aws-sdk-s3control 1.88.0 → 1.90.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 46e33a35087420c209bd02eccca7c07ceda6d65559736ed1f1d8ee8cf2a13751
4
- data.tar.gz: f51e4596adfbb4031d8c8ab7eccdf2bbd1315c54133a8b2f97087a8c6ecaf0b2
3
+ metadata.gz: a858813b3b4c39b9d0670e96cb0dfcb1fe46b6c2da8023ab5f5018f7b1bd81e8
4
+ data.tar.gz: 7db91414b76c93fe0ffa3396176d28a710e892eff1a27cf9ce903f3f01f8ff41
5
5
  SHA512:
6
- metadata.gz: 6aae9652440741d914b3ec6734909653221bfdb76aff10a4f9b64e66e396032690352efe768ce7795c9091f6629950c74e907603de1a2ddbb8f99f99ef7cf788
7
- data.tar.gz: 8635c72e08a7112ff1a6c375f20dc942d29f4785e39042ed1df24bf82c4e87a6ce7ed0af14bc0fab2c3c10fcabec9592a5e437db70608455d6a847459e91c9f8
6
+ metadata.gz: 1b1196e48cdc8bd6522015d0bf69c32d3d6993a639fc0bcc559f4305d6daf36d7493c41db3dcea0a5d87df8404c27973cbc6cacf5df5ebd965a76ff0a57fbfac
7
+ data.tar.gz: c1e3ee1327f51d62448619a4f6ee95c1a382e2c533d88c67877ed859131b623fdeea52124a75e24bf77d010e8bc6d7488ee5a76ee796c932123a26b50c28a18c
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.90.0 (2024-09-10)
5
+ ------------------
6
+
7
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
8
+
9
+ 1.89.0 (2024-09-04)
10
+ ------------------
11
+
12
+ * Feature - Amazon Simple Storage Service /S3 Access Grants / Features : This release launches new Access Grants API - ListCallerAccessGrants.
13
+
4
14
  1.88.0 (2024-09-03)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.88.0
1
+ 1.90.0
@@ -437,6 +437,12 @@ module Aws::S3Control
437
437
  # @option options [String] :ssl_ca_store
438
438
  # Sets the X509::Store to verify peer certificate.
439
439
  #
440
+ # @option options [OpenSSL::X509::Certificate] :ssl_cert
441
+ # Sets a client certificate when creating http connections.
442
+ #
443
+ # @option options [OpenSSL::PKey] :ssl_key
444
+ # Sets a client key when creating http connections.
445
+ #
440
446
  # @option options [Float] :ssl_timeout
441
447
  # Sets the SSL timeout in seconds
442
448
  #
@@ -468,7 +474,7 @@ module Aws::S3Control
468
474
  # `sso:PutApplicationAuthenticationMethod`.
469
475
  #
470
476
  # @option params [String] :account_id
471
- # The ID of the Amazon Web Services account that is making this request.
477
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
472
478
  #
473
479
  # @option params [required, String] :identity_center_arn
474
480
  # The Amazon Resource Name (ARN) of the Amazon Web Services IAM Identity
@@ -528,7 +534,7 @@ module Aws::S3Control
528
534
  # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateAccessGrantsLocation.html
529
535
  #
530
536
  # @option params [String] :account_id
531
- # The ID of the Amazon Web Services account that is making this request.
537
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
532
538
  #
533
539
  # @option params [required, String] :access_grants_location_id
534
540
  # The ID of the registered location to which you are granting access. S3
@@ -655,7 +661,7 @@ module Aws::S3Control
655
661
  # `sso:PutApplicationAuthenticationMethod` permissions.
656
662
  #
657
663
  # @option params [String] :account_id
658
- # The ID of the Amazon Web Services account that is making this request.
664
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
659
665
  #
660
666
  # @option params [String] :identity_center_arn
661
667
  # If you would like to associate your S3 Access Grants instance with an
@@ -683,6 +689,8 @@ module Aws::S3Control
683
689
  # * {Types::CreateAccessGrantsInstanceResult#access_grants_instance_id #access_grants_instance_id} => String
684
690
  # * {Types::CreateAccessGrantsInstanceResult#access_grants_instance_arn #access_grants_instance_arn} => String
685
691
  # * {Types::CreateAccessGrantsInstanceResult#identity_center_arn #identity_center_arn} => String
692
+ # * {Types::CreateAccessGrantsInstanceResult#identity_center_instance_arn #identity_center_instance_arn} => String
693
+ # * {Types::CreateAccessGrantsInstanceResult#identity_center_application_arn #identity_center_application_arn} => String
686
694
  #
687
695
  # @example Request syntax with placeholder values
688
696
  #
@@ -703,6 +711,8 @@ module Aws::S3Control
703
711
  # resp.access_grants_instance_id #=> String
704
712
  # resp.access_grants_instance_arn #=> String
705
713
  # resp.identity_center_arn #=> String
714
+ # resp.identity_center_instance_arn #=> String
715
+ # resp.identity_center_application_arn #=> String
706
716
  #
707
717
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessGrantsInstance AWS API Documentation
708
718
  #
@@ -744,7 +754,7 @@ module Aws::S3Control
744
754
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-grants-location.html
745
755
  #
746
756
  # @option params [String] :account_id
747
- # The ID of the Amazon Web Services account that is making this request.
757
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
748
758
  #
749
759
  # @option params [required, String] :location_scope
750
760
  # The S3 path to the location that you are registering. The location
@@ -1670,7 +1680,7 @@ module Aws::S3Control
1670
1680
  # operation.
1671
1681
  #
1672
1682
  # @option params [String] :account_id
1673
- # The ID of the Amazon Web Services account that is making this request.
1683
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
1674
1684
  #
1675
1685
  # @option params [required, String] :access_grant_id
1676
1686
  # The ID of the access grant. S3 Access Grants auto-generates this ID
@@ -1717,7 +1727,7 @@ module Aws::S3Control
1717
1727
  # [4]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DissociateAccessGrantsIdentityCenter.html
1718
1728
  #
1719
1729
  # @option params [String] :account_id
1720
- # The ID of the Amazon Web Services account that is making this request.
1730
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
1721
1731
  #
1722
1732
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1723
1733
  #
@@ -1747,7 +1757,7 @@ module Aws::S3Control
1747
1757
  # permission to use this operation.
1748
1758
  #
1749
1759
  # @option params [String] :account_id
1750
- # The ID of the Amazon Web Services account that is making this request.
1760
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
1751
1761
  #
1752
1762
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1753
1763
  #
@@ -1783,7 +1793,7 @@ module Aws::S3Control
1783
1793
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessGrant.html
1784
1794
  #
1785
1795
  # @option params [String] :account_id
1786
- # The ID of the Amazon Web Services account that is making this request.
1796
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
1787
1797
  #
1788
1798
  # @option params [required, String] :access_grants_location_id
1789
1799
  # The ID of the registered location that you are deregistering from your
@@ -3003,7 +3013,7 @@ module Aws::S3Control
3003
3013
  # operation.
3004
3014
  #
3005
3015
  # @option params [String] :account_id
3006
- # The ID of the Amazon Web Services account that is making this request.
3016
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
3007
3017
  #
3008
3018
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3009
3019
  #
@@ -3031,7 +3041,7 @@ module Aws::S3Control
3031
3041
  # operation.
3032
3042
  #
3033
3043
  # @option params [String] :account_id
3034
- # The ID of the Amazon Web Services account that is making this request.
3044
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
3035
3045
  #
3036
3046
  # @option params [required, String] :access_grant_id
3037
3047
  # The ID of the access grant. S3 Access Grants auto-generates this ID
@@ -3085,14 +3095,22 @@ module Aws::S3Control
3085
3095
  # : You must have the `s3:GetAccessGrantsInstance` permission to use
3086
3096
  # this operation.
3087
3097
  #
3098
+ # <note markdown="1"> `GetAccessGrantsInstance` is not supported for cross-account access.
3099
+ # You can only call the API from the account that owns the S3 Access
3100
+ # Grants instance.
3101
+ #
3102
+ # </note>
3103
+ #
3088
3104
  # @option params [String] :account_id
3089
- # The ID of the Amazon Web Services account that is making this request.
3105
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
3090
3106
  #
3091
3107
  # @return [Types::GetAccessGrantsInstanceResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3092
3108
  #
3093
3109
  # * {Types::GetAccessGrantsInstanceResult#access_grants_instance_arn #access_grants_instance_arn} => String
3094
3110
  # * {Types::GetAccessGrantsInstanceResult#access_grants_instance_id #access_grants_instance_id} => String
3095
3111
  # * {Types::GetAccessGrantsInstanceResult#identity_center_arn #identity_center_arn} => String
3112
+ # * {Types::GetAccessGrantsInstanceResult#identity_center_instance_arn #identity_center_instance_arn} => String
3113
+ # * {Types::GetAccessGrantsInstanceResult#identity_center_application_arn #identity_center_application_arn} => String
3096
3114
  # * {Types::GetAccessGrantsInstanceResult#created_at #created_at} => Time
3097
3115
  #
3098
3116
  # @example Request syntax with placeholder values
@@ -3106,6 +3124,8 @@ module Aws::S3Control
3106
3124
  # resp.access_grants_instance_arn #=> String
3107
3125
  # resp.access_grants_instance_id #=> String
3108
3126
  # resp.identity_center_arn #=> String
3127
+ # resp.identity_center_instance_arn #=> String
3128
+ # resp.identity_center_application_arn #=> String
3109
3129
  # resp.created_at #=> Time
3110
3130
  #
3111
3131
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsInstance AWS API Documentation
@@ -3171,7 +3191,7 @@ module Aws::S3Control
3171
3191
  # permission to use this operation.
3172
3192
  #
3173
3193
  # @option params [String] :account_id
3174
- # The ID of the Amazon Web Services account that is making this request.
3194
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
3175
3195
  #
3176
3196
  # @return [Types::GetAccessGrantsInstanceResourcePolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3177
3197
  #
@@ -3209,7 +3229,7 @@ module Aws::S3Control
3209
3229
  # this operation.
3210
3230
  #
3211
3231
  # @option params [String] :account_id
3212
- # The ID of the Amazon Web Services account that is making this request.
3232
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
3213
3233
  #
3214
3234
  # @option params [required, String] :access_grants_location_id
3215
3235
  # The ID of the registered location that you are retrieving. S3 Access
@@ -4282,7 +4302,7 @@ module Aws::S3Control
4282
4302
  # [1]: https://docs.aws.amazon.com/STS/latest/APIReference/API_Credentials.html
4283
4303
  #
4284
4304
  # @option params [String] :account_id
4285
- # The ID of the Amazon Web Services account that is making this request.
4305
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
4286
4306
  #
4287
4307
  # @option params [required, String] :target
4288
4308
  # The S3 URI path of the data to which you are requesting temporary
@@ -4961,7 +4981,7 @@ module Aws::S3Control
4961
4981
  # operation.
4962
4982
  #
4963
4983
  # @option params [String] :account_id
4964
- # The ID of the Amazon Web Services account that is making this request.
4984
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
4965
4985
  #
4966
4986
  # @option params [String] :next_token
4967
4987
  # A pagination token to request the next page of results. Pass this
@@ -5073,7 +5093,7 @@ module Aws::S3Control
5073
5093
  # this operation.
5074
5094
  #
5075
5095
  # @option params [String] :account_id
5076
- # The ID of the Amazon Web Services account that is making this request.
5096
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
5077
5097
  #
5078
5098
  # @option params [String] :next_token
5079
5099
  # A pagination token to request the next page of results. Pass this
@@ -5109,6 +5129,8 @@ module Aws::S3Control
5109
5129
  # resp.access_grants_instances_list[0].access_grants_instance_arn #=> String
5110
5130
  # resp.access_grants_instances_list[0].created_at #=> Time
5111
5131
  # resp.access_grants_instances_list[0].identity_center_arn #=> String
5132
+ # resp.access_grants_instances_list[0].identity_center_instance_arn #=> String
5133
+ # resp.access_grants_instances_list[0].identity_center_application_arn #=> String
5112
5134
  #
5113
5135
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantsInstances AWS API Documentation
5114
5136
  #
@@ -5128,7 +5150,7 @@ module Aws::S3Control
5128
5150
  # this operation.
5129
5151
  #
5130
5152
  # @option params [String] :account_id
5131
- # The ID of the Amazon Web Services account that is making this request.
5153
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
5132
5154
  #
5133
5155
  # @option params [String] :next_token
5134
5156
  # A pagination token to request the next page of results. Pass this
@@ -5367,6 +5389,75 @@ module Aws::S3Control
5367
5389
  req.send_request(options)
5368
5390
  end
5369
5391
 
