aws-sdk-s3 1.96.2 → 1.113.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 242ed586795b4719f27d124b42faaa419bf14d4c5dc3b612db75583df4563685
-  data.tar.gz: dadf398788037a0cd952f24aa0ff0e0f11de1a3af6223381c720effee0ca4bde
+  metadata.gz: cd3cdd3ce413a190558c3c4fb19b0c360e6fdc8429315addf9a99f8a4200e84f
+  data.tar.gz: 8ea6b6b1a93212b99871945b5deeaa90813f4aef35d55ae2c351194be17f2909
 SHA512:
-  metadata.gz: 1095e47c4edccb43eb079cfbc7dadb9b6fa077d7bf2344571041cede5e587ac70d76cecdef4f514890f5c576416ffd89d6ac07bd876559bb59a229a1bb0dc103
-  data.tar.gz: 7df71120e7b7da8eee77f7df0fbe64a86f4452b137909578aee664d80c7126591b728b4a8efbaa8c367a102e6ab912b8cae961955dfa8fc2124aed82e0f1660f
+  metadata.gz: 4c83d52e47d9990c34a6ffa1b0ab647e333353dc516a4105a01df1fa2d93fe5d8a7e45c48072e27d95cd4e7581adcc606fabe3afb5cfd9e41047da330910ad37
+  data.tar.gz: a399eff773756874118891127b2ac26592b1c780559b3900ef0f4982e6ef3286b759331507a79778725e5cb61f7f140d94d08e77bd4ba51b05eb3e23b1f7a621

data/CHANGELOG.md

@@ -1,6 +1,111 @@
 Unreleased Changes
 ------------------
 
+1.113.0 (2022-02-24)
+------------------
+
+* Feature - This release adds support for new integrity checking capabilities in Amazon S3. You can choose from four supported checksum algorithms for data integrity checking on your upload and download requests. In addition, AWS SDK can automatically calculate a checksum as it streams data into S3
+
+1.112.0 (2022-02-03)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.111.3 (2022-01-24)
+------------------
+
+* Issue - Fix starts_with fields on `PresignedPost` (#2636).
+
+1.111.2 (2022-01-20)
+------------------
+
+* Issue - Minor cleanups.
+
+1.111.1 (2022-01-06)
+------------------
+
+* Issue - Don't fail small files in `upload_file` when `:thread_count` is set. (#2628)
+
+1.111.0 (2022-01-04)
+------------------
+
+* Feature - Minor doc-based updates based on feedback bugs received.
+
+1.110.0 (2021-12-21)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.109.0 (2021-11-30)
+------------------
+
+* Feature - Introduce Amazon S3 Glacier Instant Retrieval storage class and a new setting in S3 Object Ownership to disable ACLs for bucket and the objects in it.
+
+1.108.0 (2021-11-29)
+------------------
+
+* Feature - Amazon S3 Event Notifications adds Amazon EventBridge as a destination and supports additional event types. The PutBucketNotificationConfiguration API can now skip validation of Amazon SQS, Amazon SNS and AWS Lambda destinations.
+
+1.107.0 (2021-11-23)
+------------------
+
+* Feature - Introduce two new Filters to S3 Lifecycle configurations - ObjectSizeGreaterThan and ObjectSizeLessThan. Introduce a new way to trigger actions on noncurrent versions by providing the number of newer noncurrent versions along with noncurrent days.
+
+1.106.0 (2021-11-17)
+------------------
+
+* Feature - Add `presigned_request` method to `Aws::S3::Object`.
+
+1.105.1 (2021-11-05)
+------------------
+
+* Issue - Raise error when `use_fips_endpoint` is used with `use_accelerate_endpoint`.
+
+1.105.0 (2021-11-04)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.104.0 (2021-10-18)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.103.0 (2021-09-16)
+------------------
+
+* Feature - Add support for access point arn filtering in S3 CW Request Metrics
+
+1.102.0 (2021-09-02)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.101.0 (2021-09-01)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.100.0 (2021-08-27)
+------------------
+
+* Feature - Documentation updates for Amazon S3.
+
+1.99.0 (2021-08-16)
+------------------
+
+* Feature - Documentation updates for Amazon S3
+
+1.98.0 (2021-07-30)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.97.0 (2021-07-28)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.96.2 (2021-07-20)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.96.2
+1.113.0

