aws-sdk-s3 1.78.0 → 1.87.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 12869c75a61c6e62eb981846c9cac525962300fae8ca08cf87d5c6fde2824f5f
-  data.tar.gz: 6a29b43d4e3453c63ed50e7a18c06af16064e3db761dd2f784923bd20abba0c4
+  metadata.gz: 11cd48be59fc8922aabfe4d29d601706183fc5d5ce0b1fb201ae2f59c6f281ab
+  data.tar.gz: 546d8a92a9a561d94d205908d52c005edb5a49d336751ee7954936f9449d7138
 SHA512:
-  metadata.gz: b331ecb2c04da30961f53906e6811ba52f6b2f5a74f1c32153a03d7c1900392a61c6a7af8b33daa296e1cc7632514a86b99ec6af6d4b1851b9379c9a3894221b
-  data.tar.gz: 61ef696b6a90673f1a89f3ac5d31ccc1e8f2350e8d492b67974a3861f9cfcfc1d509d81608d96d8ee68312e5462eb64f644b415fb5fd6f79d0587b272803b136
+  metadata.gz: 16a5af91aba1ce6e9b4f3d121cbc427e1534a2fb80edb553a7e5e62e5a937877174581ad169c4abd46dd3d32dfdf765d9161f7bc4c907b5f0cf158d44dbd81e3
+  data.tar.gz: 995720b6753b4add059e235f37dea7fe49dbe19038e495260023aa380bfe2544cdb9873dafab1a2c685d9eae3f1eeeacb290480ac149d6624f475ba584519c57

data/lib/aws-sdk-s3.rb

@@ -7,6 +7,7 @@
 #
 # WARNING ABOUT GENERATED CODE
 
+
 require 'aws-sdk-kms'
 require 'aws-sigv4'
 require 'aws-sdk-core'
@@ -65,9 +66,9 @@ require_relative 'aws-sdk-s3/event_streams'
 #
 # See {Errors} for more information.
 #
-# @service
+# @!group service
 module Aws::S3
 
-  GEM_VERSION = '1.78.0'
+  GEM_VERSION = '1.87.0'
 
 end

data/lib/aws-sdk-s3/arn/access_point_arn.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module Aws
+  module S3
+    # @api private
+    class AccessPointARN < Aws::ARN
+      def initialize(options)
+        super(options)
+        @type, @access_point_name, @extra = @resource.split(/[:,\/]/)
+      end
+
+      attr_reader :access_point_name
+
+      def support_dualstack?
+        true
+      end
+
+      def support_fips?
+        true
+      end
+
+      def validate_arn!
+        unless @service == 's3'
+          raise ArgumentError, 'Must provide a valid S3 accesspoint ARN.'
+        end
+
+        if @region.empty? || @account_id.empty?
+          raise ArgumentError,
+                'S3 accesspoint ARNs must contain both a region '\
+                'and an account id.'
+        end
+
+        if @type != 'accesspoint'
+          raise ArgumentError, 'Invalid ARN, resource format is not correct'
+        end
+
+        if @access_point_name.nil? || @access_point_name.empty?
+          raise ArgumentError, 'Missing ARN accesspoint name.'
+        end
+
+        if @extra
+          raise ArgumentError,
+                'ARN accesspoint resource must be a single value.'
+        end
+
+        unless Seahorse::Util.host_label?(
+          "#{@access_point_name}-#{@account_id}"
+        )
+          raise ArgumentError,
+                "#{@access_point_name}-#{@account_id} is not a valid "\
+                'host label.'
+        end
+      end
+
+      def host_url(region, dualstack = false)
+        sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(region)
+        "#{@access_point_name}-#{@account_id}"\
+        ".s3-accesspoint#{'.dualstack' if dualstack}.#{region}.#{sfx}"
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module Aws
+  module S3
+    # @api private
+    class OutpostAccessPointARN < Aws::ARN
+      def initialize(options)
+        super(options)
+        @type, @outpost_id, @subtype, @access_point_name, @extra =
+          @resource.split(/[:,\/]/)
+      end
+
+      attr_reader :outpost_id, :access_point_name
+
+      def support_dualstack?
+        false
+      end
+
+      def support_fips?
+        false
+      end
+
+      def validate_arn!
+        unless @service == 's3-outposts'
+          raise ArgumentError, 'Must provide a valid S3 outposts ARN.'
+        end
+
+        if @region.empty? || @account_id.empty?
+          raise ArgumentError,
+                'S3 accesspoint ARNs must contain both a region '\
+                'and an account id.'
+        end
+
+        if @type != 'outpost' && @subtype != 'accesspoint'
+          raise ArgumentError, 'Invalid ARN, resource format is not correct'
+        end
+
+        if @outpost_id.nil? || @outpost_id.empty?
+          raise ArgumentError, 'Missing ARN outpost id.'
+        end
+
+        if @access_point_name.nil? || @access_point_name.empty?
+          raise ArgumentError, 'Missing ARN accesspoint name.'
+        end
+
+        if @extra
+          raise ArgumentError,
+                'ARN accesspoint resource must be a single value.'
+        end
+
+        unless Seahorse::Util.host_label?(
+          "#{@access_point_name}-#{@account_id}"
+        )
+          raise ArgumentError,
+                "#{@access_point_name}-#{@account_id} is not a valid "\
+                'host label.'
+        end
+
+        unless Seahorse::Util.host_label?(@outpost_id)
+          raise ArgumentError, "#{@outpost_id} is not a valid host label."
+        end
+      end
+
+      # Outpost ARNs currently do not support dualstack
+      def host_url(region, _dualstack = false)
+        "#{@access_point_name}-#{@account_id}.#{@outpost_id}"\
+        ".s3-outposts.#{region}.amazonaws.com"
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/bucket.rb

