aws-sdk-s3control 1.71.0 → 1.73.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-s3control/client.rb +1348 -87
- data/lib/aws-sdk-s3control/client_api.rb +575 -0
- data/lib/aws-sdk-s3control/endpoints.rb +400 -0
- data/lib/aws-sdk-s3control/plugins/endpoints.rb +40 -0
- data/lib/aws-sdk-s3control/types.rb +1465 -23
- data/lib/aws-sdk-s3control.rb +2 -2
- metadata +5 -5
@@ -43,6 +43,36 @@ module Aws::S3Control
|
|
43
43
|
include Aws::Structure
|
44
44
|
end
|
45
45
|
|
46
|
+
# The configuration options of the S3 Access Grants location. It
|
47
|
+
# contains the `S3SubPrefix` field. The grant scope, the data to which
|
48
|
+
# you are granting access, is the result of appending the `Subprefix`
|
49
|
+
# field to the scope of the registered location.
|
50
|
+
#
|
51
|
+
# @!attribute [rw] s3_sub_prefix
|
52
|
+
# The `S3SubPrefix` is appended to the location scope creating the
|
53
|
+
# grant scope. Use this field to narrow the scope of the grant to a
|
54
|
+
# subset of the location scope. This field is required if the location
|
55
|
+
# scope is the default location `s3://` because you cannot create a
|
56
|
+
# grant for all of your S3 data in the Region and must narrow the
|
57
|
+
# scope. For example, if the location scope is the default location
|
58
|
+
# `s3://`, the `S3SubPrefx` can be a <bucket-name>/*, so the
|
59
|
+
# full grant scope path would be `s3://<bucket-name>/*`. Or the
|
60
|
+
# `S3SubPrefx` can be `<bucket-name>/<prefix-name>*`, so the full
|
61
|
+
# grant scope path would be or `s3://<bucket-name>/<prefix-name>*`.
|
62
|
+
#
|
63
|
+
# If the `S3SubPrefix` includes a prefix, append the wildcard
|
64
|
+
# character `*` after the prefix to indicate that you want to include
|
65
|
+
# all object key names in the bucket that start with that prefix.
|
66
|
+
# @return [String]
|
67
|
+
#
|
68
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/AccessGrantsLocationConfiguration AWS API Documentation
|
69
|
+
#
|
70
|
+
class AccessGrantsLocationConfiguration < Struct.new(
|
71
|
+
:s3_sub_prefix)
|
72
|
+
SENSITIVE = []
|
73
|
+
include Aws::Structure
|
74
|
+
end
|
75
|
+
|
46
76
|
# An access point used to access a bucket.
|
47
77
|
#
|
48
78
|
# @!attribute [rw] name
|
@@ -236,6 +266,33 @@ module Aws::S3Control
|
|
236
266
|
include Aws::Structure
|
237
267
|
end
|
238
268
|
|
269
|
+
# @!attribute [rw] account_id
|
270
|
+
# The ID of the Amazon Web Services account that is making this
|
271
|
+
# request.
|
272
|
+
# @return [String]
|
273
|
+
#
|
274
|
+
# @!attribute [rw] identity_center_arn
|
275
|
+
# The Amazon Resource Name (ARN) of the Amazon Web Services IAM
|
276
|
+
# Identity Center instance that you are associating with your S3
|
277
|
+
# Access Grants instance. An IAM Identity Center instance is your
|
278
|
+
# corporate identity directory that you added to the IAM Identity
|
279
|
+
# Center. You can use the [ListInstances][1] API operation to retrieve
|
280
|
+
# a list of your Identity Center instances and their ARNs.
|
281
|
+
#
|
282
|
+
#
|
283
|
+
#
|
284
|
+
# [1]: https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html
|
285
|
+
# @return [String]
|
286
|
+
#
|
287
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/AssociateAccessGrantsIdentityCenterRequest AWS API Documentation
|
288
|
+
#
|
289
|
+
class AssociateAccessGrantsIdentityCenterRequest < Struct.new(
|
290
|
+
:account_id,
|
291
|
+
:identity_center_arn)
|
292
|
+
SENSITIVE = []
|
293
|
+
include Aws::Structure
|
294
|
+
end
|
295
|
+
|
239
296
|
# Error details for the failed asynchronous operation.
|
240
297
|
#
|
241
298
|
# @!attribute [rw] code
|
@@ -483,6 +540,317 @@ module Aws::S3Control
|
|
483
540
|
include Aws::Structure
|
484
541
|
end
|
485
542
|
|
543
|
+
# @!attribute [rw] account_id
|
544
|
+
# The ID of the Amazon Web Services account that is making this
|
545
|
+
# request.
|
546
|
+
# @return [String]
|
547
|
+
#
|
548
|
+
# @!attribute [rw] access_grants_location_id
|
549
|
+
# The ID of the registered location to which you are granting access.
|
550
|
+
# S3 Access Grants assigns this ID when you register the location. S3
|
551
|
+
# Access Grants assigns the ID `default` to the default location
|
552
|
+
# `s3://` and assigns an auto-generated ID to other locations that you
|
553
|
+
# register.
|
554
|
+
#
|
555
|
+
# If you are passing the `default` location, you cannot create an
|
556
|
+
# access grant for the entire default location. You must also specify
|
557
|
+
# a bucket or a bucket and prefix in the `Subprefix` field.
|
558
|
+
# @return [String]
|
559
|
+
#
|
560
|
+
# @!attribute [rw] access_grants_location_configuration
|
561
|
+
# The configuration options of the grant location. The grant location
|
562
|
+
# is the S3 path to the data to which you are granting access. It
|
563
|
+
# contains the `S3SubPrefix` field. The grant scope is the result of
|
564
|
+
# appending the subprefix to the location scope of the registered
|
565
|
+
# location.
|
566
|
+
# @return [Types::AccessGrantsLocationConfiguration]
|
567
|
+
#
|
568
|
+
# @!attribute [rw] grantee
|
569
|
+
# The user, group, or role to which you are granting access. You can
|
570
|
+
# grant access to an IAM user or role. If you have added your
|
571
|
+
# corporate directory to Amazon Web Services IAM Identity Center and
|
572
|
+
# associated your Identity Center instance with your S3 Access Grants
|
573
|
+
# instance, the grantee can also be a corporate directory user or
|
574
|
+
# group.
|
575
|
+
# @return [Types::Grantee]
|
576
|
+
#
|
577
|
+
# @!attribute [rw] permission
|
578
|
+
# The type of access that you are granting to your S3 data, which can
|
579
|
+
# be set to one of the following values:
|
580
|
+
#
|
581
|
+
# * `READ` – Grant read-only access to the S3 data.
|
582
|
+
#
|
583
|
+
# * `WRITE` – Grant write-only access to the S3 data.
|
584
|
+
#
|
585
|
+
# * `READWRITE` – Grant both read and write access to the S3 data.
|
586
|
+
# @return [String]
|
587
|
+
#
|
588
|
+
# @!attribute [rw] application_arn
|
589
|
+
# The Amazon Resource Name (ARN) of an Amazon Web Services IAM
|
590
|
+
# Identity Center application associated with your Identity Center
|
591
|
+
# instance. If an application ARN is included in the request to create
|
592
|
+
# an access grant, the grantee can only access the S3 data through
|
593
|
+
# this application.
|
594
|
+
# @return [String]
|
595
|
+
#
|
596
|
+
# @!attribute [rw] s3_prefix_type
|
597
|
+
# The type of `S3SubPrefix`. The only possible value is `Object`. Pass
|
598
|
+
# this value if the access grant scope is an object. Do not pass this
|
599
|
+
# value if the access grant scope is a bucket or a bucket and a
|
600
|
+
# prefix.
|
601
|
+
# @return [String]
|
602
|
+
#
|
603
|
+
# @!attribute [rw] tags
|
604
|
+
# The Amazon Web Services resource tags that you are adding to the
|
605
|
+
# access grant. Each tag is a label consisting of a user-defined key
|
606
|
+
# and value. Tags can help you manage, identify, organize, search for,
|
607
|
+
# and filter resources.
|
608
|
+
# @return [Array<Types::Tag>]
|
609
|
+
#
|
610
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessGrantRequest AWS API Documentation
|
611
|
+
#
|
612
|
+
class CreateAccessGrantRequest < Struct.new(
|
613
|
+
:account_id,
|
614
|
+
:access_grants_location_id,
|
615
|
+
:access_grants_location_configuration,
|
616
|
+
:grantee,
|
617
|
+
:permission,
|
618
|
+
:application_arn,
|
619
|
+
:s3_prefix_type,
|
620
|
+
:tags)
|
621
|
+
SENSITIVE = []