5392
+ # Returns a list of the access grants that were given to the caller
5393
+ # using S3 Access Grants and that allow the caller to access the S3 data
5394
+ # of the Amazon Web Services account specified in the request.
5395
+ #
5396
+ # Permissions
5397
+ #
5398
+ # : You must have the `s3:ListCallerAccessGrants` permission to use this
5399
+ # operation.
5400
+ #
5401
+ # @option params [String] :account_id
5402
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
5403
+ #
5404
+ # @option params [String] :grant_scope
5405
+ # The S3 path of the data that you would like to access. Must start with
5406
+ # `s3://`. You can optionally pass only the beginning characters of a
5407
+ # path, and S3 Access Grants will search for all applicable grants for
5408
+ # the path fragment.
5409
+ #
5410
+ # @option params [String] :next_token
5411
+ # A pagination token to request the next page of results. Pass this
5412
+ # value into a subsequent `List Caller Access Grants` request in order
5413
+ # to retrieve the next page of results.
5414
+ #
5415
+ # @option params [Integer] :max_results
5416
+ # The maximum number of access grants that you would like returned in
5417
+ # the `List Caller Access Grants` response. If the results include the
5418
+ # pagination token `NextToken`, make another call using the `NextToken`
5419
+ # to determine if there are more results.
5420
+ #
5421
+ # @option params [Boolean] :allowed_by_application
5422
+ # If this optional parameter is passed in the request, a filter is
5423
+ # applied to the results. The results will include only the access
5424
+ # grants for the caller's Identity Center application or for any other
5425
+ # applications (`ALL`).
5426
+ #
5427
+ # @return [Types::ListCallerAccessGrantsResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5428
+ #
5429
+ # * {Types::ListCallerAccessGrantsResult#next_token #next_token} => String
5430
+ # * {Types::ListCallerAccessGrantsResult#caller_access_grants_list #caller_access_grants_list} => Array&lt;Types::ListCallerAccessGrantsEntry&gt;
5431
+ #
5432
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
5433
+ #
5434
+ # @example Request syntax with placeholder values
5435
+ #
5436
+ # resp = client.list_caller_access_grants({
5437
+ # account_id: "AccountId",
5438
+ # grant_scope: "S3Prefix",
5439
+ # next_token: "ContinuationToken",
5440
+ # max_results: 1,
5441
+ # allowed_by_application: false,
5442
+ # })
5443
+ #
5444
+ # @example Response structure
5445
+ #
5446
+ # resp.next_token #=> String
5447
+ # resp.caller_access_grants_list #=> Array
5448
+ # resp.caller_access_grants_list[0].permission #=> String, one of "READ", "WRITE", "READWRITE"
5449
+ # resp.caller_access_grants_list[0].grant_scope #=> String
5450
+ # resp.caller_access_grants_list[0].application_arn #=> String
5451
+ #
5452
+ # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListCallerAccessGrants AWS API Documentation
5453
+ #
5454
+ # @overload list_caller_access_grants(params = {})
5455
+ # @param [Hash] params ({})
5456
+ def list_caller_access_grants(params = {}, options = {})
5457
+ req = build_request(:list_caller_access_grants, params)
5458
+ req.send_request(options)
5459
+ end
5460
+
5370
5461
  # Lists current S3 Batch Operations jobs as well as the jobs that have
5371
5462
  # ended within the last 90 days for the Amazon Web Services account
5372
5463
  # making the request. For more information, see [S3 Batch Operations][1]
@@ -5792,7 +5883,7 @@ module Aws::S3Control
5792
5883
  # permission to use this operation.
5793
5884
  #
5794
5885
  # @option params [String] :account_id
5795
- # The ID of the Amazon Web Services account that is making this request.
5886
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
5796
5887
  #
5797
5888
  # @option params [required, String] :policy
5798
5889
  # The resource policy of the S3 Access Grants instance that you are
@@ -7319,7 +7410,7 @@ module Aws::S3Control
7319
7410
  # : You must also have the following permission: `iam:PassRole`
7320
7411
  #
7321
7412
  # @option params [String] :account_id
7322
- # The ID of the Amazon Web Services account that is making this request.
7413
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
7323
7414
  #
7324
7415
  # @option params [required, String] :access_grants_location_id
7325
7416
  # The ID of the registered location that you are updating. S3 Access
@@ -7628,7 +7719,7 @@ module Aws::S3Control
7628
7719
  tracer: tracer
7629
7720
  )
7630
7721
  context[:gem_name] = 'aws-sdk-s3control'
7631
- context[:gem_version] = '1.88.0'
7722
+ context[:gem_version] = '1.90.0'
7632
7723
  Seahorse::Client::Request.new(handlers, context)
7633
7724
  end
7634
7725
 
