aws-sdk-s3 1.87.0 → 1.143.0

data/lib/aws-sdk-s3/customizations/bucket.rb

@@ -5,22 +5,6 @@ require 'uri'
 module Aws
   module S3
     class Bucket
-      # Save the old initialize method so that we can call 'super'.
-      old_initialize = instance_method(:initialize)
-      # Make the method redefinable
-      alias_method :initialize, :initialize
-      # Define a new initialize method that extracts out a bucket ARN.
-      define_method(:initialize) do |*args|
-        old_initialize.bind(self).call(*args)
-        resolved_region, arn = Plugins::ARN.resolve_arn!(
-          name,
-          client.config.region,
-          client.config.s3_use_arn_region
-        )
-        @resolved_region = resolved_region
-        @arn = arn
-      end
-
       # Deletes all objects and versioned objects from this bucket
       #
       # @example
@@ -88,26 +72,44 @@ module Aws
       # You can pass `virtual_host: true` to use the bucket name as the
       # host name.
       #
-      #     bucket = s3.bucket('my.bucket.com')
+      #     bucket = s3.bucket('my-bucket.com')
       #     bucket.url(virtual_host: true)
-      #     #=> "http://my.bucket.com"
+      #     #=> "http://my-bucket.com"
       #
       # @option options [Boolean] :virtual_host (false) When `true`,
       #   the bucket name will be used as the host name. This is useful
       #   when you have a CNAME configured for this bucket.
       #
+      # @option options [Boolean] :secure (true) When `false`, http
+      #   will be used with virtual_host.  This is required when
+      #   the bucket name has a dot (.) in it.
+      #
       # @return [String] the URL for this bucket.
       def url(options = {})
         if options[:virtual_host]
-          "http://#{name}"
-        elsif @arn
-          Plugins::ARN.resolve_url!(
-            client.config.endpoint.dup,
-            @arn,
-            @resolved_region
-          ).to_s
+          scheme = options.fetch(:secure, true) ? 'https' : 'http'
+          "#{scheme}://#{name}"
         else
-          s3_bucket_url
+          # Taken from Aws::S3::Endpoints module
+          unless client.config.regional_endpoint
+            endpoint = client.config.endpoint.to_s
+          end
+          params = Aws::S3::EndpointParameters.new(
+            bucket: name,
+            region: client.config.region,
+            use_fips: client.config.use_fips_endpoint,
+            use_dual_stack: client.config.use_dualstack_endpoint,
+            endpoint: endpoint,
+            force_path_style: client.config.force_path_style,
+            accelerate: client.config.use_accelerate_endpoint,
+            use_global_endpoint: client.config.s3_us_east_1_regional_endpoint == 'legacy',
+            use_object_lambda_endpoint: nil,
+            disable_access_points: nil,
+            disable_multi_region_access_points: client.config.s3_disable_multiregion_access_points,
+            use_arn_region: client.config.s3_use_arn_region,
+          )
+          endpoint = Aws::S3::EndpointProvider.new.resolve_endpoint(params)
+          endpoint.url
         end
       end
 
@@ -132,34 +134,13 @@ module Aws
 
       # @api private
       def load
-        @data = client.list_buckets.buckets.find { |b| b.name == name }
+        @data = Aws::Plugins::UserAgent.feature('resource') do
+          client.list_buckets.buckets.find { |b| b.name == name }
+        end
         raise "unable to load bucket #{name}" if @data.nil?
 
         self
       end
-
-      private
-
-      def s3_bucket_url
-        url = client.config.endpoint.dup
-        if bucket_as_hostname?(url.scheme == 'https')
-          url.host = "#{name}.#{url.host}"
-        else
-          url.path += '/' unless url.path[-1] == '/'
-          url.path += Seahorse::Util.uri_escape(name)
-        end
-        if (client.config.region == 'us-east-1') &&
-           (client.config.s3_us_east_1_regional_endpoint == 'legacy')
-          url.host = Plugins::IADRegionalEndpoint.legacy_host(url.host)
-        end
-        url.to_s
-      end
-
-      def bucket_as_hostname?(https)
-        Plugins::BucketDns.dns_compatible?(name, https) &&
-          !client.config.force_path_style
-      end
-
     end
   end
 end