|
622
|
+
include Aws::Structure
|
623
|
+
end
|
624
|
+
|
625
|
+
# @!attribute [rw] created_at
|
626
|
+
# The date and time when you created the access grant.
|
627
|
+
# @return [Time]
|
628
|
+
#
|
629
|
+
# @!attribute [rw] access_grant_id
|
630
|
+
# The ID of the access grant. S3 Access Grants auto-generates this ID
|
631
|
+
# when you create the access grant.
|
632
|
+
# @return [String]
|
633
|
+
#
|
634
|
+
# @!attribute [rw] access_grant_arn
|
635
|
+
# The Amazon Resource Name (ARN) of the access grant.
|
636
|
+
# @return [String]
|
637
|
+
#
|
638
|
+
# @!attribute [rw] grantee
|
639
|
+
# The user, group, or role to which you are granting access. You can
|
640
|
+
# grant access to an IAM user or role. If you have added your
|
641
|
+
# corporate directory to Amazon Web Services IAM Identity Center and
|
642
|
+
# associated your Identity Center instance with your S3 Access Grants
|
643
|
+
# instance, the grantee can also be a corporate directory user or
|
644
|
+
# group.
|
645
|
+
# @return [Types::Grantee]
|
646
|
+
#
|
647
|
+
# @!attribute [rw] access_grants_location_id
|
648
|
+
# The ID of the registered location to which you are granting access.
|
649
|
+
# S3 Access Grants assigns this ID when you register the location. S3
|
650
|
+
# Access Grants assigns the ID `default` to the default location
|
651
|
+
# `s3://` and assigns an auto-generated ID to other locations that you
|
652
|
+
# register.
|
653
|
+
# @return [String]
|
654
|
+
#
|
655
|
+
# @!attribute [rw] access_grants_location_configuration
|
656
|
+
# The configuration options of the grant location. The grant location
|
657
|
+
# is the S3 path to the data to which you are granting access.
|
658
|
+
# @return [Types::AccessGrantsLocationConfiguration]
|
659
|
+
#
|
660
|
+
# @!attribute [rw] permission
|
661
|
+
# The type of access that you are granting to your S3 data, which can
|
662
|
+
# be set to one of the following values:
|
663
|
+
#
|
664
|
+
# * `READ` – Grant read-only access to the S3 data.
|
665
|
+
#
|
666
|
+
# * `WRITE` – Grant write-only access to the S3 data.
|
667
|
+
#
|
668
|
+
# * `READWRITE` – Grant both read and write access to the S3 data.
|
669
|
+
# @return [String]
|
670
|
+
#
|
671
|
+
# @!attribute [rw] application_arn
|
672
|
+
# The Amazon Resource Name (ARN) of an Amazon Web Services IAM
|
673
|
+
# Identity Center application associated with your Identity Center
|
674
|
+
# instance. If the grant includes an application ARN, the grantee can
|
675
|
+
# only access the S3 data through this application.
|
676
|
+
# @return [String]
|
677
|
+
#
|
678
|
+
# @!attribute [rw] grant_scope
|
679
|
+
# The S3 path of the data to which you are granting access. It is the
|
680
|
+
# result of appending the `Subprefix` to the location scope.
|
681
|
+
# @return [String]
|
682
|
+
#
|
683
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessGrantResult AWS API Documentation
|
684
|
+
#
|
685
|
+
class CreateAccessGrantResult < Struct.new(
|
686
|
+
:created_at,
|
687
|
+
:access_grant_id,
|
688
|
+
:access_grant_arn,
|
689
|
+
:grantee,
|
690
|
+
:access_grants_location_id,
|
691
|
+
:access_grants_location_configuration,
|
692
|
+
:permission,
|
693
|
+
:application_arn,
|
694
|
+
:grant_scope)
|
695
|
+
SENSITIVE = []
|
696
|
+
include Aws::Structure
|
697
|
+
end
|
698
|
+
|
699
|
+
# @!attribute [rw] account_id
|
700
|
+
# The ID of the Amazon Web Services account that is making this
|
701
|
+
# request.
|
702
|
+
# @return [String]
|
703
|
+
#
|
704
|
+
# @!attribute [rw] identity_center_arn
|
705
|
+
# If you would like to associate your S3 Access Grants instance with
|
706
|
+
# an Amazon Web Services IAM Identity Center instance, use this field
|
707
|
+
# to pass the Amazon Resource Name (ARN) of the Amazon Web Services
|
708
|
+
# IAM Identity Center instance that you are associating with your S3
|
709
|
+
# Access Grants instance. An IAM Identity Center instance is your
|
710
|
+
# corporate identity directory that you added to the IAM Identity
|
711
|
+
# Center. You can use the [ListInstances][1] API operation to retrieve
|
712
|
+
# a list of your Identity Center instances and their ARNs.
|
713
|
+
#
|
714
|
+
#
|
715
|
+
#
|
716
|
+
# [1]: https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html
|
717
|
+
# @return [String]
|
718
|
+
#
|
719
|
+
# @!attribute [rw] tags
|
720
|
+
# The Amazon Web Services resource tags that you are adding to the S3
|
721
|
+
# Access Grants instance. Each tag is a label consisting of a
|
722
|
+
# user-defined key and value. Tags can help you manage, identify,
|
723
|
+
# organize, search for, and filter resources.
|
724
|
+
# @return [Array<Types::Tag>]
|
725
|
+
#
|
726
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessGrantsInstanceRequest AWS API Documentation
|
727
|
+
#
|
728
|
+
class CreateAccessGrantsInstanceRequest < Struct.new(
|
729
|
+
:account_id,
|
730
|
+
:identity_center_arn,
|
731
|
+
:tags)
|
732
|
+
SENSITIVE = []
|
733
|
+
include Aws::Structure
|
734
|
+
end
|
735
|
+
|
736
|
+
# @!attribute [rw] created_at
|
737
|
+
# The date and time when you created the S3 Access Grants instance.
|
738
|
+
# @return [Time]
|
739
|
+
#
|
740
|
+
# @!attribute [rw] access_grants_instance_id
|
741
|
+
# The ID of the S3 Access Grants instance. The ID is `default`. You
|
742
|
+
# can have one S3 Access Grants instance per Region per account.
|
743
|
+
# @return [String]
|
744
|
+
#
|
745
|
+
# @!attribute [rw] access_grants_instance_arn
|
746
|
+
# The Amazon Resource Name (ARN) of the S3 Access Grants instance.
|
747
|
+
# @return [String]
|
748
|
+
#
|
749
|
+
# @!attribute [rw] identity_center_arn
|
750
|
+
# If you associated your S3 Access Grants instance with an Amazon Web
|
751
|
+
# Services IAM Identity Center instance, this field returns the Amazon
|
752
|
+
# Resource Name (ARN) of the IAM Identity Center instance application;
|
753
|
+
# a subresource of the original Identity Center instance passed in the
|
754
|
+
# request. S3 Access Grants creates this Identity Center application
|
755
|
+
# for this specific S3 Access Grants instance.
|
756
|
+
# @return [String]
|
757
|
+
#
|
758
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessGrantsInstanceResult AWS API Documentation
|
759
|
+
#
|
760
|
+
class CreateAccessGrantsInstanceResult < Struct.new(
|
761
|
+
:created_at,
|
762
|
+
:access_grants_instance_id,
|
763
|
+
:access_grants_instance_arn,
|
764
|
+
:identity_center_arn)
|
765
|
+
SENSITIVE = []
|
766
|
+
include Aws::Structure
|
767
|
+
end
|
768
|
+
|
769
|
+
# @!attribute [rw] account_id
|
770
|
+
# The ID of the Amazon Web Services account that is making this
|
771
|
+
# request.
|
772
|
+
# @return [String]
|
773
|
+
#
|
774
|
+
# @!attribute [rw] location_scope
|
775
|
+
# The S3 path to the location that you are registering. The location
|
776
|
+
# scope can be the default S3 location `s3://`, the S3 path to a
|
777
|
+
# bucket `s3://<bucket>`, or the S3 path to a bucket and prefix
|
778
|
+
# `s3://<bucket>/<prefix>`. A prefix in S3 is a string of characters
|
779
|
+
# at the beginning of an object key name used to organize the objects
|
780
|
+
# that you store in your S3 buckets. For example, object key names
|
781
|
+
# that start with the `engineering/` prefix or object key names that
|
782
|
+
# start with the `marketing/campaigns/` prefix.
|
783
|
+
# @return [String]
|
784
|
+
#
|
785
|
+
# @!attribute [rw] iam_role_arn
|
786
|
+
# The Amazon Resource Name (ARN) of the IAM role for the registered
|
787
|
+
# location. S3 Access Grants assumes this role to manage access to the
|
788
|
+
# registered location.
|
789
|
+
# @return [String]
|
790
|
+
#
|
791
|
+
# @!attribute [rw] tags
|
792
|
+
# The Amazon Web Services resource tags that you are adding to the S3
|
793
|
+
# Access Grants location. Each tag is a label consisting of a
|
794
|
+
# user-defined key and value. Tags can help you manage, identify,
|
795
|
+
# organize, search for, and filter resources.
|
796
|
+
# @return [Array<Types::Tag>]
|
797
|
+
#
|
798
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessGrantsLocationRequest AWS API Documentation
|
799
|
+
#
|
800
|
+
class CreateAccessGrantsLocationRequest < Struct.new(
|
801
|
+
:account_id,
|
802
|
+
:location_scope,
|
803
|
+
:iam_role_arn,
|
804
|
+
:tags)
|
805
|
+
SENSITIVE = []
|
806
|
+
include Aws::Structure
|
807
|
+
end
|
808
|
+
|
809
|
+
# @!attribute [rw] created_at
|
810
|
+
# The date and time when you registered the location.
|
811
|
+
# @return [Time]
|
812
|
+
#
|
813
|
+
# @!attribute [rw] access_grants_location_id
|
814
|
+
# The ID of the registered location to which you are granting access.
|
815
|
+
# S3 Access Grants assigns this ID when you register the location. S3
|
816
|
+
# Access Grants assigns the ID `default` to the default location
|
817
|
+
# `s3://` and assigns an auto-generated ID to other locations that you
|
818
|
+
# register.
|
819
|
+
# @return [String]
|
820
|
+
#
|
821
|
+
# @!attribute [rw] access_grants_location_arn
|
822
|
+
# The Amazon Resource Name (ARN) of the location you are registering.
|
823
|
+
# @return [String]
|
824
|
+
#
|
825
|
+
# @!attribute [rw] location_scope
|
826
|
+
# The S3 URI path to the location that you are registering. The
|
827
|
+
# location scope can be the default S3 location `s3://`, the S3 path
|
828
|
+
# to a bucket, or the S3 path to a bucket and prefix. A prefix in S3
|
829
|
+
# is a string of characters at the beginning of an object key name
|
830
|
+
# used to organize the objects that you store in your S3 buckets. For
|
831
|
+
# example, object key names that start with the `engineering/` prefix
|
832
|
+
# or object key names that start with the `marketing/campaigns/`
|
833
|
+
# prefix.
|
834
|
+
# @return [String]
|
835
|
+
#
|
836
|
+
# @!attribute [rw] iam_role_arn
|
837
|
+
# The Amazon Resource Name (ARN) of the IAM role for the registered
|
838
|
+
# location. S3 Access Grants assumes this role to manage access to the
|
839
|
+
# registered location.
|
840
|
+
# @return [String]
|
841
|
+
#
|
842
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessGrantsLocationResult AWS API Documentation
|
843
|
+
#
|
844
|
+
class CreateAccessGrantsLocationResult < Struct.new(
|
845
|
+
:created_at,
|
846
|
+
:access_grants_location_id,
|
847
|
+
:access_grants_location_arn,
|
848
|
+
:location_scope,
|
849
|
+
:iam_role_arn)
|
850
|
+
SENSITIVE = []
