aws-sdk-s3 1.215.0 → 1.216.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 78dbac7be5f04099a22976fa24d809974cf955579dbd0763ca2d65f6cd1bf4e9
-  data.tar.gz: 5f51620aa5b2e452e70fb7074b62533e366f782dc0c6f977929255c5bfdc1d7e
+  metadata.gz: 539fec24f4c751a012ca361d7be60a80f94b1d07fbb181632765d516a21008a3
+  data.tar.gz: 2e54a909515cfbdb880efacfd805d9971a57fcb4a8a370ebde34b701d81458a2
 SHA512:
-  metadata.gz: 849edcef5ad4ca08996c96bd49025a6fea354d432a0a9d4afa8de5d82821aedf8d836b7bf2eb57f243422c47f805172407b7bc9ae4d3d285ab752e14828d4eab
-  data.tar.gz: 6c855768321f1fd0346061d27b9f0db98bf3e41758d3dd43e81b57333239ed8a33b286bdf92ab49777934ad0db3d098ce887e8b4efde3d181f070f2088663c5d
+  metadata.gz: 9f59e1c190f315dc70535a1a1afb32c2423c346dde0ba1743ae9f9afca795b81745da63bc60aa0db5b969099612c3e171caeabfd48e00c7d0966e7708462ba56
+  data.tar.gz: 1de88d9a5e2fe6d2a39bb85420e3099794b5fe0932fe3040db51a5c731a72a12b101ac750715278afe8565d49b4b97cf54454317b6222d9a4c7feb3086d136aa

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.216.0 (2026-03-12)
+------------------
+
+* Feature - Adds support for account regional namespaces for general purpose buckets. The account regional namespace is a reserved subdivision of the global bucket namespace where only your account can create general purpose buckets.
+
 1.215.0 (2026-03-05)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.215.0
+1.216.0

data/lib/aws-sdk-s3/bucket.rb

@@ -277,6 +277,7 @@ module Aws::S3
     #     grant_write_acp: "GrantWriteACP",
     #     object_lock_enabled_for_bucket: false,
     #     object_ownership: "BucketOwnerPreferred", # accepts BucketOwnerPreferred, ObjectWriter, BucketOwnerEnforced
+    #     bucket_namespace: "account-regional", # accepts account-regional, global
     #   })
     # @param [Hash] options ({})
     # @option options [String] :acl
@@ -362,6 +363,33 @@ module Aws::S3
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
+    # @option options [String] :bucket_namespace
+    #   Specifies the namespace where you want to create your general purpose
+    #   bucket. When you create a general purpose bucket, you can choose to
+    #   create a bucket in the shared global namespace or you can choose to
+    #   create a bucket in your account regional namespace. Your account
+    #   regional namespace is a subdivision of the global namespace that only
+    #   your account can create buckets in. For more information on bucket
+    #   namespaces, see [Namespaces for general purpose buckets][1].
+    #
+    #   General purpose buckets in your account regional namespace must follow
+    #   a specific naming convention. These buckets consist of a bucket name
+    #   prefix that you create, and a suffix that contains your 12-digit
+    #   Amazon Web Services Account ID, the Amazon Web Services Region code,
+    #   and ends with `-an`. Bucket names must follow the format
+    #   `bucket-name-prefix-accountId-region-an` (for example,
+    #   `amzn-s3-demo-bucket-111122223333-us-west-2-an`). For information
+    #   about bucket naming restrictions, see [Account regional namespace
+    #   naming rules][2] in the *Amazon S3 User Guide*.
+    #
+    #   <note markdown="1"> This functionality is not supported for directory buckets.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/gpbucketnamespaces.html
+    #   [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html#account-regional-naming-rules
     # @return [Types::CreateBucketOutput]
     def create(options = {})
       options = options.merge(bucket: @name)

