@aws-sdk/client-s3 3.41.0 → 3.45.0

package/dist-types/commands/CreateBucketCommand.d.ts

@@ -27,9 +27,20 @@ export interface CreateBucketCommandOutput extends CreateBucketOutput, __Metadat
  *             bucket in a Region other than US East (N. Virginia), your application must be able to
  *             handle 307 redirect. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html">Virtual hosting of buckets</a>.</p>
  *          </note>
- *          <p>When creating a bucket using this operation, you can optionally specify the accounts or
- *          groups that should be granted specific permissions on the bucket. There are two ways to
- *          grant the appropriate permissions using the request headers.</p>
+ *          <p>
+ *             <b>Access control lists (ACLs)</b>
+ *          </p>
+ *          <p>When creating a bucket using this operation, you can optionally configure the bucket ACL to specify the accounts or
+ *          groups that should be granted specific permissions on the bucket.</p>
+ *          <important>
+ *             <p>If your CreateBucket request includes the <code>BucketOwnerEnforced</code> value for
+ *             the <code>x-amz-object-ownership</code> header, your request can either not specify
+ *             an ACL or specify bucket owner full control ACLs, such as the <code>bucket-owner-full-control</code>
+ *             canned ACL or an equivalent ACL expressed in the XML format. For
+ *             more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html">Controlling object
+ *                ownership</a> in the <i>Amazon S3 User Guide</i>.</p>
+ *          </important>
+ *          <p>There are two ways to grant the appropriate permissions using the request headers.</p>
  *          <ul>
  *             <li>
  *                <p>Specify a canned ACL using the <code>x-amz-acl</code> request header. Amazon S3
@@ -42,7 +53,7 @@ export interface CreateBucketCommandOutput extends CreateBucketOutput, __Metadat
  *                   <code>x-amz-grant-write</code>, <code>x-amz-grant-read-acp</code>,
  *                   <code>x-amz-grant-write-acp</code>, and <code>x-amz-grant-full-control</code>
  *                headers. These headers map to the set of permissions Amazon S3 supports in an ACL. For
- *                more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html">Access control list
+ *                more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html">Access control list
  *                   (ACL) overview</a>.</p>
  *                <p>You specify each grantee as a type=value pair, where the type is one of the
  *                following:</p>
@@ -106,13 +117,30 @@ export interface CreateBucketCommandOutput extends CreateBucketOutput, __Metadat
  *          <p>
  *             <b>Permissions</b>
  *          </p>
- *          <p>If your <code>CreateBucket</code> request specifies ACL permissions and the ACL is public-read, public-read-write,
- *          authenticated-read, or if you specify access permissions explicitly through any other ACL, both
- *          <code>s3:CreateBucket</code> and <code>s3:PutBucketAcl</code> permissions are needed. If the ACL the
- *          <code>CreateBucket</code> request is private, only <code>s3:CreateBucket</code> permission is needed. </p>
- *          <p>If <code>ObjectLockEnabledForBucket</code> is set to true in your <code>CreateBucket</code> request,
- *          <code>s3:PutBucketObjectLockConfiguration</code> and <code>s3:PutBucketVersioning</code> permissions are required.</p>
- *
+ *          <p>In addition to <code>s3:CreateBucket</code>, the following permissions are required when your CreateBucket includes specific headers:</p>
+ *          <ul>
+ *             <li>
+ *                <p>
+ *                   <b>ACLs</b> - If your <code>CreateBucket</code> request specifies ACL permissions and the ACL is public-read, public-read-write,
+ *                authenticated-read, or if you specify access permissions explicitly through any other ACL, both
+ *                <code>s3:CreateBucket</code> and <code>s3:PutBucketAcl</code> permissions are needed. If the ACL the
+ *                <code>CreateBucket</code> request is private or doesn't specify any ACLs, only <code>s3:CreateBucket</code> permission is needed. </p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <b>Object Lock</b> - If
+ *                   <code>ObjectLockEnabledForBucket</code> is set to true in your
+ *                   <code>CreateBucket</code> request,
+ *                   <code>s3:PutBucketObjectLockConfiguration</code> and
+ *                   <code>s3:PutBucketVersioning</code> permissions are required.</p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <b>S3 Object Ownership</b> - If your CreateBucket
+ *                request includes the the <code>x-amz-object-ownership</code> header,
+ *                   <code>s3:PutBucketOwnershipControls</code> permission is required.</p>
+ *             </li>
+ *          </ul>
  *          <p>The following operations are related to <code>CreateBucket</code>:</p>
  *          <ul>
  *             <li>

package/dist-types/commands/DeleteBucketIntelligentTieringConfigurationCommand.d.ts