data/lib/aws-sdk-s3/arn/access_point_arn.rb

@@ -25,25 +25,25 @@ module Aws
         if @region.empty? || @account_id.empty?
           raise ArgumentError,
                 'S3 Access Point ARNs must contain both a region '\
-                'and an account id.'
+                'and an account ID.'
         end
 
         if @region.include?('-fips') || @region.include?('fips-')
           raise ArgumentError,
-                'S3 Access Point ARNs cannot contain a FIPS region'
+                'S3 Access Point ARNs cannot contain a FIPS region.'
         end
 
         if @type != 'accesspoint'
-          raise ArgumentError, 'Invalid ARN, resource format is not correct'
+          raise ArgumentError, 'Invalid ARN, resource format is not correct.'
         end
 
         if @access_point_name.nil? || @access_point_name.empty?
-          raise ArgumentError, 'Missing ARN accesspoint name.'
+          raise ArgumentError, 'Missing ARN Access Point name.'
         end
 
         if @extra
           raise ArgumentError,
-                'ARN accesspoint resource must be a single value.'
+                'ARN Access Point resource must be a single value.'
         end
 
         unless Seahorse::Util.host_label?(
@@ -60,7 +60,7 @@ module Aws
         if custom_endpoint
           "#{pfx}.#{custom_endpoint}"
         else
-          sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(region)
+          sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(region, 's3')
           "#{pfx}.s3-accesspoint#{'-fips' if fips}#{'.dualstack' if dualstack}.#{region}.#{sfx}"
         end
       end

data/lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+
+module Aws
+  module S3
+    # @api private
+    class MultiRegionAccessPointARN < Aws::ARN
+      def initialize(options)
+        super(options)
+        @type, @mrap_alias, @extra = @resource.split(/[:,\/]/)
+      end
+
+      attr_reader :mrap_alias
+
+      def support_dualstack?
+        false
+      end
+
+      def support_fips?
+        false
+      end
+
+      def validate_arn!
+        unless @service == 's3'
+          raise ArgumentError,
+                'Must provide a valid S3 multi-region access point ARN.'
+        end
+
+        if @account_id.empty?
+          raise ArgumentError,
+                'S3 multi-region access point ARNs must contain '\
+                'an account id.'
+        end
+
+        unless @region.empty?
+          raise ArgumentError,
+                'Multi-region access points must have an empty region.'
+        end
+
+        if @type != 'accesspoint'
+          raise ArgumentError, 'Invalid ARN, resource format is not correct'
+        end
+
+        if @mrap_alias.nil? || @mrap_alias.empty?
+          raise ArgumentError, 'Missing ARN multi-region access points alias.'
+        end
+
+        unless @mrap_alias.split('.').all? { |s| Seahorse::Util.host_label?(s) }
+          raise ArgumentError, "#{@mrap_alias} is not a valid "\
+                'multi region access point alias.'
+        end
+
+        if @extra
+          raise ArgumentError,
+                'ARN access point resource must be a single value.'
+        end
+      end
+
+      def host_url(_region, _fips = false, _dualstack = false, custom_endpoint = nil)
+        if custom_endpoint
+          "#{@mrap_alias}.#{custom_endpoint}"
+        else
+          sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(@partition, 's3')
+          "#{@mrap_alias}.accesspoint.s3-global.#{sfx}"
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/arn/object_lambda_arn.rb

