aws-sdk-s3 1.84.1 → 1.117.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +930 -0
  3. data/LICENSE.txt +202 -0
  4. data/VERSION +1 -0
  5. data/lib/aws-sdk-s3/bucket.rb +154 -46
  6. data/lib/aws-sdk-s3/bucket_acl.rb +28 -6
  7. data/lib/aws-sdk-s3/bucket_cors.rb +29 -9
  8. data/lib/aws-sdk-s3/bucket_lifecycle.rb +30 -9
  9. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +31 -9
  10. data/lib/aws-sdk-s3/bucket_logging.rb +25 -6
  11. data/lib/aws-sdk-s3/bucket_notification.rb +21 -9
  12. data/lib/aws-sdk-s3/bucket_policy.rb +27 -7
  13. data/lib/aws-sdk-s3/bucket_request_payment.rb +27 -8
  14. data/lib/aws-sdk-s3/bucket_tagging.rb +27 -7
  15. data/lib/aws-sdk-s3/bucket_versioning.rb +70 -10
  16. data/lib/aws-sdk-s3/bucket_website.rb +27 -7
  17. data/lib/aws-sdk-s3/client.rb +3747 -1848
  18. data/lib/aws-sdk-s3/client_api.rb +677 -227
  19. data/lib/aws-sdk-s3/customizations/bucket.rb +28 -49
  20. data/lib/aws-sdk-s3/customizations/object.rb +116 -18
  21. data/lib/aws-sdk-s3/encryption/client.rb +1 -1
  22. data/lib/aws-sdk-s3/encryption/decrypt_handler.rb +0 -4
  23. data/lib/aws-sdk-s3/encryptionV2/client.rb +1 -1
  24. data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +0 -4
  25. data/lib/aws-sdk-s3/encryptionV2/default_cipher_provider.rb +3 -3
  26. data/lib/aws-sdk-s3/encryptionV2/encrypt_handler.rb +0 -4
  27. data/lib/aws-sdk-s3/endpoint_parameters.rb +142 -0
  28. data/lib/aws-sdk-s3/endpoint_provider.rb +2020 -0
  29. data/lib/aws-sdk-s3/endpoints.rb +2149 -0
  30. data/lib/aws-sdk-s3/errors.rb +1 -1
  31. data/lib/aws-sdk-s3/event_streams.rb +1 -1
  32. data/lib/aws-sdk-s3/file_downloader.rb +7 -2
  33. data/lib/aws-sdk-s3/file_uploader.rb +8 -3
  34. data/lib/aws-sdk-s3/legacy_signer.rb +15 -25
  35. data/lib/aws-sdk-s3/multipart_file_uploader.rb +26 -7
  36. data/lib/aws-sdk-s3/multipart_stream_uploader.rb +36 -10
  37. data/lib/aws-sdk-s3/multipart_upload.rb +133 -19
  38. data/lib/aws-sdk-s3/multipart_upload_part.rb +141 -21
  39. data/lib/aws-sdk-s3/object.rb +430 -126
  40. data/lib/aws-sdk-s3/object_acl.rb +31 -9
  41. data/lib/aws-sdk-s3/object_summary.rb +265 -110
  42. data/lib/aws-sdk-s3/object_version.rb +80 -53
  43. data/lib/aws-sdk-s3/plugins/accelerate.rb +1 -39
  44. data/lib/aws-sdk-s3/plugins/arn.rb +25 -142
  45. data/lib/aws-sdk-s3/plugins/bucket_dns.rb +3 -39
  46. data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +1 -6
  47. data/lib/aws-sdk-s3/plugins/dualstack.rb +2 -49
  48. data/lib/aws-sdk-s3/plugins/endpoints.rb +262 -0
  49. data/lib/aws-sdk-s3/plugins/expect_100_continue.rb +3 -1
  50. data/lib/aws-sdk-s3/plugins/get_bucket_location_fix.rb +1 -1
  51. data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +8 -31
  52. data/lib/aws-sdk-s3/plugins/md5s.rb +5 -3
  53. data/lib/aws-sdk-s3/plugins/s3_signer.rb +33 -102
  54. data/lib/aws-sdk-s3/plugins/skip_whole_multipart_get_checksums.rb +31 -0
  55. data/lib/aws-sdk-s3/plugins/streaming_retry.rb +23 -2
  56. data/lib/aws-sdk-s3/presigned_post.rb +47 -35
  57. data/lib/aws-sdk-s3/presigner.rb +39 -49
  58. data/lib/aws-sdk-s3/resource.rb +24 -4
  59. data/lib/aws-sdk-s3/types.rb +3785 -4735
  60. data/lib/aws-sdk-s3/waiters.rb +1 -1
  61. data/lib/aws-sdk-s3.rb +6 -2
  62. metadata +19 -14
  63. data/lib/aws-sdk-s3/arn/access_point_arn.rb +0 -62
  64. data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +0 -71
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -42,7 +42,7 @@ module Aws::S3
42
42
  @key
43
43
  end
44
44
 
45
- # The date the Object was Last Modified
45
+ # Creation date of the object.