data/lib/aws-sdk-s3/customizations/errors.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Aws
+  module S3
+    module Errors
+      # Hijack PermanentRedirect dynamic error to also include endpoint
+      # and bucket.
+      class PermanentRedirect < ServiceError
+        # @param [Seahorse::Client::RequestContext] context
+        # @param [String] message
+        # @param [Aws::S3::Types::PermanentRedirect] _data
+        def initialize(context, message, _data = Aws::EmptyStructure.new)
+          data = Aws::S3::Types::PermanentRedirect.new(message: message)
+          body = context.http_response.body_contents
+          if (endpoint = body.match(/<Endpoint>(.+?)<\/Endpoint>/))
+            data.endpoint = endpoint[1]
+          end
+          if (bucket = body.match(/<Bucket>(.+?)<\/Bucket>/))
+            data.bucket = bucket[1]
+          end
+          data.region = context.http_response.headers['x-amz-bucket-region']
+          super(context, message, data)
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/customizations/object.rb

@@ -27,10 +27,13 @@ module Aws
       #   necessary for objects larger than 5GB and can provide
       #   performance improvements on large objects. Amazon S3 does
       #   not accept multipart copies for objects smaller than 5MB.
+      #   Object metadata such as Content-Type will be copied, however,
+      #   Checksums are not copied.
       #
       # @option options [Integer] :content_length Only used when
       #   `:multipart_copy` is `true`. Passing this options avoids a HEAD
-      #   request to query the source object size. Raises an `ArgumentError` if
+      #   request to query the source object size but prevents object metadata
+      #   from being copied. Raises an `ArgumentError` if
       #   this option is provided when `:multipart_copy` is `false` or not set.
       #
       # @option options [S3::Client] :copy_source_client Only used when
@@ -43,6 +46,14 @@ module Aws
       #   different region. You do not need to specify this option
       #   if you have provided a `:source_client` or a `:content_length`.
       #
+      # @option options [Boolean] :use_source_parts (false) Only used when
+      #   `:multipart_copy` is `true`. Use part sizes defined on the source
+      #   object if any exist. If copying or moving an object that
+      #   is already multipart, this does not re-part the object, instead
+      #   re-using the part definitions on the original. That means the etag
+      #   and any checksums will not change. This is especially useful if the
+      #   source object has parts with varied sizes.
+      #
       # @example Basic object copy
       #
       #   bucket = Aws::S3::Bucket.new('target-bucket')
@@ -65,11 +76,13 @@ module Aws
       # @see #copy_to
       #
       def copy_from(source, options = {})
-        if Hash === source && source[:copy_source]
-          # for backwards compatibility
-          @client.copy_object(source.merge(bucket: bucket_name, key: key))
-        else
-          ObjectCopier.new(self, options).copy_from(source, options)
+        Aws::Plugins::UserAgent.feature('resource') do
+          if Hash === source && source[:copy_source]
+            # for backwards compatibility
+            @client.copy_object(source.merge(bucket: bucket_name, key: key))
+          else
+            ObjectCopier.new(self, options).copy_from(source, options)
+          end
         end
       end
 
@@ -106,7 +119,9 @@ module Aws
       #   object.copy_to('src-bucket/src-key', multipart_copy: true)
       #
       def copy_to(target, options = {})
-        ObjectCopier.new(self, options).copy_to(target, options)
+        Aws::Plugins::UserAgent.feature('resource') do
+          ObjectCopier.new(self, options).copy_to(target, options)
+        end
       end
 
