aws-sdk-s3 1.78.0 → 1.87.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. checksums.yaml +4 -4
  2. data/lib/aws-sdk-s3.rb +3 -2
  3. data/lib/aws-sdk-s3/arn/access_point_arn.rb +62 -0
  4. data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +71 -0
  5. data/lib/aws-sdk-s3/bucket.rb +65 -6
  6. data/lib/aws-sdk-s3/bucket_acl.rb +8 -0
  7. data/lib/aws-sdk-s3/bucket_cors.rb +15 -1
  8. data/lib/aws-sdk-s3/bucket_lifecycle.rb +14 -1
  9. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +12 -1
  10. data/lib/aws-sdk-s3/bucket_logging.rb +8 -0
  11. data/lib/aws-sdk-s3/bucket_notification.rb +5 -0
  12. data/lib/aws-sdk-s3/bucket_policy.rb +15 -1
  13. data/lib/aws-sdk-s3/bucket_request_payment.rb +8 -0
  14. data/lib/aws-sdk-s3/bucket_tagging.rb +15 -1
  15. data/lib/aws-sdk-s3/bucket_versioning.rb +24 -0
  16. data/lib/aws-sdk-s3/bucket_website.rb +15 -1
  17. data/lib/aws-sdk-s3/client.rb +2659 -778
  18. data/lib/aws-sdk-s3/client_api.rb +297 -20
  19. data/lib/aws-sdk-s3/customizations.rb +1 -1
  20. data/lib/aws-sdk-s3/customizations/bucket.rb +7 -4
  21. data/lib/aws-sdk-s3/customizations/object.rb +4 -3
  22. data/lib/aws-sdk-s3/errors.rb +21 -0
  23. data/lib/aws-sdk-s3/file_uploader.rb +1 -1
  24. data/lib/aws-sdk-s3/legacy_signer.rb +15 -25
  25. data/lib/aws-sdk-s3/multipart_upload.rb +15 -0
  26. data/lib/aws-sdk-s3/multipart_upload_part.rb +63 -6
  27. data/lib/aws-sdk-s3/object.rb +212 -24
  28. data/lib/aws-sdk-s3/object_acl.rb +16 -0
  29. data/lib/aws-sdk-s3/object_summary.rb +179 -14
  30. data/lib/aws-sdk-s3/object_version.rb +27 -3
  31. data/lib/aws-sdk-s3/plugins/arn.rb +187 -0
  32. data/lib/aws-sdk-s3/plugins/bucket_dns.rb +0 -2
  33. data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +1 -1
  34. data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +7 -2
  35. data/lib/aws-sdk-s3/plugins/s3_signer.rb +29 -7
  36. data/lib/aws-sdk-s3/presigned_post.rb +1 -0
  37. data/lib/aws-sdk-s3/presigner.rb +19 -5
  38. data/lib/aws-sdk-s3/types.rb +2301 -287
  39. metadata +7 -5
  40. data/lib/aws-sdk-s3/plugins/bucket_arn.rb +0 -212
@@ -228,6 +228,7 @@ module Aws::S3
228
228
  # grant_write_acp: "GrantWriteACP",
229
229
  # request_payer: "requester", # accepts requester
230
230
  # version_id: "ObjectVersionId",
231
+ # expected_bucket_owner: "AccountId",
231
232
  # })
232
233
  # @param [Hash] options ({})
233
234
  # @option options [String] :acl
@@ -246,21 +247,32 @@ module Aws::S3
246
247
  # not corrupted in transit. For more information, go to [RFC
247
248
  # 1864.>][1]
248
249
  #
250
+ # For requests made using the AWS Command Line Interface (CLI) or AWS
251
+ # SDKs, this field is calculated automatically.
252
+ #
249
253
  #
250
254
  #
251
255
  # [1]: http://www.ietf.org/rfc/rfc1864.txt
252
256
  # @option options [String] :grant_full_control
253
257
  # Allows grantee the read, write, read ACP, and write ACP permissions on
254
258
  # the bucket.
259
+ #
260
+ # This action is not supported by Amazon S3 on Outposts.
