@aws-sdk/client-s3 3.1068.0 → 3.1070.0

package/dist-types/models/models_0.d.ts

@@ -1,5 +1,5 @@
 import type { StreamingBlobTypes } from "@smithy/types";
-import type { AnalyticsS3ExportFileFormat, ArchiveStatus, BucketAbacStatus, BucketAccelerateStatus, BucketCannedACL, BucketLocationConstraint, BucketLogsPermission, BucketNamespace, BucketType, BucketVersioningStatus, ChecksumAlgorithm, ChecksumMode, ChecksumType, DataRedundancy, DeleteMarkerReplicationStatus, EncodingType, EncryptionType, Event, ExistingObjectReplicationStatus, ExpirationState, ExpirationStatus, FileHeaderInfo, FilterRuleName, IntelligentTieringAccessTier, IntelligentTieringStatus, InventoryConfigurationState, InventoryFormat, InventoryFrequency, InventoryIncludedObjectVersions, InventoryOptionalField, JSONType, LocationType, MetadataDirective, MetricsStatus, MFADelete, MFADeleteStatus, ObjectAttributes, ObjectCannedACL, ObjectLockEnabled, ObjectLockLegalHoldStatus, ObjectLockMode, ObjectLockRetentionMode, ObjectOwnership, ObjectStorageClass, ObjectVersionStorageClass, OptionalObjectAttributes, OwnerOverride, PartitionDateSource, Payer, Permission, Protocol, ReplicaModificationsStatus, ReplicationRuleStatus, ReplicationStatus, ReplicationTimeStatus, RequestCharged, RequestPayer, S3TablesBucketType, ServerSideEncryption, SessionMode, SseKmsEncryptedObjectsStatus, StorageClass, StorageClassAnalysisSchemaVersion, TableSseAlgorithm, TaggingDirective, Tier, TransitionDefaultMinimumObjectSize, TransitionStorageClass, Type } from "./enums";
+import type { AnalyticsS3ExportFileFormat, AnnotationConfigurationState, AnnotationDirective, ArchiveStatus, BucketAbacStatus, BucketAccelerateStatus, BucketCannedACL, BucketLocationConstraint, BucketLogsPermission, BucketNamespace, BucketType, BucketVersioningStatus, ChecksumAlgorithm, ChecksumMode, ChecksumType, DataRedundancy, DeleteMarkerReplicationStatus, EncodingType, EncryptionType, Event, ExistingObjectReplicationStatus, ExpirationState, ExpirationStatus, FilterRuleName, IntelligentTieringAccessTier, IntelligentTieringStatus, InventoryConfigurationState, InventoryFormat, InventoryFrequency, InventoryIncludedObjectVersions, InventoryOptionalField, LocationType, MetadataDirective, MetricsStatus, MFADelete, MFADeleteStatus, ObjectAttributes, ObjectCannedACL, ObjectLockEnabled, ObjectLockLegalHoldStatus, ObjectLockMode, ObjectLockRetentionMode, ObjectOwnership, ObjectStorageClass, ObjectVersionStorageClass, OptionalObjectAttributes, OwnerOverride, PartitionDateSource, Payer, Permission, Protocol, ReplicaModificationsStatus, ReplicationRuleStatus, ReplicationStatus, ReplicationTimeStatus, RequestCharged, RequestPayer, S3TablesBucketType, ServerSideEncryption, SessionMode, SseKmsEncryptedObjectsStatus, StorageClass, StorageClassAnalysisSchemaVersion, TableSseAlgorithm, TaggingDirective, TransitionDefaultMinimumObjectSize, TransitionStorageClass, Type } from "./enums";
 /**
  * <p>The ABAC status of the general purpose bucket. When ABAC is enabled for the general purpose bucket, you can use tags to manage access to the general purpose buckets as well as for cost tracking purposes. When ABAC is disabled for the general purpose buckets, you can only use tags for cost tracking purposes. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/buckets-tagging.html">Using tags with S3 general purpose buckets</a>. </p>
  * @public
@@ -1305,6 +1305,34 @@ export interface CopyObjectRequest {
      * @public
      */
     TaggingDirective?: TaggingDirective | undefined;
+    /**
+     * <p>Specifies whether you want to copy annotations from the source object or exclude them. If this
+     *       header isn't specified, <code>COPY</code> is the default behavior.</p>
+     *          <p>Valid Values: <code>COPY | EXCLUDE</code>
+     *          </p>
+     *          <p>You can specify this directive as either an HTTP header
+     *       (<code>x-amz-object-annotation-directive</code>) or as a query string parameter. Use the query
+     *       string form when generating presigned URLs that need to control annotation copy behavior.</p>
+     *          <p>When set to <code>COPY</code>, you must have <code>s3:GetObjectAnnotation</code> permission on
+     *       the source object and <code>s3:PutObjectAnnotation</code> permission on the destination. Each
+     *       annotation copied is billed as a separate PUT request. If annotations on the source are modified
+     *       during the copy, Amazon S3 returns a retryable error.</p>
+     *          <note>
+     *             <p>For directory buckets, annotations are not supported. Use <code>EXCLUDE</code> to copy
+     *       objects to directory buckets without errors. If you specify <code>COPY</code> for a directory
+     *       bucket, the request returns HTTP 501 (Not Implemented).</p>
+     *          </note>
+     *          <note>
+     *             <p>When you copy objects using multipart upload (for example, when the Amazon Web Services CLI or Amazon Web Services SDKs
+     *       use Transfer Manager for objects larger than approximately 8 MB), annotations are not copied by
+     *       default. To include annotations, specify <code>--copy-props default</code> in the Amazon Web Services CLI or the
+     *       equivalent SDK configuration. With this opt-in, the SDK reads source annotations, completes the
+     *       multipart upload, and then writes each annotation to the destination. Between the upload completion
+     *       and the last annotation write, the destination object exists without all its annotations.</p>
+     *          </note>
+     * @public
+     */
+    AnnotationDirective?: AnnotationDirective | undefined;
     /**
      * <p>The server-side encryption algorithm used when storing this object in Amazon S3. Unrecognized or
      *       unsupported values won’t write a destination object and will receive a <code>400 Bad Request</code>
@@ -1920,6 +1948,31 @@ export interface MetadataTableEncryptionConfiguration {
      */
     KmsKeyArn?: string | undefined;
 }
+/**
+ * <p>Specifies the configuration for the annotation table associated with a bucket's Amazon S3 Metadata
+ *       configuration. The annotation table is an Iceberg table that records annotation events for objects
+ *       in the bucket.</p>
+ * @public
+ */
+export interface AnnotationTableConfiguration {
+    /**
+     * <p>The state of the annotation table. Valid values are <code>ENABLED</code> and <code>DISABLED</code>.</p>
+     * @public
+     */
+    ConfigurationState: AnnotationConfigurationState | undefined;
+    /**
+     * <p>
+     *       The encryption settings for an S3 Metadata journal table or inventory table configuration.
+     *     </p>
+     * @public
+     */
+    EncryptionConfiguration?: MetadataTableEncryptionConfiguration | undefined;
+    /**
+     * <p>The ARN of the IAM role used to manage the annotation table.</p>
+     * @public
+     */
+    Role?: string | undefined;
+}
 /**
  * <p>
  *       The inventory table configuration for an S3 Metadata configuration.
@@ -2011,6 +2064,11 @@ export interface MetadataConfiguration {
      * @public
      */
     InventoryTableConfiguration?: InventoryTableConfiguration | undefined;
+    /**
+     * <p>Optional annotation table configuration to include with the metadata configuration.</p>
+     * @public
+     */
+    AnnotationTableConfiguration?: AnnotationTableConfiguration | undefined;
 }
 /**
  * @public
@@ -3465,6 +3523,77 @@ export interface DeleteObjectRequest {
      */
     IfMatchSize?: number | undefined;
 }
+/**
+ * @public
+ */
+export interface DeleteObjectAnnotationOutput {
+    /**
+     * <p>The version ID of the object that the annotation was deleted from.</p>
+     * @public
+     */
+    ObjectVersionId?: string | undefined;
+    /**
+     * <p>If present, indicates that the requester was successfully charged for the request. For more
+     *       information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html">Using Requester Pays buckets for storage transfers and usage</a> in the <i>Amazon Simple
+     *         Storage Service user guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
+     * @public
+     */
+    RequestCharged?: RequestCharged | undefined;
+}
+/**
+ * @public
+ */
+export interface DeleteObjectAnnotationRequest {
+    /**
+     * <p>The name of the bucket that contains the object.</p>
+     * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
+     * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
+     * @public
+     */
+    Bucket: string | undefined;
+    /**
+     * <p>The object key.</p>
+     * @public
+     */
+    Key: string | undefined;
+    /**
+     * <p>The name of the annotation to delete. Annotation names are UTF-8 encoded and cannot start with
+     *       <code>aws</code> or <code>s3</code> (case-insensitive).</p>
+     *          <p>Length Constraints: Minimum length of 1. Maximum length of 512 bytes.</p>
+     * @public
+     */
+    AnnotationName: string | undefined;
+    /**
+     * <p>The version ID of the object.</p>
+     * @public
+     */
+    VersionId?: string | undefined;
+    /**
+     * <p>Confirms that the requester knows that they will be charged for the request. Bucket owners need not
+     *       specify this parameter in their requests. If either the source or destination S3 bucket has Requester
+     *       Pays enabled, the requester will pay for the corresponding charges. For information about
+     *       downloading objects from Requester Pays buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html">Downloading Objects in Requester Pays
+     *         Buckets</a> in the <i>Amazon S3 User Guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
+     * @public
+     */
+    RequestPayer?: RequestPayer | undefined;
+    /**
+     * <p>The account ID of the expected bucket owner.</p>
+     * @public
+     */
+    ExpectedBucketOwner?: string | undefined;
+    /**
+     * <p>If specified, the operation only succeeds if the object's ETag matches the provided value.</p>
+     * @public
+     */
+    ObjectIfMatch?: string | undefined;
+}
 /**
  * <p>Information about the deleted object.</p>
  * @public
@@ -7176,39 +7305,6 @@ export interface GetBucketLoggingRequest {
      */
     ExpectedBucketOwner?: string | undefined;
 }
-/**
- * <p>
- *       The destination information for the S3 Metadata configuration.