46
46
  # @return [Time]
47
47
  def last_modified
48
48
  data[:last_modified]
@@ -55,22 +55,31 @@ module Aws::S3
55
55
  # below:
56
56
  #
57
57
  # * Objects created by the PUT Object, POST Object, or Copy operation,
58
- # or through the AWS Management Console, and are encrypted by SSE-S3
59
- # or plaintext, have ETags that are an MD5 digest of their object
60
- # data.
58
+ # or through the Amazon Web Services Management Console, and are
59
+ # encrypted by SSE-S3 or plaintext, have ETags that are an MD5 digest
60
+ # of their object data.
61
61
  #
62
62
  # * Objects created by the PUT Object, POST Object, or Copy operation,
63
- # or through the AWS Management Console, and are encrypted by SSE-C or
64
- # SSE-KMS, have ETags that are not an MD5 digest of their object data.
63
+ # or through the Amazon Web Services Management Console, and are
64
+ # encrypted by SSE-C or SSE-KMS, have ETags that are not an MD5 digest
65
+ # of their object data.
65
66
  #
66
67
  # * If an object is created by either the Multipart Upload or Part Copy
67
68
  # operation, the ETag is not an MD5 digest, regardless of the method
68
- # of encryption.
69
+ # of encryption. If an object is larger than 16 MB, the Amazon Web
70
+ # Services Management Console will upload or copy that object as a
71
+ # Multipart Upload, and therefore the ETag will not be an MD5 digest.
69
72
  # @return [String]
70
73
  def etag
71
74
  data[:etag]
72
75
  end
73
76
 
77
+ # The algorithm that was used to create a checksum of the object.
78
+ # @return [Array<String>]
79
+ def checksum_algorithm
80
+ data[:checksum_algorithm]
81
+ end
82
+
74
83
  # Size in bytes of the object
75
84
  # @return [Integer]
76
85
  def size
@@ -275,6 +284,7 @@ module Aws::S3
275
284
  # object_summary.copy_from({
276
285
  # acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
277
286
  # cache_control: "CacheControl",
287
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
278
288
  # content_disposition: "ContentDisposition",
279
289
  # content_encoding: "ContentEncoding",
280
290
  # content_language: "ContentLanguage",
@@ -295,13 +305,14 @@ module Aws::S3
295
305
  # metadata_directive: "COPY", # accepts COPY, REPLACE
296
306
  # tagging_directive: "COPY", # accepts COPY, REPLACE
297
307
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
298
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
308
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
299
309
  # website_redirect_location: "WebsiteRedirectLocation",
300
310
  # sse_customer_algorithm: "SSECustomerAlgorithm",
301
311
  # sse_customer_key: "SSECustomerKey",
302
312
  # sse_customer_key_md5: "SSECustomerKeyMD5",
303
313
  # ssekms_key_id: "SSEKMSKeyId",
304
314
  # ssekms_encryption_context: "SSEKMSEncryptionContext",
315
+ # bucket_key_enabled: false,
305
316
  # copy_source_sse_customer_algorithm: "CopySourceSSECustomerAlgorithm",
306
317
  # copy_source_sse_customer_key: "CopySourceSSECustomerKey",
307
318
  # copy_source_sse_customer_key_md5: "CopySourceSSECustomerKeyMD5",
@@ -320,6 +331,14 @@ module Aws::S3
320
331
  # This action is not supported by Amazon S3 on Outposts.
321
332
  # @option options [String] :cache_control
322
333
  # Specifies caching behavior along the request/reply chain.
334
+ # @option options [String] :checksum_algorithm
335
+ # Indicates the algorithm you want Amazon S3 to use to create the
336
+ # checksum for the object. For more information, see [Checking object
337
+ # integrity][1] in the *Amazon S3 User Guide*.
338
+ #
339
+ #
340
+ #
341
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
323
342
  # @option options [String] :content_disposition
324
343
  # Specifies presentational information for the object.
325
344
  # @option options [String] :content_encoding
@@ -339,8 +358,8 @@ module Aws::S3
339
358
  # of the source bucket and the key of the source object, separated by
340
359
  # a slash (/). For example, to copy the object `reports/january.pdf`
341
360
  # from the bucket `awsexamplebucket`, use
342
- # `awsexamplebucket/reports/january.pdf`. The value must be URL
343
- # encoded.
361
+ # `awsexamplebucket/reports/january.pdf`. The value must be
362
+ # URL-encoded.
344
363
  #
345
364
  # * For objects accessed through access points, specify the Amazon
346
365
  # Resource Name (ARN) of the object as accessed through the access
@@ -353,7 +372,8 @@ module Aws::S3
353
372
  # The value must be URL encoded.
354
373
  #
355
374
  # <note markdown="1"> Amazon S3 supports copy operations using access points only when the
356
- # source and destination buckets are in the same AWS Region.
