@aws-sdk/client-s3-control 3.699.0 → 3.704.0

package/dist-cjs/index.js

@@ -557,6 +557,7 @@ var S3CannedAccessControlList = {
 var S3ChecksumAlgorithm = {
   CRC32: "CRC32",
   CRC32C: "CRC32C",
+  CRC64NVME: "CRC64NVME",
   SHA1: "SHA1",
   SHA256: "SHA256"
 };

package/dist-es/models/models_0.js

@@ -169,6 +169,7 @@ export const S3CannedAccessControlList = {
 export const S3ChecksumAlgorithm = {
     CRC32: "CRC32",
     CRC32C: "CRC32C",
+    CRC64NVME: "CRC64NVME",
     SHA1: "SHA1",
     SHA256: "SHA256",
 };

package/dist-types/commands/CreateJobCommand.d.ts

@@ -130,7 +130,7 @@ declare const CreateJobCommand_base: {
  *       ObjectLockMode: "COMPLIANCE" || "GOVERNANCE",
  *       ObjectLockRetainUntilDate: new Date("TIMESTAMP"),
  *       BucketKeyEnabled: true || false,
- *       ChecksumAlgorithm: "CRC32" || "CRC32C" || "SHA1" || "SHA256",
+ *       ChecksumAlgorithm: "CRC32" || "CRC32C" || "SHA1" || "SHA256" || "CRC64NVME",
  *     },
  *     S3PutObjectAcl: { // S3SetObjectAclOperation
  *       AccessControlPolicy: { // S3AccessControlPolicy

package/dist-types/commands/DescribeJobCommand.d.ts

@@ -144,7 +144,7 @@ declare const DescribeJobCommand_base: {
  * //         ObjectLockMode: "COMPLIANCE" || "GOVERNANCE",
  * //         ObjectLockRetainUntilDate: new Date("TIMESTAMP"),
  * //         BucketKeyEnabled: true || false,
- * //         ChecksumAlgorithm: "CRC32" || "CRC32C" || "SHA1" || "SHA256",
+ * //         ChecksumAlgorithm: "CRC32" || "CRC32C" || "SHA1" || "SHA256" || "CRC64NVME",
  * //       },
  * //       S3PutObjectAcl: { // S3SetObjectAclOperation
  * //         AccessControlPolicy: { // S3AccessControlPolicy

package/dist-types/commands/ListCallerAccessGrantsCommand.d.ts

@@ -27,7 +27,7 @@ declare const ListCallerAccessGrantsCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Returns a list of the access grants that were given to the caller using S3 Access Grants and that allow the caller to access the S3 data of the Amazon Web Services account specified in the request.</p>
+ * <p>Use this API to list the access grants that grant the caller access to Amazon S3 data through S3 Access Grants. The caller (grantee) can be an Identity and Access Management (IAM) identity or Amazon Web Services Identity Center corporate directory identity. You must pass the Amazon Web Services account of the S3 data owner (grantor) in the request. You can, optionally, narrow the results by <code>GrantScope</code>, using a fragment of the data's S3 path, and S3 Access Grants will return only the grants with a path that contains the path fragment. You can also pass the <code>AllowedByApplication</code> filter in the request, which returns only the grants authorized for applications, whether the application is the caller's Identity Center application or any other application (<code>ALL</code>). For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-grants-list-grants.html">List the caller's access grants</a> in the <i>Amazon S3 User Guide</i>.</p>
  *          <dl>
  *             <dt>Permissions</dt>
  *             <dd>

