aws-sdk-s3control 1.29.0 → 1.34.0

data/lib/aws-sdk-s3control/types.rb

@@ -3,7 +3,7 @@
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:
-# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
 #
 # WARNING ABOUT GENERATED CODE
 
@@ -50,6 +50,11 @@ module Aws::S3Control
     # @!attribute [rw] vpc_configuration
     #   The virtual private cloud (VPC) configuration for this access point,
     #   if one exists.
+    #
+    #   <note markdown="1"> This element is empty if this access point is an Amazon S3 on
+    #   Outposts access point that is used by other AWS services.
+    #
+    #    </note>
     #   @return [Types::VpcConfiguration]
     #
     # @!attribute [rw] bucket
@@ -137,6 +142,35 @@ module Aws::S3Control
       include Aws::Structure
     end
 
+    # AWS Lambda function used to transform objects through an Object Lambda
+    # Access Point.
+    #
+    # @note When making an API call, you may pass AwsLambdaTransformation
+    #   data as a hash:
+    #
+    #       {
+    #         function_arn: "FunctionArnString", # required
+    #         function_payload: "AwsLambdaTransformationPayload",
+    #       }
+    #
+    # @!attribute [rw] function_arn
+    #   The Amazon Resource Name (ARN) of the AWS Lambda function.
+    #   @return [String]
+    #
+    # @!attribute [rw] function_payload
+    #   Additional JSON that provides supplemental data to the Lambda
+    #   function used to transform objects.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/AwsLambdaTransformation AWS API Documentation
+    #
+    class AwsLambdaTransformation < Struct.new(
+      :function_arn,
+      :function_payload)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] message
     #   @return [String]
     #
@@ -203,6 +237,65 @@ module Aws::S3Control
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass CreateAccessPointForObjectLambdaRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #         name: "ObjectLambdaAccessPointName", # required
+    #         configuration: { # required
+    #           supporting_access_point: "ObjectLambdaSupportingAccessPointArn", # required
+    #           cloud_watch_metrics_enabled: false,
+    #           allowed_features: ["GetObject-Range"], # accepts GetObject-Range, GetObject-PartNumber
+    #           transformation_configurations: [ # required
+    #             {
+    #               actions: ["GetObject"], # required, accepts GetObject
+    #               content_transformation: { # required
+    #                 aws_lambda: {
+    #                   function_arn: "FunctionArnString", # required
+    #                   function_payload: "AwsLambdaTransformationPayload",
+    #                 },
+    #               },
+    #             },
+    #           ],
+    #         },
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The AWS account ID for owner of the specified Object Lambda Access
+    #   Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name you want to assign to this Object Lambda Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] configuration
+    #   Object Lambda Access Point configuration as a JSON document.
+    #   @return [Types::ObjectLambdaConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessPointForObjectLambdaRequest AWS API Documentation
+    #
+    class CreateAccessPointForObjectLambdaRequest < Struct.new(
+      :account_id,
+      :name,
+      :configuration)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] object_lambda_access_point_arn
+    #   Specifies the ARN for the Object Lambda Access Point.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessPointForObjectLambdaResult AWS API Documentation
+    #
+    class CreateAccessPointForObjectLambdaResult < Struct.new(
+      :object_lambda_access_point_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass CreateAccessPointRequest
     #   data as a hash:
     #
@@ -258,17 +351,8 @@ module Aws::S3Control
     #   @return [Types::VpcConfiguration]
     #
     # @!attribute [rw] public_access_block_configuration
-    #   The `PublicAccessBlock` configuration that you want to apply to this
-    #   Amazon S3 account. You can enable the configuration options in any
-    #   combination. For more information about when Amazon S3 considers a
-    #   bucket or object public, see [The Meaning of "Public"][1] in the
-    #   *Amazon Simple Storage Service Developer Guide*.
-    #
-    #   This is not supported for Amazon S3 on Outposts.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status
+    #   The `PublicAccessBlock` configuration that you want to apply to the
+    #   access point.