data/lib/aws-sdk-s3/client.rb

@@ -1392,10 +1392,13 @@ module Aws::S3
     #     * If the source object that you want to copy is in a directory
     #       bucket, you must have the <b>
     #       <code>s3express:CreateSession</code> </b> permission in the
-    #       `Action` element of a policy to read the object. By default, the
-    #       session is in the `ReadWrite` mode. If you want to restrict the
-    #       access, you can explicitly set the `s3express:SessionMode`
-    #       condition key to `ReadOnly` on the copy source bucket.
+    #       `Action` element of a policy to read the object. If no session
+    #       mode is specified, the session will be created with the maximum
+    #       allowable privilege, attempting `ReadWrite` first, then
+    #       `ReadOnly` if `ReadWrite` is not permitted. If you want to
+    #       explicitly restrict the access to be read-only, you can set the
+    #       `s3express:SessionMode` condition key to `ReadOnly` on the copy
+    #       source bucket.
     #
     #     * If the copy destination is a directory bucket, you must have the
     #       <b> <code>s3express:CreateSession</code> </b> permission in the
@@ -2435,6 +2438,20 @@ module Aws::S3
     # configuring, and working with Amazon S3 buckets][2] in the *Amazon S3
     # User Guide*.
     #
+    # General purpose buckets exist in a global namespace, which means that
+    # each bucket name must be unique across all Amazon Web Services
+    # accounts in all the Amazon Web Services Regions within a partition. A
+    # partition is a grouping of Regions. Amazon Web Services currently has
+    # four partitions: `aws` (Standard Regions), `aws-cn` (China Regions),
+    # `aws-us-gov` (Amazon Web Services GovCloud (US)), and `aws-eusc`
+    # (European Sovereign Cloud). When you create a general purpose bucket,
+    # you can choose to create a bucket in the shared global namespace or
+    # you can choose to create a bucket in your account regional namespace.
+    # Your account regional namespace is a subdivision of the global
+    # namespace that only your account can create buckets in. For more
+    # information on account regional namespaces, see [Namespaces for
+    # general purpose buckets][3].
+    #
     # <note markdown="1"> * **General purpose buckets** - If you send your `CreateBucket`
     #   request to the `s3.amazonaws.com` global endpoint, the request goes
     #   to the `us-east-1` Region. So the signature calculations in
@@ -2443,7 +2460,7 @@ module Aws::S3
     #   the bucket is to be created. If you create a bucket in a Region
     #   other than US East (N. Virginia), your application must be able to
     #   handle 307 redirect. For more information, see [Virtual hosting of
-    #   buckets][3] in the *Amazon S3 User Guide*.
+    #   buckets][4] in the *Amazon S3 User Guide*.
     #
     # * <b>Directory buckets </b> - For directory buckets, you must make
     #   requests for this API operation to the Regional endpoint. These
@@ -2451,9 +2468,9 @@ module Aws::S3
     #   `https://s3express-control.region-code.amazonaws.com/bucket-name `.
     #   Virtual-hosted-style requests aren't supported. For more
     #   information about endpoints in Availability Zones, see [Regional and
-    #   Zonal endpoints for directory buckets in Availability Zones][4] in
+    #   Zonal endpoints for directory buckets in Availability Zones][5] in
     #   the *Amazon S3 User Guide*. For more information about endpoints in
-    #   Local Zones, see [Concepts for directory buckets in Local Zones][5]
+    #   Local Zones, see [Concepts for directory buckets in Local Zones][6]
     #   in the *Amazon S3 User Guide*.
     #
     #  </note>
@@ -2496,17 +2513,17 @@ module Aws::S3
     #       disabled. If you would like to share data with users outside of
     #       your account, you can use bucket policies as needed. For more
     #       information, see [Controlling ownership of objects and disabling
-    #       ACLs for your bucket ][6] and [Blocking public access to your
-    #       Amazon S3 storage ][7] in the *Amazon S3 User Guide*.
+    #       ACLs for your bucket ][7] and [Blocking public access to your
+    #       Amazon S3 storage ][8] in the *Amazon S3 User Guide*.
     #
     #     * **S3 Block Public Access** - If your specific use case requires
     #       granting public access to your S3 resources, you can disable
     #       Block Public Access. Specifically, you can create a new bucket
     #       with Block Public Access enabled, then separately call the [
-    #       `DeletePublicAccessBlock` ][8] API. To use this operation, you
+    #       `DeletePublicAccessBlock` ][9] API. To use this operation, you
     #       must have the `s3:PutBucketPublicAccessBlock` permission. For
     #       more information about S3 Block Public Access, see [Blocking
-    #       public access to your Amazon S3 storage ][7] in the *Amazon S3
+    #       public access to your Amazon S3 storage ][8] in the *Amazon S3
     #       User Guide*.
     #   * **Directory bucket permissions** - You must have the
     #     `s3express:CreateBucket` permission in an IAM identity-based
@@ -2515,7 +2532,7 @@ module Aws::S3
     #     performed by the Amazon Web Services account that owns the
     #     resource. For more information about directory bucket policies and
     #     permissions, see [Amazon Web Services Identity and Access
-    #     Management (IAM) for S3 Express One Zone][9] in the *Amazon S3
+    #     Management (IAM) for S3 Express One Zone][10] in the *Amazon S3
