aws-sdk-s3 1.79.1 → 1.80.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -220,6 +220,7 @@ module Aws::S3
220
220
  #
221
221
  # multipart_upload.abort({
222
222
  # request_payer: "requester", # accepts requester
223
+ # expected_bucket_owner: "AccountId",
223
224
  # })
224
225
  # @param [Hash] options ({})
225
226
  # @option options [String] :request_payer
@@ -232,6 +233,10 @@ module Aws::S3
232
233
  #
233
234
  #
234
235
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
236
+ # @option options [String] :expected_bucket_owner
237
+ # The account id of the expected bucket owner. If the bucket is owned by
238
+ # a different account, the request will fail with an HTTP `403 (Access
239
+ # Denied)` error.
235
240
  # @return [Types::AbortMultipartUploadOutput]
236
241
  def abort(options = {})
237
242
  options = options.merge(
@@ -255,6 +260,7 @@ module Aws::S3
255
260
  # ],
256
261
  # },
257
262
  # request_payer: "requester", # accepts requester
263
+ # expected_bucket_owner: "AccountId",
258
264
  # })
259
265
  # @param [Hash] options ({})
260
266
  # @option options [Types::CompletedMultipartUpload] :multipart_upload
@@ -269,6 +275,10 @@ module Aws::S3
269
275
  #
270
276
  #
271
277
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
278
+ # @option options [String] :expected_bucket_owner
279
+ # The account id of the expected bucket owner. If the bucket is owned by
280
+ # a different account, the request will fail with an HTTP `403 (Access
281
+ # Denied)` error.
272
282
  # @return [Object]
273
283
  def complete(options = {})
274
284
  options = options.merge(
@@ -311,6 +321,7 @@ module Aws::S3
311
321
  #
312
322
  # parts = multipart_upload.parts({
313
323
  # request_payer: "requester", # accepts requester
324
+ # expected_bucket_owner: "AccountId",
314
325
  # })
315
326
  # @param [Hash] options ({})
316
327
  # @option options [String] :request_payer
@@ -323,6 +334,10 @@ module Aws::S3
323
334
  #
324
335
  #
325
336
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
337
+ # @option options [String] :expected_bucket_owner
338
+ # The account id of the expected bucket owner. If the bucket is owned by
339
+ # a different account, the request will fail with an HTTP `403 (Access
340
+ # Denied)` error.
326
341
  # @return [MultipartUploadPart::Collection]
327
342
  def parts(options = {})
328
343
  batches = Enumerator.new do |y|
@@ -221,11 +221,46 @@ module Aws::S3
221
221
  # copy_source_sse_customer_key: "CopySourceSSECustomerKey",
222
222
  # copy_source_sse_customer_key_md5: "CopySourceSSECustomerKeyMD5",
223
223
  # request_payer: "requester", # accepts requester
224
+ # expected_bucket_owner: "AccountId",
225
+ # expected_source_bucket_owner: "AccountId",
224
226
  # })
225
227
  # @param [Hash] options ({})
226
228
  # @option options [required, String] :copy_source
227
- # The name of the source bucket and key name of the source object,
228
- # separated by a slash (/). Must be URL-encoded.
229
+ # Specifies the source object for the copy operation. You specify the
230
+ # value in one of two formats, depending on whether you want to access
231
+ # the source object through an [access point][1]\:
232
+ #
233
+ # * For objects not accessed through an access point, specify the name
234
+ # of the source bucket and key of the source object, separated by a
235
+ # slash (/). For example, to copy the object `reports/january.pdf`
236
+ # from the bucket `awsexamplebucket`, use
237
+ # `awsexamplebucket/reports/january.pdf`. The value must be URL
238
+ # encoded.
239
+ #
240
+ # * For objects accessed through access points, specify the Amazon
241
+ # Resource Name (ARN) of the object as accessed through the access
242
+ # point, in the format
243
+ # `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`.