     #   @return [Types::PublicAccessBlockConfiguration]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessPointRequest AWS API Documentation
@@ -528,6 +612,7 @@ module Aws::S3Control
     #             object_lock_legal_hold_status: "OFF", # accepts OFF, ON
     #             object_lock_mode: "COMPLIANCE", # accepts COMPLIANCE, GOVERNANCE
     #             object_lock_retain_until_date: Time.now,
+    #             bucket_key_enabled: false,
     #           },
     #           s3_put_object_acl: {
     #             access_control_policy: {
@@ -620,8 +705,7 @@ module Aws::S3Control
     # @!attribute [rw] operation
     #   The action that you want this job to perform on every object listed
     #   in the manifest. For more information about the available actions,
-    #   see [Operations][1] in the *Amazon Simple Storage Service User
-    #   Guide*.
+    #   see [Operations][1] in the *Amazon S3 User Guide*.
     #
     #
     #
@@ -697,6 +781,59 @@ module Aws::S3Control
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DeleteAccessPointForObjectLambdaRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #         name: "ObjectLambdaAccessPointName", # required
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The account ID for the account that owns the specified Object Lambda
+    #   Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the access point you want to delete.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DeleteAccessPointForObjectLambdaRequest AWS API Documentation
+    #
+    class DeleteAccessPointForObjectLambdaRequest < Struct.new(
+      :account_id,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @note When making an API call, you may pass DeleteAccessPointPolicyForObjectLambdaRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #         name: "ObjectLambdaAccessPointName", # required
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The account ID for the account that owns the specified Object Lambda
+    #   Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the Object Lambda Access Point you want to delete the
+    #   policy for.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DeleteAccessPointPolicyForObjectLambdaRequest AWS API Documentation
+    #
+    class DeleteAccessPointPolicyForObjectLambdaRequest < Struct.new(
+      :account_id,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass DeleteAccessPointPolicyRequest
     #   data as a hash:
     #
@@ -1090,6 +1227,133 @@ module Aws::S3Control
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass GetAccessPointConfigurationForObjectLambdaRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #         name: "ObjectLambdaAccessPointName", # required
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The account ID for the account that owns the specified Object Lambda
+    #   Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the Object Lambda Access Point you want to return the
+    #   configuration for.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambdaRequest AWS API Documentation
+    #
+    class GetAccessPointConfigurationForObjectLambdaRequest < Struct.new(
+      :account_id,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] configuration
+    #   Object Lambda Access Point configuration document.
+    #   @return [Types::ObjectLambdaConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessPointConfigurationForObjectLambdaResult AWS API Documentation
+    #
+    class GetAccessPointConfigurationForObjectLambdaResult < Struct.new(
+      :configuration)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @note When making an API call, you may pass GetAccessPointForObjectLambdaRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #         name: "ObjectLambdaAccessPointName", # required
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The account ID for the account that owns the specified Object Lambda
+    #   Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the Object Lambda Access Point.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessPointForObjectLambdaRequest AWS API Documentation
+    #
+    class GetAccessPointForObjectLambdaRequest < Struct.new(
+      :account_id,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] name
+    #   The name of the Object Lambda Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] public_access_block_configuration
+    #   Configuration to block all public access. This setting is turned on
+    #   and can not be edited.
+    #   @return [Types::PublicAccessBlockConfiguration]
+    #
+    # @!attribute [rw] creation_date
+    #   The date and time when the specified Object Lambda Access Point was
+    #   created.
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessPointForObjectLambdaResult AWS API Documentation
+    #
+    class GetAccessPointForObjectLambdaResult < Struct.new(
+      :name,
+      :public_access_block_configuration,
+      :creation_date)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @note When making an API call, you may pass GetAccessPointPolicyForObjectLambdaRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #         name: "ObjectLambdaAccessPointName", # required
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The account ID for the account that owns the specified Object Lambda
+    #   Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the Object Lambda Access Point.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessPointPolicyForObjectLambdaRequest AWS API Documentation
+    #
+    class GetAccessPointPolicyForObjectLambdaRequest < Struct.new(
+      :account_id,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] policy
+    #   Object Lambda Access Point resource policy document.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessPointPolicyForObjectLambdaResult AWS API Documentation
+    #
+    class GetAccessPointPolicyForObjectLambdaResult < Struct.new(
+      :policy)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass GetAccessPointPolicyRequest
     #   data as a hash:
     #
@@ -1140,6 +1404,51 @@ module Aws::S3Control
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass GetAccessPointPolicyStatusForObjectLambdaRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #         name: "ObjectLambdaAccessPointName", # required
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The account ID for the account that owns the specified Object Lambda
+    #   Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the Object Lambda Access Point.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambdaRequest AWS API Documentation
+    #
+    class GetAccessPointPolicyStatusForObjectLambdaRequest < Struct.new(
+      :account_id,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] policy_status
+    #   Indicates whether this access point policy is public. For more
+    #   information about how Amazon S3 evaluates policies to determine
+    #   whether they are public, see [The Meaning of "Public"][1] in the
+    #   *Amazon S3 User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status
+    #   @return [Types::PolicyStatus]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessPointPolicyStatusForObjectLambdaResult AWS API Documentation
+    #
+    class GetAccessPointPolicyStatusForObjectLambdaResult < Struct.new(
+      :policy_status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass GetAccessPointPolicyStatusRequest