- *     </p>
- * @public
- */
-export interface DestinationResult {
-    /**
-     * <p>
-     *       The type of the table bucket where the metadata configuration is stored. The <code>aws</code>
-     *       value indicates an Amazon Web Services managed table bucket, and the <code>customer</code> value indicates a
-     *       customer-managed table bucket. V2 metadata configurations are stored in Amazon Web Services managed table
-     *       buckets, and V1 metadata configurations are stored in customer-managed table buckets.
-     *     </p>
-     * @public
-     */
-    TableBucketType?: S3TablesBucketType | undefined;
-    /**
-     * <p>
-     *       The Amazon Resource Name (ARN) of the table bucket where the metadata configuration is stored.
-     *     </p>
-     * @public
-     */
-    TableBucketArn?: string | undefined;
-    /**
-     * <p>
-     *       The namespace in the table bucket where the metadata tables for a metadata configuration are
-     *       stored.
-     *     </p>
-     * @public
-     */
-    TableNamespace?: string | undefined;
-}
 /**
  * <p> If an S3 Metadata V1 <code>CreateBucketMetadataTableConfiguration</code> or V2
  *       <code>CreateBucketMetadataConfiguration</code> request succeeds, but S3 Metadata was
@@ -7444,6 +7540,83 @@ export interface ErrorDetails {
      */
     ErrorMessage?: string | undefined;
 }
+/**
+ * <p>Contains the current state of the annotation table associated with a bucket's Amazon S3 Metadata
+ *       configuration, including its provisioning status and identifiers.</p>
+ * @public
+ */
+export interface AnnotationTableConfigurationResult {
+    /**
+     * <p>The current configuration state of the annotation table.</p>
+     * @public
+     */
+    ConfigurationState: AnnotationConfigurationState | undefined;
+    /**
+     * <p>The provisioning status of the annotation table. Possible values: <code>CREATING</code>, <code>BACKFILLING</code>, <code>ACTIVE</code>, <code>FAILED</code>.</p>
+     * @public
+     */
+    TableStatus?: string | undefined;
+    /**
+     * <p> If an S3 Metadata V1 <code>CreateBucketMetadataTableConfiguration</code> or V2
+     *       <code>CreateBucketMetadataConfiguration</code> request succeeds, but S3 Metadata was
+     *       unable to create the table, this structure contains the error code and error message. </p>
+     *          <note>
+     *             <p>If you created your S3 Metadata configuration before July 15, 2025, we recommend that you delete
+     *         and re-create your configuration by using <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketMetadataConfiguration.html">CreateBucketMetadataConfiguration</a> so that you can expire journal table records and create
+     *         a live inventory table.</p>
+     *          </note>
+     * @public
+     */
+    Error?: ErrorDetails | undefined;
+    /**
+     * <p>The name of the annotation table.</p>
+     * @public
+     */
+    TableName?: string | undefined;
+    /**
+     * <p>The ARN of the annotation table.</p>
+     * @public
+     */
+    TableArn?: string | undefined;
+    /**
+     * <p>The ARN of the IAM role associated with the annotation table.</p>
+     * @public
+     */
+    Role?: string | undefined;
+}
+/**
+ * <p>
+ *       The destination information for the S3 Metadata configuration.
+ *     </p>
+ * @public
+ */
+export interface DestinationResult {
+    /**
+     * <p>
+     *       The type of the table bucket where the metadata configuration is stored. The <code>aws</code>
+     *       value indicates an Amazon Web Services managed table bucket, and the <code>customer</code> value indicates a
+     *       customer-managed table bucket. V2 metadata configurations are stored in Amazon Web Services managed table
+     *       buckets, and V1 metadata configurations are stored in customer-managed table buckets.
+     *     </p>
+     * @public
+     */
+    TableBucketType?: S3TablesBucketType | undefined;
+    /**
+     * <p>
+     *       The Amazon Resource Name (ARN) of the table bucket where the metadata configuration is stored.
+     *     </p>
+     * @public
+     */
+    TableBucketArn?: string | undefined;
+    /**
+     * <p>
+     *       The namespace in the table bucket where the metadata tables for a metadata configuration are
+     *       stored.
+     *     </p>
+     * @public
+     */
+    TableNamespace?: string | undefined;
+}
 /**
  * <p>
  *       The inventory table configuration for an S3 Metadata configuration.
@@ -7610,6 +7783,11 @@ export interface MetadataConfigurationResult {
      * @public
      */
     InventoryTableConfigurationResult?: InventoryTableConfigurationResult | undefined;
+    /**
+     * <p>The annotation table configuration result, if an annotation table is configured.</p>
+     * @public
+     */
+    AnnotationTableConfigurationResult?: AnnotationTableConfigurationResult | undefined;
 }
 /**
  * <p>
@@ -9730,100 +9908,255 @@ export interface GetObjectAclRequest {
     ExpectedBucketOwner?: string | undefined;
 }
 /**
- * <p>Contains all the possible checksum or digest values for an object.</p>
  * @public
  */
-export interface Checksum {
+export interface GetObjectAnnotationOutput {
     /**
-     * <p>The Base64 encoded, 32-bit <code>CRC32 checksum</code> of the object. This checksum is only present if the checksum was uploaded
-     *     with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated
-     *     with multipart uploads, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums">
-     *     Checking object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The annotation payload.</p>
+     * @public
+     */
+    AnnotationPayload?: StreamingBlobTypes | undefined;
+    /**
+     * <p>The version ID of the object that the annotation is attached to.</p>
+     * @public
+     */
+    ObjectVersionId?: string | undefined;
+    /**
+     * <p>The date and time the annotation was last modified.</p>
+     * @public
+     */
+    LastModified?: Date | undefined;
+    /**
+     * <p>The size of the annotation payload, in bytes.</p>
+     * @public
+     */
+    ContentLength?: number | undefined;
+    /**
+     * <p>The entity tag of the annotation.</p>
+     * @public
+     */
+    ETag?: string | undefined;
+    /**
+     * <p>The CRC32 checksum of the annotation payload.</p>
      * @public
      */
     ChecksumCRC32?: string | undefined;
     /**
-     * <p>The Base64 encoded, 32-bit <code>CRC32C</code> checksum of the object. This checksum is only present if the checksum was uploaded
-     *     with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated
-     *     with multipart uploads, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums">
-     *     Checking object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The CRC32C checksum of the annotation payload.</p>
      * @public
      */
     ChecksumCRC32C?: string | undefined;
     /**
-     * <p>The Base64 encoded, 64-bit <code>CRC64NVME</code> checksum of the object. This checksum is present
-     *       if the object was uploaded with the <code>CRC64NVME</code> checksum algorithm, or if the object was
-     *       uploaded without a checksum (and Amazon S3 added the default checksum, <code>CRC64NVME</code>, to the
-     *       uploaded object). For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
-     *       the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The CRC64NVME checksum of the annotation payload.</p>
      * @public
      */
     ChecksumCRC64NVME?: string | undefined;
     /**
-     * <p>The Base64 encoded, 160-bit <code>SHA1</code> digest of the object. This checksum is only present if the checksum was uploaded
-     *     with the object. When you use the API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated
-     *     with multipart uploads, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums">
-     *     Checking object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The SHA1 checksum of the annotation payload.</p>
      * @public
      */
     ChecksumSHA1?: string | undefined;
     /**
-     * <p>The Base64 encoded, 256-bit <code>SHA256</code> digest of the object. This checksum is only present if the checksum was uploaded
-     *     with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated
-     *     with multipart uploads, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums">
-     *     Checking object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The SHA256 checksum of the annotation payload.</p>
      * @public
      */
     ChecksumSHA256?: string | undefined;
     /**
-     * <p>The Base64 encoded, 512-bit <code>SHA512</code> digest of the object. This checksum is present
-     *       if the object was uploaded with the <code>SHA512</code> checksum algorithm. For more information, see
-     *       <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
-     *       the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The SHA512 checksum of the annotation payload.</p>
      * @public
      */
     ChecksumSHA512?: string | undefined;
     /**
-     * <p>The Base64 encoded, 128-bit <code>MD5</code> digest of the object. This checksum is present
-     *       if the object was uploaded with the <code>MD5</code> checksum algorithm. For more information, see
-     *       <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
-     *       the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The MD5 checksum of the annotation payload.</p>
      * @public
      */
     ChecksumMD5?: string | undefined;
     /**
-     * <p>The Base64 encoded, 64-bit <code>XXHASH64</code> checksum of the object. This checksum is present
-     *       if the object was uploaded with the <code>XXHASH64</code> checksum algorithm. For more information, see
-     *       <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
-     *       the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The XXHASH64 checksum of the annotation payload.</p>
      * @public
      */
     ChecksumXXHASH64?: string | undefined;
     /**
-     * <p>The Base64 encoded, 64-bit <code>XXHASH3</code> checksum of the object. This checksum is present
-     *       if the object was uploaded with the <code>XXHASH3</code> checksum algorithm. For more information, see
-     *       <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
-     *       the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The XXHASH3 checksum of the annotation payload.</p>
      * @public
      */
     ChecksumXXHASH3?: string | undefined;
     /**
-     * <p>The Base64 encoded, 128-bit <code>XXHASH128</code> checksum of the object. This checksum is present
-     *       if the object was uploaded with the <code>XXHASH128</code> checksum algorithm. For more information, see
-     *       <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
-     *       the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The XXHASH128 checksum of the annotation payload.</p>
      * @public
      */
     ChecksumXXHASH128?: string | undefined;
     /**
-     * <p>The checksum type that is used to calculate the object’s checksum value. For more information, see