244
+ # For example, to copy the object `reports/january.pdf` through the
245
+ # access point `my-access-point` owned by account `123456789012` in
246
+ # Region `us-west-2`, use the URL encoding of
247
+ # `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
248
+ # The value must be URL encoded.
249
+ #
250
+ # <note markdown="1"> Amazon S3 supports copy operations using access points only when the
251
+ # source and destination buckets are in the same AWS Region.
252
+ #
253
+ # </note>
254
+ #
255
+ # To copy a specific version of an object, append
256
+ # `?versionId=<version-id>` to the value (for example,
257
+ # `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
258
+ # If you don't specify a version ID, Amazon S3 copies the latest
259
+ # version of the source object.
260
+ #
261
+ #
262
+ #
263
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html
229
264
  # @option options [String] :copy_source_if_match
230
265
  # Copies the object if its entity tag (ETag) matches the specified tag.
231
266
  # @option options [Time,DateTime,Date,Integer,String] :copy_source_if_modified_since
@@ -250,8 +285,8 @@ module Aws::S3
250
285
  # encrypting data. This value is used to store the object and then it is
251
286
  # discarded; Amazon S3 does not store the encryption key. The key must
252
287
  # be appropriate for use with the algorithm specified in the
253
- # `x-amz-server-side​-encryption​-customer-algorithm` header. This must
254
- # be the same encryption key specified in the initiate multipart upload
288
+ # `x-amz-server-side-encryption-customer-algorithm` header. This must be
289
+ # the same encryption key specified in the initiate multipart upload
255
290
  # request.
256
291
  # @option options [String] :sse_customer_key_md5
257
292
  # Specifies the 128-bit MD5 digest of the encryption key according to
@@ -278,6 +313,14 @@ module Aws::S3
278
313
  #
279
314
  #
280
315
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
316
+ # @option options [String] :expected_bucket_owner
317
+ # The account id of the expected destination bucket owner. If the
318
+ # destination bucket is owned by a different account, the request will
319
+ # fail with an HTTP `403 (Access Denied)` error.
320
+ # @option options [String] :expected_source_bucket_owner
321
+ # The account id of the expected source bucket owner. If the source
322
+ # bucket is owned by a different account, the request will fail with an
323
+ # HTTP `403 (Access Denied)` error.
281
324
  # @return [Types::UploadPartCopyOutput]
282
325
  def copy_from(options = {})
283
326
  options = options.merge(
@@ -300,6 +343,7 @@ module Aws::S3
300
343
  # sse_customer_key: "SSECustomerKey",
301
344
  # sse_customer_key_md5: "SSECustomerKeyMD5",
302
345
  # request_payer: "requester", # accepts requester
346
+ # expected_bucket_owner: "AccountId",
303
347
  # })
304
348
  # @param [Hash] options ({})
305
349
  # @option options [String, StringIO, File] :body
@@ -319,8 +363,8 @@ module Aws::S3
319
363
  # encrypting data. This value is used to store the object and then it is
320
364
  # discarded; Amazon S3 does not store the encryption key. The key must
321
365
  # be appropriate for use with the algorithm specified in the
322
- # `x-amz-server-side​-encryption​-customer-algorithm header`. This must
323
- # be the same encryption key specified in the initiate multipart upload
366
+ # `x-amz-server-side-encryption-customer-algorithm header`. This must be
367
+ # the same encryption key specified in the initiate multipart upload
324
368
  # request.
325
369
  # @option options [String] :sse_customer_key_md5
326
370
  # Specifies the 128-bit MD5 digest of the encryption key according to
@@ -336,6 +380,10 @@ module Aws::S3
336
380
  #
337
381
  #
338
382
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
383
+ # @option options [String] :expected_bucket_owner
384
+ # The account id of the expected bucket owner. If the bucket is owned by
385
+ # a different account, the request will fail with an HTTP `403 (Access
386
+ # Denied)` error.