@@ -19,18 +19,18 @@ module Aws
 
       def validate_arn!
         unless @service == 's3-object-lambda'
-          raise ArgumentError, 'Must provide a valid S3 Object Lambdas ARN.'
+          raise ArgumentError, 'Must provide a valid S3 Object Lambda ARN.'
         end
 
         if @region.empty? || @account_id.empty?
           raise ArgumentError,
                 'S3 Object Lambdas ARNs must contain both a region '\
-                'and an account id.'
+                'and an account ID.'
         end
 
         if @region.include?('-fips') || @region.include?('fips-')
           raise ArgumentError,
-                'S3 Access Point ARNs cannot contain a FIPS region'
+                'S3 Object Lambda ARNs cannot contain a FIPS region'
         end
 
         if @type != 'accesspoint'
@@ -38,12 +38,12 @@ module Aws
         end
 
         if @access_point_name.nil? || @access_point_name.empty?
-          raise ArgumentError, 'Missing ARN accesspoint name.'
+          raise ArgumentError, 'Missing ARN Access Point name.'
         end
 
         if @extra
           raise ArgumentError,
-                'ARN accesspoint resource must be a single value.'
+                'ARN Access Point resource must be a single value.'
         end
 
         unless Seahorse::Util.host_label?(
@@ -60,7 +60,7 @@ module Aws
         if custom_endpoint
           "#{pfx}.#{custom_endpoint}"
         else
-          sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(region)
+          sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(region, 's3')
           "#{pfx}.s3-object-lambda#{'-fips' if fips}.#{region}.#{sfx}"
         end
       end

data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb

@@ -20,13 +20,14 @@ module Aws
 
       def validate_arn!
         unless @service == 's3-outposts'
-          raise ArgumentError, 'Must provide a valid S3 Outposts ARN.'
+          raise ArgumentError, 'Must provide a valid S3 Outpost Access '\
+                               'Point ARN.'
         end
 
         if @region.empty? || @account_id.empty?
           raise ArgumentError,
-                'S3 Outpost ARNs must contain both a region '\
-                'and an account id.'
+                'S3 Outpost Access Point ARNs must contain both a region '\
+                'and an account ID.'
         end
 
         if @type != 'outpost' && @subtype != 'accesspoint'
@@ -34,16 +35,16 @@ module Aws
         end
 
         if @outpost_id.nil? || @outpost_id.empty?
-          raise ArgumentError, 'Missing ARN outpost id.'
+          raise ArgumentError, 'Missing ARN Outpost ID.'
         end
 
         if @access_point_name.nil? || @access_point_name.empty?
-          raise ArgumentError, 'Missing ARN accesspoint name.'
+          raise ArgumentError, 'Missing ARN Access Point name.'
         end
 
         if @extra
           raise ArgumentError,
-                'ARN accesspoint resource must be a single value.'
+                'ARN Access Point resource must be a single value.'
         end
 
