aws-sdk-s3 1.96.2 → 1.132.0

data/lib/aws-sdk-s3/object_version.rb

@@ -56,6 +56,12 @@ module Aws::S3
       data[:etag]
     end
 
+    # The algorithm that was used to create a checksum of the object.
+    # @return [Array<String>]
+    def checksum_algorithm
+      data[:checksum_algorithm]
+    end
+
     # Size in bytes of the object.
     # @return [Integer]
     def size
@@ -99,6 +105,20 @@ module Aws::S3
       data[:owner]
     end
 
+    # Specifies the restoration status of an object. Objects in certain
+    # storage classes must be restored before they can be retrieved. For
+    # more information about these storage classes and how to work with
+    # archived objects, see [ Working with archived objects][1] in the
+    # *Amazon S3 User Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html
+    # @return [Types::RestoreStatus]
+    def restore_status
+      data[:restore_status]
+    end
+
     # @!endgroup
 
     # @return [Client]
@@ -223,7 +243,9 @@ module Aws::S3
           :retry
         end
       end
-      Aws::Waiters::Waiter.new(options).wait({})
+      Aws::Plugins::UserAgent.feature('resource') do
+        Aws::Waiters::Waiter.new(options).wait({})
+      end
     end
 
     # @!group Actions
@@ -245,8 +267,8 @@ module Aws::S3
     # @option options [String] :request_payer
     #   Confirms that the requester knows that they will be charged for the
     #   request. Bucket owners need not specify this parameter in their
-    #   requests. For information about downloading objects from requester
-    #   pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
+    #   requests. For information about downloading objects from Requester
+    #   Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
     #   in the *Amazon S3 User Guide*.
     #
     #
@@ -254,11 +276,12 @@ module Aws::S3
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
     # @option options [Boolean] :bypass_governance_retention
     #   Indicates whether S3 Object Lock should bypass Governance-mode
-    #   restrictions to process this operation.
+    #   restrictions to process this operation. To use this header, you must
+    #   have the `s3:BypassGovernanceRetention` permission.
     # @option options [String] :expected_bucket_owner
     #   The account ID of the expected bucket owner. If the bucket is owned by
-    #   a different account, the request will fail with an HTTP `403 (Access
-    #   Denied)` error.
+    #   a different account, the request fails with the HTTP status code `403
+    #   Forbidden` (access denied).
     # @return [Types::DeleteObjectOutput]
     def delete(options = {})
       options = options.merge(
@@ -266,7 +289,9 @@ module Aws::S3
         key: @object_key,
         version_id: @id
       )
-      resp = @client.delete_object(options)
+      resp = Aws::Plugins::UserAgent.feature('resource') do
+        @client.delete_object(options)
+      end
       resp.data
     end
 