@@ -8,8 +8,8 @@ export interface DeleteBucketIntelligentTieringConfigurationCommandOutput extend
 }
 /**
  * <p>Deletes the S3 Intelligent-Tiering configuration from the specified bucket.</p>
- *          <p>The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in two low latency and high throughput access tiers. For data that can be accessed asynchronously, you can choose to activate automatic archiving capabilities within the S3 Intelligent-Tiering storage class.</p>
- *          <p>The S3 Intelligent-Tiering storage class is  the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class.</p>
+ *          <p>The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in three low latency and high throughput access tiers. To get the lowest storage cost on data that can be accessed in minutes to hours, you can choose to activate additional archiving capabilities.</p>
+ *          <p>The S3 Intelligent-Tiering storage class is  the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not monitored and not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class.</p>
  *          <p>For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access">Storage class for automatically optimizing frequently and infrequently accessed objects</a>.</p>
  *          <p>Operations related to
  *             <code>DeleteBucketIntelligentTieringConfiguration</code> include: </p>

package/dist-types/commands/GetBucketAclCommand.d.ts

@@ -12,6 +12,13 @@ export interface GetBucketAclCommandOutput extends GetBucketAclOutput, __Metadat
  *          return the ACL of the bucket, you must have <code>READ_ACP</code> access to the bucket. If
  *             <code>READ_ACP</code> permission is granted to the anonymous user, you can return the
  *          ACL of the bucket without using an authorization header.</p>
+ *          <note>
+ *             <p>If your bucket uses the bucket owner enforced setting for S3 Object Ownership,
+ *             requests to read ACLs are still supported and return the <code>bucket-owner-full-control</code>
+ *             ACL with the owner being the account that created the bucket. For more information, see
+ *             <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html">
+ *                Controlling object ownership and disabling ACLs</a> in the <i>Amazon S3 User Guide</i>.</p>
+ *          </note>
  *
  *          <p class="title">
  *             <b>Related Resources</b>

package/dist-types/commands/GetBucketIntelligentTieringConfigurationCommand.d.ts

@@ -8,8 +8,8 @@ export interface GetBucketIntelligentTieringConfigurationCommandOutput extends G
 }
 /**
  * <p>Gets the S3 Intelligent-Tiering configuration from the specified bucket.</p>
- *          <p>The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in two low latency and high throughput access tiers. For data that can be accessed asynchronously, you can choose to activate automatic archiving capabilities within the S3 Intelligent-Tiering storage class.</p>
- *          <p>The S3 Intelligent-Tiering storage class is  the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class.</p>
+ *          <p>The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in three low latency and high throughput access tiers. To get the lowest storage cost on data that can be accessed in minutes to hours, you can choose to activate additional archiving capabilities.</p>
+ *          <p>The S3 Intelligent-Tiering storage class is  the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not monitored and not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class.</p>
  *          <p>For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access">Storage class for automatically optimizing frequently and infrequently accessed objects</a>.</p>
  *          <p>Operations related to
  *             <code>GetBucketIntelligentTieringConfiguration</code> include: </p>

package/dist-types/commands/GetBucketOwnershipControlsCommand.d.ts

@@ -9,9 +9,9 @@ export interface GetBucketOwnershipControlsCommandOutput extends GetBucketOwners
 /**
  * <p>Retrieves <code>OwnershipControls</code> for an Amazon S3 bucket. To use this operation, you
  *          must have the <code>s3:GetBucketOwnershipControls</code> permission. For more information
- *          about Amazon S3 permissions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html">Specifying
- *             Permissions in a Policy</a>. </p>
- *          <p>For information about Amazon S3 Object Ownership, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html">Using Object Ownership</a>. </p>
+ *          about Amazon S3 permissions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html">Specifying
+ *             permissions in a policy</a>. </p>
+ *          <p>For information about Amazon S3 Object Ownership, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html">Using Object Ownership</a>. </p>
  *          <p>The following operations are related to <code>GetBucketOwnershipControls</code>:</p>
  *          <ul>
  *             <li>