       # Copies and deletes the current object. The object will only be deleted
@@ -153,21 +168,35 @@ module Aws
       #     obj.presigned_url(:put, acl: 'public-read')
       #     #=> "https://bucket-name.s3.amazonaws.com/object-key?..."
       #
-      # @param [Symbol] http_method
-      #   The HTTP method to generate a presigned URL for. Valid values
-      #   are `:get`, `:put`, `:head`, and `:delete`.
+      # @example Pre-signed UploadPart PUT
+      #
+      #     # the object uploaded using this URL will be publicly accessible
+      #     obj.presigned_url(:upload_part, part_number: 1, upload_id: 'uploadIdToken')
+      #     #=> "https://bucket-name.s3.amazonaws.com/object-key?..."
+      #
+      # @param [Symbol] method
+      #   The S3 operation to generate a presigned URL for. Valid values
+      #   are `:get`, `:put`, `:head`, `:delete`, `:create_multipart_upload`,
+      #   `:list_multipart_uploads`, `:complete_multipart_upload`,
+      #   `:abort_multipart_upload`, `:list_parts`, and `:upload_part`.
       #
       # @param [Hash] params
       #   Additional request parameters to use when generating the pre-signed
       #   URL. See the related documentation in {Client} for accepted
       #   params.
       #
-      #   | HTTP Method   | Client Method          |
-      #   |---------------|------------------------|
-      #   | `:get`        | {Client#get_object}    |
-      #   | `:put`        | {Client#put_object}    |
-      #   | `:head`       | {Client#head_object}   |
-      #   | `:delete`     | {Client#delete_object} |
+      #   | Method                       | Client Method                      |
+      #   |------------------------------|------------------------------------|
+      #   | `:get`                       | {Client#get_object}                |
+      #   | `:put`                       | {Client#put_object}                |
+      #   | `:head`                      | {Client#head_object}               |
+      #   | `:delete`                    | {Client#delete_object}             |
+      #   | `:create_multipart_upload`   | {Client#create_multipart_upload}   |
+      #   | `:list_multipart_uploads`    | {Client#list_multipart_uploads}    |
+      #   | `:complete_multipart_upload` | {Client#complete_multipart_upload} |
+      #   | `:abort_multipart_upload`    | {Client#abort_multipart_upload}    |
+      #   | `:list_parts`                | {Client#list_parts}                |
+      #   | `:upload_part`               | {Client#upload_part}               |
       #
       # @option params [Boolean] :virtual_host (false) When `true` the
       #   presigned URL will use the bucket name as a virtual host.
@@ -188,10 +217,88 @@ module Aws
       #
       # @return [String]
       #
-      def presigned_url(http_method, params = {})
+      def presigned_url(method, params = {})
         presigner = Presigner.new(client: client)
+
+        if %w(delete head get put).include?(method.to_s)
+          method = "#{method}_object".to_sym
+        end
+
         presigner.presigned_url(
-          "#{http_method.downcase}_object",
+          method.downcase,
+          params.merge(bucket: bucket_name, key: key)
+        )
+      end
+
+      # Allows you to create presigned URL requests for S3 operations. This
+      # method returns a tuple containing the URL and the signed X-amz-* headers
+      # to be used with the presigned url.
+      #
+      # @example Pre-signed GET URL, valid for one hour
+      #
+      #     obj.presigned_request(:get, expires_in: 3600)
+      #     #=> ["https://bucket-name.s3.amazonaws.com/object-key?...", {}]
+      #
+      # @example Pre-signed PUT with a canned ACL
+      #
+      #     # the object uploaded using this URL will be publicly accessible
+      #     obj.presigned_request(:put, acl: 'public-read')
+      #     #=> ["https://bucket-name.s3.amazonaws.com/object-key?...",
+      #      {"x-amz-acl"=>"public-read"}]
+      #
+      # @param [Symbol] method
+      #   The S3 operation to generate a presigned request for. Valid values
+      #   are `:get`, `:put`, `:head`, `:delete`, `:create_multipart_upload`,
+      #   `:list_multipart_uploads`, `:complete_multipart_upload`,
+      #   `:abort_multipart_upload`, `:list_parts`, and `:upload_part`.
+      #
+      # @param [Hash] params
+      #   Additional request parameters to use when generating the pre-signed
+      #   request. See the related documentation in {Client} for accepted
+      #   params.
+      #
+      #   | Method                       | Client Method                      |
+      #   |------------------------------|------------------------------------|
+      #   | `:get`                       | {Client#get_object}                |
