::Collection]
327
342
  def parts(options = {})
328
343
  batches = Enumerator.new do |y|
@@ -221,11 +221,55 @@ module Aws::S3
221
221
  # copy_source_sse_customer_key: "CopySourceSSECustomerKey",
222
222
  # copy_source_sse_customer_key_md5: "CopySourceSSECustomerKeyMD5",
223
223
  # request_payer: "requester", # accepts requester
224
+ # expected_bucket_owner: "AccountId",
225
+ # expected_source_bucket_owner: "AccountId",
224
226
  # })
225
227
  # @param [Hash] options ({})
226
228
  # @option options [required, String] :copy_source
227
- # The name of the source bucket and key name of the source object,
228
- # separated by a slash (/). Must be URL-encoded.
229
+ # Specifies the source object for the copy operation. You specify the
230
+ # value in one of two formats, depending on whether you want to access
231
+ # the source object through an [access point][1]\:
232
+ #
233
+ # * For objects not accessed through an access point, specify the name
234
+ # of the source bucket and key of the source object, separated by a
235
+ # slash (/). For example, to copy the object `reports/january.pdf`
236
+ # from the bucket `awsexamplebucket`, use
237
+ # `awsexamplebucket/reports/january.pdf`. The value must be URL
238
+ # encoded.
239
+ #
240
+ # * For objects accessed through access points, specify the Amazon
241
+ # Resource Name (ARN) of the object as accessed through the access
242
+ # point, in the format
243
+ # `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`.
244
+ # For example, to copy the object `reports/january.pdf` through access
245
+ # point `my-access-point` owned by account `123456789012` in Region
246
+ # `us-west-2`, use the URL encoding of
247
+ # `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
248
+ # The value must be URL encoded.
249
+ #
250
+ # <note markdown="1"> Amazon S3 supports copy operations using access points only when the
251
+ # source and destination buckets are in the same AWS Region.
252
+ #
253
+ # </note>
254
+ #
255
+ # Alternatively, for objects accessed through Amazon S3 on Outposts,
256
+ # specify the ARN of the object as accessed in the format
257
+ # `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/object/<key>`.
258
+ # For example, to copy the object `reports/january.pdf` through
259
+ # outpost `my-outpost` owned by account `123456789012` in Region
260
+ # `us-west-2`, use the URL encoding of
261
+ # `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`.
262
+ # The value must be URL encoded.
263
+ #
264
+ # To copy a specific version of an object, append
265
+ # `?versionId=<version-id>` to the value (for example,
266
+ # `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
267
+ # If you don't specify a version ID, Amazon S3 copies the latest
268
+ # version of the source object.
269
+ #
270
+ #
271
+ #
272
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html
229
273
  # @option options [String] :copy_source_if_match
230
274
  # Copies the object if its entity tag (ETag) matches the specified tag.
231
275
  # @option options [Time,DateTime,Date,Integer,String] :copy_source_if_modified_since
@@ -250,8 +294,8 @@ module Aws::S3
250
294
  # encrypting data. This value is used to store the object and then it is
251
295
  # discarded; Amazon S3 does not store the encryption key. The key must
252
296
  # be appropriate for use with the algorithm specified in the
253
- # `x-amz-server-side​-encryption​-customer-algorithm` header. This must
254
- # be the same encryption key specified in the initiate multipart upload
297
+ # `x-amz-server-side-encryption-customer-algorithm` header. This must be
298
+ # the same encryption key specified in the initiate multipart upload
255
299
  # request.
256
300
  # @option options [String] :sse_customer_key_md5
257
301
  # Specifies the 128-bit MD5 digest of the encryption key according to
@@ -278,6 +322,14 @@ module Aws::S3
278
322
  #
279
323
  #
280
324
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
325
+ # @option options [String] :expected_bucket_owner
326
+ # The account id of the expected destination bucket owner. If the
327
+ # destination bucket is owned by a different account, the request will
328
+ # fail with an HTTP `403 (Access Denied)` error.
329
+ # @option options [String] :expected_source_bucket_owner
330
+ # The account id of the expected source bucket owner. If the source
331
+ # bucket is owned by a different account, the request will fail with an
332
+ # HTTP `403 (Access Denied)` error.
