aws-sdk-s3 1.79.0 → 1.82.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. checksums.yaml +4 -4
  2. data/lib/aws-sdk-s3.rb +2 -1
  3. data/lib/aws-sdk-s3/arn/access_point_arn.rb +62 -0
  4. data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +71 -0
  5. data/lib/aws-sdk-s3/bucket.rb +34 -3
  6. data/lib/aws-sdk-s3/bucket_acl.rb +5 -0
  7. data/lib/aws-sdk-s3/bucket_cors.rb +12 -1
  8. data/lib/aws-sdk-s3/bucket_lifecycle.rb +12 -1
  9. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +12 -1
  10. data/lib/aws-sdk-s3/bucket_logging.rb +5 -0
  11. data/lib/aws-sdk-s3/bucket_notification.rb +5 -0
  12. data/lib/aws-sdk-s3/bucket_policy.rb +12 -1
  13. data/lib/aws-sdk-s3/bucket_request_payment.rb +5 -0
  14. data/lib/aws-sdk-s3/bucket_tagging.rb +12 -1
  15. data/lib/aws-sdk-s3/bucket_versioning.rb +15 -0
  16. data/lib/aws-sdk-s3/bucket_website.rb +12 -1
  17. data/lib/aws-sdk-s3/client.rb +1753 -555
  18. data/lib/aws-sdk-s3/client_api.rb +87 -0
  19. data/lib/aws-sdk-s3/customizations/bucket.rb +7 -4
  20. data/lib/aws-sdk-s3/multipart_upload.rb +15 -0
  21. data/lib/aws-sdk-s3/multipart_upload_part.rb +63 -6
  22. data/lib/aws-sdk-s3/object.rb +97 -14
  23. data/lib/aws-sdk-s3/object_acl.rb +5 -0
  24. data/lib/aws-sdk-s3/object_summary.rb +92 -10
  25. data/lib/aws-sdk-s3/object_version.rb +22 -2
  26. data/lib/aws-sdk-s3/plugins/arn.rb +187 -0
  27. data/lib/aws-sdk-s3/plugins/bucket_dns.rb +0 -2
  28. data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +1 -1
  29. data/lib/aws-sdk-s3/plugins/s3_signer.rb +29 -7
  30. data/lib/aws-sdk-s3/presigned_post.rb +1 -0
  31. data/lib/aws-sdk-s3/presigner.rb +1 -0
  32. data/lib/aws-sdk-s3/types.rb +1296 -147
  33. metadata +7 -5
  34. data/lib/aws-sdk-s3/plugins/bucket_arn.rb +0 -212
@@ -73,8 +73,6 @@ request URI and never moved to the host as a sub-domain.
73
73
  end
74
74
  end
75
75
 
76
- # Checks for a valid RFC-3986 host name
77
- # @see https://tools.ietf.org/html/rfc3986#section-3.2.2
78
76
  # @param [String] bucket_name
79
77
  # @return [Boolean]
80
78
  def valid_subdomain?(bucket_name)
@@ -13,7 +13,7 @@ module Aws
13
13
  def call(context)
14
14
  bucket_member = _bucket_member(context.operation.input.shape)
15
15
  if bucket_member && (bucket = context.params[bucket_member])
16
- _resolved_bucket, _resolved_region, arn = BucketARN.resolve_arn!(
16
+ _resolved_region, arn = ARN.resolve_arn!(
17
17
  bucket,
18
18
  context.config.region,
19
19
  context.config.s3_use_arn_region
@@ -12,12 +12,14 @@ module Aws
12
12
 
13
13
  option(:sigv4_signer) do |cfg|
14
14
  S3Signer.build_v4_signer(
15
+ service: 's3',
15
16
  region: cfg.sigv4_region,
16
17
  credentials: cfg.credentials
17
18
  )
18
19
  end
19
20
 
20
21
  option(:sigv4_region) do |cfg|
22
+ # S3 removes core's signature_v4 plugin that checks for this
21
23
  raise Aws::Errors::MissingRegionError if cfg.region.nil?
22
24
 
23
25
  Aws::Partitions::EndpointProvider.signing_region(cfg.region, 's3')
@@ -67,11 +69,26 @@ module Aws
67
69
  if context[:cached_sigv4_region] &&
68
70
  context[:cached_sigv4_region] != context.config.sigv4_signer.region
69
71
  S3Signer.build_v4_signer(
72
+ service: 's3',
70
73
  region: context[:cached_sigv4_region],
71
74
  credentials: context.config.credentials
72
75
  )
73
76
  else
74
- context.config.sigv4_signer
77
+ resolved_region, arn = ARN.resolve_arn!(
78
+ context.params[:bucket],
79
+ context.config.sigv4_signer.region,
80
+ context.config.s3_use_arn_region
81
+ )
82
+
83
+ if arn
84
+ S3Signer.build_v4_signer(
85
+ service: arn.respond_to?(:outpost_id) ? 's3-outposts' : 's3',
86
+ region: resolved_region,
87
+ credentials: context.config.credentials
88
+ )
89
+ else
90
+ context.config.sigv4_signer
91
+ end
75
92
  end
76
93
  end
77
94
  end
@@ -90,7 +107,9 @@ module Aws
90
107
  def check_for_cached_region(context, bucket)
91
108
  cached_region = S3::BUCKET_REGIONS[bucket]
92
109
  if cached_region && cached_region != context.config.region
93
- context.http_request.endpoint.host = S3Signer.new_hostname(context, cached_region)
110
+ context.http_request.endpoint.host = S3Signer.new_hostname(
111
+ context, cached_region
112
+ )
94
113
  context[:cached_sigv4_region] = cached_region
95
114
  end
96
115
  end
@@ -150,11 +169,14 @@ module Aws
150
169
 
151
170
  def resign_with_new_region(context, actual_region)
152
171
  context.http_response.body.truncate(0)
153
- context.http_request.endpoint.host = S3Signer.new_hostname(context, actual_region)
172
+ context.http_request.endpoint.host = S3Signer.new_hostname(
173
+ context, actual_region
174
+ )
154
175
  context.metadata[:redirect_region] = actual_region
155
176
  Aws::Plugins::SignatureV4.apply_signature(
156
177
  context: context,
157
178
  signer: S3Signer.build_v4_signer(
179
+ service: 's3',
158
180
  region: actual_region,
159
181
  credentials: context.config.credentials
160
182
  )
@@ -189,7 +211,7 @@ module Aws
189
211
  # @api private
190
212
  def build_v4_signer(options = {})
191
213
  Aws::Sigv4::Signer.new(
192
- service: 's3',
214
+ service: options[:service],
193
215
  region: options[:region],
194
216
  credentials_provider: options[:credentials],
195
217
  uri_escape_path: false,
@@ -200,7 +222,7 @@ module Aws
200
222
  def new_hostname(context, region)
201
223
  # Check to see if the bucket is actually an ARN and resolve it
202
224
  # Otherwise it will retry with the ARN as the bucket name.
203
- resolved_bucket, resolved_region, arn = BucketARN.resolve_arn!(
225
+ resolved_region, arn = ARN.resolve_arn!(
204
226
  context.params[:bucket],
205
227
  region,
206
228
  context.config.s3_use_arn_region
@@ -210,9 +232,9 @@ module Aws
210
232
  )
211
233
 
212
234
  if arn
213
- BucketARN.resolve_url!(uri, arn).host
235
+ ARN.resolve_url!(uri, arn).host
214
236
  else
215
- resolved_bucket + '.' + uri.host
237
+ "#{context.params[:bucket]}.#{uri.host}"
216
238
  end
217
239
  end
218
240
  end
@@ -237,6 +237,7 @@ module Aws
237
237
  @bucket_region = bucket_region
238
238
  @bucket_name = bucket_name
239
239
  @accelerate = !!options.delete(:use_accelerate_endpoint)
240
+ options.delete(:url) if @accelerate # resource methods pass url
240
241
  @url = options.delete(:url) || bucket_url
241
242
  @fields = {}
242
243
  @key_set = false
@@ -12,6 +12,7 @@ module Aws
12
12
  # @api private
13
13
  BLACKLISTED_HEADERS = [
14
14
  'accept',
15
+ 'amz-sdk-request',
15
16
  'cache-control',
16
17
  'content-length', # due to a ELB bug
17
18
  'expect',
@@ -61,6 +61,7 @@ module Aws::S3
61
61
  # key: "ObjectKey", # required
62
62
  # upload_id: "MultipartUploadId", # required
63
63
  # request_payer: "requester", # accepts requester
64
+ # expected_bucket_owner: "AccountId",
64
65
  # }
65
66
  #
66
67
  # @!attribute [rw] bucket
@@ -75,9 +76,19 @@ module Aws::S3
75
76
  # For more information about access point ARNs, see [Using Access
76
77
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
77
78
  #
79
+ # When using this API with Amazon S3 on Outposts, you must direct
80
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
81
+ # takes the form
82
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
83
+ # When using this operation using S3 on Outposts through the AWS SDKs,
84
+ # you provide the Outposts bucket ARN in place of the bucket name. For
85
+ # more information about S3 on Outposts ARNs, see [Using S3 on
86
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
87
+ #
78
88
  #
79
89
  #
80
90
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
91
+ # [2]: https://docs.aws.amazon.com/
81
92
  # @return [String]
82
93
  #
83
94
  # @!attribute [rw] key
@@ -100,13 +111,20 @@ module Aws::S3
100
111
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
101
112
  # @return [String]
102
113
  #
114
+ # @!attribute [rw] expected_bucket_owner
115
+ # The account id of the expected bucket owner. If the bucket is owned
116
+ # by a different account, the request will fail with an HTTP `403
117
+ # (Access Denied)` error.
118
+ # @return [String]
119
+ #
103
120
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/AbortMultipartUploadRequest AWS API Documentation
104
121
  #
105
122
  class AbortMultipartUploadRequest < Struct.new(
106
123
  :bucket,
107
124
  :key,
108
125
  :upload_id,
109
- :request_payer)
126
+ :request_payer,
127
+ :expected_bucket_owner)
110
128
  SENSITIVE = []
111
129
  include Aws::Structure
112
130
  end
@@ -891,6 +909,29 @@ module Aws::S3
891
909
  #
892
910
  # @!attribute [rw] bucket
893
911
  # The name of the bucket that contains the newly created object.
912
+ #
913
+ # When using this API with an access point, you must direct requests
914
+ # to the access point hostname. The access point hostname takes the
915
+ # form
916
+ # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
917
+ # When using this operation using an access point through the AWS
918
+ # SDKs, you provide the access point ARN in place of the bucket name.
919
+ # For more information about access point ARNs, see [Using Access
920
+ # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
921
+ #
922
+ # When using this API with Amazon S3 on Outposts, you must direct
923
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
924
+ # takes the form
925
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
926
+ # When using this operation using S3 on Outposts through the AWS SDKs,
927
+ # you provide the Outposts bucket ARN in place of the bucket name. For
928
+ # more information about S3 on Outposts ARNs, see [Using S3 on
929
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
930
+ #
931
+ #
932
+ #
933
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
934
+ # [2]: https://docs.aws.amazon.com/
894
935
  # @return [String]
895
936
  #
896
937
  # @!attribute [rw] key
@@ -969,6 +1010,7 @@ module Aws::S3
969
1010
  # },
970
1011
  # upload_id: "MultipartUploadId", # required
971
1012
  # request_payer: "requester", # accepts requester
1013
+ # expected_bucket_owner: "AccountId",
972
1014
  # }
973
1015
  #
974
1016
  # @!attribute [rw] bucket
@@ -999,6 +1041,12 @@ module Aws::S3
999
1041
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1000
1042
  # @return [String]
1001
1043
  #
1044
+ # @!attribute [rw] expected_bucket_owner
1045
+ # The account id of the expected bucket owner. If the bucket is owned
1046
+ # by a different account, the request will fail with an HTTP `403
1047
+ # (Access Denied)` error.
1048
+ # @return [String]
1049
+ #
1002
1050
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CompleteMultipartUploadRequest AWS API Documentation
1003
1051
  #
1004
1052
  class CompleteMultipartUploadRequest < Struct.new(
@@ -1006,7 +1054,8 @@ module Aws::S3
1006
1054
  :key,
1007
1055
  :multipart_upload,
1008
1056
  :upload_id,
1009
- :request_payer)
1057
+ :request_payer,
1058
+ :expected_bucket_owner)
1010
1059
  SENSITIVE = []
1011
1060
  include Aws::Structure
1012
1061
  end
@@ -1214,7 +1263,7 @@ module Aws::S3
1214
1263
  # metadata_directive: "COPY", # accepts COPY, REPLACE
1215
1264
  # tagging_directive: "COPY", # accepts COPY, REPLACE
1216
1265
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
1217
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
1266
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
1218
1267
  # website_redirect_location: "WebsiteRedirectLocation",
1219
1268
  # sse_customer_algorithm: "SSECustomerAlgorithm",
1220
1269
  # sse_customer_key: "SSECustomerKey",
@@ -1229,6 +1278,8 @@ module Aws::S3
1229
1278
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
1230
1279
  # object_lock_retain_until_date: Time.now,
1231
1280
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
1281
+ # expected_bucket_owner: "AccountId",
1282
+ # expected_source_bucket_owner: "AccountId",
1232
1283
  # }
1233
1284
  #
1234
1285
  # @!attribute [rw] acl
@@ -1237,6 +1288,29 @@ module Aws::S3
1237
1288
  #
1238
1289
  # @!attribute [rw] bucket
1239
1290
  # The name of the destination bucket.
1291
+ #
1292
+ # When using this API with an access point, you must direct requests
1293
+ # to the access point hostname. The access point hostname takes the
1294
+ # form
1295
+ # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
1296
+ # When using this operation using an access point through the AWS
1297
+ # SDKs, you provide the access point ARN in place of the bucket name.
1298
+ # For more information about access point ARNs, see [Using Access
1299
+ # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
1300
+ #
1301
+ # When using this API with Amazon S3 on Outposts, you must direct
1302
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
1303
+ # takes the form
1304
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
1305
+ # When using this operation using S3 on Outposts through the AWS SDKs,
1306
+ # you provide the Outposts bucket ARN in place of the bucket name. For
1307
+ # more information about S3 on Outposts ARNs, see [Using S3 on
1308
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
1309
+ #
1310
+ #
1311
+ #
1312
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
1313
+ # [2]: https://docs.aws.amazon.com/
1240
1314
  # @return [String]
1241
1315
  #
1242
1316
  # @!attribute [rw] cache_control
@@ -1262,8 +1336,50 @@ module Aws::S3
1262
1336
  # @return [String]
1263
1337
  #
1264
1338
  # @!attribute [rw] copy_source
1265
- # The name of the source bucket and key name of the source object,
1266
- # separated by a slash (/). Must be URL-encoded.
1339
+ # Specifies the source object for the copy operation. You specify the
1340
+ # value in one of two formats, depending on whether you want to access
1341
+ # the source object through an [access point][1]\:
1342
+ #
1343
+ # * For objects not accessed through an access point, specify the name
1344
+ # of the source bucket and the key of the source object, separated
1345
+ # by a slash (/). For example, to copy the object
1346
+ # `reports/january.pdf` from the bucket `awsexamplebucket`, use
1347
+ # `awsexamplebucket/reports/january.pdf`. The value must be URL
1348
+ # encoded.
1349
+ #
1350
+ # * For objects accessed through access points, specify the Amazon
1351
+ # Resource Name (ARN) of the object as accessed through the access
1352
+ # point, in the format
1353
+ # `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`.
1354
+ # For example, to copy the object `reports/january.pdf` through
1355
+ # access point `my-access-point` owned by account `123456789012` in
1356
+ # Region `us-west-2`, use the URL encoding of
1357
+ # `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
1358
+ # The value must be URL encoded.
1359
+ #
1360
+ # <note markdown="1"> Amazon S3 supports copy operations using access points only when
1361
+ # the source and destination buckets are in the same AWS Region.
1362
+ #
1363
+ # </note>
1364
+ #
1365
+ # Alternatively, for objects accessed through Amazon S3 on Outposts,
1366
+ # specify the ARN of the object as accessed in the format
1367
+ # `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/object/<key>`.
1368
+ # For example, to copy the object `reports/january.pdf` through
1369
+ # outpost `my-outpost` owned by account `123456789012` in Region
1370
+ # `us-west-2`, use the URL encoding of
1371
+ # `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`.
1372
+ # The value must be URL encoded.
1373
+ #
1374
+ # To copy a specific version of an object, append
1375
+ # `?versionId=<version-id>` to the value (for example,
1376
+ # `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
1377
+ # If you don't specify a version ID, Amazon S3 copies the latest
1378
+ # version of the source object.
1379
+ #
1380
+ #
1381
+ #
1382
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html
1267
1383
  # @return [String]
1268
1384
  #
1269
1385
  # @!attribute [rw] copy_source_if_match
@@ -1350,7 +1466,7 @@ module Aws::S3
1350
1466
  # in encrypting data. This value is used to store the object and then
1351
1467
  # it is discarded; Amazon S3 does not store the encryption key. The
1352
1468
  # key must be appropriate for use with the algorithm specified in the
1353
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
1469
+ # `x-amz-server-side-encryption-customer-algorithm` header.
1354
1470
  # @return [String]
1355
1471
  #
1356
1472
  # @!attribute [rw] sse_customer_key_md5
@@ -1427,6 +1543,18 @@ module Aws::S3
1427
1543
  # object.
1428
1544
  # @return [String]
1429
1545
  #
1546
+ # @!attribute [rw] expected_bucket_owner
1547
+ # The account id of the expected destination bucket owner. If the
1548
+ # destination bucket is owned by a different account, the request will
1549
+ # fail with an HTTP `403 (Access Denied)` error.
1550
+ # @return [String]
1551
+ #
1552
+ # @!attribute [rw] expected_source_bucket_owner
1553
+ # The account id of the expected source bucket owner. If the source
1554
+ # bucket is owned by a different account, the request will fail with
1555
+ # an HTTP `403 (Access Denied)` error.
1556
+ # @return [String]
1557
+ #
1430
1558
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CopyObjectRequest AWS API Documentation
1431
1559
  #
1432
1560
  class CopyObjectRequest < Struct.new(
@@ -1466,7 +1594,9 @@ module Aws::S3
1466
1594
  :tagging,
1467
1595
  :object_lock_mode,
1468
1596
  :object_lock_retain_until_date,
1469
- :object_lock_legal_hold_status)
1597
+ :object_lock_legal_hold_status,
1598
+ :expected_bucket_owner,
1599
+ :expected_source_bucket_owner)
1470
1600
  SENSITIVE = [:sse_customer_key, :ssekms_key_id, :ssekms_encryption_context, :copy_source_sse_customer_key]
1471
1601
  include Aws::Structure
1472
1602
  end
@@ -1645,7 +1775,7 @@ module Aws::S3
1645
1775
  # @return [String]
1646
1776
  #
1647
1777
  # @!attribute [rw] bucket
1648
- # Name of the bucket to which the multipart upload was initiated.
1778
+ # The name of the bucket to which the multipart upload was initiated.