     #   data as a hash:
     #
@@ -1239,6 +1548,11 @@ module Aws::S3Control
     # @!attribute [rw] vpc_configuration
     #   Contains the virtual private cloud (VPC) configuration for the
     #   specified access point.
+    #
+    #   <note markdown="1"> This element is empty if this access point is an Amazon S3 on
+    #   Outposts access point that is used by other AWS services.
+    #
+    #    </note>
     #   @return [Types::VpcConfiguration]
     #
     # @!attribute [rw] public_access_block_configuration
@@ -1246,7 +1560,7 @@ module Aws::S3Control
     #   Amazon S3 account. You can enable the configuration options in any
     #   combination. For more information about when Amazon S3 considers a
     #   bucket or object public, see [The Meaning of "Public"][1] in the
-    #   *Amazon Simple Storage Service Developer Guide*.
+    #   *Amazon S3 User Guide*.
     #
     #   This is not supported for Amazon S3 on Outposts.
     #
@@ -1991,7 +2305,7 @@ module Aws::S3Control
 
     # The operation that you want this job to perform on every object listed
     # in the manifest. For more information about the available operations,
-    # see [Operations][1] in the *Amazon Simple Storage Service User Guide*.
+    # see [Operations][1] in the *Amazon S3 User Guide*.
     #
     #
     #
@@ -2049,6 +2363,7 @@ module Aws::S3Control
     #           object_lock_legal_hold_status: "OFF", # accepts OFF, ON
     #           object_lock_mode: "COMPLIANCE", # accepts COMPLIANCE, GOVERNANCE
     #           object_lock_retain_until_date: Time.now,
+    #           bucket_key_enabled: false,
     #         },
     #         s3_put_object_acl: {
     #           access_control_policy: {
@@ -2134,7 +2449,7 @@ module Aws::S3Control
     #   operation that an S3 Batch Operations job passes every object to the
     #   underlying `PutObjectLegalHold` API. For more information, see
     #   [Using S3 Object Lock legal hold with S3 Batch Operations][1] in the
-    #   *Amazon Simple Storage Service User Guide*.
+    #   *Amazon S3 User Guide*.
     #
     #
     #
@@ -2146,7 +2461,7 @@ module Aws::S3Control
     #   action for an S3 Batch Operations job. Batch Operations passes every
     #   object to the underlying `PutObjectRetention` API. For more
     #   information, see [Using S3 Object Lock retention with S3 Batch
-    #   Operations][1] in the *Amazon Simple Storage Service User Guide*.
+    #   Operations][1] in the *Amazon S3 User Guide*.
     #
     #
     #
@@ -2482,7 +2797,7 @@ module Aws::S3Control
     #   upload that Amazon S3 waits before permanently removing all parts of
     #   the upload. For more information, see [ Aborting Incomplete
     #   Multipart Uploads Using a Bucket Lifecycle Policy][1] in the *Amazon
-    #   Simple Storage Service Developer Guide*.
+    #   S3 User Guide*.
     #
     #
     #
@@ -2588,6 +2903,64 @@ module Aws::S3Control
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ListAccessPointsForObjectLambdaRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #         next_token: "NonEmptyMaxLength1024String",
+    #         max_results: 1,
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The account ID for the account that owns the specified Object Lambda
+    #   Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] next_token
+    #   If the list has more access points than can be returned in one call
+    #   to this API, this field contains a continuation token that you can
+    #   provide in subsequent calls to this API to retrieve additional
+    #   access points.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of access points that you want to include in the
+    #   list. If there are more than this number of access points, then the
+    #   response will include a continuation token in the `NextToken` field
+    #   that you can use to retrieve the next page of access points.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessPointsForObjectLambdaRequest AWS API Documentation
+    #
+    class ListAccessPointsForObjectLambdaRequest < Struct.new(
+      :account_id,
+      :next_token,
+      :max_results)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] object_lambda_access_point_list
+    #   Returns list of Object Lambda Access Points.