375
+ # source and destination buckets are in the same Amazon Web Services
376
+ # Region.
357
377
  #
358
378
  # </note>
359
379
  #
@@ -364,7 +384,7 @@ module Aws::S3
364
384
  # outpost `my-outpost` owned by account `123456789012` in Region
365
385
  # `us-west-2`, use the URL encoding of
366
386
  # `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`.
367
- # The value must be URL encoded.
387
+ # The value must be URL-encoded.
368
388
  #
369
389
  # To copy a specific version of an object, append
370
390
  # `?versionId=<version-id>` to the value (for example,
@@ -374,7 +394,7 @@ module Aws::S3
374
394
  #
375
395
  #
376
396
  #
377
- # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html
397
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html
378
398
  # @option options [String] :copy_source_if_match
379
399
  # Copies the object if its entity tag (ETag) matches the specified tag.
380
400
  # @option options [Time,DateTime,Date,Integer,String] :copy_source_if_modified_since
@@ -421,7 +441,7 @@ module Aws::S3
421
441
  # and high availability. Depending on performance needs, you can specify
422
442
  # a different Storage Class. Amazon S3 on Outposts only uses the
423
443
  # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
424
- # in the *Amazon S3 Service Developer Guide*.
444
+ # in the *Amazon S3 User Guide*.
425
445
  #
426
446
  #
427
447
  #
@@ -444,20 +464,29 @@ module Aws::S3
444
464
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
445
465
  # ensure that the encryption key was transmitted without error.
446
466
  # @option options [String] :ssekms_key_id
447
- # Specifies the AWS KMS key ID to use for object encryption. All GET and
448
- # PUT requests for an object protected by AWS KMS will fail if not made
449
- # via SSL or using SigV4. For information about configuring using any of
450
- # the officially supported AWS SDKs and AWS CLI, see [Specifying the
451
- # Signature Version in Request Authentication][1] in the *Amazon S3
452
- # Developer Guide*.
467
+ # Specifies the Amazon Web Services KMS key ID to use for object
468
+ # encryption. All GET and PUT requests for an object protected by Amazon
469
+ # Web Services KMS will fail if not made via SSL or using SigV4. For
470
+ # information about configuring using any of the officially supported
471
+ # Amazon Web Services SDKs and Amazon Web Services CLI, see [Specifying
472
+ # the Signature Version in Request Authentication][1] in the *Amazon S3
473
+ # User Guide*.
453
474
  #
454
475
  #
455
476
  #
456
477
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
457
478
  # @option options [String] :ssekms_encryption_context
458
- # Specifies the AWS KMS Encryption Context to use for object encryption.
459
- # The value of this header is a base64-encoded UTF-8 string holding JSON
460
- # with the encryption context key-value pairs.
479
+ # Specifies the Amazon Web Services KMS Encryption Context to use for
480
+ # object encryption. The value of this header is a base64-encoded UTF-8
481
+ # string holding JSON with the encryption context key-value pairs.
482
+ # @option options [Boolean] :bucket_key_enabled
483
+ # Specifies whether Amazon S3 should use an S3 Bucket Key for object
484
+ # encryption with server-side encryption using AWS KMS (SSE-KMS).
485
+ # Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
486
+ # for object encryption with SSE-KMS.
487
+ #
488
+ # Specifying this header with a COPY action doesn’t affect bucket-level
489
+ # settings for S3 Bucket Key.
461
490
  # @option options [String] :copy_source_sse_customer_algorithm
462
491
  # Specifies the algorithm to use when decrypting the source object (for
463
492
  # example, AES256).
@@ -472,9 +501,9 @@ module Aws::S3
472
501
  # @option options [String] :request_payer
473
502
  # Confirms that the requester knows that they will be charged for the
474
503
  # request. Bucket owners need not specify this parameter in their
475
- # requests. For information about downloading objects from requester
476
- # pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
477
- # in the *Amazon S3 Developer Guide*.
504
+ # requests. For information about downloading objects from Requester
505
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
506
+ # in the *Amazon S3 User Guide*.
478
507
  #
479
508
  #
480
509
  #
@@ -489,15 +518,15 @@ module Aws::S3
489
518
  # The date and time when you want the copied object's Object Lock to
490
519
  # expire.
491
520
  # @option options [String] :object_lock_legal_hold_status
492
- # Specifies whether you want to apply a Legal Hold to the copied object.
521
+ # Specifies whether you want to apply a legal hold to the copied object.
493
522
  # @option options [String] :expected_bucket_owner
494
- # The account id of the expected destination bucket owner. If the
495
- # destination bucket is owned by a different account, the request will
496
- # fail with an HTTP `403 (Access Denied)` error.
523
+ # The account ID of the expected destination bucket owner. If the
524
+ # destination bucket is owned by a different account, the request fails
525
+ # with the HTTP status code `403 Forbidden` (access denied).
497
526
  # @option options [String] :expected_source_bucket_owner
498
- # The account id of the expected source bucket owner. If the source
499
- # bucket is owned by a different account, the request will fail with an
500
- # HTTP `403 (Access Denied)` error.