         unless Seahorse::Util.host_label?(

data/lib/aws-sdk-s3/bucket.rb

@@ -231,6 +231,7 @@ module Aws::S3
     #     grant_write: "GrantWrite",
     #     grant_write_acp: "GrantWriteACP",
     #     object_lock_enabled_for_bucket: false,
+    #     object_ownership: "BucketOwnerPreferred", # accepts BucketOwnerPreferred, ObjectWriter, BucketOwnerEnforced
     #   })
     # @param [Hash] options ({})
     # @option options [String] :acl
@@ -254,6 +255,23 @@ module Aws::S3
     # @option options [Boolean] :object_lock_enabled_for_bucket
     #   Specifies whether you want S3 Object Lock to be enabled for the new
     #   bucket.
+    # @option options [String] :object_ownership
+    #   The container element for object ownership for a bucket's ownership
+    #   controls.
+    #
+    #   BucketOwnerPreferred - Objects uploaded to the bucket change ownership
+    #   to the bucket owner if the objects are uploaded with the
+    #   `bucket-owner-full-control` canned ACL.
+    #
+    #   ObjectWriter - The uploading account will own the object if the object
+    #   is uploaded with the `bucket-owner-full-control` canned ACL.
+    #
+    #   BucketOwnerEnforced - Access control lists (ACLs) are disabled and no
+    #   longer affect permissions. The bucket owner automatically owns and has
+    #   full control over every object in the bucket. The bucket only accepts
+    #   PUT requests that don't specify an ACL or bucket owner full control
+    #   ACLs, such as the `bucket-owner-full-control` canned ACL or an
+    #   equivalent form of this ACL expressed in the XML format.
     # @return [Types::CreateBucketOutput]
     def create(options = {})
       options = options.merge(bucket: @name)
@@ -269,8 +287,8 @@ module Aws::S3
     # @param [Hash] options ({})
     # @option options [String] :expected_bucket_owner
     #   The account ID of the expected bucket owner. If the bucket is owned by
-    #   a different account, the request will fail with an HTTP `403 (Access
-    #   Denied)` error.
+    #   a different account, the request fails with the HTTP status code `403
+    #   Forbidden` (access denied).
     # @return [EmptyStructure]
     def delete(options = {})
       options = options.merge(bucket: @name)
@@ -294,6 +312,7 @@ module Aws::S3
     #     request_payer: "requester", # accepts requester
     #     bypass_governance_retention: false,
     #     expected_bucket_owner: "AccountId",
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
     #   })
     # @param [Hash] options ({})
     # @option options [required, Types::Delete] :delete
@@ -306,8 +325,8 @@ module Aws::S3
     # @option options [String] :request_payer
     #   Confirms that the requester knows that they will be charged for the
     #   request. Bucket owners need not specify this parameter in their
-    #   requests. For information about downloading objects from requester
-    #   pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
+    #   requests. For information about downloading objects from Requester
+    #   Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
     #   in the *Amazon S3 User Guide*.
     #
     #
@@ -315,12 +334,30 @@ module Aws::S3
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
     # @option options [Boolean] :bypass_governance_retention
     #   Specifies whether you want to delete this object even if it has a
-    #   Governance-type Object Lock in place. You must have sufficient
-    #   permissions to perform this operation.
+    #   Governance-type Object Lock in place. To use this header, you must
+    #   have the `s3:BypassGovernanceRetention` permission.
     # @option options [String] :expected_bucket_owner
     #   The account ID of the expected bucket owner. If the bucket is owned by
-    #   a different account, the request will fail with an HTTP `403 (Access
-    #   Denied)` error.
+    #   a different account, the request fails with the HTTP status code `403
+    #   Forbidden` (access denied).
+    # @option options [String] :checksum_algorithm
+    #   Indicates the algorithm used to create the checksum for the object
+    #   when using the SDK. This header will not provide any additional
+    #   functionality if not using the SDK. When sending this header, there
+    #   must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
+    #   sent. Otherwise, Amazon S3 fails the request with the HTTP status code
+    #   `400 Bad Request`. For more information, see [Checking object
+    #   integrity][1] in the *Amazon S3 User Guide*.
+    #
+    #   If you provide an individual checksum, Amazon S3 ignores any provided
+    #   `ChecksumAlgorithm` parameter.
+    #
+    #   This checksum algorithm must be the same for all parts and it match
+    #   the checksum value supplied in the `CreateMultipartUpload` request.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
     # @return [Types::DeleteObjectsOutput]
     def delete_objects(options = {})
       options = options.merge(bucket: @name)
@@ -340,6 +377,11 @@ module Aws::S3
     #     content_length: 1,
     #     content_md5: "ContentMD5",
     #     content_type: "ContentType",
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
+    #     checksum_crc32: "ChecksumCRC32",
+    #     checksum_crc32c: "ChecksumCRC32C",
+    #     checksum_sha1: "ChecksumSHA1",
+    #     checksum_sha256: "ChecksumSHA256",
     #     expires: Time.now,
     #     grant_full_control: "GrantFullControl",
     #     grant_read: "GrantRead",
@@ -350,7 +392,7 @@ module Aws::S3
     #       "MetadataKey" => "MetadataValue",
     #     },
     #     server_side_encryption: "AES256", # accepts AES256, aws:kms
-    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS
+    #     storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR
     #     website_redirect_location: "WebsiteRedirectLocation",
     #     sse_customer_algorithm: "SSECustomerAlgorithm",
     #     sse_customer_key: "SSECustomerKey",
@@ -432,6 +474,61 @@ module Aws::S3
     #
     #
     #   [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17
+    # @option options [String] :checksum_algorithm
+    #   Indicates the algorithm used to create the checksum for the object
+    #   when using the SDK. This header will not provide any additional
+    #   functionality if not using the SDK. When sending this header, there
+    #   must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
+    #   sent. Otherwise, Amazon S3 fails the request with the HTTP status code
+    #   `400 Bad Request`. For more information, see [Checking object
+    #   integrity][1] in the *Amazon S3 User Guide*.
+    #
+    #   If you provide an individual checksum, Amazon S3 ignores any provided