-     *         <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking
-     *         object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The type of checksum used.</p>
      * @public
      */
     ChecksumType?: ChecksumType | undefined;
-}
-/**
+    /**
+     * <p>The server-side encryption algorithm used.</p>
+     * @public
+     */
+    ServerSideEncryption?: ServerSideEncryption | undefined;
+    /**
+     * <p>If present, indicates that the requester was successfully charged for the request. For more
+     *       information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html">Using Requester Pays buckets for storage transfers and usage</a> in the <i>Amazon Simple
+     *         Storage Service user guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
+     * @public
+     */
+    RequestCharged?: RequestCharged | undefined;
+    /**
+     * <p>The replication status of the annotation. Possible values include <code>PENDING</code>, <code>COMPLETED</code>, <code>FAILED</code>, and <code>REPLICA</code>.</p>
+     * @public
+     */
+    ReplicationStatus?: ReplicationStatus | undefined;
+}
+/**
+ * @public
+ */
+export interface GetObjectAnnotationRequest {
+    /**
+     * <p>The name of the bucket that contains the object.</p>
+     * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
+     * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
+     * @public
+     */
+    Bucket: string | undefined;
+    /**
+     * <p>The object key.</p>
+     * @public
+     */
+    Key: string | undefined;
+    /**
+     * <p>The name of the annotation to retrieve.</p>
+     *          <p>Length Constraints: Minimum length of 1. Maximum length of 512 bytes.</p>
+     * @public
+     */
+    AnnotationName: string | undefined;
+    /**
+     * <p>The version ID of the object.</p>
+     * @public
+     */
+    VersionId?: string | undefined;
+    /**
+     * <p>Confirms that the requester knows that they will be charged for the request. Bucket owners need not
+     *       specify this parameter in their requests. If either the source or destination S3 bucket has Requester
+     *       Pays enabled, the requester will pay for the corresponding charges. For information about
+     *       downloading objects from Requester Pays buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html">Downloading Objects in Requester Pays
+     *         Buckets</a> in the <i>Amazon S3 User Guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
+     * @public
+     */
+    RequestPayer?: RequestPayer | undefined;
+    /**
+     * <p>The account ID of the expected bucket owner. If the bucket is owned by a different account, the request fails with an HTTP 403 (Access Denied) error.</p>
+     * @public
+     */
+    ExpectedBucketOwner?: string | undefined;
+    /**
+     * <p>Set to <code>ENABLED</code> to validate the checksum of the annotation payload on retrieval.</p>
+     * @public
+     */
+    ChecksumMode?: ChecksumMode | undefined;
+}
+/**
+ * <p>Contains all the possible checksum or digest values for an object.</p>
+ * @public
+ */
+export interface Checksum {
+    /**
+     * <p>The Base64 encoded, 32-bit <code>CRC32 checksum</code> of the object. This checksum is only present if the checksum was uploaded
+     *     with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated
+     *     with multipart uploads, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums">
+     *     Checking object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumCRC32?: string | undefined;
+    /**
+     * <p>The Base64 encoded, 32-bit <code>CRC32C</code> checksum of the object. This checksum is only present if the checksum was uploaded
+     *     with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated
+     *     with multipart uploads, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums">
+     *     Checking object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumCRC32C?: string | undefined;
+    /**
+     * <p>The Base64 encoded, 64-bit <code>CRC64NVME</code> checksum of the object. This checksum is present
+     *       if the object was uploaded with the <code>CRC64NVME</code> checksum algorithm, or if the object was
+     *       uploaded without a checksum (and Amazon S3 added the default checksum, <code>CRC64NVME</code>, to the
+     *       uploaded object). For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
+     *       the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumCRC64NVME?: string | undefined;
+    /**
+     * <p>The Base64 encoded, 160-bit <code>SHA1</code> digest of the object. This checksum is only present if the checksum was uploaded
+     *     with the object. When you use the API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated
+     *     with multipart uploads, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums">
+     *     Checking object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumSHA1?: string | undefined;
+    /**
+     * <p>The Base64 encoded, 256-bit <code>SHA256</code> digest of the object. This checksum is only present if the checksum was uploaded
+     *     with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated
+     *     with multipart uploads, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums">
+     *     Checking object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumSHA256?: string | undefined;
+    /**
+     * <p>The Base64 encoded, 512-bit <code>SHA512</code> digest of the object. This checksum is present
+     *       if the object was uploaded with the <code>SHA512</code> checksum algorithm. For more information, see
+     *       <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
+     *       the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumSHA512?: string | undefined;
+    /**
+     * <p>The Base64 encoded, 128-bit <code>MD5</code> digest of the object. This checksum is present
+     *       if the object was uploaded with the <code>MD5</code> checksum algorithm. For more information, see
+     *       <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
+     *       the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumMD5?: string | undefined;
+    /**
+     * <p>The Base64 encoded, 64-bit <code>XXHASH64</code> checksum of the object. This checksum is present
+     *       if the object was uploaded with the <code>XXHASH64</code> checksum algorithm. For more information, see
+     *       <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
+     *       the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumXXHASH64?: string | undefined;
+    /**
+     * <p>The Base64 encoded, 64-bit <code>XXHASH3</code> checksum of the object. This checksum is present
+     *       if the object was uploaded with the <code>XXHASH3</code> checksum algorithm. For more information, see
+     *       <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
+     *       the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumXXHASH3?: string | undefined;
+    /**
+     * <p>The Base64 encoded, 128-bit <code>XXHASH128</code> checksum of the object. This checksum is present
+     *       if the object was uploaded with the <code>XXHASH128</code> checksum algorithm. For more information, see
+     *       <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
+     *       the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumXXHASH128?: string | undefined;
+    /**
+     * <p>The checksum type that is used to calculate the object’s checksum value. For more information, see
+     *         <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking
+     *         object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumType?: ChecksumType | undefined;
+}
+/**
  * <p>A container for elements related to an individual part.</p>
  * @public
  */
@@ -12001,118 +12334,270 @@ export interface ListMultipartUploadsRequest {
     RequestPayer?: RequestPayer | undefined;
 }
 /**
- * <p>Specifies the restoration status of an object. Objects in certain storage classes must be restored
- *       before they can be retrieved. For more information about these storage classes and how to work with
- *       archived objects, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html">
- *         Working with archived objects</a> in the <i>Amazon S3 User Guide</i>.</p>
- *          <note>
- *             <p>This functionality is not supported for directory buckets. Directory buckets only support <code>EXPRESS_ONEZONE</code> (the S3 Express One Zone storage class) in Availability Zones and <code>ONEZONE_IA</code> (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.</p>
- *          </note>
+ * <p>Describes a single annotation attached to an object, including its name, last modified time,
+ *       size, ETag, checksum algorithm, and replication status. Returned in the response from
+ *       <code>ListObjectAnnotations</code>.</p>
  * @public
  */
-export interface RestoreStatus {
+export interface AnnotationEntry {
     /**
-     * <p>Specifies whether the object is currently being restored. If the object restoration is in progress,
-     *       the header returns the value <code>TRUE</code>. For example:</p>
-     *          <p>
-     *             <code>x-amz-optional-object-attributes: IsRestoreInProgress="true"</code>
-     *          </p>
-     *          <p>If the object restoration has completed, the header returns the value <code>FALSE</code>. For
-     *       example:</p>
-     *          <p>
-     *             <code>x-amz-optional-object-attributes: IsRestoreInProgress="false",
-     *         RestoreExpiryDate="2012-12-21T00:00:00.000Z"</code>
-     *          </p>
-     *          <p>If the object hasn't been restored, there is no header response.</p>
+     * <p>The name of the annotation.</p>
      * @public
      */
-    IsRestoreInProgress?: boolean | undefined;
+    AnnotationName: string | undefined;
     /**
-     * <p>Indicates when the restored copy will expire. This value is populated only if the object has already
-     *       been restored. For example:</p>
-     *          <p>
-     *             <code>x-amz-optional-object-attributes: IsRestoreInProgress="false",
-     *         RestoreExpiryDate="2012-12-21T00:00:00.000Z"</code>
-     *          </p>
+     * <p>The date and time the annotation was last modified.</p>
      * @public
      */
-    RestoreExpiryDate?: Date | undefined;
+    LastModified: Date | undefined;
+    /**
+     * <p>The entity tag of the annotation.</p>
+     * @public
+     */
+    ETag?: string | undefined;
+    /**
+     * <p>The checksum algorithm used for the annotation.</p>
+     * @public
+     */
+    ChecksumAlgorithm?: ChecksumAlgorithm[] | undefined;
+    /**
+     * <p>The size of the annotation payload, in bytes.</p>
+     * @public
+     */
+    Size: number | undefined;
+    /**
+     * <p>The replication status of the annotation.</p>
+     * @public
+     */
+    ReplicationStatus?: ReplicationStatus | undefined;
 }
 /**
- * <p>An object consists of data and its descriptive metadata.</p>
  * @public
  */
-export interface _Object {
+export interface ListObjectAnnotationsOutput {
     /**
