aws-sdk-s3 1.79.1 → 1.83.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: da602f15baa7e2102b675dc8b13aae19954e04df5be6120a09b634a69b195043
-  data.tar.gz: 8667cc19707dc6da21e9483904c9f652b9e665ae82f86599a54a52a29e3a1e40
+  metadata.gz: 27e8142d94b3b51ad2725ffab43afcc4bbd80562eb8370ae34dd5833001e850f
+  data.tar.gz: a8ca9825f4ec5e42f6c126d41e3073c618525082a0e07196073d4bd68bc5c0de
 SHA512:
-  metadata.gz: 0a7baa7b2490bd556dc00d6a08218fd071f688d9a7b870e43b8dd73dd930677df899d2cc24e642f48bbb2e8f9f3fca0866613905777bf41b2a7b0373c2724a88
-  data.tar.gz: ecc4134f3f59c49f7f195029639e236022a6702af191074da6a7cbede7f406db0d465fb364e87a314ea51675af85e75d585985aac0720a8e6e596e915af4aaa8
+  metadata.gz: 6ede8e603a7ae101eb9e3eaec06dddb179654f73ce1df05a7eeee4629a2a48c0feef529b6a0a6cf35508c2666e02df6414b215c7631c07cd83303aaf8e16b127
+  data.tar.gz: 05fa2eb62aa82394adf13d2262faf9a29c685ca001316e8001b6c760e534a1e736c4663564ef2f75f074abea8cd5f4956e6063569ce7200d062afd2684a03f82

data/lib/aws-sdk-s3.rb

@@ -7,6 +7,7 @@
 #
 # WARNING ABOUT GENERATED CODE
 
+
 require 'aws-sdk-kms'
 require 'aws-sigv4'
 require 'aws-sdk-core'
@@ -68,6 +69,6 @@ require_relative 'aws-sdk-s3/event_streams'
 # @!group service
 module Aws::S3
 
-  GEM_VERSION = '1.79.1'
+  GEM_VERSION = '1.83.0'
 
 end

data/lib/aws-sdk-s3/arn/access_point_arn.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module Aws
+  module S3
+    # @api private
+    class AccessPointARN < Aws::ARN
+      def initialize(options)
+        super(options)
+        @type, @access_point_name, @extra = @resource.split(/[:,\/]/)
+      end
+
+      attr_reader :access_point_name
+
+      def support_dualstack?
+        true
+      end
+
+      def support_fips?
+        true
+      end
+
+      def validate_arn!
+        unless @service == 's3'
+          raise ArgumentError, 'Must provide a valid S3 accesspoint ARN.'
+        end
+
+        if @region.empty? || @account_id.empty?
+          raise ArgumentError,
+                'S3 accesspoint ARNs must contain both a region '\
+                'and an account id.'
+        end
+
+        if @type != 'accesspoint'
+          raise ArgumentError, 'Invalid ARN, resource format is not correct'
+        end
+
+        if @access_point_name.nil? || @access_point_name.empty?
+          raise ArgumentError, 'Missing ARN accesspoint name.'
+        end
+
+        if @extra
+          raise ArgumentError,
+                'ARN accesspoint resource must be a single value.'
+        end
+
+        unless Seahorse::Util.host_label?(
+          "#{@access_point_name}-#{@account_id}"
+        )
+          raise ArgumentError,
+                "#{@access_point_name}-#{@account_id} is not a valid "\
+                'host label.'
+        end
+      end
+
+      def host_url(region, dualstack = false)
+        sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(region)
+        "#{@access_point_name}-#{@account_id}"\
+        ".s3-accesspoint#{'.dualstack' if dualstack}.#{region}.#{sfx}"
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module Aws
+  module S3
+    # @api private
+    class OutpostAccessPointARN < Aws::ARN
+      def initialize(options)
+        super(options)
+        @type, @outpost_id, @subtype, @access_point_name, @extra =
+          @resource.split(/[:,\/]/)
+      end
+
+      attr_reader :outpost_id, :access_point_name
+
+      def support_dualstack?
+        false
+      end
+
+      def support_fips?
+        false
+      end
+
+      def validate_arn!
+        unless @service == 's3-outposts'
+          raise ArgumentError, 'Must provide a valid S3 outposts ARN.'
+        end
+
+        if @region.empty? || @account_id.empty?
+          raise ArgumentError,
+                'S3 accesspoint ARNs must contain both a region '\
+                'and an account id.'
+        end
+
+        if @type != 'outpost' && @subtype != 'accesspoint'
+          raise ArgumentError, 'Invalid ARN, resource format is not correct'
+        end
+
+        if @outpost_id.nil? || @outpost_id.empty?
+          raise ArgumentError, 'Missing ARN outpost id.'
+        end
+
+        if @access_point_name.nil? || @access_point_name.empty?
+          raise ArgumentError, 'Missing ARN accesspoint name.'
+        end
+
+        if @extra
+          raise ArgumentError,
+                'ARN accesspoint resource must be a single value.'
+        end
+
+        unless Seahorse::Util.host_label?(
+          "#{@access_point_name}-#{@account_id}"
+        )
+          raise ArgumentError,
+                "#{@access_point_name}-#{@account_id} is not a valid "\
+                'host label.'
+        end
+
+        unless Seahorse::Util.host_label?(@outpost_id)
+          raise ArgumentError, "#{@outpost_id} is not a valid host label."
+        end
+      end
+
+      # Outpost ARNs currently do not support dualstack
+      def host_url(region, _dualstack = false)
+        "#{@access_point_name}-#{@account_id}.#{@outpost_id}"\
+        ".s3-outposts.#{region}.amazonaws.com"
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/bucket.rb