@@ -290,24 +315,25 @@ module Aws::S3
     #     request_payer: "requester", # accepts requester
     #     part_number: 1,
     #     expected_bucket_owner: "AccountId",
+    #     checksum_mode: "ENABLED", # accepts ENABLED
     #   })
     # @param [Hash] options ({})
     # @option options [String] :if_match
     #   Return the object only if its entity tag (ETag) is the same as the one
-    #   specified, otherwise return a 412 (precondition failed).
+    #   specified; otherwise, return a 412 (precondition failed) error.
     # @option options [Time,DateTime,Date,Integer,String] :if_modified_since
     #   Return the object only if it has been modified since the specified
-    #   time, otherwise return a 304 (not modified).
+    #   time; otherwise, return a 304 (not modified) error.
     # @option options [String] :if_none_match
     #   Return the object only if its entity tag (ETag) is different from the
-    #   one specified, otherwise return a 304 (not modified).
+    #   one specified; otherwise, return a 304 (not modified) error.
     # @option options [Time,DateTime,Date,Integer,String] :if_unmodified_since
     #   Return the object only if it has not been modified since the specified
-    #   time, otherwise return a 412 (precondition failed).
+    #   time; otherwise, return a 412 (precondition failed) error.
     # @option options [String] :range
     #   Downloads the specified range bytes of an object. For more information
     #   about the HTTP Range header, see
-    #   [https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35][1].
+    #   [https://www.rfc-editor.org/rfc/rfc9110.html#name-range][1].
     #
     #   <note markdown="1"> Amazon S3 doesn't support retrieving multiple ranges of data per
     #   `GET` request.
@@ -316,7 +342,7 @@ module Aws::S3
     #
     #
     #
-    #   [1]: https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
+    #   [1]: https://www.rfc-editor.org/rfc/rfc9110.html#name-range
     # @option options [String] :response_cache_control
     #   Sets the `Cache-Control` header of the response.
     # @option options [String] :response_content_disposition
@@ -345,8 +371,8 @@ module Aws::S3
     # @option options [String] :request_payer
     #   Confirms that the requester knows that they will be charged for the
     #   request. Bucket owners need not specify this parameter in their
-    #   requests. For information about downloading objects from requester
-    #   pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
+    #   requests. For information about downloading objects from Requester
+    #   Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
     #   in the *Amazon S3 User Guide*.
     #
     #
@@ -359,8 +385,10 @@ module Aws::S3
     #   object.
     # @option options [String] :expected_bucket_owner
     #   The account ID of the expected bucket owner. If the bucket is owned by
-    #   a different account, the request will fail with an HTTP `403 (Access
-    #   Denied)` error.
+    #   a different account, the request fails with the HTTP status code `403
+    #   Forbidden` (access denied).
+    # @option options [String] :checksum_mode
+    #   To retrieve the checksum, this mode must be enabled.
     # @return [Types::GetObjectOutput]
     def get(options = {}, &block)
       options = options.merge(
@@ -368,7 +396,9 @@ module Aws::S3
         key: @object_key,
         version_id: @id
       )
-      resp = @client.get_object(options, &block)
+      resp = Aws::Plugins::UserAgent.feature('resource') do
+        @client.get_object(options, &block)
+      end
       resp.data
     end
 
@@ -386,33 +416,26 @@ module Aws::S3
     #     request_payer: "requester", # accepts requester
     #     part_number: 1,
     #     expected_bucket_owner: "AccountId",
+    #     checksum_mode: "ENABLED", # accepts ENABLED
     #   })
     # @param [Hash] options ({})
     # @option options [String] :if_match
     #   Return the object only if its entity tag (ETag) is the same as the one
-    #   specified, otherwise return a 412 (precondition failed).
+    #   specified; otherwise, return a 412 (precondition failed) error.
     # @option options [Time,DateTime,Date,Integer,String] :if_modified_since
     #   Return the object only if it has been modified since the specified
-    #   time, otherwise return a 304 (not modified).
+    #   time; otherwise, return a 304 (not modified) error.
     # @option options [String] :if_none_match
     #   Return the object only if its entity tag (ETag) is different from the
-    #   one specified, otherwise return a 304 (not modified).
+    #   one specified; otherwise, return a 304 (not modified) error.
     # @option options [Time,DateTime,Date,Integer,String] :if_unmodified_since
     #   Return the object only if it has not been modified since the specified
-    #   time, otherwise return a 412 (precondition failed).
+    #   time; otherwise, return a 412 (precondition failed) error.
     # @option options [String] :range
-    #   Downloads the specified range bytes of an object. For more information
-    #   about the HTTP Range header, see
-    #   [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35][1].
-    #
-    #   <note markdown="1"> Amazon S3 doesn't support retrieving multiple ranges of data per
-    #   `GET` request.
-    #
-    #    </note>
-    #
-    #
-    #
-    #   [1]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
+    #   HeadObject returns only the metadata for an object. If the Range is
+    #   satisfiable, only the `ContentLength` is affected in the response. If
+    #   the Range is not satisfiable, S3 returns a `416 - Requested Range Not
+    #   Satisfiable` error.
     # @option options [String] :sse_customer_algorithm
     #   Specifies the algorithm to use to when encrypting the object (for
     #   example, AES256).
@@ -429,8 +452,8 @@ module Aws::S3
     # @option options [String] :request_payer
     #   Confirms that the requester knows that they will be charged for the
     #   request. Bucket owners need not specify this parameter in their
-    #   requests. For information about downloading objects from requester
-    #   pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
+    #   requests. For information about downloading objects from Requester
+    #   Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
     #   in the *Amazon S3 User Guide*.
     #
     #
@@ -443,8 +466,15 @@ module Aws::S3
     #   the number of parts in this object.
     # @option options [String] :expected_bucket_owner
     #   The account ID of the expected bucket owner. If the bucket is owned by
-    #   a different account, the request will fail with an HTTP `403 (Access
-    #   Denied)` error.
+    #   a different account, the request fails with the HTTP status code `403
+    #   Forbidden` (access denied).
+    # @option options [String] :checksum_mode
+    #   To retrieve the checksum, this parameter must be enabled.
+    #
+    #   In addition, if you enable `ChecksumMode` and the object is encrypted
+    #   with Amazon Web Services Key Management Service (Amazon Web Services
+    #   KMS), you must have permission to use the `kms:Decrypt` action for the
+    #   request to succeed.
     # @return [Types::HeadObjectOutput]
     def head(options = {})
       options = options.merge(
@@ -452,7 +482,9 @@ module Aws::S3
         key: @object_key,
         version_id: @id
       )
-      resp = @client.head_object(options)
+      resp = Aws::Plugins::UserAgent.feature('resource') do
+        @client.head_object(options)
+      end
       resp.data
     end
 