255
261
  # @option options [String] :grant_read
256
262
  # Allows grantee to list the objects in the bucket.
263
+ #
264
+ # This action is not supported by Amazon S3 on Outposts.
257
265
  # @option options [String] :grant_read_acp
258
266
  # Allows grantee to read the bucket ACL.
267
+ #
268
+ # This action is not supported by Amazon S3 on Outposts.
259
269
  # @option options [String] :grant_write
260
270
  # Allows grantee to create, overwrite, and delete any object in the
261
271
  # bucket.
262
272
  # @option options [String] :grant_write_acp
263
273
  # Allows grantee to write the ACL for the applicable bucket.
274
+ #
275
+ # This action is not supported by Amazon S3 on Outposts.
264
276
  # @option options [String] :request_payer
265
277
  # Confirms that the requester knows that they will be charged for the
266
278
  # request. Bucket owners need not specify this parameter in their
@@ -273,6 +285,10 @@ module Aws::S3
273
285
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
274
286
  # @option options [String] :version_id
275
287
  # VersionId used to reference a specific version of the object.
288
+ # @option options [String] :expected_bucket_owner
289
+ # The account id of the expected bucket owner. If the bucket is owned by
290
+ # a different account, the request will fail with an HTTP `403 (Access
291
+ # Denied)` error.
276
292
  # @return [Types::PutObjectAclOutput]
277
293
  def put(options = {})
278
294
  options = options.merge(
@@ -295,13 +295,14 @@ module Aws::S3
295
295
  # metadata_directive: "COPY", # accepts COPY, REPLACE
296
296
  # tagging_directive: "COPY", # accepts COPY, REPLACE
297
297
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
298
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
298
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
299
299
  # website_redirect_location: "WebsiteRedirectLocation",
300
300
  # sse_customer_algorithm: "SSECustomerAlgorithm",
301
301
  # sse_customer_key: "SSECustomerKey",
302
302
  # sse_customer_key_md5: "SSECustomerKeyMD5",
303
303
  # ssekms_key_id: "SSEKMSKeyId",
304
304
  # ssekms_encryption_context: "SSEKMSEncryptionContext",
305
+ # bucket_key_enabled: false,
305
306
  # copy_source_sse_customer_algorithm: "CopySourceSSECustomerAlgorithm",
306
307
  # copy_source_sse_customer_key: "CopySourceSSECustomerKey",
307
308
  # copy_source_sse_customer_key_md5: "CopySourceSSECustomerKeyMD5",
@@ -310,10 +311,14 @@ module Aws::S3
310
311
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
311
312
  # object_lock_retain_until_date: Time.now,
312
313
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
314
+ # expected_bucket_owner: "AccountId",
315
+ # expected_source_bucket_owner: "AccountId",
313
316
  # })
314
317
  # @param [Hash] options ({})
315
318
  # @option options [String] :acl
316
319
  # The canned ACL to apply to the object.
320
+ #
321
+ # This action is not supported by Amazon S3 on Outposts.
317
322
  # @option options [String] :cache_control
318
323
  # Specifies caching behavior along the request/reply chain.
319
324
  # @option options [String] :content_disposition
@@ -327,8 +332,50 @@ module Aws::S3
327
332
  # @option options [String] :content_type
328
333
  # A standard MIME type describing the format of the object data.
329
334
  # @option options [required, String] :copy_source
330
- # The name of the source bucket and key name of the source object,
331
- # separated by a slash (/). Must be URL-encoded.
335
+ # Specifies the source object for the copy operation. You specify the
336
+ # value in one of two formats, depending on whether you want to access
337
+ # the source object through an [access point][1]\:
338
+ #
339
+ # * For objects not accessed through an access point, specify the name
340
+ # of the source bucket and the key of the source object, separated by
341
+ # a slash (/). For example, to copy the object `reports/january.pdf`
342
+ # from the bucket `awsexamplebucket`, use
343
+ # `awsexamplebucket/reports/january.pdf`. The value must be URL
344
+ # encoded.