|
851
|
+
include Aws::Structure
|
852
|
+
end
|
853
|
+
|
486
854
|
# @!attribute [rw] account_id
|
487
855
|
# The Amazon Web Services account ID for owner of the specified Object
|
488
856
|
# Lambda Access Point.
|
@@ -962,6 +1330,109 @@ module Aws::S3Control
|
|
962
1330
|
include Aws::Structure
|
963
1331
|
end
|
964
1332
|
|
1333
|
+
# The Amazon Web Services Security Token Service temporary credential
|
1334
|
+
# that S3 Access Grants vends to grantees and client applications.
|
1335
|
+
#
|
1336
|
+
# @!attribute [rw] access_key_id
|
1337
|
+
# The unique access key ID of the Amazon Web Services STS temporary
|
1338
|
+
# credential that S3 Access Grants vends to grantees and client
|
1339
|
+
# applications.
|
1340
|
+
# @return [String]
|
1341
|
+
#
|
1342
|
+
# @!attribute [rw] secret_access_key
|
1343
|
+
# The secret access key of the Amazon Web Services STS temporary
|
1344
|
+
# credential that S3 Access Grants vends to grantees and client
|
1345
|
+
# applications.
|
1346
|
+
# @return [String]
|
1347
|
+
#
|
1348
|
+
# @!attribute [rw] session_token
|
1349
|
+
# The Amazon Web Services STS temporary credential that S3 Access
|
1350
|
+
# Grants vends to grantees and client applications.
|
1351
|
+
# @return [String]
|
1352
|
+
#
|
1353
|
+
# @!attribute [rw] expiration
|
1354
|
+
# The expiration date and time of the temporary credential that S3
|
1355
|
+
# Access Grants vends to grantees and client applications.
|
1356
|
+
# @return [Time]
|
1357
|
+
#
|
1358
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/Credentials AWS API Documentation
|
1359
|
+
#
|
1360
|
+
class Credentials < Struct.new(
|
1361
|
+
:access_key_id,
|
1362
|
+
:secret_access_key,
|
1363
|
+
:session_token,
|
1364
|
+
:expiration)
|
1365
|
+
SENSITIVE = [:access_key_id, :secret_access_key, :session_token]
|
1366
|
+
include Aws::Structure
|
1367
|
+
end
|
1368
|
+
|
1369
|
+
# @!attribute [rw] account_id
|
1370
|
+
# The ID of the Amazon Web Services account that is making this
|
1371
|
+
# request.
|
1372
|
+
# @return [String]
|
1373
|
+
#
|
1374
|
+
# @!attribute [rw] access_grant_id
|
1375
|
+
# The ID of the access grant. S3 Access Grants auto-generates this ID
|
1376
|
+
# when you create the access grant.
|
1377
|
+
# @return [String]
|
1378
|
+
#
|
1379
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DeleteAccessGrantRequest AWS API Documentation
|
1380
|
+
#
|
1381
|
+
class DeleteAccessGrantRequest < Struct.new(
|
1382
|
+
:account_id,
|
1383
|
+
:access_grant_id)
|
1384
|
+
SENSITIVE = []
|
1385
|
+
include Aws::Structure
|
1386
|
+
end
|
1387
|
+
|
1388
|
+
# @!attribute [rw] account_id
|
1389
|
+
# The ID of the Amazon Web Services account that is making this
|
1390
|
+
# request.
|
1391
|
+
# @return [String]
|
1392
|
+
#
|
1393
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DeleteAccessGrantsInstanceRequest AWS API Documentation
|
1394
|
+
#
|
1395
|
+
class DeleteAccessGrantsInstanceRequest < Struct.new(
|
1396
|
+
:account_id)
|
1397
|
+
SENSITIVE = []
|
1398
|
+
include Aws::Structure
|
1399
|
+
end
|
1400
|
+
|
1401
|
+
# @!attribute [rw] account_id
|
1402
|
+
# The ID of the Amazon Web Services account that is making this
|
1403
|
+
# request.
|
1404
|
+
# @return [String]
|
1405
|
+
#
|
1406
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicyRequest AWS API Documentation
|
1407
|
+
#
|
1408
|
+
class DeleteAccessGrantsInstanceResourcePolicyRequest < Struct.new(
|
1409
|
+
:account_id)
|
1410
|
+
SENSITIVE = []
|
1411
|
+
include Aws::Structure
|
1412
|
+
end
|
1413
|
+
|
1414
|
+
# @!attribute [rw] account_id
|
1415
|
+
# The ID of the Amazon Web Services account that is making this
|
1416
|
+
# request.
|
1417
|
+
# @return [String]
|
1418
|
+
#
|
1419
|
+
# @!attribute [rw] access_grants_location_id
|
1420
|
+
# The ID of the registered location that you are deregistering from
|
1421
|
+
# your S3 Access Grants instance. S3 Access Grants assigned this ID
|
1422
|
+
# when you registered the location. S3 Access Grants assigns the ID
|
1423
|
+
# `default` to the default location `s3://` and assigns an
|
1424
|
+
# auto-generated ID to other locations that you register.
|
1425
|
+
# @return [String]
|
1426
|
+
#
|
1427
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DeleteAccessGrantsLocationRequest AWS API Documentation
|
1428
|
+
#
|
1429
|
+
class DeleteAccessGrantsLocationRequest < Struct.new(
|
1430
|
+
:account_id,
|
1431
|
+
:access_grants_location_id)
|
1432
|
+
SENSITIVE = []
|
1433
|
+
include Aws::Structure
|
1434
|
+
end
|
1435
|
+
|
965
1436
|
# @!attribute [rw] account_id
|
966
1437
|
# The account ID for the account that owns the specified Object Lambda
|
967
1438
|
# Access Point.
|
@@ -1568,6 +2039,19 @@ module Aws::S3Control
|
|
1568
2039
|
include Aws::Structure
|
1569
2040
|
end
|
1570
2041
|
|
2042
|
+
# @!attribute [rw] account_id
|
2043
|
+
# The ID of the Amazon Web Services account that is making this
|
2044
|
+
# request.
|
2045
|
+
# @return [String]
|
2046
|
+
#
|
2047
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DissociateAccessGrantsIdentityCenterRequest AWS API Documentation
|
2048
|
+
#
|
2049
|
+
class DissociateAccessGrantsIdentityCenterRequest < Struct.new(
|
2050
|
+
:account_id)
|
2051
|
+
SENSITIVE = []
|
2052
|
+
include Aws::Structure
|
2053
|
+
end
|
2054
|
+
|
1571
2055
|
# Specifies encryption-related information for an Amazon S3 bucket that
|
1572
2056
|
# is a destination for replicated objects.
|
1573
2057
|
#
|
@@ -1677,6 +2161,282 @@ module Aws::S3Control
|
|
1677
2161
|
include Aws::Structure
|
1678
2162
|
end
|
1679
2163
|
|
2164
|
+
# @!attribute [rw] account_id
|
2165
|
+
# The ID of the Amazon Web Services account that is making this
|
2166
|
+
# request.
|
2167
|
+
# @return [String]
|
2168
|
+
#
|
2169
|
+
# @!attribute [rw] access_grant_id
|
2170
|
+
# The ID of the access grant. S3 Access Grants auto-generates this ID
|
2171
|
+
# when you create the access grant.
|
2172
|
+
# @return [String]
|
2173
|
+
#
|
2174
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantRequest AWS API Documentation
|
2175
|
+
#
|
2176
|
+
class GetAccessGrantRequest < Struct.new(
|
2177
|
+
:account_id,
|
2178
|
+
:access_grant_id)
|
2179
|
+
SENSITIVE = []
|
2180
|
+
include Aws::Structure
|
2181
|
+
end
|
2182
|
+
|
2183
|
+
# @!attribute [rw] created_at
|
2184
|
+
# The date and time when you created the access grant.
|
2185
|
+
# @return [Time]
|
2186
|
+
#
|
2187
|
+
# @!attribute [rw] access_grant_id
|
2188
|
+
# The ID of the access grant. S3 Access Grants auto-generates this ID
|
2189
|
+
# when you create the access grant.
|
2190
|
+
# @return [String]
|
2191
|
+
#
|
2192
|
+
# @!attribute [rw] access_grant_arn
|
2193
|
+
# The Amazon Resource Name (ARN) of the access grant.
|
2194
|
+
# @return [String]
|
2195
|
+
#
|
2196
|
+
# @!attribute [rw] grantee
|
2197
|
+
# The user, group, or role to which you are granting access. You can
|
2198
|
+
# grant access to an IAM user or role. If you have added a corporate
|
2199
|
+
# directory to Amazon Web Services IAM Identity Center and associated
|
2200
|
+
# this Identity Center instance with the S3 Access Grants instance,
|
2201
|
+
# the grantee can also be a corporate directory user or group.
|
2202
|
+
# @return [Types::Grantee]
|
2203
|
+
#
|
2204
|
+
# @!attribute [rw] permission
|
2205
|
+
# The type of permission that was granted in the access grant. Can be
|
2206
|
+
# one of the following values:
|
2207
|
+
#
|
2208
|
+
# * `READ` – Grant read-only access to the S3 data.
|
2209
|
+
#
|
2210
|
+
# * `WRITE` – Grant write-only access to the S3 data.
|
2211
|
+
#
|
2212
|
+
# * `READWRITE` – Grant both read and write access to the S3 data.
|
2213
|
+
# @return [String]
|
2214
|
+
#
|
2215
|
+
# @!attribute [rw] access_grants_location_id
|
2216
|
+
# The ID of the registered location to which you are granting access.
|
2217
|
+
# S3 Access Grants assigns this ID when you register the location. S3
|
2218
|
+
# Access Grants assigns the ID `default` to the default location
|
2219
|
+
# `s3://` and assigns an auto-generated ID to other locations that you
|
2220
|
+
# register.
|
2221
|
+
# @return [String]
|
2222
|
+
#
|
2223
|
+
# @!attribute [rw] access_grants_location_configuration
|
2224
|
+
# The configuration options of the grant location. The grant location
|
2225
|
+
# is the S3 path to the data to which you are granting access.
|
2226
|
+
# @return [Types::AccessGrantsLocationConfiguration]
|
2227
|
+
#
|
2228
|
+
# @!attribute [rw] grant_scope
|
2229
|
+
# The S3 path of the data to which you are granting access. It is the
|
2230
|
+
# result of appending the `Subprefix` to the location scope.
|
2231
|
+
# @return [String]
|
2232
|
+
#
|
2233
|
+
# @!attribute [rw] application_arn
|
2234
|
+
# The Amazon Resource Name (ARN) of an Amazon Web Services IAM
|
2235
|
+
# Identity Center application associated with your Identity Center
|
2236
|
+
# instance. If the grant includes an application ARN, the grantee can
|
2237
|
+
# only access the S3 data through this application.
|
2238
|
+
# @return [String]
|
2239
|
+
#
|
2240
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantResult AWS API Documentation
|
2241
|
+
#
|
2242
|
+
class GetAccessGrantResult < Struct.new(
|
2243
|
+
:created_at,
|
2244
|
+
:access_grant_id,
|
2245
|
+
:access_grant_arn,
|
2246
|
+
:grantee,
|
2247
|
+
:permission,
|
2248
|
+
:access_grants_location_id,
|
2249
|
+
:access_grants_location_configuration,
|
2250
|
+
:grant_scope,
|
2251
|
+
:application_arn)
|
2252
|
+
SENSITIVE = []