281
333
  # @return [Types::UploadPartCopyOutput]
282
334
  def copy_from(options = {})
283
335
  options = options.merge(
@@ -300,9 +352,10 @@ module Aws::S3
300
352
  # sse_customer_key: "SSECustomerKey",
301
353
  # sse_customer_key_md5: "SSECustomerKeyMD5",
302
354
  # request_payer: "requester", # accepts requester
355
+ # expected_bucket_owner: "AccountId",
303
356
  # })
304
357
  # @param [Hash] options ({})
305
- # @option options [String, IO] :body
358
+ # @option options [String, StringIO, File] :body
306
359
  # Object data.
307
360
  # @option options [Integer] :content_length
308
361
  # Size of the body in bytes. This parameter is useful when the size of
@@ -319,8 +372,8 @@ module Aws::S3
319
372
  # encrypting data. This value is used to store the object and then it is
320
373
  # discarded; Amazon S3 does not store the encryption key. The key must
321
374
  # be appropriate for use with the algorithm specified in the
322
- # `x-amz-server-side​-encryption​-customer-algorithm header`. This must
323
- # be the same encryption key specified in the initiate multipart upload
375
+ # `x-amz-server-side-encryption-customer-algorithm header`. This must be
376
+ # the same encryption key specified in the initiate multipart upload
324
377
  # request.
325
378
  # @option options [String] :sse_customer_key_md5
326
379
  # Specifies the 128-bit MD5 digest of the encryption key according to
@@ -336,6 +389,10 @@ module Aws::S3
336
389
  #
337
390
  #
338
391
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
392
+ # @option options [String] :expected_bucket_owner
393
+ # The account id of the expected bucket owner. If the bucket is owned by
394
+ # a different account, the request will fail with an HTTP `403 (Access
395
+ # Denied)` error.
339
396
  # @return [Types::UploadPartOutput]
340
397
  def upload(options = {})
341
398
  options = options.merge(
@@ -67,8 +67,8 @@ module Aws::S3
67
67
 
68
68
  # If the object is an archived object (an object whose storage class is
69
69
  # GLACIER), the response includes this header if either the archive
70
- # restoration is in progress (see RestoreObject or an archive copy is
71
- # already restored.
70
+ # restoration is in progress (see [RestoreObject][1] or an archive copy
71
+ # is already restored.
72
72
  #
73
73
  # If an archive copy is already restored, the header value indicates
74
74
  # when Amazon S3 is scheduled to delete the object copy. For example:
@@ -80,11 +80,12 @@ module Aws::S3
80
80
  # `ongoing-request="true"`.
81
81
  #
82
82
  # For more information about archiving objects, see [Transitioning
83
- # Objects: General Considerations][1].
83
+ # Objects: General Considerations][2].
84
84
  #
85
85
  #
86
86
  #
87
- # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations
87
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html
88
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations
88
89
  # @return [String]
89
90
  def restore
90
91
  data[:restore]
@@ -529,7 +530,7 @@ module Aws::S3
529
530
  # metadata_directive: "COPY", # accepts COPY, REPLACE
530
531
  # tagging_directive: "COPY", # accepts COPY, REPLACE
531
532
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
532
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
533
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
533
534
  # website_redirect_location: "WebsiteRedirectLocation",
534
535
  # sse_customer_algorithm: "SSECustomerAlgorithm",
535
536
  # sse_customer_key: "SSECustomerKey",
@@ -544,10 +545,14 @@ module Aws::S3
544
545
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
545
546
  # object_lock_retain_until_date: Time.now,
546
547
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
548
+ # expected_bucket_owner: "AccountId",
549
+ # expected_source_bucket_owner: "AccountId",
547
550
  # })
548
551
  # @param [Hash] options ({})
549
552
  # @option options [String] :acl
550
553
  # The canned ACL to apply to the object.
554
+ #
555
+ # This action is not supported by Amazon S3 on Outposts.
551
556
  # @option options [String] :cache_control
552
557
  # Specifies caching behavior along the request/reply chain.
553
558
  # @option options [String] :content_disposition
@@ -561,8 +566,50 @@ module Aws::S3
561
566
  # @option options [String] :content_type
562
567
  # A standard MIME type describing the format of the object data.
563
568
  # @option options [required, String] :copy_source
564
- # The name of the source bucket and key name of the source object,
565
- # separated by a slash (/). Must be URL-encoded.
569
+ # Specifies the source object for the copy operation. You specify the
570
+ # value in one of two formats, depending on whether you want to access
571
+ # the source object through an [access point][1]\:
572
+ #
573
+ # * For objects not accessed through an access point, specify the name
574
+ # of the source bucket and the key of the source object, separated by
575
+ # a slash (/). For example, to copy the object `reports/january.pdf`
576
+ # from the bucket `awsexamplebucket`, use
577
+ # `awsexamplebucket/reports/january.pdf`. The value must be URL
578
+ # encoded.