345
+ #
346
+ # * For objects accessed through access points, specify the Amazon
347
+ # Resource Name (ARN) of the object as accessed through the access
348
+ # point, in the format
349
+ # `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`.
350
+ # For example, to copy the object `reports/january.pdf` through access
351
+ # point `my-access-point` owned by account `123456789012` in Region
352
+ # `us-west-2`, use the URL encoding of
353
+ # `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
354
+ # The value must be URL encoded.
355
+ #
356
+ # <note markdown="1"> Amazon S3 supports copy operations using access points only when the
357
+ # source and destination buckets are in the same AWS Region.
358
+ #
359
+ # </note>
360
+ #
361
+ # Alternatively, for objects accessed through Amazon S3 on Outposts,
362
+ # specify the ARN of the object as accessed in the format
363
+ # `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/object/<key>`.
364
+ # For example, to copy the object `reports/january.pdf` through
365
+ # outpost `my-outpost` owned by account `123456789012` in Region
366
+ # `us-west-2`, use the URL encoding of
367
+ # `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`.
368
+ # The value must be URL encoded.
369
+ #
370
+ # To copy a specific version of an object, append
371
+ # `?versionId=<version-id>` to the value (for example,
372
+ # `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
373
+ # If you don't specify a version ID, Amazon S3 copies the latest
374
+ # version of the source object.
375
+ #
376
+ #
377
+ #
378
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html
332
379
  # @option options [String] :copy_source_if_match
333
380
  # Copies the object if its entity tag (ETag) matches the specified tag.
334
381
  # @option options [Time,DateTime,Date,Integer,String] :copy_source_if_modified_since
@@ -344,12 +391,20 @@ module Aws::S3
344
391
  # @option options [String] :grant_full_control
345
392
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
346
393
  # object.
394
+ #
395
+ # This action is not supported by Amazon S3 on Outposts.
347
396
  # @option options [String] :grant_read
348
397
  # Allows grantee to read the object data and its metadata.
398
+ #
399
+ # This action is not supported by Amazon S3 on Outposts.
349
400
  # @option options [String] :grant_read_acp
350
401
  # Allows grantee to read the object ACL.
402
+ #
403
+ # This action is not supported by Amazon S3 on Outposts.
351
404
  # @option options [String] :grant_write_acp
352
405
  # Allows grantee to write the ACL for the applicable object.
406
+ #
407
+ # This action is not supported by Amazon S3 on Outposts.
353
408
  # @option options [Hash<String,String>] :metadata
354
409
  # A map of metadata to store with the object in S3.
355
410
  # @option options [String] :metadata_directive
@@ -362,7 +417,16 @@ module Aws::S3
362
417
  # The server-side encryption algorithm used when storing this object in
363
418
  # Amazon S3 (for example, AES256, aws:kms).
364
419
  # @option options [String] :storage_class
365
- # The type of storage to use for the object. Defaults to 'STANDARD'.
420
+ # By default, Amazon S3 uses the STANDARD Storage Class to store newly
421
+ # created objects. The STANDARD storage class provides high durability
422
+ # and high availability. Depending on performance needs, you can specify
423
+ # a different Storage Class. Amazon S3 on Outposts only uses the
424
+ # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
425
+ # in the *Amazon S3 Service Developer Guide*.
426
+ #
427
+ #
428
+ #
429
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
366
430
  # @option options [String] :website_redirect_location
367
431
  # If the bucket is configured as a website, redirects requests for this
368
432
  # object to another object in the same bucket or to an external URL.
@@ -375,7 +439,7 @@ module Aws::S3
375
439
  # encrypting data. This value is used to store the object and then it is
376
440
  # discarded; Amazon S3 does not store the encryption key. The key must
377
441
  # be appropriate for use with the algorithm specified in the
378
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
442
+ # `x-amz-server-side-encryption-customer-algorithm` header.