|
2253
|
+
include Aws::Structure
|
2254
|
+
end
|
2255
|
+
|
2256
|
+
# @!attribute [rw] account_id
|
2257
|
+
# The ID of the Amazon Web Services account that is making this
|
2258
|
+
# request.
|
2259
|
+
# @return [String]
|
2260
|
+
#
|
2261
|
+
# @!attribute [rw] s3_prefix
|
2262
|
+
# The S3 prefix of the access grants that you would like to retrieve.
|
2263
|
+
# @return [String]
|
2264
|
+
#
|
2265
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsInstanceForPrefixRequest AWS API Documentation
|
2266
|
+
#
|
2267
|
+
class GetAccessGrantsInstanceForPrefixRequest < Struct.new(
|
2268
|
+
:account_id,
|
2269
|
+
:s3_prefix)
|
2270
|
+
SENSITIVE = []
|
2271
|
+
include Aws::Structure
|
2272
|
+
end
|
2273
|
+
|
2274
|
+
# @!attribute [rw] access_grants_instance_arn
|
2275
|
+
# The Amazon Resource Name (ARN) of the S3 Access Grants instance.
|
2276
|
+
# @return [String]
|
2277
|
+
#
|
2278
|
+
# @!attribute [rw] access_grants_instance_id
|
2279
|
+
# The ID of the S3 Access Grants instance. The ID is `default`. You
|
2280
|
+
# can have one S3 Access Grants instance per Region per account.
|
2281
|
+
# @return [String]
|
2282
|
+
#
|
2283
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsInstanceForPrefixResult AWS API Documentation
|
2284
|
+
#
|
2285
|
+
class GetAccessGrantsInstanceForPrefixResult < Struct.new(
|
2286
|
+
:access_grants_instance_arn,
|
2287
|
+
:access_grants_instance_id)
|
2288
|
+
SENSITIVE = []
|
2289
|
+
include Aws::Structure
|
2290
|
+
end
|
2291
|
+
|
2292
|
+
# @!attribute [rw] account_id
|
2293
|
+
# The ID of the Amazon Web Services account that is making this
|
2294
|
+
# request.
|
2295
|
+
# @return [String]
|
2296
|
+
#
|
2297
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsInstanceRequest AWS API Documentation
|
2298
|
+
#
|
2299
|
+
class GetAccessGrantsInstanceRequest < Struct.new(
|
2300
|
+
:account_id)
|
2301
|
+
SENSITIVE = []
|
2302
|
+
include Aws::Structure
|
2303
|
+
end
|
2304
|
+
|
2305
|
+
# @!attribute [rw] account_id
|
2306
|
+
# The ID of the Amazon Web Services account that is making this
|
2307
|
+
# request.
|
2308
|
+
# @return [String]
|
2309
|
+
#
|
2310
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicyRequest AWS API Documentation
|
2311
|
+
#
|
2312
|
+
class GetAccessGrantsInstanceResourcePolicyRequest < Struct.new(
|
2313
|
+
:account_id)
|
2314
|
+
SENSITIVE = []
|
2315
|
+
include Aws::Structure
|
2316
|
+
end
|
2317
|
+
|
2318
|
+
# @!attribute [rw] policy
|
2319
|
+
# The resource policy of the S3 Access Grants instance.
|
2320
|
+
# @return [String]
|
2321
|
+
#
|
2322
|
+
# @!attribute [rw] organization
|
2323
|
+
# The Organization of the resource policy of the S3 Access Grants
|
2324
|
+
# instance.
|
2325
|
+
# @return [String]
|
2326
|
+
#
|
2327
|
+
# @!attribute [rw] created_at
|
2328
|
+
# The date and time when you created the S3 Access Grants instance
|
2329
|
+
# resource policy.
|
2330
|
+
# @return [Time]
|
2331
|
+
#
|
2332
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicyResult AWS API Documentation
|
2333
|
+
#
|
2334
|
+
class GetAccessGrantsInstanceResourcePolicyResult < Struct.new(
|
2335
|
+
:policy,
|
2336
|
+
:organization,
|
2337
|
+
:created_at)
|
2338
|
+
SENSITIVE = []
|
2339
|
+
include Aws::Structure
|
2340
|
+
end
|
2341
|
+
|
2342
|
+
# @!attribute [rw] access_grants_instance_arn
|
2343
|
+
# The Amazon Resource Name (ARN) of the S3 Access Grants instance.
|
2344
|
+
# @return [String]
|
2345
|
+
#
|
2346
|
+
# @!attribute [rw] access_grants_instance_id
|
2347
|
+
# The ID of the S3 Access Grants instance. The ID is `default`. You
|
2348
|
+
# can have one S3 Access Grants instance per Region per account.
|
2349
|
+
# @return [String]
|
2350
|
+
#
|
2351
|
+
# @!attribute [rw] identity_center_arn
|
2352
|
+
# If you associated your S3 Access Grants instance with an Amazon Web
|
2353
|
+
# Services IAM Identity Center instance, this field returns the Amazon
|
2354
|
+
# Resource Name (ARN) of the Amazon Web Services IAM Identity Center
|
2355
|
+
# instance application; a subresource of the original Identity Center
|
2356
|
+
# instance. S3 Access Grants creates this Identity Center application
|
2357
|
+
# for the specific S3 Access Grants instance.
|
2358
|
+
# @return [String]
|
2359
|
+
#
|
2360
|
+
# @!attribute [rw] created_at
|
2361
|
+
# The date and time when you created the S3 Access Grants instance.
|
2362
|
+
# @return [Time]
|
2363
|
+
#
|
2364
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsInstanceResult AWS API Documentation
|
2365
|
+
#
|
2366
|
+
class GetAccessGrantsInstanceResult < Struct.new(
|
2367
|
+
:access_grants_instance_arn,
|
2368
|
+
:access_grants_instance_id,
|
2369
|
+
:identity_center_arn,
|
2370
|
+
:created_at)
|
2371
|
+
SENSITIVE = []
|
2372
|
+
include Aws::Structure
|
2373
|
+
end
|
2374
|
+
|
2375
|
+
# @!attribute [rw] account_id
|
2376
|
+
# The ID of the Amazon Web Services account that is making this
|
2377
|
+
# request.
|
2378
|
+
# @return [String]
|
2379
|
+
#
|
2380
|
+
# @!attribute [rw] access_grants_location_id
|
2381
|
+
# The ID of the registered location that you are retrieving. S3 Access
|
2382
|
+
# Grants assigns this ID when you register the location. S3 Access
|
2383
|
+
# Grants assigns the ID `default` to the default location `s3://` and
|
2384
|
+
# assigns an auto-generated ID to other locations that you register.
|
2385
|
+
# @return [String]
|
2386
|
+
#
|
2387
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsLocationRequest AWS API Documentation
|
2388
|
+
#
|
2389
|
+
class GetAccessGrantsLocationRequest < Struct.new(
|
2390
|
+
:account_id,
|
2391
|
+
:access_grants_location_id)
|
2392
|
+
SENSITIVE = []
|
2393
|
+
include Aws::Structure
|
2394
|
+
end
|
2395
|
+
|
2396
|
+
# @!attribute [rw] created_at
|
2397
|
+
# The date and time when you registered the location.
|
2398
|
+
# @return [Time]
|
2399
|
+
#
|
2400
|
+
# @!attribute [rw] access_grants_location_id
|
2401
|
+
# The ID of the registered location to which you are granting access.
|
2402
|
+
# S3 Access Grants assigns this ID when you register the location. S3
|
2403
|
+
# Access Grants assigns the ID `default` to the default location
|
2404
|
+
# `s3://` and assigns an auto-generated ID to other locations that you
|
2405
|
+
# register.
|
2406
|
+
# @return [String]
|
2407
|
+
#
|
2408
|
+
# @!attribute [rw] access_grants_location_arn
|
2409
|
+
# The Amazon Resource Name (ARN) of the registered location.
|
2410
|
+
# @return [String]
|
2411
|
+
#
|
2412
|
+
# @!attribute [rw] location_scope
|
2413
|
+
# The S3 URI path to the registered location. The location scope can
|
2414
|
+
# be the default S3 location `s3://`, the S3 path to a bucket, or the
|
2415
|
+
# S3 path to a bucket and prefix. A prefix in S3 is a string of
|
2416
|
+
# characters at the beginning of an object key name used to organize
|
2417
|
+
# the objects that you store in your S3 buckets. For example, object
|
2418
|
+
# key names that start with the `engineering/` prefix or object key
|
2419
|
+
# names that start with the `marketing/campaigns/` prefix.
|
2420
|
+
# @return [String]
|
2421
|
+
#
|
2422
|
+
# @!attribute [rw] iam_role_arn
|
2423
|
+
# The Amazon Resource Name (ARN) of the IAM role for the registered
|
2424
|
+
# location. S3 Access Grants assumes this role to manage access to the
|
2425
|
+
# registered location.
|
2426
|
+
# @return [String]
|
2427
|
+
#
|
2428
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsLocationResult AWS API Documentation
|
2429
|
+
#
|
2430
|
+
class GetAccessGrantsLocationResult < Struct.new(
|
2431
|
+
:created_at,
|
2432
|
+
:access_grants_location_id,
|
2433
|
+
:access_grants_location_arn,
|
2434
|
+
:location_scope,
|
2435
|
+
:iam_role_arn)
|
2436
|
+
SENSITIVE = []