579
+ #
580
+ # * For objects accessed through access points, specify the Amazon
581
+ # Resource Name (ARN) of the object as accessed through the access
582
+ # point, in the format
583
+ # `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`.
584
+ # For example, to copy the object `reports/january.pdf` through access
585
+ # point `my-access-point` owned by account `123456789012` in Region
586
+ # `us-west-2`, use the URL encoding of
587
+ # `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
588
+ # The value must be URL encoded.
589
+ #
590
+ # <note markdown="1"> Amazon S3 supports copy operations using access points only when the
591
+ # source and destination buckets are in the same AWS Region.
592
+ #
593
+ # </note>
594
+ #
595
+ # Alternatively, for objects accessed through Amazon S3 on Outposts,
596
+ # specify the ARN of the object as accessed in the format
597
+ # `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/object/<key>`.
598
+ # For example, to copy the object `reports/january.pdf` through
599
+ # outpost `my-outpost` owned by account `123456789012` in Region
600
+ # `us-west-2`, use the URL encoding of
601
+ # `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`.
602
+ # The value must be URL encoded.
603
+ #
604
+ # To copy a specific version of an object, append
605
+ # `?versionId=<version-id>` to the value (for example,
606
+ # `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
607
+ # If you don't specify a version ID, Amazon S3 copies the latest
608
+ # version of the source object.
609
+ #
610
+ #
611
+ #
612
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html
566
613
  # @option options [String] :copy_source_if_match
567
614
  # Copies the object if its entity tag (ETag) matches the specified tag.
568
615
  # @option options [Time,DateTime,Date,Integer,String] :copy_source_if_modified_since
@@ -578,12 +625,20 @@ module Aws::S3
578
625
  # @option options [String] :grant_full_control
579
626
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
580
627
  # object.
628
+ #
629
+ # This action is not supported by Amazon S3 on Outposts.
581
630
  # @option options [String] :grant_read
582
631
  # Allows grantee to read the object data and its metadata.
632
+ #
633
+ # This action is not supported by Amazon S3 on Outposts.
583
634
  # @option options [String] :grant_read_acp
584
635
  # Allows grantee to read the object ACL.
636
+ #
637
+ # This action is not supported by Amazon S3 on Outposts.
585
638
  # @option options [String] :grant_write_acp
586
639
  # Allows grantee to write the ACL for the applicable object.
640
+ #
641
+ # This action is not supported by Amazon S3 on Outposts.
587
642
  # @option options [Hash<String,String>] :metadata
588
643
  # A map of metadata to store with the object in S3.
589
644
  # @option options [String] :metadata_directive
@@ -596,7 +651,16 @@ module Aws::S3
596
651
  # The server-side encryption algorithm used when storing this object in
597
652
  # Amazon S3 (for example, AES256, aws:kms).
598
653
  # @option options [String] :storage_class
599
- # The type of storage to use for the object. Defaults to 'STANDARD'.
654
+ # By default, Amazon S3 uses the STANDARD Storage Class to store newly
655
+ # created objects. The STANDARD storage class provides high durability
656
+ # and high availability. Depending on performance needs, you can specify
657
+ # a different Storage Class. Amazon S3 on Outposts only uses the
658
+ # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
659
+ # in the *Amazon S3 Service Developer Guide*.
660
+ #
661
+ #
662
+ #
663
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
600
664
  # @option options [String] :website_redirect_location
601
665
  # If the bucket is configured as a website, redirects requests for this
602
666
  # object to another object in the same bucket or to an external URL.
@@ -609,7 +673,7 @@ module Aws::S3
609
673
  # encrypting data. This value is used to store the object and then it is
610
674
  # discarded; Amazon S3 does not store the encryption key. The key must
611
675
  # be appropriate for use with the algorithm specified in the
612
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
676
+ # `x-amz-server-side-encryption-customer-algorithm` header.
613
677
  # @option options [String] :sse_customer_key_md5
614
678
  # Specifies the 128-bit MD5 digest of the encryption key according to
615
679
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -661,6 +725,14 @@ module Aws::S3
661
725
  # expire.
662
726
  # @option options [String] :object_lock_legal_hold_status
663
727
  # Specifies whether you want to apply a Legal Hold to the copied object.
728
+ # @option options [String] :expected_bucket_owner
729
+ # The account id of the expected destination bucket owner. If the
730
+ # destination bucket is owned by a different account, the request will
731
+ # fail with an HTTP `403 (Access Denied)` error.