339
387
  # @return [Types::UploadPartOutput]
340
388
  def upload(options = {})
341
389
  options = options.merge(
@@ -67,8 +67,8 @@ module Aws::S3
67
67
 
68
68
  # If the object is an archived object (an object whose storage class is
69
69
  # GLACIER), the response includes this header if either the archive
70
- # restoration is in progress (see RestoreObject or an archive copy is
71
- # already restored.
70
+ # restoration is in progress (see [RestoreObject][1] or an archive copy
71
+ # is already restored.
72
72
  #
73
73
  # If an archive copy is already restored, the header value indicates
74
74
  # when Amazon S3 is scheduled to delete the object copy. For example:
@@ -80,11 +80,12 @@ module Aws::S3
80
80
  # `ongoing-request="true"`.
81
81
  #
82
82
  # For more information about archiving objects, see [Transitioning
83
- # Objects: General Considerations][1].
83
+ # Objects: General Considerations][2].
84
84
  #
85
85
  #
86
86
  #
87
- # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations
87
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html
88
+ # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations
88
89
  # @return [String]
89
90
  def restore
90
91
  data[:restore]
@@ -544,6 +545,8 @@ module Aws::S3
544
545
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
545
546
  # object_lock_retain_until_date: Time.now,
546
547
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
548
+ # expected_bucket_owner: "AccountId",
549
+ # expected_source_bucket_owner: "AccountId",
547
550
  # })
548
551
  # @param [Hash] options ({})
549
552
  # @option options [String] :acl
@@ -561,8 +564,41 @@ module Aws::S3
561
564
  # @option options [String] :content_type
562
565
  # A standard MIME type describing the format of the object data.
563
566
  # @option options [required, String] :copy_source
564
- # The name of the source bucket and key name of the source object,
565
- # separated by a slash (/). Must be URL-encoded.
567
+ # Specifies the source object for the copy operation. You specify the
568
+ # value in one of two formats, depending on whether you want to access
569
+ # the source object through an [access point][1]\:
570
+ #
571
+ # * For objects not accessed through an access point, specify the name
572
+ # of the source bucket and the key of the source object, separated by
573
+ # a slash (/). For example, to copy the object `reports/january.pdf`
574
+ # from the bucket `awsexamplebucket`, use
575
+ # `awsexamplebucket/reports/january.pdf`. The value must be URL
576
+ # encoded.
577
+ #
578
+ # * For objects accessed through access points, specify the Amazon
579
+ # Resource Name (ARN) of the object as accessed through the access
580
+ # point, in the format
581
+ # `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`.
582
+ # For example, to copy the object `reports/january.pdf` through access
583
+ # point `my-access-point` owned by account `123456789012` in Region
584
+ # `us-west-2`, use the URL encoding of
585
+ # `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
586
+ # The value must be URL encoded.
587
+ #
588
+ # <note markdown="1"> Amazon S3 supports copy operations using access points only when the
589
+ # source and destination buckets are in the same AWS Region.
590
+ #
591
+ # </note>
592
+ #
593
+ # To copy a specific version of an object, append
594
+ # `?versionId=<version-id>` to the value (for example,
595
+ # `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
596
+ # If you don't specify a version ID, Amazon S3 copies the latest
597
+ # version of the source object.
598
+ #
599
+ #
600
+ #
601
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html
566
602
  # @option options [String] :copy_source_if_match
567
603
  # Copies the object if its entity tag (ETag) matches the specified tag.
568
604
  # @option options [Time,DateTime,Date,Integer,String] :copy_source_if_modified_since
@@ -609,7 +645,7 @@ module Aws::S3
609
645
  # encrypting data. This value is used to store the object and then it is
610
646
  # discarded; Amazon S3 does not store the encryption key. The key must
611
647
  # be appropriate for use with the algorithm specified in the
612
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
648
+ # `x-amz-server-side-encryption-customer-algorithm` header.