@@ -524,6 +556,7 @@ module Aws::S3
       #     request_payer: "requester", # accepts requester
       #     bypass_governance_retention: false,
       #     expected_bucket_owner: "AccountId",
+      #     checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256
       #   })
       # @param options ({})
       # @option options [String] :mfa
@@ -534,8 +567,8 @@ module Aws::S3
       # @option options [String] :request_payer
       #   Confirms that the requester knows that they will be charged for the
       #   request. Bucket owners need not specify this parameter in their
-      #   requests. For information about downloading objects from requester
-      #   pays buckets, see [Downloading Objects in Requestor Pays Buckets][1]
+      #   requests. For information about downloading objects from Requester
+      #   Pays buckets, see [Downloading Objects in Requester Pays Buckets][1]
       #   in the *Amazon S3 User Guide*.
       #
       #
@@ -543,12 +576,30 @@ module Aws::S3
       #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html
       # @option options [Boolean] :bypass_governance_retention
       #   Specifies whether you want to delete this object even if it has a
-      #   Governance-type Object Lock in place. You must have sufficient
-      #   permissions to perform this operation.
+      #   Governance-type Object Lock in place. To use this header, you must
+      #   have the `s3:BypassGovernanceRetention` permission.
       # @option options [String] :expected_bucket_owner
       #   The account ID of the expected bucket owner. If the bucket is owned by
-      #   a different account, the request will fail with an HTTP `403 (Access
-      #   Denied)` error.
+      #   a different account, the request fails with the HTTP status code `403
+      #   Forbidden` (access denied).
+      # @option options [String] :checksum_algorithm
+      #   Indicates the algorithm used to create the checksum for the object
+      #   when using the SDK. This header will not provide any additional
+      #   functionality if not using the SDK. When sending this header, there
+      #   must be a corresponding `x-amz-checksum` or `x-amz-trailer` header
+      #   sent. Otherwise, Amazon S3 fails the request with the HTTP status code
+      #   `400 Bad Request`. For more information, see [Checking object
+      #   integrity][1] in the *Amazon S3 User Guide*.
+      #
+      #   If you provide an individual checksum, Amazon S3 ignores any provided
+      #   `ChecksumAlgorithm` parameter.
+      #
+      #   This checksum algorithm must be the same for all parts and it match
+      #   the checksum value supplied in the `CreateMultipartUpload` request.
+      #
+      #
+      #
+      #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html
       # @return [void]
       def batch_delete!(options = {})
         batch_enum.each do |batch|
@@ -562,7 +613,9 @@ module Aws::S3
               version_id: item.id
             }
           end
-          batch[0].client.delete_objects(params)
+          Aws::Plugins::UserAgent.feature('resource') do
+            batch[0].client.delete_objects(params)
+          end
         end
         nil
       end

data/lib/aws-sdk-s3/plugins/accelerate.rb

@@ -23,67 +23,26 @@ each bucket. [Go here for more information](http://docs.aws.amazon.com/AmazonS3/
           operations = config.api.operation_names - [
             :create_bucket, :list_buckets, :delete_bucket
           ]
-          # Need 2 handlers so that the context can be set for other plugins
-          # and to remove :use_accelerate_endpoint from the params.
           handlers.add(
             OptionHandler, step: :initialize, operations: operations
           )
-          handlers.add(
-            AccelerateHandler, step: :build, priority: 11, operations: operations
-          )
         end
 