379
443
  # @option options [String] :sse_customer_key_md5
380
444
  # Specifies the 128-bit MD5 digest of the encryption key according to
381
445
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -395,6 +459,14 @@ module Aws::S3
395
459
  # Specifies the AWS KMS Encryption Context to use for object encryption.
396
460
  # The value of this header is a base64-encoded UTF-8 string holding JSON
397
461
  # with the encryption context key-value pairs.
462
+ # @option options [Boolean] :bucket_key_enabled
463
+ # Specifies whether Amazon S3 should use an S3 Bucket Key for object
464
+ # encryption with server-side encryption using AWS KMS (SSE-KMS).
465
+ # Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
466
+ # for object encryption with SSE-KMS.
467
+ #
468
+ # Specifying this header with a COPY operation doesn’t affect
469
+ # bucket-level settings for S3 Bucket Key.
398
470
  # @option options [String] :copy_source_sse_customer_algorithm
399
471
  # Specifies the algorithm to use when decrypting the source object (for
400
472
  # example, AES256).
@@ -427,6 +499,14 @@ module Aws::S3
427
499
  # expire.
428
500
  # @option options [String] :object_lock_legal_hold_status
429
501
  # Specifies whether you want to apply a Legal Hold to the copied object.
502
+ # @option options [String] :expected_bucket_owner
503
+ # The account id of the expected destination bucket owner. If the
504
+ # destination bucket is owned by a different account, the request will
505
+ # fail with an HTTP `403 (Access Denied)` error.
506
+ # @option options [String] :expected_source_bucket_owner
507
+ # The account id of the expected source bucket owner. If the source
508
+ # bucket is owned by a different account, the request will fail with an
509
+ # HTTP `403 (Access Denied)` error.
430
510
  # @return [Types::CopyObjectOutput]
431
511
  def copy_from(options = {})
432
512
  options = options.merge(
@@ -444,6 +524,7 @@ module Aws::S3
444
524
  # version_id: "ObjectVersionId",
445
525
  # request_payer: "requester", # accepts requester
446
526
  # bypass_governance_retention: false,
527
+ # expected_bucket_owner: "AccountId",
447
528
  # })
448
529
  # @param [Hash] options ({})
449
530
  # @option options [String] :mfa
@@ -466,6 +547,10 @@ module Aws::S3
466
547
  # @option options [Boolean] :bypass_governance_retention
467
548
  # Indicates whether S3 Object Lock should bypass Governance-mode
468
549
  # restrictions to process this operation.
550
+ # @option options [String] :expected_bucket_owner
551
+ # The account id of the expected bucket owner. If the bucket is owned by
552
+ # a different account, the request will fail with an HTTP `403 (Access
553
+ # Denied)` error.
469
554
  # @return [Types::DeleteObjectOutput]
470
555
  def delete(options = {})
471
556
  options = options.merge(
@@ -496,6 +581,7 @@ module Aws::S3
496
581
  # sse_customer_key_md5: "SSECustomerKeyMD5",
497
582
  # request_payer: "requester", # accepts requester
498
583
  # part_number: 1,
584
+ # expected_bucket_owner: "AccountId",
499
585
  # })
500
586
  # @param [Hash] options ({})
501
587
  # @option options [String] :if_match
@@ -545,7 +631,7 @@ module Aws::S3
545
631
  # encrypting data. This value is used to store the object and then it is
546
632
  # discarded; Amazon S3 does not store the encryption key. The key must
547
633
  # be appropriate for use with the algorithm specified in the
548
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
634
+ # `x-amz-server-side-encryption-customer-algorithm` header.
549
635
  # @option options [String] :sse_customer_key_md5
550
636
  # Specifies the 128-bit MD5 digest of the encryption key according to
551
637
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -565,6 +651,10 @@ module Aws::S3
565
651
  # between 1 and 10,000. Effectively performs a 'ranged' GET request
566
652
  # for the part specified. Useful for downloading just a part of an
567
653
  # object.
654
+ # @option options [String] :expected_bucket_owner
655
+ # The account id of the expected bucket owner. If the bucket is owned by
656
+ # a different account, the request will fail with an HTTP `403 (Access
657
+ # Denied)` error.