-     * <p>The name that you assign to an object. You use the object key to retrieve the object.</p>
+     * <p>The list of annotations attached to the object.</p>
      * @public
      */
-    Key?: string | undefined;
+    Annotations?: AnnotationEntry[] | undefined;
     /**
-     * <p>Creation date of the object.</p>
+     * <p>The bucket name.</p>
      * @public
      */
-    LastModified?: Date | undefined;
+    Bucket?: string | undefined;
     /**
-     * <p>The entity tag is a hash of the object. The ETag reflects changes only to the contents of an object,
-     *       not its metadata. The ETag may or may not be an MD5 digest of the object data. Whether or not it is
-     *       depends on how the object was created and how it is encrypted as described below:</p>
-     *          <ul>
-     *             <li>
-     *                <p>Objects created by the PUT Object, POST Object, or Copy operation, or through the Amazon Web Services
-     *           Management Console, and are encrypted by SSE-S3 or plaintext, have ETags that are an MD5 digest of
-     *           their object data.</p>
-     *             </li>
-     *             <li>
-     *                <p>Objects created by the PUT Object, POST Object, or Copy operation, or through the Amazon Web Services
-     *           Management Console, and are encrypted by SSE-C or SSE-KMS, have ETags that are not an MD5 digest of
-     *           their object data.</p>
-     *             </li>
-     *             <li>
-     *                <p>If an object is created by either the Multipart Upload or Part Copy operation, the ETag is not
-     *           an MD5 digest, regardless of the method of encryption. If an object is larger than 16 MB, the Amazon Web Services
-     *           Management Console will upload or copy that object as a Multipart Upload, and therefore the ETag
-     *           will not be an MD5 digest.</p>
-     *             </li>
-     *          </ul>
-     *          <note>
-     *             <p>
-     *                <b>Directory buckets</b> - MD5 is not supported by directory buckets.</p>
-     *          </note>
+     * <p>The object key.</p>
      * @public
      */
-    ETag?: string | undefined;
+    Key?: string | undefined;
     /**
-     * <p>The algorithm that was used to create a checksum of the object.</p>
+     * <p>The version ID of the object.</p>
      * @public
      */
-    ChecksumAlgorithm?: ChecksumAlgorithm[] | undefined;
+    ObjectVersionId?: string | undefined;
     /**
-     * <p>The checksum type that is used to calculate the object’s checksum value. For more information, see
-     *         <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking
-     *         object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The prefix used to filter the response.</p>
      * @public
      */
-    ChecksumType?: ChecksumType | undefined;
+    AnnotationPrefix?: string | undefined;
     /**
-     * <p>Size in bytes of the object</p>
+     * <p>The maximum number of annotations returned in the response.</p>
      * @public
      */
-    Size?: number | undefined;
+    MaxAnnotationResults?: number | undefined;
     /**
-     * <p>The class of storage used to store the object.</p>
-     *          <note>
-     *             <p>
-     *                <b>Directory buckets</b> -
-     *         Directory buckets only support <code>EXPRESS_ONEZONE</code> (the S3 Express One Zone storage class) in Availability Zones and <code>ONEZONE_IA</code> (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.</p>
-     *          </note>
+     * <p>The number of annotations returned.</p>
      * @public
      */
-    StorageClass?: ObjectStorageClass | undefined;
+    AnnotationCount?: number | undefined;
     /**
-     * <p>The owner of the object</p>
-     *          <note>
-     *             <p>
+     * <p>The continuation token used in this request.</p>
+     * @public
+     */
+    ContinuationToken?: string | undefined;
+    /**
+     * <p>The continuation token to use to retrieve the next page of results.</p>
+     * @public
+     */
+    NextContinuationToken?: string | undefined;
+    /**
+     * <p>If present, indicates that the requester was successfully charged for the request. For more
+     *       information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html">Using Requester Pays buckets for storage transfers and usage</a> in the <i>Amazon Simple
+     *         Storage Service user guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
+     * @public
+     */
+    RequestCharged?: RequestCharged | undefined;
+}
+/**
+ * @public
+ */
+export interface ListObjectAnnotationsRequest {
+    /**
+     * <p>The name of the bucket that contains the object.</p>
+     * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
+     * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
+     * @public
+     */
+    Bucket: string | undefined;
+    /**
+     * <p>The object key.</p>
+     * @public
+     */
+    Key: string | undefined;
+    /**
+     * <p>The version ID of the object.</p>
+     * @public
+     */
+    VersionId?: string | undefined;
+    /**
+     * <p>The maximum number of annotations to return in the response. Maximum is 1,000.</p>
+     * @public
+     */
+    MaxAnnotationResults?: number | undefined;
+    /**
+     * <p>Filter results to annotations whose name begins with the specified prefix.</p>
+     * @public
+     */
+    AnnotationPrefix?: string | undefined;
+    /**
+     * <p>Continuation token returned by a previous request to retrieve the next page.</p>
+     * @public
+     */
+    ContinuationToken?: string | undefined;
+    /**
+     * <p>Confirms that the requester knows that they will be charged for the request. Bucket owners need not
+     *       specify this parameter in their requests. If either the source or destination S3 bucket has Requester
+     *       Pays enabled, the requester will pay for the corresponding charges. For information about
+     *       downloading objects from Requester Pays buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html">Downloading Objects in Requester Pays
+     *         Buckets</a> in the <i>Amazon S3 User Guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
+     * @public
+     */
+    RequestPayer?: RequestPayer | undefined;
+    /**
+     * <p>The account ID of the expected bucket owner.</p>
+     * @public
+     */
+    ExpectedBucketOwner?: string | undefined;
+}
+/**
+ * <p>Specifies the restoration status of an object. Objects in certain storage classes must be restored
+ *       before they can be retrieved. For more information about these storage classes and how to work with
+ *       archived objects, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html">
+ *         Working with archived objects</a> in the <i>Amazon S3 User Guide</i>.</p>
+ *          <note>
+ *             <p>This functionality is not supported for directory buckets. Directory buckets only support <code>EXPRESS_ONEZONE</code> (the S3 Express One Zone storage class) in Availability Zones and <code>ONEZONE_IA</code> (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.</p>
+ *          </note>
+ * @public
+ */
+export interface RestoreStatus {
+    /**
+     * <p>Specifies whether the object is currently being restored. If the object restoration is in progress,
+     *       the header returns the value <code>TRUE</code>. For example:</p>
+     *          <p>
+     *             <code>x-amz-optional-object-attributes: IsRestoreInProgress="true"</code>
+     *          </p>
+     *          <p>If the object restoration has completed, the header returns the value <code>FALSE</code>. For
+     *       example:</p>
+     *          <p>
+     *             <code>x-amz-optional-object-attributes: IsRestoreInProgress="false",
+     *         RestoreExpiryDate="2012-12-21T00:00:00.000Z"</code>
+     *          </p>
+     *          <p>If the object hasn't been restored, there is no header response.</p>
+     * @public
+     */
+    IsRestoreInProgress?: boolean | undefined;
+    /**
+     * <p>Indicates when the restored copy will expire. This value is populated only if the object has already
+     *       been restored. For example:</p>
+     *          <p>
+     *             <code>x-amz-optional-object-attributes: IsRestoreInProgress="false",
+     *         RestoreExpiryDate="2012-12-21T00:00:00.000Z"</code>
+     *          </p>
+     * @public
+     */
+    RestoreExpiryDate?: Date | undefined;
+}
+/**
+ * <p>An object consists of data and its descriptive metadata.</p>
+ * @public
+ */
+export interface _Object {
+    /**
+     * <p>The name that you assign to an object. You use the object key to retrieve the object.</p>
+     * @public
+     */
+    Key?: string | undefined;
+    /**
+     * <p>Creation date of the object.</p>
+     * @public
+     */
+    LastModified?: Date | undefined;
+    /**
+     * <p>The entity tag is a hash of the object. The ETag reflects changes only to the contents of an object,
+     *       not its metadata. The ETag may or may not be an MD5 digest of the object data. Whether or not it is
+     *       depends on how the object was created and how it is encrypted as described below:</p>
+     *          <ul>
+     *             <li>
+     *                <p>Objects created by the PUT Object, POST Object, or Copy operation, or through the Amazon Web Services
+     *           Management Console, and are encrypted by SSE-S3 or plaintext, have ETags that are an MD5 digest of
+     *           their object data.</p>
+     *             </li>
+     *             <li>
+     *                <p>Objects created by the PUT Object, POST Object, or Copy operation, or through the Amazon Web Services
+     *           Management Console, and are encrypted by SSE-C or SSE-KMS, have ETags that are not an MD5 digest of
+     *           their object data.</p>
+     *             </li>
+     *             <li>
+     *                <p>If an object is created by either the Multipart Upload or Part Copy operation, the ETag is not
+     *           an MD5 digest, regardless of the method of encryption. If an object is larger than 16 MB, the Amazon Web Services
+     *           Management Console will upload or copy that object as a Multipart Upload, and therefore the ETag
+     *           will not be an MD5 digest.</p>
+     *             </li>
+     *          </ul>
+     *          <note>
+     *             <p>
+     *                <b>Directory buckets</b> - MD5 is not supported by directory buckets.</p>
+     *          </note>
+     * @public
+     */
+    ETag?: string | undefined;
+    /**
+     * <p>The algorithm that was used to create a checksum of the object.</p>
+     * @public
+     */
+    ChecksumAlgorithm?: ChecksumAlgorithm[] | undefined;
+    /**
+     * <p>The checksum type that is used to calculate the object’s checksum value. For more information, see
+     *         <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking
+     *         object integrity</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * @public
+     */
+    ChecksumType?: ChecksumType | undefined;
+    /**
+     * <p>Size in bytes of the object</p>
+     * @public