         # @api private
         class OptionHandler < Seahorse::Client::Handler
           def call(context)
             # Support client configuration and per-operation configuration
+            # TODO: move this to an options hash and warn here.
             if context.params.is_a?(Hash)
               accelerate = context.params.delete(:use_accelerate_endpoint)
             end
-            accelerate = context.config.use_accelerate_endpoint if accelerate.nil?
-            # Raise if :endpoint and dualstack are both provided
-            if accelerate && !context.config.regional_endpoint
-              raise ArgumentError,
-                    'Cannot use both :use_accelerate_endpoint and :endpoint'
+            if accelerate.nil?
+              accelerate = context.config.use_accelerate_endpoint
             end
             context[:use_accelerate_endpoint] = accelerate
             @handler.call(context)
           end
         end
-
-        # @api private
-        class AccelerateHandler < Seahorse::Client::Handler
-          def call(context)
-            if context.config.regional_endpoint && context[:use_accelerate_endpoint]
-              dualstack = !!context[:use_dualstack_endpoint]
-              use_accelerate_endpoint(context, dualstack)
-            end
-            @handler.call(context)
-          end
-
-          private
-
-          def use_accelerate_endpoint(context, dualstack)
-            bucket_name = context.params[:bucket]
-            validate_bucket_name!(bucket_name)
-            endpoint = URI.parse(context.http_request.endpoint.to_s)
-            endpoint.scheme = 'https'
-            endpoint.port = 443
-            endpoint.host = "#{bucket_name}.s3-accelerate"\
-                            "#{'.dualstack' if dualstack}.amazonaws.com"
-            context.http_request.endpoint = endpoint.to_s
-            # s3 accelerate endpoint doesn't work with 'expect' header
-            context.http_request.headers.delete('expect')
-          end
-
-          def validate_bucket_name!(bucket_name)
-            unless BucketDns.dns_compatible?(bucket_name, _ssl = true)
-              raise ArgumentError,
-                    'Unable to use `use_accelerate_endpoint: true` on buckets '\
-                    'with non-DNS compatible names.'
-            end
-          end
-        end
       end
     end
   end

data/lib/aws-sdk-s3/plugins/arn.rb

@@ -1,9 +1,5 @@
 # frozen_string_literal: true
 
-require_relative '../arn/access_point_arn'
-require_relative '../arn/object_lambda_arn'
-require_relative '../arn/outpost_access_point_arn'
-
 module Aws
   module S3
     module Plugins
@@ -23,142 +19,21 @@ be made. Set to `false` to use the client's region instead.
           resolve_s3_use_arn_region(cfg)
         end
 