|
2437
|
+
include Aws::Structure
|
2438
|
+
end
|
2439
|
+
|
1680
2440
|
# @!attribute [rw] account_id
|
1681
2441
|
# The account ID for the account that owns the specified Object Lambda
|
1682
2442
|
# Access Point.
|
@@ -2265,6 +3025,88 @@ module Aws::S3Control
|
|
2265
3025
|
include Aws::Structure
|
2266
3026
|
end
|
2267
3027
|
|
3028
|
+
# @!attribute [rw] account_id
|
3029
|
+
# The ID of the Amazon Web Services account that is making this
|
3030
|
+
# request.
|
3031
|
+
# @return [String]
|
3032
|
+
#
|
3033
|
+
# @!attribute [rw] target
|
3034
|
+
# The S3 URI path of the data to which you are requesting temporary
|
3035
|
+
# access credentials. If the requesting account has an access grant
|
3036
|
+
# for this data, S3 Access Grants vends temporary access credentials
|
3037
|
+
# in the response.
|
3038
|
+
# @return [String]
|
3039
|
+
#
|
3040
|
+
# @!attribute [rw] permission
|
3041
|
+
# The type of permission granted to your S3 data, which can be set to
|
3042
|
+
# one of the following values:
|
3043
|
+
#
|
3044
|
+
# * `READ` – Grant read-only access to the S3 data.
|
3045
|
+
#
|
3046
|
+
# * `WRITE` – Grant write-only access to the S3 data.
|
3047
|
+
#
|
3048
|
+
# * `READWRITE` – Grant both read and write access to the S3 data.
|
3049
|
+
# @return [String]
|
3050
|
+
#
|
3051
|
+
# @!attribute [rw] duration_seconds
|
3052
|
+
# The session duration, in seconds, of the temporary access credential
|
3053
|
+
# that S3 Access Grants vends to the grantee or client application.
|
3054
|
+
# The default value is 1 hour, but the grantee can specify a range
|
3055
|
+
# from 900 seconds (15 minutes) up to 43200 seconds (12 hours). If the
|
3056
|
+
# grantee requests a value higher than this maximum, the operation
|
3057
|
+
# fails.
|
3058
|
+
# @return [Integer]
|
3059
|
+
#
|
3060
|
+
# @!attribute [rw] privilege
|
3061
|
+
# The scope of the temporary access credential that S3 Access Grants
|
3062
|
+
# vends to the grantee or client application.
|
3063
|
+
#
|
3064
|
+
# * `Default` – The scope of the returned temporary access token is
|
3065
|
+
# the scope of the grant that is closest to the target scope.
|
3066
|
+
#
|
3067
|
+
# * `Minimal` – The scope of the returned temporary access token is
|
3068
|
+
# the same as the requested target scope as long as the requested
|
3069
|
+
# scope is the same as or a subset of the grant scope.
|
3070
|
+
# @return [String]
|
3071
|
+
#
|
3072
|
+
# @!attribute [rw] target_type
|
3073
|
+
# The type of `Target`. The only possible value is `Object`. Pass this
|
3074
|
+
# value if the target data that you would like to access is a path to
|
3075
|
+
# an object. Do not pass this value if the target data is a bucket or
|
3076
|
+
# a bucket and a prefix.
|
3077
|
+
# @return [String]
|
3078
|
+
#
|
3079
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetDataAccessRequest AWS API Documentation
|
3080
|
+
#
|
3081
|
+
class GetDataAccessRequest < Struct.new(
|
3082
|
+
:account_id,
|
3083
|
+
:target,
|
3084
|
+
:permission,
|
3085
|
+
:duration_seconds,
|
3086
|
+
:privilege,
|
3087
|
+
:target_type)
|
3088
|
+
SENSITIVE = []
|
3089
|
+
include Aws::Structure
|
3090
|
+
end
|
3091
|
+
|
3092
|
+
# @!attribute [rw] credentials
|
3093
|
+
# The temporary credential token that S3 Access Grants vends.
|
3094
|
+
# @return [Types::Credentials]
|
3095
|
+
#
|
3096
|
+
# @!attribute [rw] matched_grant_target
|
3097
|
+
# The S3 URI path of the data to which you are being granted temporary
|
3098
|
+
# access credentials.
|
3099
|
+
# @return [String]
|
3100
|
+
#
|
3101
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetDataAccessResult AWS API Documentation
|
3102
|
+
#
|
3103
|
+
class GetDataAccessResult < Struct.new(
|
3104
|
+
:credentials,
|
3105
|
+
:matched_grant_target)
|
3106
|
+
SENSITIVE = [:credentials]
|
3107
|
+
include Aws::Structure
|
3108
|
+
end
|
3109
|
+
|
2268
3110
|
# @!attribute [rw] account_id
|
2269
3111
|
# The Amazon Web Services account ID associated with the S3 Batch
|
2270
3112
|
# Operations job.
|
@@ -2564,10 +3406,51 @@ module Aws::S3Control
|
|
2564
3406
|
# the configuration details for.
|
2565
3407
|
# @return [Types::StorageLensGroup]
|
2566
3408
|
#
|
2567
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetStorageLensGroupResult AWS API Documentation
|
3409
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetStorageLensGroupResult AWS API Documentation
|
3410
|
+
#
|
3411
|
+
class GetStorageLensGroupResult < Struct.new(
|
3412
|
+
:storage_lens_group)
|
3413
|
+
SENSITIVE = []
|
3414
|
+
include Aws::Structure
|
3415
|
+
end
|
3416
|
+
|
3417
|
+
# The user, group, or role to which you are granting access. You can
|
3418
|
+
# grant access to an IAM user or role. If you have added your corporate
|
3419
|
+
# directory to Amazon Web Services IAM Identity Center and associated
|
3420
|
+
# your Identity Center instance with your S3 Access Grants instance, the
|
3421
|
+
# grantee can also be a corporate directory user or group.
|
3422
|
+
#
|
3423
|
+
# @!attribute [rw] grantee_type
|
3424
|
+
# The type of the grantee to which access has been granted. It can be
|
3425
|
+
# one of the following values:
|
3426
|
+
#
|
3427
|
+
# * `IAM` - An IAM user or role.
|
3428
|
+
#
|
3429
|
+
# * `DIRECTORY_USER` - Your corporate directory user. You can use this
|
3430
|
+
# option if you have added your corporate identity directory to IAM
|
3431
|
+
# Identity Center and associated the IAM Identity Center instance
|
3432
|
+
# with your S3 Access Grants instance.
|
3433
|
+
#
|
3434
|
+
# * `DIRECTORY_GROUP` - Your corporate directory group. You can use
|
3435
|
+
# this option if you have added your corporate identity directory to
|
3436
|
+
# IAM Identity Center and associated the IAM Identity Center
|
3437
|
+
# instance with your S3 Access Grants instance.
|
3438
|
+
# @return [String]
|
3439
|
+
#
|
3440
|
+
# @!attribute [rw] grantee_identifier
|
3441
|
+
# The unique identifier of the `Grantee`. If the grantee type is
|
3442
|
+
# `IAM`, the identifier is the IAM Amazon Resource Name (ARN) of the
|
3443
|
+
# user or role. If the grantee type is a directory user or group, the
|
3444
|
+
# identifier is 128-bit universally unique identifier (UUID) in the
|
3445
|
+
# format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`. You can obtain this
|
3446
|
+
# UUID from your Amazon Web Services IAM Identity Center instance.
|
3447
|
+
# @return [String]
|
3448
|
+
#
|
3449
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/Grantee AWS API Documentation
|
2568
3450
|
#
|
2569
|
-
class
|
2570
|
-
:
|
3451
|
+
class Grantee < Struct.new(
|
3452
|
+
:grantee_type,
|
3453
|
+
:grantee_identifier)
|
2571
3454
|
SENSITIVE = []
|
2572
3455
|
include Aws::Structure
|
2573
3456
|
end
|
@@ -2887,18 +3770,40 @@ module Aws::S3Control
|
|
2887
3770
|
# @return [Boolean]
|
2888
3771
|
#
|
2889
3772
|
# @!attribute [rw] created_after
|
2890
|
-
# If provided, the generated manifest
|
2891
|
-
#
|
3773
|
+
# If provided, the generated manifest includes only source bucket
|
3774
|
+
# objects that were created after this time.
|
2892
3775
|
# @return [Time]
|
2893
3776
|
#
|
2894
3777
|
# @!attribute [rw] created_before
|
2895
|
-
# If provided, the generated manifest
|
2896
|
-
#
|
3778
|
+
# If provided, the generated manifest includes only source bucket
|
3779
|
+
# objects that were created before this time.
|
2897
3780
|
# @return [Time]
|
2898
3781
|
#
|
2899
3782
|
# @!attribute [rw] object_replication_statuses
|
2900
|
-
# If provided, the generated manifest
|
2901
|
-
#
|
3783
|
+
# If provided, the generated manifest includes only source bucket
|
3784
|
+
# objects that have one of the specified Replication statuses.
|
3785
|
+
# @return [Array<String>]
|
3786
|
+
#
|
3787
|
+
# @!attribute [rw] key_name_constraint
|
3788
|
+
# If provided, the generated manifest includes only source bucket
|
3789
|
+
# objects whose object keys match the string constraints specified for
|
3790
|
+
# `MatchAnyPrefix`, `MatchAnySuffix`, and `MatchAnySubstring`.
|
3791
|
+
# @return [Types::KeyNameConstraint]
|
3792
|
+
#
|
3793
|
+
# @!attribute [rw] object_size_greater_than_bytes
|
3794
|
+
# If provided, the generated manifest includes only source bucket
|
3795
|
+
# objects whose file size is greater than the specified number of
|
3796
|
+
# bytes.
|
3797
|
+
# @return [Integer]
|
3798
|
+
#
|
3799
|
+
# @!attribute [rw] object_size_less_than_bytes
|
3800
|
+
# If provided, the generated manifest includes only source bucket
|
3801
|
+
# objects whose file size is less than the specified number of bytes.
|
3802
|
+
# @return [Integer]
|
3803
|
+
#
|
3804
|
+
# @!attribute [rw] match_any_storage_class
|
3805
|
+
# If provided, the generated manifest includes only source bucket
|
3806
|
+
# objects that are stored with the specified storage class.
|
2902
3807
|
# @return [Array<String>]
|
2903
3808
|
#
|
2904
3809
|
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/JobManifestGeneratorFilter AWS API Documentation
|
@@ -2907,7 +3812,11 @@ module Aws::S3Control
|
|
2907
3812
|
:eligible_for_replication,
|
2908
3813
|
:created_after,
|
2909
3814
|
:created_before,
|
2910
|
-
:object_replication_statuses
|
3815
|
+
:object_replication_statuses,
|
3816
|
+
:key_name_constraint,
|
3817
|
+
:object_size_greater_than_bytes,
|
3818
|
+
:object_size_less_than_bytes,
|
3819
|
+
:match_any_storage_class)
|
2911
3820
|
SENSITIVE = []