1649
1779
  #
1650
1780
  # When using this API with an access point, you must direct requests
1651
1781
  # to the access point hostname. The access point hostname takes the
@@ -1656,9 +1786,19 @@ module Aws::S3
1656
1786
  # For more information about access point ARNs, see [Using Access
1657
1787
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
1658
1788
  #
1789
+ # When using this API with Amazon S3 on Outposts, you must direct
1790
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
1791
+ # takes the form
1792
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
1793
+ # When using this operation using S3 on Outposts through the AWS SDKs,
1794
+ # you provide the Outposts bucket ARN in place of the bucket name. For
1795
+ # more information about S3 on Outposts ARNs, see [Using S3 on
1796
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
1797
+ #
1659
1798
  #
1660
1799
  #
1661
1800
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
1801
+ # [2]: https://docs.aws.amazon.com/
1662
1802
  # @return [String]
1663
1803
  #
1664
1804
  # @!attribute [rw] key
@@ -1744,7 +1884,7 @@ module Aws::S3
1744
1884
  # "MetadataKey" => "MetadataValue",
1745
1885
  # },
1746
1886
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
1747
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
1887
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
1748
1888
  # website_redirect_location: "WebsiteRedirectLocation",
1749
1889
  # sse_customer_algorithm: "SSECustomerAlgorithm",
1750
1890
  # sse_customer_key: "SSECustomerKey",
@@ -1756,6 +1896,7 @@ module Aws::S3
1756
1896
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
1757
1897
  # object_lock_retain_until_date: Time.now,
1758
1898
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
1899
+ # expected_bucket_owner: "AccountId",
1759
1900
  # }
1760
1901
  #
1761
1902
  # @!attribute [rw] acl
@@ -1764,6 +1905,29 @@ module Aws::S3
1764
1905
  #
1765
1906
  # @!attribute [rw] bucket
1766
1907
  # The name of the bucket to which to initiate the upload
1908
+ #
1909
+ # When using this API with an access point, you must direct requests
1910
+ # to the access point hostname. The access point hostname takes the
1911
+ # form
1912
+ # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
1913
+ # When using this operation using an access point through the AWS
1914
+ # SDKs, you provide the access point ARN in place of the bucket name.
1915
+ # For more information about access point ARNs, see [Using Access
1916
+ # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
1917
+ #
1918
+ # When using this API with Amazon S3 on Outposts, you must direct
1919
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
1920
+ # takes the form
1921
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
1922
+ # When using this operation using S3 on Outposts through the AWS SDKs,
1923
+ # you provide the Outposts bucket ARN in place of the bucket name. For
1924
+ # more information about S3 on Outposts ARNs, see [Using S3 on
1925
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
1926
+ #
1927
+ #
1928
+ #
1929
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
1930
+ # [2]: https://docs.aws.amazon.com/
1767
1931
  # @return [String]
1768
1932
  #
1769
1933
  # @!attribute [rw] cache_control
@@ -1843,7 +2007,7 @@ module Aws::S3
1843
2007
  # in encrypting data. This value is used to store the object and then
1844
2008
  # it is discarded; Amazon S3 does not store the encryption key. The
1845
2009
  # key must be appropriate for use with the algorithm specified in the
1846
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
2010
+ # `x-amz-server-side-encryption-customer-algorithm` header.
1847
2011
  # @return [String]
1848
2012
  #
1849
2013
  # @!attribute [rw] sse_customer_key_md5
@@ -1903,6 +2067,12 @@ module Aws::S3
1903
2067
  # object.
1904
2068
  # @return [String]
1905
2069
  #
2070
+ # @!attribute [rw] expected_bucket_owner
2071
+ # The account id of the expected bucket owner. If the bucket is owned
2072
+ # by a different account, the request will fail with an HTTP `403
2073
+ # (Access Denied)` error.
2074
+ # @return [String]
2075
+ #
1906
2076
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateMultipartUploadRequest AWS API Documentation
1907
2077
  #
1908
2078
  class CreateMultipartUploadRequest < Struct.new(
@@ -1932,7 +2102,8 @@ module Aws::S3
1932
2102
  :tagging,
1933
2103
  :object_lock_mode,
1934
2104
  :object_lock_retain_until_date,
1935
- :object_lock_legal_hold_status)
2105
+ :object_lock_legal_hold_status,
2106
+ :expected_bucket_owner)
1936
2107
  SENSITIVE = [:sse_customer_key, :ssekms_key_id, :ssekms_encryption_context]
1937
2108
  include Aws::Structure
1938
2109
  end
@@ -2013,6 +2184,7 @@ module Aws::S3
2013
2184
  # {
2014
2185
  # bucket: "BucketName", # required
2015
2186
  # id: "AnalyticsId", # required
2187
+ # expected_bucket_owner: "AccountId",
2016
2188
  # }
2017
2189
  #
2018
2190
  # @!attribute [rw] bucket
@@ -2024,11 +2196,18 @@ module Aws::S3
2024
2196
  # The ID that identifies the analytics configuration.
2025
2197
  # @return [String]
2026
2198
  #
2199
+ # @!attribute [rw] expected_bucket_owner
2200
+ # The account id of the expected bucket owner. If the bucket is owned
2201
+ # by a different account, the request will fail with an HTTP `403
2202
+ # (Access Denied)` error.
2203
+ # @return [String]
2204
+ #
2027
2205
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketAnalyticsConfigurationRequest AWS API Documentation
2028
2206
  #
2029
2207
  class DeleteBucketAnalyticsConfigurationRequest < Struct.new(
2030
2208
  :bucket,
2031
- :id)
2209
+ :id,
2210
+ :expected_bucket_owner)
2032
2211
  SENSITIVE = []
2033
2212
  include Aws::Structure
2034
2213
  end
@@ -2038,16 +2217,24 @@ module Aws::S3
2038
2217
  #
2039
2218
  # {
2040
2219
  # bucket: "BucketName", # required
2220
+ # expected_bucket_owner: "AccountId",
2041
2221
  # }
2042
2222
  #
2043
2223
  # @!attribute [rw] bucket
2044
2224
  # Specifies the bucket whose `cors` configuration is being deleted.
2045
2225
  # @return [String]
2046
2226
  #
2227
+ # @!attribute [rw] expected_bucket_owner
2228
+ # The account id of the expected bucket owner. If the bucket is owned
2229
+ # by a different account, the request will fail with an HTTP `403
2230
+ # (Access Denied)` error.
2231
+ # @return [String]
2232
+ #
2047
2233
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketCorsRequest AWS API Documentation
2048
2234
  #
2049
2235
  class DeleteBucketCorsRequest < Struct.new(
2050
- :bucket)
2236
+ :bucket,
2237
+ :expected_bucket_owner)
2051
2238
  SENSITIVE = []
2052
2239
  include Aws::Structure
2053
2240
  end
@@ -2057,6 +2244,7 @@ module Aws::S3
2057
2244
  #
2058
2245
  # {
2059
2246
  # bucket: "BucketName", # required
2247
+ # expected_bucket_owner: "AccountId",
2060
2248
  # }
2061
2249
  #
2062
2250
  # @!attribute [rw] bucket
@@ -2064,10 +2252,17 @@ module Aws::S3
2064
2252
  # configuration to delete.
2065
2253
  # @return [String]
2066
2254
  #
2255
+ # @!attribute [rw] expected_bucket_owner
2256
+ # The account id of the expected bucket owner. If the bucket is owned
2257
+ # by a different account, the request will fail with an HTTP `403
2258
+ # (Access Denied)` error.
2259
+ # @return [String]
2260
+ #
2067
2261
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketEncryptionRequest AWS API Documentation
2068
2262
  #
2069
2263
  class DeleteBucketEncryptionRequest < Struct.new(
2070
- :bucket)
2264
+ :bucket,
2265
+ :expected_bucket_owner)
2071
2266
  SENSITIVE = []
2072
2267
  include Aws::Structure
2073
2268
  end
@@ -2078,6 +2273,7 @@ module Aws::S3
2078
2273
  # {
2079
2274
  # bucket: "BucketName", # required
2080
2275
  # id: "InventoryId", # required
2276
+ # expected_bucket_owner: "AccountId",
2081
2277
  # }
2082
2278
  #
2083
2279
  # @!attribute [rw] bucket
@@ -2089,11 +2285,18 @@ module Aws::S3
2089
2285
  # The ID used to identify the inventory configuration.
2090
2286
  # @return [String]
2091
2287
  #
2288
+ # @!attribute [rw] expected_bucket_owner
2289
+ # The account id of the expected bucket owner. If the bucket is owned
2290
+ # by a different account, the request will fail with an HTTP `403
2291
+ # (Access Denied)` error.
2292
+ # @return [String]
2293
+ #
2092
2294
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketInventoryConfigurationRequest AWS API Documentation
2093
2295
  #
2094
2296
  class DeleteBucketInventoryConfigurationRequest < Struct.new(
2095
2297
  :bucket,
2096
- :id)
2298
+ :id,
2299
+ :expected_bucket_owner)
2097
2300
  SENSITIVE = []
2098
2301
  include Aws::Structure
2099
2302
  end
@@ -2103,16 +2306,24 @@ module Aws::S3
2103
2306
  #
2104
2307
  # {
2105
2308
  # bucket: "BucketName", # required
2309
+ # expected_bucket_owner: "AccountId",
2106
2310
  # }
2107
2311
  #
2108
2312
  # @!attribute [rw] bucket
2109
2313
  # The bucket name of the lifecycle to delete.
2110
2314
  # @return [String]
2111
2315
  #
2316
+ # @!attribute [rw] expected_bucket_owner
2317
+ # The account id of the expected bucket owner. If the bucket is owned
2318
+ # by a different account, the request will fail with an HTTP `403
2319
+ # (Access Denied)` error.
2320
+ # @return [String]
2321
+ #
2112
2322
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketLifecycleRequest AWS API Documentation
2113
2323
  #
2114
2324
  class DeleteBucketLifecycleRequest < Struct.new(
2115
- :bucket)
2325
+ :bucket,
2326
+ :expected_bucket_owner)
2116
2327
  SENSITIVE = []
2117
2328
  include Aws::Structure
2118
2329
  end
@@ -2123,6 +2334,7 @@ module Aws::S3
2123
2334
  # {
2124
2335
  # bucket: "BucketName", # required
2125
2336
  # id: "MetricsId", # required
2337
+ # expected_bucket_owner: "AccountId",
2126
2338
  # }
2127
2339
  #
2128
2340
  # @!attribute [rw] bucket
@@ -2134,11 +2346,18 @@ module Aws::S3
2134
2346
  # The ID used to identify the metrics configuration.
2135
2347
  # @return [String]
2136
2348
  #
2349
+ # @!attribute [rw] expected_bucket_owner
2350
+ # The account id of the expected bucket owner. If the bucket is owned
2351
+ # by a different account, the request will fail with an HTTP `403
2352
+ # (Access Denied)` error.
2353
+ # @return [String]
2354
+ #
2137
2355
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketMetricsConfigurationRequest AWS API Documentation
2138
2356
  #
2139
2357
  class DeleteBucketMetricsConfigurationRequest < Struct.new(
2140
2358
  :bucket,
2141
- :id)
2359
+ :id,
2360
+ :expected_bucket_owner)
2142
2361
  SENSITIVE = []
2143
2362
  include Aws::Structure
2144
2363
  end
@@ -2148,16 +2367,24 @@ module Aws::S3
2148
2367
  #
2149
2368
  # {
2150
2369
  # bucket: "BucketName", # required
2370
+ # expected_bucket_owner: "AccountId",
2151
2371
  # }
2152
2372
  #
2153
2373
  # @!attribute [rw] bucket
2154
2374
  # The bucket name.
2155
2375
  # @return [String]
2156
2376
  #
2377
+ # @!attribute [rw] expected_bucket_owner
2378
+ # The account id of the expected bucket owner. If the bucket is owned
2379
+ # by a different account, the request will fail with an HTTP `403
2380
+ # (Access Denied)` error.
2381
+ # @return [String]
2382
+ #
2157
2383
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketPolicyRequest AWS API Documentation
2158
2384
  #
2159
2385
  class DeleteBucketPolicyRequest < Struct.new(
2160
- :bucket)
2386
+ :bucket,
2387
+ :expected_bucket_owner)
2161
2388
  SENSITIVE = []
2162
2389
  include Aws::Structure
2163
2390
  end
@@ -2167,16 +2394,24 @@ module Aws::S3
2167
2394
  #
2168
2395
  # {
2169
2396
  # bucket: "BucketName", # required
2397
+ # expected_bucket_owner: "AccountId",
2170
2398
  # }
2171
2399
  #
2172
2400
  # @!attribute [rw] bucket
2173
2401
  # The bucket name.
2174
2402
  # @return [String]
2175
2403
  #
2404
+ # @!attribute [rw] expected_bucket_owner
2405
+ # The account id of the expected bucket owner. If the bucket is owned
2406
+ # by a different account, the request will fail with an HTTP `403
2407
+ # (Access Denied)` error.
2408
+ # @return [String]
2409
+ #
2176
2410
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketReplicationRequest AWS API Documentation
2177
2411
  #
2178
2412
  class DeleteBucketReplicationRequest < Struct.new(
2179
- :bucket)
2413
+ :bucket,
2414
+ :expected_bucket_owner)
2180
2415
  SENSITIVE = []
2181
2416
  include Aws::Structure
2182
2417
  end
@@ -2186,16 +2421,24 @@ module Aws::S3
2186
2421
  #
2187
2422
  # {
2188
2423
  # bucket: "BucketName", # required
2424
+ # expected_bucket_owner: "AccountId",
2189
2425
  # }
2190
2426
  #
2191
2427
  # @!attribute [rw] bucket
2192
2428
  # Specifies the bucket being deleted.
2193
2429
  # @return [String]
2194
2430
  #
2431
+ # @!attribute [rw] expected_bucket_owner
2432
+ # The account id of the expected bucket owner. If the bucket is owned
2433
+ # by a different account, the request will fail with an HTTP `403
2434
+ # (Access Denied)` error.
2435
+ # @return [String]
2436
+ #
2195
2437
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketRequest AWS API Documentation
2196
2438
  #
2197
2439
  class DeleteBucketRequest < Struct.new(
2198
- :bucket)
2440
+ :bucket,
2441
+ :expected_bucket_owner)
2199
2442
  SENSITIVE = []
2200
2443
  include Aws::Structure
2201
2444
  end
@@ -2205,16 +2448,24 @@ module Aws::S3
2205
2448
  #
2206
2449
  # {
2207
2450
  # bucket: "BucketName", # required
2451
+ # expected_bucket_owner: "AccountId",
2208
2452
  # }
2209
2453
  #
2210
2454
  # @!attribute [rw] bucket
2211
2455
  # The bucket that has the tag set to be removed.
2212
2456
  # @return [String]
2213
2457
  #
2458
+ # @!attribute [rw] expected_bucket_owner
2459
+ # The account id of the expected bucket owner. If the bucket is owned
2460
+ # by a different account, the request will fail with an HTTP `403
2461
+ # (Access Denied)` error.
2462
+ # @return [String]
2463
+ #
2214
2464
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketTaggingRequest AWS API Documentation
2215
2465
  #
2216
2466
  class DeleteBucketTaggingRequest < Struct.new(
2217
- :bucket)
2467
+ :bucket,
2468
+ :expected_bucket_owner)
2218
2469
  SENSITIVE = []
2219
2470
  include Aws::Structure
2220
2471
  end
@@ -2224,6 +2475,7 @@ module Aws::S3
2224
2475
  #
2225
2476
  # {
2226
2477
  # bucket: "BucketName", # required
2478
+ # expected_bucket_owner: "AccountId",
2227
2479
  # }
2228
2480
  #
2229
2481
  # @!attribute [rw] bucket
@@ -2231,10 +2483,17 @@ module Aws::S3
2231
2483
  # configuration.
2232
2484
  # @return [String]
2233
2485
  #
2486
+ # @!attribute [rw] expected_bucket_owner
2487
+ # The account id of the expected bucket owner. If the bucket is owned
2488
+ # by a different account, the request will fail with an HTTP `403
2489
+ # (Access Denied)` error.
2490
+ # @return [String]
2491
+ #
2234
2492
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketWebsiteRequest AWS API Documentation
2235
2493
  #
2236
2494
  class DeleteBucketWebsiteRequest < Struct.new(
2237
- :bucket)
2495
+ :bucket,
2496
+ :expected_bucket_owner)
2238
2497
  SENSITIVE = []
2239
2498
  include Aws::Structure
2240
2499
  end
@@ -2353,6 +2612,7 @@ module Aws::S3
2353
2612
  # version_id: "ObjectVersionId",
2354
2613
  # request_payer: "requester", # accepts requester
2355
2614
  # bypass_governance_retention: false,
2615
+ # expected_bucket_owner: "AccountId",
2356
2616
  # }
2357
2617
  #
2358
2618
  # @!attribute [rw] bucket
@@ -2367,9 +2627,19 @@ module Aws::S3
2367
2627
  # For more information about access point ARNs, see [Using Access
2368
2628
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
2369
2629
  #
2630
+ # When using this API with Amazon S3 on Outposts, you must direct
2631
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
2632
+ # takes the form
2633
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
2634
+ # When using this operation using S3 on Outposts through the AWS SDKs,
2635
+ # you provide the Outposts bucket ARN in place of the bucket name. For
2636
+ # more information about S3 on Outposts ARNs, see [Using S3 on
2637
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
2638
+ #
2370
2639
  #
2371
2640
  #
2372
2641
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
2642
+ # [2]: https://docs.aws.amazon.com/
2373
2643
  # @return [String]
2374
2644
  #
2375
2645
  # @!attribute [rw] key
@@ -2404,6 +2674,12 @@ module Aws::S3
2404
2674
  # restrictions to process this operation.
2405
2675
  # @return [Boolean]
2406
2676
  #
2677
+ # @!attribute [rw] expected_bucket_owner
2678
+ # The account id of the expected bucket owner. If the bucket is owned
2679
+ # by a different account, the request will fail with an HTTP `403
2680
+ # (Access Denied)` error.
2681
+ # @return [String]
2682
+ #
2407
2683
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteObjectRequest AWS API Documentation
2408
2684
  #
2409
2685
  class DeleteObjectRequest < Struct.new(
@@ -2412,7 +2688,8 @@ module Aws::S3
2412
2688
  :mfa,
2413
2689
  :version_id,
2414
2690
  :request_payer,
2415
- :bypass_governance_retention)
2691
+ :bypass_governance_retention,
2692
+ :expected_bucket_owner)
2416
2693
  SENSITIVE = []
2417
2694
  include Aws::Structure
2418
2695
  end
@@ -2436,6 +2713,7 @@ module Aws::S3
2436
2713
  # bucket: "BucketName", # required
2437
2714
  # key: "ObjectKey", # required
2438
2715
  # version_id: "ObjectVersionId",
2716
+ # expected_bucket_owner: "AccountId",
2439
2717
  # }
2440
2718
  #
2441
2719
  # @!attribute [rw] bucket
@@ -2451,9 +2729,19 @@ module Aws::S3
2451
2729
  # For more information about access point ARNs, see [Using Access
2452
2730
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
2453
2731
  #
2732
+ # When using this API with Amazon S3 on Outposts, you must direct
2733
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
2734
+ # takes the form
2735
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
2736
+ # When using this operation using S3 on Outposts through the AWS SDKs,
2737
+ # you provide the Outposts bucket ARN in place of the bucket name. For
2738
+ # more information about S3 on Outposts ARNs, see [Using S3 on
2739
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
2740
+ #
2454
2741
  #
2455
2742
  #
2456
2743
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
2744
+ # [2]: https://docs.aws.amazon.com/
2457
2745
  # @return [String]
2458
2746
  #
2459
2747
  # @!attribute [rw] key
@@ -2464,12 +2752,19 @@ module Aws::S3
2464
2752
  # The versionId of the object that the tag-set will be removed from.
2465
2753
  # @return [String]
2466
2754
  #
2755
+ # @!attribute [rw] expected_bucket_owner
2756
+ # The account id of the expected bucket owner. If the bucket is owned
2757
+ # by a different account, the request will fail with an HTTP `403
2758
+ # (Access Denied)` error.