732
+ # @option options [String] :expected_source_bucket_owner
733
+ # The account id of the expected source bucket owner. If the source
734
+ # bucket is owned by a different account, the request will fail with an
735
+ # HTTP `403 (Access Denied)` error.
664
736
  # @return [Types::CopyObjectOutput]
665
737
  def copy_from(options = {})
666
738
  options = options.merge(
@@ -678,6 +750,7 @@ module Aws::S3
678
750
  # version_id: "ObjectVersionId",
679
751
  # request_payer: "requester", # accepts requester
680
752
  # bypass_governance_retention: false,
753
+ # expected_bucket_owner: "AccountId",
681
754
  # })
682
755
  # @param [Hash] options ({})
683
756
  # @option options [String] :mfa
@@ -700,6 +773,10 @@ module Aws::S3
700
773
  # @option options [Boolean] :bypass_governance_retention
701
774
  # Indicates whether S3 Object Lock should bypass Governance-mode
702
775
  # restrictions to process this operation.
776
+ # @option options [String] :expected_bucket_owner
777
+ # The account id of the expected bucket owner. If the bucket is owned by
778
+ # a different account, the request will fail with an HTTP `403 (Access
779
+ # Denied)` error.
703
780
  # @return [Types::DeleteObjectOutput]
704
781
  def delete(options = {})
705
782
  options = options.merge(
@@ -730,6 +807,7 @@ module Aws::S3
730
807
  # sse_customer_key_md5: "SSECustomerKeyMD5",
731
808
  # request_payer: "requester", # accepts requester
732
809
  # part_number: 1,
810
+ # expected_bucket_owner: "AccountId",
733
811
  # })
734
812
  # @param [Hash] options ({})
735
813
  # @option options [String] :if_match
@@ -779,7 +857,7 @@ module Aws::S3
779
857
  # encrypting data. This value is used to store the object and then it is
780
858
  # discarded; Amazon S3 does not store the encryption key. The key must
781
859
  # be appropriate for use with the algorithm specified in the
782
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
860
+ # `x-amz-server-side-encryption-customer-algorithm` header.
783
861
  # @option options [String] :sse_customer_key_md5
784
862
  # Specifies the 128-bit MD5 digest of the encryption key according to
785
863
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -799,6 +877,10 @@ module Aws::S3
799
877
  # between 1 and 10,000. Effectively performs a 'ranged' GET request
800
878
  # for the part specified. Useful for downloading just a part of an
801
879
  # object.
880
+ # @option options [String] :expected_bucket_owner
881
+ # The account id of the expected bucket owner. If the bucket is owned by
882
+ # a different account, the request will fail with an HTTP `403 (Access
883
+ # Denied)` error.
802
884
  # @return [Types::GetObjectOutput]
803
885
  def get(options = {}, &block)
804
886
  options = options.merge(
@@ -827,7 +909,7 @@ module Aws::S3
827
909
  # "MetadataKey" => "MetadataValue",
828
910
  # },
829
911
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
830
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
912
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
831
913
  # website_redirect_location: "WebsiteRedirectLocation",
832
914
  # sse_customer_algorithm: "SSECustomerAlgorithm",
833
915
  # sse_customer_key: "SSECustomerKey",
@@ -839,10 +921,13 @@ module Aws::S3
839
921
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
840
922
  # object_lock_retain_until_date: Time.now,
841
923
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
924
+ # expected_bucket_owner: "AccountId",
842
925
  # })
843
926
  # @param [Hash] options ({})
844
927
  # @option options [String] :acl
845
928
  # The canned ACL to apply to the object.
929
+ #
930
+ # This action is not supported by Amazon S3 on Outposts.
846
931
  # @option options [String] :cache_control
847
932
  # Specifies caching behavior along the request/reply chain.
848
933
  # @option options [String] :content_disposition
@@ -860,19 +945,36 @@ module Aws::S3
860
945
  # @option options [String] :grant_full_control
861
946
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
862
947
  # object.
948
+ #
949
+ # This action is not supported by Amazon S3 on Outposts.
863
950
  # @option options [String] :grant_read
864
951
  # Allows grantee to read the object data and its metadata.
952
+ #
953
+ # This action is not supported by Amazon S3 on Outposts.