527
+ # The account ID of the expected source bucket owner. If the source
528
+ # bucket is owned by a different account, the request fails with the
529
+ # HTTP status code `403 Forbidden` (access denied).
501
530
  # @return [Types::CopyObjectOutput]
502
531
  def copy_from(options = {})
503
532
  options = options.merge(
@@ -528,20 +557,21 @@ module Aws::S3
528
557
  # @option options [String] :request_payer
529
558
  # Confirms that the requester knows that they will be charged for the
530
559
  # request. Bucket owners need not specify this parameter in their
531
- # requests. For information about downloading objects from requester
532
- # pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
533
- # in the *Amazon S3 Developer Guide*.
560
+ # requests. For information about downloading objects from Requester
561
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
562
+ # in the *Amazon S3 User Guide*.
534
563
  #
535
564
  #
536
565
  #
537
566
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
538
567
  # @option options [Boolean] :bypass_governance_retention
539
568
  # Indicates whether S3 Object Lock should bypass Governance-mode
540
- # restrictions to process this operation.
569
+ # restrictions to process this operation. To use this header, you must
570
+ # have the `s3:BypassGovernanceRetention` permission.
541
571
  # @option options [String] :expected_bucket_owner
542
- # The account id of the expected bucket owner. If the bucket is owned by
543
- # a different account, the request will fail with an HTTP `403 (Access
544
- # Denied)` error.
572
+ # The account ID of the expected bucket owner. If the bucket is owned by
573
+ # a different account, the request fails with the HTTP status code `403
574
+ # Forbidden` (access denied).
545
575
  # @return [Types::DeleteObjectOutput]
546
576
  def delete(options = {})
547
577
  options = options.merge(
@@ -573,20 +603,21 @@ module Aws::S3
573
603
  # request_payer: "requester", # accepts requester
574
604
  # part_number: 1,
575
605
  # expected_bucket_owner: "AccountId",
606
+ # checksum_mode: "ENABLED", # accepts ENABLED
576
607
  # })
577
608
  # @param [Hash] options ({})
578
609
  # @option options [String] :if_match
579
610
  # Return the object only if its entity tag (ETag) is the same as the one
580
- # specified, otherwise return a 412 (precondition failed).
611
+ # specified; otherwise, return a 412 (precondition failed) error.
581
612
  # @option options [Time,DateTime,Date,Integer,String] :if_modified_since
582
613
  # Return the object only if it has been modified since the specified
583
- # time, otherwise return a 304 (not modified).
614
+ # time; otherwise, return a 304 (not modified) error.
584
615
  # @option options [String] :if_none_match
585
616
  # Return the object only if its entity tag (ETag) is different from the
586
- # one specified, otherwise return a 304 (not modified).
617
+ # one specified; otherwise, return a 304 (not modified) error.
587
618
  # @option options [Time,DateTime,Date,Integer,String] :if_unmodified_since
588
619
  # Return the object only if it has not been modified since the specified
589
- # time, otherwise return a 412 (precondition failed).
620
+ # time; otherwise, return a 412 (precondition failed) error.
590
621
  # @option options [String] :range
591
622
  # Downloads the specified range bytes of an object. For more information
592
623
  # about the HTTP Range header, see
@@ -615,13 +646,13 @@ module Aws::S3
615
646
  # @option options [String] :version_id
616
647
  # VersionId used to reference a specific version of the object.
617
648
  # @option options [String] :sse_customer_algorithm
618
- # Specifies the algorithm to use to when encrypting the object (for
649
+ # Specifies the algorithm to use to when decrypting the object (for
619
650
  # example, AES256).
620
651
  # @option options [String] :sse_customer_key
621
- # Specifies the customer-provided encryption key for Amazon S3 to use in
622
- # encrypting data. This value is used to store the object and then it is
623
- # discarded; Amazon S3 does not store the encryption key. The key must
624
- # be appropriate for use with the algorithm specified in the
652
+ # Specifies the customer-provided encryption key for Amazon S3 used to
653
+ # encrypt the data. This value is used to decrypt the object when
654
+ # recovering it and must match the one used when storing the data. The
655
+ # key must be appropriate for use with the algorithm specified in the
625
656
  # `x-amz-server-side-encryption-customer-algorithm` header.
626
657
  # @option options [String] :sse_customer_key_md5
627
658
  # Specifies the 128-bit MD5 digest of the encryption key according to
@@ -630,9 +661,9 @@ module Aws::S3
630
661
  # @option options [String] :request_payer
631
662
  # Confirms that the requester knows that they will be charged for the
632
663
  # request. Bucket owners need not specify this parameter in their
633
- # requests. For information about downloading objects from requester
634
- # pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
635
- # in the *Amazon S3 Developer Guide*.
664
+ # requests. For information about downloading objects from Requester
665
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
666
+ # in the *Amazon S3 User Guide*.