+    #   `ChecksumAlgorithm` parameter.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
+    # @option options [String] :checksum_crc32
+    #   This header can be used as a data integrity check to verify that the
+    #   data received is the same data that was originally sent. This header
+    #   specifies the base64-encoded, 32-bit CRC32 checksum of the object. For
+    #   more information, see [Checking object integrity][1] in the *Amazon S3
+    #   User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
+    # @option options [String] :checksum_crc32c
+    #   This header can be used as a data integrity check to verify that the
+    #   data received is the same data that was originally sent. This header
+    #   specifies the base64-encoded, 32-bit CRC32C checksum of the object.
+    #   For more information, see [Checking object integrity][1] in the
+    #   *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
+    # @option options [String] :checksum_sha1
+    #   This header can be used as a data integrity check to verify that the
+    #   data received is the same data that was originally sent. This header
+    #   specifies the base64-encoded, 160-bit SHA-1 digest of the object. For
+    #   more information, see [Checking object integrity][1] in the *Amazon S3
+    #   User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
+    # @option options [String] :checksum_sha256
+    #   This header can be used as a data integrity check to verify that the
+    #   data received is the same data that was originally sent. This header
+    #   specifies the base64-encoded, 256-bit SHA-256 digest of the object.
+    #   For more information, see [Checking object integrity][1] in the
+    #   *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
     # @option options [Time,DateTime,Date,Integer,String] :expires
     #   The date and time at which the object is no longer cacheable. For more
     #   information, see
@@ -515,18 +612,18 @@ module Aws::S3
     #   ensure that the encryption key was transmitted without error.
     # @option options [String] :ssekms_key_id
     #   If `x-amz-server-side-encryption` is present and has the value of
-    #   `aws:kms`, this header specifies the ID of the AWS Key Management
-    #   Service (AWS KMS) symmetrical customer managed customer master key
-    #   (CMK) that was used for the object. If you specify
+    #   `aws:kms`, this header specifies the ID of the Amazon Web Services Key
+    #   Management Service (Amazon Web Services KMS) symmetrical customer
+    #   managed key that was used for the object. If you specify
     #   `x-amz-server-side-encryption:aws:kms`, but do not provide`
-    #   x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the AWS
-    #   managed CMK in AWS to protect the data. If the KMS key does not exist
-    #   in the same account issuing the command, you must use the full ARN and
-    #   not just the ID.
+    #   x-amz-server-side-encryption-aws-kms-key-id`, Amazon S3 uses the
+    #   Amazon Web Services managed key to protect the data. If the KMS key
+    #   does not exist in the same account issuing the command, you must use
+    #   the full ARN and not just the ID.
     # @option options [String] :ssekms_encryption_context
-    #   Specifies the AWS KMS Encryption Context to use for object encryption.
-    #   The value of this header is a base64-encoded UTF-8 string holding JSON
-    #   with the encryption context key-value pairs.
+    #   Specifies the Amazon Web Services KMS Encryption Context to use for
+    #   object encryption. The value of this header is a base64-encoded UTF-8
+    #   string holding JSON with the encryption context key-value pairs.
     # @option options [Boolean] :bucket_key_enabled
     #   Specifies whether Amazon S3 should use an S3 Bucket Key for object
     #   encryption with server-side encryption using AWS KMS (SSE-KMS).
@@ -538,8 +635,8 @@ module Aws::S3
     # @option options [String] :request_payer
     #   Confirms that the requester knows that they will be charged for the
     #   request. Bucket owners need not specify this parameter in their
-    #   requests. For information about downloading objects from requester
-    #   pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
+    #   requests. For information about downloading objects from Requester
+    #   Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
     #   in the *Amazon S3 User Guide*.
     #
     #
@@ -562,8 +659,8 @@ module Aws::S3
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
     # @option options [String] :expected_bucket_owner
     #   The account ID of the expected bucket owner. If the bucket is owned by
-    #   a different account, the request will fail with an HTTP `403 (Access
-    #   Denied)` error.
+    #   a different account, the request fails with the HTTP status code `403
+    #   Forbidden` (access denied).
     # @return [Object]
     def put_object(options = {})
       options = options.merge(bucket: @name)
@@ -670,8 +767,8 @@ module Aws::S3
     #   specified `upload-id-marker`.
     # @option options [String] :expected_bucket_owner
     #   The account ID of the expected bucket owner. If the bucket is owned by
-    #   a different account, the request will fail with an HTTP `403 (Access
-    #   Denied)` error.
+    #   a different account, the request fails with the HTTP status code `403
+    #   Forbidden` (access denied).
     # @return [MultipartUpload::Collection]
     def multipart_uploads(options = {})
       batches = Enumerator.new do |y|
@@ -750,8 +847,8 @@ module Aws::S3
     #   Specifies the object version you want to start listing from.
     # @option options [String] :expected_bucket_owner
     #   The account ID of the expected bucket owner. If the bucket is owned by
-    #   a different account, the request will fail with an HTTP `403 (Access
-    #   Denied)` error.
+    #   a different account, the request fails with the HTTP status code `403
+    #   Forbidden` (access denied).
     # @return [ObjectVersion::Collection]
     def object_versions(options = {})
       batches = Enumerator.new do |y|
@@ -806,8 +903,8 @@ module Aws::S3
     #   this parameter in their requests.
     # @option options [String] :expected_bucket_owner
     #   The account ID of the expected bucket owner. If the bucket is owned by
-    #   a different account, the request will fail with an HTTP `403 (Access
-    #   Denied)` error.
+    #   a different account, the request fails with the HTTP status code `403
+    #   Forbidden` (access denied).
     # @return [ObjectSummary::Collection]
     def objects(options = {})
       batches = Enumerator.new do |y|