@@ -58,6 +58,7 @@ module Aws::S3Control
58
58
  BucketName = Shapes::StringShape.new(name: 'BucketName')
59
59
  BucketVersioningStatus = Shapes::StringShape.new(name: 'BucketVersioningStatus')
60
60
  Buckets = Shapes::ListShape.new(name: 'Buckets')
61
+ CallerAccessGrantsList = Shapes::ListShape.new(name: 'CallerAccessGrantsList')
61
62
  CloudWatchMetrics = Shapes::StructureShape.new(name: 'CloudWatchMetrics')
62
63
  ConfigId = Shapes::StringShape.new(name: 'ConfigId')
63
64
  ConfirmRemoveSelfBucketAccess = Shapes::BooleanShape.new(name: 'ConfirmRemoveSelfBucketAccess')
@@ -266,6 +267,9 @@ module Aws::S3Control
266
267
  ListAccessPointsForObjectLambdaResult = Shapes::StructureShape.new(name: 'ListAccessPointsForObjectLambdaResult')
267
268
  ListAccessPointsRequest = Shapes::StructureShape.new(name: 'ListAccessPointsRequest')
268
269
  ListAccessPointsResult = Shapes::StructureShape.new(name: 'ListAccessPointsResult')
270
+ ListCallerAccessGrantsEntry = Shapes::StructureShape.new(name: 'ListCallerAccessGrantsEntry')
271
+ ListCallerAccessGrantsRequest = Shapes::StructureShape.new(name: 'ListCallerAccessGrantsRequest')
272
+ ListCallerAccessGrantsResult = Shapes::StructureShape.new(name: 'ListCallerAccessGrantsResult')
269
273
  ListJobsRequest = Shapes::StructureShape.new(name: 'ListJobsRequest')
270
274
  ListJobsResult = Shapes::StructureShape.new(name: 'ListJobsResult')
271
275
  ListMultiRegionAccessPointsRequest = Shapes::StructureShape.new(name: 'ListMultiRegionAccessPointsRequest')
@@ -612,6 +616,8 @@ module Aws::S3Control
612
616
 
613
617
  Buckets.member = Shapes::ShapeRef.new(shape: S3BucketArnString, location_name: "Arn")
614
618
 
619
+ CallerAccessGrantsList.member = Shapes::ShapeRef.new(shape: ListCallerAccessGrantsEntry, location_name: "AccessGrant")
620
+
615
621
  CloudWatchMetrics.add_member(:is_enabled, Shapes::ShapeRef.new(shape: IsEnabled, required: true, location_name: "IsEnabled"))
616
622
  CloudWatchMetrics.struct_class = Types::CloudWatchMetrics
617
623
 
@@ -644,7 +650,9 @@ module Aws::S3Control
644
650
  CreateAccessGrantsInstanceResult.add_member(:created_at, Shapes::ShapeRef.new(shape: CreationTimestamp, location_name: "CreatedAt"))
645
651
  CreateAccessGrantsInstanceResult.add_member(:access_grants_instance_id, Shapes::ShapeRef.new(shape: AccessGrantsInstanceId, location_name: "AccessGrantsInstanceId"))
646
652
  CreateAccessGrantsInstanceResult.add_member(:access_grants_instance_arn, Shapes::ShapeRef.new(shape: AccessGrantsInstanceArn, location_name: "AccessGrantsInstanceArn"))
647
- CreateAccessGrantsInstanceResult.add_member(:identity_center_arn, Shapes::ShapeRef.new(shape: IdentityCenterArn, location_name: "IdentityCenterArn"))
653
+ CreateAccessGrantsInstanceResult.add_member(:identity_center_arn, Shapes::ShapeRef.new(shape: IdentityCenterArn, deprecated: true, location_name: "IdentityCenterArn", metadata: {"deprecatedMessage"=>"IdentityCenterArn has been deprecated. Use IdentityCenterInstanceArn or IdentityCenterApplicationArn."}))
654
+ CreateAccessGrantsInstanceResult.add_member(:identity_center_instance_arn, Shapes::ShapeRef.new(shape: IdentityCenterArn, location_name: "IdentityCenterInstanceArn"))
655
+ CreateAccessGrantsInstanceResult.add_member(:identity_center_application_arn, Shapes::ShapeRef.new(shape: IdentityCenterApplicationArn, location_name: "IdentityCenterApplicationArn"))
648
656
  CreateAccessGrantsInstanceResult.struct_class = Types::CreateAccessGrantsInstanceResult
649
657
 
650
658
  CreateAccessGrantsLocationRequest.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, location: "header", location_name: "x-amz-account-id", metadata: {"contextParam"=>{"name"=>"AccountId"}}))
@@ -914,7 +922,9 @@ module Aws::S3Control
914
922
 