865
954
  # @option options [String] :grant_read_acp
866
955
  # Allows grantee to read the object ACL.
956
+ #
957
+ # This action is not supported by Amazon S3 on Outposts.
867
958
  # @option options [String] :grant_write_acp
868
959
  # Allows grantee to write the ACL for the applicable object.
960
+ #
961
+ # This action is not supported by Amazon S3 on Outposts.
869
962
  # @option options [Hash<String,String>] :metadata
870
963
  # A map of metadata to store with the object in S3.
871
964
  # @option options [String] :server_side_encryption
872
965
  # The server-side encryption algorithm used when storing this object in
873
966
  # Amazon S3 (for example, AES256, aws:kms).
874
967
  # @option options [String] :storage_class
875
- # The type of storage to use for the object. Defaults to 'STANDARD'.
968
+ # By default, Amazon S3 uses the STANDARD Storage Class to store newly
969
+ # created objects. The STANDARD storage class provides high durability
970
+ # and high availability. Depending on performance needs, you can specify
971
+ # a different Storage Class. Amazon S3 on Outposts only uses the
972
+ # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
973
+ # in the *Amazon S3 Service Developer Guide*.
974
+ #
975
+ #
976
+ #
977
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
876
978
  # @option options [String] :website_redirect_location
877
979
  # If the bucket is configured as a website, redirects requests for this
878
980
  # object to another object in the same bucket or to an external URL.
@@ -885,7 +987,7 @@ module Aws::S3
885
987
  # encrypting data. This value is used to store the object and then it is
886
988
  # discarded; Amazon S3 does not store the encryption key. The key must
887
989
  # be appropriate for use with the algorithm specified in the
888
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
990
+ # `x-amz-server-side-encryption-customer-algorithm` header.
889
991
  # @option options [String] :sse_customer_key_md5
890
992
  # Specifies the 128-bit MD5 digest of the encryption key according to
891
993
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -926,6 +1028,10 @@ module Aws::S3
926
1028
  # @option options [String] :object_lock_legal_hold_status
927
1029
  # Specifies whether you want to apply a Legal Hold to the uploaded
928
1030
  # object.
1031
+ # @option options [String] :expected_bucket_owner
1032
+ # The account id of the expected bucket owner. If the bucket is owned by
1033
+ # a different account, the request will fail with an HTTP `403 (Access
1034
+ # Denied)` error.
929
1035
  # @return [MultipartUpload]
930
1036
  def initiate_multipart_upload(options = {})
931
1037
  options = options.merge(
@@ -962,7 +1068,7 @@ module Aws::S3
962
1068
  # "MetadataKey" => "MetadataValue",
963
1069
  # },
964
1070
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
965
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
1071
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
966
1072
  # website_redirect_location: "WebsiteRedirectLocation",
967
1073
  # sse_customer_algorithm: "SSECustomerAlgorithm",
968
1074
  # sse_customer_key: "SSECustomerKey",
@@ -974,16 +1080,19 @@ module Aws::S3
974
1080
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
975
1081
  # object_lock_retain_until_date: Time.now,
976
1082
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
1083
+ # expected_bucket_owner: "AccountId",
977
1084
  # })
978
1085
  # @param [Hash] options ({})
979
1086
  # @option options [String] :acl
980
1087
  # The canned ACL to apply to the object. For more information, see
981
1088
  # [Canned ACL][1].
982
1089
  #
1090
+ # This action is not supported by Amazon S3 on Outposts.
1091
+ #
983
1092
  #
984
1093
  #
985
1094
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
986
- # @option options [String, IO] :body
1095
+ # @option options [String, StringIO, File] :body
987
1096
  # Object data.
988
1097
  # @option options [String] :cache_control
989
1098
  # Can be used to specify caching behavior along the request/reply chain.
@@ -1051,20 +1160,36 @@ module Aws::S3
1051
1160
  # @option options [String] :grant_full_control
1052
1161
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
1053
1162
  # object.
1163
+ #
1164
+ # This action is not supported by Amazon S3 on Outposts.
1054
1165
  # @option options [String] :grant_read
1055
1166
  # Allows grantee to read the object data and its metadata.
1167
+ #
1168
+ # This action is not supported by Amazon S3 on Outposts.
1056
1169
  # @option options [String] :grant_read_acp
1057
1170
  # Allows grantee to read the object ACL.
1171
+ #
1172
+ # This action is not supported by Amazon S3 on Outposts.