package/dist-types/models/models_0.d.ts

@@ -2139,6 +2139,7 @@ export interface S3SetObjectAclOperation {
 export declare const S3ChecksumAlgorithm: {
     readonly CRC32: "CRC32";
     readonly CRC32C: "CRC32C";
+    readonly CRC64NVME: "CRC64NVME";
     readonly SHA1: "SHA1";
     readonly SHA256: "SHA256";
 };
@@ -2235,10 +2236,10 @@ export interface S3ObjectMetadata {
      */
     RequesterCharged?: boolean | undefined;
     /**
-     * <p></p>
-     *          <note>
-     *             <p>For directory buckets, only the server-side encryption with Amazon S3 managed keys (SSE-S3) (<code>AES256</code>) is supported.</p>
-     *          </note>
+     * <p>The server-side encryption algorithm used when storing objects in Amazon S3.</p>
+     *          <p>
+     *             <b>Directory buckets </b> - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (<code>AES256</code>) and server-side encryption with KMS keys (SSE-KMS) (<code>KMS</code>). For more
+     *          information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-serv-side-encryption.html">Protecting data with server-side encryption</a> in the <i>Amazon S3 User Guide</i>. For <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops">the Copy operation in Batch Operations</a>, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_S3CopyObjectOperation.html">S3CopyObjectOperation</a>.</p>
      * @public
      */
     SSEAlgorithm?: S3SSEAlgorithm | undefined;
@@ -2394,9 +2395,17 @@ export interface S3CopyObjectOperation {
      */
     UnModifiedSinceConstraint?: Date | undefined;
     /**
-     * <p></p>
+     * <p>Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same
+     *          account that's issuing the command, you must use the full Key ARN not the Key ID.</p>
      *          <note>
-     *             <p>This functionality is not supported by directory buckets.</p>
+     *             <p>
+     *                <b>Directory buckets</b> - If you specify <code>SSEAlgorithm</code> with <code>KMS</code>, you must specify the <code>
+     *          SSEAwsKmsKeyId</code> parameter with the ID (Key ID or Key ARN) of the KMS
+     *          symmetric encryption customer managed key to use. Otherwise, you get an HTTP <code>400 Bad Request</code> error. The key alias format of the KMS key isn't supported. To encrypt new object copies in a directory bucket with SSE-KMS, you must specify SSE-KMS as the directory bucket's default encryption configuration with a KMS key (specifically, a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>).
+     *                         The <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">Amazon Web Services managed key</a> (<code>aws/s3</code>) isn't supported. Your SSE-KMS configuration can only support 1 <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a> per directory bucket for the lifetime of the bucket.
+     * After you specify a customer managed key for SSE-KMS as the bucket default encryption, you can't override the customer managed key for the bucket's SSE-KMS configuration.
+     * Then, when you specify server-side encryption settings for new object copies with SSE-KMS, you must make sure the encryption key is the same customer managed key that you specified for the directory bucket's default encryption configuration.
+     *  </p>
      *          </note>
      * @public
      */
@@ -2445,10 +2454,12 @@ export interface S3CopyObjectOperation {
      * <p>Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with
      *          server-side encryption using Amazon Web Services KMS (SSE-KMS). Setting this header to <code>true</code>
      *          causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.</p>
-     *          <p>Specifying this header with an <i>object</i> action doesn’t affect
+     *          <p>Specifying this header with an <i>Copy</i> action doesn’t affect
      *             <i>bucket-level</i> settings for S3 Bucket Key.</p>
      *          <note>
-     *             <p>This functionality is not supported by directory buckets.</p>
+     *             <p>
+     *                <b>Directory buckets</b> - S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets
+     * to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-Batch-Ops">the Copy operation in Batch Operations</a>. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.</p>
      *          </note>
      * @public
      */
@@ -2757,7 +2768,7 @@ export interface CreateJobRequest {
     ConfirmationRequired?: boolean | undefined;
     /**
      * <p>The action that you want this job to perform on every object listed in the manifest. For
-     *          more information about the available actions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/batch-ops-actions.html">Operations</a> in the
+     *          more information about the available actions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/batch-ops-operations.html">Operations</a> in the
      *             <i>Amazon S3 User Guide</i>.</p>
      * @public
      */

package/dist-types/ts3.4/models/models_0.d.ts

@@ -573,6 +573,7 @@ export interface S3SetObjectAclOperation {
 export declare const S3ChecksumAlgorithm: {
   readonly CRC32: "CRC32";
   readonly CRC32C: "CRC32C";
+  readonly CRC64NVME: "CRC64NVME";
   readonly SHA1: "SHA1";
   readonly SHA256: "SHA256";
 };

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-s3-control",
   "description": "AWS SDK for JavaScript S3 Control Client for Node.js, Browser and React Native",
-  "version": "3.699.0",
+  "version": "3.704.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-s3-control",