@@ -34,7 +34,8 @@ module Aws::S3
       @name
     end
 
-    # Date the bucket was created.
+    # Date the bucket was created. This date can change when making changes
+    # to your bucket, such as editing its bucket policy.
     # @return [Time]
     def creation_date
       data[:creation_date]
@@ -260,8 +261,14 @@ module Aws::S3
 
     # @example Request syntax with placeholder values
     #
-    #   bucket.delete()
+    #   bucket.delete({
+    #     expected_bucket_owner: "AccountId",
+    #   })
     # @param [Hash] options ({})
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def delete(options = {})
       options = options.merge(bucket: @name)
@@ -284,6 +291,7 @@ module Aws::S3
     #     mfa: "MFA",
     #     request_payer: "requester", # accepts requester
     #     bypass_governance_retention: false,
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [required, Types::Delete] :delete
@@ -307,6 +315,10 @@ module Aws::S3
     #   Specifies whether you want to delete this object even if it has a
     #   Governance-type Object Lock in place. You must have sufficient
     #   permissions to perform this operation.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [Types::DeleteObjectsOutput]
     def delete_objects(options = {})
       options = options.merge(bucket: @name)
@@ -336,24 +348,28 @@ module Aws::S3
     #       "MetadataKey" => "MetadataValue",
     #     },
     #     server_side_encryption: "AES256", # accepts AES256, aws:kms
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
     #     sse_customer_key_md5: "SSECustomerKeyMD5",
     #     ssekms_key_id: "SSEKMSKeyId",
     #     ssekms_encryption_context: "SSEKMSEncryptionContext",
+    #     bucket_key_enabled: false,
     #     request_payer: "requester", # accepts requester
     #     tagging: "TaggingHeader",
     #     object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
     #     object_lock_retain_until_date: Time.now,
     #     object_lock_legal_hold_status: "ON", # accepts ON, OFF
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :acl
     #   The canned ACL to apply to the object. For more information, see
     #   [Canned ACL][1].
     #
+    #   This action is not supported by Amazon S3 on Outposts.
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
@@ -425,12 +441,20 @@ module Aws::S3
     # @option options [String] :grant_full_control
     #   Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
     #   object.
+    #
+    #   This action is not supported by Amazon S3 on Outposts.
     # @option options [String] :grant_read
     #   Allows grantee to read the object data and its metadata.
+    #
+    #   This action is not supported by Amazon S3 on Outposts.
     # @option options [String] :grant_read_acp
     #   Allows grantee to read the object ACL.
+    #
+    #   This action is not supported by Amazon S3 on Outposts.
     # @option options [String] :grant_write_acp
     #   Allows grantee to write the ACL for the applicable object.
+    #
+    #   This action is not supported by Amazon S3 on Outposts.
     # @option options [required, String] :key
     #   Object key for which the PUT operation was initiated.
     # @option options [Hash<String,String>] :metadata
@@ -439,8 +463,16 @@ module Aws::S3
     #   The server-side encryption algorithm used when storing this object in
     #   Amazon S3 (for example, AES256, aws:kms).
     # @option options [String] :storage_class
-    #   If you don't specify, S3 Standard is the default storage class.
-    #   Amazon S3 supports other storage classes.
+    #   By default, Amazon S3 uses the STANDARD Storage Class to store newly
+    #   created objects. The STANDARD storage class provides high durability
+    #   and high availability. Depending on performance needs, you can specify
+    #   a different Storage Class. Amazon S3 on Outposts only uses the
+    #   OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
+    #   in the *Amazon S3 Service Developer Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
     # @option options [String] :website_redirect_location
     #   If the bucket is configured as a website, redirects requests for this
     #   object to another object in the same bucket or to an external URL.
@@ -474,7 +506,7 @@ module Aws::S3
     #   encrypting data. This value is used to store the object and then it is
     #   discarded; Amazon S3 does not store the encryption key. The key must
     #   be appropriate for use with the algorithm specified in the
-    #   `x-amz-server-side​-encryption​-customer-algorithm` header.
+    #   `x-amz-server-side-encryption-customer-algorithm` header.
     # @option options [String] :sse_customer_key_md5
     #   Specifies the 128-bit MD5 digest of the encryption key according to
     #   RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -495,6 +527,14 @@ module Aws::S3
     #   Specifies the AWS KMS Encryption Context to use for object encryption.
     #   The value of this header is a base64-encoded UTF-8 string holding JSON
     #   with the encryption context key-value pairs.
+    # @option options [Boolean] :bucket_key_enabled
+    #   Specifies whether Amazon S3 should use an S3 Bucket Key for object
+    #   encryption with server-side encryption using AWS KMS (SSE-KMS).
+    #   Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
+    #   for object encryption with SSE-KMS.
+    #
+    #   Specifying this header with a PUT operation doesn’t affect
+    #   bucket-level settings for S3 Bucket Key.
     # @option options [String] :request_payer
     #   Confirms that the requester knows that they will be charged for the
     #   request. Bucket owners need not specify this parameter in their
@@ -519,6 +559,10 @@ module Aws::S3
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [Object]
     def put_object(options = {})
       options = options.merge(bucket: @name)
@@ -580,6 +624,7 @@ module Aws::S3
     #     key_marker: "KeyMarker",
     #     prefix: "Prefix",
     #     upload_id_marker: "UploadIdMarker",
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :delimiter
@@ -622,6 +667,10 @@ module Aws::S3
     #   uploads for a key equal to the key-marker might be included in the
     #   list only if they have an upload ID lexicographically greater than the
     #   specified `upload-id-marker`.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [MultipartUpload::Collection]
     def multipart_uploads(options = {})
       batches = Enumerator.new do |y|
@@ -670,6 +719,7 @@ module Aws::S3
     #     key_marker: "KeyMarker",
     #     prefix: "Prefix",
     #     version_id_marker: "VersionIdMarker",
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :delimiter
@@ -697,6 +747,10 @@ module Aws::S3
     #   result under CommonPrefixes.
     # @option options [String] :version_id_marker
     #   Specifies the object version you want to start listing from.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [ObjectVersion::Collection]
     def object_versions(options = {})
       batches = Enumerator.new do |y|
@@ -728,6 +782,7 @@ module Aws::S3
     #     fetch_owner: false,
     #     start_after: "StartAfter",
     #     request_payer: "requester", # accepts requester
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :delimiter
@@ -748,6 +803,10 @@ module Aws::S3
     #   Confirms that the requester knows that she or he will be charged for
     #   the list objects request in V2 style. Bucket owners need not specify
     #   this parameter in their requests.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [ObjectSummary::Collection]
     def objects(options = {})
       batches = Enumerator.new do |y|