915
923
  GetAccessGrantsInstanceResult.add_member(:access_grants_instance_arn, Shapes::ShapeRef.new(shape: AccessGrantsInstanceArn, location_name: "AccessGrantsInstanceArn"))
916
924
  GetAccessGrantsInstanceResult.add_member(:access_grants_instance_id, Shapes::ShapeRef.new(shape: AccessGrantsInstanceId, location_name: "AccessGrantsInstanceId"))
917
- GetAccessGrantsInstanceResult.add_member(:identity_center_arn, Shapes::ShapeRef.new(shape: IdentityCenterArn, location_name: "IdentityCenterArn"))
925
+ GetAccessGrantsInstanceResult.add_member(:identity_center_arn, Shapes::ShapeRef.new(shape: IdentityCenterArn, deprecated: true, location_name: "IdentityCenterArn", metadata: {"deprecatedMessage"=>"IdentityCenterArn has been deprecated. Use IdentityCenterInstanceArn or IdentityCenterApplicationArn."}))
926
+ GetAccessGrantsInstanceResult.add_member(:identity_center_instance_arn, Shapes::ShapeRef.new(shape: IdentityCenterArn, location_name: "IdentityCenterInstanceArn"))
927
+ GetAccessGrantsInstanceResult.add_member(:identity_center_application_arn, Shapes::ShapeRef.new(shape: IdentityCenterApplicationArn, location_name: "IdentityCenterApplicationArn"))
918
928
  GetAccessGrantsInstanceResult.add_member(:created_at, Shapes::ShapeRef.new(shape: CreationTimestamp, location_name: "CreatedAt"))
919
929
  GetAccessGrantsInstanceResult.struct_class = Types::GetAccessGrantsInstanceResult
920
930
 
@@ -1295,7 +1305,9 @@ module Aws::S3Control
1295
1305
  ListAccessGrantsInstanceEntry.add_member(:access_grants_instance_id, Shapes::ShapeRef.new(shape: AccessGrantsInstanceId, location_name: "AccessGrantsInstanceId"))
1296
1306
  ListAccessGrantsInstanceEntry.add_member(:access_grants_instance_arn, Shapes::ShapeRef.new(shape: AccessGrantsInstanceArn, location_name: "AccessGrantsInstanceArn"))
1297
1307
  ListAccessGrantsInstanceEntry.add_member(:created_at, Shapes::ShapeRef.new(shape: CreationTimestamp, location_name: "CreatedAt"))
1298
- ListAccessGrantsInstanceEntry.add_member(:identity_center_arn, Shapes::ShapeRef.new(shape: IdentityCenterArn, location_name: "IdentityCenterArn"))
1308
+ ListAccessGrantsInstanceEntry.add_member(:identity_center_arn, Shapes::ShapeRef.new(shape: IdentityCenterArn, deprecated: true, location_name: "IdentityCenterArn", metadata: {"deprecatedMessage"=>"IdentityCenterArn has been deprecated. Use IdentityCenterInstanceArn or IdentityCenterApplicationArn."}))
1309
+ ListAccessGrantsInstanceEntry.add_member(:identity_center_instance_arn, Shapes::ShapeRef.new(shape: IdentityCenterArn, location_name: "IdentityCenterInstanceArn"))
1310
+ ListAccessGrantsInstanceEntry.add_member(:identity_center_application_arn, Shapes::ShapeRef.new(shape: IdentityCenterApplicationArn, location_name: "IdentityCenterApplicationArn"))
1299
1311
  ListAccessGrantsInstanceEntry.struct_class = Types::ListAccessGrantsInstanceEntry
1300
1312
 
1301
1313
  ListAccessGrantsInstancesRequest.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, location: "header", location_name: "x-amz-account-id", metadata: {"contextParam"=>{"name"=>"AccountId"}}))
@@ -1357,6 +1369,22 @@ module Aws::S3Control
1357
1369
  ListAccessPointsResult.add_member(:next_token, Shapes::ShapeRef.new(shape: NonEmptyMaxLength1024String, location_name: "NextToken"))
1358
1370
  ListAccessPointsResult.struct_class = Types::ListAccessPointsResult
1359
1371
 
1372
+ ListCallerAccessGrantsEntry.add_member(:permission, Shapes::ShapeRef.new(shape: Permission, location_name: "Permission"))
1373
+ ListCallerAccessGrantsEntry.add_member(:grant_scope, Shapes::ShapeRef.new(shape: S3Prefix, location_name: "GrantScope"))
1374
+ ListCallerAccessGrantsEntry.add_member(:application_arn, Shapes::ShapeRef.new(shape: IdentityCenterApplicationArn, location_name: "ApplicationArn"))
1375
+ ListCallerAccessGrantsEntry.struct_class = Types::ListCallerAccessGrantsEntry
1376
+
1377
+ ListCallerAccessGrantsRequest.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, location: "header", location_name: "x-amz-account-id", metadata: {"contextParam"=>{"name"=>"AccountId"}}))
1378
+ ListCallerAccessGrantsRequest.add_member(:grant_scope, Shapes::ShapeRef.new(shape: S3Prefix, location: "querystring", location_name: "grantscope"))
1379
+ ListCallerAccessGrantsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: ContinuationToken, location: "querystring", location_name: "nextToken"))
1380
+ ListCallerAccessGrantsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location: "querystring", location_name: "maxResults"))
1381
+ ListCallerAccessGrantsRequest.add_member(:allowed_by_application, Shapes::ShapeRef.new(shape: Boolean, location: "querystring", location_name: "allowedByApplication"))
1382
+ ListCallerAccessGrantsRequest.struct_class = Types::ListCallerAccessGrantsRequest
1383
+
1384
+ ListCallerAccessGrantsResult.add_member(:next_token, Shapes::ShapeRef.new(shape: ContinuationToken, location_name: "NextToken"))
1385
+ ListCallerAccessGrantsResult.add_member(:caller_access_grants_list, Shapes::ShapeRef.new(shape: CallerAccessGrantsList, location_name: "CallerAccessGrantsList"))
1386
+ ListCallerAccessGrantsResult.struct_class = Types::ListCallerAccessGrantsResult
1387
+
1360
1388
  ListJobsRequest.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, location: "header", location_name: "x-amz-account-id", metadata: {"contextParam"=>{"name"=>"AccountId"}}))
1361
1389
  ListJobsRequest.add_member(:job_statuses, Shapes::ShapeRef.new(shape: JobStatusList, location: "querystring", location_name: "jobStatuses"))
1362
1390
  ListJobsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: StringForNextToken, location: "querystring", location_name: "nextToken"))
@@ -2794,6 +2822,23 @@ module Aws::S3Control
2794
2822
  )
2795
2823
  end)
2796
2824
 
2825
+ api.add_operation(:list_caller_access_grants, Seahorse::Model::Operation.new.tap do |o|
2826
+ o.name = "ListCallerAccessGrants"
2827
+ o.http_method = "GET"
2828
+ o.http_request_uri = "/v20180820/accessgrantsinstance/caller/grants"
2829
+ o.http_checksum_required = true
2830
+ o.endpoint_pattern = {
2831
+ }
2832
+ o.input = Shapes::ShapeRef.new(shape: ListCallerAccessGrantsRequest)
2833
+ o.output = Shapes::ShapeRef.new(shape: ListCallerAccessGrantsResult)
2834
+ o[:pager] = Aws::Pager.new(
2835
+ limit_key: "max_results",
2836
+ tokens: {
2837
+ "next_token" => "next_token"
2838
+ }
2839
+ )
2840
+ end)
2841
+
2797
2842
  api.add_operation(:list_jobs, Seahorse::Model::Operation.new.tap do |o|
2798
2843
  o.name = "ListJobs"
2799
2844
  o.http_method = "GET"
@@ -1312,6 +1312,26 @@ module Aws::S3Control
1312
1312
  end
1313
1313
  end
1314
1314
 