568
658
  # @return [Types::GetObjectOutput]
569
659
  def get(options = {}, &block)
570
660
  options = options.merge(
@@ -593,22 +683,26 @@ module Aws::S3
593
683
  # "MetadataKey" => "MetadataValue",
594
684
  # },
595
685
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
596
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
686
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
597
687
  # website_redirect_location: "WebsiteRedirectLocation",
598
688
  # sse_customer_algorithm: "SSECustomerAlgorithm",
599
689
  # sse_customer_key: "SSECustomerKey",
600
690
  # sse_customer_key_md5: "SSECustomerKeyMD5",
601
691
  # ssekms_key_id: "SSEKMSKeyId",
602
692
  # ssekms_encryption_context: "SSEKMSEncryptionContext",
693
+ # bucket_key_enabled: false,
603
694
  # request_payer: "requester", # accepts requester
604
695
  # tagging: "TaggingHeader",
605
696
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
606
697
  # object_lock_retain_until_date: Time.now,
607
698
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
699
+ # expected_bucket_owner: "AccountId",
608
700
  # })
609
701
  # @param [Hash] options ({})
610
702
  # @option options [String] :acl
611
703
  # The canned ACL to apply to the object.
704
+ #
705
+ # This action is not supported by Amazon S3 on Outposts.
612
706
  # @option options [String] :cache_control
613
707
  # Specifies caching behavior along the request/reply chain.
614
708
  # @option options [String] :content_disposition
@@ -626,19 +720,36 @@ module Aws::S3
626
720
  # @option options [String] :grant_full_control
627
721
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
628
722
  # object.
723
+ #
724
+ # This action is not supported by Amazon S3 on Outposts.
629
725
  # @option options [String] :grant_read
630
726
  # Allows grantee to read the object data and its metadata.
727
+ #
728
+ # This action is not supported by Amazon S3 on Outposts.
631
729
  # @option options [String] :grant_read_acp
632
730
  # Allows grantee to read the object ACL.
731
+ #
732
+ # This action is not supported by Amazon S3 on Outposts.
633
733
  # @option options [String] :grant_write_acp
634
734
  # Allows grantee to write the ACL for the applicable object.
735
+ #
736
+ # This action is not supported by Amazon S3 on Outposts.
635
737
  # @option options [Hash<String,String>] :metadata
636
738
  # A map of metadata to store with the object in S3.
637
739
  # @option options [String] :server_side_encryption
638
740
  # The server-side encryption algorithm used when storing this object in
639
741
  # Amazon S3 (for example, AES256, aws:kms).
640
742
  # @option options [String] :storage_class
641
- # The type of storage to use for the object. Defaults to 'STANDARD'.
743
+ # By default, Amazon S3 uses the STANDARD Storage Class to store newly
744
+ # created objects. The STANDARD storage class provides high durability
745
+ # and high availability. Depending on performance needs, you can specify
746
+ # a different Storage Class. Amazon S3 on Outposts only uses the
747
+ # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
748
+ # in the *Amazon S3 Service Developer Guide*.
749
+ #
750
+ #
751
+ #
752
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
642
753
  # @option options [String] :website_redirect_location
643
754
  # If the bucket is configured as a website, redirects requests for this
644
755
  # object to another object in the same bucket or to an external URL.
@@ -651,7 +762,7 @@ module Aws::S3
651
762
  # encrypting data. This value is used to store the object and then it is
652
763
  # discarded; Amazon S3 does not store the encryption key. The key must
653
764
  # be appropriate for use with the algorithm specified in the
654
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
765
+ # `x-amz-server-side-encryption-customer-algorithm` header.
655
766
  # @option options [String] :sse_customer_key_md5
656
767
  # Specifies the 128-bit MD5 digest of the encryption key according to
657
768
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -671,6 +782,14 @@ module Aws::S3
671
782
  # Specifies the AWS KMS Encryption Context to use for object encryption.
672
783
  # The value of this header is a base64-encoded UTF-8 string holding JSON
673
784
  # with the encryption context key-value pairs.
785
+ # @option options [Boolean] :bucket_key_enabled
786
+ # Specifies whether Amazon S3 should use an S3 Bucket Key for object
787
+ # encryption with server-side encryption using AWS KMS (SSE-KMS).