package/dist-types/commands/GetObjectAclCommand.d.ts

@@ -15,7 +15,13 @@ export interface GetObjectAclCommandOutput extends GetObjectAclOutput, __Metadat
  *          </p>
  *          <p>By default, GET returns ACL information about the current version of an object. To
  *          return ACL information about a different version, use the versionId subresource.</p>
- *
+ *          <note>
+ *             <p>If your bucket uses the bucket owner enforced setting for S3 Object Ownership,
+ *             requests to read ACLs are still supported and return the <code>bucket-owner-full-control</code>
+ *             ACL with the owner being the account that created the bucket. For more information, see
+ *             <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html">
+ *                Controlling object ownership and disabling ACLs</a> in the <i>Amazon S3 User Guide</i>.</p>
+ *          </note>
  *          <p>The following operations are related to <code>GetObjectAcl</code>:</p>
  *          <ul>
  *             <li>

package/dist-types/commands/GetObjectCommand.d.ts

@@ -91,13 +91,16 @@ export interface GetObjectCommandOutput extends GetObjectOutput, __MetadataBeare
  *          <note>
  *             <ul>
  *                <li>
- *                   <p>You need the <code>s3:GetObjectVersion</code> permission to access a specific version of an object.
- *             </p>
+ *                   <p>
+ *                     If you supply a <code>versionId</code>, you need the <code>s3:GetObjectVersion</code> permission to
+ *                     access a specific version of an object. If you request a specific version, you do not need to have
+ *                     the <code>s3:GetObject</code> permission.
+ *                 </p>
  *                </li>
  *                <li>
  *                   <p>If the current version of the object is a delete marker, Amazon S3 behaves as if the
- *             object was deleted and includes <code>x-amz-delete-marker: true</code> in the
- *             response.</p>
+ *                   object was deleted and includes <code>x-amz-delete-marker: true</code> in the
+ *                   response.</p>
  *                </li>
  *             </ul>
  *          </note>

package/dist-types/commands/ListBucketIntelligentTieringConfigurationsCommand.d.ts

@@ -8,8 +8,8 @@ export interface ListBucketIntelligentTieringConfigurationsCommandOutput extends
 }
 /**
  * <p>Lists the S3 Intelligent-Tiering configuration from the specified bucket.</p>
- *          <p>The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in two low latency and high throughput access tiers. For data that can be accessed asynchronously, you can choose to activate automatic archiving capabilities within the S3 Intelligent-Tiering storage class.</p>
- *          <p>The S3 Intelligent-Tiering storage class is  the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class.</p>
+ *          <p>The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in three low latency and high throughput access tiers. To get the lowest storage cost on data that can be accessed in minutes to hours, you can choose to activate additional archiving capabilities.</p>
+ *          <p>The S3 Intelligent-Tiering storage class is  the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not monitored and not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class.</p>
  *          <p>For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access">Storage class for automatically optimizing frequently and infrequently accessed objects</a>.</p>
  *          <p>Operations related to
  *             <code>ListBucketIntelligentTieringConfigurations</code> include: </p>

package/dist-types/commands/PutBucketAclCommand.d.ts

@@ -31,7 +31,13 @@ export interface PutBucketAclCommandOutput extends __MetadataBearer {
  *          that updates a bucket ACL using the request body, then you can continue to use that
  *          approach.</p>
  *
- *
+ *          <important>
+ *             <p>If your bucket uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions.
+ *             You must use policies to grant access to your bucket and the objects in it. Requests to set ACLs or update ACLs fail and
+ *             return the <code>AccessControlListNotSupported</code> error code. Requests to read ACLs are still supported.
+ *             For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html">Controlling object ownership</a>
+ *             in the <i>Amazon S3 User Guide</i>.</p>
+ *          </important>
  *          <p>
  *             <b>Access Permissions</b>
  *          </p>

package/dist-types/commands/PutBucketIntelligentTieringConfigurationCommand.d.ts

@@ -9,8 +9,8 @@ export interface PutBucketIntelligentTieringConfigurationCommandOutput extends _
 /**
  * <p>Puts a S3 Intelligent-Tiering configuration to the specified bucket.
  *       You can have up to 1,000 S3 Intelligent-Tiering configurations per bucket.</p>
- *          <p>The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in two low latency and high throughput access tiers. For data that can be accessed asynchronously, you can choose to activate automatic archiving capabilities within the S3 Intelligent-Tiering storage class.</p>
- *          <p>The S3 Intelligent-Tiering storage class is  the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class.</p>
+ *          <p>The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without performance impact or operational overhead. S3 Intelligent-Tiering delivers automatic cost savings in three low latency and high throughput access tiers. To get the lowest storage cost on data that can be accessed in minutes to hours, you can choose to activate additional archiving capabilities.</p>
+ *          <p>The S3 Intelligent-Tiering storage class is  the ideal storage class for data with unknown, changing, or unpredictable access patterns, independent of object size or retention period. If the size of an object is less than 128 KB, it is not monitored and not eligible for auto-tiering. Smaller objects can be stored, but they are always charged at the Frequent Access tier rates in the S3 Intelligent-Tiering storage class.</p>
  *          <p>For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access">Storage class for automatically optimizing frequently and infrequently accessed objects</a>.</p>
  *          <p>Operations related to
  *             <code>PutBucketIntelligentTieringConfiguration</code> include: </p>