636
667
  #
637
668
  #
638
669
  #
@@ -643,9 +674,11 @@ module Aws::S3
643
674
  # for the part specified. Useful for downloading just a part of an
644
675
  # object.
645
676
  # @option options [String] :expected_bucket_owner
646
- # The account id of the expected bucket owner. If the bucket is owned by
647
- # a different account, the request will fail with an HTTP `403 (Access
648
- # Denied)` error.
677
+ # The account ID of the expected bucket owner. If the bucket is owned by
678
+ # a different account, the request fails with the HTTP status code `403
679
+ # Forbidden` (access denied).
680
+ # @option options [String] :checksum_mode
681
+ # To retrieve the checksum, this mode must be enabled.
649
682
  # @return [Types::GetObjectOutput]
650
683
  def get(options = {}, &block)
651
684
  options = options.merge(
@@ -674,19 +707,21 @@ module Aws::S3
674
707
  # "MetadataKey" => "MetadataValue",
675
708
  # },
676
709
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
677
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
710
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
678
711
  # website_redirect_location: "WebsiteRedirectLocation",
679
712
  # sse_customer_algorithm: "SSECustomerAlgorithm",
680
713
  # sse_customer_key: "SSECustomerKey",
681
714
  # sse_customer_key_md5: "SSECustomerKeyMD5",
682
715
  # ssekms_key_id: "SSEKMSKeyId",
683
716
  # ssekms_encryption_context: "SSEKMSEncryptionContext",
717
+ # bucket_key_enabled: false,
684
718
  # request_payer: "requester", # accepts requester
685
719
  # tagging: "TaggingHeader",
686
720
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
687
721
  # object_lock_retain_until_date: Time.now,
688
722
  # object_lock_legal_hold_status: "ON", # accepts ON, OFF
689
723
  # expected_bucket_owner: "AccountId",
724
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
690
725
  # })
691
726
  # @param [Hash] options ({})
692
727
  # @option options [String] :acl
@@ -735,7 +770,7 @@ module Aws::S3
735
770
  # and high availability. Depending on performance needs, you can specify
736
771
  # a different Storage Class. Amazon S3 on Outposts only uses the
737
772
  # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
738
- # in the *Amazon S3 Service Developer Guide*.
773
+ # in the *Amazon S3 User Guide*.
739
774
  #
740
775
  #
741
776
  #
@@ -758,26 +793,35 @@ module Aws::S3
758
793
  # RFC 1321. Amazon S3 uses this header for a message integrity check to
759
794
  # ensure that the encryption key was transmitted without error.
760
795
  # @option options [String] :ssekms_key_id
761
- # Specifies the ID of the symmetric customer managed AWS KMS CMK to use
762
- # for object encryption. All GET and PUT requests for an object
763
- # protected by AWS KMS will fail if not made via SSL or using SigV4. For
764
- # information about configuring using any of the officially supported
765
- # AWS SDKs and AWS CLI, see [Specifying the Signature Version in Request
766
- # Authentication][1] in the *Amazon S3 Developer Guide*.
796
+ # Specifies the ID of the symmetric customer managed key to use for
797
+ # object encryption. All GET and PUT requests for an object protected by
798
+ # Amazon Web Services KMS will fail if not made via SSL or using SigV4.
799
+ # For information about configuring using any of the officially
800
+ # supported Amazon Web Services SDKs and Amazon Web Services CLI, see
801
+ # [Specifying the Signature Version in Request Authentication][1] in the
802
+ # *Amazon S3 User Guide*.
767
803
  #
768
804
  #
769
805
  #
770
- # [1]: https://docs.aws.amazon.com/http:/docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
806
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
771
807
  # @option options [String] :ssekms_encryption_context
772
- # Specifies the AWS KMS Encryption Context to use for object encryption.
773
- # The value of this header is a base64-encoded UTF-8 string holding JSON
774
- # with the encryption context key-value pairs.
808
+ # Specifies the Amazon Web Services KMS Encryption Context to use for
809
+ # object encryption. The value of this header is a base64-encoded UTF-8
810
+ # string holding JSON with the encryption context key-value pairs.
811
+ # @option options [Boolean] :bucket_key_enabled
812
+ # Specifies whether Amazon S3 should use an S3 Bucket Key for object
813
+ # encryption with server-side encryption using AWS KMS (SSE-KMS).
814
+ # Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
815
+ # for object encryption with SSE-KMS.
816
+ #
817
+ # Specifying this header with an object action doesn’t affect
818
+ # bucket-level settings for S3 Bucket Key.
775
819
  # @option options [String] :request_payer
776
820
  # Confirms that the requester knows that they will be charged for the
777
821
  # request. Bucket owners need not specify this parameter in their
778
- # requests. For information about downloading objects from requester
779
- # pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
780
- # in the *Amazon S3 Developer Guide*.
822
+ # requests. For information about downloading objects from Requester
823
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
824
+ # in the *Amazon S3 User Guide*.