2759
+ # @return [String]
2760
+ #
2467
2761
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteObjectTaggingRequest AWS API Documentation
2468
2762
  #
2469
2763
  class DeleteObjectTaggingRequest < Struct.new(
2470
2764
  :bucket,
2471
2765
  :key,
2472
- :version_id)
2766
+ :version_id,
2767
+ :expected_bucket_owner)
2473
2768
  SENSITIVE = []
2474
2769
  include Aws::Structure
2475
2770
  end
@@ -2516,6 +2811,7 @@ module Aws::S3
2516
2811
  # mfa: "MFA",
2517
2812
  # request_payer: "requester", # accepts requester
2518
2813
  # bypass_governance_retention: false,
2814
+ # expected_bucket_owner: "AccountId",
2519
2815
  # }
2520
2816
  #
2521
2817
  # @!attribute [rw] bucket
@@ -2530,9 +2826,19 @@ module Aws::S3
2530
2826
  # For more information about access point ARNs, see [Using Access
2531
2827
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
2532
2828
  #
2829
+ # When using this API with Amazon S3 on Outposts, you must direct
2830
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
2831
+ # takes the form
2832
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
2833
+ # When using this operation using S3 on Outposts through the AWS SDKs,
2834
+ # you provide the Outposts bucket ARN in place of the bucket name. For
2835
+ # more information about S3 on Outposts ARNs, see [Using S3 on
2836
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
2837
+ #
2533
2838
  #
2534
2839
  #
2535
2840
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
2841
+ # [2]: https://docs.aws.amazon.com/
2536
2842
  # @return [String]
2537
2843
  #
2538
2844
  # @!attribute [rw] delete
@@ -2564,6 +2870,12 @@ module Aws::S3
2564
2870
  # permissions to perform this operation.
2565
2871
  # @return [Boolean]
2566
2872
  #
2873
+ # @!attribute [rw] expected_bucket_owner
2874
+ # The account id of the expected bucket owner. If the bucket is owned
2875
+ # by a different account, the request will fail with an HTTP `403
2876
+ # (Access Denied)` error.
2877
+ # @return [String]
2878
+ #
2567
2879
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteObjectsRequest AWS API Documentation
2568
2880
  #
2569
2881
  class DeleteObjectsRequest < Struct.new(
@@ -2571,7 +2883,8 @@ module Aws::S3
2571
2883
  :delete,
2572
2884
  :mfa,
2573
2885
  :request_payer,
2574
- :bypass_governance_retention)
2886
+ :bypass_governance_retention,
2887
+ :expected_bucket_owner)
2575
2888
  SENSITIVE = []
2576
2889
  include Aws::Structure
2577
2890
  end
@@ -2581,6 +2894,7 @@ module Aws::S3
2581
2894
  #
2582
2895
  # {
2583
2896
  # bucket: "BucketName", # required
2897
+ # expected_bucket_owner: "AccountId",
2584
2898
  # }
2585
2899
  #
2586
2900
  # @!attribute [rw] bucket
@@ -2588,10 +2902,17 @@ module Aws::S3
2588
2902
  # want to delete.
2589
2903
  # @return [String]
2590
2904
  #
2905
+ # @!attribute [rw] expected_bucket_owner
2906
+ # The account id of the expected bucket owner. If the bucket is owned
2907
+ # by a different account, the request will fail with an HTTP `403
2908
+ # (Access Denied)` error.
2909
+ # @return [String]
2910
+ #
2591
2911
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeletePublicAccessBlockRequest AWS API Documentation
2592
2912
  #
2593
2913
  class DeletePublicAccessBlockRequest < Struct.new(
2594
- :bucket)
2914
+ :bucket,
2915
+ :expected_bucket_owner)
2595
2916
  SENSITIVE = []
2596
2917
  include Aws::Structure
2597
2918
  end
@@ -2641,7 +2962,7 @@ module Aws::S3
2641
2962
  # {
2642
2963
  # bucket: "BucketName", # required
2643
2964
  # account: "AccountId",
2644
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
2965
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
2645
2966
  # access_control_translation: {
2646
2967
  # owner: "Destination", # required, accepts Destination
2647
2968
  # },
@@ -3750,17 +4071,25 @@ module Aws::S3
3750
4071
  #
3751
4072
  # {
3752
4073
  # bucket: "BucketName", # required
4074
+ # expected_bucket_owner: "AccountId",
3753
4075
  # }
3754
4076
  #
3755
4077
  # @!attribute [rw] bucket
3756
- # Name of the bucket for which the accelerate configuration is
4078
+ # The name of the bucket for which the accelerate configuration is
3757
4079
  # retrieved.
3758
4080
  # @return [String]
3759
4081
  #
4082
+ # @!attribute [rw] expected_bucket_owner
4083
+ # The account id of the expected bucket owner. If the bucket is owned
4084
+ # by a different account, the request will fail with an HTTP `403
4085
+ # (Access Denied)` error.
4086
+ # @return [String]
4087
+ #
3760
4088
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketAccelerateConfigurationRequest AWS API Documentation
3761
4089
  #
3762
4090
  class GetBucketAccelerateConfigurationRequest < Struct.new(
3763
- :bucket)
4091
+ :bucket,
4092
+ :expected_bucket_owner)
3764
4093
  SENSITIVE = []
3765
4094
  include Aws::Structure
3766
4095
  end
@@ -3787,16 +4116,24 @@ module Aws::S3
3787
4116
  #
3788
4117
  # {
3789
4118
  # bucket: "BucketName", # required
4119
+ # expected_bucket_owner: "AccountId",
3790
4120
  # }
3791
4121
  #
3792
4122
  # @!attribute [rw] bucket
3793
4123
  # Specifies the S3 bucket whose ACL is being requested.
3794
4124
  # @return [String]
3795
4125
  #
4126
+ # @!attribute [rw] expected_bucket_owner
4127
+ # The account id of the expected bucket owner. If the bucket is owned
4128
+ # by a different account, the request will fail with an HTTP `403
4129
+ # (Access Denied)` error.
4130
+ # @return [String]
4131
+ #
3796
4132
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketAclRequest AWS API Documentation
3797
4133
  #
3798
4134
  class GetBucketAclRequest < Struct.new(
3799
- :bucket)
4135
+ :bucket,
4136
+ :expected_bucket_owner)
3800
4137
  SENSITIVE = []
3801
4138
  include Aws::Structure
3802
4139
  end
@@ -3819,6 +4156,7 @@ module Aws::S3
3819
4156
  # {
3820
4157
  # bucket: "BucketName", # required
3821
4158
  # id: "AnalyticsId", # required
4159
+ # expected_bucket_owner: "AccountId",
3822
4160
  # }
3823
4161
  #
3824
4162
  # @!attribute [rw] bucket
@@ -3830,11 +4168,18 @@ module Aws::S3
3830
4168
  # The ID that identifies the analytics configuration.
3831
4169
  # @return [String]
3832
4170
  #
4171
+ # @!attribute [rw] expected_bucket_owner
4172
+ # The account id of the expected bucket owner. If the bucket is owned
4173
+ # by a different account, the request will fail with an HTTP `403
4174
+ # (Access Denied)` error.
4175
+ # @return [String]
4176
+ #
3833
4177
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketAnalyticsConfigurationRequest AWS API Documentation
3834
4178
  #
3835
4179
  class GetBucketAnalyticsConfigurationRequest < Struct.new(
3836
4180
  :bucket,
3837
- :id)
4181
+ :id,
4182
+ :expected_bucket_owner)
3838
4183
  SENSITIVE = []
3839
4184
  include Aws::Structure
3840
4185
  end
@@ -3857,16 +4202,24 @@ module Aws::S3
3857
4202
  #
3858
4203
  # {
3859
4204
  # bucket: "BucketName", # required
4205
+ # expected_bucket_owner: "AccountId",
3860
4206
  # }
3861
4207
  #
3862
4208
  # @!attribute [rw] bucket
3863
4209
  # The bucket name for which to get the cors configuration.
3864
4210
  # @return [String]
3865
4211
  #
4212
+ # @!attribute [rw] expected_bucket_owner
4213
+ # The account id of the expected bucket owner. If the bucket is owned
4214
+ # by a different account, the request will fail with an HTTP `403
4215
+ # (Access Denied)` error.
4216
+ # @return [String]
4217
+ #
3866
4218
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketCorsRequest AWS API Documentation
3867
4219
  #
3868
4220
  class GetBucketCorsRequest < Struct.new(
3869
- :bucket)
4221
+ :bucket,
4222
+ :expected_bucket_owner)
3870
4223
  SENSITIVE = []
3871
4224
  include Aws::Structure
3872
4225
  end
@@ -3888,6 +4241,7 @@ module Aws::S3
3888
4241
  #
3889
4242
  # {
3890
4243
  # bucket: "BucketName", # required
4244
+ # expected_bucket_owner: "AccountId",
3891
4245
  # }
3892
4246
  #
3893
4247
  # @!attribute [rw] bucket
@@ -3895,10 +4249,17 @@ module Aws::S3
3895
4249
  # configuration is retrieved.
3896
4250
  # @return [String]
3897
4251
  #
4252
+ # @!attribute [rw] expected_bucket_owner
4253
+ # The account id of the expected bucket owner. If the bucket is owned
4254
+ # by a different account, the request will fail with an HTTP `403
4255
+ # (Access Denied)` error.
4256
+ # @return [String]
4257
+ #
3898
4258
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketEncryptionRequest AWS API Documentation
3899
4259
  #
3900
4260
  class GetBucketEncryptionRequest < Struct.new(
3901
- :bucket)
4261
+ :bucket,
4262
+ :expected_bucket_owner)
3902
4263
  SENSITIVE = []
3903
4264
  include Aws::Structure
3904
4265
  end
@@ -3921,6 +4282,7 @@ module Aws::S3
3921
4282
  # {
3922
4283
  # bucket: "BucketName", # required
3923
4284
  # id: "InventoryId", # required
4285
+ # expected_bucket_owner: "AccountId",
3924
4286
  # }
3925
4287
  #
3926
4288
  # @!attribute [rw] bucket
@@ -3932,11 +4294,18 @@ module Aws::S3
3932
4294
  # The ID used to identify the inventory configuration.
3933
4295
  # @return [String]
3934
4296
  #
4297
+ # @!attribute [rw] expected_bucket_owner
4298
+ # The account id of the expected bucket owner. If the bucket is owned
4299
+ # by a different account, the request will fail with an HTTP `403
4300
+ # (Access Denied)` error.
4301
+ # @return [String]
4302
+ #
3935
4303
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketInventoryConfigurationRequest AWS API Documentation
3936
4304
  #
3937
4305
  class GetBucketInventoryConfigurationRequest < Struct.new(
3938
4306
  :bucket,
3939
- :id)
4307
+ :id,
4308
+ :expected_bucket_owner)
3940
4309
  SENSITIVE = []
3941
4310
  include Aws::Structure
3942
4311
  end
@@ -3958,16 +4327,24 @@ module Aws::S3
3958
4327
  #
3959
4328
  # {
3960
4329
  # bucket: "BucketName", # required
4330
+ # expected_bucket_owner: "AccountId",
3961
4331
  # }
3962
4332
  #
3963
4333
  # @!attribute [rw] bucket
3964
4334
  # The name of the bucket for which to get the lifecycle information.
3965
4335
  # @return [String]
3966
4336
  #
4337
+ # @!attribute [rw] expected_bucket_owner
4338
+ # The account id of the expected bucket owner. If the bucket is owned
4339
+ # by a different account, the request will fail with an HTTP `403
4340
+ # (Access Denied)` error.
4341
+ # @return [String]
4342
+ #
3967
4343
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketLifecycleConfigurationRequest AWS API Documentation
3968
4344
  #
3969
4345
  class GetBucketLifecycleConfigurationRequest < Struct.new(
3970
- :bucket)
4346
+ :bucket,
4347
+ :expected_bucket_owner)
3971
4348
  SENSITIVE = []
3972
4349
  include Aws::Structure
3973
4350
  end
@@ -3989,16 +4366,24 @@ module Aws::S3
3989
4366
  #
3990
4367
  # {
3991
4368
  # bucket: "BucketName", # required
4369
+ # expected_bucket_owner: "AccountId",
3992
4370
  # }
3993
4371
  #
3994
4372
  # @!attribute [rw] bucket
3995
4373
  # The name of the bucket for which to get the lifecycle information.
3996
4374
  # @return [String]
3997
4375
  #
4376
+ # @!attribute [rw] expected_bucket_owner
4377
+ # The account id of the expected bucket owner. If the bucket is owned
4378
+ # by a different account, the request will fail with an HTTP `403
4379
+ # (Access Denied)` error.
4380
+ # @return [String]
4381
+ #
3998
4382
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketLifecycleRequest AWS API Documentation
3999
4383
  #
4000
4384
  class GetBucketLifecycleRequest < Struct.new(
4001
- :bucket)
4385
+ :bucket,
4386
+ :expected_bucket_owner)
4002
4387
  SENSITIVE = []
4003
4388
  include Aws::Structure
4004
4389
  end
@@ -4027,16 +4412,24 @@ module Aws::S3
4027
4412
  #
4028
4413
  # {
4029
4414
  # bucket: "BucketName", # required
4415
+ # expected_bucket_owner: "AccountId",
4030
4416
  # }
4031
4417
  #
4032
4418
  # @!attribute [rw] bucket
4033
4419
  # The name of the bucket for which to get the location.
4034
4420
  # @return [String]
4035
4421
  #
4422
+ # @!attribute [rw] expected_bucket_owner
4423
+ # The account id of the expected bucket owner. If the bucket is owned
4424
+ # by a different account, the request will fail with an HTTP `403
4425
+ # (Access Denied)` error.
4426
+ # @return [String]
4427
+ #
4036
4428
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketLocationRequest AWS API Documentation
4037
4429
  #
4038
4430
  class GetBucketLocationRequest < Struct.new(
4039
- :bucket)
4431
+ :bucket,
4432
+ :expected_bucket_owner)
4040
4433
  SENSITIVE = []
4041
4434
  include Aws::Structure
4042
4435
  end
@@ -4065,16 +4458,24 @@ module Aws::S3
4065
4458
  #
4066
4459
  # {
4067
4460
  # bucket: "BucketName", # required
4461
+ # expected_bucket_owner: "AccountId",
4068
4462
  # }
4069
4463
  #
4070
4464
  # @!attribute [rw] bucket
4071
4465
  # The bucket name for which to get the logging information.
4072
4466
  # @return [String]
4073
4467
  #
4468
+ # @!attribute [rw] expected_bucket_owner
4469
+ # The account id of the expected bucket owner. If the bucket is owned
4470
+ # by a different account, the request will fail with an HTTP `403
4471
+ # (Access Denied)` error.
4472
+ # @return [String]
4473
+ #
4074
4474
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketLoggingRequest AWS API Documentation
4075
4475
  #
4076
4476
  class GetBucketLoggingRequest < Struct.new(
4077
- :bucket)
4477
+ :bucket,
4478
+ :expected_bucket_owner)
4078
4479
  SENSITIVE = []
4079
4480
  include Aws::Structure
4080
4481
  end
@@ -4097,6 +4498,7 @@ module Aws::S3
4097
4498
  # {
4098
4499
  # bucket: "BucketName", # required
4099
4500
  # id: "MetricsId", # required
4501
+ # expected_bucket_owner: "AccountId",
4100
4502
  # }
4101
4503
  #
4102
4504
  # @!attribute [rw] bucket
@@ -4108,11 +4510,18 @@ module Aws::S3
4108
4510
  # The ID used to identify the metrics configuration.
4109
4511
  # @return [String]
4110
4512
  #
4513
+ # @!attribute [rw] expected_bucket_owner
4514
+ # The account id of the expected bucket owner. If the bucket is owned
4515
+ # by a different account, the request will fail with an HTTP `403
4516
+ # (Access Denied)` error.
4517
+ # @return [String]
4518
+ #
4111
4519
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketMetricsConfigurationRequest AWS API Documentation
4112
4520
  #
4113
4521
  class GetBucketMetricsConfigurationRequest < Struct.new(
4114
4522
  :bucket,
4115
- :id)
4523
+ :id,
4524
+ :expected_bucket_owner)
4116
4525
  SENSITIVE = []
4117
4526
  include Aws::Structure
4118
4527
  end
@@ -4122,16 +4531,25 @@ module Aws::S3
4122
4531
  #
4123
4532
  # {
4124
4533
  # bucket: "BucketName", # required
4534
+ # expected_bucket_owner: "AccountId",
4125
4535
  # }
4126
4536
  #
4127
4537
  # @!attribute [rw] bucket
4128
- # Name of the bucket for which to get the notification configuration.
4538
+ # The name of the bucket for which to get the notification
4539
+ # configuration.
4540
+ # @return [String]
4541
+ #
4542
+ # @!attribute [rw] expected_bucket_owner
4543
+ # The account id of the expected bucket owner. If the bucket is owned
4544
+ # by a different account, the request will fail with an HTTP `403
4545
+ # (Access Denied)` error.
4129
4546
  # @return [String]
4130
4547
  #
4131
4548
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketNotificationConfigurationRequest AWS API Documentation
4132
4549
  #
4133
4550
  class GetBucketNotificationConfigurationRequest < Struct.new(
4134
- :bucket)
4551
+ :bucket,
4552
+ :expected_bucket_owner)
4135
4553
  SENSITIVE = []
4136
4554
  include Aws::Structure
4137
4555
  end
@@ -4153,16 +4571,24 @@ module Aws::S3
4153
4571
  #
4154
4572
  # {
4155
4573
  # bucket: "BucketName", # required
4574
+ # expected_bucket_owner: "AccountId",
4156
4575
  # }
4157
4576
  #
4158
4577
  # @!attribute [rw] bucket
4159
4578
  # The bucket name for which to get the bucket policy.
4160
4579
  # @return [String]
4161
4580
  #
4581
+ # @!attribute [rw] expected_bucket_owner
4582
+ # The account id of the expected bucket owner. If the bucket is owned
4583
+ # by a different account, the request will fail with an HTTP `403
4584
+ # (Access Denied)` error.