1315
+ class ListCallerAccessGrants
1316
+ def self.build(context)
1317
+ unless context.config.regional_endpoint
1318
+ endpoint = context.config.endpoint.to_s
1319
+ end
1320
+ Aws::S3Control::EndpointParameters.new(
1321
+ region: context.config.region,
1322
+ use_fips: context.config.use_fips_endpoint,
1323
+ use_dual_stack: context[:use_dualstack_endpoint],
1324
+ endpoint: endpoint,
1325
+ account_id: context.params[:account_id],
1326
+ requires_account_id: true,
1327
+ outpost_id: nil,
1328
+ bucket: nil,
1329
+ access_point_name: nil,
1330
+ use_arn_region: context.config.s3_use_arn_region,
1331
+ )
1332
+ end
1333
+ end
1334
+
1315
1335
  class ListJobs
1316
1336
  def self.build(context)
1317
1337
  unless context.config.regional_endpoint
@@ -188,6 +188,8 @@ module Aws::S3Control
188
188
  Aws::S3Control::Endpoints::ListAccessPoints.build(context)
189
189
  when :list_access_points_for_object_lambda
190
190
  Aws::S3Control::Endpoints::ListAccessPointsForObjectLambda.build(context)
191
+ when :list_caller_access_grants
192
+ Aws::S3Control::Endpoints::ListCallerAccessGrants.build(context)
191
193
  when :list_jobs
192
194
  Aws::S3Control::Endpoints::ListJobs.build(context)
193
195
  when :list_multi_region_access_points
@@ -93,7 +93,8 @@ module Aws::S3Control
93
93
  # if one exists.
94
94
  #
95
95
  # <note markdown="1"> This element is empty if this access point is an Amazon S3 on
96
- # Outposts access point that is used by other Amazon Web Services.
96
+ # Outposts access point that is used by other Amazon Web
97
+ # Servicesservices.
97
98
  #
98
99
  # </note>
99
100
  # @return [Types::VpcConfiguration]
@@ -267,8 +268,7 @@ module Aws::S3Control
267
268
  end
268
269
 
269
270
  # @!attribute [rw] account_id
270
- # The ID of the Amazon Web Services account that is making this
271
- # request.
271
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
272
272
  # @return [String]
273
273
  #
274
274
  # @!attribute [rw] identity_center_arn
@@ -541,8 +541,7 @@ module Aws::S3Control
541
541
  end
542
542
 
543
543
  # @!attribute [rw] account_id
544
- # The ID of the Amazon Web Services account that is making this
545
- # request.
544
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
546
545
  # @return [String]
547
546
  #
548
547
  # @!attribute [rw] access_grants_location_id
@@ -697,8 +696,7 @@ module Aws::S3Control
697
696
  end
698
697
 
699
698
  # @!attribute [rw] account_id
700
- # The ID of the Amazon Web Services account that is making this
701
- # request.
699
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
702
700
  # @return [String]
703
701
  #
704
702
  # @!attribute [rw] identity_center_arn
@@ -743,16 +741,47 @@ module Aws::S3Control
743
741
  # @return [String]
744
742
  #
745
743
  # @!attribute [rw] access_grants_instance_arn
746
- # The Amazon Resource Name (ARN) of the S3 Access Grants instance.
744
+ # The Amazon Resource Name (ARN) of the Amazon Web Services IAM
745
+ # Identity Center instance that you are associating with your S3
746
+ # Access Grants instance. An IAM Identity Center instance is your
747
+ # corporate identity directory that you added to the IAM Identity
748
+ # Center. You can use the [ListInstances][1] API operation to retrieve
749
+ # a list of your Identity Center instances and their ARNs.
750
+ #
751
+ #
752
+ #
753
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html
747
754
  # @return [String]
748
755
  #
749
756
  # @!attribute [rw] identity_center_arn
750
757
  # If you associated your S3 Access Grants instance with an Amazon Web
751
758
  # Services IAM Identity Center instance, this field returns the Amazon
752
759
  # Resource Name (ARN) of the IAM Identity Center instance application;
753
- # a subresource of the original Identity Center instance passed in the
754
- # request. S3 Access Grants creates this Identity Center application
755
- # for this specific S3 Access Grants instance.
760
+ # a subresource of the original Identity Center instance. S3 Access
761
+ # Grants creates this Identity Center application for the specific S3
762
+ # Access Grants instance.
763
+ # @return [String]
764
+ #
765
+ # @!attribute [rw] identity_center_instance_arn
766
+ # The Amazon Resource Name (ARN) of the Amazon Web Services IAM
767
+ # Identity Center instance that you are associating with your S3
768
+ # Access Grants instance. An IAM Identity Center instance is your
769
+ # corporate identity directory that you added to the IAM Identity
770
+ # Center. You can use the [ListInstances][1] API operation to retrieve
771
+ # a list of your Identity Center instances and their ARNs.
772
+ #
773
+ #
774
+ #
775
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html
776
+ # @return [String]
777
+ #
778
+ # @!attribute [rw] identity_center_application_arn
779
+ # If you associated your S3 Access Grants instance with an Amazon Web
780
+ # Services IAM Identity Center instance, this field returns the Amazon
781
+ # Resource Name (ARN) of the IAM Identity Center instance application;
782
+ # a subresource of the original Identity Center instance. S3 Access
783
+ # Grants creates this Identity Center application for the specific S3
784
+ # Access Grants instance.
756
785
  # @return [String]
757
786
  #
758
787
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/CreateAccessGrantsInstanceResult AWS API Documentation
@@ -761,14 +790,15 @@ module Aws::S3Control
761
790
  :created_at,
762
791
  :access_grants_instance_id,
763
792
  :access_grants_instance_arn,
764
- :identity_center_arn)
793
+ :identity_center_arn,
794
+ :identity_center_instance_arn,
795
+ :identity_center_application_arn)
765
796
  SENSITIVE = []
766
797
  include Aws::Structure
767
798
  end
768
799
 
769
800
  # @!attribute [rw] account_id
770
- # The ID of the Amazon Web Services account that is making this
771
- # request.
801
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
772
802
  # @return [String]
773
803
  #
774
804
  # @!attribute [rw] location_scope
@@ -1373,8 +1403,7 @@ module Aws::S3Control
1373
1403
  end
1374
1404
 
1375
1405
  # @!attribute [rw] account_id
1376
- # The ID of the Amazon Web Services account that is making this
1377
- # request.
1406
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
1378
1407
  # @return [String]
1379
1408
  #
1380
1409
  # @!attribute [rw] access_grant_id
@@ -1392,8 +1421,7 @@ module Aws::S3Control
1392
1421
  end
1393
1422
 
1394
1423
  # @!attribute [rw] account_id
1395
- # The ID of the Amazon Web Services account that is making this
1396
- # request.
1424
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
1397
1425
  # @return [String]
1398
1426
  #
1399
1427
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DeleteAccessGrantsInstanceRequest AWS API Documentation
@@ -1405,8 +1433,7 @@ module Aws::S3Control
1405
1433
  end
1406
1434
 
1407
1435
  # @!attribute [rw] account_id
1408
- # The ID of the Amazon Web Services account that is making this
1409
- # request.
1436
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
1410
1437
  # @return [String]
1411
1438
  #
1412
1439
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DeleteAccessGrantsInstanceResourcePolicyRequest AWS API Documentation
@@ -1418,8 +1445,7 @@ module Aws::S3Control
1418
1445
  end
1419
1446
 