-        # param validator is validate:50
-        # endpoint is build:90 (populates the URI for the first time)
-        # endpoint pattern is build:10
-        def add_handlers(handlers, _config)
-          handlers.add(ARNHandler, step: :validate, priority: 75)
-          handlers.add(UrlHandler)
-        end
-
-        # After extracting out any ARN input, resolve a new URL with it.
-        class UrlHandler < Seahorse::Client::Handler
-          def call(context)
-            if context.metadata[:s3_arn]
-              ARN.resolve_url!(
-                context.http_request.endpoint,
-                context.metadata[:s3_arn][:arn],
-                context.metadata[:s3_arn][:resolved_region],
-                context.metadata[:s3_arn][:fips],
-                context.metadata[:s3_arn][:dualstack],
-                # if regional_endpoint is false, a custom endpoint was provided
-                # in this case, we want to prefix the endpoint using the ARN
-                !context.config.regional_endpoint
-              )
-            end
-            @handler.call(context)
-          end
-        end
-
-        # This plugin will extract out any ARN input and set context for other
-        # plugins to use without having to translate the ARN again.
-        class ARNHandler < Seahorse::Client::Handler
-          def call(context)
-            bucket_member = _bucket_member(context.operation.input.shape)
-            if bucket_member && (bucket = context.params[bucket_member])
-              resolved_region, arn = ARN.resolve_arn!(
-                bucket,
-                context.config.region,
-                context.config.s3_use_arn_region
-              )
-              if arn
-                validate_config!(context, arn)
-
-                fips = false
-                if resolved_region.include?('fips')
-                  fips = true
-                  resolved_region = resolved_region.gsub('fips-', '')
-                                                   .gsub('-fips', '')
-                end
-
-                context.metadata[:s3_arn] = {
-                  arn: arn,
-                  resolved_region: resolved_region,
-                  fips: fips,
-                  dualstack: extract_dualstack_config!(context)
-                }
-              end
-            end
-            @handler.call(context)
-          end
-
-          private
-
-          def _bucket_member(input)
-            input.members.each do |member, ref|
-              return member if ref.shape.name == 'BucketName'
-            end
-            nil
-          end
-
-          # other plugins use dualstack so disable it when we're done
-          def extract_dualstack_config!(context)
-            dualstack = context[:use_dualstack_endpoint]
-            context[:use_dualstack_endpoint] = false if dualstack
-            dualstack
-          end
-
-          def validate_config!(context, arn)
-            if context.config.force_path_style
-              raise ArgumentError,
-                    'Cannot provide an Access Point ARN when '\
-                    '`:force_path_style` is set to true.'
-            end
-
-            if context.config.use_accelerate_endpoint
-              raise ArgumentError,
-                    'Cannot provide an Access Point ARN when '\
-                    '`:use_accelerate_endpoint` is set to true.'
-            end
-
-            if !arn.support_dualstack? && context[:use_dualstack_endpoint]
-              raise ArgumentError,
-                    'Cannot provide an Outpost Access Point ARN when '\
-                    '`:use_dualstack_endpoint` is set to true.'
-            end
-          end
+        option(
+          :s3_disable_multiregion_access_points,
+          default: false,
+          doc_type: 'Boolean',
+          docstring: <<-DOCS) do |cfg|
+When set to `false` this will option will raise errors when multi-region
+access point ARNs are used.  Multi-region access points can potentially
+result in cross region requests.
+        DOCS
+          resolve_s3_disable_multiregion_access_points(cfg)
         end
 
         class << self
-          # @api private
-          def resolve_arn!(member_value, region, use_arn_region)
-            if Aws::ARNParser.arn?(member_value)
-              arn = Aws::ARNParser.parse(member_value)
-              s3_arn = resolve_arn_type!(arn)
-              s3_arn.validate_arn!
-              validate_region_config!(s3_arn, region, use_arn_region)
-              region = s3_arn.region if use_arn_region && !region.include?('fips')
-              [region, s3_arn]
-            else
-              [region]
-            end
-          end
-
-          # @api private
-          def resolve_url!(url, arn, region, fips = false, dualstack = false, has_custom_endpoint = false)
-            custom_endpoint = url.host if has_custom_endpoint
-            url.host = arn.host_url(region, fips, dualstack, custom_endpoint)
-            url.path = url_path(url.path, arn)
-            url
-          end
-
           private
 
-          def resolve_arn_type!(arn)
-            case arn.service
-            when 's3'
-              Aws::S3::AccessPointARN.new(arn.to_h)
-            when 's3-outposts'
-              Aws::S3::OutpostAccessPointARN.new(arn.to_h)
-            when 's3-object-lambda'
-              Aws::S3::ObjectLambdaARN.new(arn.to_h)
-            else
-              raise ArgumentError,
-                    'Only Access Point, Outposts, and Object Lambdas ARNs '\
-                    'are currently supported.'
-            end
-          end
-
           def resolve_s3_use_arn_region(cfg)
             value = ENV['AWS_S3_USE_ARN_REGION'] ||
                     Aws.shared_config.s3_use_arn_region(profile: cfg.profile) ||
@@ -174,52 +49,19 @@ be made. Set to `false` to use the client's region instead.
             value
           end
 