|
2912
3821
|
include Aws::Structure
|
2913
3822
|
end
|
@@ -3145,6 +4054,35 @@ module Aws::S3Control
|
|
3145
4054
|
include Aws::Structure
|
3146
4055
|
end
|
3147
4056
|
|
4057
|
+
# If provided, the generated manifest includes only source bucket
|
4058
|
+
# objects whose object keys match the string constraints specified for
|
4059
|
+
# `MatchAnyPrefix`, `MatchAnySuffix`, and `MatchAnySubstring`.
|
4060
|
+
#
|
4061
|
+
# @!attribute [rw] match_any_prefix
|
4062
|
+
# If provided, the generated manifest includes objects where the
|
4063
|
+
# specified string appears at the start of the object key string.
|
4064
|
+
# @return [Array<String>]
|
4065
|
+
#
|
4066
|
+
# @!attribute [rw] match_any_suffix
|
4067
|
+
# If provided, the generated manifest includes objects where the
|
4068
|
+
# specified string appears at the end of the object key string.
|
4069
|
+
# @return [Array<String>]
|
4070
|
+
#
|
4071
|
+
# @!attribute [rw] match_any_substring
|
4072
|
+
# If provided, the generated manifest includes objects where the
|
4073
|
+
# specified string appears anywhere within the object key string.
|
4074
|
+
# @return [Array<String>]
|
4075
|
+
#
|
4076
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/KeyNameConstraint AWS API Documentation
|
4077
|
+
#
|
4078
|
+
class KeyNameConstraint < Struct.new(
|
4079
|
+
:match_any_prefix,
|
4080
|
+
:match_any_suffix,
|
4081
|
+
:match_any_substring)
|
4082
|
+
SENSITIVE = []
|
4083
|
+
include Aws::Structure
|
4084
|
+
end
|
4085
|
+
|
3148
4086
|
# Contains the configuration parameters for a `Lambda Invoke` operation.
|
3149
4087
|
#
|
3150
4088
|
# @!attribute [rw] function_arn
|
@@ -3350,6 +4288,372 @@ module Aws::S3Control
|
|
3350
4288
|
include Aws::Structure
|
3351
4289
|
end
|
3352
4290
|
|
4291
|
+
# Information about the access grant.
|
4292
|
+
#
|
4293
|
+
# @!attribute [rw] created_at
|
4294
|
+
# The date and time when you created the S3 Access Grants instance.
|
4295
|
+
# @return [Time]
|
4296
|
+
#
|
4297
|
+
# @!attribute [rw] access_grant_id
|
4298
|
+
# The ID of the access grant. S3 Access Grants auto-generates this ID
|
4299
|
+
# when you create the access grant.
|
4300
|
+
# @return [String]
|
4301
|
+
#
|
4302
|
+
# @!attribute [rw] access_grant_arn
|
4303
|
+
# The Amazon Resource Name (ARN) of the access grant.
|
4304
|
+
# @return [String]
|
4305
|
+
#
|
4306
|
+
# @!attribute [rw] grantee
|
4307
|
+
# The user, group, or role to which you are granting access. You can
|
4308
|
+
# grant access to an IAM user or role. If you have added your
|
4309
|
+
# corporate directory to Amazon Web Services IAM Identity Center and
|
4310
|
+
# associated your Identity Center instance with your S3 Access Grants
|
4311
|
+
# instance, the grantee can also be a corporate directory user or
|
4312
|
+
# group.
|
4313
|
+
# @return [Types::Grantee]
|
4314
|
+
#
|
4315
|
+
# @!attribute [rw] permission
|
4316
|
+
# The type of access granted to your S3 data, which can be set to one
|
4317
|
+
# of the following values:
|
4318
|
+
#
|
4319
|
+
# * `READ` – Grant read-only access to the S3 data.
|
4320
|
+
#
|
4321
|
+
# * `WRITE` – Grant write-only access to the S3 data.
|
4322
|
+
#
|
4323
|
+
# * `READWRITE` – Grant both read and write access to the S3 data.
|
4324
|
+
# @return [String]
|
4325
|
+
#
|
4326
|
+
# @!attribute [rw] access_grants_location_id
|
4327
|
+
# The ID of the registered location to which you are granting access.
|
4328
|
+
# S3 Access Grants assigns this ID when you register the location. S3
|
4329
|
+
# Access Grants assigns the ID `default` to the default location
|
4330
|
+
# `s3://` and assigns an auto-generated ID to other locations that you
|
4331
|
+
# register.
|
4332
|
+
# @return [String]
|
4333
|
+
#
|
4334
|
+
# @!attribute [rw] access_grants_location_configuration
|
4335
|
+
# The configuration options of the grant location. The grant location
|
4336
|
+
# is the S3 path to the data to which you are granting access.
|
4337
|
+
# @return [Types::AccessGrantsLocationConfiguration]
|
4338
|
+
#
|
4339
|
+
# @!attribute [rw] grant_scope
|
4340
|
+
# The S3 path of the data to which you are granting access. It is the
|
4341
|
+
# result of appending the `Subprefix` to the location scope.
|
4342
|
+
# @return [String]
|
4343
|
+
#
|
4344
|
+
# @!attribute [rw] application_arn
|
4345
|
+
# The Amazon Resource Name (ARN) of an Amazon Web Services IAM
|
4346
|
+
# Identity Center application associated with your Identity Center
|
4347
|
+
# instance. If the grant includes an application ARN, the grantee can
|
4348
|
+
# only access the S3 data through this application.
|
4349
|
+
# @return [String]
|
4350
|
+
#
|
4351
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantEntry AWS API Documentation
|
4352
|
+
#
|
4353
|
+
class ListAccessGrantEntry < Struct.new(
|
4354
|
+
:created_at,
|
4355
|
+
:access_grant_id,
|
4356
|
+
:access_grant_arn,
|
4357
|
+
:grantee,
|
4358
|
+
:permission,
|
4359
|
+
:access_grants_location_id,
|
4360
|
+
:access_grants_location_configuration,
|
4361
|
+
:grant_scope,
|
4362
|
+
:application_arn)
|
4363
|
+
SENSITIVE = []
|
4364
|
+
include Aws::Structure
|
4365
|
+
end
|
4366
|
+
|
4367
|
+
# Information about the S3 Access Grants instance.
|
4368
|
+
#
|
4369
|
+
# @!attribute [rw] access_grants_instance_id
|
4370
|
+
# The ID of the S3 Access Grants instance. The ID is `default`. You
|
4371
|
+
# can have one S3 Access Grants instance per Region per account.
|
4372
|
+
# @return [String]
|
4373
|
+
#
|
4374
|
+
# @!attribute [rw] access_grants_instance_arn
|
4375
|
+
# The Amazon Resource Name (ARN) of the S3 Access Grants instance.
|
4376
|
+
# @return [String]
|
4377
|
+
#
|
4378
|
+
# @!attribute [rw] created_at
|
4379
|
+
# The date and time when you created the S3 Access Grants instance.
|
4380
|
+
# @return [Time]
|
4381
|
+
#
|
4382
|
+
# @!attribute [rw] identity_center_arn
|
4383
|
+
# If you associated your S3 Access Grants instance with an Amazon Web
|
4384
|
+
# Services IAM Identity Center instance, this field returns the Amazon
|
4385
|
+
# Resource Name (ARN) of the IAM Identity Center instance application;
|
4386
|
+
# a subresource of the original Identity Center instance. S3 Access
|
4387
|
+
# Grants creates this Identity Center application for the specific S3
|
4388
|
+
# Access Grants instance.
|
4389
|
+
# @return [String]
|
4390
|
+
#
|
4391
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantsInstanceEntry AWS API Documentation
|
4392
|
+
#
|
4393
|
+
class ListAccessGrantsInstanceEntry < Struct.new(
|
4394
|
+
:access_grants_instance_id,
|
4395
|
+
:access_grants_instance_arn,
|
4396
|
+
:created_at,
|
4397
|
+
:identity_center_arn)
|
4398
|
+
SENSITIVE = []
|
4399
|
+
include Aws::Structure
|
4400
|
+
end
|
4401
|
+
|
4402
|
+
# @!attribute [rw] account_id
|
4403
|
+
# The ID of the Amazon Web Services account that is making this
|
4404
|
+
# request.
|
4405
|
+
# @return [String]
|
4406
|
+
#
|
4407
|
+
# @!attribute [rw] next_token
|
4408
|
+
# A pagination token to request the next page of results. Pass this
|
4409
|
+
# value into a subsequent `List Access Grants Instances` request in
|
4410
|
+
# order to retrieve the next page of results.
|
4411
|
+
# @return [String]
|
4412
|
+
#
|
4413
|
+
# @!attribute [rw] max_results
|
4414
|
+
# The maximum number of access grants that you would like returned in
|
4415
|
+
# the `List Access Grants` response. If the results include the
|
4416
|
+
# pagination token `NextToken`, make another call using the
|
4417
|
+
# `NextToken` to determine if there are more results.
|
4418
|
+
# @return [Integer]
|
4419
|
+
#
|
4420
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantsInstancesRequest AWS API Documentation
|
4421
|
+
#
|
4422
|
+
class ListAccessGrantsInstancesRequest < Struct.new(
|
4423
|
+
:account_id,
|
4424
|
+
:next_token,
|
4425
|
+
:max_results)
|
4426
|
+
SENSITIVE = []
|
4427
|
+
include Aws::Structure
|
4428
|
+
end
|
4429
|
+
|
4430
|
+
# @!attribute [rw] next_token
|
4431
|
+
# A pagination token to request the next page of results. Pass this
|
4432
|
+
# value into a subsequent `List Access Grants Instances` request in
|
4433
|
+
# order to retrieve the next page of results.
|
4434
|
+
# @return [String]
|
4435
|
+
#
|
4436
|
+
# @!attribute [rw] access_grants_instances_list
|
4437
|
+
# A container for a list of S3 Access Grants instances.
|
4438
|
+
# @return [Array<Types::ListAccessGrantsInstanceEntry>]
|
4439
|
+
#
|
4440
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantsInstancesResult AWS API Documentation
|
4441
|
+
#
|
4442
|
+
class ListAccessGrantsInstancesResult < Struct.new(
|
4443
|
+
:next_token,
|
4444
|
+
:access_grants_instances_list)
|
4445
|
+
SENSITIVE = []