1058
1173
  # @option options [String] :grant_write_acp
1059
1174
  # Allows grantee to write the ACL for the applicable object.
1175
+ #
1176
+ # This action is not supported by Amazon S3 on Outposts.
1060
1177
  # @option options [Hash<String,String>] :metadata
1061
1178
  # A map of metadata to store with the object in S3.
1062
1179
  # @option options [String] :server_side_encryption
1063
1180
  # The server-side encryption algorithm used when storing this object in
1064
1181
  # Amazon S3 (for example, AES256, aws:kms).
1065
1182
  # @option options [String] :storage_class
1066
- # If you don't specify, S3 Standard is the default storage class.
1067
- # Amazon S3 supports other storage classes.
1183
+ # By default, Amazon S3 uses the STANDARD Storage Class to store newly
1184
+ # created objects. The STANDARD storage class provides high durability
1185
+ # and high availability. Depending on performance needs, you can specify
1186
+ # a different Storage Class. Amazon S3 on Outposts only uses the
1187
+ # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
1188
+ # in the *Amazon S3 Service Developer Guide*.
1189
+ #
1190
+ #
1191
+ #
1192
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
1068
1193
  # @option options [String] :website_redirect_location
1069
1194
  # If the bucket is configured as a website, redirects requests for this
1070
1195
  # object to another object in the same bucket or to an external URL.
@@ -1098,7 +1223,7 @@ module Aws::S3
1098
1223
  # encrypting data. This value is used to store the object and then it is
1099
1224
  # discarded; Amazon S3 does not store the encryption key. The key must
1100
1225
  # be appropriate for use with the algorithm specified in the
1101
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
1226
+ # `x-amz-server-side-encryption-customer-algorithm` header.
1102
1227
  # @option options [String] :sse_customer_key_md5
1103
1228
  # Specifies the 128-bit MD5 digest of the encryption key according to
1104
1229
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -1143,6 +1268,10 @@ module Aws::S3
1143
1268
  #
1144
1269
  #
1145
1270
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
1271
+ # @option options [String] :expected_bucket_owner
1272
+ # The account id of the expected bucket owner. If the bucket is owned by
1273
+ # a different account, the request will fail with an HTTP `403 (Access
1274
+ # Denied)` error.
1146
1275
  # @return [Types::PutObjectOutput]
1147
1276
  def put(options = {})
1148
1277
  options = options.merge(
@@ -1234,11 +1363,12 @@ module Aws::S3
1234
1363
  # value: "MetadataValue",
1235
1364
  # },
1236
1365
  # ],
1237
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
1366
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
1238
1367
  # },
1239
1368
  # },
1240
1369
  # },
1241
1370
  # request_payer: "requester", # accepts requester
1371
+ # expected_bucket_owner: "AccountId",
1242
1372
  # })
1243
1373
  # @param [Hash] options ({})
1244
1374
  # @option options [String] :version_id
@@ -1255,6 +1385,10 @@ module Aws::S3
1255
1385
  #
1256
1386
  #
1257
1387
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1388
+ # @option options [String] :expected_bucket_owner
1389
+ # The account id of the expected bucket owner. If the bucket is owned by
1390
+ # a different account, the request will fail with an HTTP `403 (Access
1391
+ # Denied)` error.
1258
1392
  # @return [Types::RestoreObjectOutput]
1259
1393
  def restore_object(options = {})
1260
1394
  options = options.merge(
@@ -1377,6 +1511,7 @@ module Aws::S3
1377
1511
  # mfa: "MFA",
1378
1512
  # request_payer: "requester", # accepts requester
1379
1513
  # bypass_governance_retention: false,
1514
+ # expected_bucket_owner: "AccountId",
1380
1515
  # })
1381
1516
  # @param options ({})
1382
1517
  # @option options [String] :mfa
@@ -1398,6 +1533,10 @@ module Aws::S3
1398
1533
  # Specifies whether you want to delete this object even if it has a
1399
1534
  # Governance-type Object Lock in place. You must have sufficient
1400
1535
  # permissions to perform this operation.
1536
+ # @option options [String] :expected_bucket_owner
1537
+ # The account id of the expected bucket owner. If the bucket is owned by
1538
+ # a different account, the request will fail with an HTTP `403 (Access
1539
+ # Denied)` error.
1401
1540
  # @return [void]
1402
1541
  def batch_delete!(options = {})
1403
1542
  batch_enum.each do |batch|