npm - @horietakehiro/aws-cdk-utul - Versions diffs - 0.10.2 → 0.11.3 - Mend

@horietakehiro/aws-cdk-utul 0.10.2 → 0.11.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (199) hide show

package/lib/types/cfn-resource-types/aws-s3-bucket.d.ts CHANGED Viewed

@@ -15,12 +15,7 @@ export type TargetObjectKeyFormat = ({
  *   You can only delete empty buckets. Deletion fails for buckets that have contents.
  */
 export interface _AWS_S3_BUCKET {
-    /**
-     * Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*.
-     */
-    InventoryConfigurations?: InventoryConfiguration[];
-    WebsiteConfiguration?: WebsiteConfiguration;
-    DualStackDomainName?: string;
+    AccelerateConfiguration?: AccelerateConfiguration;
     /**
      * This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*.
      *   A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide*.
@@ -32,355 +27,481 @@ export interface _AWS_S3_BUCKET {
      * Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
      */
     AnalyticsConfigurations?: AnalyticsConfiguration[];
-    AccelerateConfiguration?: AccelerateConfiguration;
-    PublicAccessBlockConfiguration?: PublicAccessBlockConfiguration;
+    BucketEncryption?: BucketEncryption;
     /**
      * A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) in the *Amazon S3 User Guide*.
      *   If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.
      */
     BucketName?: string;
-    RegionalDomainName?: string;
-    OwnershipControls?: OwnershipControls;
+    CorsConfiguration?: CorsConfiguration;
+    /**
+     * Defines how Amazon S3 handles Intelligent-Tiering storage.
+     */
+    IntelligentTieringConfigurations?: IntelligentTieringConfiguration[];
+    /**
+     * Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*.
+     */
+    InventoryConfigurations?: InventoryConfiguration[];
+    LifecycleConfiguration?: LifecycleConfiguration;
+    LoggingConfiguration?: LoggingConfiguration;
+    /**
+     * Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html).
+     */
+    MetricsConfigurations?: MetricsConfiguration[];
+    NotificationConfiguration?: NotificationConfiguration;
     ObjectLockConfiguration?: ObjectLockConfiguration;
     /**
      * Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket.
      */
     ObjectLockEnabled?: boolean;
-    LoggingConfiguration?: LoggingConfiguration;
+    OwnershipControls?: OwnershipControls;
+    PublicAccessBlockConfiguration?: PublicAccessBlockConfiguration;
     ReplicationConfiguration?: ReplicationConfiguration;
     /**
      * An arbitrary set of tags (key-value pairs) for this S3 bucket.
      */
     Tags?: Tag[];
+    VersioningConfiguration?: VersioningConfiguration;
+    WebsiteConfiguration?: WebsiteConfiguration;
+    Arn?: string;
     DomainName?: string;
-    BucketEncryption?: BucketEncryption;
+    DualStackDomainName?: string;
+    RegionalDomainName?: string;
     WebsiteURL?: string;
-    NotificationConfiguration?: NotificationConfiguration;
-    LifecycleConfiguration?: LifecycleConfiguration;
-    VersioningConfiguration?: VersioningConfiguration;
-    /**
-     * Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html).
-     */
-    MetricsConfigurations?: MetricsConfiguration[];
+}
+/**
+ * Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*.
+ */
+export interface AccelerateConfiguration {
     /**
-     * Defines how Amazon S3 handles Intelligent-Tiering storage.
+     * Specifies the transfer acceleration status of the bucket.
      */
-    IntelligentTieringConfigurations?: IntelligentTieringConfiguration[];
-    CorsConfiguration?: CorsConfiguration;
-    Arn?: string;
+    AccelerationStatus: ("Enabled" | "Suspended");
 }
 /**
- * Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*.
+ * Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
  */
-export interface InventoryConfiguration {
-    Destination: Destination;
+export interface AnalyticsConfiguration {
     /**
-     * Contains the optional fields that are included in the inventory results.
+     * The tags to use when evaluating an analytics filter.
+     *  The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
      */
-    OptionalFields?: ("Size" | "LastModifiedDate" | "StorageClass" | "ETag" | "IsMultipartUploaded" | "ReplicationStatus" | "EncryptionStatus" | "ObjectLockRetainUntilDate" | "ObjectLockMode" | "ObjectLockLegalHoldStatus" | "IntelligentTieringAccessTier" | "BucketKeyStatus" | "ChecksumAlgorithm" | "ObjectAccessControlList" | "ObjectOwner")[];
+    TagFilters?: TagFilter[];
+    StorageClassAnalysis: StorageClassAnalysis;
     /**
-     * Object versions to include in the inventory list. If set to ``All``, the list includes all the object versions, which adds the version-related fields ``VersionId``, ``IsLatest``, and ``DeleteMarker`` to the list. If set to ``Current``, the list does not contain these version-related fields.
+     * The ID that identifies the analytics configuration.
      */
-    IncludedObjectVersions: ("All" | "Current");
+    Id: string;
     /**
-     * Specifies whether the inventory is enabled or disabled. If set to ``True``, an inventory list is generated. If set to ``False``, no inventory list is generated.
+     * The prefix that an object must have to be included in the analytics results.
      */
-    Enabled: boolean;
+    Prefix?: string;
+}
+/**
+ * Specifies tags to use to identify a subset of objects for an Amazon S3 bucket.
+ */
+export interface TagFilter {
     /**
-     * The ID used to identify the inventory configuration.
+     * The tag value.
      */
-    Id: string;
+    Value: string;
     /**
-     * Specifies the inventory filter prefix.
+     * The tag key.
      */
-    Prefix?: string;
+    Key: string;
+}
+/**
+ * Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
+ */
+export interface StorageClassAnalysis {
+    DataExport?: DataExport;
+}
+/**
+ * Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.
+ */
+export interface DataExport {
+    Destination: Destination;