788
+ # Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
789
+ # for object encryption with SSE-KMS.
790
+ #
791
+ # Specifying this header with an object operation doesn’t affect
792
+ # bucket-level settings for S3 Bucket Key.
674
793
  # @option options [String] :request_payer
675
794
  # Confirms that the requester knows that they will be charged for the
676
795
  # request. Bucket owners need not specify this parameter in their
@@ -692,6 +811,10 @@ module Aws::S3
692
811
  # @option options [String] :object_lock_legal_hold_status
693
812
  # Specifies whether you want to apply a Legal Hold to the uploaded
694
813
  # object.
814
+ # @option options [String] :expected_bucket_owner
815
+ # The account id of the expected bucket owner. If the bucket is owned by
816
+ # a different account, the request will fail with an HTTP `403 (Access
817
+ # Denied)` error.
695
818
  # @return [MultipartUpload]
696
819
  def initiate_multipart_upload(options = {})
697
820
  options = options.merge(
@@ -728,24 +851,28 @@ module Aws::S3
728
851
  # "MetadataKey" => "MetadataValue",
729
852
  # },
730
853
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
731
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
854
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
732
855
  # website_redirect_location: "WebsiteRedirectLocation",
733
856
  # sse_customer_algorithm: "SSECustomerAlgorithm",
734
857
  # sse_customer_key: "SSECustomerKey",
735
858
  # sse_customer_key_md5: "SSECustomerKeyMD5",
736
859
  # ssekms_key_id: "SSEKMSKeyId",
737
860
  # ssekms_encryption_context: "SSEKMSEncryptionContext",
861
+ # bucket_key_enabled: false,
738
862
  # request_payer: "requester", # accepts requester
739
863
  # tagging: "TaggingHeader",
740
864
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
741
865
  # object_lock_retain_until_date: Time.now,
742
866
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
867
+ # expected_bucket_owner: "AccountId",
743
868
  # })
744
869
  # @param [Hash] options ({})
745
870
  # @option options [String] :acl
746
871
  # The canned ACL to apply to the object. For more information, see
747
872
  # [Canned ACL][1].
748
873
  #
874
+ # This action is not supported by Amazon S3 on Outposts.
875
+ #
749
876
  #
750
877
  #
751
878
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
@@ -817,20 +944,36 @@ module Aws::S3
817
944
  # @option options [String] :grant_full_control
818
945
  # Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
819
946
  # object.
947
+ #
948
+ # This action is not supported by Amazon S3 on Outposts.
820
949
  # @option options [String] :grant_read
821
950
  # Allows grantee to read the object data and its metadata.
951
+ #
952
+ # This action is not supported by Amazon S3 on Outposts.
822
953
  # @option options [String] :grant_read_acp
823
954
  # Allows grantee to read the object ACL.
955
+ #
956
+ # This action is not supported by Amazon S3 on Outposts.
824
957
  # @option options [String] :grant_write_acp
825
958
  # Allows grantee to write the ACL for the applicable object.
959
+ #
960
+ # This action is not supported by Amazon S3 on Outposts.
826
961
  # @option options [Hash<String,String>] :metadata
827
962
  # A map of metadata to store with the object in S3.
828
963
  # @option options [String] :server_side_encryption
829
964
  # The server-side encryption algorithm used when storing this object in
830
965
  # Amazon S3 (for example, AES256, aws:kms).
831
966
  # @option options [String] :storage_class
832
- # If you don't specify, S3 Standard is the default storage class.
833
- # Amazon S3 supports other storage classes.
967
+ # By default, Amazon S3 uses the STANDARD Storage Class to store newly
968
+ # created objects. The STANDARD storage class provides high durability
969
+ # and high availability. Depending on performance needs, you can specify
970
+ # a different Storage Class. Amazon S3 on Outposts only uses the
971
+ # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
972
+ # in the *Amazon S3 Service Developer Guide*.