+      #   | `:put`                       | {Client#put_object}                |
+      #   | `:head`                      | {Client#head_object}               |
+      #   | `:delete`                    | {Client#delete_object}             |
+      #   | `:create_multipart_upload`   | {Client#create_multipart_upload}   |
+      #   | `:list_multipart_uploads`    | {Client#list_multipart_uploads}    |
+      #   | `:complete_multipart_upload` | {Client#complete_multipart_upload} |
+      #   | `:abort_multipart_upload`    | {Client#abort_multipart_upload}    |
+      #   | `:list_parts`                | {Client#list_parts}                |
+      #   | `:upload_part`               | {Client#upload_part}               |
+      #
+      # @option params [Boolean] :virtual_host (false) When `true` the
+      #   presigned URL will use the bucket name as a virtual host.
+      #
+      #     bucket = Aws::S3::Bucket.new('my.bucket.com')
+      #     bucket.object('key').presigned_request(virtual_host: true)
+      #     #=> ["http://my.bucket.com/key?...", {}]
+      #
+      # @option params [Integer] :expires_in (900) Number of seconds before
+      #   the pre-signed URL expires. This may not exceed one week (604800
+      #   seconds). Note that the pre-signed URL is also only valid as long as
+      #   credentials used to sign it are. For example, when using IAM roles,
+      #   temporary tokens generated for signing also have a default expiration
+      #   which will affect the effective expiration of the pre-signed URL.
+      #
+      # @raise [ArgumentError] Raised if `:expires_in` exceeds one week
+      #   (604800 seconds).
+      #
+      # @return [String, Hash] A tuple with a presigned URL and headers that
+      #   should be included with the request.
+      #
+      def presigned_request(method, params = {})
+        presigner = Presigner.new(client: client)
+
+        if %w(delete head get put).include?(method.to_s)
+          method = "#{method}_object".to_sym
+        end
+
+        presigner.presigned_request(
+          method.downcase,
           params.merge(bucket: bucket_name, key: key)
         )
       end
@@ -201,16 +308,22 @@ module Aws
       #     s3.bucket('bucket-name').object('obj-key').public_url
       #     #=> "https://bucket-name.s3.amazonaws.com/obj-key"
       #
-      # To use virtual hosted bucket url (disables https):
+      # To use virtual hosted bucket url.
+      # Uses https unless secure: false is set.  If the bucket
+      # name contains dots (.) then you will need to set secure: false.
       #
-      #     s3.bucket('my.bucket.com').object('key')
+      #     s3.bucket('my-bucket.com').object('key')
       #       .public_url(virtual_host: true)
-      #     #=> "http://my.bucket.com/key"
+      #     #=> "https://my-bucket.com/key"
       #
       # @option options [Boolean] :virtual_host (false) When `true`, the bucket
       #   name will be used as the host name. This is useful when you have
       #   a CNAME configured for the bucket.
       #
+      # @option options [Boolean] :secure (true) When `false`, http
+      #   will be used with virtual_host.  This is required when
+      #   the bucket name has a dot (.) in it.
+      #
       # @return [String]
       def public_url(options = {})
         url = URI.parse(bucket.url(options))
@@ -240,6 +353,10 @@ module Aws
       #     obj.upload_stream do |write_stream|
       #       IO.copy_stream(STDIN, write_stream)
       #     end
+      # @param [Hash] options
+      #   Additional options for {Client#create_multipart_upload},
+      #   {Client#complete_multipart_upload},
+      #   and {Client#upload_part} can be provided.
       #
       # @option options [Integer] :thread_count (10) The number of parallel
       #   multipart uploads
@@ -262,6 +379,9 @@ module Aws
       # @return [Boolean] Returns `true` when the object is uploaded
       #   without any errors.
       #
+      # @see Client#create_multipart_upload
+      # @see Client#complete_multipart_upload
+      # @see Client#upload_part
       def upload_stream(options = {}, &block)
         uploading_options = options.dup
         uploader = MultipartStreamUploader.new(
@@ -270,10 +390,12 @@ module Aws
           tempfile: uploading_options.delete(:tempfile),
           part_size: uploading_options.delete(:part_size)
         )
-        uploader.upload(
-          uploading_options.merge(bucket: bucket_name, key: key),
-          &block
-        )
+        Aws::Plugins::UserAgent.feature('resource') do
+          uploader.upload(
+            uploading_options.merge(bucket: bucket_name, key: key),
+            &block
+          )
+        end
         true
       end
 