     #     User Guide*.
     #
     #     The permissions for ACLs, Object Lock, S3 Object Ownership, and S3
@@ -2525,9 +2542,9 @@ module Aws::S3
     #     enforced (ACLs disabled). These settings can't be modified.
     #
     #      For more information about permissions for creating and working
-    #     with directory buckets, see [Directory buckets][10] in the *Amazon
+    #     with directory buckets, see [Directory buckets][11] in the *Amazon
     #     S3 User Guide*. For more information about supported S3 features
-    #     for directory buckets, see [Features of S3 Express One Zone][11]
+    #     for directory buckets, see [Features of S3 Express One Zone][12]
     #     in the *Amazon S3 User Guide*.
     #
     # HTTP Host header syntax
@@ -2537,9 +2554,9 @@ module Aws::S3
     #
     # The following operations are related to `CreateBucket`:
     #
-    # * [PutObject][12]
+    # * [PutObject][13]
     #
-    # * [DeleteBucket][13]
+    # * [DeleteBucket][14]
     #
     # You must URL encode any signed header values that contain spaces. For
     # example, if your header value is `my file.txt`, containing two spaces
@@ -2549,17 +2566,18 @@ module Aws::S3
     #
     # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html
     # [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html
-    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html
-    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html
-    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html
-    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
-    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html
-    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html
-    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html
-    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html
-    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-one-zone.html#s3-express-features
-    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
-    # [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
+    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/gpbucketnamespaces.html
+    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html
+    # [5]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/endpoint-directory-buckets-AZ.html
+    # [6]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-lzs-for-directory-buckets.html
+    # [7]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
+    # [8]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html
+    # [9]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html
+    # [10]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html
+    # [11]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html
+    # [12]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-one-zone.html#s3-express-features
+    # [13]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
+    # [14]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html
     #
     # @option params [String] :acl
     #   The canned ACL to apply to the bucket.
@@ -2676,6 +2694,34 @@ module Aws::S3
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
     #
+    # @option params [String] :bucket_namespace
+    #   Specifies the namespace where you want to create your general purpose
+    #   bucket. When you create a general purpose bucket, you can choose to
+    #   create a bucket in the shared global namespace or you can choose to
+    #   create a bucket in your account regional namespace. Your account
+    #   regional namespace is a subdivision of the global namespace that only
+    #   your account can create buckets in. For more information on bucket
+    #   namespaces, see [Namespaces for general purpose buckets][1].
+    #
+    #   General purpose buckets in your account regional namespace must follow
+    #   a specific naming convention. These buckets consist of a bucket name
+    #   prefix that you create, and a suffix that contains your 12-digit
+    #   Amazon Web Services Account ID, the Amazon Web Services Region code,
+    #   and ends with `-an`. Bucket names must follow the format
+    #   `bucket-name-prefix-accountId-region-an` (for example,
+    #   `amzn-s3-demo-bucket-111122223333-us-west-2-an`). For information
+    #   about bucket naming restrictions, see [Account regional namespace
+    #   naming rules][2] in the *Amazon S3 User Guide*.
+    #
+    #   <note markdown="1"> This functionality is not supported for directory buckets.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/gpbucketnamespaces.html
+    #   [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html#account-regional-naming-rules
+    #
     # @return [Types::CreateBucketOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateBucketOutput#location #location} => String
@@ -2740,6 +2786,7 @@ module Aws::S3
     #     grant_write_acp: "GrantWriteACP",
     #     object_lock_enabled_for_bucket: false,
     #     object_ownership: "BucketOwnerPreferred", # accepts BucketOwnerPreferred, ObjectWriter, BucketOwnerEnforced
+    #     bucket_namespace: "account-regional", # accepts account-regional, global
     #   })
     #
     # @example Response structure
@@ -4146,12 +4193,17 @@ module Aws::S3
     #
     # @option params [String] :session_mode
     #   Specifies the mode of the session that will be created, either
-    #   `ReadWrite` or `ReadOnly`. By default, a `ReadWrite` session is
-    #   created. A `ReadWrite` session is capable of executing all the Zonal
-    #   endpoint API operations on a directory bucket. A `ReadOnly` session is