+     */
+    Size?: number | undefined;
+    /**
+     * <p>The class of storage used to store the object.</p>
+     *          <note>
+     *             <p>
+     *                <b>Directory buckets</b> -
+     *         Directory buckets only support <code>EXPRESS_ONEZONE</code> (the S3 Express One Zone storage class) in Availability Zones and <code>ONEZONE_IA</code> (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.</p>
+     *          </note>
+     * @public
+     */
+    StorageClass?: ObjectStorageClass | undefined;
+    /**
+     * <p>The owner of the object</p>
+     *          <note>
+     *             <p>
      *                <b>Directory buckets</b> - The bucket owner is returned as the
      *         object owner.</p>
      *          </note>
@@ -15148,156 +15633,87 @@ export interface PutObjectAclRequest {
 /**
  * @public
  */
-export interface PutObjectLegalHoldOutput {
+export interface PutObjectAnnotationOutput {
     /**
-     * <p>If present, indicates that the requester was successfully charged for the request. For more
-     *       information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html">Using Requester Pays buckets for storage transfers and usage</a> in the <i>Amazon Simple
-     *         Storage Service user guide</i>.</p>
-     *          <note>
-     *             <p>This functionality is not supported for directory buckets.</p>
-     *          </note>
+     * <p>The object key.</p>
      * @public
      */
-    RequestCharged?: RequestCharged | undefined;
-}
-/**
- * @public
- */
-export interface PutObjectLegalHoldRequest {
+    Key?: string | undefined;
     /**
-     * <p>The bucket name containing the object that you want to place a legal hold on. </p>
-     *          <p>
-     *             <b>Access points</b> - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form <i>AccessPointName</i>-<i>AccountId</i>.s3-accesspoint.<i>Region</i>.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html">Using access points</a> in the <i>Amazon S3 User Guide</i>.</p>
-     * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
-     * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
+     * <p>The name of the annotation.</p>
      * @public
      */
-    Bucket: string | undefined;
+    AnnotationName?: string | undefined;
     /**
-     * <p>The key name for the object that you want to place a legal hold on.</p>
+     * <p>The version ID of the object that the annotation was attached to.</p>
      * @public
      */
-    Key: string | undefined;
+    ObjectVersionId?: string | undefined;
     /**
-     * <p>Container element for the legal hold configuration you want to apply to the specified object.</p>
+     * <p>The entity tag of the annotation.</p>
      * @public
      */
-    LegalHold?: ObjectLockLegalHold | undefined;
+    ETag?: string | undefined;
     /**
-     * <p>Confirms that the requester knows that they will be charged for the request. Bucket owners need not
-     *       specify this parameter in their requests. If either the source or destination S3 bucket has Requester
-     *       Pays enabled, the requester will pay for the corresponding charges. For information about
-     *       downloading objects from Requester Pays buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html">Downloading Objects in Requester Pays
-     *         Buckets</a> in the <i>Amazon S3 User Guide</i>.</p>
-     *          <note>
-     *             <p>This functionality is not supported for directory buckets.</p>
-     *          </note>
+     * <p>The CRC32 checksum of the stored annotation.</p>
      * @public
      */
-    RequestPayer?: RequestPayer | undefined;
+    ChecksumCRC32?: string | undefined;
     /**
-     * <p>The version ID of the object that you want to place a legal hold on.</p>
+     * <p>The CRC32C checksum of the stored annotation.</p>
      * @public
      */
-    VersionId?: string | undefined;
+    ChecksumCRC32C?: string | undefined;
     /**
-     * <p>The MD5 hash for the request body.</p>
-     *          <p>For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.</p>
+     * <p>The CRC64NVME checksum of the stored annotation.</p>
      * @public
      */
-    ContentMD5?: string | undefined;
+    ChecksumCRC64NVME?: string | undefined;
     /**
-     * <p>Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any
-     *     additional functionality if you don't use the SDK. When you send this header, there must be a corresponding <code>x-amz-checksum</code> or
-     *     <code>x-amz-trailer</code> header sent. Otherwise, Amazon S3 fails the request with the HTTP status code <code>400 Bad Request</code>. For more
-     *     information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
-     *     the <i>Amazon S3 User Guide</i>.</p>
-     *          <p>If you provide an individual checksum, Amazon S3 ignores any provided <code>ChecksumAlgorithm</code>
-     *       parameter.</p>
+     * <p>The SHA1 checksum of the stored annotation.</p>
      * @public
      */
-    ChecksumAlgorithm?: ChecksumAlgorithm | undefined;
+    ChecksumSHA1?: string | undefined;
     /**
-     * <p>The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code <code>403 Forbidden</code> (access denied).</p>
+     * <p>The SHA256 checksum of the stored annotation.</p>
      * @public
      */
-    ExpectedBucketOwner?: string | undefined;
-}
-/**
- * @public
- */
-export interface PutObjectLockConfigurationOutput {
+    ChecksumSHA256?: string | undefined;
     /**
-     * <p>If present, indicates that the requester was successfully charged for the request. For more
-     *       information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html">Using Requester Pays buckets for storage transfers and usage</a> in the <i>Amazon Simple
-     *         Storage Service user guide</i>.</p>
-     *          <note>
-     *             <p>This functionality is not supported for directory buckets.</p>
-     *          </note>
+     * <p>The SHA512 checksum of the stored annotation.</p>
      * @public
      */
-    RequestCharged?: RequestCharged | undefined;
-}
-/**
- * @public
- */
-export interface PutObjectLockConfigurationRequest {
+    ChecksumSHA512?: string | undefined;
     /**
-     * <p>The bucket whose Object Lock configuration you want to create or replace.</p>
-     * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
-     * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
+     * <p>The MD5 checksum of the stored annotation.</p>
      * @public
      */
-    Bucket: string | undefined;
+    ChecksumMD5?: string | undefined;
     /**
-     * <p>The Object Lock configuration that you want to apply to the specified bucket.</p>
+     * <p>The XXHASH64 checksum of the stored annotation.</p>
      * @public
      */
-    ObjectLockConfiguration?: ObjectLockConfiguration | undefined;
+    ChecksumXXHASH64?: string | undefined;
     /**
-     * <p>Confirms that the requester knows that they will be charged for the request. Bucket owners need not
-     *       specify this parameter in their requests. If either the source or destination S3 bucket has Requester
-     *       Pays enabled, the requester will pay for the corresponding charges. For information about
-     *       downloading objects from Requester Pays buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html">Downloading Objects in Requester Pays
-     *         Buckets</a> in the <i>Amazon S3 User Guide</i>.</p>
-     *          <note>
-     *             <p>This functionality is not supported for directory buckets.</p>
-     *          </note>
+     * <p>The XXHASH3 checksum of the stored annotation.</p>
      * @public
      */
-    RequestPayer?: RequestPayer | undefined;
+    ChecksumXXHASH3?: string | undefined;
     /**
-     * <p>A token to allow Object Lock to be enabled for an existing bucket.</p>
+     * <p>The XXHASH128 checksum of the stored annotation.</p>
      * @public
      */
-    Token?: string | undefined;
+    ChecksumXXHASH128?: string | undefined;
     /**
-     * <p>The MD5 hash for the request body.</p>
-     *          <p>For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.</p>
+     * <p>The type of checksum used.</p>
      * @public
      */
-    ContentMD5?: string | undefined;
-    /**
-     * <p>Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any
-     *     additional functionality if you don't use the SDK. When you send this header, there must be a corresponding <code>x-amz-checksum</code> or
-     *     <code>x-amz-trailer</code> header sent. Otherwise, Amazon S3 fails the request with the HTTP status code <code>400 Bad Request</code>. For more
-     *     information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
-     *     the <i>Amazon S3 User Guide</i>.</p>
-     *          <p>If you provide an individual checksum, Amazon S3 ignores any provided <code>ChecksumAlgorithm</code>
-     *       parameter.</p>
-     * @public
-     */
-    ChecksumAlgorithm?: ChecksumAlgorithm | undefined;
+    ChecksumType?: ChecksumType | undefined;
     /**
-     * <p>The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code <code>403 Forbidden</code> (access denied).</p>
+     * <p>The server-side encryption algorithm used to encrypt the annotation.</p>
      * @public
      */
-    ExpectedBucketOwner?: string | undefined;
-}
-/**
- * @public
- */
-export interface PutObjectRetentionOutput {
+    ServerSideEncryption?: ServerSideEncryption | undefined;
     /**
      * <p>If present, indicates that the requester was successfully charged for the request. For more
      *       information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html">Using Requester Pays buckets for storage transfers and usage</a> in the <i>Amazon Simple
@@ -15312,67 +15728,117 @@ export interface PutObjectRetentionOutput {
 /**
  * @public
  */
-export interface PutObjectRetentionRequest {
+export interface PutObjectAnnotationRequest {
     /**
-     * <p>The bucket name that contains the object you want to apply this Object Retention configuration to. </p>
-     *          <p>
-     *             <b>Access points</b> - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form <i>AccessPointName</i>-<i>AccountId</i>.s3-accesspoint.<i>Region</i>.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html">Using access points</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The name of the bucket that contains the object.</p>
      * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
      * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
      * @public
      */
     Bucket: string | undefined;
     /**
-     * <p>The key name for the object that you want to apply this Object Retention configuration to.</p>
+     * <p>The object key.</p>
      * @public
      */
     Key: string | undefined;
     /**
-     * <p>The container element for the Object Retention configuration.</p>
+     * <p>The version ID of the object to attach the annotation to.</p>
      * @public
      */
-    Retention?: ObjectLockRetention | undefined;
+    VersionId?: string | undefined;
     /**
-     * <p>Confirms that the requester knows that they will be charged for the request. Bucket owners need not