@@ -302,7 +424,7 @@ module Aws
       #     progress = Proc.new do |bytes, totals|
       #       puts bytes.map.with_index { |b, i| "Part #{i+1}: #{b} / #{totals[i]}"}.join(' ') + "Total: #{100.0 * bytes.sum / totals.sum }%" }
       #     end
-      #     obj.upload_file('/path/to/file')
+      #     obj.upload_file('/path/to/file', progress_callback: progress)
       #
       # @param [String, Pathname, File, Tempfile] source A file on the local
       #   file system that will be uploaded as this object. This can either be
@@ -312,10 +434,17 @@ module Aws
       #   using an open Tempfile, rewind it before uploading or else the object
       #   will be empty.
       #
-      # @option options [Integer] :multipart_threshold (15728640) Files larger
+      # @param [Hash] options
+      #   Additional options for {Client#put_object}
+      #   when file sizes below the multipart threshold. For files larger than
+      #   the multipart threshold, options for {Client#create_multipart_upload},
+      #   {Client#complete_multipart_upload},
+      #   and {Client#upload_part} can be provided.
+      #
+      # @option options [Integer] :multipart_threshold (104857600) Files larger
       #   than or equal to `:multipart_threshold` are uploaded using the S3
       #   multipart APIs.
-      #   Default threshold is 15MB.
+      #   Default threshold is 100MB.
       #
       # @option options [Integer] :thread_count (10) The number of parallel
       #   multipart uploads. This option is not used if the file is smaller than
@@ -333,16 +462,23 @@ module Aws
       #
       # @return [Boolean] Returns `true` when the object is uploaded
       #   without any errors.
+      #
+      # @see Client#put_object
+      # @see Client#create_multipart_upload
+      # @see Client#complete_multipart_upload
+      # @see Client#upload_part
       def upload_file(source, options = {})
         uploading_options = options.dup
         uploader = FileUploader.new(
           multipart_threshold: uploading_options.delete(:multipart_threshold),
           client: client
         )
-        response = uploader.upload(
-          source,
-          uploading_options.merge(bucket: bucket_name, key: key)
-        )
+        response = Aws::Plugins::UserAgent.feature('resource') do
+          uploader.upload(
+            source,
+            uploading_options.merge(bucket: bucket_name, key: key)
+          )
+        end
         yield response if block_given?
         true
       end
@@ -358,15 +494,28 @@ module Aws
       #     # and the parts are downloaded in parallel
       #     obj.download_file('/path/to/very_large_file')
       #
+      # You can provide a callback to monitor progress of the download:
+      #
+      #     # bytes and part_sizes are each an array with 1 entry per part
+      #     # part_sizes may not be known until the first bytes are retrieved
+      #     progress = Proc.new do |bytes, part_sizes, file_size|
+      #       puts bytes.map.with_index { |b, i| "Part #{i+1}: #{b} / #{part_sizes[i]}"}.join(' ') + "Total: #{100.0 * bytes.sum / file_size}%" }
+      #     end
+      #     obj.download_file('/path/to/file', progress_callback: progress)
+      #
       # @param [String] destination Where to download the file to.
       #
+      # @param [Hash] options
+      #   Additional options for {Client#get_object} and #{Client#head_object}
+      #   may be provided.
+      #
       # @option options [String] mode `auto`, `single_request`, `get_range`
       #  `single_request` mode forces only 1 GET request is made in download,
       #  `get_range` mode allows `chunk_size` parameter to configured in
       #  customizing each range size in multipart_download,
       #  By default, `auto` mode is enabled, which performs multipart_download
       #
-      # @option options [String] chunk_size required in get_range mode.
+      # @option options [Integer] chunk_size required in get_range mode.
       #
       # @option options [Integer] thread_count (10) Customize threads used in
       #   the multipart download.
@@ -375,14 +524,39 @@ module Aws
       #   retrieve the object. For more about object versioning, see:
       #   https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectVersioning.html
       #
+      # @option options [String] checksum_mode (ENABLED) When `ENABLED` and
+      #   the object has a stored checksum, it will be used to validate the
+      #   download and will raise an `Aws::Errors::ChecksumError` if
+      #   checksum validation fails. You may provide a `on_checksum_validated`
+      #   callback if you need to verify that validation occurred and which
+      #   algorithm was used.  To disable checksum validation, set
+      #   `checksum_mode` to "DISABLED".
+      #
+      # @option options [Callable] on_checksum_validated Called each time a
+      #   request's checksum is validated with the checksum algorithm and the
+      #   response.  For multipart downloads, this will be called for each
+      #   part that is downloaded and validated.
+      #
+      # @option options [Proc] :progress_callback
+      #   A Proc that will be called when each chunk of the download is received.
+      #   It will be invoked with [bytes_read], [part_sizes], file_size.
+      #   When the object is downloaded as parts (rather than by ranges), the
+      #   part_sizes will not be known ahead of time and will be nil in the
+      #   callback until the first bytes in the part are received.
+      #
       # @return [Boolean] Returns `true` when the file is downloaded without
       #   any errors.
+      #
+      # @see Client#get_object
+      # @see Client#head_object
       def download_file(destination, options = {})
         downloader = FileDownloader.new(client: client)
-        downloader.download(
-          destination,
-          options.merge(bucket: bucket_name, key: key)
-        )
+        Aws::Plugins::UserAgent.feature('resource') do
+          downloader.download(
+            destination,
+            options.merge(bucket: bucket_name, key: key)
+          )
+        end
         true
       end
     end