@@ -260,8 +260,14 @@ module Aws::S3
 
     # @example Request syntax with placeholder values
     #
-    #   bucket.delete()
+    #   bucket.delete({
+    #     expected_bucket_owner: "AccountId",
+    #   })
     # @param [Hash] options ({})
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def delete(options = {})
       options = options.merge(bucket: @name)
@@ -284,6 +290,7 @@ module Aws::S3
     #     mfa: "MFA",
     #     request_payer: "requester", # accepts requester
     #     bypass_governance_retention: false,
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [required, Types::Delete] :delete
@@ -307,6 +314,10 @@ module Aws::S3
     #   Specifies whether you want to delete this object even if it has a
     #   Governance-type Object Lock in place. You must have sufficient
     #   permissions to perform this operation.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [Types::DeleteObjectsOutput]
     def delete_objects(options = {})
       options = options.merge(bucket: @name)
@@ -336,7 +347,7 @@ module Aws::S3
     #       "MetadataKey" => "MetadataValue",
     #     },
     #     server_side_encryption: "AES256", # accepts AES256, aws:kms
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -348,12 +359,15 @@ module Aws::S3
     #     object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
     #     object_lock_retain_until_date: Time.now,
     #     object_lock_legal_hold_status: "ON", # accepts ON, OFF
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :acl
     #   The canned ACL to apply to the object. For more information, see
     #   [Canned ACL][1].
     #
+    #   This action is not supported by Amazon S3 on Outposts.
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
@@ -425,12 +439,20 @@ module Aws::S3
     # @option options [String] :grant_full_control
     #   Gives the grantee READ, READ\_ACP, and WRITE\_ACP permissions on the
     #   object.
+    #
+    #   This action is not supported by Amazon S3 on Outposts.
     # @option options [String] :grant_read
     #   Allows grantee to read the object data and its metadata.
+    #
+    #   This action is not supported by Amazon S3 on Outposts.
     # @option options [String] :grant_read_acp
     #   Allows grantee to read the object ACL.
+    #
+    #   This action is not supported by Amazon S3 on Outposts.
     # @option options [String] :grant_write_acp
     #   Allows grantee to write the ACL for the applicable object.
+    #
+    #   This action is not supported by Amazon S3 on Outposts.
     # @option options [required, String] :key
     #   Object key for which the PUT operation was initiated.
     # @option options [Hash<String,String>] :metadata
@@ -439,8 +461,16 @@ module Aws::S3
     #   The server-side encryption algorithm used when storing this object in
     #   Amazon S3 (for example, AES256, aws:kms).
     # @option options [String] :storage_class
-    #   If you don't specify, S3 Standard is the default storage class.
-    #   Amazon S3 supports other storage classes.
+    #   By default, Amazon S3 uses the STANDARD Storage Class to store newly
+    #   created objects. The STANDARD storage class provides high durability
+    #   and high availability. Depending on performance needs, you can specify
+    #   a different Storage Class. Amazon S3 on Outposts only uses the
+    #   OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
+    #   in the *Amazon S3 Service Developer Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
     # @option options [String] :website_redirect_location
     #   If the bucket is configured as a website, redirects requests for this
     #   object to another object in the same bucket or to an external URL.
@@ -474,7 +504,7 @@ module Aws::S3
     #   encrypting data. This value is used to store the object and then it is
     #   discarded; Amazon S3 does not store the encryption key. The key must
     #   be appropriate for use with the algorithm specified in the
-    #   `x-amz-server-side​-encryption​-customer-algorithm` header.
+    #   `x-amz-server-side-encryption-customer-algorithm` header.
     # @option options [String] :sse_customer_key_md5
     #   Specifies the 128-bit MD5 digest of the encryption key according to
     #   RFC 1321. Amazon S3 uses this header for a message integrity check to
@@ -519,6 +549,10 @@ module Aws::S3
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [Object]
     def put_object(options = {})
       options = options.merge(bucket: @name)
@@ -580,6 +614,7 @@ module Aws::S3
     #     key_marker: "KeyMarker",
     #     prefix: "Prefix",
     #     upload_id_marker: "UploadIdMarker",
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :delimiter
@@ -622,6 +657,10 @@ module Aws::S3
     #   uploads for a key equal to the key-marker might be included in the
     #   list only if they have an upload ID lexicographically greater than the
     #   specified `upload-id-marker`.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [MultipartUpload::Collection]
     def multipart_uploads(options = {})
       batches = Enumerator.new do |y|
@@ -670,6 +709,7 @@ module Aws::S3
     #     key_marker: "KeyMarker",
     #     prefix: "Prefix",
     #     version_id_marker: "VersionIdMarker",
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :delimiter
@@ -697,6 +737,10 @@ module Aws::S3
     #   result under CommonPrefixes.
     # @option options [String] :version_id_marker
     #   Specifies the object version you want to start listing from.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [ObjectVersion::Collection]
     def object_versions(options = {})
       batches = Enumerator.new do |y|
@@ -728,6 +772,7 @@ module Aws::S3
     #     fetch_owner: false,
     #     start_after: "StartAfter",
     #     request_payer: "requester", # accepts requester
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :delimiter
@@ -748,6 +793,10 @@ module Aws::S3
     #   Confirms that the requester knows that she or he will be charged for
     #   the list objects request in V2 style. Bucket owners need not specify
     #   this parameter in their requests.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [ObjectSummary::Collection]
     def objects(options = {})
       batches = Enumerator.new do |y|