+    #   @return [Array<Types::ObjectLambdaAccessPoint>]
+    #
+    # @!attribute [rw] next_token
+    #   If the list has more access points than can be returned in one call
+    #   to this API, this field contains a continuation token that you can
+    #   provide in subsequent calls to this API to retrieve additional
+    #   access points.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessPointsForObjectLambdaResult AWS API Documentation
+    #
+    class ListAccessPointsForObjectLambdaResult < Struct.new(
+      :object_lambda_access_point_list,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass ListAccessPointsRequest
     #   data as a hash:
     #
@@ -2895,8 +3268,7 @@ module Aws::S3Control
     #   Specifies the number of days an object is noncurrent before Amazon
     #   S3 can perform the associated action. For information about the
     #   noncurrent days calculations, see [How Amazon S3 Calculates When an
-    #   Object Became Noncurrent][1] in the *Amazon Simple Storage Service
-    #   Developer Guide*.
+    #   Object Became Noncurrent][1] in the *Amazon S3 User Guide*.
     #
     #
     #
@@ -2925,8 +3297,8 @@ module Aws::S3Control
     #   Specifies the number of days an object is noncurrent before Amazon
     #   S3 can perform the associated action. For information about the
     #   noncurrent days calculations, see [ How Amazon S3 Calculates How
-    #   Long an Object Has Been Noncurrent][1] in the *Amazon Simple Storage
-    #   Service Developer Guide*.
+    #   Long an Object Has Been Noncurrent][1] in the *Amazon S3 User
+    #   Guide*.
     #
     #
     #
@@ -2957,10 +3329,142 @@ module Aws::S3Control
       include Aws::Structure
     end
 
+    # An access point with an attached AWS Lambda function used to access
+    # transformed data from an Amazon S3 bucket.
+    #
+    # @!attribute [rw] name
+    #   The name of the Object Lambda Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] object_lambda_access_point_arn
+    #   Specifies the ARN for the Object Lambda Access Point.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ObjectLambdaAccessPoint AWS API Documentation
+    #
+    class ObjectLambdaAccessPoint < Struct.new(
+      :name,
+      :object_lambda_access_point_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # A configuration used when creating an Object Lambda Access Point.
+    #
+    # @note When making an API call, you may pass ObjectLambdaConfiguration
+    #   data as a hash:
+    #
+    #       {
+    #         supporting_access_point: "ObjectLambdaSupportingAccessPointArn", # required
+    #         cloud_watch_metrics_enabled: false,
+    #         allowed_features: ["GetObject-Range"], # accepts GetObject-Range, GetObject-PartNumber
+    #         transformation_configurations: [ # required
+    #           {
+    #             actions: ["GetObject"], # required, accepts GetObject
+    #             content_transformation: { # required
+    #               aws_lambda: {
+    #                 function_arn: "FunctionArnString", # required
+    #                 function_payload: "AwsLambdaTransformationPayload",
+    #               },
+    #             },
+    #           },
+    #         ],
+    #       }
+    #
+    # @!attribute [rw] supporting_access_point
+    #   Standard access point associated with the Object Lambda Access
+    #   Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] cloud_watch_metrics_enabled
+    #   A container for whether the CloudWatch metrics configuration is
+    #   enabled.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] allowed_features
+    #   A container for allowed features. Valid inputs are `GetObject-Range`
+    #   and `GetObject-PartNumber`.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] transformation_configurations
+    #   A container for transformation configurations for an Object Lambda
+    #   Access Point.
+    #   @return [Array<Types::ObjectLambdaTransformationConfiguration>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ObjectLambdaConfiguration AWS API Documentation
+    #
+    class ObjectLambdaConfiguration < Struct.new(
+      :supporting_access_point,
+      :cloud_watch_metrics_enabled,
+      :allowed_features,
+      :transformation_configurations)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # A container for AwsLambdaTransformation.