4585
+ # @return [String]
4586
+ #
4162
4587
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketPolicyRequest AWS API Documentation
4163
4588
  #
4164
4589
  class GetBucketPolicyRequest < Struct.new(
4165
- :bucket)
4590
+ :bucket,
4591
+ :expected_bucket_owner)
4166
4592
  SENSITIVE = []
4167
4593
  include Aws::Structure
4168
4594
  end
@@ -4184,6 +4610,7 @@ module Aws::S3
4184
4610
  #
4185
4611
  # {
4186
4612
  # bucket: "BucketName", # required
4613
+ # expected_bucket_owner: "AccountId",
4187
4614
  # }
4188
4615
  #
4189
4616
  # @!attribute [rw] bucket
@@ -4191,10 +4618,17 @@ module Aws::S3
4191
4618
  # retrieve.
4192
4619
  # @return [String]
4193
4620
  #
4621
+ # @!attribute [rw] expected_bucket_owner
4622
+ # The account id of the expected bucket owner. If the bucket is owned
4623
+ # by a different account, the request will fail with an HTTP `403
4624
+ # (Access Denied)` error.
4625
+ # @return [String]
4626
+ #
4194
4627
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketPolicyStatusRequest AWS API Documentation
4195
4628
  #
4196
4629
  class GetBucketPolicyStatusRequest < Struct.new(
4197
- :bucket)
4630
+ :bucket,
4631
+ :expected_bucket_owner)
4198
4632
  SENSITIVE = []
4199
4633
  include Aws::Structure
4200
4634
  end
@@ -4217,16 +4651,24 @@ module Aws::S3
4217
4651
  #
4218
4652
  # {
4219
4653
  # bucket: "BucketName", # required
4654
+ # expected_bucket_owner: "AccountId",
4220
4655
  # }
4221
4656
  #
4222
4657
  # @!attribute [rw] bucket
4223
4658
  # The bucket name for which to get the replication information.
4224
4659
  # @return [String]
4225
4660
  #
4661
+ # @!attribute [rw] expected_bucket_owner
4662
+ # The account id of the expected bucket owner. If the bucket is owned
4663
+ # by a different account, the request will fail with an HTTP `403
4664
+ # (Access Denied)` error.
4665
+ # @return [String]
4666
+ #
4226
4667
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketReplicationRequest AWS API Documentation
4227
4668
  #
4228
4669
  class GetBucketReplicationRequest < Struct.new(
4229
- :bucket)
4670
+ :bucket,
4671
+ :expected_bucket_owner)
4230
4672
  SENSITIVE = []
4231
4673
  include Aws::Structure
4232
4674
  end
@@ -4248,6 +4690,7 @@ module Aws::S3
4248
4690
  #
4249
4691
  # {
4250
4692
  # bucket: "BucketName", # required
4693
+ # expected_bucket_owner: "AccountId",
4251
4694
  # }
4252
4695
  #
4253
4696
  # @!attribute [rw] bucket
@@ -4255,10 +4698,17 @@ module Aws::S3
4255
4698
  # configuration
4256
4699
  # @return [String]
4257
4700
  #
4701
+ # @!attribute [rw] expected_bucket_owner
4702
+ # The account id of the expected bucket owner. If the bucket is owned
4703
+ # by a different account, the request will fail with an HTTP `403
4704
+ # (Access Denied)` error.
4705
+ # @return [String]
4706
+ #
4258
4707
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketRequestPaymentRequest AWS API Documentation
4259
4708
  #
4260
4709
  class GetBucketRequestPaymentRequest < Struct.new(
4261
- :bucket)
4710
+ :bucket,
4711
+ :expected_bucket_owner)
4262
4712
  SENSITIVE = []
4263
4713
  include Aws::Structure
4264
4714
  end
@@ -4280,16 +4730,24 @@ module Aws::S3
4280
4730
  #
4281
4731
  # {
4282
4732
  # bucket: "BucketName", # required
4733
+ # expected_bucket_owner: "AccountId",
4283
4734
  # }
4284
4735
  #
4285
4736
  # @!attribute [rw] bucket
4286
4737
  # The name of the bucket for which to get the tagging information.
4287
4738
  # @return [String]
4288
4739
  #
4740
+ # @!attribute [rw] expected_bucket_owner
4741
+ # The account id of the expected bucket owner. If the bucket is owned
4742
+ # by a different account, the request will fail with an HTTP `403
4743
+ # (Access Denied)` error.
4744
+ # @return [String]
4745
+ #
4289
4746
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketTaggingRequest AWS API Documentation
4290
4747
  #
4291
4748
  class GetBucketTaggingRequest < Struct.new(
4292
- :bucket)
4749
+ :bucket,
4750
+ :expected_bucket_owner)
4293
4751
  SENSITIVE = []
4294
4752
  include Aws::Structure
4295
4753
  end
@@ -4319,16 +4777,24 @@ module Aws::S3
4319
4777
  #
4320
4778
  # {
4321
4779
  # bucket: "BucketName", # required
4780
+ # expected_bucket_owner: "AccountId",
4322
4781
  # }
4323
4782
  #
4324
4783
  # @!attribute [rw] bucket
4325
4784
  # The name of the bucket for which to get the versioning information.
4326
4785
  # @return [String]
4327
4786
  #
4787
+ # @!attribute [rw] expected_bucket_owner
4788
+ # The account id of the expected bucket owner. If the bucket is owned
4789
+ # by a different account, the request will fail with an HTTP `403
4790
+ # (Access Denied)` error.
4791
+ # @return [String]
4792
+ #
4328
4793
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketVersioningRequest AWS API Documentation
4329
4794
  #
4330
4795
  class GetBucketVersioningRequest < Struct.new(
4331
- :bucket)
4796
+ :bucket,
4797
+ :expected_bucket_owner)
4332
4798
  SENSITIVE = []
4333
4799
  include Aws::Structure
4334
4800
  end
@@ -4369,16 +4835,24 @@ module Aws::S3
4369
4835
  #
4370
4836
  # {
4371
4837
  # bucket: "BucketName", # required
4838
+ # expected_bucket_owner: "AccountId",
4372
4839
  # }
4373
4840
  #
4374
4841
  # @!attribute [rw] bucket
4375
4842
  # The bucket name for which to get the website configuration.
4376
4843
  # @return [String]
4377
4844
  #
4845
+ # @!attribute [rw] expected_bucket_owner
4846
+ # The account id of the expected bucket owner. If the bucket is owned
4847
+ # by a different account, the request will fail with an HTTP `403
4848
+ # (Access Denied)` error.
4849
+ # @return [String]
4850
+ #
4378
4851
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketWebsiteRequest AWS API Documentation
4379
4852
  #
4380
4853
  class GetBucketWebsiteRequest < Struct.new(
4381
- :bucket)
4854
+ :bucket,
4855
+ :expected_bucket_owner)
4382
4856
  SENSITIVE = []
4383
4857
  include Aws::Structure
4384
4858
  end
@@ -4414,6 +4888,7 @@ module Aws::S3
4414
4888
  # key: "ObjectKey", # required
4415
4889
  # version_id: "ObjectVersionId",
4416
4890
  # request_payer: "requester", # accepts requester
4891
+ # expected_bucket_owner: "AccountId",
4417
4892
  # }
4418
4893
  #
4419
4894
  # @!attribute [rw] bucket
@@ -4454,13 +4929,20 @@ module Aws::S3
4454
4929
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
4455
4930
  # @return [String]
4456
4931
  #
4932
+ # @!attribute [rw] expected_bucket_owner
4933
+ # The account id of the expected bucket owner. If the bucket is owned
4934
+ # by a different account, the request will fail with an HTTP `403
4935
+ # (Access Denied)` error.
4936
+ # @return [String]
4937
+ #
4457
4938
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectAclRequest AWS API Documentation
4458
4939
  #
4459
4940
  class GetObjectAclRequest < Struct.new(
4460
4941
  :bucket,
4461
4942
  :key,
4462
4943
  :version_id,
4463
- :request_payer)
4944
+ :request_payer,
4945
+ :expected_bucket_owner)
4464
4946
  SENSITIVE = []
4465
4947
  include Aws::Structure
4466
4948
  end
@@ -4485,6 +4967,7 @@ module Aws::S3
4485
4967
  # key: "ObjectKey", # required
4486
4968
  # version_id: "ObjectVersionId",
4487
4969
  # request_payer: "requester", # accepts requester
4970
+ # expected_bucket_owner: "AccountId",
4488
4971
  # }
4489
4972
  #
4490
4973
  # @!attribute [rw] bucket
@@ -4527,13 +5010,20 @@ module Aws::S3
4527
5010
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
4528
5011
  # @return [String]
4529
5012
  #
5013
+ # @!attribute [rw] expected_bucket_owner
5014
+ # The account id of the expected bucket owner. If the bucket is owned
5015
+ # by a different account, the request will fail with an HTTP `403
5016
+ # (Access Denied)` error.
5017
+ # @return [String]
5018
+ #
4530
5019
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectLegalHoldRequest AWS API Documentation
4531
5020
  #
4532
5021
  class GetObjectLegalHoldRequest < Struct.new(
4533
5022
  :bucket,
4534
5023
  :key,
4535
5024
  :version_id,
4536
- :request_payer)
5025
+ :request_payer,
5026
+ :expected_bucket_owner)
4537
5027
  SENSITIVE = []
4538
5028
  include Aws::Structure
4539
5029
  end
@@ -4555,16 +5045,37 @@ module Aws::S3
4555
5045
  #
4556
5046
  # {
4557
5047
  # bucket: "BucketName", # required
5048
+ # expected_bucket_owner: "AccountId",
4558
5049
  # }
4559
5050
  #
4560
5051
  # @!attribute [rw] bucket
4561
5052
  # The bucket whose Object Lock configuration you want to retrieve.
5053
+ #
5054
+ # When using this API with an access point, you must direct requests
5055
+ # to the access point hostname. The access point hostname takes the
5056
+ # form
5057
+ # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
5058
+ # When using this operation using an access point through the AWS
5059
+ # SDKs, you provide the access point ARN in place of the bucket name.
5060
+ # For more information about access point ARNs, see [Using Access
5061
+ # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
5062
+ #
5063
+ #
5064
+ #
5065
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
5066
+ # @return [String]
5067
+ #
5068
+ # @!attribute [rw] expected_bucket_owner
5069
+ # The account id of the expected bucket owner. If the bucket is owned
5070
+ # by a different account, the request will fail with an HTTP `403
5071
+ # (Access Denied)` error.
4562
5072
  # @return [String]
4563
5073
  #
4564
5074
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectLockConfigurationRequest AWS API Documentation
4565
5075
  #
4566
5076
  class GetObjectLockConfigurationRequest < Struct.new(
4567
- :bucket)
5077
+ :bucket,
5078
+ :expected_bucket_owner)
4568
5079
  SENSITIVE = []
4569
5080
  include Aws::Structure
4570
5081
  end
@@ -4788,6 +5299,7 @@ module Aws::S3
4788
5299
  # sse_customer_key_md5: "SSECustomerKeyMD5",
4789
5300
  # request_payer: "requester", # accepts requester
4790
5301
  # part_number: 1,
5302
+ # expected_bucket_owner: "AccountId",
4791
5303
  # }
4792
5304
  #
4793
5305
  # @!attribute [rw] bucket
@@ -4802,9 +5314,19 @@ module Aws::S3
4802
5314
  # For more information about access point ARNs, see [Using Access
4803
5315
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
4804
5316
  #
5317
+ # When using this API with Amazon S3 on Outposts, you must direct
5318
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
5319
+ # takes the form
5320
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
5321
+ # When using this operation using S3 on Outposts through the AWS SDKs,
5322
+ # you provide the Outposts bucket ARN in place of the bucket name. For
5323
+ # more information about S3 on Outposts ARNs, see [Using S3 on
5324
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
5325
+ #
4805
5326
  #
4806
5327
  #
4807
5328
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
5329
+ # [2]: https://docs.aws.amazon.com/
4808
5330
  # @return [String]
4809
5331
  #
4810
5332
  # @!attribute [rw] if_match
@@ -4884,7 +5406,7 @@ module Aws::S3
4884
5406
  # in encrypting data. This value is used to store the object and then
4885
5407
  # it is discarded; Amazon S3 does not store the encryption key. The
4886
5408
  # key must be appropriate for use with the algorithm specified in the
4887
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
5409
+ # `x-amz-server-side-encryption-customer-algorithm` header.
4888
5410
  # @return [String]
4889
5411
  #
4890
5412
  # @!attribute [rw] sse_customer_key_md5
@@ -4912,6 +5434,12 @@ module Aws::S3
4912
5434
  # object.
4913
5435
  # @return [Integer]
4914
5436
  #
5437
+ # @!attribute [rw] expected_bucket_owner
5438
+ # The account id of the expected bucket owner. If the bucket is owned
5439
+ # by a different account, the request will fail with an HTTP `403
5440
+ # (Access Denied)` error.
5441
+ # @return [String]
5442
+ #
4915
5443
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectRequest AWS API Documentation
4916
5444
  #
4917
5445
  class GetObjectRequest < Struct.new(
@@ -4933,7 +5461,8 @@ module Aws::S3
4933
5461
  :sse_customer_key,
4934
5462
  :sse_customer_key_md5,
4935
5463
  :request_payer,
4936
- :part_number)
5464
+ :part_number,
5465
+ :expected_bucket_owner)
4937
5466
  SENSITIVE = [:sse_customer_key]
4938
5467
  include Aws::Structure
4939
5468
  end
@@ -4958,6 +5487,7 @@ module Aws::S3
4958
5487
  # key: "ObjectKey", # required
4959
5488
  # version_id: "ObjectVersionId",
4960
5489
  # request_payer: "requester", # accepts requester
5490
+ # expected_bucket_owner: "AccountId",
4961
5491
  # }
4962
5492
  #
4963
5493
  # @!attribute [rw] bucket
@@ -5000,13 +5530,20 @@ module Aws::S3
5000
5530
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
5001
5531
  # @return [String]
5002
5532
  #
5533
+ # @!attribute [rw] expected_bucket_owner
5534
+ # The account id of the expected bucket owner. If the bucket is owned
5535
+ # by a different account, the request will fail with an HTTP `403
5536
+ # (Access Denied)` error.
5537
+ # @return [String]
5538
+ #
5003
5539
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectRetentionRequest AWS API Documentation
5004
5540
  #
5005
5541
  class GetObjectRetentionRequest < Struct.new(
5006
5542
  :bucket,
5007
5543
  :key,
5008
5544
  :version_id,
5009
- :request_payer)
5545
+ :request_payer,
5546
+ :expected_bucket_owner)
5010
5547
  SENSITIVE = []
5011
5548
  include Aws::Structure
5012
5549
  end
@@ -5036,6 +5573,7 @@ module Aws::S3
5036
5573
  # bucket: "BucketName", # required
5037
5574
  # key: "ObjectKey", # required
5038
5575
  # version_id: "ObjectVersionId",
5576
+ # expected_bucket_owner: "AccountId",
5039
5577
  # }
5040
5578
  #
5041
5579
  # @!attribute [rw] bucket
@@ -5051,9 +5589,19 @@ module Aws::S3
5051
5589
  # For more information about access point ARNs, see [Using Access
5052
5590
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
5053
5591
  #
5592
+ # When using this API with Amazon S3 on Outposts, you must direct
5593
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
5594
+ # takes the form
5595
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
5596
+ # When using this operation using S3 on Outposts through the AWS SDKs,
5597
+ # you provide the Outposts bucket ARN in place of the bucket name. For
5598
+ # more information about S3 on Outposts ARNs, see [Using S3 on
5599
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
5600
+ #
5054
5601
  #
5055
5602
  #
5056
5603
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
5604
+ # [2]: https://docs.aws.amazon.com/
5057
5605
  # @return [String]
5058
5606
  #
5059
5607
  # @!attribute [rw] key
@@ -5065,12 +5613,19 @@ module Aws::S3
5065
5613
  # information.
5066
5614
  # @return [String]
5067
5615
  #
5616
+ # @!attribute [rw] expected_bucket_owner
5617
+ # The account id of the expected bucket owner. If the bucket is owned
5618
+ # by a different account, the request will fail with an HTTP `403
5619
+ # (Access Denied)` error.
5620
+ # @return [String]
5621
+ #
5068
5622
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectTaggingRequest AWS API Documentation
5069
5623
  #
5070
5624
  class GetObjectTaggingRequest < Struct.new(
5071
5625
  :bucket,
5072
5626
  :key,
5073
- :version_id)
5627
+ :version_id,
5628
+ :expected_bucket_owner)
5074
5629
  SENSITIVE = []
5075
5630
  include Aws::Structure
5076
5631
  end
@@ -5100,6 +5655,7 @@ module Aws::S3
5100
5655
  # bucket: "BucketName", # required
5101
5656
  # key: "ObjectKey", # required
5102
5657
  # request_payer: "requester", # accepts requester
5658
+ # expected_bucket_owner: "AccountId",
5103
5659
  # }
5104
5660
  #
5105
5661
  # @!attribute [rw] bucket
@@ -5123,12 +5679,19 @@ module Aws::S3
5123
5679
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
5124
5680
  # @return [String]
5125
5681
  #
5682
+ # @!attribute [rw] expected_bucket_owner
5683
+ # The account id of the expected bucket owner. If the bucket is owned
5684
+ # by a different account, the request will fail with an HTTP `403
5685
+ # (Access Denied)` error.
5686
+ # @return [String]
5687
+ #
5126
5688
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectTorrentRequest AWS API Documentation
5127
5689
  #
5128
5690
  class GetObjectTorrentRequest < Struct.new(
5129
5691
  :bucket,
5130
5692
  :key,
5131
- :request_payer)
5693
+ :request_payer,
5694
+ :expected_bucket_owner)
5132
5695
  SENSITIVE = []
5133
5696
  include Aws::Structure
5134
5697
  end
@@ -5151,6 +5714,7 @@ module Aws::S3
5151
5714
  #
5152
5715
  # {
5153
5716
  # bucket: "BucketName", # required
5717
+ # expected_bucket_owner: "AccountId",
5154
5718
  # }
5155
5719
  #
5156
5720
  # @!attribute [rw] bucket
@@ -5158,10 +5722,17 @@ module Aws::S3
5158
5722
  # configuration you want to retrieve.
5159
5723
  # @return [String]
5160
5724
  #
5725
+ # @!attribute [rw] expected_bucket_owner
5726
+ # The account id of the expected bucket owner. If the bucket is owned
5727
+ # by a different account, the request will fail with an HTTP `403
5728
+ # (Access Denied)` error.
5729
+ # @return [String]
5730
+ #
5161
5731
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetPublicAccessBlockRequest AWS API Documentation
5162
5732
  #
5163
5733
  class GetPublicAccessBlockRequest < Struct.new(
5164
- :bucket)
5734
+ :bucket,
5735
+ :expected_bucket_owner)
5165
5736
  SENSITIVE = []
5166
5737
  include Aws::Structure
5167
5738
  end
@@ -5298,16 +5869,47 @@ module Aws::S3
5298
5869
  #
5299
5870
  # {
5300
5871
  # bucket: "BucketName", # required
5872
+ # expected_bucket_owner: "AccountId",
5301
5873
  # }
5302
5874
  #
5303
5875
  # @!attribute [rw] bucket
5304
5876
  # The bucket name.
5877
+ #
5878
+ # When using this API with an access point, you must direct requests
5879
+ # to the access point hostname. The access point hostname takes the
5880
+ # form
5881
+ # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
5882
+ # When using this operation using an access point through the AWS
5883
+ # SDKs, you provide the access point ARN in place of the bucket name.