-    #   constrained to execute the following Zonal endpoint API operations:
-    #   `GetObject`, `HeadObject`, `ListObjectsV2`, `GetObjectAttributes`,
-    #   `ListParts`, and `ListMultipartUploads`.
+    #   `ReadWrite` or `ReadOnly`. If no session mode is specified, the
+    #   default behavior attempts to create a session with the maximum
+    #   allowable privilege. It will first attempt to create a `ReadWrite`
+    #   session, and if that is not allowed by permissions, it will attempt to
+    #   create a `ReadOnly` session. If neither session type is allowed, the
+    #   request will return an Access Denied error. A `ReadWrite` session is
+    #   capable of executing all the Zonal endpoint API operations on a
+    #   directory bucket. A `ReadOnly` session is constrained to execute the
+    #   following Zonal endpoint API operations: `GetObject`, `HeadObject`,
+    #   `ListObjectsV2`, `GetObjectAttributes`, `ListParts`, and
+    #   `ListMultipartUploads`.
     #
     # @option params [required, String] :bucket
     #   The name of the bucket that you create a session for.
@@ -5398,10 +5450,6 @@ module Aws::S3
     # for a general purpose bucket][1], you can no longer use this operation
     # for that bucket and must use [UntagResource][2] instead.
     #
-    # if ABAC is not enabled for the bucket. When you [enable ABAC for a
-    # general purpose bucket][1], you can no longer use this operation for
-    # that bucket and must use [UntagResource][2] instead.
-    #
     # To use this operation, you must have permission to perform the
     # `s3:PutBucketTagging` action. By default, the bucket owner has this
     # permission and can grant this permission to others.
@@ -8738,10 +8786,6 @@ module Aws::S3
     #
     # Returns the tag set associated with the general purpose bucket.
     #
-    # if ABAC is not enabled for the bucket. When you [enable ABAC for a
-    # general purpose bucket][1], you can no longer use this operation for
-    # that bucket and must use [ListTagsForResource][2] instead.
-    #
     # To use this operation, you must have permission to perform the
     # `s3:GetBucketTagging` action. By default, the bucket owner has this
     # permission and can grant this permission to others.
@@ -8756,9 +8800,9 @@ module Aws::S3
     #
     # The following operations are related to `GetBucketTagging`:
     #
-    # * [PutBucketTagging][3]
+    # * [PutBucketTagging][1]
     #
-    # * [DeleteBucketTagging][4]
+    # * [DeleteBucketTagging][2]
     #
     # You must URL encode any signed header values that contain spaces. For
     # example, if your header value is `my file.txt`, containing two spaces
@@ -8766,10 +8810,8 @@ module Aws::S3
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging-enable-abac.html
-    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_ListTagsForResource.html
-    # [3]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html
-    # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html
     #
     # @option params [required, String] :bucket
     #   The name of the bucket for which to get the tagging information.
@@ -10950,10 +10992,12 @@ module Aws::S3
     #
     #   * **Directory bucket permissions** - You must have the <b>
     #     <code>s3express:CreateSession</code> </b> permission in the
-    #     `Action` element of a policy. By default, the session is in the
-    #     `ReadWrite` mode. If you want to restrict the access, you can
-    #     explicitly set the `s3express:SessionMode` condition key to
-    #     `ReadOnly` on the bucket.
+    #     `Action` element of a policy. If no session mode is specified, the
+    #     session will be created with the maximum allowable privilege,
+    #     attempting `ReadWrite` first, then `ReadOnly` if `ReadWrite` is
+    #     not permitted. If you want to explicitly restrict the access to be
+    #     read-only, you can set the `s3express:SessionMode` condition key
+    #     to `ReadOnly` on the bucket.
     #
     #     For more information about example bucket policies, see [Example
     #     bucket policies for S3 Express One Zone][3] and [Amazon Web
@@ -21610,10 +21654,13 @@ module Aws::S3
     #     * If the source object that you want to copy is in a directory
     #       bucket, you must have the <b>
     #       <code>s3express:CreateSession</code> </b> permission in the
-    #       `Action` element of a policy to read the object. By default, the
-    #       session is in the `ReadWrite` mode. If you want to restrict the
-    #       access, you can explicitly set the `s3express:SessionMode`
-    #       condition key to `ReadOnly` on the copy source bucket.
+    #       `Action` element of a policy to read the object. If no session
+    #       mode is specified, the session will be created with the maximum
+    #       allowable privilege, attempting `ReadWrite` first, then
+    #       `ReadOnly` if `ReadWrite` is not permitted. If you want to
+    #       explicitly restrict the access to be read-only, you can set the
+    #       `s3express:SessionMode` condition key to `ReadOnly` on the copy
+    #       source bucket.
     #
     #     * If the copy destination is a directory bucket, you must have the
     #       <b> <code>s3express:CreateSession</code> </b> permission in the
@@ -22553,7 +22600,7 @@ module Aws::S3
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-s3'
-      context[:gem_version] = '1.215.0'
+      context[:gem_version] = '1.216.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-s3/client_api.rb