613
649
  # @option options [String] :sse_customer_key_md5
614
650
  # Specifies the 128-bit MD5 digest of the encryption key according to
615
651
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -661,6 +697,14 @@ module Aws::S3
661
697
  # expire.
662
698
  # @option options [String] :object_lock_legal_hold_status
663
699
  # Specifies whether you want to apply a Legal Hold to the copied object.
700
+ # @option options [String] :expected_bucket_owner
701
+ # The account id of the expected destination bucket owner. If the
702
+ # destination bucket is owned by a different account, the request will
703
+ # fail with an HTTP `403 (Access Denied)` error.
704
+ # @option options [String] :expected_source_bucket_owner
705
+ # The account id of the expected source bucket owner. If the source
706
+ # bucket is owned by a different account, the request will fail with an
707
+ # HTTP `403 (Access Denied)` error.
664
708
  # @return [Types::CopyObjectOutput]
665
709
  def copy_from(options = {})
666
710
  options = options.merge(
@@ -678,6 +722,7 @@ module Aws::S3
678
722
  # version_id: "ObjectVersionId",
679
723
  # request_payer: "requester", # accepts requester
680
724
  # bypass_governance_retention: false,
725
+ # expected_bucket_owner: "AccountId",
681
726
  # })
682
727
  # @param [Hash] options ({})
683
728
  # @option options [String] :mfa
@@ -700,6 +745,10 @@ module Aws::S3
700
745
  # @option options [Boolean] :bypass_governance_retention
701
746
  # Indicates whether S3 Object Lock should bypass Governance-mode
702
747
  # restrictions to process this operation.
748
+ # @option options [String] :expected_bucket_owner
749
+ # The account id of the expected bucket owner. If the bucket is owned by
750
+ # a different account, the request will fail with an HTTP `403 (Access
751
+ # Denied)` error.
703
752
  # @return [Types::DeleteObjectOutput]
704
753
  def delete(options = {})
705
754
  options = options.merge(
@@ -730,6 +779,7 @@ module Aws::S3
730
779
  # sse_customer_key_md5: "SSECustomerKeyMD5",
731
780
  # request_payer: "requester", # accepts requester
732
781
  # part_number: 1,
782
+ # expected_bucket_owner: "AccountId",
733
783
  # })
734
784
  # @param [Hash] options ({})
735
785
  # @option options [String] :if_match
@@ -779,7 +829,7 @@ module Aws::S3
779
829
  # encrypting data. This value is used to store the object and then it is
780
830
  # discarded; Amazon S3 does not store the encryption key. The key must
781
831
  # be appropriate for use with the algorithm specified in the
782
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
832
+ # `x-amz-server-side-encryption-customer-algorithm` header.
783
833
  # @option options [String] :sse_customer_key_md5
784
834
  # Specifies the 128-bit MD5 digest of the encryption key according to
785
835
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -799,6 +849,10 @@ module Aws::S3
799
849
  # between 1 and 10,000. Effectively performs a 'ranged' GET request
800
850
  # for the part specified. Useful for downloading just a part of an
801
851
  # object.
852
+ # @option options [String] :expected_bucket_owner
853
+ # The account id of the expected bucket owner. If the bucket is owned by
854
+ # a different account, the request will fail with an HTTP `403 (Access
855
+ # Denied)` error.
802
856
  # @return [Types::GetObjectOutput]
803
857
  def get(options = {}, &block)
804
858
  options = options.merge(
@@ -839,6 +893,7 @@ module Aws::S3
839
893
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
840
894
  # object_lock_retain_until_date: Time.now,
841
895
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
896
+ # expected_bucket_owner: "AccountId",
842
897
  # })
843
898
  # @param [Hash] options ({})
844
899
  # @option options [String] :acl
@@ -885,7 +940,7 @@ module Aws::S3
885
940
  # encrypting data. This value is used to store the object and then it is
886
941
  # discarded; Amazon S3 does not store the encryption key. The key must
887
942
  # be appropriate for use with the algorithm specified in the
888
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
943
+ # `x-amz-server-side-encryption-customer-algorithm` header.