5884
+ # For more information about access point ARNs, see [Using Access
5885
+ # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
5886
+ #
5887
+ # When using this API with Amazon S3 on Outposts, you must direct
5888
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
5889
+ # takes the form
5890
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
5891
+ # When using this operation using S3 on Outposts through the AWS SDKs,
5892
+ # you provide the Outposts bucket ARN in place of the bucket name. For
5893
+ # more information about S3 on Outposts ARNs, see [Using S3 on
5894
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
5895
+ #
5896
+ #
5897
+ #
5898
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
5899
+ # [2]: https://docs.aws.amazon.com/
5900
+ # @return [String]
5901
+ #
5902
+ # @!attribute [rw] expected_bucket_owner
5903
+ # The account id of the expected bucket owner. If the bucket is owned
5904
+ # by a different account, the request will fail with an HTTP `403
5905
+ # (Access Denied)` error.
5305
5906
  # @return [String]
5306
5907
  #
5307
5908
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/HeadBucketRequest AWS API Documentation
5308
5909
  #
5309
5910
  class HeadBucketRequest < Struct.new(
5310
- :bucket)
5911
+ :bucket,
5912
+ :expected_bucket_owner)
5311
5913
  SENSITIVE = []
5312
5914
  include Aws::Structure
5313
5915
  end
@@ -5332,8 +5934,8 @@ module Aws::S3
5332
5934
  # @!attribute [rw] restore
5333
5935
  # If the object is an archived object (an object whose storage class
5334
5936
  # is GLACIER), the response includes this header if either the archive
5335
- # restoration is in progress (see RestoreObject or an archive copy is
5336
- # already restored.
5937
+ # restoration is in progress (see [RestoreObject][1] or an archive
5938
+ # copy is already restored.
5337
5939
  #
5338
5940
  # If an archive copy is already restored, the header value indicates
5339
5941
  # when Amazon S3 is scheduled to delete the object copy. For example:
@@ -5345,11 +5947,12 @@ module Aws::S3
5345
5947
  # value `ongoing-request="true"`.
5346
5948
  #
5347
5949
  # For more information about archiving objects, see [Transitioning
5348
- # Objects: General Considerations][1].
5950
+ # Objects: General Considerations][2].
5349
5951
  #
5350
5952
  #
5351
5953
  #
5352
- # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations
5954
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html
5955
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations
5353
5956
  # @return [String]
5354
5957
  #
5355
5958
  # @!attribute [rw] last_modified
@@ -5583,10 +6186,34 @@ module Aws::S3
5583
6186
  # sse_customer_key_md5: "SSECustomerKeyMD5",
5584
6187
  # request_payer: "requester", # accepts requester
5585
6188
  # part_number: 1,
6189
+ # expected_bucket_owner: "AccountId",
5586
6190
  # }
5587
6191
  #
5588
6192
  # @!attribute [rw] bucket
5589
6193
  # The name of the bucket containing the object.
6194
+ #
6195
+ # When using this API with an access point, you must direct requests
6196
+ # to the access point hostname. The access point hostname takes the
6197
+ # form
6198
+ # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
6199
+ # When using this operation using an access point through the AWS
6200
+ # SDKs, you provide the access point ARN in place of the bucket name.
6201
+ # For more information about access point ARNs, see [Using Access
6202
+ # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
6203
+ #
6204
+ # When using this API with Amazon S3 on Outposts, you must direct
6205
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
6206
+ # takes the form
6207
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
6208
+ # When using this operation using S3 on Outposts through the AWS SDKs,
6209
+ # you provide the Outposts bucket ARN in place of the bucket name. For
6210
+ # more information about S3 on Outposts ARNs, see [Using S3 on
6211
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
6212
+ #
6213
+ #
6214
+ #
6215
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
6216
+ # [2]: https://docs.aws.amazon.com/
5590
6217
  # @return [String]
5591
6218
  #
5592
6219
  # @!attribute [rw] if_match
@@ -5638,7 +6265,7 @@ module Aws::S3
5638
6265
  # in encrypting data. This value is used to store the object and then
5639
6266
  # it is discarded; Amazon S3 does not store the encryption key. The
5640
6267
  # key must be appropriate for use with the algorithm specified in the
5641
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
6268
+ # `x-amz-server-side-encryption-customer-algorithm` header.
5642
6269
  # @return [String]
5643
6270
  #
5644
6271
  # @!attribute [rw] sse_customer_key_md5
@@ -5666,6 +6293,12 @@ module Aws::S3
5666
6293
  # and the number of parts in this object.
5667
6294
  # @return [Integer]
5668
6295
  #
6296
+ # @!attribute [rw] expected_bucket_owner
6297
+ # The account id of the expected bucket owner. If the bucket is owned
6298
+ # by a different account, the request will fail with an HTTP `403
6299
+ # (Access Denied)` error.
6300
+ # @return [String]
6301
+ #
5669
6302
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/HeadObjectRequest AWS API Documentation
5670
6303
  #
5671
6304
  class HeadObjectRequest < Struct.new(
@@ -5681,7 +6314,8 @@ module Aws::S3
5681
6314
  :sse_customer_key,
5682
6315
  :sse_customer_key_md5,
5683
6316
  :request_payer,
5684
- :part_number)
6317
+ :part_number,
6318
+ :expected_bucket_owner)
5685
6319
  SENSITIVE = [:sse_customer_key]
5686
6320
  include Aws::Structure
5687
6321
  end
@@ -6486,6 +7120,7 @@ module Aws::S3
6486
7120
  # {
6487
7121
  # bucket: "BucketName", # required
6488
7122
  # continuation_token: "Token",
7123
+ # expected_bucket_owner: "AccountId",
6489
7124
  # }
6490
7125
  #
6491
7126
  # @!attribute [rw] bucket
@@ -6498,11 +7133,18 @@ module Aws::S3
6498
7133
  # request should begin.
6499
7134
  # @return [String]
6500
7135
  #
7136
+ # @!attribute [rw] expected_bucket_owner
7137
+ # The account id of the expected bucket owner. If the bucket is owned
7138
+ # by a different account, the request will fail with an HTTP `403
7139
+ # (Access Denied)` error.
7140
+ # @return [String]
7141
+ #
6501
7142
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListBucketAnalyticsConfigurationsRequest AWS API Documentation
6502
7143
  #
6503
7144
  class ListBucketAnalyticsConfigurationsRequest < Struct.new(
6504
7145
  :bucket,
6505
- :continuation_token)
7146
+ :continuation_token,
7147
+ :expected_bucket_owner)
6506
7148
  SENSITIVE = []
6507
7149
  include Aws::Structure
6508
7150
  end
@@ -6546,6 +7188,7 @@ module Aws::S3
6546
7188
  # {
6547
7189
  # bucket: "BucketName", # required
6548
7190
  # continuation_token: "Token",
7191
+ # expected_bucket_owner: "AccountId",
6549
7192
  # }
6550
7193
  #
6551
7194
  # @!attribute [rw] bucket
@@ -6560,11 +7203,18 @@ module Aws::S3
6560
7203
  # token is an opaque value that Amazon S3 understands.
6561
7204
  # @return [String]
6562
7205
  #
7206
+ # @!attribute [rw] expected_bucket_owner
7207
+ # The account id of the expected bucket owner. If the bucket is owned
7208
+ # by a different account, the request will fail with an HTTP `403
7209
+ # (Access Denied)` error.
7210
+ # @return [String]
7211
+ #
6563
7212
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListBucketInventoryConfigurationsRequest AWS API Documentation
6564
7213
  #
6565
7214
  class ListBucketInventoryConfigurationsRequest < Struct.new(
6566
7215
  :bucket,
6567
- :continuation_token)
7216
+ :continuation_token,
7217
+ :expected_bucket_owner)
6568
7218
  SENSITIVE = []
6569
7219
  include Aws::Structure
6570
7220
  end
@@ -6610,6 +7260,7 @@ module Aws::S3
6610
7260
  # {
6611
7261
  # bucket: "BucketName", # required
6612
7262
  # continuation_token: "Token",
7263
+ # expected_bucket_owner: "AccountId",
6613
7264
  # }
6614
7265
  #
6615
7266
  # @!attribute [rw] bucket
@@ -6624,11 +7275,18 @@ module Aws::S3
6624
7275
  # continuation token is an opaque value that Amazon S3 understands.
6625
7276
  # @return [String]
6626
7277
  #
7278
+ # @!attribute [rw] expected_bucket_owner
7279
+ # The account id of the expected bucket owner. If the bucket is owned
7280
+ # by a different account, the request will fail with an HTTP `403
7281
+ # (Access Denied)` error.
7282
+ # @return [String]
7283
+ #
6627
7284
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListBucketMetricsConfigurationsRequest AWS API Documentation
6628
7285
  #
6629
7286
  class ListBucketMetricsConfigurationsRequest < Struct.new(
6630
7287
  :bucket,
6631
- :continuation_token)
7288
+ :continuation_token,
7289
+ :expected_bucket_owner)
6632
7290
  SENSITIVE = []
6633
7291
  include Aws::Structure
6634
7292
  end
@@ -6651,7 +7309,7 @@ module Aws::S3
6651
7309
  end
6652
7310
 
6653
7311
  # @!attribute [rw] bucket
6654
- # Name of the bucket to which the multipart upload was initiated.
7312
+ # The name of the bucket to which the multipart upload was initiated.
6655
7313
  # @return [String]
6656
7314
  #
6657
7315
  # @!attribute [rw] key_marker
@@ -6751,10 +7409,11 @@ module Aws::S3
6751
7409
  # max_uploads: 1,
6752
7410
  # prefix: "Prefix",
6753
7411
  # upload_id_marker: "UploadIdMarker",
7412
+ # expected_bucket_owner: "AccountId",
6754
7413
  # }
6755
7414
  #
6756
7415
  # @!attribute [rw] bucket
6757
- # Name of the bucket to which the multipart upload was initiated.
7416
+ # The name of the bucket to which the multipart upload was initiated.
6758
7417
  #
6759
7418
  # When using this API with an access point, you must direct requests
6760
7419
  # to the access point hostname. The access point hostname takes the
@@ -6765,9 +7424,19 @@ module Aws::S3
6765
7424
  # For more information about access point ARNs, see [Using Access
6766
7425
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
6767
7426
  #
7427
+ # When using this API with Amazon S3 on Outposts, you must direct
7428
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
7429
+ # takes the form
7430
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
7431
+ # When using this operation using S3 on Outposts through the AWS SDKs,
7432
+ # you provide the Outposts bucket ARN in place of the bucket name. For
7433
+ # more information about S3 on Outposts ARNs, see [Using S3 on
7434
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
7435
+ #
6768
7436
  #
6769
7437
  #
6770
7438
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
7439
+ # [2]: https://docs.aws.amazon.com/
6771
7440
  # @return [String]
6772
7441
  #
6773
7442
  # @!attribute [rw] delimiter
@@ -6827,6 +7496,12 @@ module Aws::S3
6827
7496
  # the specified `upload-id-marker`.
6828
7497
  # @return [String]
6829
7498
  #
7499
+ # @!attribute [rw] expected_bucket_owner
7500
+ # The account id of the expected bucket owner. If the bucket is owned
7501
+ # by a different account, the request will fail with an HTTP `403
7502
+ # (Access Denied)` error.
7503
+ # @return [String]
7504
+ #
6830
7505
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListMultipartUploadsRequest AWS API Documentation
6831
7506
  #
6832
7507
  class ListMultipartUploadsRequest < Struct.new(
@@ -6836,7 +7511,8 @@ module Aws::S3
6836
7511
  :key_marker,
6837
7512
  :max_uploads,
6838
7513
  :prefix,
6839
- :upload_id_marker)
7514
+ :upload_id_marker,
7515
+ :expected_bucket_owner)
6840
7516
  SENSITIVE = []
6841
7517
  include Aws::Structure
6842
7518
  end
@@ -6880,7 +7556,7 @@ module Aws::S3
6880
7556
  # @return [Array<Types::DeleteMarkerEntry>]
6881
7557
  #
6882
7558
  # @!attribute [rw] name
6883
- # Bucket name.
7559
+ # The bucket name.
6884
7560
  # @return [String]
6885
7561
  #
6886
7562
  # @!attribute [rw] prefix
@@ -6948,23 +7624,11 @@ module Aws::S3
6948
7624
  # max_keys: 1,
6949
7625
  # prefix: "Prefix",
6950
7626
  # version_id_marker: "VersionIdMarker",
7627
+ # expected_bucket_owner: "AccountId",
6951
7628
  # }
6952
7629
  #
6953
7630
  # @!attribute [rw] bucket
6954
7631
  # The bucket name that contains the objects.
6955
- #
6956
- # When using this API with an access point, you must direct requests
6957
- # to the access point hostname. The access point hostname takes the
6958
- # form
6959
- # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
6960
- # When using this operation using an access point through the AWS
6961
- # SDKs, you provide the access point ARN in place of the bucket name.
6962
- # For more information about access point ARNs, see [Using Access
6963
- # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
6964
- #
6965
- #
6966
- #
6967
- # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
6968
7632
  # @return [String]
6969
7633
  #
6970
7634
  # @!attribute [rw] delimiter
@@ -7012,6 +7676,12 @@ module Aws::S3
7012
7676
  # Specifies the object version you want to start listing from.
7013
7677
  # @return [String]
7014
7678
  #
7679
+ # @!attribute [rw] expected_bucket_owner
7680
+ # The account id of the expected bucket owner. If the bucket is owned
7681
+ # by a different account, the request will fail with an HTTP `403
7682
+ # (Access Denied)` error.
7683
+ # @return [String]
7684
+ #
7015
7685
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjectVersionsRequest AWS API Documentation
7016
7686
  #
7017
7687
  class ListObjectVersionsRequest < Struct.new(
@@ -7021,7 +7691,8 @@ module Aws::S3
7021
7691
  :key_marker,
7022
7692
  :max_keys,
7023
7693
  :prefix,
7024
- :version_id_marker)
7694
+ :version_id_marker,
7695
+ :expected_bucket_owner)
7025
7696
  SENSITIVE = []
7026
7697
  include Aws::Structure
7027
7698
  end
@@ -7052,7 +7723,7 @@ module Aws::S3
7052
7723
  # @return [Array<Types::Object>]
7053
7724
  #
7054
7725
  # @!attribute [rw] name
7055
- # Bucket name.
7726
+ # The bucket name.
7056
7727
  # @return [String]
7057
7728
  #
7058
7729
  # @!attribute [rw] prefix
@@ -7123,10 +7794,34 @@ module Aws::S3
7123
7794
  # max_keys: 1,
7124
7795
  # prefix: "Prefix",
7125
7796
  # request_payer: "requester", # accepts requester
7797
+ # expected_bucket_owner: "AccountId",
7126
7798
  # }
7127
7799
  #
7128
7800
  # @!attribute [rw] bucket
7129
7801
  # The name of the bucket containing the objects.
7802
+ #
7803
+ # When using this API with an access point, you must direct requests
7804
+ # to the access point hostname. The access point hostname takes the
7805
+ # form
7806
+ # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
7807
+ # When using this operation using an access point through the AWS
7808
+ # SDKs, you provide the access point ARN in place of the bucket name.
7809
+ # For more information about access point ARNs, see [Using Access
7810
+ # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
7811
+ #
7812
+ # When using this API with Amazon S3 on Outposts, you must direct
7813
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
7814
+ # takes the form
7815
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
7816
+ # When using this operation using S3 on Outposts through the AWS SDKs,
7817
+ # you provide the Outposts bucket ARN in place of the bucket name. For
7818
+ # more information about S3 on Outposts ARNs, see [Using S3 on
7819
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
7820
+ #
7821
+ #
7822
+ #
7823
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
7824
+ # [2]: https://docs.aws.amazon.com/
7130
7825
  # @return [String]
7131
7826
  #
7132
7827
  # @!attribute [rw] delimiter
@@ -7162,6 +7857,12 @@ module Aws::S3
7162
7857
  # parameter in their requests.
7163
7858
  # @return [String]
7164
7859
  #
7860
+ # @!attribute [rw] expected_bucket_owner
7861
+ # The account id of the expected bucket owner. If the bucket is owned
7862
+ # by a different account, the request will fail with an HTTP `403
7863
+ # (Access Denied)` error.
7864
+ # @return [String]
7865
+ #
7165
7866
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjectsRequest AWS API Documentation
7166
7867
  #
7167
7868
  class ListObjectsRequest < Struct.new(
@@ -7171,7 +7872,8 @@ module Aws::S3
7171
7872
  :marker,
7172
7873
  :max_keys,
7173
7874
  :prefix,
7174
- :request_payer)
7875
+ :request_payer,
7876
+ :expected_bucket_owner)
7175
7877
  SENSITIVE = []
7176
7878
  include Aws::Structure
7177
7879
  end
@@ -7187,7 +7889,7 @@ module Aws::S3
7187
7889
  # @return [Array<Types::Object>]
7188
7890
  #
7189
7891
  # @!attribute [rw] name
7190
- # Bucket name.
7892
+ # The bucket name.
7191
7893
  #
7192
7894
  # When using this API with an access point, you must direct requests
7193
7895
  # to the access point hostname. The access point hostname takes the
@@ -7198,9 +7900,19 @@ module Aws::S3
7198
7900
  # For more information about access point ARNs, see [Using Access
7199
7901
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
7200
7902
  #
7903
+ # When using this API with Amazon S3 on Outposts, you must direct
7904
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
7905
+ # takes the form
7906
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
7907
+ # When using this operation using S3 on Outposts through the AWS SDKs,
7908
+ # you provide the Outposts bucket ARN in place of the bucket name. For
7909
+ # more information about S3 on Outposts ARNs, see [Using S3 on
7910
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
7911
+ #
7201
7912
  #
7202
7913
  #
7203
7914
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
7915
+ # [2]: https://docs.aws.amazon.com/
7204
7916
  # @return [String]
7205
7917
  #
7206
7918
  # @!attribute [rw] prefix
@@ -7308,6 +8020,7 @@ module Aws::S3
7308
8020
  # fetch_owner: false,
7309
8021
  # start_after: "StartAfter",
7310
8022
  # request_payer: "requester", # accepts requester
8023
+ # expected_bucket_owner: "AccountId",
7311
8024
  # }
7312
8025
  #
7313
8026
  # @!attribute [rw] bucket
@@ -7322,9 +8035,19 @@ module Aws::S3
7322
8035
  # For more information about access point ARNs, see [Using Access
7323
8036
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
7324
8037
  #
8038
+ # When using this API with Amazon S3 on Outposts, you must direct
8039
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
8040
+ # takes the form
8041
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
8042
+ # When using this operation using S3 on Outposts through the AWS SDKs,
8043
+ # you provide the Outposts bucket ARN in place of the bucket name. For
8044
+ # more information about S3 on Outposts ARNs, see [Using S3 on
8045
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
8046
+ #
7325
8047
  #
7326
8048
  #
7327
8049
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
8050
+ # [2]: https://docs.aws.amazon.com/
7328
8051
  # @return [String]
7329
8052
  #
7330
8053
  # @!attribute [rw] delimiter
@@ -7370,6 +8093,12 @@ module Aws::S3
7370
8093
  # this parameter in their requests.
7371
8094
  # @return [String]
7372
8095
  #
8096
+ # @!attribute [rw] expected_bucket_owner
8097
+ # The account id of the expected bucket owner. If the bucket is owned
8098
+ # by a different account, the request will fail with an HTTP `403
8099
+ # (Access Denied)` error.