data/lib/aws-sdk-s3/bucket_acl.rb

@@ -208,6 +208,7 @@ module Aws::S3
     #     grant_read_acp: "GrantReadACP",
     #     grant_write: "GrantWrite",
     #     grant_write_acp: "GrantWriteACP",
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :acl
@@ -235,6 +236,10 @@ module Aws::S3
     #   bucket.
     # @option options [String] :grant_write_acp
     #   Allows grantee to write the ACL for the applicable bucket.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def put(options = {})
       options = options.merge(bucket: @bucket_name)

data/lib/aws-sdk-s3/bucket_cors.rb

@@ -177,8 +177,14 @@ module Aws::S3
 
     # @example Request syntax with placeholder values
     #
-    #   bucket_cors.delete()
+    #   bucket_cors.delete({
+    #     expected_bucket_owner: "AccountId",
+    #   })
     # @param [Hash] options ({})
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def delete(options = {})
       options = options.merge(bucket: @bucket_name)
@@ -201,6 +207,7 @@ module Aws::S3
     #       ],
     #     },
     #     content_md5: "ContentMD5",
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [required, Types::CORSConfiguration] :cors_configuration
@@ -220,6 +227,10 @@ module Aws::S3
     #
     #
     #   [1]: http://www.ietf.org/rfc/rfc1864.txt
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def put(options = {})
       options = options.merge(bucket: @bucket_name)

data/lib/aws-sdk-s3/bucket_lifecycle.rb

@@ -176,8 +176,14 @@ module Aws::S3
 
     # @example Request syntax with placeholder values
     #
-    #   bucket_lifecycle.delete()
+    #   bucket_lifecycle.delete({
+    #     expected_bucket_owner: "AccountId",
+    #   })
     # @param [Hash] options ({})
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def delete(options = {})
       options = options.merge(bucket: @bucket_name)
@@ -218,10 +224,15 @@ module Aws::S3
     #         },
     #       ],
     #     },
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [String] :content_md5
     # @option options [Types::LifecycleConfiguration] :lifecycle_configuration
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def put(options = {})
       options = options.merge(bucket: @bucket_name)

data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb

@@ -176,8 +176,14 @@ module Aws::S3
 
     # @example Request syntax with placeholder values
     #
-    #   bucket_lifecycle_configuration.delete()
+    #   bucket_lifecycle_configuration.delete({
+    #     expected_bucket_owner: "AccountId",
+    #   })
     # @param [Hash] options ({})
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def delete(options = {})
       options = options.merge(bucket: @bucket_name)
@@ -237,10 +243,15 @@ module Aws::S3
     #         },
     #       ],
     #     },
+    #     expected_bucket_owner: "AccountId",
     #   })
     # @param [Hash] options ({})
     # @option options [Types::BucketLifecycleConfiguration] :lifecycle_configuration
     #   Container for lifecycle rules. You can add as many as 1,000 rules.
+    # @option options [String] :expected_bucket_owner
+    #   The account id of the expected bucket owner. If the bucket is owned by
+    #   a different account, the request will fail with an HTTP `403 (Access
+    #   Denied)` error.
     # @return [EmptyStructure]
     def put(options = {})
       options = options.merge(bucket: @bucket_name)