781
825
  #
782
826
  #
783
827
  #
@@ -791,12 +835,20 @@ module Aws::S3
791
835
  # @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
792
836
  # Specifies the date and time when you want the Object Lock to expire.
793
837
  # @option options [String] :object_lock_legal_hold_status
794
- # Specifies whether you want to apply a Legal Hold to the uploaded
838
+ # Specifies whether you want to apply a legal hold to the uploaded
795
839
  # object.
796
840
  # @option options [String] :expected_bucket_owner
797
- # The account id of the expected bucket owner. If the bucket is owned by
798
- # a different account, the request will fail with an HTTP `403 (Access
799
- # Denied)` error.
841
+ # The account ID of the expected bucket owner. If the bucket is owned by
842
+ # a different account, the request fails with the HTTP status code `403
843
+ # Forbidden` (access denied).
844
+ # @option options [String] :checksum_algorithm
845
+ # Indicates the algorithm you want Amazon S3 to use to create the
846
+ # checksum for the object. For more information, see [Checking object
847
+ # integrity][1] in the *Amazon S3 User Guide*.
848
+ #
849
+ #
850
+ #
851
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
800
852
  # @return [MultipartUpload]
801
853
  def initiate_multipart_upload(options = {})
802
854
  options = options.merge(
@@ -824,6 +876,11 @@ module Aws::S3
824
876
  # content_length: 1,
825
877
  # content_md5: "ContentMD5",
826
878
  # content_type: "ContentType",
879
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
880
+ # checksum_crc32: "ChecksumCRC32",
881
+ # checksum_crc32c: "ChecksumCRC32C",
882
+ # checksum_sha1: "ChecksumSHA1",
883
+ # checksum_sha256: "ChecksumSHA256",
827
884
  # expires: Time.now,
828
885
  # grant_full_control: "GrantFullControl",
829
886
  # grant_read: "GrantRead",
@@ -833,13 +890,14 @@ module Aws::S3
833
890
  # "MetadataKey" => "MetadataValue",
834
891
  # },
835
892
  # server_side_encryption: "AES256", # accepts AES256, aws:kms
836
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
893
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
837
894
  # website_redirect_location: "WebsiteRedirectLocation",
838
895
  # sse_customer_algorithm: "SSECustomerAlgorithm",
839
896
  # sse_customer_key: "SSECustomerKey",
840
897
  # sse_customer_key_md5: "SSECustomerKeyMD5",
841
898
  # ssekms_key_id: "SSEKMSKeyId",
842
899
  # ssekms_encryption_context: "SSEKMSEncryptionContext",
900
+ # bucket_key_enabled: false,
843
901
  # request_payer: "requester", # accepts requester
844
902
  # tagging: "TaggingHeader",
845
903
  # object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
@@ -914,6 +972,61 @@ module Aws::S3
914
972
  #
915
973
  #
916
974
  # [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17
975
+ # @option options [String] :checksum_algorithm
976
+ # Indicates the algorithm used to create the checksum for the object
977
+ # when using the SDK. This header will not provide any additional
978
+ # functionality if not using the SDK. When sending this header, there
979
+ # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
980
+ # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
981
+ # `400 Bad Request`. For more information, see [Checking object
982
+ # integrity][1] in the *Amazon S3 User Guide*.
983
+ #
984
+ # If you provide an individual checksum, Amazon S3 ignores any provided
985
+ # `ChecksumAlgorithm` parameter.
986
+ #
987
+ #
988
+ #
989
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
990
+ # @option options [String] :checksum_crc32
991
+ # This header can be used as a data integrity check to verify that the
992
+ # data received is the same data that was originally sent. This header
993
+ # specifies the base64-encoded, 32-bit CRC32 checksum of the object. For
994
+ # more information, see [Checking object integrity][1] in the *Amazon S3
995
+ # User Guide*.
996
+ #
997
+ #
998
+ #
999
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
1000
+ # @option options [String] :checksum_crc32c
1001
+ # This header can be used as a data integrity check to verify that the
1002
+ # data received is the same data that was originally sent. This header
1003
+ # specifies the base64-encoded, 32-bit CRC32C checksum of the object.
1004
+ # For more information, see [Checking object integrity][1] in the
1005
+ # *Amazon S3 User Guide*.
1006
+ #
1007
+ #
1008
+ #
1009
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
1010
+ # @option options [String] :checksum_sha1
1011
+ # This header can be used as a data integrity check to verify that the
1012
+ # data received is the same data that was originally sent. This header
1013
+ # specifies the base64-encoded, 160-bit SHA-1 digest of the object. For
1014
+ # more information, see [Checking object integrity][1] in the *Amazon S3
1015
+ # User Guide*.
1016
+ #
1017
+ #
1018
+ #
1019
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
1020
+ # @option options [String] :checksum_sha256
1021
+ # This header can be used as a data integrity check to verify that the
1022
+ # data received is the same data that was originally sent. This header
1023
+ # specifies the base64-encoded, 256-bit SHA-256 digest of the object.