package/dist-types/commands/PutBucketLoggingCommand.d.ts

@@ -11,10 +11,15 @@ export interface PutBucketLoggingCommandOutput extends __MetadataBearer {
  *          modify the logging parameters. All logs are saved to buckets in the same Amazon Web Services Region as the
  *          source bucket. To set the logging status of a bucket, you must be the bucket owner.</p>
  *
- *          <p>The bucket owner is automatically granted FULL_CONTROL to all logs. You use the
- *             <code>Grantee</code> request element to grant access to other people. The
+ *          <p>The bucket owner is automatically granted FULL_CONTROL to all logs. You use the <code>Grantee</code> request element to grant access to other people. The
  *             <code>Permissions</code> request element specifies the kind of access the grantee has to
  *          the logs.</p>
+ *          <important>
+ *             <p>If the target bucket for log delivery uses the bucket owner enforced
+ *             setting for S3 Object Ownership, you can't use the <code>Grantee</code> request element
+ *             to grant access to others. Permissions can only be granted using policies. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general">Permissions for server access log delivery</a> in the
+ *                <i>Amazon S3 User Guide</i>.</p>
+ *          </important>
  *
  *          <p>
  *             <b>Grantee Values</b>
@@ -59,7 +64,7 @@ export interface PutBucketLoggingCommandOutput extends __MetadataBearer {
  *             /></code>
  *          </p>
  *
- *          <p>For more information about server access logging, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html">Server Access Logging</a>. </p>
+ *          <p>For more information about server access logging, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html">Server Access Logging</a> in the <i>Amazon S3 User Guide</i>. </p>
  *
  *          <p>For more information about creating a bucket, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html">CreateBucket</a>. For more
  *          information about returning the logging status of a bucket, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html">GetBucketLogging</a>.</p>

package/dist-types/commands/PutBucketOwnershipControlsCommand.d.ts

@@ -9,8 +9,8 @@ export interface PutBucketOwnershipControlsCommandOutput extends __MetadataBeare
 /**
  * <p>Creates or modifies <code>OwnershipControls</code> for an Amazon S3 bucket. To use this
  *          operation, you must have the <code>s3:PutBucketOwnershipControls</code> permission. For
- *          more information about Amazon S3 permissions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html">Specifying Permissions in a Policy</a>. </p>
- *          <p>For information about Amazon S3 Object Ownership, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html">Using Object Ownership</a>. </p>
+ *          more information about Amazon S3 permissions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/user-guide/using-with-s3-actions.html">Specifying permissions in a policy</a>. </p>
+ *          <p>For information about Amazon S3 Object Ownership, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/user-guide/about-object-ownership.html">Using object ownership</a>. </p>
  *          <p>The following operations are related to <code>PutBucketOwnershipControls</code>:</p>
  *          <ul>
  *             <li>

package/dist-types/commands/PutObjectAclCommand.d.ts

@@ -16,8 +16,13 @@ export interface PutObjectAclCommandOutput extends PutObjectAclOutput, __Metadat
  *          the ACL on an object using either the request body or the headers. For example, if you have
  *          an existing application that updates a bucket ACL using the request body, you can continue
  *          to use that approach. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html">Access Control List (ACL) Overview</a> in the <i>Amazon S3 User Guide</i>.</p>
- *
- *
+ *          <important>
+ *             <p>If your bucket uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions.
+ *             You must use policies to grant access to your bucket and the objects in it. Requests to set ACLs or update ACLs fail and
+ *             return the <code>AccessControlListNotSupported</code> error code. Requests to read ACLs are still supported.
+ *             For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html">Controlling object ownership</a>
+ *             in the <i>Amazon S3 User Guide</i>.</p>
+ *          </important>
  *
  *          <p>
  *             <b>Access Permissions</b>