-     *       specify this parameter in their requests. If either the source or destination S3 bucket has Requester
-     *       Pays enabled, the requester will pay for the corresponding charges. For information about
-     *       downloading objects from Requester Pays buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html">Downloading Objects in Requester Pays
-     *         Buckets</a> in the <i>Amazon S3 User Guide</i>.</p>
-     *          <note>
-     *             <p>This functionality is not supported for directory buckets.</p>
-     *          </note>
+     * <p>The name of the annotation.</p>
+     *          <p>Length Constraints: Minimum length of 1. Maximum length of 512 bytes.</p>
      * @public
      */
-    RequestPayer?: RequestPayer | undefined;
+    AnnotationName: string | undefined;
     /**
-     * <p>The version ID for the object that you want to apply this Object Retention configuration to.</p>
+     * <p>The annotation payload. Must be between 1 byte and 1 MiB in size, and must be valid UTF-8
+     *       encoded text. If the payload contains invalid UTF-8 bytes, the request fails with HTTP 415
+     *       (Unsupported Media Type). To store binary data, encode the payload using Base64 before
+     *       uploading.</p>
      * @public
      */
-    VersionId?: string | undefined;
+    AnnotationPayload: StreamingBlobTypes | undefined;
     /**
-     * <p>Indicates whether this action should bypass Governance-mode restrictions.</p>
+     * <p>If specified, the operation only succeeds if the object's ETag matches the provided value.</p>
      * @public
      */
-    BypassGovernanceRetention?: boolean | undefined;
+    ObjectIfMatch?: string | undefined;
     /**
-     * <p>The MD5 hash for the request body.</p>
-     *          <p>For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.</p>
+     * <p>The checksum algorithm to use. Supported values: <code>CRC32</code>, <code>CRC32C</code>, <code>CRC64NVME</code>, <code>SHA1</code>, <code>SHA256</code>, <code>SHA512</code>, <code>MD5</code>, <code>XXHASH64</code>, <code>XXHASH3</code>, <code>XXHASH128</code>.</p>
+     * @public
+     */
+    ChecksumAlgorithm?: ChecksumAlgorithm | undefined;
+    /**
+     * <p>Base64-encoded CRC32 checksum of the annotation payload.</p>
+     * @public
+     */
+    ChecksumCRC32?: string | undefined;
+    /**
+     * <p>Base64-encoded CRC32C checksum of the annotation payload.</p>
+     * @public
+     */
+    ChecksumCRC32C?: string | undefined;
+    /**
+     * <p>Base64-encoded CRC64NVME checksum of the annotation payload.</p>
+     * @public
+     */
+    ChecksumCRC64NVME?: string | undefined;
+    /**
+     * <p>Base64-encoded SHA1 checksum of the annotation payload.</p>
+     * @public
+     */
+    ChecksumSHA1?: string | undefined;
+    /**
+     * <p>Base64-encoded SHA256 checksum of the annotation payload.</p>
+     * @public
+     */
+    ChecksumSHA256?: string | undefined;
+    /**
+     * <p>Base64-encoded SHA512 checksum of the annotation payload.</p>
+     * @public
+     */
+    ChecksumSHA512?: string | undefined;
+    /**
+     * <p>Base64-encoded MD5 checksum of the annotation payload.</p>
+     * @public
+     */
+    ChecksumMD5?: string | undefined;
+    /**
+     * <p>Base64-encoded XXHASH64 checksum of the annotation payload.</p>
+     * @public
+     */
+    ChecksumXXHASH64?: string | undefined;
+    /**
+     * <p>Base64-encoded XXHASH3 checksum of the annotation payload.</p>
+     * @public
+     */
+    ChecksumXXHASH3?: string | undefined;
+    /**
+     * <p>Base64-encoded XXHASH128 checksum of the annotation payload.</p>
+     * @public
+     */
+    ChecksumXXHASH128?: string | undefined;
+    /**
+     * <p>Base64-encoded MD5 digest of the message.</p>
      * @public
      */
     ContentMD5?: string | undefined;
     /**
-     * <p>Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any
-     *     additional functionality if you don't use the SDK. When you send this header, there must be a corresponding <code>x-amz-checksum</code> or
-     *     <code>x-amz-trailer</code> header sent. Otherwise, Amazon S3 fails the request with the HTTP status code <code>400 Bad Request</code>. For more
-     *     information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
-     *     the <i>Amazon S3 User Guide</i>.</p>
-     *          <p>If you provide an individual checksum, Amazon S3 ignores any provided <code>ChecksumAlgorithm</code>
-     *       parameter.</p>
+     * <p>Confirms that the requester knows that they will be charged for the request. Bucket owners need not
+     *       specify this parameter in their requests. If either the source or destination S3 bucket has Requester
+     *       Pays enabled, the requester will pay for the corresponding charges. For information about
+     *       downloading objects from Requester Pays buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html">Downloading Objects in Requester Pays
+     *         Buckets</a> in the <i>Amazon S3 User Guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
      * @public
      */
-    ChecksumAlgorithm?: ChecksumAlgorithm | undefined;
+    RequestPayer?: RequestPayer | undefined;
     /**
-     * <p>The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code <code>403 Forbidden</code> (access denied).</p>
+     * <p>The account ID of the expected bucket owner. If the bucket is owned by a different account, the request fails with an HTTP 403 (Access Denied) error.</p>
      * @public
      */
     ExpectedBucketOwner?: string | undefined;
@@ -15380,37 +15846,55 @@ export interface PutObjectRetentionRequest {
 /**
  * @public
  */
-export interface PutObjectTaggingOutput {
+export interface PutObjectLegalHoldOutput {
     /**
-     * <p>The versionId of the object the tag-set was added to.</p>
+     * <p>If present, indicates that the requester was successfully charged for the request. For more
+     *       information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html">Using Requester Pays buckets for storage transfers and usage</a> in the <i>Amazon Simple
+     *         Storage Service user guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
      * @public
      */
-    VersionId?: string | undefined;
+    RequestCharged?: RequestCharged | undefined;
 }
 /**
  * @public
  */
-export interface PutObjectTaggingRequest {
+export interface PutObjectLegalHoldRequest {
     /**
-     * <p>The bucket name containing the object. </p>
+     * <p>The bucket name containing the object that you want to place a legal hold on. </p>
      *          <p>
      *             <b>Access points</b> - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form <i>AccessPointName</i>-<i>AccountId</i>.s3-accesspoint.<i>Region</i>.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html">Using access points</a> in the <i>Amazon S3 User Guide</i>.</p>
-     *          <p>
-     *             <b>S3 on Outposts</b> - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the
-     *                      form <code>
-     *                <i>AccessPointName</i>-<i>AccountId</i>.<i>outpostID</i>.s3-outposts.<i>Region</i>.amazonaws.com</code>. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html">What is S3 on Outposts?</a> in the <i>Amazon S3 User Guide</i>.</p>
      * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
      * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
      * @public
      */
     Bucket: string | undefined;
     /**
-     * <p>Name of the object key.</p>
+     * <p>The key name for the object that you want to place a legal hold on.</p>
      * @public
      */
     Key: string | undefined;
     /**
-     * <p>The versionId of the object that the tag-set will be added to.</p>
+     * <p>Container element for the legal hold configuration you want to apply to the specified object.</p>
+     * @public
+     */
+    LegalHold?: ObjectLockLegalHold | undefined;
+    /**
+     * <p>Confirms that the requester knows that they will be charged for the request. Bucket owners need not
+     *       specify this parameter in their requests. If either the source or destination S3 bucket has Requester
+     *       Pays enabled, the requester will pay for the corresponding charges. For information about
+     *       downloading objects from Requester Pays buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html">Downloading Objects in Requester Pays
+     *         Buckets</a> in the <i>Amazon S3 User Guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
+     * @public
+     */
+    RequestPayer?: RequestPayer | undefined;
+    /**
+     * <p>The version ID of the object that you want to place a legal hold on.</p>
      * @public
      */
     VersionId?: string | undefined;
@@ -15431,37 +15915,62 @@ export interface PutObjectTaggingRequest {
      * @public
      */
     ChecksumAlgorithm?: ChecksumAlgorithm | undefined;
-    /**
-     * <p>Container for the <code>TagSet</code> and <code>Tag</code> elements</p>
-     * @public
-     */
-    Tagging: Tagging | undefined;
     /**
      * <p>The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code <code>403 Forbidden</code> (access denied).</p>
      * @public
      */
     ExpectedBucketOwner?: string | undefined;
+}
+/**
+ * @public
+ */
+export interface PutObjectLockConfigurationOutput {
     /**
-     * <p>Confirms that the requester knows that she or he will be charged for the tagging object
-     *       request. Bucket owners need not specify this parameter in their requests.</p>
+     * <p>If present, indicates that the requester was successfully charged for the request. For more
+     *       information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html">Using Requester Pays buckets for storage transfers and usage</a> in the <i>Amazon Simple
+     *         Storage Service user guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
      * @public
      */
-    RequestPayer?: RequestPayer | undefined;
+    RequestCharged?: RequestCharged | undefined;
 }
 /**
  * @public
  */
-export interface PutPublicAccessBlockRequest {
+export interface PutObjectLockConfigurationRequest {
     /**
-     * <p>The name of the Amazon S3 bucket whose <code>PublicAccessBlock</code> configuration you want to
-     *       set.</p>
+     * <p>The bucket whose Object Lock configuration you want to create or replace.</p>
      * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
      * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
      * @public
      */
     Bucket: string | undefined;
     /**
-     * <p>The MD5 hash of the <code>PutPublicAccessBlock</code> request body. </p>
+     * <p>The Object Lock configuration that you want to apply to the specified bucket.</p>
+     * @public
+     */
+    ObjectLockConfiguration?: ObjectLockConfiguration | undefined;
+    /**
+     * <p>Confirms that the requester knows that they will be charged for the request. Bucket owners need not
+     *       specify this parameter in their requests. If either the source or destination S3 bucket has Requester
+     *       Pays enabled, the requester will pay for the corresponding charges. For information about