889
944
  # @option options [String] :sse_customer_key_md5
890
945
  # Specifies the 128-bit MD5 digest of the encryption key according to
891
946
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -926,6 +981,10 @@ module Aws::S3
926
981
  # @option options [String] :object_lock_legal_hold_status
927
982
  # Specifies whether you want to apply a Legal Hold to the uploaded
928
983
  # object.
984
+ # @option options [String] :expected_bucket_owner
985
+ # The account id of the expected bucket owner. If the bucket is owned by
986
+ # a different account, the request will fail with an HTTP `403 (Access
987
+ # Denied)` error.
929
988
  # @return [MultipartUpload]
930
989
  def initiate_multipart_upload(options = {})
931
990
  options = options.merge(
@@ -974,6 +1033,7 @@ module Aws::S3
974
1033
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
975
1034
  # object_lock_retain_until_date: Time.now,
976
1035
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
1036
+ # expected_bucket_owner: "AccountId",
977
1037
  # })
978
1038
  # @param [Hash] options ({})
979
1039
  # @option options [String] :acl
@@ -1098,7 +1158,7 @@ module Aws::S3
1098
1158
  # encrypting data. This value is used to store the object and then it is
1099
1159
  # discarded; Amazon S3 does not store the encryption key. The key must
1100
1160
  # be appropriate for use with the algorithm specified in the
1101
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
1161
+ # `x-amz-server-side-encryption-customer-algorithm` header.
1102
1162
  # @option options [String] :sse_customer_key_md5
1103
1163
  # Specifies the 128-bit MD5 digest of the encryption key according to
1104
1164
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -1143,6 +1203,10 @@ module Aws::S3
1143
1203
  #
1144
1204
  #
1145
1205
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
1206
+ # @option options [String] :expected_bucket_owner
1207
+ # The account id of the expected bucket owner. If the bucket is owned by
1208
+ # a different account, the request will fail with an HTTP `403 (Access
1209
+ # Denied)` error.
1146
1210
  # @return [Types::PutObjectOutput]
1147
1211
  def put(options = {})
1148
1212
  options = options.merge(
@@ -1239,6 +1303,7 @@ module Aws::S3
1239
1303
  # },
1240
1304
  # },
1241
1305
  # request_payer: "requester", # accepts requester
1306
+ # expected_bucket_owner: "AccountId",
1242
1307
  # })
1243
1308
  # @param [Hash] options ({})
1244
1309
  # @option options [String] :version_id
@@ -1255,6 +1320,10 @@ module Aws::S3
1255
1320
  #
1256
1321
  #
1257
1322
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1323
+ # @option options [String] :expected_bucket_owner
1324
+ # The account id of the expected bucket owner. If the bucket is owned by
1325
+ # a different account, the request will fail with an HTTP `403 (Access
1326
+ # Denied)` error.
1258
1327
  # @return [Types::RestoreObjectOutput]
1259
1328
  def restore_object(options = {})
1260
1329
  options = options.merge(
@@ -1377,6 +1446,7 @@ module Aws::S3
1377
1446
  # mfa: "MFA",
1378
1447
  # request_payer: "requester", # accepts requester
1379
1448
  # bypass_governance_retention: false,
1449
+ # expected_bucket_owner: "AccountId",
1380
1450
  # })
1381
1451
  # @param options ({})
1382
1452
  # @option options [String] :mfa
@@ -1398,6 +1468,10 @@ module Aws::S3
1398
1468
  # Specifies whether you want to delete this object even if it has a
1399
1469
  # Governance-type Object Lock in place. You must have sufficient
1400
1470
  # permissions to perform this operation.
1471
+ # @option options [String] :expected_bucket_owner
1472
+ # The account id of the expected bucket owner. If the bucket is owned by
1473
+ # a different account, the request will fail with an HTTP `403 (Access
1474
+ # Denied)` error.