1420
1447
  # @!attribute [rw] account_id
1421
- # The ID of the Amazon Web Services account that is making this
1422
- # request.
1448
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
1423
1449
  # @return [String]
1424
1450
  #
1425
1451
  # @!attribute [rw] access_grants_location_id
@@ -2046,8 +2072,7 @@ module Aws::S3Control
2046
2072
  end
2047
2073
 
2048
2074
  # @!attribute [rw] account_id
2049
- # The ID of the Amazon Web Services account that is making this
2050
- # request.
2075
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
2051
2076
  # @return [String]
2052
2077
  #
2053
2078
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DissociateAccessGrantsIdentityCenterRequest AWS API Documentation
@@ -2059,7 +2084,12 @@ module Aws::S3Control
2059
2084
  end
2060
2085
 
2061
2086
  # Specifies encryption-related information for an Amazon S3 bucket that
2062
- # is a destination for replicated objects.
2087
+ # is a destination for replicated objects. If you're specifying a
2088
+ # customer managed KMS key, we recommend using a fully qualified KMS key
2089
+ # ARN. If you use a KMS key alias instead, then KMS resolves the key
2090
+ # within the requester’s account. This behavior can result in data
2091
+ # that's encrypted with a KMS key that belongs to the requester, and
2092
+ # not the bucket owner.
2063
2093
  #
2064
2094
  # <note markdown="1"> This is not supported by Amazon S3 on Outposts buckets.
2065
2095
  #
@@ -2168,8 +2198,7 @@ module Aws::S3Control
2168
2198
  end
2169
2199
 
2170
2200
  # @!attribute [rw] account_id
2171
- # The ID of the Amazon Web Services account that is making this
2172
- # request.
2201
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
2173
2202
  # @return [String]
2174
2203
  #
2175
2204
  # @!attribute [rw] access_grant_id
@@ -2296,8 +2325,7 @@ module Aws::S3Control
2296
2325
  end
2297
2326
 
2298
2327
  # @!attribute [rw] account_id
2299
- # The ID of the Amazon Web Services account that is making this
2300
- # request.
2328
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
2301
2329
  # @return [String]
2302
2330
  #
2303
2331
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsInstanceRequest AWS API Documentation
@@ -2309,8 +2337,7 @@ module Aws::S3Control
2309
2337
  end
2310
2338
 
2311
2339
  # @!attribute [rw] account_id
2312
- # The ID of the Amazon Web Services account that is making this
2313
- # request.
2340
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
2314
2341
  # @return [String]
2315
2342
  #
2316
2343
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetAccessGrantsInstanceResourcePolicyRequest AWS API Documentation
@@ -2357,10 +2384,32 @@ module Aws::S3Control
2357
2384
  # @!attribute [rw] identity_center_arn
2358
2385
  # If you associated your S3 Access Grants instance with an Amazon Web
2359
2386
  # Services IAM Identity Center instance, this field returns the Amazon
2360
- # Resource Name (ARN) of the Amazon Web Services IAM Identity Center
2361
- # instance application; a subresource of the original Identity Center
2362
- # instance. S3 Access Grants creates this Identity Center application
2363
- # for the specific S3 Access Grants instance.
2387
+ # Resource Name (ARN) of the IAM Identity Center instance application;
2388
+ # a subresource of the original Identity Center instance. S3 Access
2389
+ # Grants creates this Identity Center application for the specific S3
2390
+ # Access Grants instance.
2391
+ # @return [String]
2392
+ #
2393
+ # @!attribute [rw] identity_center_instance_arn
2394
+ # The Amazon Resource Name (ARN) of the Amazon Web Services IAM
2395
+ # Identity Center instance that you are associating with your S3
2396
+ # Access Grants instance. An IAM Identity Center instance is your
2397
+ # corporate identity directory that you added to the IAM Identity
2398
+ # Center. You can use the [ListInstances][1] API operation to retrieve
2399
+ # a list of your Identity Center instances and their ARNs.
2400
+ #
2401
+ #
2402
+ #
2403
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html
2404
+ # @return [String]
2405
+ #
2406
+ # @!attribute [rw] identity_center_application_arn
2407
+ # If you associated your S3 Access Grants instance with an Amazon Web
2408
+ # Services IAM Identity Center instance, this field returns the Amazon
2409
+ # Resource Name (ARN) of the IAM Identity Center instance application;
2410
+ # a subresource of the original Identity Center instance. S3 Access
2411
+ # Grants creates this Identity Center application for the specific S3
2412
+ # Access Grants instance.
2364
2413
  # @return [String]
2365
2414
  #
2366
2415
  # @!attribute [rw] created_at
@@ -2373,14 +2422,15 @@ module Aws::S3Control
2373
2422
  :access_grants_instance_arn,
2374
2423
  :access_grants_instance_id,
2375
2424
  :identity_center_arn,
2425
+ :identity_center_instance_arn,
2426
+ :identity_center_application_arn,
2376
2427
  :created_at)
2377
2428
  SENSITIVE = []
2378
2429
  include Aws::Structure
2379
2430
  end
2380
2431
 
2381
2432
  # @!attribute [rw] account_id
2382
- # The ID of the Amazon Web Services account that is making this
2383
- # request.
2433
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
2384
2434
  # @return [String]
2385
2435
  #
2386
2436
  # @!attribute [rw] access_grants_location_id
@@ -2716,7 +2766,8 @@ module Aws::S3Control
2716
2766
  # specified access point.
2717
2767
  #
2718
2768
  # <note markdown="1"> This element is empty if this access point is an Amazon S3 on
2719
- # Outposts access point that is used by other Amazon Web Services.
2769
+ # Outposts access point that is used by other Amazon Web
2770
+ # Servicesservices.
2720
2771
  #
2721
2772
  # </note>
2722
2773
  # @return [Types::VpcConfiguration]
@@ -3032,8 +3083,7 @@ module Aws::S3Control
3032
3083
  end
3033
3084
 