package/dist-types/commands/PutObjectCommand.d.ts

@@ -52,7 +52,6 @@ export interface PutObjectCommandOutput extends PutObjectOutput, __MetadataBeare
  *                </li>
  *             </ul>
  *          </note>
- *
  *          <p>
  *             <b>Server-side Encryption</b>
  *          </p>
@@ -74,7 +73,20 @@ export interface PutObjectCommandOutput extends PutObjectOutput, __MetadataBeare
  *          permissions are then added to the ACL on the object. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html">Access Control List
  *             (ACL) Overview</a> and <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html">Managing ACLs Using the REST
  *             API</a>. </p>
- *
+ *          <p>If the bucket that you're uploading objects to uses the bucket owner enforced setting
+ *          for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that
+ *          use this setting only accept PUT requests that don't specify an ACL or PUT requests that
+ *          specify bucket owner full control ACLs, such as the <code>bucket-owner-full-control</code> canned
+ *          ACL or an equivalent form of this ACL expressed in the XML format. PUT requests that contain other
+ *          ACLs (for example, custom grants to certain Amazon Web Services accounts) fail and return a
+ *             <code>400</code> error with the error code
+ *          <code>AccessControlListNotSupported</code>.</p>
+ *          <p>For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html"> Controlling ownership of
+ *          objects and disabling ACLs</a> in the <i>Amazon S3 User Guide</i>.</p>
+ *          <note>
+ *             <p>If your bucket uses the bucket owner enforced setting for Object Ownership,
+ *             all objects written to the bucket by any account will be owned by the bucket owner.</p>
+ *          </note>
  *          <p>
  *             <b>Storage Class Options</b>
  *          </p>