1401
1475
  # @return [void]
1402
1476
  def batch_delete!(options = {})
1403
1477
  batch_enum.each do |batch|
@@ -228,6 +228,7 @@ module Aws::S3
228
228
  # grant_write_acp: "GrantWriteACP",
229
229
  # request_payer: "requester", # accepts requester
230
230
  # version_id: "ObjectVersionId",
231
+ # expected_bucket_owner: "AccountId",
231
232
  # })
232
233
  # @param [Hash] options ({})
233
234
  # @option options [String] :acl
@@ -273,6 +274,10 @@ module Aws::S3
273
274
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
274
275
  # @option options [String] :version_id
275
276
  # VersionId used to reference a specific version of the object.
277
+ # @option options [String] :expected_bucket_owner
278
+ # The account id of the expected bucket owner. If the bucket is owned by
279
+ # a different account, the request will fail with an HTTP `403 (Access
280
+ # Denied)` error.
276
281
  # @return [Types::PutObjectAclOutput]
277
282
  def put(options = {})
278
283
  options = options.merge(
@@ -310,6 +310,8 @@ module Aws::S3
310
310
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
311
311
  # object_lock_retain_until_date: Time.now,
312
312
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
313
+ # expected_bucket_owner: "AccountId",
314
+ # expected_source_bucket_owner: "AccountId",
313
315
  # })
314
316
  # @param [Hash] options ({})
315
317
  # @option options [String] :acl
@@ -327,8 +329,41 @@ module Aws::S3
327
329
  # @option options [String] :content_type
328
330
  # A standard MIME type describing the format of the object data.
329
331
  # @option options [required, String] :copy_source
330
- # The name of the source bucket and key name of the source object,
331
- # separated by a slash (/). Must be URL-encoded.
332
+ # Specifies the source object for the copy operation. You specify the
333
+ # value in one of two formats, depending on whether you want to access
334
+ # the source object through an [access point][1]\:
335
+ #
336
+ # * For objects not accessed through an access point, specify the name
337
+ # of the source bucket and the key of the source object, separated by
338
+ # a slash (/). For example, to copy the object `reports/january.pdf`
339
+ # from the bucket `awsexamplebucket`, use
340
+ # `awsexamplebucket/reports/january.pdf`. The value must be URL
341
+ # encoded.
342
+ #
343
+ # * For objects accessed through access points, specify the Amazon
344
+ # Resource Name (ARN) of the object as accessed through the access
345
+ # point, in the format
346
+ # `arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>`.
347
+ # For example, to copy the object `reports/january.pdf` through access
348
+ # point `my-access-point` owned by account `123456789012` in Region
349
+ # `us-west-2`, use the URL encoding of
350
+ # `arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf`.
351
+ # The value must be URL encoded.
352
+ #
353
+ # <note markdown="1"> Amazon S3 supports copy operations using access points only when the
354
+ # source and destination buckets are in the same AWS Region.
355
+ #
356
+ # </note>
357
+ #
358
+ # To copy a specific version of an object, append
359
+ # `?versionId=<version-id>` to the value (for example,
360
+ # `awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893`).
361
+ # If you don't specify a version ID, Amazon S3 copies the latest
362
+ # version of the source object.
363
+ #
364
+ #
365
+ #
366
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html
332
367
  # @option options [String] :copy_source_if_match
333
368
  # Copies the object if its entity tag (ETag) matches the specified tag.
334
369
  # @option options [Time,DateTime,Date,Integer,String] :copy_source_if_modified_since
@@ -375,7 +410,7 @@ module Aws::S3
375
410
  # encrypting data. This value is used to store the object and then it is
376
411
  # discarded; Amazon S3 does not store the encryption key. The key must
377
412
  # be appropriate for use with the algorithm specified in the
378
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
413
+ # `x-amz-server-side-encryption-customer-algorithm` header.