1024
+ # For more information, see [Checking object integrity][1] in the
1025
+ # *Amazon S3 User Guide*.
1026
+ #
1027
+ #
1028
+ #
1029
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
917
1030
  # @option options [Time,DateTime,Date,Integer,String] :expires
918
1031
  # The date and time at which the object is no longer cacheable. For more
919
1032
  # information, see
@@ -950,7 +1063,7 @@ module Aws::S3
950
1063
  # and high availability. Depending on performance needs, you can specify
951
1064
  # a different Storage Class. Amazon S3 on Outposts only uses the
952
1065
  # OUTPOSTS Storage Class. For more information, see [Storage Classes][1]
953
- # in the *Amazon S3 Service Developer Guide*.
1066
+ # in the *Amazon S3 User Guide*.
954
1067
  #
955
1068
  #
956
1069
  #
@@ -995,26 +1108,32 @@ module Aws::S3
995
1108
  # ensure that the encryption key was transmitted without error.
996
1109
  # @option options [String] :ssekms_key_id
997
1110
  # If `x-amz-server-side-encryption` is present and has the value of
998
- # `aws:kms`, this header specifies the ID of the AWS Key Management
999
- # Service (AWS KMS) symmetrical customer managed customer master key
1000
- # (CMK) that was used for the object.
1001
- #
1002
- # If the value of `x-amz-server-side-encryption` is `aws:kms`, this
1003
- # header specifies the ID of the symmetric customer managed AWS KMS CMK
1004
- # that will be used for the object. If you specify
1111
+ # `aws:kms`, this header specifies the ID of the Amazon Web Services Key
1112
+ # Management Service (Amazon Web Services KMS) symmetrical customer
1113
+ # managed key that was used for the object. If you specify
1005
1114
  # `x-amz-server-side-encryption:aws:kms`, but do not provide`
1006
- # x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the AWS
1007
- # managed CMK in AWS to protect the data.
1115
+ # x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
1116
+ # Amazon Web Services managed key to protect the data. If the KMS key
1117
+ # does not exist in the same account issuing the command, you must use
1118
+ # the full ARN and not just the ID.
1008
1119
  # @option options [String] :ssekms_encryption_context
1009
- # Specifies the AWS KMS Encryption Context to use for object encryption.
1010
- # The value of this header is a base64-encoded UTF-8 string holding JSON
1011
- # with the encryption context key-value pairs.
1120
+ # Specifies the Amazon Web Services KMS Encryption Context to use for
1121
+ # object encryption. The value of this header is a base64-encoded UTF-8
1122
+ # string holding JSON with the encryption context key-value pairs.
1123
+ # @option options [Boolean] :bucket_key_enabled
1124
+ # Specifies whether Amazon S3 should use an S3 Bucket Key for object
1125
+ # encryption with server-side encryption using AWS KMS (SSE-KMS).
1126
+ # Setting this header to `true` causes Amazon S3 to use an S3 Bucket Key
1127
+ # for object encryption with SSE-KMS.
1128
+ #
1129
+ # Specifying this header with a PUT action doesn’t affect bucket-level
1130
+ # settings for S3 Bucket Key.
1012
1131
  # @option options [String] :request_payer
1013
1132
  # Confirms that the requester knows that they will be charged for the
1014
1133
  # request. Bucket owners need not specify this parameter in their
1015
- # requests. For information about downloading objects from requester
1016
- # pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
1017
- # in the *Amazon S3 Developer Guide*.
1134
+ # requests. For information about downloading objects from Requester
1135
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1136
+ # in the *Amazon S3 User Guide*.
1018
1137
  #
1019
1138
  #
1020
1139
  #
@@ -1026,6 +1145,7 @@ module Aws::S3
1026
1145
  # The Object Lock mode that you want to apply to this object.
1027
1146
  # @option options [Time,DateTime,Date,Integer,String] :object_lock_retain_until_date
1028
1147
  # The date and time when you want this object's Object Lock to expire.
1148
+ # Must be formatted as a timestamp parameter.
1029
1149
  # @option options [String] :object_lock_legal_hold_status
1030
1150
  # Specifies whether a legal hold will be applied to this object. For
1031
1151
  # more information about S3 Object Lock, see [Object Lock][1].
@@ -1034,9 +1154,9 @@ module Aws::S3
1034
1154
  #
1035
1155
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
1036
1156
  # @option options [String] :expected_bucket_owner
1037
- # The account id of the expected bucket owner. If the bucket is owned by
1038
- # a different account, the request will fail with an HTTP `403 (Access
1039
- # Denied)` error.
1157
+ # The account ID of the expected bucket owner. If the bucket is owned by
1158
+ # a different account, the request fails with the HTTP status code `403
1159
+ # Forbidden` (access denied).