|
4446
|
+
include Aws::Structure
|
4447
|
+
end
|
4448
|
+
|
4449
|
+
# A container for information about the registered location.
|
4450
|
+
#
|
4451
|
+
# @!attribute [rw] created_at
|
4452
|
+
# The date and time when you registered the location.
|
4453
|
+
# @return [Time]
|
4454
|
+
#
|
4455
|
+
# @!attribute [rw] access_grants_location_id
|
4456
|
+
# The ID of the registered location to which you are granting access.
|
4457
|
+
# S3 Access Grants assigns this ID when you register the location. S3
|
4458
|
+
# Access Grants assigns the ID `default` to the default location
|
4459
|
+
# `s3://` and assigns an auto-generated ID to other locations that you
|
4460
|
+
# register.
|
4461
|
+
# @return [String]
|
4462
|
+
#
|
4463
|
+
# @!attribute [rw] access_grants_location_arn
|
4464
|
+
# The Amazon Resource Name (ARN) of the registered location.
|
4465
|
+
# @return [String]
|
4466
|
+
#
|
4467
|
+
# @!attribute [rw] location_scope
|
4468
|
+
# The S3 path to the location that you are registering. The location
|
4469
|
+
# scope can be the default S3 location `s3://`, the S3 path to a
|
4470
|
+
# bucket `s3://<bucket>`, or the S3 path to a bucket and prefix
|
4471
|
+
# `s3://<bucket>/<prefix>`. A prefix in S3 is a string of characters
|
4472
|
+
# at the beginning of an object key name used to organize the objects
|
4473
|
+
# that you store in your S3 buckets. For example, object key names
|
4474
|
+
# that start with the `engineering/` prefix or object key names that
|
4475
|
+
# start with the `marketing/campaigns/` prefix.
|
4476
|
+
# @return [String]
|
4477
|
+
#
|
4478
|
+
# @!attribute [rw] iam_role_arn
|
4479
|
+
# The Amazon Resource Name (ARN) of the IAM role for the registered
|
4480
|
+
# location. S3 Access Grants assumes this role to manage access to the
|
4481
|
+
# registered location.
|
4482
|
+
# @return [String]
|
4483
|
+
#
|
4484
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantsLocationsEntry AWS API Documentation
|
4485
|
+
#
|
4486
|
+
class ListAccessGrantsLocationsEntry < Struct.new(
|
4487
|
+
:created_at,
|
4488
|
+
:access_grants_location_id,
|
4489
|
+
:access_grants_location_arn,
|
4490
|
+
:location_scope,
|
4491
|
+
:iam_role_arn)
|
4492
|
+
SENSITIVE = []
|
4493
|
+
include Aws::Structure
|
4494
|
+
end
|
4495
|
+
|
4496
|
+
# @!attribute [rw] account_id
|
4497
|
+
# The ID of the Amazon Web Services account that is making this
|
4498
|
+
# request.
|
4499
|
+
# @return [String]
|
4500
|
+
#
|
4501
|
+
# @!attribute [rw] next_token
|
4502
|
+
# A pagination token to request the next page of results. Pass this
|
4503
|
+
# value into a subsequent `List Access Grants Locations` request in
|
4504
|
+
# order to retrieve the next page of results.
|
4505
|
+
# @return [String]
|
4506
|
+
#
|
4507
|
+
# @!attribute [rw] max_results
|
4508
|
+
# The maximum number of access grants that you would like returned in
|
4509
|
+
# the `List Access Grants` response. If the results include the
|
4510
|
+
# pagination token `NextToken`, make another call using the
|
4511
|
+
# `NextToken` to determine if there are more results.
|
4512
|
+
# @return [Integer]
|
4513
|
+
#
|
4514
|
+
# @!attribute [rw] location_scope
|
4515
|
+
# The S3 path to the location that you are registering. The location
|
4516
|
+
# scope can be the default S3 location `s3://`, the S3 path to a
|
4517
|
+
# bucket `s3://<bucket>`, or the S3 path to a bucket and prefix
|
4518
|
+
# `s3://<bucket>/<prefix>`. A prefix in S3 is a string of characters
|
4519
|
+
# at the beginning of an object key name used to organize the objects
|
4520
|
+
# that you store in your S3 buckets. For example, object key names
|
4521
|
+
# that start with the `engineering/` prefix or object key names that
|
4522
|
+
# start with the `marketing/campaigns/` prefix.
|
4523
|
+
# @return [String]
|
4524
|
+
#
|
4525
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantsLocationsRequest AWS API Documentation
|
4526
|
+
#
|
4527
|
+
class ListAccessGrantsLocationsRequest < Struct.new(
|
4528
|
+
:account_id,
|
4529
|
+
:next_token,
|
4530
|
+
:max_results,
|
4531
|
+
:location_scope)
|
4532
|
+
SENSITIVE = []
|
4533
|
+
include Aws::Structure
|
4534
|
+
end
|
4535
|
+
|
4536
|
+
# @!attribute [rw] next_token
|
4537
|
+
# A pagination token to request the next page of results. Pass this
|
4538
|
+
# value into a subsequent `List Access Grants Locations` request in
|
4539
|
+
# order to retrieve the next page of results.
|
4540
|
+
# @return [String]
|
4541
|
+
#
|
4542
|
+
# @!attribute [rw] access_grants_locations_list
|
4543
|
+
# A container for a list of registered locations in an S3 Access
|
4544
|
+
# Grants instance.
|
4545
|
+
# @return [Array<Types::ListAccessGrantsLocationsEntry>]
|
4546
|
+
#
|
4547
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantsLocationsResult AWS API Documentation
|
4548
|
+
#
|
4549
|
+
class ListAccessGrantsLocationsResult < Struct.new(
|
4550
|
+
:next_token,
|
4551
|
+
:access_grants_locations_list)
|
4552
|
+
SENSITIVE = []
|
4553
|
+
include Aws::Structure
|
4554
|
+
end
|
4555
|
+
|
4556
|
+
# @!attribute [rw] account_id
|
4557
|
+
# The ID of the Amazon Web Services account that is making this
|
4558
|
+
# request.
|
4559
|
+
# @return [String]
|
4560
|
+
#
|
4561
|
+
# @!attribute [rw] next_token
|
4562
|
+
# A pagination token to request the next page of results. Pass this
|
4563
|
+
# value into a subsequent `List Access Grants` request in order to
|
4564
|
+
# retrieve the next page of results.
|
4565
|
+
# @return [String]
|
4566
|
+
#
|
4567
|
+
# @!attribute [rw] max_results
|
4568
|
+
# The maximum number of access grants that you would like returned in
|
4569
|
+
# the `List Access Grants` response. If the results include the
|
4570
|
+
# pagination token `NextToken`, make another call using the
|
4571
|
+
# `NextToken` to determine if there are more results.
|
4572
|
+
# @return [Integer]
|
4573
|
+
#
|
4574
|
+
# @!attribute [rw] grantee_type
|
4575
|
+
# The type of the grantee to which access has been granted. It can be
|
4576
|
+
# one of the following values:
|
4577
|
+
#
|
4578
|
+
# * `IAM` - An IAM user or role.
|
4579
|
+
#
|
4580
|
+
# * `DIRECTORY_USER` - Your corporate directory user. You can use this
|
4581
|
+
# option if you have added your corporate identity directory to IAM
|
4582
|
+
# Identity Center and associated the IAM Identity Center instance
|
4583
|
+
# with your S3 Access Grants instance.
|
4584
|
+
#
|
4585
|
+
# * `DIRECTORY_GROUP` - Your corporate directory group. You can use
|
4586
|
+
# this option if you have added your corporate identity directory to
|
4587
|
+
# IAM Identity Center and associated the IAM Identity Center
|
4588
|
+
# instance with your S3 Access Grants instance.
|
4589
|
+
# @return [String]
|
4590
|
+
#
|
4591
|
+
# @!attribute [rw] grantee_identifier
|
4592
|
+
# The unique identifer of the `Grantee`. If the grantee type is `IAM`,
|
4593
|
+
# the identifier is the IAM Amazon Resource Name (ARN) of the user or
|
4594
|
+
# role. If the grantee type is a directory user or group, the
|
4595
|
+
# identifier is 128-bit universally unique identifier (UUID) in the
|
4596
|
+
# format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`. You can obtain this
|
4597
|
+
# UUID from your Amazon Web Services IAM Identity Center instance.
|
4598
|
+
# @return [String]
|
4599
|
+
#
|
4600
|
+
# @!attribute [rw] permission
|
4601
|
+
# The type of permission granted to your S3 data, which can be set to
|
4602
|
+
# one of the following values:
|
4603
|
+
#
|
4604
|
+
# * `READ` – Grant read-only access to the S3 data.
|
4605
|
+
#
|
4606
|
+
# * `WRITE` – Grant write-only access to the S3 data.
|
4607
|
+
#
|
4608
|
+
# * `READWRITE` – Grant both read and write access to the S3 data.
|
4609
|
+
# @return [String]
|
4610
|
+
#
|
4611
|
+
# @!attribute [rw] grant_scope
|
4612
|
+
# The S3 path of the data to which you are granting access. It is the
|
4613
|
+
# result of appending the `Subprefix` to the location scope.
|
4614
|
+
# @return [String]
|
4615
|
+
#
|
4616
|
+
# @!attribute [rw] application_arn
|
4617
|
+
# The Amazon Resource Name (ARN) of an Amazon Web Services IAM
|
4618
|
+
# Identity Center application associated with your Identity Center
|
4619
|
+
# instance. If the grant includes an application ARN, the grantee can
|
4620
|
+
# only access the S3 data through this application.
|
4621
|
+
# @return [String]
|
4622
|
+
#
|
4623
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantsRequest AWS API Documentation
|
4624
|
+
#
|
4625
|
+
class ListAccessGrantsRequest < Struct.new(
|
4626
|
+
:account_id,
|
4627
|
+
:next_token,
|
4628
|
+
:max_results,
|
4629
|
+
:grantee_type,
|
4630
|
+
:grantee_identifier,
|
4631
|
+
:permission,
|
4632
|
+
:grant_scope,
|
4633
|
+
:application_arn)
|
4634
|
+
SENSITIVE = []
|
4635
|
+
include Aws::Structure
|
4636
|
+
end
|
4637
|
+
|
4638
|
+
# @!attribute [rw] next_token
|
4639
|
+
# A pagination token to request the next page of results. Pass this
|
4640
|
+
# value into a subsequent `List Access Grants` request in order to
|
4641
|
+
# retrieve the next page of results.
|
4642
|
+
# @return [String]
|
4643
|
+
#
|
4644
|
+
# @!attribute [rw] access_grants_list
|
4645
|
+
# A container for a list of grants in an S3 Access Grants instance.
|
4646
|
+
# @return [Array<Types::ListAccessGrantEntry>]
|
4647
|
+
#
|
4648
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantsResult AWS API Documentation
|
4649
|
+
#
|
4650
|
+
class ListAccessGrantsResult < Struct.new(
|
4651
|
+
:next_token,
|
4652
|
+
:access_grants_list)
|
4653
|
+
SENSITIVE = []
|
4654
|
+
include Aws::Structure
|
4655
|
+
end
|
4656
|
+
|
3353
4657
|
# @!attribute [rw] account_id
|
3354
4658
|
# The account ID for the account that owns the specified Object Lambda
|
3355
4659
|
# Access Point.
|
@@ -3762,7 +5066,8 @@ module Aws::S3Control
|
|
3762
5066
|
#
|
3763
5067
|
# @!attribute [rw] resource_arn
|
3764
5068
|
# The Amazon Resource Name (ARN) of the S3 resource that you want to
|
3765
|
-
# list the tags for.
|
5069
|
+
# list the tags for. The tagged resource can be an S3 Storage Lens
|
5070
|
+
# group or S3 Access Grants instance, registered location, or grant.
|
3766
5071
|
# @return [String]
|
3767
5072
|
#
|
3768
5073
|
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListTagsForResourceRequest AWS API Documentation