+     *       downloading objects from Requester Pays buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html">Downloading Objects in Requester Pays
+     *         Buckets</a> in the <i>Amazon S3 User Guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
+     * @public
+     */
+    RequestPayer?: RequestPayer | undefined;
+    /**
+     * <p>A token to allow Object Lock to be enabled for an existing bucket.</p>
+     * @public
+     */
+    Token?: string | undefined;
+    /**
+     * <p>The MD5 hash for the request body.</p>
      *          <p>For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.</p>
      * @public
      */
@@ -15477,13 +15986,6 @@ export interface PutPublicAccessBlockRequest {
      * @public
      */
     ChecksumAlgorithm?: ChecksumAlgorithm | undefined;
-    /**
-     * <p>The <code>PublicAccessBlock</code> configuration that you want to apply to this Amazon S3
-     *       bucket. You can enable the configuration options in any combination. For more information
-     *       about when Amazon S3 considers a bucket or object public, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status">The Meaning of "Public"</a> in the <i>Amazon S3 User Guide</i>.</p>
-     * @public
-     */
-    PublicAccessBlockConfiguration: PublicAccessBlockConfiguration | undefined;
     /**
      * <p>The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code <code>403 Forbidden</code> (access denied).</p>
      * @public
@@ -15493,322 +15995,196 @@ export interface PutPublicAccessBlockRequest {
 /**
  * @public
  */
-export interface RenameObjectOutput {
+export interface PutObjectRetentionOutput {
+    /**
+     * <p>If present, indicates that the requester was successfully charged for the request. For more
+     *       information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html">Using Requester Pays buckets for storage transfers and usage</a> in the <i>Amazon Simple
+     *         Storage Service user guide</i>.</p>
+     *          <note>
+     *             <p>This functionality is not supported for directory buckets.</p>
+     *          </note>
+     * @public
+     */
+    RequestCharged?: RequestCharged | undefined;
 }
 /**
  * @public
  */
-export interface RenameObjectRequest {
+export interface PutObjectRetentionRequest {
     /**
-     * <p>The bucket name of the directory bucket containing the object.</p>
-     *          <p> You must use virtual-hosted-style requests in the format
-     *         <code>Bucket-name.s3express-zone-id.region-code.amazonaws.com</code>. Path-style requests are not
-     *       supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must
-     *       follow the format <code>bucket-base-name--zone-id--x-s3 </code> (for example,
-     *         <code>amzn-s3-demo-bucket--usw2-az1--x-s3</code>). For information about bucket naming restrictions, see
-     *         <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html">Directory bucket naming rules</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * <p>The bucket name that contains the object you want to apply this Object Retention configuration to. </p>
+     *          <p>
+     *             <b>Access points</b> - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form <i>AccessPointName</i>-<i>AccountId</i>.s3-accesspoint.<i>Region</i>.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html">Using access points</a> in the <i>Amazon S3 User Guide</i>.</p>
      * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
      * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
      * @public
      */
     Bucket: string | undefined;
     /**
-     * <p>Key name of the object to rename.</p>
+     * <p>The key name for the object that you want to apply this Object Retention configuration to.</p>
      * @public
      */
     Key: string | undefined;
     /**
-     * <p>Specifies the source for the rename operation. The value must be URL encoded.</p>
-     * @public
-     */
-    RenameSource: string | undefined;
-    /**
-     * <p>Renames the object only if the ETag (entity tag) value provided during the operation matches the
-     *       ETag of the object in S3. The <code>If-Match</code> header field makes the request method conditional on
-     *       ETags. If the ETag values do not match, the operation returns a <code>412 Precondition Failed</code>
-     *       error.</p>
-     *          <p>Expects the ETag value as a string.</p>
-     * @public
-     */
-    DestinationIfMatch?: string | undefined;
-    /**
-     * <p> Renames the object only if the destination does not already exist in the specified directory
-     *       bucket. If the object does exist when you send a request with <code>If-None-Match:*</code>, the S3 API
-     *       will return a <code>412 Precondition Failed</code> error, preventing an overwrite. The
-     *         <code>If-None-Match</code> header prevents overwrites of existing data by validating that there's not
-     *       an object with the same key name already in your directory bucket.</p>
-     *          <p> Expects the <code>*</code> character (asterisk).</p>
-     * @public
-     */
-    DestinationIfNoneMatch?: string | undefined;
-    /**
-     * <p>Renames the object if the destination exists and if it has been modified since the specified
-     *       time.</p>
-     * @public
-     */
-    DestinationIfModifiedSince?: Date | undefined;
-    /**
-     * <p>Renames the object if it hasn't been modified since the specified time.</p>
-     * @public
-     */
-    DestinationIfUnmodifiedSince?: Date | undefined;
-    /**
-     * <p>Renames the object if the source exists and if its entity tag (ETag) matches the specified ETag.
-     *     </p>
-     * @public
-     */
-    SourceIfMatch?: string | undefined;
-    /**
-     * <p>Renames the object if the source exists and if its entity tag (ETag) is different than the specified
-     *       ETag. If an asterisk (<code>*</code>) character is provided, the operation will fail and return a
-     *         <code>412 Precondition Failed</code> error. </p>
-     * @public
-     */
-    SourceIfNoneMatch?: string | undefined;
-    /**
-     * <p>Renames the object if the source exists and if it has been modified since the specified time.</p>
-     * @public
-     */
-    SourceIfModifiedSince?: Date | undefined;
-    /**
-     * <p>Renames the object if the source exists and hasn't been modified since the specified time.</p>
-     * @public
-     */
-    SourceIfUnmodifiedSince?: Date | undefined;
-    /**
-     * <p> A unique string with a max of 64 ASCII characters in the ASCII range of 33 - 126.</p>
-     *          <note>
-     *             <p>
-     *                <code>RenameObject</code> supports idempotency using a client token. To make an idempotent API request
-     *         using <code>RenameObject</code>, specify a client token in the request. You should not reuse the same
-     *         client token for other API requests. If you retry a request that completed successfully using the same
-     *         client token and the same parameters, the retry succeeds without performing any further actions. If
-     *         you retry a successful request using the same client token, but one or more of the parameters are
-     *         different, the retry fails and an <code>IdempotentParameterMismatch</code> error is returned. </p>
-     *          </note>
+     * <p>The container element for the Object Retention configuration.</p>
      * @public
      */
-    ClientToken?: string | undefined;
-}
-/**
- * @public
- */
-export interface RestoreObjectOutput {
+    Retention?: ObjectLockRetention | undefined;
     /**
-     * <p>If present, indicates that the requester was successfully charged for the request. For more
-     *       information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html">Using Requester Pays buckets for storage transfers and usage</a> in the <i>Amazon Simple
-     *         Storage Service user guide</i>.</p>
+     * <p>Confirms that the requester knows that they will be charged for the request. Bucket owners need not
+     *       specify this parameter in their requests. If either the source or destination S3 bucket has Requester
+     *       Pays enabled, the requester will pay for the corresponding charges. For information about
+     *       downloading objects from Requester Pays buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html">Downloading Objects in Requester Pays
+     *         Buckets</a> in the <i>Amazon S3 User Guide</i>.</p>
      *          <note>
      *             <p>This functionality is not supported for directory buckets.</p>
      *          </note>
      * @public
      */
-    RequestCharged?: RequestCharged | undefined;
+    RequestPayer?: RequestPayer | undefined;
     /**
-     * <p>Indicates the path in the provided S3 output location where Select results will be restored
-     *       to.</p>
+     * <p>The version ID for the object that you want to apply this Object Retention configuration to.</p>
      * @public
      */
-    RestoreOutputPath?: string | undefined;
-}
-/**
- * <p>Container for S3 Glacier job parameters.</p>
- * @public
- */
-export interface GlacierJobParameters {
+    VersionId?: string | undefined;
     /**
-     * <p>Retrieval tier at which the restore will be processed.</p>
+     * <p>Indicates whether this action should bypass Governance-mode restrictions.</p>
      * @public
      */
-    Tier: Tier | undefined;
-}
-/**
- * <p>Contains the type of server-side encryption used.</p>
- * @public
- */
-export interface Encryption {
+    BypassGovernanceRetention?: boolean | undefined;
     /**
-     * <p>The server-side encryption algorithm used when storing job results in Amazon S3 (for example, AES256,
-     *         <code>aws:kms</code>).</p>
+     * <p>The MD5 hash for the request body.</p>
+     *          <p>For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.</p>
      * @public
      */
-    EncryptionType: ServerSideEncryption | undefined;
+    ContentMD5?: string | undefined;
     /**
-     * <p>If the encryption type is <code>aws:kms</code>, this optional value specifies the ID of the
-     *       symmetric encryption customer managed key to use for encryption of job results. Amazon S3 only supports symmetric
-     *       encryption KMS keys. For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html">Asymmetric keys in KMS</a> in the
-     *         <i>Amazon Web Services Key Management Service Developer Guide</i>.</p>
+     * <p>Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any
+     *     additional functionality if you don't use the SDK. When you send this header, there must be a corresponding <code>x-amz-checksum</code> or
+     *     <code>x-amz-trailer</code> header sent. Otherwise, Amazon S3 fails the request with the HTTP status code <code>400 Bad Request</code>. For more
+     *     information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
+     *     the <i>Amazon S3 User Guide</i>.</p>
+     *          <p>If you provide an individual checksum, Amazon S3 ignores any provided <code>ChecksumAlgorithm</code>