data/lib/aws-sdk-s3/customizations/types/permanent_redirect.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Aws
+  module S3
+    module Types
+      # This error is not modeled.
+      #
+      # The bucket you are attempting to access must be addressed using the
+      # specified endpoint. Please send all future requests to this endpoint.
+      #
+      # @!attribute [rw] endpoint
+      #   @return [String]
+      #
+      # @!attribute [rw] bucket
+      #   @return [String]
+      #
+      # @!attribute [rw] message
+      #   @return [String]
+      #
+      class PermanentRedirect < Struct.new(:endpoint, :bucket, :region, :message)
+        SENSITIVE = []
+        include Aws::Structure
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/customizations.rb

@@ -16,12 +16,19 @@ require 'aws-sdk-s3/object_multipart_copier'
 require 'aws-sdk-s3/presigned_post'
 require 'aws-sdk-s3/presigner'
 
+# s3 express session auth
+require 'aws-sdk-s3/express_credentials'
+require 'aws-sdk-s3/express_credentials_cache'
+require 'aws-sdk-s3/express_credentials_provider'
+
 # customizations to generated classes
 require 'aws-sdk-s3/customizations/bucket'
+require 'aws-sdk-s3/customizations/errors'
 require 'aws-sdk-s3/customizations/object'
 require 'aws-sdk-s3/customizations/object_summary'
 require 'aws-sdk-s3/customizations/multipart_upload'
 require 'aws-sdk-s3/customizations/types/list_object_versions_output'
+require 'aws-sdk-s3/customizations/types/permanent_redirect'
 
 [
   Aws::S3::Object::Collection,

data/lib/aws-sdk-s3/encryption/client.rb

@@ -120,7 +120,7 @@ module Aws
     #       attr_reader :encryption_materials
     #
     #       def key_for(matdesc)
-    #         key_name = JSON.load(matdesc)['key']
+    #         key_name = JSON.parse(matdesc)['key']
     #         if key = @keys[key_name]
     #           key
     #         else
@@ -270,7 +270,9 @@ module Aws
             envelope_location: @envelope_location,
             instruction_file_suffix: @instruction_file_suffix,
           }
-          req.send_request
+          Aws::Plugins::UserAgent.feature('S3CryptoV1n') do
+            req.send_request
+          end
         end
 
         # Gets an object from Amazon S3, decrypting  data locally.
@@ -298,7 +300,9 @@ module Aws
             envelope_location: envelope_location,
             instruction_file_suffix: instruction_file_suffix,
           }
-          req.send_request(target: block)
+          Aws::Plugins::UserAgent.feature('S3CryptoV1n') do
+            req.send_request(target: block)
+          end
         end
 
         private

data/lib/aws-sdk-s3/encryption/decrypt_handler.rb

@@ -165,10 +165,6 @@ module Aws
         # to initialize the cipher, and the decrypter truncates the
         # auth tag from the body when writing the final bytes.
         def authenticated_decrypter(context, cipher, envelope)
-          if RUBY_VERSION.match(/1.9/)
-            raise "authenticated decryption not supported by OpenSSL in Ruby version ~> 1.9"
-            raise Aws::Errors::NonSupportedRubyVersionError, msg
-          end
           http_resp = context.http_response
           content_length = http_resp.headers['content-length'].to_i
           auth_tag_length = auth_tag_length(envelope)

data/lib/aws-sdk-s3/encryption/kms_cipher_provider.rb

@@ -17,11 +17,13 @@ module Aws
         #   envelope and encryption cipher.
         def encryption_cipher
           encryption_context = { "kms_cmk_id" => @kms_key_id }
-          key_data = @kms_client.generate_data_key(
-            key_id: @kms_key_id,
-            encryption_context: encryption_context,
-            key_spec: 'AES_256',
-          )
+          key_data = Aws::Plugins::UserAgent.feature('S3CryptoV1n') do
+            @kms_client.generate_data_key(
+              key_id: @kms_key_id,
+              encryption_context: encryption_context,
+              key_spec: 'AES_256'
+            )
+          end
           cipher = Utils.aes_encryption_cipher(:CBC)
           cipher.key = key_data.plaintext
           envelope = {
@@ -58,10 +60,12 @@ module Aws
                 "#{envelope['x-amz-wrap-alg']}"
           end
 
-          key = @kms_client.decrypt(
-            ciphertext_blob: decode64(envelope['x-amz-key-v2']),
-            encryption_context: encryption_context
-          ).plaintext
+          key = Aws::Plugins::UserAgent.feature('S3CryptoV1n') do
+            @kms_client.decrypt(
+              ciphertext_blob: decode64(envelope['x-amz-key-v2']),
+              encryption_context: encryption_context
+            ).plaintext
+          end
 
           iv = decode64(envelope['x-amz-iv'])
           block_mode =