379
414
  # @option options [String] :sse_customer_key_md5
380
415
  # Specifies the 128-bit MD5 digest of the encryption key according to
381
416
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -427,6 +462,14 @@ module Aws::S3
427
462
  # expire.
428
463
  # @option options [String] :object_lock_legal_hold_status
429
464
  # Specifies whether you want to apply a Legal Hold to the copied object.
465
+ # @option options [String] :expected_bucket_owner
466
+ # The account id of the expected destination bucket owner. If the
467
+ # destination bucket is owned by a different account, the request will
468
+ # fail with an HTTP `403 (Access Denied)` error.
469
+ # @option options [String] :expected_source_bucket_owner
470
+ # The account id of the expected source bucket owner. If the source
471
+ # bucket is owned by a different account, the request will fail with an
472
+ # HTTP `403 (Access Denied)` error.
430
473
  # @return [Types::CopyObjectOutput]
431
474
  def copy_from(options = {})
432
475
  options = options.merge(
@@ -444,6 +487,7 @@ module Aws::S3
444
487
  # version_id: "ObjectVersionId",
445
488
  # request_payer: "requester", # accepts requester
446
489
  # bypass_governance_retention: false,
490
+ # expected_bucket_owner: "AccountId",
447
491
  # })
448
492
  # @param [Hash] options ({})
449
493
  # @option options [String] :mfa
@@ -466,6 +510,10 @@ module Aws::S3
466
510
  # @option options [Boolean] :bypass_governance_retention
467
511
  # Indicates whether S3 Object Lock should bypass Governance-mode
468
512
  # restrictions to process this operation.
513
+ # @option options [String] :expected_bucket_owner
514
+ # The account id of the expected bucket owner. If the bucket is owned by
515
+ # a different account, the request will fail with an HTTP `403 (Access
516
+ # Denied)` error.
469
517
  # @return [Types::DeleteObjectOutput]
470
518
  def delete(options = {})
471
519
  options = options.merge(
@@ -496,6 +544,7 @@ module Aws::S3
496
544
  # sse_customer_key_md5: "SSECustomerKeyMD5",
497
545
  # request_payer: "requester", # accepts requester
498
546
  # part_number: 1,
547
+ # expected_bucket_owner: "AccountId",
499
548
  # })
500
549
  # @param [Hash] options ({})
501
550
  # @option options [String] :if_match
@@ -545,7 +594,7 @@ module Aws::S3
545
594
  # encrypting data. This value is used to store the object and then it is
546
595
  # discarded; Amazon S3 does not store the encryption key. The key must
547
596
  # be appropriate for use with the algorithm specified in the
548
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
597
+ # `x-amz-server-side-encryption-customer-algorithm` header.
549
598
  # @option options [String] :sse_customer_key_md5
550
599
  # Specifies the 128-bit MD5 digest of the encryption key according to
551
600
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -565,6 +614,10 @@ module Aws::S3
565
614
  # between 1 and 10,000. Effectively performs a 'ranged' GET request
566
615
  # for the part specified. Useful for downloading just a part of an
567
616
  # object.
617
+ # @option options [String] :expected_bucket_owner
618
+ # The account id of the expected bucket owner. If the bucket is owned by
619
+ # a different account, the request will fail with an HTTP `403 (Access
620
+ # Denied)` error.
568
621
  # @return [Types::GetObjectOutput]
569
622
  def get(options = {}, &block)
570
623
  options = options.merge(
@@ -605,6 +658,7 @@ module Aws::S3
605
658
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
606
659
  # object_lock_retain_until_date: Time.now,
607
660
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
661
+ # expected_bucket_owner: "AccountId",
608
662
  # })
609
663
  # @param [Hash] options ({})
610
664
  # @option options [String] :acl
@@ -651,7 +705,7 @@ module Aws::S3
651
705
  # encrypting data. This value is used to store the object and then it is
652
706
  # discarded; Amazon S3 does not store the encryption key. The key must
653
707
  # be appropriate for use with the algorithm specified in the
654
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
708
+ # `x-amz-server-side-encryption-customer-algorithm` header.