@@ -61,6 +61,7 @@ module Aws::S3
     BucketLoggingStatus = Shapes::StructureShape.new(name: 'BucketLoggingStatus')
     BucketLogsPermission = Shapes::StringShape.new(name: 'BucketLogsPermission')
     BucketName = Shapes::StringShape.new(name: 'BucketName')
+    BucketNamespace = Shapes::StringShape.new(name: 'BucketNamespace')
     BucketRegion = Shapes::StringShape.new(name: 'BucketRegion')
     BucketType = Shapes::StringShape.new(name: 'BucketType')
     BucketVersioningStatus = Shapes::StringShape.new(name: 'BucketVersioningStatus')
@@ -1013,6 +1014,7 @@ module Aws::S3
     CreateBucketRequest.add_member(:grant_write_acp, Shapes::ShapeRef.new(shape: GrantWriteACP, location: "header", location_name: "x-amz-grant-write-acp"))
     CreateBucketRequest.add_member(:object_lock_enabled_for_bucket, Shapes::ShapeRef.new(shape: ObjectLockEnabledForBucket, location: "header", location_name: "x-amz-bucket-object-lock-enabled"))
     CreateBucketRequest.add_member(:object_ownership, Shapes::ShapeRef.new(shape: ObjectOwnership, location: "header", location_name: "x-amz-object-ownership"))
+    CreateBucketRequest.add_member(:bucket_namespace, Shapes::ShapeRef.new(shape: BucketNamespace, location: "header", location_name: "x-amz-bucket-namespace"))
     CreateBucketRequest.struct_class = Types::CreateBucketRequest
     CreateBucketRequest[:payload] = :create_bucket_configuration
     CreateBucketRequest[:payload_member] = CreateBucketRequest.member(:create_bucket_configuration)