973
+ #
974
+ #
975
+ #
976
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
834
977
  # @option options [String] :website_redirect_location
835
978
  # If the bucket is configured as a website, redirects requests for this
836
979
  # object to another object in the same bucket or to an external URL.
@@ -864,7 +1007,7 @@ module Aws::S3
864
1007
  # encrypting data. This value is used to store the object and then it is
865
1008
  # discarded; Amazon S3 does not store the encryption key. The key must
866
1009
  # be appropriate for use with the algorithm specified in the
867
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
1010
+ # `x-amz-server-side-encryption-customer-algorithm` header.
868
1011
  # @option options [String] :sse_customer_key_md5
869
1012
  # Specifies the 128-bit MD5 digest of the encryption key according to
870
1013
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -885,6 +1028,14 @@ module Aws::S3
885
1028
  # Specifies the AWS KMS Encryption Context to use for object encryption.
886
1029
  # The value of this header is a base64-encoded UTF-8 string holding JSON
887
1030
  # with the encryption context key-value pairs.
1031
+ # @option options [Boolean] :bucket_key_enabled
1032
+ # Specifies whether Amazon S3 should use an S3 Bucket Key for object
1033
+ # encryption with server-side encryption using AWS KMS (SSE-KMS).
1034
+ # Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
1035
+ # for object encryption with SSE-KMS.
1036
+ #
1037
+ # Specifying this header with a PUT operation doesn’t affect
1038
+ # bucket-level settings for S3 Bucket Key.
888
1039
  # @option options [String] :request_payer
889
1040
  # Confirms that the requester knows that they will be charged for the
890
1041
  # request. Bucket owners need not specify this parameter in their
@@ -909,6 +1060,10 @@ module Aws::S3
909
1060
  #
910
1061
  #
911
1062
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
1063
+ # @option options [String] :expected_bucket_owner
1064
+ # The account id of the expected bucket owner. If the bucket is owned by
1065
+ # a different account, the request will fail with an HTTP `403 (Access
1066
+ # Denied)` error.
912
1067
  # @return [Types::PutObjectOutput]
913
1068
  def put(options = {})
914
1069
  options = options.merge(
@@ -1000,11 +1155,12 @@ module Aws::S3
1000
1155
  # value: "MetadataValue",
1001
1156
  # },
1002
1157
  # ],
1003
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
1158
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
1004
1159
  # },
1005
1160
  # },
1006
1161
  # },
1007
1162
  # request_payer: "requester", # accepts requester
1163
+ # expected_bucket_owner: "AccountId",
1008
1164
  # })
1009
1165
  # @param [Hash] options ({})
1010
1166
  # @option options [String] :version_id
@@ -1021,6 +1177,10 @@ module Aws::S3
1021
1177
  #
1022
1178
  #
1023
1179
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1180
+ # @option options [String] :expected_bucket_owner
1181
+ # The account id of the expected bucket owner. If the bucket is owned by
1182
+ # a different account, the request will fail with an HTTP `403 (Access
1183
+ # Denied)` error.
1024
1184
  # @return [Types::RestoreObjectOutput]
1025
1185
  def restore_object(options = {})
1026
1186
  options = options.merge(
@@ -1152,6 +1312,7 @@ module Aws::S3
1152
1312
  # mfa: "MFA",
1153
1313
  # request_payer: "requester", # accepts requester
1154
1314
  # bypass_governance_retention: false,
1315
+ # expected_bucket_owner: "AccountId",
1155
1316
  # })
1156
1317
  # @param options ({})
1157
1318
  # @option options [String] :mfa
@@ -1173,6 +1334,10 @@ module Aws::S3
1173
1334
  # Specifies whether you want to delete this object even if it has a
1174
1335
  # Governance-type Object Lock in place. You must have sufficient
1175
1336
  # permissions to perform this operation.
1337
+ # @option options [String] :expected_bucket_owner
1338
+ # The account id of the expected bucket owner. If the bucket is owned by
1339
+ # a different account, the request will fail with an HTTP `403 (Access
1340
+ # Denied)` error.
1176
1341
  # @return [void]
1177
1342
  def batch_delete!(options = {})
1178
1343
  batch_enum.each do |batch|