3034
3085
  # @!attribute [rw] account_id
3035
- # The ID of the Amazon Web Services account that is making this
3036
- # request.
3086
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
3037
3087
  # @return [String]
3038
3088
  #
3039
3089
  # @!attribute [rw] target
@@ -4110,17 +4160,23 @@ module Aws::S3Control
4110
4160
  #
4111
4161
  # @!attribute [rw] match_any_prefix
4112
4162
  # If provided, the generated manifest includes objects where the
4113
- # specified string appears at the start of the object key string.
4163
+ # specified string appears at the start of the object key string. Each
4164
+ # KeyNameConstraint filter accepts an array of strings with a length
4165
+ # of 1 string.
4114
4166
  # @return [Array<String>]
4115
4167
  #
4116
4168
  # @!attribute [rw] match_any_suffix
4117
4169
  # If provided, the generated manifest includes objects where the
4118
- # specified string appears at the end of the object key string.
4170
+ # specified string appears at the end of the object key string. Each
4171
+ # KeyNameConstraint filter accepts an array of strings with a length
4172
+ # of 1 string.
4119
4173
  # @return [Array<String>]
4120
4174
  #
4121
4175
  # @!attribute [rw] match_any_substring
4122
4176
  # If provided, the generated manifest includes objects where the
4123
- # specified string appears anywhere within the object key string.
4177
+ # specified string appears anywhere within the object key string. Each
4178
+ # KeyNameConstraint filter accepts an array of strings with a length
4179
+ # of 1 string.
4124
4180
  # @return [Array<String>]
4125
4181
  #
4126
4182
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/KeyNameConstraint AWS API Documentation
@@ -4483,20 +4539,43 @@ module Aws::S3Control
4483
4539
  # Access Grants instance.
4484
4540
  # @return [String]
4485
4541
  #
4542
+ # @!attribute [rw] identity_center_instance_arn
4543
+ # The Amazon Resource Name (ARN) of the Amazon Web Services IAM
4544
+ # Identity Center instance that you are associating with your S3
4545
+ # Access Grants instance. An IAM Identity Center instance is your
4546
+ # corporate identity directory that you added to the IAM Identity
4547
+ # Center. You can use the [ListInstances][1] API operation to retrieve
4548
+ # a list of your Identity Center instances and their ARNs.
4549
+ #
4550
+ #
4551
+ #
4552
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ListInstances.html
4553
+ # @return [String]
4554
+ #
4555
+ # @!attribute [rw] identity_center_application_arn
4556
+ # If you associated your S3 Access Grants instance with an Amazon Web
4557
+ # Services IAM Identity Center instance, this field returns the Amazon
4558
+ # Resource Name (ARN) of the IAM Identity Center instance application;
4559
+ # a subresource of the original Identity Center instance. S3 Access
4560
+ # Grants creates this Identity Center application for the specific S3
4561
+ # Access Grants instance.
4562
+ # @return [String]
4563
+ #
4486
4564
  # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListAccessGrantsInstanceEntry AWS API Documentation
4487
4565
  #
4488
4566
  class ListAccessGrantsInstanceEntry < Struct.new(
4489
4567
  :access_grants_instance_id,
4490
4568
  :access_grants_instance_arn,
4491
4569
  :created_at,
4492
- :identity_center_arn)
4570
+ :identity_center_arn,
4571
+ :identity_center_instance_arn,
4572
+ :identity_center_application_arn)
4493
4573
  SENSITIVE = []
4494
4574
  include Aws::Structure
4495
4575
  end
4496
4576
 
4497
4577
  # @!attribute [rw] account_id
4498
- # The ID of the Amazon Web Services account that is making this
4499
- # request.
4578
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
4500
4579
  # @return [String]
4501
4580
  #
4502
4581
  # @!attribute [rw] next_token
@@ -4589,8 +4668,7 @@ module Aws::S3Control
4589
4668
  end
4590
4669
 
4591
4670
  # @!attribute [rw] account_id
4592
- # The ID of the Amazon Web Services account that is making this
4593
- # request.
4671
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
4594
4672
  # @return [String]
4595
4673
  #
4596
4674
  # @!attribute [rw] next_token
@@ -4649,8 +4727,7 @@ module Aws::S3Control
4649
4727
  end
4650
4728
 
4651
4729
  # @!attribute [rw] account_id
4652
- # The ID of the Amazon Web Services account that is making this
4653
- # request.
4730
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
4654
4731
  # @return [String]
4655
4732
  #
4656
4733
  # @!attribute [rw] next_token
@@ -4870,6 +4947,107 @@ module Aws::S3Control
4870
4947
  include Aws::Structure
4871
4948
  end
4872
4949
 
4950
+ # Part of `ListCallerAccessGrantsResult`. Each entry includes the
4951
+ # permission level (READ, WRITE, or READWRITE) and the grant scope of
4952
+ # the access grant. If the grant also includes an application ARN, the
4953
+ # grantee can only access the S3 data through this application.
4954
+ #
4955
+ # @!attribute [rw] permission
4956
+ # The type of permission granted, which can be one of the following
4957
+ # values:
4958
+ #
4959
+ # * `READ` - Grants read-only access to the S3 data.
4960
+ #
4961
+ # * `WRITE` - Grants write-only access to the S3 data.
4962
+ #
4963
+ # * `READWRITE` - Grants both read and write access to the S3 data.
4964
+ # @return [String]
4965
+ #
4966
+ # @!attribute [rw] grant_scope
4967
+ # The S3 path of the data to which you have been granted access.
4968
+ # @return [String]
4969
+ #
4970
+ # @!attribute [rw] application_arn
4971
+ # The Amazon Resource Name (ARN) of an Amazon Web Services IAM
4972
+ # Identity Center application associated with your Identity Center
4973
+ # instance. If the grant includes an application ARN, the grantee can
4974
+ # only access the S3 data through this application.
4975
+ # @return [String]
4976
+ #
4977
+ # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListCallerAccessGrantsEntry AWS API Documentation
4978
+ #
4979
+ class ListCallerAccessGrantsEntry < Struct.new(
4980
+ :permission,
4981
+ :grant_scope,
4982
+ :application_arn)
4983
+ SENSITIVE = []
4984
+ include Aws::Structure
4985
+ end
4986
+
4987
+ # @!attribute [rw] account_id
4988
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
4989
+ # @return [String]
4990
+ #
4991
+ # @!attribute [rw] grant_scope
4992
+ # The S3 path of the data that you would like to access. Must start
4993
+ # with `s3://`. You can optionally pass only the beginning characters
4994
+ # of a path, and S3 Access Grants will search for all applicable
4995
+ # grants for the path fragment.
4996
+ # @return [String]
4997
+ #
4998
+ # @!attribute [rw] next_token
4999
+ # A pagination token to request the next page of results. Pass this
5000
+ # value into a subsequent `List Caller Access Grants` request in order
5001
+ # to retrieve the next page of results.
5002
+ # @return [String]
5003
+ #
5004
+ # @!attribute [rw] max_results
5005
+ # The maximum number of access grants that you would like returned in
5006
+ # the `List Caller Access Grants` response. If the results include the
5007
+ # pagination token `NextToken`, make another call using the
5008
+ # `NextToken` to determine if there are more results.
5009
+ # @return [Integer]
5010
+ #
5011
+ # @!attribute [rw] allowed_by_application
5012
+ # If this optional parameter is passed in the request, a filter is
5013
+ # applied to the results. The results will include only the access
5014
+ # grants for the caller's Identity Center application or for any
5015
+ # other applications (`ALL`).
5016
+ # @return [Boolean]
5017
+ #
5018
+ # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListCallerAccessGrantsRequest AWS API Documentation
5019
+ #
5020
+ class ListCallerAccessGrantsRequest < Struct.new(
5021
+ :account_id,
5022
+ :grant_scope,
5023
+ :next_token,
5024
+ :max_results,
5025
+ :allowed_by_application)
5026
+ SENSITIVE = []
5027
+ include Aws::Structure
5028
+ end
5029
+
5030
+ # @!attribute [rw] next_token
5031
+ # A pagination token that you can use to request the next page of
5032
+ # results. Pass this value into a subsequent `List Caller Access
5033
+ # Grants` request in order to retrieve the next page of results.
5034
+ # @return [String]
5035
+ #
5036
+ # @!attribute [rw] caller_access_grants_list
5037
+ # A list of the caller's access grants that were created using S3
5038
+ # Access Grants and that grant the caller access to the S3 data of the
5039
+ # Amazon Web Services account ID that was specified in the request.
5040
+ # @return [Array<Types::ListCallerAccessGrantsEntry>]
5041
+ #
5042
+ # @see http://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/ListCallerAccessGrantsResult AWS API Documentation
5043
+ #
5044
+ class ListCallerAccessGrantsResult < Struct.new(
5045
+ :next_token,
5046
+ :caller_access_grants_list)
5047
+ SENSITIVE = []
5048
+ include Aws::Structure
5049
+ end
5050
+
4873
5051
  # @!attribute [rw] account_id
4874
5052
  # The Amazon Web Services account ID associated with the S3 Batch
4875
5053
  # Operations job.
@@ -5789,7 +5967,7 @@ module Aws::S3Control
5789
5967
  # Specifies whether Amazon S3 should restrict public bucket policies
5790
5968
  # for buckets in this account. Setting this element to `TRUE`
5791
5969
  # restricts access to buckets with public policies to only Amazon Web
5792
- # Service principals and authorized users within this account.
5970
+ # Servicesservice principals and authorized users within this account.
5793
5971
  #
5794
5972
  # Enabling this setting doesn't affect previously stored bucket
5795
5973
  # policies, except that public and cross-account access within any
@@ -5811,8 +5989,7 @@ module Aws::S3Control
5811
5989
  end
5812
5990
 