data/lib/aws-sdk-s3/bucket_acl.rb

@@ -208,6 +208,7 @@ module Aws::S3
     #     grant_read_acp: "GrantReadACP",
     #     grant_write: "GrantWrite",
     #     grant_write_acp: "GrantWriteACP",
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :acl
@@ -220,6 +221,9 @@ module Aws::S3
     #   used as a message integrity check to verify that the request body was
     #   not corrupted in transit. For more information, go to [RFC 1864.][1]
     #
+    #   For requests made using the AWS Command Line Interface (CLI) or AWS
+    #   SDKs, this field is calculated automatically.
+    #
     #
     #
     #   [1]: http://www.ietf.org/rfc/rfc1864.txt
@@ -235,6 +239,10 @@ module Aws::S3
     #   bucket.
     # @option options [String] :grant_write_acp
     #   Allows grantee to write the ACL for the applicable bucket.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def put(options = {})
       options = options.merge(bucket: @bucket_name)

data/lib/aws-sdk-s3/bucket_cors.rb

@@ -177,8 +177,14 @@ module Aws::S3
 
     # @example Request syntax with placeholder values
     #
-    #   bucket_cors.delete()
+    #   bucket_cors.delete({
+    #     expected_bucket_owner: "AccountId",
+    #   })
     # @param [Hash] options ({})
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def delete(options = {})
       options = options.merge(bucket: @bucket_name)
@@ -201,6 +207,7 @@ module Aws::S3
     #       ],
     #     },
     #     content_md5: "ContentMD5",
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [required, Types::CORSConfiguration] :cors_configuration
@@ -217,9 +224,16 @@ module Aws::S3
     #   used as a message integrity check to verify that the request body was
     #   not corrupted in transit. For more information, go to [RFC 1864.][1]
     #
+    #   For requests made using the AWS Command Line Interface (CLI) or AWS
+    #   SDKs, this field is calculated automatically.
+    #
     #
     #
     #   [1]: http://www.ietf.org/rfc/rfc1864.txt
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def put(options = {})
       options = options.merge(bucket: @bucket_name)

data/lib/aws-sdk-s3/bucket_lifecycle.rb

@@ -176,8 +176,14 @@ module Aws::S3
 
     # @example Request syntax with placeholder values
     #
-    #   bucket_lifecycle.delete()
+    #   bucket_lifecycle.delete({
+    #     expected_bucket_owner: "AccountId",
+    #   })
     # @param [Hash] options ({})
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def delete(options = {})
       options = options.merge(bucket: @bucket_name)
@@ -218,10 +224,17 @@ module Aws::S3
     #         },
     #       ],
     #     },
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :content_md5
+    #   For requests made using the AWS Command Line Interface (CLI) or AWS
+    #   SDKs, this field is calculated automatically.
     # @option options [Types::LifecycleConfiguration] :lifecycle_configuration
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def put(options = {})
       options = options.merge(bucket: @bucket_name)