package/dist-types/models/models_0.d.ts

@@ -326,6 +326,8 @@ export declare namespace CompletedPart {
 export interface CompletedMultipartUpload {
     /**
      * <p>Array of CompletedPart data types.</p>
+     *          <p>If you do not supply a valid <code>Part</code> with your request, the service sends back an HTTP
+     *          400 response.</p>
      */
     Parts?: CompletedPart[];
 }
@@ -457,7 +459,7 @@ export declare type ObjectCannedACL = "authenticated-read" | "aws-exec-read" | "
 export declare type MetadataDirective = "COPY" | "REPLACE";
 export declare type ObjectLockLegalHoldStatus = "OFF" | "ON";
 export declare type ObjectLockMode = "COMPLIANCE" | "GOVERNANCE";
-export declare type StorageClass = "DEEP_ARCHIVE" | "GLACIER" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "OUTPOSTS" | "REDUCED_REDUNDANCY" | "STANDARD" | "STANDARD_IA";
+export declare type StorageClass = "DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "OUTPOSTS" | "REDUCED_REDUNDANCY" | "STANDARD" | "STANDARD_IA";
 export declare type TaggingDirective = "COPY" | "REPLACE";
 export interface CopyObjectRequest {
     /**
@@ -774,6 +776,7 @@ export declare namespace CreateBucketConfiguration {
      */
     const filterSensitiveLog: (obj: CreateBucketConfiguration) => any;
 }
+export declare type ObjectOwnership = "BucketOwnerEnforced" | "BucketOwnerPreferred" | "ObjectWriter";
 export interface CreateBucketRequest {
     /**
      * <p>The canned ACL to apply to the bucket.</p>
@@ -813,6 +816,20 @@ export interface CreateBucketRequest {
      * <p>Specifies whether you want S3 Object Lock to be enabled for the new bucket.</p>
      */
     ObjectLockEnabledForBucket?: boolean;
+    /**
+     * <p>The container element for object ownership for a bucket's ownership controls.</p>
+     *          <p>BucketOwnerPreferred - Objects uploaded to the bucket change ownership to the bucket
+     *          owner if the objects are uploaded with the <code>bucket-owner-full-control</code> canned
+     *          ACL.</p>
+     *          <p>ObjectWriter - The uploading account will own the object if the object is uploaded with
+     *          the <code>bucket-owner-full-control</code> canned ACL.</p>
+     *          <p>BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer affect permissions.
+     *          The bucket owner automatically owns and has full control over every object in the bucket. The bucket only
+     *          accepts PUT requests that don't specify an ACL or bucket owner full control
+     *          ACLs, such as the <code>bucket-owner-full-control</code> canned
+     *          ACL or an equivalent form of this ACL expressed in the XML format.</p>
+     */
+    ObjectOwnership?: ObjectOwnership | string;
 }
 export declare namespace CreateBucketRequest {
     /**
@@ -4362,6 +4379,14 @@ export interface LifecycleRuleAndOperator {
      *          apply.</p>
      */
     Tags?: Tag[];
+    /**
+     * <p>Minimum object size to which the rule applies.</p>
+     */
+    ObjectSizeGreaterThan?: number;
+    /**
+     * <p>Maximum object size to which the rule applies.</p>
+     */
+    ObjectSizeLessThan?: number;
 }
 export declare namespace LifecycleRuleAndOperator {
     /**
@@ -4374,7 +4399,7 @@ export declare namespace LifecycleRuleAndOperator {
  *             <code>Filter</code> must have exactly one of <code>Prefix</code>, <code>Tag</code>, or
  *             <code>And</code> specified.</p>
  */
-export declare type LifecycleRuleFilter = LifecycleRuleFilter.AndMember | LifecycleRuleFilter.PrefixMember | LifecycleRuleFilter.TagMember | LifecycleRuleFilter.$UnknownMember;
+export declare type LifecycleRuleFilter = LifecycleRuleFilter.AndMember | LifecycleRuleFilter.ObjectSizeGreaterThanMember | LifecycleRuleFilter.ObjectSizeLessThanMember | LifecycleRuleFilter.PrefixMember | LifecycleRuleFilter.TagMember | LifecycleRuleFilter.$UnknownMember;
 export declare namespace LifecycleRuleFilter {
     /**
      * <p>Prefix identifying one or more objects to which the rule applies.</p>
@@ -4387,6 +4412,8 @@ export declare namespace LifecycleRuleFilter {
     interface PrefixMember {
         Prefix: string;
         Tag?: never;
+        ObjectSizeGreaterThan?: never;
+        ObjectSizeLessThan?: never;
         And?: never;
         $unknown?: never;
     }
@@ -4396,6 +4423,30 @@ export declare namespace LifecycleRuleFilter {
     interface TagMember {
         Prefix?: never;
         Tag: Tag;
+        ObjectSizeGreaterThan?: never;
+        ObjectSizeLessThan?: never;
+        And?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Minimum object size to which the rule applies.</p>
+     */
+    interface ObjectSizeGreaterThanMember {
+        Prefix?: never;
+        Tag?: never;
+        ObjectSizeGreaterThan: number;
+        ObjectSizeLessThan?: never;
+        And?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Maximum object size to which the rule applies.</p>
+     */
+    interface ObjectSizeLessThanMember {
+        Prefix?: never;
+        Tag?: never;
+        ObjectSizeGreaterThan?: never;
+        ObjectSizeLessThan: number;
         And?: never;
         $unknown?: never;
     }
@@ -4407,18 +4458,24 @@ export declare namespace LifecycleRuleFilter {
     interface AndMember {
         Prefix?: never;
         Tag?: never;