5813
5991
  # @!attribute [rw] account_id
5814
- # The ID of the Amazon Web Services account that is making this
5815
- # request.
5992
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
5816
5993
  # @return [String]
5817
5994
  #
5818
5995
  # @!attribute [rw] policy
@@ -7048,7 +7225,7 @@ module Aws::S3Control
7048
7225
  # @return [String]
7049
7226
  #
7050
7227
  # @!attribute [rw] source_bucket
7051
- # The source bucket used by the ManifestGenerator.
7228
+ # The ARN of the source bucket used by the ManifestGenerator.
7052
7229
  #
7053
7230
  # <note markdown="1"> **Directory buckets** - Directory buckets aren't supported as the
7054
7231
  # source buckets used by `S3JobManifestGenerator` to generate the job
@@ -8071,8 +8248,7 @@ module Aws::S3Control
8071
8248
  class UntagResourceResult < Aws::EmptyStructure; end
8072
8249
 
8073
8250
  # @!attribute [rw] account_id
8074
- # The ID of the Amazon Web Services account that is making this
8075
- # request.
8251
+ # The Amazon Web Services account ID of the S3 Access Grants instance.
8076
8252
  # @return [String]
8077
8253
  #
8078
8254
  # @!attribute [rw] access_grants_location_id
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-s3control/customizations'
52
52
  # @!group service
53
53
  module Aws::S3Control
54
54
 
55
- GEM_VERSION = '1.88.0'
55
+ GEM_VERSION = '1.90.0'
56
56
 
57
57
  end
data/sig/client.rbs CHANGED
@@ -123,6 +123,8 @@ module Aws
123
123
  def access_grants_instance_id: () -> ::String
124
124
  def access_grants_instance_arn: () -> ::String
125
125
  def identity_center_arn: () -> ::String
126
+ def identity_center_instance_arn: () -> ::String
127
+ def identity_center_application_arn: () -> ::String
126
128
  end
127
129
  # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/S3Control/Client.html#create_access_grants_instance-instance_method
128
130
  def create_access_grants_instance: (
@@ -698,6 +700,8 @@ module Aws
698
700
  def access_grants_instance_arn: () -> ::String
699
701
  def access_grants_instance_id: () -> ::String
700
702
  def identity_center_arn: () -> ::String
703
+ def identity_center_instance_arn: () -> ::String
704
+ def identity_center_application_arn: () -> ::String
701
705
  def created_at: () -> ::Time
702
706
  end
703
707
  # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/S3Control/Client.html#get_access_grants_instance-instance_method
@@ -1090,6 +1094,21 @@ module Aws
1090
1094
  ) -> _ListAccessPointsForObjectLambdaResponseSuccess
1091
1095
  | (?Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ListAccessPointsForObjectLambdaResponseSuccess
1092
1096
 
1097
+ interface _ListCallerAccessGrantsResponseSuccess
1098
+ include ::Seahorse::Client::_ResponseSuccess[Types::ListCallerAccessGrantsResult]
1099
+ def next_token: () -> ::String
1100
+ def caller_access_grants_list: () -> ::Array[Types::ListCallerAccessGrantsEntry]
1101
+ end
1102
+ # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/S3Control/Client.html#list_caller_access_grants-instance_method
1103
+ def list_caller_access_grants: (
1104
+ ?account_id: ::String,
1105
+ ?grant_scope: ::String,
1106
+ ?next_token: ::String,
1107
+ ?max_results: ::Integer,
1108
+ ?allowed_by_application: bool
1109
+ ) -> _ListCallerAccessGrantsResponseSuccess
1110
+ | (?Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ListCallerAccessGrantsResponseSuccess
1111
+
1093
1112
  interface _ListJobsResponseSuccess
1094
1113
  include ::Seahorse::Client::_ResponseSuccess[Types::ListJobsResult]
1095
1114
  def next_token: () -> ::String
data/sig/types.rbs CHANGED
@@ -164,6 +164,8 @@ module Aws::S3Control
164
164
  attr_accessor access_grants_instance_id: ::String
165
165
  attr_accessor access_grants_instance_arn: ::String
166
166
  attr_accessor identity_center_arn: ::String
167
+ attr_accessor identity_center_instance_arn: ::String
168
+ attr_accessor identity_center_application_arn: ::String
167
169
  SENSITIVE: []
168
170
  end
169
171
 
@@ -547,6 +549,8 @@ module Aws::S3Control
547
549
  attr_accessor access_grants_instance_arn: ::String
548
550
  attr_accessor access_grants_instance_id: ::String
549
551
  attr_accessor identity_center_arn: ::String
552
+ attr_accessor identity_center_instance_arn: ::String
553
+ attr_accessor identity_center_application_arn: ::String
550
554
  attr_accessor created_at: ::Time
551
555
  SENSITIVE: []
552
556
  end
@@ -1067,6 +1071,8 @@ module Aws::S3Control
1067
1071
  attr_accessor access_grants_instance_arn: ::String
1068
1072
  attr_accessor created_at: ::Time
1069
1073
  attr_accessor identity_center_arn: ::String
1074
+ attr_accessor identity_center_instance_arn: ::String
1075
+ attr_accessor identity_center_application_arn: ::String
1070
1076
  SENSITIVE: []
1071
1077
  end
1072
1078
 
@@ -1151,6 +1157,28 @@ module Aws::S3Control
1151
1157
  SENSITIVE: []
1152
1158
  end
1153
1159
 
1160
+ class ListCallerAccessGrantsEntry
1161
+ attr_accessor permission: ("READ" | "WRITE" | "READWRITE")
1162
+ attr_accessor grant_scope: ::String
1163
+ attr_accessor application_arn: ::String
1164
+ SENSITIVE: []
1165
+ end
1166
+
1167
+ class ListCallerAccessGrantsRequest
1168
+ attr_accessor account_id: ::String
1169
+ attr_accessor grant_scope: ::String
1170
+ attr_accessor next_token: ::String
1171
+ attr_accessor max_results: ::Integer
1172
+ attr_accessor allowed_by_application: bool
1173
+ SENSITIVE: []
1174
+ end
1175
+
1176
+ class ListCallerAccessGrantsResult
1177
+ attr_accessor next_token: ::String
1178
+ attr_accessor caller_access_grants_list: ::Array[Types::ListCallerAccessGrantsEntry]
1179
+ SENSITIVE: []
1180
+ end
1181
+
1154
1182
  class ListJobsRequest
1155
1183
  attr_accessor account_id: ::String
1156
1184
  attr_accessor job_statuses: ::Array[("Active" | "Cancelled" | "Cancelling" | "Complete" | "Completing" | "Failed" | "Failing" | "New" | "Paused" | "Pausing" | "Preparing" | "Ready" | "Suspended")]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-s3control
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.88.0
4
+ version: 1.90.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-09-03 00:00:00.000000000 Z
11
+ date: 2024-09-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core