+     *       parameter.</p>
      * @public
      */
-    KMSKeyId?: string | undefined;
+    ChecksumAlgorithm?: ChecksumAlgorithm | undefined;
     /**
-     * <p>If the encryption type is <code>aws:kms</code>, this optional value can be used to specify the
-     *       encryption context for the restore results.</p>
+     * <p>The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code <code>403 Forbidden</code> (access denied).</p>
      * @public
      */
-    KMSContext?: string | undefined;
+    ExpectedBucketOwner?: string | undefined;
 }
 /**
- * <p>A metadata key-value pair to store with an object.</p>
  * @public
  */
-export interface MetadataEntry {
-    /**
-     * <p>Name of the object.</p>
-     * @public
-     */
-    Name?: string | undefined;
+export interface PutObjectTaggingOutput {
     /**
-     * <p>Value of the object.</p>
+     * <p>The versionId of the object the tag-set was added to.</p>
      * @public
      */
-    Value?: string | undefined;
+    VersionId?: string | undefined;
 }
 /**
- * <p>Describes an Amazon S3 location that will receive the results of the restore request.</p>
  * @public
  */
-export interface S3Location {
-    /**
-     * <p>The name of the bucket where the restore results will be placed.</p>
-     * @public
-     */
-    BucketName: string | undefined;
+export interface PutObjectTaggingRequest {
     /**
-     * <p>The prefix that is prepended to the restore results for this request.</p>
+     * <p>The bucket name containing the object. </p>
+     *          <p>
+     *             <b>Access points</b> - When you use this action with an access point for general purpose buckets, you must provide the alias of the access point in place of the bucket name or specify the access point ARN. When you use this action with an access point for directory buckets, you must provide the access point name in place of the bucket name. When using the access point ARN, you must direct requests to the access point hostname. The access point hostname takes the form <i>AccessPointName</i>-<i>AccountId</i>.s3-accesspoint.<i>Region</i>.amazonaws.com. When using this action with an access point through the Amazon Web Services SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html">Using access points</a> in the <i>Amazon S3 User Guide</i>.</p>
+     *          <p>
+     *             <b>S3 on Outposts</b> - When you use this action with S3 on Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname takes the
+     *                      form <code>
+     *                <i>AccessPointName</i>-<i>AccountId</i>.<i>outpostID</i>.s3-outposts.<i>Region</i>.amazonaws.com</code>. When you use this action with S3 on Outposts, the destination bucket must be the Outposts access point ARN or the access point alias. For more information about S3 on Outposts, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html">What is S3 on Outposts?</a> in the <i>Amazon S3 User Guide</i>.</p>
+     * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
+     * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
      * @public
      */
-    Prefix: string | undefined;
+    Bucket: string | undefined;
     /**
-     * <p>Contains the type of server-side encryption used.</p>
+     * <p>Name of the object key.</p>
      * @public
      */
-    Encryption?: Encryption | undefined;
+    Key: string | undefined;
     /**
-     * <p>The canned ACL to apply to the restore results.</p>
+     * <p>The versionId of the object that the tag-set will be added to.</p>
      * @public
      */
-    CannedACL?: ObjectCannedACL | undefined;
+    VersionId?: string | undefined;
     /**
-     * <p>A list of grants that control access to the staged results.</p>
+     * <p>The MD5 hash for the request body.</p>
+     *          <p>For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.</p>
      * @public
      */
-    AccessControlList?: Grant[] | undefined;
+    ContentMD5?: string | undefined;
     /**
-     * <p>The tag-set that is applied to the restore results.</p>
+     * <p>Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any
+     *     additional functionality if you don't use the SDK. When you send this header, there must be a corresponding <code>x-amz-checksum</code> or
+     *     <code>x-amz-trailer</code> header sent. Otherwise, Amazon S3 fails the request with the HTTP status code <code>400 Bad Request</code>. For more
+     *     information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
+     *     the <i>Amazon S3 User Guide</i>.</p>
+     *          <p>If you provide an individual checksum, Amazon S3 ignores any provided <code>ChecksumAlgorithm</code>
+     *       parameter.</p>
      * @public
      */
-    Tagging?: Tagging | undefined;
+    ChecksumAlgorithm?: ChecksumAlgorithm | undefined;
     /**
-     * <p>A list of metadata to store with the restore results in S3.</p>
+     * <p>Container for the <code>TagSet</code> and <code>Tag</code> elements</p>
      * @public
      */
-    UserMetadata?: MetadataEntry[] | undefined;
+    Tagging: Tagging | undefined;
     /**
-     * <p>The class of storage used to store the restore results.</p>
+     * <p>The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code <code>403 Forbidden</code> (access denied).</p>
      * @public
      */
-    StorageClass?: StorageClass | undefined;
-}
-/**
- * <p>Describes the location where the restore job's output is stored.</p>
- * @public
- */
-export interface OutputLocation {
+    ExpectedBucketOwner?: string | undefined;
     /**
-     * <p>Describes an S3 location that will receive the results of the restore request.</p>
+     * <p>Confirms that the requester knows that she or he will be charged for the tagging object
+     *       request. Bucket owners need not specify this parameter in their requests.</p>
      * @public
      */
-    S3?: S3Location | undefined;
+    RequestPayer?: RequestPayer | undefined;
 }
 /**
- * <p>Describes how an uncompressed comma-separated values (CSV)-formatted input object is
- *       formatted.</p>
  * @public
  */
-export interface CSVInput {
-    /**
-     * <p>Describes the first line of input. Valid values are:</p>
-     *          <ul>
-     *             <li>
-     *                <p>
-     *                   <code>NONE</code>: First line is not a header.</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>IGNORE</code>: First line is a header, but you can't use the header values to indicate the
-     *           column in an expression. You can use column position (such as _1, _2, …) to indicate the column
-     *             (<code>SELECT s._1 FROM OBJECT s</code>).</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>Use</code>: First line is a header, and you can use the header value to identify a column
-     *           in an expression (<code>SELECT "name" FROM OBJECT</code>). </p>
-     *             </li>
-     *          </ul>
-     * @public
-     */
-    FileHeaderInfo?: FileHeaderInfo | undefined;
-    /**
-     * <p>A single character used to indicate that a row should be ignored when the character is present at
-     *       the start of that row. You can specify any character to indicate a comment line. The default character
-     *       is <code>#</code>.</p>
-     *          <p>Default: <code>#</code>
-     *          </p>
-     * @public
-     */
-    Comments?: string | undefined;
-    /**
-     * <p>A single character used for escaping the quotation mark character inside an already escaped value.
-     *       For example, the value <code>""" a , b """</code> is parsed as <code>" a , b "</code>.</p>
-     * @public
-     */
-    QuoteEscapeCharacter?: string | undefined;
+export interface PutPublicAccessBlockRequest {
     /**
-     * <p>A single character used to separate individual records in the input. Instead of the default value,
-     *       you can specify an arbitrary delimiter.</p>
+     * <p>The name of the Amazon S3 bucket whose <code>PublicAccessBlock</code> configuration you want to
+     *       set.</p>
+     * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies.
+     * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p>
      * @public
      */
-    RecordDelimiter?: string | undefined;
+    Bucket: string | undefined;
     /**
-     * <p>A single character used to separate individual fields in a record. You can specify an arbitrary
-     *       delimiter.</p>
+     * <p>The MD5 hash of the <code>PutPublicAccessBlock</code> request body. </p>
+     *          <p>For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.</p>
      * @public
      */
-    FieldDelimiter?: string | undefined;
+    ContentMD5?: string | undefined;
     /**
-     * <p>A single character used for escaping when the field delimiter is part of the value. For example, if
-     *       the value is <code>a, b</code>, Amazon S3 wraps this field value in quotation marks, as follows: <code>" a ,
-     *         b "</code>.</p>
-     *          <p>Type: String</p>
-     *          <p>Default: <code>"</code>
-     *          </p>
-     *          <p>Ancestors: <code>CSV</code>
-     *          </p>
+     * <p>Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any
+     *     additional functionality if you don't use the SDK. When you send this header, there must be a corresponding <code>x-amz-checksum</code> or
+     *     <code>x-amz-trailer</code> header sent. Otherwise, Amazon S3 fails the request with the HTTP status code <code>400 Bad Request</code>. For more
+     *     information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in
+     *     the <i>Amazon S3 User Guide</i>.</p>
+     *          <p>If you provide an individual checksum, Amazon S3 ignores any provided <code>ChecksumAlgorithm</code>
+     *       parameter.</p>
      * @public
      */
-    QuoteCharacter?: string | undefined;
+    ChecksumAlgorithm?: ChecksumAlgorithm | undefined;
     /**
-     * <p>Specifies that CSV field values may contain quoted record delimiters and such records should be
-     *       allowed. Default value is FALSE. Setting this value to TRUE may lower performance.</p>
+     * <p>The <code>PublicAccessBlock</code> configuration that you want to apply to this Amazon S3
+     *       bucket. You can enable the configuration options in any combination. For more information
+     *       about when Amazon S3 considers a bucket or object public, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status">The Meaning of "Public"</a> in the <i>Amazon S3 User Guide</i>.</p>
      * @public
      */
-    AllowQuotedRecordDelimiter?: boolean | undefined;
-}
-/**
- * <p>Specifies JSON as object's input serialization format.</p>
- * @public
- */
-export interface JSONInput {
+    PublicAccessBlockConfiguration: PublicAccessBlockConfiguration | undefined;
     /**
-     * <p>The type of JSON. Valid values: Document, Lines.</p>
+     * <p>The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code <code>403 Forbidden</code> (access denied).</p>
      * @public
      */
-    Type?: JSONType | undefined;
-}
-/**
- * <p>Container for Parquet.</p>
- * @public
- */
-export interface ParquetInput {
+    ExpectedBucketOwner?: string | undefined;
 }