+        ObjectSizeGreaterThan?: never;
+        ObjectSizeLessThan?: never;
         And: LifecycleRuleAndOperator;
         $unknown?: never;
     }
     interface $UnknownMember {
         Prefix?: never;
         Tag?: never;
+        ObjectSizeGreaterThan?: never;
+        ObjectSizeLessThan?: never;
         And?: never;
         $unknown: [string, any];
     }
     interface Visitor<T> {
         Prefix: (value: string) => T;
         Tag: (value: Tag) => T;
+        ObjectSizeGreaterThan: (value: number) => T;
+        ObjectSizeLessThan: (value: number) => T;
         And: (value: LifecycleRuleAndOperator) => T;
         _: (name: string, value: any) => T;
     }
@@ -4441,6 +4498,13 @@ export interface NoncurrentVersionExpiration {
      *             Amazon S3 Calculates When an Object Became Noncurrent</a> in the <i>Amazon S3 User Guide</i>.</p>
      */
     NoncurrentDays?: number;
+    /**
+     * <p>Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent
+     *          noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent
+     *          versions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html">Lifecycle configuration elements</a>
+     *          in the <i>Amazon S3 User Guide</i>.</p>
+     */
+    NewerNoncurrentVersions?: number;
 }
 export declare namespace NoncurrentVersionExpiration {
     /**
@@ -4448,14 +4512,14 @@ export declare namespace NoncurrentVersionExpiration {
      */
     const filterSensitiveLog: (obj: NoncurrentVersionExpiration) => any;
 }
-export declare type TransitionStorageClass = "DEEP_ARCHIVE" | "GLACIER" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA";
+export declare type TransitionStorageClass = "DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA";
 /**
  * <p>Container for the transition rule that describes when noncurrent objects transition to
  *          the <code>STANDARD_IA</code>, <code>ONEZONE_IA</code>, <code>INTELLIGENT_TIERING</code>,
- *             <code>GLACIER</code>, or <code>DEEP_ARCHIVE</code> storage class. If your bucket is
+ *           <code>GLACIER_IR</code>, <code>GLACIER</code>, or <code>DEEP_ARCHIVE</code> storage class. If your bucket is
  *          versioning-enabled (or versioning is suspended), you can set this action to request that
  *          Amazon S3 transition noncurrent object versions to the <code>STANDARD_IA</code>,
- *             <code>ONEZONE_IA</code>, <code>INTELLIGENT_TIERING</code>, <code>GLACIER</code>, or
+ *             <code>ONEZONE_IA</code>, <code>INTELLIGENT_TIERING</code>, <code>GLACIER_IR</code>, <code>GLACIER</code>, or
  *             <code>DEEP_ARCHIVE</code> storage class at a specific period in the object's
  *          lifetime.</p>
  */
@@ -4471,6 +4535,13 @@ export interface NoncurrentVersionTransition {
      * <p>The class of storage used to store the object.</p>
      */
     StorageClass?: TransitionStorageClass | string;
+    /**
+     * <p>Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent
+     *          noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent
+     *          versions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html">Lifecycle configuration elements</a>
+     *          in the <i>Amazon S3 User Guide</i>.</p>
+     */
+    NewerNoncurrentVersions?: number;
 }
 export declare namespace NoncurrentVersionTransition {
     /**
@@ -4642,6 +4713,9 @@ export declare namespace GetBucketLocationRequest {
 export declare type BucketLogsPermission = "FULL_CONTROL" | "READ" | "WRITE";
 /**
  * <p>Container for granting information.</p>
+ *          <p>Buckets that use the bucket owner enforced setting for Object
+ *          Ownership don't support target grants. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general">Permissions server access log delivery</a> in the
+ *          <i>Amazon S3 User Guide</i>.</p>
  */
 export interface TargetGrant {
     /**
@@ -4675,6 +4749,9 @@ export interface LoggingEnabled {
     TargetBucket: string | undefined;
     /**
      * <p>Container for granting information.</p>
+     *          <p>Buckets that use the bucket owner enforced setting for Object
+     *             Ownership don't support target grants. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general">Permissions for server access log delivery</a> in the
+     *             <i>Amazon S3 User Guide</i>.</p>
      */
     TargetGrants?: TargetGrant[];
     /**
@@ -4893,7 +4970,18 @@ export declare namespace GetBucketNotificationConfigurationRequest {
      */
     const filterSensitiveLog: (obj: GetBucketNotificationConfigurationRequest) => any;
 }
-export declare type Event = "s3:ObjectCreated:*" | "s3:ObjectCreated:CompleteMultipartUpload" | "s3:ObjectCreated:Copy" | "s3:ObjectCreated:Post" | "s3:ObjectCreated:Put" | "s3:ObjectRemoved:*" | "s3:ObjectRemoved:Delete" | "s3:ObjectRemoved:DeleteMarkerCreated" | "s3:ObjectRestore:*" | "s3:ObjectRestore:Completed" | "s3:ObjectRestore:Post" | "s3:ReducedRedundancyLostObject" | "s3:Replication:*" | "s3:Replication:OperationFailedReplication" | "s3:Replication:OperationMissedThreshold" | "s3:Replication:OperationNotTracked" | "s3:Replication:OperationReplicatedAfterThreshold";
+/**
+ * <p>A container for specifying the configuration for Amazon EventBridge.</p>
+ */
+export interface EventBridgeConfiguration {