+    #
+    # @note When making an API call, you may pass ObjectLambdaContentTransformation
+    #   data as a hash:
+    #
+    #       {
+    #         aws_lambda: {
+    #           function_arn: "FunctionArnString", # required
+    #           function_payload: "AwsLambdaTransformationPayload",
+    #         },
+    #       }
+    #
+    # @!attribute [rw] aws_lambda
+    #   A container for an AWS Lambda function.
+    #   @return [Types::AwsLambdaTransformation]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ObjectLambdaContentTransformation AWS API Documentation
+    #
+    class ObjectLambdaContentTransformation < Struct.new(
+      :aws_lambda)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # A configuration used when creating an Object Lambda Access Point
+    # transformation.
+    #
+    # @note When making an API call, you may pass ObjectLambdaTransformationConfiguration
+    #   data as a hash:
+    #
+    #       {
+    #         actions: ["GetObject"], # required, accepts GetObject
+    #         content_transformation: { # required
+    #           aws_lambda: {
+    #             function_arn: "FunctionArnString", # required
+    #             function_payload: "AwsLambdaTransformationPayload",
+    #           },
+    #         },
+    #       }
+    #
+    # @!attribute [rw] actions
+    #   A container for the action of an Object Lambda Access Point
+    #   configuration. Valid input is `GetObject`.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] content_transformation
+    #   A container for the content transformation of an Object Lambda
+    #   Access Point configuration.
+    #   @return [Types::ObjectLambdaContentTransformation]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ObjectLambdaTransformationConfiguration AWS API Documentation
+    #
+    class ObjectLambdaTransformationConfiguration < Struct.new(
+      :actions,
+      :content_transformation)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Indicates whether this access point policy is public. For more
     # information about how Amazon S3 evaluates policies to determine
     # whether they are public, see [The Meaning of "Public"][1] in the
-    # *Amazon Simple Storage Service User Guide*.
+    # *Amazon S3 User Guide*.
     #
     #
     #
@@ -3040,7 +3544,7 @@ module Aws::S3Control
     # Amazon S3 account. You can enable the configuration options in any
     # combination. For more information about when Amazon S3 considers a
     # bucket or object public, see [The Meaning of "Public"][1] in the
-    # *Amazon Simple Storage Service Developer Guide*.
+    # *Amazon S3 User Guide*.
     #
     # This is not supported for Amazon S3 on Outposts.
     #
@@ -3123,6 +3627,85 @@ module Aws::S3Control
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass PutAccessPointConfigurationForObjectLambdaRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #         name: "ObjectLambdaAccessPointName", # required
+    #         configuration: { # required
+    #           supporting_access_point: "ObjectLambdaSupportingAccessPointArn", # required
+    #           cloud_watch_metrics_enabled: false,
+    #           allowed_features: ["GetObject-Range"], # accepts GetObject-Range, GetObject-PartNumber
+    #           transformation_configurations: [ # required
+    #             {
+    #               actions: ["GetObject"], # required, accepts GetObject
+    #               content_transformation: { # required
+    #                 aws_lambda: {
+    #                   function_arn: "FunctionArnString", # required
+    #                   function_payload: "AwsLambdaTransformationPayload",
+    #                 },
+    #               },
+    #             },
+    #           ],
+    #         },
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The account ID for the account that owns the specified Object Lambda
+    #   Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the Object Lambda Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] configuration
+    #   Object Lambda Access Point configuration document.
+    #   @return [Types::ObjectLambdaConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/PutAccessPointConfigurationForObjectLambdaRequest AWS API Documentation
+    #
+    class PutAccessPointConfigurationForObjectLambdaRequest < Struct.new(
+      :account_id,
+      :name,
+      :configuration)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @note When making an API call, you may pass PutAccessPointPolicyForObjectLambdaRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #         name: "ObjectLambdaAccessPointName", # required
+    #         policy: "ObjectLambdaPolicy", # required
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The account ID for the account that owns the specified Object Lambda
+    #   Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the Object Lambda Access Point.
+    #   @return [String]
+    #
+    # @!attribute [rw] policy
+    #   Object Lambda Access Point resource policy document.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/PutAccessPointPolicyForObjectLambdaRequest AWS API Documentation
+    #
+    class PutAccessPointPolicyForObjectLambdaRequest < Struct.new(
+      :account_id,
+      :name,
+      :policy)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass PutAccessPointPolicyRequest
     #   data as a hash:
     #
@@ -3158,12 +3741,12 @@ module Aws::S3Control
     # @!attribute [rw] policy
     #   The policy that you want to apply to the specified access point. For
     #   more information about access point policies, see [Managing data
-    #   access with Amazon S3 Access Points][1] in the *Amazon Simple
-    #   Storage Service User Guide*.