-          # Remove ARN from the path because we've already set the new host
-          def url_path(path, arn)
-            path = path.sub("/#{Seahorse::Util.uri_escape(arn.to_s)}", '')
-                       .sub("/#{arn}", '')
-            "/#{path}" unless path =~ /^\//
-            path
-          end
-
-          def validate_region_config!(arn, region, use_arn_region)
-            if ['s3-external-1', 'aws-global'].include?(region)
-              # These "regions" are not regional endpoints
-              unless use_arn_region
-                raise Aws::Errors::InvalidARNRegionError,
-                      'Configured client region is not a regional endpoint.'
-              end
-              # These "regions" are in the AWS partition
-              # Cannot use ARN region unless it's the same partition
-              unless arn.partition == 'aws'
-                raise Aws::Errors::InvalidARNPartitionError
-              end
-            else
-              if region.include?('fips')
-                # If ARN type doesn't support FIPS but the client region is FIPS
-                unless arn.support_fips?
-                  raise ArgumentError,
-                        'FIPS client regions are not supported for this type '\
-                        'of ARN.'
-                end
-
-                fips = true
-                # Normalize the region so we can compare partition and regions
-                region = region.gsub('fips-', '').gsub('-fips', '')
-              end
-
-              # Raise if the ARN and client regions are in different partitions
-              if use_arn_region &&
-                 !Aws::Partitions.partition(arn.partition).region?(region)
-                raise Aws::Errors::InvalidARNPartitionError
-              end
-
-              # Raise if regions mismatch
-              # Either when it's a fips client or not using the ARN region
-              if (!use_arn_region || fips) && region != arn.region
-                raise Aws::Errors::InvalidARNRegionError
-              end
+          def resolve_s3_disable_multiregion_access_points(cfg)
+            value = ENV['AWS_S3_DISABLE_MULTIREGION_ACCESS_POINTS'] ||
+              Aws.shared_config.s3_disable_multiregion_access_points(profile: cfg.profile) ||
+              'false'
+            value = Aws::Util.str_2_bool(value)
+            # Raise if provided value is not true or false
+            if value.nil?
+              raise ArgumentError,
+                    'Must provide either `true` or `false` for '\
+                    's3_use_arn_region profile option or for '\
+                    "ENV['AWS_S3_USE_ARN_REGION']"
             end
+            value
           end
         end
       end

data/lib/aws-sdk-s3/plugins/bucket_dns.rb

@@ -23,45 +23,10 @@ When set to `true`, the bucket name is always left in the
 request URI and never moved to the host as a sub-domain.
           DOCS
 
-        def add_handlers(handlers, config)
-          handlers.add(Handler) unless config.force_path_style
-        end
-
-        # @api private
-        class Handler < Seahorse::Client::Handler
-
-          def call(context)
-            move_dns_compat_bucket_to_subdomain(context)
-            @handler.call(context)
-          end
-
-          private
-
-          def move_dns_compat_bucket_to_subdomain(context)
-            bucket_name = context.params[:bucket]
-            endpoint = context.http_request.endpoint
-            if bucket_name &&
-               BucketDns.dns_compatible?(bucket_name, https?(endpoint)) &&
-               context.operation_name.to_s != 'get_bucket_location'
-              move_bucket_to_subdomain(bucket_name, endpoint)
-            end
-          end
-
-          def move_bucket_to_subdomain(bucket_name, endpoint)
-            endpoint.host = "#{bucket_name}.#{endpoint.host}"
-            path = endpoint.path.sub("/#{bucket_name}", '')
-            path = "/#{path}" unless path.match(/^\//)
-            endpoint.path = path
-          end
-
-          def https?(uri)
-            uri.scheme == 'https'
-          end
-
-        end
-
+        # These class methods were originally used in a handler in this plugin.
+        # SigV2 legacy signer needs this logic so we keep it here as utility.
+        # New endpoint resolution will check this as a matcher.
         class << self
-
           # @param [String] bucket_name
           # @param [Boolean] ssl
           # @return [Boolean]
@@ -81,7 +46,6 @@ request URI and never moved to the host as a sub-domain.
             bucket_name !~ /(\d+\.){3}\d+/ &&
             bucket_name !~ /[.-]{2}/
           end
-
         end
       end
     end

data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb

@@ -13,12 +13,7 @@ module Aws
           def call(context)
             bucket_member = _bucket_member(context.operation.input.shape)
             if bucket_member && (bucket = context.params[bucket_member])
-              _resolved_region, arn = ARN.resolve_arn!(
-                bucket,
-                context.config.region,
-                context.config.s3_use_arn_region
-              )
-              if !arn && bucket.include?('/')
+              if !Aws::ARNParser.arn?(bucket) && bucket.include?('/')
                 raise ArgumentError,
                       'bucket name must not contain a forward-slash (/)'
               end