+}
+export declare namespace EventBridgeConfiguration {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: EventBridgeConfiguration) => any;
+}
+export declare type Event = "s3:IntelligentTiering" | "s3:LifecycleExpiration:*" | "s3:LifecycleExpiration:Delete" | "s3:LifecycleExpiration:DeleteMarkerCreated" | "s3:LifecycleTransition" | "s3:ObjectAcl:Put" | "s3:ObjectCreated:*" | "s3:ObjectCreated:CompleteMultipartUpload" | "s3:ObjectCreated:Copy" | "s3:ObjectCreated:Post" | "s3:ObjectCreated:Put" | "s3:ObjectRemoved:*" | "s3:ObjectRemoved:Delete" | "s3:ObjectRemoved:DeleteMarkerCreated" | "s3:ObjectRestore:*" | "s3:ObjectRestore:Completed" | "s3:ObjectRestore:Delete" | "s3:ObjectRestore:Post" | "s3:ObjectTagging:*" | "s3:ObjectTagging:Delete" | "s3:ObjectTagging:Put" | "s3:ReducedRedundancyLostObject" | "s3:Replication:*" | "s3:Replication:OperationFailedReplication" | "s3:Replication:OperationMissedThreshold" | "s3:Replication:OperationNotTracked" | "s3:Replication:OperationReplicatedAfterThreshold";
 export declare type FilterRuleName = "prefix" | "suffix";
 /**
  * <p>Specifies the Amazon S3 object key name to filter on and whether to filter on the suffix or
@@ -5070,6 +5158,10 @@ export interface NotificationConfiguration {
      *          them.</p>
      */
     LambdaFunctionConfigurations?: LambdaFunctionConfiguration[];
+    /**
+     * <p>Enables delivery of events to Amazon EventBridge.</p>
+     */
+    EventBridgeConfiguration?: EventBridgeConfiguration;
 }
 export declare namespace NotificationConfiguration {
     /**
@@ -5077,7 +5169,6 @@ export declare namespace NotificationConfiguration {
      */
     const filterSensitiveLog: (obj: NotificationConfiguration) => any;
 }
-export declare type ObjectOwnership = "BucketOwnerPreferred" | "ObjectWriter";
 /**
  * <p>The container element for an ownership control rule.</p>
  */
@@ -5089,6 +5180,11 @@ export interface OwnershipControlsRule {
      *          ACL.</p>
      *          <p>ObjectWriter - The uploading account will own the object if the object is uploaded with
      *          the <code>bucket-owner-full-control</code> canned ACL.</p>
+     *          <p>BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer affect permissions.
+     *          The bucket owner automatically owns and has full control over every object in the bucket. The bucket only
+     *          accepts PUT requests that don't specify an ACL or bucket owner full control
+     *          ACLs, such as the <code>bucket-owner-full-control</code> canned
+     *          ACL or an equivalent form of this ACL expressed in the XML format.</p>
      */
     ObjectOwnership: ObjectOwnership | string | undefined;
 }
@@ -5115,7 +5211,7 @@ export declare namespace OwnershipControls {
 }
 export interface GetBucketOwnershipControlsOutput {
     /**
-     * <p>The <code>OwnershipControls</code> (BucketOwnerPreferred or ObjectWriter) currently in
+     * <p>The <code>OwnershipControls</code> (BucketOwnerEnforced, BucketOwnerPreferred, or ObjectWriter) currently in
      *          effect for this Amazon S3 bucket.</p>
      */
     OwnershipControls?: OwnershipControls;
@@ -7620,7 +7716,7 @@ export declare namespace ListMultipartUploadsRequest {
      */
     const filterSensitiveLog: (obj: ListMultipartUploadsRequest) => any;
 }
-export declare type ObjectStorageClass = "DEEP_ARCHIVE" | "GLACIER" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "OUTPOSTS" | "REDUCED_REDUNDANCY" | "STANDARD" | "STANDARD_IA";
+export declare type ObjectStorageClass = "DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "OUTPOSTS" | "REDUCED_REDUNDANCY" | "STANDARD" | "STANDARD_IA";
 /**
  * <p>An object consists of data and its descriptive metadata.</p>
  */
@@ -8700,6 +8796,10 @@ export interface PutBucketNotificationConfigurationRequest {
      * <p>The account ID of the expected bucket owner. If the bucket is owned by a different account, the request will fail with an HTTP <code>403 (Access Denied)</code> error.</p>
      */
     ExpectedBucketOwner?: string;
+    /**
+     * <p>Skips validation of Amazon SQS, Amazon SNS, and Lambda destinations. True or false value.</p>
+     */
+    SkipDestinationValidation?: boolean;
 }
 export declare namespace PutBucketNotificationConfigurationRequest {
     /**
@@ -8724,7 +8824,7 @@ export interface PutBucketOwnershipControlsRequest {
      */
     ExpectedBucketOwner?: string;
     /**
-     * <p>The <code>OwnershipControls</code> (BucketOwnerPreferred or ObjectWriter) that you want
+     * <p>The <code>OwnershipControls</code> (BucketOwnerEnforced, BucketOwnerPreferred, or ObjectWriter) that you want
      *          to apply to this Amazon S3 bucket.</p>
      */
     OwnershipControls: OwnershipControls | undefined;
@@ -9660,18 +9760,3 @@ export declare namespace RestoreObjectOutput {
     const filterSensitiveLog: (obj: RestoreObjectOutput) => any;
 }
 export declare type Tier = "Bulk" | "Expedited" | "Standard";
-/**
- * <p>Container for S3 Glacier job parameters.</p>
- */
-export interface GlacierJobParameters {
-    /**
-     * <p>Retrieval tier at which the restore will be processed.</p>
-     */
-    Tier: Tier | string | undefined;
-}
-export declare namespace GlacierJobParameters {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: GlacierJobParameters) => any;
-}