data/lib/aws-sdk-s3/bucket_acl.rb

@@ -203,6 +203,7 @@ module Aws::S3
     #       },
     #     },
     #     content_md5: "ContentMD5",
+    #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
     #     grant_full_control: "GrantFullControl",
     #     grant_read: "GrantRead",
     #     grant_read_acp: "GrantReadACP",
@@ -221,12 +222,28 @@ module Aws::S3
     #   used as a message integrity check to verify that the request body was
     #   not corrupted in transit. For more information, go to [RFC 1864.][1]
     #
-    #   For requests made using the AWS Command Line Interface (CLI) or AWS
-    #   SDKs, this field is calculated automatically.
+    #   For requests made using the Amazon Web Services Command Line Interface
+    #   (CLI) or Amazon Web Services SDKs, this field is calculated
+    #   automatically.
     #
     #
     #
     #   [1]: http://www.ietf.org/rfc/rfc1864.txt
+    # @option options [String] :checksum_algorithm
+    #   Indicates the algorithm used to create the checksum for the object
+    #   when using the SDK. This header will not provide any additional
+    #   functionality if not using the SDK. When sending this header, there
+    #   must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
+    #   sent. Otherwise, Amazon S3 fails the request with the HTTP status code
+    #   `400 Bad Request`. For more information, see [Checking object
+    #   integrity][1] in the *Amazon S3 User Guide*.
+    #
+    #   If you provide an individual checksum, Amazon S3 ignores any provided
+    #   `ChecksumAlgorithm` parameter.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
     # @option options [String] :grant_full_control
     #   Allows grantee the read, write, read ACP, and write ACP permissions on
     #   the bucket.
@@ -243,8 +260,8 @@ module Aws::S3
     #   Allows grantee to write the ACL for the applicable bucket.
     # @option options [String] :expected_bucket_owner
     #   The account ID of the expected bucket owner. If the bucket is owned by
-    #   a different account, the request will fail with an HTTP `403 (Access
-    #   Denied)` error.
+    #   a different account, the request fails with the HTTP status code `403
+    #   Forbidden` (access denied).
     # @return [EmptyStructure]
     def put(options = {})
       options = options.merge(bucket: @bucket_name)