655
709
  # @option options [String] :sse_customer_key_md5
656
710
  # Specifies the 128-bit MD5 digest of the encryption key according to
657
711
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -692,6 +746,10 @@ module Aws::S3
692
746
  # @option options [String] :object_lock_legal_hold_status
693
747
  # Specifies whether you want to apply a Legal Hold to the uploaded
694
748
  # object.
749
+ # @option options [String] :expected_bucket_owner
750
+ # The account id of the expected bucket owner. If the bucket is owned by
751
+ # a different account, the request will fail with an HTTP `403 (Access
752
+ # Denied)` error.
695
753
  # @return [MultipartUpload]
696
754
  def initiate_multipart_upload(options = {})
697
755
  options = options.merge(
@@ -740,6 +798,7 @@ module Aws::S3
740
798
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
741
799
  # object_lock_retain_until_date: Time.now,
742
800
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
801
+ # expected_bucket_owner: "AccountId",
743
802
  # })
744
803
  # @param [Hash] options ({})
745
804
  # @option options [String] :acl
@@ -864,7 +923,7 @@ module Aws::S3
864
923
  # encrypting data. This value is used to store the object and then it is
865
924
  # discarded; Amazon S3 does not store the encryption key. The key must
866
925
  # be appropriate for use with the algorithm specified in the
867
- # `x-amz-server-side​-encryption​-customer-algorithm` header.
926
+ # `x-amz-server-side-encryption-customer-algorithm` header.
868
927
  # @option options [String] :sse_customer_key_md5
869
928
  # Specifies the 128-bit MD5 digest of the encryption key according to
870
929
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -909,6 +968,10 @@ module Aws::S3
909
968
  #
910
969
  #
911
970
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
971
+ # @option options [String] :expected_bucket_owner
972
+ # The account id of the expected bucket owner. If the bucket is owned by
973
+ # a different account, the request will fail with an HTTP `403 (Access
974
+ # Denied)` error.
912
975
  # @return [Types::PutObjectOutput]
913
976
  def put(options = {})
914
977
  options = options.merge(
@@ -1005,6 +1068,7 @@ module Aws::S3
1005
1068
  # },
1006
1069
  # },
1007
1070
  # request_payer: "requester", # accepts requester
1071
+ # expected_bucket_owner: "AccountId",
1008
1072
  # })
1009
1073
  # @param [Hash] options ({})
1010
1074
  # @option options [String] :version_id
@@ -1021,6 +1085,10 @@ module Aws::S3
1021
1085
  #
1022
1086
  #
1023
1087
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1088
+ # @option options [String] :expected_bucket_owner
1089
+ # The account id of the expected bucket owner. If the bucket is owned by
1090
+ # a different account, the request will fail with an HTTP `403 (Access
1091
+ # Denied)` error.
1024
1092
  # @return [Types::RestoreObjectOutput]
1025
1093
  def restore_object(options = {})
1026
1094
  options = options.merge(
@@ -1152,6 +1220,7 @@ module Aws::S3
1152
1220
  # mfa: "MFA",
1153
1221
  # request_payer: "requester", # accepts requester
1154
1222
  # bypass_governance_retention: false,
1223
+ # expected_bucket_owner: "AccountId",
1155
1224
  # })
1156
1225
  # @param options ({})
1157
1226
  # @option options [String] :mfa
@@ -1173,6 +1242,10 @@ module Aws::S3
1173
1242
  # Specifies whether you want to delete this object even if it has a
1174
1243
  # Governance-type Object Lock in place. You must have sufficient
1175
1244
  # permissions to perform this operation.
1245
+ # @option options [String] :expected_bucket_owner
1246
+ # The account id of the expected bucket owner. If the bucket is owned by
1247
+ # a different account, the request will fail with an HTTP `403 (Access
1248
+ # Denied)` error.
1176
1249
  # @return [void]
1177
1250
  def batch_delete!(options = {})
1178
1251
  batch_enum.each do |batch|