data/lib/aws-sdk-s3/resource.rb

@@ -64,6 +64,7 @@ module Aws::S3
     #     grant_write_acp: "GrantWriteACP",
     #     object_lock_enabled_for_bucket: false,
     #     object_ownership: "BucketOwnerPreferred", # accepts BucketOwnerPreferred, ObjectWriter, BucketOwnerEnforced
+    #     bucket_namespace: "account-regional", # accepts account-regional, global
     #   })
     # @param [Hash] options ({})
     # @option options [String] :acl
@@ -171,6 +172,33 @@ module Aws::S3
     #
     #
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
+    # @option options [String] :bucket_namespace
+    #   Specifies the namespace where you want to create your general purpose
+    #   bucket. When you create a general purpose bucket, you can choose to
+    #   create a bucket in the shared global namespace or you can choose to
+    #   create a bucket in your account regional namespace. Your account
+    #   regional namespace is a subdivision of the global namespace that only
+    #   your account can create buckets in. For more information on bucket
+    #   namespaces, see [Namespaces for general purpose buckets][1].
+    #
+    #   General purpose buckets in your account regional namespace must follow
+    #   a specific naming convention. These buckets consist of a bucket name
+    #   prefix that you create, and a suffix that contains your 12-digit
+    #   Amazon Web Services Account ID, the Amazon Web Services Region code,
+    #   and ends with `-an`. Bucket names must follow the format
+    #   `bucket-name-prefix-accountId-region-an` (for example,
+    #   `amzn-s3-demo-bucket-111122223333-us-west-2-an`). For information
+    #   about bucket naming restrictions, see [Account regional namespace
+    #   naming rules][2] in the *Amazon S3 User Guide*.
+    #
+    #   <note markdown="1"> This functionality is not supported for directory buckets.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/gpbucketnamespaces.html
+    #   [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html#account-regional-naming-rules
     # @return [Bucket]
     def create_bucket(options = {})
       Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do

data/lib/aws-sdk-s3/types.rb

@@ -3075,6 +3075,36 @@ module Aws::S3
     #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
     #   @return [String]
     #
+    # @!attribute [rw] bucket_namespace
+    #   Specifies the namespace where you want to create your general
+    #   purpose bucket. When you create a general purpose bucket, you can
+    #   choose to create a bucket in the shared global namespace or you can
+    #   choose to create a bucket in your account regional namespace. Your
+    #   account regional namespace is a subdivision of the global namespace
+    #   that only your account can create buckets in. For more information
+    #   on bucket namespaces, see [Namespaces for general purpose
+    #   buckets][1].
+    #
+    #   General purpose buckets in your account regional namespace must
+    #   follow a specific naming convention. These buckets consist of a
+    #   bucket name prefix that you create, and a suffix that contains your
+    #   12-digit Amazon Web Services Account ID, the Amazon Web Services
+    #   Region code, and ends with `-an`. Bucket names must follow the
+    #   format `bucket-name-prefix-accountId-region-an` (for example,
+    #   `amzn-s3-demo-bucket-111122223333-us-west-2-an`). For information
+    #   about bucket naming restrictions, see [Account regional namespace
+    #   naming rules][2] in the *Amazon S3 User Guide*.
+    #
+    #   <note markdown="1"> This functionality is not supported for directory buckets.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/gpbucketnamespaces.html
+    #   [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html#account-regional-naming-rules
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateBucketRequest AWS API Documentation
     #
     class CreateBucketRequest < Struct.new(
@@ -3087,7 +3117,8 @@ module Aws::S3
       :grant_write,
       :grant_write_acp,
       :object_lock_enabled_for_bucket,
-      :object_ownership)
+      :object_ownership,
+      :bucket_namespace)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3981,12 +4012,17 @@ module Aws::S3
 