8100
+ # @return [String]
8101
+ #
7373
8102
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjectsV2Request AWS API Documentation
7374
8103
  #
7375
8104
  class ListObjectsV2Request < Struct.new(
@@ -7381,7 +8110,8 @@ module Aws::S3
7381
8110
  :continuation_token,
7382
8111
  :fetch_owner,
7383
8112
  :start_after,
7384
- :request_payer)
8113
+ :request_payer,
8114
+ :expected_bucket_owner)
7385
8115
  SENSITIVE = []
7386
8116
  include Aws::Structure
7387
8117
  end
@@ -7411,7 +8141,7 @@ module Aws::S3
7411
8141
  # @return [String]
7412
8142
  #
7413
8143
  # @!attribute [rw] bucket
7414
- # Name of the bucket to which the multipart upload was initiated.
8144
+ # The name of the bucket to which the multipart upload was initiated.
7415
8145
  # @return [String]
7416
8146
  #
7417
8147
  # @!attribute [rw] key
@@ -7505,10 +8235,11 @@ module Aws::S3
7505
8235
  # part_number_marker: 1,
7506
8236
  # upload_id: "MultipartUploadId", # required
7507
8237
  # request_payer: "requester", # accepts requester
8238
+ # expected_bucket_owner: "AccountId",
7508
8239
  # }
7509
8240
  #
7510
8241
  # @!attribute [rw] bucket
7511
- # Name of the bucket to which the parts are being uploaded.
8242
+ # The name of the bucket to which the parts are being uploaded.
7512
8243
  #
7513
8244
  # When using this API with an access point, you must direct requests
7514
8245
  # to the access point hostname. The access point hostname takes the
@@ -7519,9 +8250,19 @@ module Aws::S3
7519
8250
  # For more information about access point ARNs, see [Using Access
7520
8251
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
7521
8252
  #
8253
+ # When using this API with Amazon S3 on Outposts, you must direct
8254
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
8255
+ # takes the form
8256
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
8257
+ # When using this operation using S3 on Outposts through the AWS SDKs,
8258
+ # you provide the Outposts bucket ARN in place of the bucket name. For
8259
+ # more information about S3 on Outposts ARNs, see [Using S3 on
8260
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
8261
+ #
7522
8262
  #
7523
8263
  #
7524
8264
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
8265
+ # [2]: https://docs.aws.amazon.com/
7525
8266
  # @return [String]
7526
8267
  #
7527
8268
  # @!attribute [rw] key
@@ -7554,6 +8295,12 @@ module Aws::S3
7554
8295
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
7555
8296
  # @return [String]
7556
8297
  #
8298
+ # @!attribute [rw] expected_bucket_owner
8299
+ # The account id of the expected bucket owner. If the bucket is owned
8300
+ # by a different account, the request will fail with an HTTP `403
8301
+ # (Access Denied)` error.
8302
+ # @return [String]
8303
+ #
7557
8304
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListPartsRequest AWS API Documentation
7558
8305
  #
7559
8306
  class ListPartsRequest < Struct.new(
@@ -7562,7 +8309,8 @@ module Aws::S3
7562
8309
  :max_parts,
7563
8310
  :part_number_marker,
7564
8311
  :upload_id,
7565
- :request_payer)
8312
+ :request_payer,
8313
+ :expected_bucket_owner)
7566
8314
  SENSITIVE = []
7567
8315
  include Aws::Structure
7568
8316
  end
@@ -8425,7 +9173,7 @@ module Aws::S3
8425
9173
  # value: "MetadataValue",
8426
9174
  # },
8427
9175
  # ],
8428
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
9176
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
8429
9177
  # },
8430
9178
  # }
8431
9179
  #
@@ -8682,21 +9430,30 @@ module Aws::S3
8682
9430
  # accelerate_configuration: { # required
8683
9431
  # status: "Enabled", # accepts Enabled, Suspended
8684
9432
  # },
9433
+ # expected_bucket_owner: "AccountId",
8685
9434
  # }
8686
9435
  #
8687
9436
  # @!attribute [rw] bucket
8688
- # Name of the bucket for which the accelerate configuration is set.
9437
+ # The name of the bucket for which the accelerate configuration is
9438
+ # set.
8689
9439
  # @return [String]
8690
9440
  #
8691
9441
  # @!attribute [rw] accelerate_configuration
8692
9442
  # Container for setting the transfer acceleration state.
8693
9443
  # @return [Types::AccelerateConfiguration]
8694
9444
  #
9445
+ # @!attribute [rw] expected_bucket_owner
9446
+ # The account id of the expected bucket owner. If the bucket is owned
9447
+ # by a different account, the request will fail with an HTTP `403
9448
+ # (Access Denied)` error.
9449
+ # @return [String]
9450
+ #
8695
9451
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketAccelerateConfigurationRequest AWS API Documentation
8696
9452
  #
8697
9453
  class PutBucketAccelerateConfigurationRequest < Struct.new(
8698
9454
  :bucket,
8699
- :accelerate_configuration)
9455
+ :accelerate_configuration,
9456
+ :expected_bucket_owner)
8700
9457
  SENSITIVE = []
8701
9458
  include Aws::Structure
8702
9459
  end
@@ -8731,6 +9488,7 @@ module Aws::S3
8731
9488
  # grant_read_acp: "GrantReadACP",
8732
9489
  # grant_write: "GrantWrite",
8733
9490
  # grant_write_acp: "GrantWriteACP",
9491
+ # expected_bucket_owner: "AccountId",
8734
9492
  # }
8735
9493
  #
8736
9494
  # @!attribute [rw] acl
@@ -8779,6 +9537,12 @@ module Aws::S3
8779
9537
  # Allows grantee to write the ACL for the applicable bucket.
8780
9538
  # @return [String]
8781
9539
  #
9540
+ # @!attribute [rw] expected_bucket_owner
9541
+ # The account id of the expected bucket owner. If the bucket is owned
9542
+ # by a different account, the request will fail with an HTTP `403
9543
+ # (Access Denied)` error.
9544
+ # @return [String]
9545
+ #
8782
9546
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketAclRequest AWS API Documentation
8783
9547
  #
8784
9548
  class PutBucketAclRequest < Struct.new(
@@ -8790,7 +9554,8 @@ module Aws::S3
8790
9554
  :grant_read,
8791
9555
  :grant_read_acp,
8792
9556
  :grant_write,
8793
- :grant_write_acp)
9557
+ :grant_write_acp,
9558
+ :expected_bucket_owner)
8794
9559
  SENSITIVE = []
8795
9560
  include Aws::Structure
8796
9561
  end
@@ -8833,6 +9598,7 @@ module Aws::S3
8833
9598
  # },
8834
9599
  # },
8835
9600
  # },
9601
+ # expected_bucket_owner: "AccountId",
8836
9602
  # }
8837
9603
  #
8838
9604
  # @!attribute [rw] bucket
@@ -8848,12 +9614,19 @@ module Aws::S3
8848
9614
  # The configuration and any analyses for the analytics filter.
8849
9615
  # @return [Types::AnalyticsConfiguration]
8850
9616
  #
9617
+ # @!attribute [rw] expected_bucket_owner
9618
+ # The account id of the expected bucket owner. If the bucket is owned
9619
+ # by a different account, the request will fail with an HTTP `403
9620
+ # (Access Denied)` error.
9621
+ # @return [String]
9622
+ #
8851
9623
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketAnalyticsConfigurationRequest AWS API Documentation
8852
9624
  #
8853
9625
  class PutBucketAnalyticsConfigurationRequest < Struct.new(
8854
9626
  :bucket,
8855
9627
  :id,
8856
- :analytics_configuration)
9628
+ :analytics_configuration,
9629
+ :expected_bucket_owner)
8857
9630
  SENSITIVE = []
8858
9631
  include Aws::Structure
8859
9632
  end
@@ -8875,6 +9648,7 @@ module Aws::S3
8875
9648
  # ],
8876
9649
  # },
8877
9650
  # content_md5: "ContentMD5",
9651
+ # expected_bucket_owner: "AccountId",
8878
9652
  # }
8879
9653
  #
8880
9654
  # @!attribute [rw] bucket
@@ -8903,12 +9677,19 @@ module Aws::S3
8903
9677
  # [1]: http://www.ietf.org/rfc/rfc1864.txt
8904
9678
  # @return [String]
8905
9679
  #
9680
+ # @!attribute [rw] expected_bucket_owner
9681
+ # The account id of the expected bucket owner. If the bucket is owned
9682
+ # by a different account, the request will fail with an HTTP `403
9683
+ # (Access Denied)` error.
9684
+ # @return [String]
9685
+ #
8906
9686
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketCorsRequest AWS API Documentation
8907
9687
  #
8908
9688
  class PutBucketCorsRequest < Struct.new(
8909
9689
  :bucket,
8910
9690
  :cors_configuration,
8911
- :content_md5)
9691
+ :content_md5,
9692
+ :expected_bucket_owner)
8912
9693
  SENSITIVE = []
8913
9694
  include Aws::Structure
8914
9695
  end
@@ -8929,6 +9710,7 @@ module Aws::S3
8929
9710
  # },
8930
9711
  # ],
8931
9712
  # },
9713
+ # expected_bucket_owner: "AccountId",
8932
9714
  # }
8933
9715
  #
8934
9716
  # @!attribute [rw] bucket
@@ -8954,12 +9736,19 @@ module Aws::S3
8954
9736
  # Specifies the default server-side-encryption configuration.
8955
9737
  # @return [Types::ServerSideEncryptionConfiguration]
8956
9738
  #
9739
+ # @!attribute [rw] expected_bucket_owner
9740
+ # The account id of the expected bucket owner. If the bucket is owned
9741
+ # by a different account, the request will fail with an HTTP `403
9742
+ # (Access Denied)` error.
9743
+ # @return [String]
9744
+ #
8957
9745
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketEncryptionRequest AWS API Documentation
8958
9746
  #
8959
9747
  class PutBucketEncryptionRequest < Struct.new(
8960
9748
  :bucket,
8961
9749
  :content_md5,
8962
- :server_side_encryption_configuration)
9750
+ :server_side_encryption_configuration,
9751
+ :expected_bucket_owner)
8963
9752
  SENSITIVE = []
8964
9753
  include Aws::Structure
8965
9754
  end
@@ -8997,6 +9786,7 @@ module Aws::S3
8997
9786
  # frequency: "Daily", # required, accepts Daily, Weekly
8998
9787
  # },
8999
9788
  # },
9789
+ # expected_bucket_owner: "AccountId",
9000
9790
  # }
9001
9791
  #
9002
9792
  # @!attribute [rw] bucket
@@ -9012,12 +9802,19 @@ module Aws::S3
9012
9802
  # Specifies the inventory configuration.
9013
9803
  # @return [Types::InventoryConfiguration]
9014
9804
  #
9805
+ # @!attribute [rw] expected_bucket_owner
9806
+ # The account id of the expected bucket owner. If the bucket is owned
9807
+ # by a different account, the request will fail with an HTTP `403
9808
+ # (Access Denied)` error.
9809
+ # @return [String]
9810
+ #
9015
9811
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketInventoryConfigurationRequest AWS API Documentation
9016
9812
  #
9017
9813
  class PutBucketInventoryConfigurationRequest < Struct.new(
9018
9814
  :bucket,
9019
9815
  :id,
9020
- :inventory_configuration)
9816
+ :inventory_configuration,
9817
+ :expected_bucket_owner)
9021
9818
  SENSITIVE = []
9022
9819
  include Aws::Structure
9023
9820
  end
@@ -9076,6 +9873,7 @@ module Aws::S3
9076
9873
  # },
9077
9874
  # ],
9078
9875
  # },
9876
+ # expected_bucket_owner: "AccountId",
9079
9877
  # }
9080
9878
  #
9081
9879
  # @!attribute [rw] bucket
@@ -9086,11 +9884,18 @@ module Aws::S3
9086
9884
  # Container for lifecycle rules. You can add as many as 1,000 rules.
9087
9885
  # @return [Types::BucketLifecycleConfiguration]
9088
9886
  #
9887
+ # @!attribute [rw] expected_bucket_owner
9888
+ # The account id of the expected bucket owner. If the bucket is owned
9889
+ # by a different account, the request will fail with an HTTP `403
9890
+ # (Access Denied)` error.
9891
+ # @return [String]
9892
+ #
9089
9893
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketLifecycleConfigurationRequest AWS API Documentation
9090
9894
  #
9091
9895
  class PutBucketLifecycleConfigurationRequest < Struct.new(
9092
9896
  :bucket,
9093
- :lifecycle_configuration)
9897
+ :lifecycle_configuration,
9898
+ :expected_bucket_owner)
9094
9899
  SENSITIVE = []
9095
9900
  include Aws::Structure
9096
9901
  end
@@ -9130,6 +9935,7 @@ module Aws::S3
9130
9935
  # },
9131
9936
  # ],
9132
9937
  # },
9938
+ # expected_bucket_owner: "AccountId",
9133
9939
  # }
9134
9940
  #
9135
9941
  # @!attribute [rw] bucket
@@ -9141,12 +9947,19 @@ module Aws::S3
9141
9947
  # @!attribute [rw] lifecycle_configuration
9142
9948
  # @return [Types::LifecycleConfiguration]
9143
9949
  #
9950
+ # @!attribute [rw] expected_bucket_owner
9951
+ # The account id of the expected bucket owner. If the bucket is owned
9952
+ # by a different account, the request will fail with an HTTP `403
9953
+ # (Access Denied)` error.
9954
+ # @return [String]
9955
+ #
9144
9956
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketLifecycleRequest AWS API Documentation
9145
9957
  #
9146
9958
  class PutBucketLifecycleRequest < Struct.new(
9147
9959
  :bucket,
9148
9960
  :content_md5,
9149
- :lifecycle_configuration)
9961
+ :lifecycle_configuration,
9962
+ :expected_bucket_owner)
9150
9963
  SENSITIVE = []
9151
9964
  include Aws::Structure
9152
9965
  end
@@ -9175,6 +9988,7 @@ module Aws::S3
9175
9988
  # },
9176
9989
  # },
9177
9990
  # content_md5: "ContentMD5",
9991
+ # expected_bucket_owner: "AccountId",
9178
9992
  # }
9179
9993
  #
9180
9994
  # @!attribute [rw] bucket
@@ -9189,12 +10003,19 @@ module Aws::S3
9189
10003
  # The MD5 hash of the `PutBucketLogging` request body.
9190
10004
  # @return [String]
9191
10005
  #
10006
+ # @!attribute [rw] expected_bucket_owner
10007
+ # The account id of the expected bucket owner. If the bucket is owned
10008
+ # by a different account, the request will fail with an HTTP `403
10009
+ # (Access Denied)` error.
10010
+ # @return [String]
10011
+ #
9192
10012
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketLoggingRequest AWS API Documentation
9193
10013
  #
9194
10014
  class PutBucketLoggingRequest < Struct.new(
9195
10015
  :bucket,
9196
10016
  :bucket_logging_status,
9197
- :content_md5)
10017
+ :content_md5,
10018
+ :expected_bucket_owner)
9198
10019
  SENSITIVE = []
9199
10020
  include Aws::Structure
9200
10021
  end
@@ -9224,6 +10045,7 @@ module Aws::S3
9224
10045
  # },
9225
10046
  # },
9226
10047
  # },
10048
+ # expected_bucket_owner: "AccountId",
9227
10049
  # }
9228
10050
  #
9229
10051
  # @!attribute [rw] bucket
@@ -9238,12 +10060,19 @@ module Aws::S3
9238
10060
  # Specifies the metrics configuration.
9239
10061
  # @return [Types::MetricsConfiguration]
9240
10062
  #
10063
+ # @!attribute [rw] expected_bucket_owner
10064
+ # The account id of the expected bucket owner. If the bucket is owned
10065
+ # by a different account, the request will fail with an HTTP `403
10066
+ # (Access Denied)` error.
10067
+ # @return [String]
10068
+ #
9241
10069
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketMetricsConfigurationRequest AWS API Documentation
9242
10070
  #
9243
10071
  class PutBucketMetricsConfigurationRequest < Struct.new(
9244
10072
  :bucket,
9245
10073
  :id,
9246
- :metrics_configuration)
10074
+ :metrics_configuration,
10075
+ :expected_bucket_owner)
9247
10076
  SENSITIVE = []
9248
10077
  include Aws::Structure
9249
10078
  end
@@ -9306,6 +10135,7 @@ module Aws::S3
9306
10135
  # },
9307
10136
  # ],
9308
10137
  # },
10138
+ # expected_bucket_owner: "AccountId",
9309
10139
  # }
9310
10140
  #
9311
10141
  # @!attribute [rw] bucket
@@ -9318,11 +10148,18 @@ module Aws::S3
9318
10148
  # the bucket.
9319
10149
  # @return [Types::NotificationConfiguration]
9320
10150
  #
10151
+ # @!attribute [rw] expected_bucket_owner
10152
+ # The account id of the expected bucket owner. If the bucket is owned
10153
+ # by a different account, the request will fail with an HTTP `403
10154
+ # (Access Denied)` error.
10155
+ # @return [String]
10156
+ #
9321
10157
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketNotificationConfigurationRequest AWS API Documentation
9322
10158
  #
9323
10159
  class PutBucketNotificationConfigurationRequest < Struct.new(
9324
10160
  :bucket,
9325
- :notification_configuration)
10161
+ :notification_configuration,
10162
+ :expected_bucket_owner)
9326
10163
  SENSITIVE = []
9327
10164
  include Aws::Structure
9328
10165
  end
@@ -9354,6 +10191,7 @@ module Aws::S3
9354
10191
  # invocation_role: "CloudFunctionInvocationRole",
9355
10192
  # },
9356
10193
  # },
10194
+ # expected_bucket_owner: "AccountId",
9357
10195
  # }
9358
10196
  #
9359
10197
  # @!attribute [rw] bucket
@@ -9368,12 +10206,19 @@ module Aws::S3
9368
10206
  # The container for the configuration.
9369
10207
  # @return [Types::NotificationConfigurationDeprecated]
9370
10208
  #
10209
+ # @!attribute [rw] expected_bucket_owner
10210
+ # The account id of the expected bucket owner. If the bucket is owned
10211
+ # by a different account, the request will fail with an HTTP `403
10212
+ # (Access Denied)` error.
10213
+ # @return [String]
10214
+ #
9371
10215
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketNotificationRequest AWS API Documentation
9372
10216
  #
9373
10217
  class PutBucketNotificationRequest < Struct.new(
9374
10218
  :bucket,
9375
10219
  :content_md5,
9376
- :notification_configuration)
10220
+ :notification_configuration,
10221
+ :expected_bucket_owner)
9377
10222
  SENSITIVE = []
9378
10223
  include Aws::Structure
9379
10224
  end
@@ -9386,6 +10231,7 @@ module Aws::S3
9386
10231
  # content_md5: "ContentMD5",
9387
10232
  # confirm_remove_self_bucket_access: false,
9388
10233
  # policy: "Policy", # required
10234
+ # expected_bucket_owner: "AccountId",
9389
10235
  # }
9390
10236
  #
9391
10237
  # @!attribute [rw] bucket
@@ -9405,13 +10251,20 @@ module Aws::S3
9405
10251
  # The bucket policy as a JSON document.
9406
10252
  # @return [String]
9407
10253
  #
10254
+ # @!attribute [rw] expected_bucket_owner
10255
+ # The account id of the expected bucket owner. If the bucket is owned
10256
+ # by a different account, the request will fail with an HTTP `403
10257
+ # (Access Denied)` error.