1040
1160
  # @return [Types::PutObjectOutput]
1041
1161
  def put(options = {})
1042
1162
  options = options.merge(
@@ -1128,11 +1248,12 @@ module Aws::S3
1128
1248
  # value: "MetadataValue",
1129
1249
  # },
1130
1250
  # ],
1131
- # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
1251
+ # storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
1132
1252
  # },
1133
1253
  # },
1134
1254
  # },
1135
1255
  # request_payer: "requester", # accepts requester
1256
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
1136
1257
  # expected_bucket_owner: "AccountId",
1137
1258
  # })
1138
1259
  # @param [Hash] options ({})
@@ -1143,17 +1264,32 @@ module Aws::S3
1143
1264
  # @option options [String] :request_payer
1144
1265
  # Confirms that the requester knows that they will be charged for the
1145
1266
  # request. Bucket owners need not specify this parameter in their
1146
- # requests. For information about downloading objects from requester
1147
- # pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
1148
- # in the *Amazon S3 Developer Guide*.
1267
+ # requests. For information about downloading objects from Requester
1268
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1269
+ # in the *Amazon S3 User Guide*.
1149
1270
  #
1150
1271
  #
1151
1272
  #
1152
1273
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1274
+ # @option options [String] :checksum_algorithm
1275
+ # Indicates the algorithm used to create the checksum for the object
1276
+ # when using the SDK. This header will not provide any additional
1277
+ # functionality if not using the SDK. When sending this header, there
1278
+ # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
1279
+ # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
1280
+ # `400 Bad Request`. For more information, see [Checking object
1281
+ # integrity][1] in the *Amazon S3 User Guide*.
1282
+ #
1283
+ # If you provide an individual checksum, Amazon S3 ignores any provided
1284
+ # `ChecksumAlgorithm` parameter.
1285
+ #
1286
+ #
1287
+ #
1288
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
1153
1289
  # @option options [String] :expected_bucket_owner
1154
- # The account id of the expected bucket owner. If the bucket is owned by
1155
- # a different account, the request will fail with an HTTP `403 (Access
1156
- # Denied)` error.
1290
+ # The account ID of the expected bucket owner. If the bucket is owned by
1291
+ # a different account, the request fails with the HTTP status code `403
1292
+ # Forbidden` (access denied).
1157
1293
  # @return [Types::RestoreObjectOutput]
1158
1294
  def restore_object(options = {})
1159
1295
  options = options.merge(
@@ -1286,6 +1422,7 @@ module Aws::S3
1286
1422
  # request_payer: "requester", # accepts requester
1287
1423
  # bypass_governance_retention: false,
1288
1424
  # expected_bucket_owner: "AccountId",
1425
+ # checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
1289
1426
  # })
1290
1427
  # @param options ({})
1291
1428
  # @option options [String] :mfa
@@ -1296,21 +1433,39 @@ module Aws::S3
1296
1433
  # @option options [String] :request_payer
1297
1434
  # Confirms that the requester knows that they will be charged for the
1298
1435
  # request. Bucket owners need not specify this parameter in their
1299
- # requests. For information about downloading objects from requester
1300
- # pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
1301
- # in the *Amazon S3 Developer Guide*.
1436
+ # requests. For information about downloading objects from Requester
1437
+ # Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
1438
+ # in the *Amazon S3 User Guide*.
1302
1439
  #
1303
1440
  #
1304
1441
  #
1305
1442
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
1306
1443
  # @option options [Boolean] :bypass_governance_retention
1307
1444
  # Specifies whether you want to delete this object even if it has a
1308
- # Governance-type Object Lock in place. You must have sufficient
1309
- # permissions to perform this operation.
1445
+ # Governance-type Object Lock in place. To use this header, you must
1446
+ # have the `s3:BypassGovernanceRetention` permission.
1310
1447
  # @option options [String] :expected_bucket_owner
1311
- # The account id of the expected bucket owner. If the bucket is owned by
1312
- # a different account, the request will fail with an HTTP `403 (Access
1313
- # Denied)` error.
1448
+ # The account ID of the expected bucket owner. If the bucket is owned by
1449
+ # a different account, the request fails with the HTTP status code `403
1450
+ # Forbidden` (access denied).
1451
+ # @option options [String] :checksum_algorithm
1452
+ # Indicates the algorithm used to create the checksum for the object
1453
+ # when using the SDK. This header will not provide any additional
1454
+ # functionality if not using the SDK. When sending this header, there
1455
+ # must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
1456
+ # sent. Otherwise, Amazon S3 fails the request with the HTTP status code
1457
+ # `400 Bad Request`. For more information, see [Checking object
1458
+ # integrity][1] in the *Amazon S3 User Guide*.
1459
+ #
1460
+ # If you provide an individual checksum, Amazon S3 ignores any provided
1461
+ # `ChecksumAlgorithm` parameter.
1462
+ #
1463
+ # This checksum algorithm must be the same for all parts and it match
1464
+ # the checksum value supplied in the `CreateMultipartUpload` request.
1465
+ #
1466
+ #
1467
+ #
1468
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
1314
1469
  # @return [void]
1315
1470
  def batch_delete!(options = {})
1316
1471
  batch_enum.each do |batch|