+    #   access with Amazon S3 access points][1] in the *Amazon S3 User
+    #   Guide*.
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/PutAccessPointPolicyRequest AWS API Documentation
@@ -3796,6 +4379,7 @@ module Aws::S3Control
     #         object_lock_legal_hold_status: "OFF", # accepts OFF, ON
     #         object_lock_mode: "COMPLIANCE", # accepts COMPLIANCE, GOVERNANCE
     #         object_lock_retain_until_date: Time.now,
+    #         bucket_key_enabled: false,
     #       }
     #
     # @!attribute [rw] target_resource
@@ -3863,6 +4447,16 @@ module Aws::S3Control
     #   all objects in the Batch Operations job.
     #   @return [Time]
     #
+    # @!attribute [rw] bucket_key_enabled
+    #   Specifies whether Amazon S3 should use an S3 Bucket Key for object
+    #   encryption with server-side encryption using AWS KMS (SSE-KMS).
+    #   Setting this header to `true` causes Amazon S3 to use an S3 Bucket
+    #   Key for object encryption with SSE-KMS.
+    #
+    #   Specifying this header with an *object* action doesn’t affect
+    #   *bucket-level* settings for S3 Bucket Key.
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/S3CopyObjectOperation AWS API Documentation
     #
     class S3CopyObjectOperation < Struct.new(
@@ -3881,7 +4475,8 @@ module Aws::S3Control
       :target_key_prefix,
       :object_lock_legal_hold_status,
       :object_lock_mode,
-      :object_lock_retain_until_date)
+      :object_lock_retain_until_date,
+      :bucket_key_enabled)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4123,8 +4718,8 @@ module Aws::S3Control
     # objects in the S3 Batch Operations job. If you don't provide `Mode`
     # and `RetainUntilDate` data types in your operation, you will remove
     # the retention from your objects. For more information, see [Using S3
-    # Object Lock retention with S3 Batch Operations][1] in the *Amazon
-    # Simple Storage Service User Guide*.
+    # Object Lock retention with S3 Batch Operations][1] in the *Amazon S3
+    # User Guide*.
     #
     #
     #
@@ -4205,8 +4800,8 @@ module Aws::S3Control
     # Contains the configuration for an S3 Object Lock legal hold operation
     # that an S3 Batch Operations job passes every object to the underlying
     # `PutObjectLegalHold` API. For more information, see [Using S3 Object
-    # Lock legal hold with S3 Batch Operations][1] in the *Amazon Simple
-    # Storage Service User Guide*.
+    # Lock legal hold with S3 Batch Operations][1] in the *Amazon S3 User
+    # Guide*.
     #
     #
     #
@@ -4238,7 +4833,7 @@ module Aws::S3Control
     # action for an S3 Batch Operations job. Batch Operations passes every
     # object to the underlying `PutObjectRetention` API. For more
     # information, see [Using S3 Object Lock retention with S3 Batch
-    # Operations][1] in the *Amazon Simple Storage Service User Guide*.
+    # Operations][1] in the *Amazon S3 User Guide*.
     #
     #
     #
@@ -4264,8 +4859,8 @@ module Aws::S3Control
     # @!attribute [rw] retention
     #   Contains the Object Lock retention mode to be applied to all objects
     #   in the Batch Operations job. For more information, see [Using S3
-    #   Object Lock retention with S3 Batch Operations][1] in the *Amazon
-    #   Simple Storage Service User Guide*.
+    #   Object Lock retention with S3 Batch Operations][1] in the *Amazon S3
+    #   User Guide*.
     #
     #
     #
@@ -4684,8 +5279,8 @@ module Aws::S3Control
 
     # Specifies when an object transitions to a specified storage class. For
     # more information about Amazon S3 Lifecycle configuration rules, see [
-    # Transitioning objects using Amazon S3 Lifecycle][1] in the *Amazon
-    # Simple Storage Service User Guide*.
+    # Transitioning objects using Amazon S3 Lifecycle][1] in the *Amazon S3
+    # User Guide*.
     #
     #
     #