10258
+ # @return [String]
10259
+ #
9408
10260
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketPolicyRequest AWS API Documentation
9409
10261
  #
9410
10262
  class PutBucketPolicyRequest < Struct.new(
9411
10263
  :bucket,
9412
10264
  :content_md5,
9413
10265
  :confirm_remove_self_bucket_access,
9414
- :policy)
10266
+ :policy,
10267
+ :expected_bucket_owner)
9415
10268
  SENSITIVE = []
9416
10269
  include Aws::Structure
9417
10270
  end
@@ -9457,7 +10310,7 @@ module Aws::S3
9457
10310
  # destination: { # required
9458
10311
  # bucket: "BucketName", # required
9459
10312
  # account: "AccountId",
9460
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
10313
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
9461
10314
  # access_control_translation: {
9462
10315
  # owner: "Destination", # required, accepts Destination
9463
10316
  # },
@@ -9484,6 +10337,7 @@ module Aws::S3
9484
10337
  # ],
9485
10338
  # },
9486
10339
  # token: "ObjectLockToken",
10340
+ # expected_bucket_owner: "AccountId",
9487
10341
  # }
9488
10342
  #
9489
10343
  # @!attribute [rw] bucket
@@ -9509,13 +10363,20 @@ module Aws::S3
9509
10363
  # @!attribute [rw] token
9510
10364
  # @return [String]
9511
10365
  #
10366
+ # @!attribute [rw] expected_bucket_owner
10367
+ # The account id of the expected bucket owner. If the bucket is owned
10368
+ # by a different account, the request will fail with an HTTP `403
10369
+ # (Access Denied)` error.
10370
+ # @return [String]
10371
+ #
9512
10372
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketReplicationRequest AWS API Documentation
9513
10373
  #
9514
10374
  class PutBucketReplicationRequest < Struct.new(
9515
10375
  :bucket,
9516
10376
  :content_md5,
9517
10377
  :replication_configuration,
9518
- :token)
10378
+ :token,
10379
+ :expected_bucket_owner)
9519
10380
  SENSITIVE = []
9520
10381
  include Aws::Structure
9521
10382
  end
@@ -9529,6 +10390,7 @@ module Aws::S3
9529
10390
  # request_payment_configuration: { # required
9530
10391
  # payer: "Requester", # required, accepts Requester, BucketOwner
9531
10392
  # },
10393
+ # expected_bucket_owner: "AccountId",
9532
10394
  # }
9533
10395
  #
9534
10396
  # @!attribute [rw] bucket
@@ -9550,12 +10412,19 @@ module Aws::S3
9550
10412
  # Container for Payer.
9551
10413
  # @return [Types::RequestPaymentConfiguration]
9552
10414
  #
10415
+ # @!attribute [rw] expected_bucket_owner
10416
+ # The account id of the expected bucket owner. If the bucket is owned
10417
+ # by a different account, the request will fail with an HTTP `403
10418
+ # (Access Denied)` error.
10419
+ # @return [String]
10420
+ #
9553
10421
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketRequestPaymentRequest AWS API Documentation
9554
10422
  #
9555
10423
  class PutBucketRequestPaymentRequest < Struct.new(
9556
10424
  :bucket,
9557
10425
  :content_md5,
9558
- :request_payment_configuration)
10426
+ :request_payment_configuration,
10427
+ :expected_bucket_owner)
9559
10428
  SENSITIVE = []
9560
10429
  include Aws::Structure
9561
10430
  end
@@ -9574,6 +10443,7 @@ module Aws::S3
9574
10443
  # },
9575
10444
  # ],
9576
10445
  # },
10446
+ # expected_bucket_owner: "AccountId",
9577
10447
  # }
9578
10448
  #
9579
10449
  # @!attribute [rw] bucket
@@ -9595,12 +10465,19 @@ module Aws::S3
9595
10465
  # Container for the `TagSet` and `Tag` elements.
9596
10466
  # @return [Types::Tagging]
9597
10467
  #
10468
+ # @!attribute [rw] expected_bucket_owner
10469
+ # The account id of the expected bucket owner. If the bucket is owned
10470
+ # by a different account, the request will fail with an HTTP `403
10471
+ # (Access Denied)` error.
10472
+ # @return [String]
10473
+ #
9598
10474
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketTaggingRequest AWS API Documentation
9599
10475
  #
9600
10476
  class PutBucketTaggingRequest < Struct.new(
9601
10477
  :bucket,
9602
10478
  :content_md5,
9603
- :tagging)
10479
+ :tagging,
10480
+ :expected_bucket_owner)
9604
10481
  SENSITIVE = []
9605
10482
  include Aws::Structure
9606
10483
  end
@@ -9616,6 +10493,7 @@ module Aws::S3
9616
10493
  # mfa_delete: "Enabled", # accepts Enabled, Disabled
9617
10494
  # status: "Enabled", # accepts Enabled, Suspended
9618
10495
  # },
10496
+ # expected_bucket_owner: "AccountId",
9619
10497
  # }
9620
10498
  #
9621
10499
  # @!attribute [rw] bucket
@@ -9643,13 +10521,20 @@ module Aws::S3
9643
10521
  # Container for setting the versioning state.
9644
10522
  # @return [Types::VersioningConfiguration]
9645
10523
  #
10524
+ # @!attribute [rw] expected_bucket_owner
10525
+ # The account id of the expected bucket owner. If the bucket is owned
10526
+ # by a different account, the request will fail with an HTTP `403
10527
+ # (Access Denied)` error.
10528
+ # @return [String]
10529
+ #
9646
10530
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketVersioningRequest AWS API Documentation
9647
10531
  #
9648
10532
  class PutBucketVersioningRequest < Struct.new(
9649
10533
  :bucket,
9650
10534
  :content_md5,
9651
10535
  :mfa,
9652
- :versioning_configuration)
10536
+ :versioning_configuration,
10537
+ :expected_bucket_owner)
9653
10538
  SENSITIVE = []
9654
10539
  include Aws::Structure
9655
10540
  end
@@ -9687,6 +10572,7 @@ module Aws::S3
9687
10572
  # },
9688
10573
  # ],
9689
10574
  # },
10575
+ # expected_bucket_owner: "AccountId",
9690
10576
  # }
9691
10577
  #
9692
10578
  # @!attribute [rw] bucket
@@ -9708,12 +10594,19 @@ module Aws::S3
9708
10594
  # Container for the request.
9709
10595
  # @return [Types::WebsiteConfiguration]
9710
10596
  #
10597
+ # @!attribute [rw] expected_bucket_owner
10598
+ # The account id of the expected bucket owner. If the bucket is owned
10599
+ # by a different account, the request will fail with an HTTP `403
10600
+ # (Access Denied)` error.
10601
+ # @return [String]
10602
+ #
9711
10603
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketWebsiteRequest AWS API Documentation
9712
10604
  #
9713
10605
  class PutBucketWebsiteRequest < Struct.new(
9714
10606
  :bucket,
9715
10607
  :content_md5,
9716
- :website_configuration)
10608
+ :website_configuration,
10609
+ :expected_bucket_owner)
9717
10610
  SENSITIVE = []
9718
10611
  include Aws::Structure
9719
10612
  end
@@ -9764,6 +10657,7 @@ module Aws::S3
9764
10657
  # key: "ObjectKey", # required
9765
10658
  # request_payer: "requester", # accepts requester
9766
10659
  # version_id: "ObjectVersionId",
10660
+ # expected_bucket_owner: "AccountId",
9767
10661
  # }
9768
10662
  #
9769
10663
  # @!attribute [rw] acl
@@ -9833,6 +10727,29 @@ module Aws::S3
9833
10727
  #
9834
10728
  # @!attribute [rw] key
9835
10729
  # Key for which the PUT operation was initiated.
10730
+ #
10731
+ # When using this API with an access point, you must direct requests
10732
+ # to the access point hostname. The access point hostname takes the
10733
+ # form
10734
+ # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
10735
+ # When using this operation using an access point through the AWS
10736
+ # SDKs, you provide the access point ARN in place of the bucket name.
10737
+ # For more information about access point ARNs, see [Using Access
10738
+ # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
10739
+ #
10740
+ # When using this API with Amazon S3 on Outposts, you must direct
10741
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
10742
+ # takes the form
10743
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
10744
+ # When using this operation using S3 on Outposts through the AWS SDKs,
10745
+ # you provide the Outposts bucket ARN in place of the bucket name. For
10746
+ # more information about S3 on Outposts ARNs, see [Using S3 on
10747
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
10748
+ #
10749
+ #
10750
+ #
10751
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
10752
+ # [2]: https://docs.aws.amazon.com/
9836
10753
  # @return [String]
9837
10754
  #
9838
10755
  # @!attribute [rw] request_payer
@@ -9851,6 +10768,12 @@ module Aws::S3
9851
10768
  # VersionId used to reference a specific version of the object.
9852
10769
  # @return [String]
9853
10770
  #
10771
+ # @!attribute [rw] expected_bucket_owner
10772
+ # The account id of the expected bucket owner. If the bucket is owned
10773
+ # by a different account, the request will fail with an HTTP `403
10774
+ # (Access Denied)` error.
10775
+ # @return [String]
10776
+ #
9854
10777
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectAclRequest AWS API Documentation
9855
10778
  #
9856
10779
  class PutObjectAclRequest < Struct.new(
@@ -9865,7 +10788,8 @@ module Aws::S3
9865
10788
  :grant_write_acp,
9866
10789
  :key,
9867
10790
  :request_payer,
9868
- :version_id)
10791
+ :version_id,
10792
+ :expected_bucket_owner)
9869
10793
  SENSITIVE = []
9870
10794
  include Aws::Structure
9871
10795
  end
@@ -9895,6 +10819,7 @@ module Aws::S3
9895
10819
  # request_payer: "requester", # accepts requester
9896
10820
  # version_id: "ObjectVersionId",
9897
10821
  # content_md5: "ContentMD5",
10822
+ # expected_bucket_owner: "AccountId",
9898
10823
  # }
9899
10824
  #
9900
10825
  # @!attribute [rw] bucket
@@ -9944,6 +10869,12 @@ module Aws::S3
9944
10869
  # The MD5 hash for the request body.
9945
10870
  # @return [String]
9946
10871
  #
10872
+ # @!attribute [rw] expected_bucket_owner
10873
+ # The account id of the expected bucket owner. If the bucket is owned
10874
+ # by a different account, the request will fail with an HTTP `403
10875
+ # (Access Denied)` error.
10876
+ # @return [String]
10877
+ #
9947
10878
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectLegalHoldRequest AWS API Documentation
9948
10879
  #
9949
10880
  class PutObjectLegalHoldRequest < Struct.new(
@@ -9952,7 +10883,8 @@ module Aws::S3
9952
10883
  :legal_hold,
9953
10884
  :request_payer,
9954
10885
  :version_id,
9955
- :content_md5)
10886
+ :content_md5,
10887
+ :expected_bucket_owner)
9956
10888
  SENSITIVE = []
9957
10889
  include Aws::Structure
9958
10890
  end
@@ -9988,6 +10920,7 @@ module Aws::S3
9988
10920
  # request_payer: "requester", # accepts requester
9989
10921
  # token: "ObjectLockToken",
9990
10922
  # content_md5: "ContentMD5",
10923
+ # expected_bucket_owner: "AccountId",
9991
10924
  # }
9992
10925
  #
9993
10926
  # @!attribute [rw] bucket
@@ -10020,6 +10953,12 @@ module Aws::S3
10020
10953
  # The MD5 hash for the request body.
10021
10954
  # @return [String]
10022
10955
  #
10956
+ # @!attribute [rw] expected_bucket_owner
10957
+ # The account id of the expected bucket owner. If the bucket is owned
10958
+ # by a different account, the request will fail with an HTTP `403
10959
+ # (Access Denied)` error.
10960
+ # @return [String]
10961
+ #
10023
10962
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectLockConfigurationRequest AWS API Documentation
10024
10963
  #
10025
10964
  class PutObjectLockConfigurationRequest < Struct.new(
@@ -10027,17 +10966,22 @@ module Aws::S3
10027
10966
  :object_lock_configuration,
10028
10967
  :request_payer,
10029
10968
  :token,
10030
- :content_md5)
10969
+ :content_md5,
10970
+ :expected_bucket_owner)
10031
10971
  SENSITIVE = []
10032
10972
  include Aws::Structure
10033
10973
  end
10034
10974
 
10035
10975
  # @!attribute [rw] expiration
10036
10976
  # If the expiration is configured for the object (see
10037
- # PutBucketLifecycleConfiguration), the response includes this header.
10038
- # It includes the expiry-date and rule-id key-value pairs that provide
10039
- # information about object expiration. The value of the rule-id is URL
10040
- # encoded.
10977
+ # [PutBucketLifecycleConfiguration][1]), the response includes this
10978
+ # header. It includes the expiry-date and rule-id key-value pairs that
10979
+ # provide information about object expiration. The value of the
10980
+ # rule-id is URL encoded.
10981
+ #
10982
+ #
10983
+ #
10984
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html
10041
10985
  # @return [String]
10042
10986
  #
10043
10987
  # @!attribute [rw] etag
@@ -10127,7 +11071,7 @@ module Aws::S3
10127
11071
  # "MetadataKey" => "MetadataValue",
10128
11072
  # },
10129
11073
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
10130
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
11074
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
10131
11075
  # website_redirect_location: "WebsiteRedirectLocation",
10132
11076
  # sse_customer_algorithm: "SSECustomerAlgorithm",
10133
11077
  # sse_customer_key: "SSECustomerKey",
@@ -10139,6 +11083,7 @@ module Aws::S3
10139
11083
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
10140
11084
  # object_lock_retain_until_date: Time.now,
10141
11085
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
11086
+ # expected_bucket_owner: "AccountId",
10142
11087
  # }
10143
11088
  #
10144
11089
  # @!attribute [rw] acl
@@ -10155,7 +11100,7 @@ module Aws::S3
10155
11100
  # @return [IO]
10156
11101
  #
10157
11102
  # @!attribute [rw] bucket
10158
- # Bucket name to which the PUT operation was initiated.
11103
+ # The bucket name to which the PUT operation was initiated.
10159
11104
  #
10160
11105
  # When using this API with an access point, you must direct requests
10161
11106
  # to the access point hostname. The access point hostname takes the
@@ -10166,9 +11111,19 @@ module Aws::S3
10166
11111
  # For more information about access point ARNs, see [Using Access
10167
11112
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
10168
11113
  #
11114
+ # When using this API with Amazon S3 on Outposts, you must direct
11115
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
11116
+ # takes the form
11117
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
11118
+ # When using this operation using S3 on Outposts through the AWS SDKs,
11119
+ # you provide the Outposts bucket ARN in place of the bucket name. For
11120
+ # more information about S3 on Outposts ARNs, see [Using S3 on
11121
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
11122
+ #
10169
11123
  #
10170
11124
  #
10171
11125
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
11126
+ # [2]: https://docs.aws.amazon.com/
10172
11127
  # @return [String]
10173
11128
  #
10174
11129
  # @!attribute [rw] cache_control
@@ -10325,7 +11280,7 @@ module Aws::S3
10325
11280
  # in encrypting data. This value is used to store the object and then
10326
11281
  # it is discarded; Amazon S3 does not store the encryption key. The
10327
11282
  # key must be appropriate for use with the algorithm specified in the
10328
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
11283
+ # `x-amz-server-side-encryption-customer-algorithm` header.
10329
11284
  # @return [String]
10330
11285
  #
10331
11286
  # @!attribute [rw] sse_customer_key_md5
@@ -10389,6 +11344,12 @@ module Aws::S3
10389
11344
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
10390
11345
  # @return [String]
10391
11346
  #
11347
+ # @!attribute [rw] expected_bucket_owner
11348
+ # The account id of the expected bucket owner. If the bucket is owned
11349
+ # by a different account, the request will fail with an HTTP `403
11350
+ # (Access Denied)` error.
11351
+ # @return [String]
11352
+ #
10392
11353
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectRequest AWS API Documentation
10393
11354
  #
10394
11355
  class PutObjectRequest < Struct.new(
@@ -10421,7 +11382,8 @@ module Aws::S3
10421
11382
  :tagging,
10422
11383
  :object_lock_mode,
10423
11384
  :object_lock_retain_until_date,
10424
- :object_lock_legal_hold_status)
11385
+ :object_lock_legal_hold_status,
11386
+ :expected_bucket_owner)
10425
11387
  SENSITIVE = [:sse_customer_key, :ssekms_key_id, :ssekms_encryption_context]
10426
11388
  include Aws::Structure
10427
11389
  end
@@ -10453,6 +11415,7 @@ module Aws::S3
10453
11415
  # version_id: "ObjectVersionId",
10454
11416
  # bypass_governance_retention: false,
10455
11417
  # content_md5: "ContentMD5",
11418
+ # expected_bucket_owner: "AccountId",
10456
11419
  # }
10457
11420
  #
10458
11421
  # @!attribute [rw] bucket
@@ -10508,6 +11471,12 @@ module Aws::S3
10508
11471
  # The MD5 hash for the request body.
10509
11472
  # @return [String]
10510
11473
  #
11474
+ # @!attribute [rw] expected_bucket_owner
11475
+ # The account id of the expected bucket owner. If the bucket is owned
11476
+ # by a different account, the request will fail with an HTTP `403
11477
+ # (Access Denied)` error.
11478
+ # @return [String]
11479
+ #
10511
11480
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectRetentionRequest AWS API Documentation
10512
11481
  #
10513
11482
  class PutObjectRetentionRequest < Struct.new(
@@ -10517,7 +11486,8 @@ module Aws::S3
10517
11486
  :request_payer,
10518
11487
  :version_id,
10519
11488
  :bypass_governance_retention,
10520
- :content_md5)
11489
+ :content_md5,
11490
+ :expected_bucket_owner)
10521
11491
  SENSITIVE = []
10522
11492
  include Aws::Structure
10523
11493
  end
@@ -10550,6 +11520,7 @@ module Aws::S3
10550
11520
  # },
10551
11521
  # ],
10552
11522
  # },
11523
+ # expected_bucket_owner: "AccountId",
10553
11524
  # }
10554
11525
  #
10555
11526
  # @!attribute [rw] bucket
@@ -10564,9 +11535,19 @@ module Aws::S3
10564
11535
  # For more information about access point ARNs, see [Using Access
10565
11536
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
10566
11537
  #
11538
+ # When using this API with Amazon S3 on Outposts, you must direct
11539
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
11540
+ # takes the form
11541
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
11542
+ # When using this operation using S3 on Outposts through the AWS SDKs,
11543
+ # you provide the Outposts bucket ARN in place of the bucket name. For
11544
+ # more information about S3 on Outposts ARNs, see [Using S3 on
11545
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
11546
+ #
10567
11547
  #
10568
11548
  #
10569
11549
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
11550
+ # [2]: https://docs.aws.amazon.com/
10570
11551
  # @return [String]
10571
11552
  #
10572
11553
  # @!attribute [rw] key
@@ -10585,6 +11566,12 @@ module Aws::S3
10585
11566
  # Container for the `TagSet` and `Tag` elements
10586
11567
  # @return [Types::Tagging]
10587
11568
  #
11569
+ # @!attribute [rw] expected_bucket_owner
11570
+ # The account id of the expected bucket owner. If the bucket is owned
11571
+ # by a different account, the request will fail with an HTTP `403
11572
+ # (Access Denied)` error.