     # @!attribute [rw] session_mode
     #   Specifies the mode of the session that will be created, either
-    #   `ReadWrite` or `ReadOnly`. By default, a `ReadWrite` session is
-    #   created. A `ReadWrite` session is capable of executing all the Zonal
-    #   endpoint API operations on a directory bucket. A `ReadOnly` session
-    #   is constrained to execute the following Zonal endpoint API
-    #   operations: `GetObject`, `HeadObject`, `ListObjectsV2`,
-    #   `GetObjectAttributes`, `ListParts`, and `ListMultipartUploads`.
+    #   `ReadWrite` or `ReadOnly`. If no session mode is specified, the
+    #   default behavior attempts to create a session with the maximum
+    #   allowable privilege. It will first attempt to create a `ReadWrite`
+    #   session, and if that is not allowed by permissions, it will attempt
+    #   to create a `ReadOnly` session. If neither session type is allowed,
+    #   the request will return an Access Denied error. A `ReadWrite`
+    #   session is capable of executing all the Zonal endpoint API
+    #   operations on a directory bucket. A `ReadOnly` session is
+    #   constrained to execute the following Zonal endpoint API operations:
+    #   `GetObject`, `HeadObject`, `ListObjectsV2`, `GetObjectAttributes`,
+    #   `ListParts`, and `ListMultipartUploads`.
     #   @return [String]
     #
     # @!attribute [rw] bucket

data/lib/aws-sdk-s3.rb

@@ -75,7 +75,7 @@ module Aws::S3
   autoload :ObjectVersion, 'aws-sdk-s3/object_version'
   autoload :EventStreams, 'aws-sdk-s3/event_streams'
 
-  GEM_VERSION = '1.215.0'
+  GEM_VERSION = '1.216.0'
 
 end
 

data/sig/bucket.rbs

@@ -73,7 +73,8 @@ module Aws
                     ?grant_write: ::String,
                     ?grant_write_acp: ::String,
                     ?object_lock_enabled_for_bucket: bool,
-                    ?object_ownership: ("BucketOwnerPreferred" | "ObjectWriter" | "BucketOwnerEnforced")
+                    ?object_ownership: ("BucketOwnerPreferred" | "ObjectWriter" | "BucketOwnerEnforced"),
+                    ?bucket_namespace: ("account-regional" | "global")
                   ) -> Types::CreateBucketOutput
                 | (?Hash[Symbol, untyped]) -> Types::CreateBucketOutput
 

data/sig/client.rbs

@@ -256,7 +256,8 @@ module Aws
                            ?grant_write: ::String,
                            ?grant_write_acp: ::String,
                            ?object_lock_enabled_for_bucket: bool,
-                           ?object_ownership: ("BucketOwnerPreferred" | "ObjectWriter" | "BucketOwnerEnforced")
+                           ?object_ownership: ("BucketOwnerPreferred" | "ObjectWriter" | "BucketOwnerEnforced"),
+                           ?bucket_namespace: ("account-regional" | "global")
                          ) -> _CreateBucketResponseSuccess
                        | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CreateBucketResponseSuccess
 

data/sig/resource.rbs

@@ -122,7 +122,8 @@ module Aws
                            ?grant_write: ::String,
                            ?grant_write_acp: ::String,
                            ?object_lock_enabled_for_bucket: bool,
-                           ?object_ownership: ("BucketOwnerPreferred" | "ObjectWriter" | "BucketOwnerEnforced")
+                           ?object_ownership: ("BucketOwnerPreferred" | "ObjectWriter" | "BucketOwnerEnforced"),
+                           ?bucket_namespace: ("account-regional" | "global")
                          ) -> Bucket
                        | (?Hash[Symbol, untyped]) -> Bucket
 

data/sig/types.rbs

@@ -376,6 +376,7 @@ module Aws::S3
       attr_accessor grant_write_acp: ::String
       attr_accessor object_lock_enabled_for_bucket: bool
       attr_accessor object_ownership: ("BucketOwnerPreferred" | "ObjectWriter" | "BucketOwnerEnforced")
+      attr_accessor bucket_namespace: ("account-regional" | "global")
       SENSITIVE: []
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-s3
 version: !ruby/object:Gem::Version
-  version: 1.215.0
+  version: 1.216.0
 platform: ruby
 authors:
 - Amazon Web Services