|
@@ -4410,6 +5715,55 @@ module Aws::S3Control
|
|
4410
5715
|
include Aws::Structure
|
4411
5716
|
end
|
4412
5717
|
|
5718
|
+
# @!attribute [rw] account_id
|
5719
|
+
# The ID of the Amazon Web Services account that is making this
|
5720
|
+
# request.
|
5721
|
+
# @return [String]
|
5722
|
+
#
|
5723
|
+
# @!attribute [rw] policy
|
5724
|
+
# The resource policy of the S3 Access Grants instance that you are
|
5725
|
+
# updating.
|
5726
|
+
# @return [String]
|
5727
|
+
#
|
5728
|
+
# @!attribute [rw] organization
|
5729
|
+
# The Organization of the resource policy of the S3 Access Grants
|
5730
|
+
# instance.
|
5731
|
+
# @return [String]
|
5732
|
+
#
|
5733
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicyRequest AWS API Documentation
|
5734
|
+
#
|
5735
|
+
class PutAccessGrantsInstanceResourcePolicyRequest < Struct.new(
|
5736
|
+
:account_id,
|
5737
|
+
:policy,
|
5738
|
+
:organization)
|
5739
|
+
SENSITIVE = []
|
5740
|
+
include Aws::Structure
|
5741
|
+
end
|
5742
|
+
|
5743
|
+
# @!attribute [rw] policy
|
5744
|
+
# The updated resource policy of the S3 Access Grants instance.
|
5745
|
+
# @return [String]
|
5746
|
+
#
|
5747
|
+
# @!attribute [rw] organization
|
5748
|
+
# The Organization of the resource policy of the S3 Access Grants
|
5749
|
+
# instance.
|
5750
|
+
# @return [String]
|
5751
|
+
#
|
5752
|
+
# @!attribute [rw] created_at
|
5753
|
+
# The date and time when you created the S3 Access Grants instance
|
5754
|
+
# resource policy.
|
5755
|
+
# @return [Time]
|
5756
|
+
#
|
5757
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/PutAccessGrantsInstanceResourcePolicyResult AWS API Documentation
|
5758
|
+
#
|
5759
|
+
class PutAccessGrantsInstanceResourcePolicyResult < Struct.new(
|
5760
|
+
:policy,
|
5761
|
+
:organization,
|
5762
|
+
:created_at)
|
5763
|
+
SENSITIVE = []
|
5764
|
+
include Aws::Structure
|
5765
|
+
end
|
5766
|
+
|
4413
5767
|
# @!attribute [rw] account_id
|
4414
5768
|
# The account ID for the account that owns the specified Object Lambda
|
4415
5769
|
# Access Point.
|
@@ -6359,23 +7713,29 @@ module Aws::S3Control
|
|
6359
7713
|
# resource. You can add tags to new objects when you upload them, or you
|
6360
7714
|
# can add object tags to existing objects.
|
6361
7715
|
#
|
6362
|
-
# <note markdown="1"> This
|
7716
|
+
# <note markdown="1"> This operation is only supported for [S3 Storage Lens groups][1] and
|
7717
|
+
# for [S3 Access Grants][2]. The tagged resource can be an S3 Storage
|
7718
|
+
# Lens group or S3 Access Grants instance, registered location, or
|
7719
|
+
# grant.
|
6363
7720
|
#
|
6364
7721
|
# </note>
|
6365
7722
|
#
|
6366
7723
|
#
|
6367
7724
|
#
|
6368
7725
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-lens-groups.html
|
7726
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-grants-tagging.html
|
6369
7727
|
#
|
6370
7728
|
# @!attribute [rw] key
|
6371
|
-
# The
|
6372
|
-
# up to 128 Unicode characters in
|
6373
|
-
# created tags that begin with
|
7729
|
+
# The key of the key-value pair of a tag added to your Amazon Web
|
7730
|
+
# Services resource. A tag key can be up to 128 Unicode characters in
|
7731
|
+
# length and is case-sensitive. System created tags that begin with
|
7732
|
+
# `aws:` aren’t supported.
|
6374
7733
|
# @return [String]
|
6375
7734
|
#
|
6376
7735
|
# @!attribute [rw] value
|
6377
|
-
# The
|
6378
|
-
# be up to 256 Unicode characters
|
7736
|
+
# The value of the key-value pair of a tag added to your Amazon Web
|
7737
|
+
# Services resource. A tag value can be up to 256 Unicode characters
|
7738
|
+
# in length and is case-sensitive.
|
6379
7739
|
# @return [String]
|
6380
7740
|
#
|
6381
7741
|
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/Tag AWS API Documentation
|
@@ -6389,12 +7749,13 @@ module Aws::S3Control
|
|
6389
7749
|
|
6390
7750
|
# @!attribute [rw] account_id
|
6391
7751
|
# The Amazon Web Services account ID that created the S3 resource that
|
6392
|
-
# you're trying to add tags to.
|
7752
|
+
# you're trying to add tags to or the requester's account ID.
|
6393
7753
|
# @return [String]
|
6394
7754
|
#
|
6395
7755
|
# @!attribute [rw] resource_arn
|
6396
7756
|
# The Amazon Resource Name (ARN) of the S3 resource that you're
|
6397
|
-
# trying to add tags to.
|
7757
|
+
# trying to add tags to. The tagged resource can be an S3 Storage Lens
|
7758
|
+
# group or S3 Access Grants instance, registered location, or grant.
|
6398
7759
|
# @return [String]
|
6399
7760
|
#
|
6400
7761
|
# @!attribute [rw] tags
|
@@ -6494,13 +7855,13 @@ module Aws::S3Control
|
|
6494
7855
|
# @return [String]
|
6495
7856
|
#
|
6496
7857
|
# @!attribute [rw] resource_arn
|
6497
|
-
# The Amazon Resource Name (ARN) of the S3 resource that you
|
6498
|
-
# remove the
|
7858
|
+
# The Amazon Resource Name (ARN) of the S3 resource that you're
|
7859
|
+
# trying to remove the tags from.
|
6499
7860
|
# @return [String]
|
6500
7861
|
#
|
6501
7862
|
# @!attribute [rw] tag_keys
|
6502
|
-
# The
|
6503
|
-
#
|
7863
|
+
# The array of tag key-value pairs that you're trying to remove from
|
7864
|
+
# of the S3 resource.
|
6504
7865
|
# @return [Array<String>]
|
6505
7866
|
#
|
6506
7867
|
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/UntagResourceRequest AWS API Documentation
|
@@ -6517,6 +7878,87 @@ module Aws::S3Control
|
|
6517
7878
|
#
|
6518
7879
|
class UntagResourceResult < Aws::EmptyStructure; end
|
6519
7880
|
|
7881
|
+
# @!attribute [rw] account_id
|
7882
|
+
# The ID of the Amazon Web Services account that is making this
|
7883
|
+
# request.
|
7884
|
+
# @return [String]
|
7885
|
+
#
|
7886
|
+
# @!attribute [rw] access_grants_location_id
|
7887
|
+
# The ID of the registered location that you are updating. S3 Access
|
7888
|
+
# Grants assigns this ID when you register the location. S3 Access
|
7889
|
+
# Grants assigns the ID `default` to the default location `s3://` and
|
7890
|
+
# assigns an auto-generated ID to other locations that you register.
|
7891
|
+
#
|
7892
|
+
# The ID of the registered location to which you are granting access.
|
7893
|
+
# S3 Access Grants assigned this ID when you registered the location.
|
7894
|
+
# S3 Access Grants assigns the ID `default` to the default location
|
7895
|
+
# `s3://` and assigns an auto-generated ID to other locations that you
|
7896
|
+
# register.
|
7897
|
+
#
|
7898
|
+
# If you are passing the `default` location, you cannot create an
|
7899
|
+
# access grant for the entire default location. You must also specify
|
7900
|
+
# a bucket or a bucket and prefix in the `Subprefix` field.
|
7901
|
+
# @return [String]
|
7902
|
+
#
|
7903
|
+
# @!attribute [rw] iam_role_arn
|
7904
|
+
# The Amazon Resource Name (ARN) of the IAM role for the registered
|
7905
|
+
# location. S3 Access Grants assumes this role to manage access to the
|
7906
|
+
# registered location.
|
7907
|
+
# @return [String]
|
7908
|
+
#
|
7909
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/UpdateAccessGrantsLocationRequest AWS API Documentation
|
7910
|
+
#
|
7911
|
+
class UpdateAccessGrantsLocationRequest < Struct.new(
|
7912
|
+
:account_id,
|
7913
|
+
:access_grants_location_id,
|
7914
|
+
:iam_role_arn)
|
7915
|
+
SENSITIVE = []
|
7916
|
+
include Aws::Structure
|
7917
|
+
end
|
7918
|
+
|
7919
|
+
# @!attribute [rw] created_at
|
7920
|
+
# The date and time when you registered the location.
|
7921
|
+
# @return [Time]
|
7922
|
+
#
|
7923
|
+
# @!attribute [rw] access_grants_location_id
|
7924
|
+
# The ID of the registered location to which you are granting access.
|
7925
|
+
# S3 Access Grants assigned this ID when you registered the location.
|
7926
|
+
# S3 Access Grants assigns the ID `default` to the default location
|
7927
|
+
# `s3://` and assigns an auto-generated ID to other locations that you
|
7928
|
+
# register.
|
7929
|
+
# @return [String]
|
7930
|
+
#
|
7931
|
+
# @!attribute [rw] access_grants_location_arn
|
7932
|
+
# The Amazon Resource Name (ARN) of the registered location that you
|
7933
|
+
# are updating.
|
7934
|
+
# @return [String]
|
7935
|
+
#
|
7936
|
+
# @!attribute [rw] location_scope
|
7937
|
+
# The S3 URI path of the location that you are updating. You cannot
|
7938
|
+
# update the scope of the registered location. The location scope can
|
7939
|
+
# be the default S3 location `s3://`, the S3 path to a bucket
|
7940
|
+
# `s3://<bucket>`, or the S3 path to a bucket and prefix
|
7941
|
+
# `s3://<bucket>/<prefix>`.
|
7942
|
+
# @return [String]
|
7943
|
+
#
|
7944
|
+
# @!attribute [rw] iam_role_arn
|
7945
|
+
# The Amazon Resource Name (ARN) of the IAM role of the registered
|
7946
|
+
# location. S3 Access Grants assumes this role to manage access to the
|
7947
|
+
# registered location.
|
7948
|
+
# @return [String]
|
7949
|
+
#
|
7950
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/UpdateAccessGrantsLocationResult AWS API Documentation
|
7951
|
+
#
|
7952
|
+
class UpdateAccessGrantsLocationResult < Struct.new(
|
7953
|
+
:created_at,
|
7954
|
+
:access_grants_location_id,
|
7955
|
+
:access_grants_location_arn,
|
7956
|
+
:location_scope,
|
7957
|
+
:iam_role_arn)
|
7958
|
+
SENSITIVE = []
|
7959
|
+
include Aws::Structure
|
7960
|
+
end
|
7961
|
+
|
6520
7962
|
# @!attribute [rw] account_id
|
6521
7963
|
# The Amazon Web Services account ID associated with the S3 Batch
|
6522
7964
|
# Operations job.
|