11573
+ # @return [String]
11574
+ #
10588
11575
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectTaggingRequest AWS API Documentation
10589
11576
  #
10590
11577
  class PutObjectTaggingRequest < Struct.new(
@@ -10592,7 +11579,8 @@ module Aws::S3
10592
11579
  :key,
10593
11580
  :version_id,
10594
11581
  :content_md5,
10595
- :tagging)
11582
+ :tagging,
11583
+ :expected_bucket_owner)
10596
11584
  SENSITIVE = []
10597
11585
  include Aws::Structure
10598
11586
  end
@@ -10609,6 +11597,7 @@ module Aws::S3
10609
11597
  # block_public_policy: false,
10610
11598
  # restrict_public_buckets: false,
10611
11599
  # },
11600
+ # expected_bucket_owner: "AccountId",
10612
11601
  # }
10613
11602
  #
10614
11603
  # @!attribute [rw] bucket
@@ -10632,12 +11621,19 @@ module Aws::S3
10632
11621
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status
10633
11622
  # @return [Types::PublicAccessBlockConfiguration]
10634
11623
  #
11624
+ # @!attribute [rw] expected_bucket_owner
11625
+ # The account id of the expected bucket owner. If the bucket is owned
11626
+ # by a different account, the request will fail with an HTTP `403
11627
+ # (Access Denied)` error.
11628
+ # @return [String]
11629
+ #
10635
11630
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutPublicAccessBlockRequest AWS API Documentation
10636
11631
  #
10637
11632
  class PutPublicAccessBlockRequest < Struct.new(
10638
11633
  :bucket,
10639
11634
  :content_md5,
10640
- :public_access_block_configuration)
11635
+ :public_access_block_configuration,
11636
+ :expected_bucket_owner)
10641
11637
  SENSITIVE = []
10642
11638
  include Aws::Structure
10643
11639
  end
@@ -10702,11 +11698,15 @@ module Aws::S3
10702
11698
  include Aws::Structure
10703
11699
  end
10704
11700
 
10705
- # This data type is deprecated. Use QueueConfiguration for the same
11701
+ # This data type is deprecated. Use [QueueConfiguration][1] for the same
10706
11702
  # purposes. This data type specifies the configuration for publishing
10707
11703
  # messages to an Amazon Simple Queue Service (Amazon SQS) queue when
10708
11704
  # Amazon S3 detects specified events.
10709
11705
  #
11706
+ #
11707
+ #
11708
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_QueueConfiguration.html
11709
+ #
10710
11710
  # @note When making an API call, you may pass QueueConfigurationDeprecated
10711
11711
  # data as a hash:
10712
11712
  #
@@ -10890,7 +11890,7 @@ module Aws::S3
10890
11890
  # destination: { # required
10891
11891
  # bucket: "BucketName", # required
10892
11892
  # account: "AccountId",
10893
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
11893
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
10894
11894
  # access_control_translation: {
10895
11895
  # owner: "Destination", # required, accepts Destination
10896
11896
  # },
@@ -10981,7 +11981,7 @@ module Aws::S3
10981
11981
  # destination: { # required
10982
11982
  # bucket: "BucketName", # required
10983
11983
  # account: "AccountId",
10984
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
11984
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
10985
11985
  # access_control_translation: {
10986
11986
  # owner: "Destination", # required, accepts Destination
10987
11987
  # },
@@ -11406,11 +12406,12 @@ module Aws::S3
11406
12406
  # value: "MetadataValue",
11407
12407
  # },
11408
12408
  # ],
11409
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
12409
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
11410
12410
  # },
11411
12411
  # },
11412
12412
  # },
11413
12413
  # request_payer: "requester", # accepts requester
12414
+ # expected_bucket_owner: "AccountId",
11414
12415
  # }
11415
12416
  #
11416
12417
  # @!attribute [rw] bucket
@@ -11425,9 +12426,19 @@ module Aws::S3
11425
12426
  # For more information about access point ARNs, see [Using Access
11426
12427
  # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
11427
12428
  #
12429
+ # When using this API with Amazon S3 on Outposts, you must direct
12430
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
12431
+ # takes the form
12432
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
12433
+ # When using this operation using S3 on Outposts through the AWS SDKs,
12434
+ # you provide the Outposts bucket ARN in place of the bucket name. For
12435
+ # more information about S3 on Outposts ARNs, see [Using S3 on
12436
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
12437
+ #
11428
12438
  #
11429
12439
  #
11430
12440
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
12441
+ # [2]: https://docs.aws.amazon.com/
11431
12442
  # @return [String]
11432
12443
  #
11433
12444
  # @!attribute [rw] key
@@ -11454,6 +12465,12 @@ module Aws::S3
11454
12465
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
11455
12466
  # @return [String]
11456
12467
  #
12468
+ # @!attribute [rw] expected_bucket_owner
12469
+ # The account id of the expected bucket owner. If the bucket is owned
12470
+ # by a different account, the request will fail with an HTTP `403
12471
+ # (Access Denied)` error.
12472
+ # @return [String]
12473
+ #
11457
12474
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/RestoreObjectRequest AWS API Documentation
11458
12475
  #
11459
12476
  class RestoreObjectRequest < Struct.new(
@@ -11461,7 +12478,8 @@ module Aws::S3
11461
12478
  :key,
11462
12479
  :version_id,
11463
12480
  :restore_request,
11464
- :request_payer)
12481
+ :request_payer,
12482
+ :expected_bucket_owner)
11465
12483
  SENSITIVE = []
11466
12484
  include Aws::Structure
11467
12485
  end
@@ -11548,7 +12566,7 @@ module Aws::S3
11548
12566
  # value: "MetadataValue",
11549
12567
  # },
11550
12568
  # ],
11551
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
12569
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
11552
12570
  # },
11553
12571
  # },
11554
12572
  # }
@@ -11597,7 +12615,14 @@ module Aws::S3
11597
12615
  include Aws::Structure
11598
12616
  end
11599
12617
 
11600
- # Specifies the redirect behavior and when a redirect is applied.
12618
+ # Specifies the redirect behavior and when a redirect is applied. For
12619
+ # more information about routing rules, see [Configuring advanced
12620
+ # conditional redirects][1] in the *Amazon Simple Storage Service
12621
+ # Developer Guide*.
12622
+ #
12623
+ #
12624
+ #
12625
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects
11601
12626
  #
11602
12627
  # @note When making an API call, you may pass RoutingRule
11603
12628
  # data as a hash:
@@ -11823,7 +12848,7 @@ module Aws::S3
11823
12848
  # value: "MetadataValue",
11824
12849
  # },
11825
12850
  # ],
11826
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
12851
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
11827
12852
  # }
11828
12853
  #
11829
12854
  # @!attribute [rw] bucket_name
@@ -12017,6 +13042,7 @@ module Aws::S3
12017
13042
  # start: 1,
12018
13043
  # end: 1,
12019
13044
  # },
13045
+ # expected_bucket_owner: "AccountId",
12020
13046
  # }
12021
13047
  #
12022
13048
  # @!attribute [rw] bucket
@@ -12098,6 +13124,12 @@ module Aws::S3
12098
13124
  # within the last 50 bytes of the file.
12099
13125
  # @return [Types::ScanRange]
12100
13126
  #
13127
+ # @!attribute [rw] expected_bucket_owner
13128
+ # The account id of the expected bucket owner. If the bucket is owned
13129
+ # by a different account, the request will fail with an HTTP `403
13130
+ # (Access Denied)` error.
13131
+ # @return [String]
13132
+ #
12101
13133
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/SelectObjectContentRequest AWS API Documentation
12102
13134
  #
12103
13135
  class SelectObjectContentRequest < Struct.new(
@@ -12111,7 +13143,8 @@ module Aws::S3
12111
13143
  :request_progress,
12112
13144
  :input_serialization,
12113
13145
  :output_serialization,
12114
- :scan_range)
13146
+ :scan_range,
13147
+ :expected_bucket_owner)
12115
13148
  SENSITIVE = [:sse_customer_key]
12116
13149
  include Aws::Structure
12117
13150
  end
@@ -12533,7 +13566,7 @@ module Aws::S3
12533
13566
  # @return [Types::Grantee]
12534
13567
  #
12535
13568
  # @!attribute [rw] permission
12536
- # Logging permissions assigned to the Grantee for the bucket.
13569
+ # Logging permissions assigned to the grantee for the bucket.
12537
13570
  # @return [String]
12538
13571
  #
12539
13572
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/TargetGrant AWS API Documentation
@@ -12614,7 +13647,11 @@ module Aws::S3
12614
13647
  # A container for specifying the configuration for publication of
12615
13648
  # messages to an Amazon Simple Notification Service (Amazon SNS) topic
12616
13649
  # when Amazon S3 detects specified events. This data type is deprecated.
12617
- # Use TopicConfiguration instead.
13650
+ # Use [TopicConfiguration][1] instead.
13651
+ #
13652
+ #
13653
+ #
13654
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_TopicConfiguration.html
12618
13655
  #
12619
13656
  # @note When making an API call, you may pass TopicConfigurationDeprecated
12620
13657
  # data as a hash:
@@ -12773,15 +13810,82 @@ module Aws::S3
12773
13810
  # copy_source_sse_customer_key: "CopySourceSSECustomerKey",
12774
13811
  # copy_source_sse_customer_key_md5: "CopySourceSSECustomerKeyMD5",
12775
13812
  # request_payer: "requester", # accepts requester
13813
+ # expected_bucket_owner: "AccountId",
13814
+ # expected_source_bucket_owner: "AccountId",
12776
13815
  # }
12777
13816
  #
12778
13817
  # @!attribute [rw] bucket
12779
13818
  # The bucket name.
13819
+ #
13820
+ # When using this API with an access point, you must direct requests
13821
+ # to the access point hostname. The access point hostname takes the
13822
+ # form
13823
+ # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
13824
+ # When using this operation using an access point through the AWS
13825
+ # SDKs, you provide the access point ARN in place of the bucket name.
13826
+ # For more information about access point ARNs, see [Using Access
13827
+ # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
13828
+ #
13829
+ # When using this API with Amazon S3 on Outposts, you must direct
13830
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
13831
+ # takes the form
13832
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
13833
+ # When using this operation using S3 on Outposts through the AWS SDKs,
13834
+ # you provide the Outposts bucket ARN in place of the bucket name. For
13835
+ # more information about S3 on Outposts ARNs, see [Using S3 on
13836
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
13837
+ #
13838
+ #
13839
+ #
13840
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
13841
+ # [2]: https://docs.aws.amazon.com/
12780
13842
  # @return [String]
12781
13843
  #
12782
13844
  # @!attribute [rw] copy_source
12783
- # The name of the source bucket and key name of the source object,
12784
- # separated by a slash (/). Must be URL-encoded.
13845
+ # Specifies the source object for the copy operation. You specify the
13846
+ # value in one of two formats, depending on whether you want to access
13847
+ # the source object through an [access point][1]\:
13848
+ #
13849
+ # * For objects not accessed through an access point, specify the name
13850
+ # of the source bucket and key of the source object, separated by a
13851
+ # slash (/). For example, to copy the object `reports/january.pdf`
13852
+ # from the bucket `awsexamplebucket`, use
13853
+ # `awsexamplebucket/reports/january.pdf`. The value must be URL
13854
+ # encoded.
13855
+ #
13856
+ # * For objects accessed through access points, specify the Amazon
13857
+ # Resource Name (ARN) of the object as accessed through the access
13858
+ # point, in the format
13859
+ # `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`.
13860
+ # For example, to copy the object `reports/january.pdf` through
13861
+ # access point `my-access-point` owned by account `123456789012` in
13862
+ # Region `us-west-2`, use the URL encoding of
13863
+ # `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
13864
+ # The value must be URL encoded.
13865
+ #
13866
+ # <note markdown="1"> Amazon S3 supports copy operations using access points only when
13867
+ # the source and destination buckets are in the same AWS Region.
13868
+ #
13869
+ # </note>
13870
+ #
13871
+ # Alternatively, for objects accessed through Amazon S3 on Outposts,
13872
+ # specify the ARN of the object as accessed in the format
13873
+ # `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/object/<key>`.
13874
+ # For example, to copy the object `reports/january.pdf` through
13875
+ # outpost `my-outpost` owned by account `123456789012` in Region
13876
+ # `us-west-2`, use the URL encoding of
13877
+ # `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`.
13878
+ # The value must be URL encoded.
13879
+ #
13880
+ # To copy a specific version of an object, append
13881
+ # `?versionId=<version-id>` to the value (for example,
13882
+ # `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
13883
+ # If you don't specify a version ID, Amazon S3 copies the latest
13884
+ # version of the source object.
13885
+ #
13886
+ #
13887
+ #
13888
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html
12785
13889
  # @return [String]
12786
13890
  #
12787
13891
  # @!attribute [rw] copy_source_if_match
@@ -12835,8 +13939,8 @@ module Aws::S3
12835
13939
  # in encrypting data. This value is used to store the object and then
12836
13940
  # it is discarded; Amazon S3 does not store the encryption key. The
12837
13941
  # key must be appropriate for use with the algorithm specified in the
12838
- # `x-amz-server-side​-encryption​-customer-algorithm` header. This
12839
- # must be the same encryption key specified in the initiate multipart
13942
+ # `x-amz-server-side-encryption-customer-algorithm` header. This must
13943
+ # be the same encryption key specified in the initiate multipart
12840
13944
  # upload request.
12841
13945
  # @return [String]
12842
13946
  #
@@ -12875,6 +13979,18 @@ module Aws::S3
12875
13979
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
12876
13980
  # @return [String]
12877
13981
  #
13982
+ # @!attribute [rw] expected_bucket_owner
13983
+ # The account id of the expected destination bucket owner. If the
13984
+ # destination bucket is owned by a different account, the request will
13985
+ # fail with an HTTP `403 (Access Denied)` error.
13986
+ # @return [String]
13987
+ #
13988
+ # @!attribute [rw] expected_source_bucket_owner
13989
+ # The account id of the expected source bucket owner. If the source
13990
+ # bucket is owned by a different account, the request will fail with
13991
+ # an HTTP `403 (Access Denied)` error.
13992
+ # @return [String]
13993
+ #
12878
13994
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/UploadPartCopyRequest AWS API Documentation
12879
13995
  #
12880
13996
  class UploadPartCopyRequest < Struct.new(
@@ -12894,7 +14010,9 @@ module Aws::S3
12894
14010
  :copy_source_sse_customer_algorithm,
12895
14011
  :copy_source_sse_customer_key,
12896
14012
  :copy_source_sse_customer_key_md5,
12897
- :request_payer)
14013
+ :request_payer,
14014
+ :expected_bucket_owner,
14015
+ :expected_source_bucket_owner)
12898
14016
  SENSITIVE = [:sse_customer_key, :copy_source_sse_customer_key]
12899
14017
  include Aws::Structure
12900
14018
  end
@@ -12960,6 +14078,7 @@ module Aws::S3
12960
14078
  # sse_customer_key: "SSECustomerKey",
12961
14079
  # sse_customer_key_md5: "SSECustomerKeyMD5",
12962
14080
  # request_payer: "requester", # accepts requester
14081
+ # expected_bucket_owner: "AccountId",
12963
14082
  # }
12964
14083
  #
12965
14084
  # @!attribute [rw] body
@@ -12967,7 +14086,30 @@ module Aws::S3
12967
14086
  # @return [IO]
12968
14087
  #
12969
14088
  # @!attribute [rw] bucket
12970
- # Name of the bucket to which the multipart upload was initiated.
14089
+ # The name of the bucket to which the multipart upload was initiated.
14090
+ #
14091
+ # When using this API with an access point, you must direct requests
14092
+ # to the access point hostname. The access point hostname takes the
14093
+ # form
14094
+ # *AccessPointName*-*AccountId*.s3-accesspoint.*Region*.amazonaws.com.
14095
+ # When using this operation using an access point through the AWS
14096
+ # SDKs, you provide the access point ARN in place of the bucket name.
14097
+ # For more information about access point ARNs, see [Using Access
14098
+ # Points][1] in the *Amazon Simple Storage Service Developer Guide*.
14099
+ #
14100
+ # When using this API with Amazon S3 on Outposts, you must direct
14101
+ # requests to the S3 on Outposts hostname. The S3 on Outposts hostname
14102
+ # takes the form
14103
+ # *AccessPointName*-*AccountId*.*outpostID*.s3-outposts.*Region*.amazonaws.com.
14104
+ # When using this operation using S3 on Outposts through the AWS SDKs,
14105
+ # you provide the Outposts bucket ARN in place of the bucket name. For
14106
+ # more information about S3 on Outposts ARNs, see [Using S3 on
14107
+ # Outposts][2] in the *Amazon Simple Storage Service Developer Guide*.
14108
+ #
14109
+ #
14110
+ #
14111
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html
14112
+ # [2]: https://docs.aws.amazon.com/
12971
14113
  # @return [String]
12972
14114
  #
12973
14115
  # @!attribute [rw] content_length
@@ -13005,8 +14147,8 @@ module Aws::S3
13005
14147
  # in encrypting data. This value is used to store the object and then
13006
14148
  # it is discarded; Amazon S3 does not store the encryption key. The
13007
14149
  # key must be appropriate for use with the algorithm specified in the
13008
- # `x-amz-server-side​-encryption​-customer-algorithm header`. This
13009
- # must be the same encryption key specified in the initiate multipart
14150
+ # `x-amz-server-side-encryption-customer-algorithm header`. This must
14151
+ # be the same encryption key specified in the initiate multipart
13010
14152
  # upload request.
13011
14153
  # @return [String]
13012
14154
  #
@@ -13028,6 +14170,12 @@ module Aws::S3
13028
14170
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
13029
14171
  # @return [String]
13030
14172
  #
14173
+ # @!attribute [rw] expected_bucket_owner
14174
+ # The account id of the expected bucket owner. If the bucket is owned
14175
+ # by a different account, the request will fail with an HTTP `403
14176
+ # (Access Denied)` error.
14177
+ # @return [String]
14178
+ #
13031
14179
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/UploadPartRequest AWS API Documentation
13032
14180
  #
13033
14181
  class UploadPartRequest < Struct.new(
@@ -13041,7 +14189,8 @@ module Aws::S3
13041
14189
  :sse_customer_algorithm,
13042
14190
  :sse_customer_key,
13043
14191
  :sse_customer_key_md5,
13044
- :request_payer)
14192
+ :request_payer,
14193
+ :expected_bucket_owner)
13045
14194
  SENSITIVE = [:sse_customer_key]
13046
14195
  include Aws::Structure
13047
14196
  end