     /**
-     * Specifies the schedule for generating inventory results.
+     * The version of the output schema to use when exporting data. Must be ``V_1``.
      */
-    ScheduleFrequency: ("Daily" | "Weekly");
+    OutputSchemaVersion: "V_1";
 }
 /**
- * Contains information about where to publish the inventory results.
+ * The place to store the data for an analysis.
  */
 export interface Destination {
     /**
      * The Amazon Resource Name (ARN) of the bucket to which data is exported.
      */
     BucketArn: string;
-    /**
-     * Specifies the file format used when exporting data to Amazon S3.
-     *   *Allowed values*: ``CSV`` | ``ORC`` | ``Parquet``
-     */
-    Format: ("CSV" | "ORC" | "Parquet");
     /**
      * The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.
      *    Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
      */
     BucketAccountId?: string;
+    /**
+     * Specifies the file format used when exporting data to Amazon S3.
+     *   *Allowed values*: ``CSV`` | ``ORC`` | ``Parquet``
+     */
+    Format: ("CSV" | "ORC" | "Parquet");
     /**
      * The prefix to use when exporting data. The prefix is prepended to all results.
      */
     Prefix?: string;
 }
 /**
- * Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html).
+ * Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*.
  */
-export interface WebsiteConfiguration {
-    /**
-     * The name of the index document for the website.
-     */
-    IndexDocument?: string;
-    RedirectAllRequestsTo?: RedirectAllRequestsTo;
+export interface BucketEncryption {
     /**
-     * Rules that define when a redirect is applied and the redirect behavior.
+     * Specifies the default server-side-encryption configuration.
      */
-    RoutingRules?: RoutingRule[];
+    ServerSideEncryptionConfiguration: ServerSideEncryptionRule[];
+}
+/**
+ * Specifies the default server-side encryption configuration.
+ *    +   *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner.
+ *   +   *Directory buckets* - When you specify an [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported.
+ */
+export interface ServerSideEncryptionRule {
     /**
-     * The name of the error document for the website.
+     * Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ``BucketKeyEnabled`` element to ``true`` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.
+     *  For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*.
      */
-    ErrorDocument?: string;
+    BucketKeyEnabled?: boolean;
+    ServerSideEncryptionByDefault?: ServerSideEncryptionByDefault;
 }
 /**
- * The redirect behavior for every request to this bucket's website endpoint.
- *   If you specify this property, you can't specify any other property.
+ * Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.
  */
-export interface RedirectAllRequestsTo {
+export interface ServerSideEncryptionByDefault {
     /**
-     * Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
+     * AWS Key Management Service (KMS) customer managed key ID to use for the default encryption.
+     *    +   *General purpose buckets* - This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``.
+     *   +   *Directory buckets* - This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms``.
+     *
+     *   You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.
+     *   +  Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab``
+     *   +  Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab``
+     *   +  Key Alias: ``alias/alias-name``
+     *
+     *  If you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).
+     *    +   *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.
+     *   +   *Directory buckets* - When you specify an [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported.
+     *
+     *    Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.
      */
-    Protocol?: ("http" | "https");
+    KMSMasterKeyID?: string;
     /**
-     * Name of the host where requests are redirected.
+     * Server-side encryption algorithm to use for the default encryption.
+     *   For directory buckets, there are only two supported values for server-side encryption: ``AES256`` and ``aws:kms``.
      */
-    HostName: string;
+    SSEAlgorithm: ("aws:kms" | "AES256" | "aws:kms:dsse");
 }
 /**
- * Specifies the redirect behavior and when a redirect is applied. For more information about routing rules, see [Configuring advanced conditional redirects](https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects) in the *Amazon S3 User Guide*.
+ * Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*.
  */
-export interface RoutingRule {
-    RedirectRule: RedirectRule;
-    RoutingRuleCondition?: RoutingRuleCondition;
+export interface CorsConfiguration {
+    /**
+     * A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
+     */
+    CorsRules: CorsRule[];
 }
 /**
- * Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
+ * Specifies a cross-origin access rule for an Amazon S3 bucket.
  */
-export interface RedirectRule {
+export interface CorsRule {
     /**
-     * The specific object key to use in the redirect request. For example, redirect request to ``error.html``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyPrefixWith`` is not provided.
-     *   Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).
+     * Headers that are specified in the ``Access-Control-Request-Headers`` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.
      */
-    ReplaceKeyWith?: string;
+    AllowedHeaders?: string[];
     /**
-     * The HTTP redirect code to use on the response. Not required if one of the siblings is present.
+     * An HTTP method that you allow the origin to run.
+     *   *Allowed values*: ``GET`` | ``PUT`` | ``HEAD`` | ``POST`` | ``DELETE``
      */
-    HttpRedirectCode?: string;
+    AllowedMethods: ("GET" | "PUT" | "HEAD" | "POST" | "DELETE")[];
     /**
-     * Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
+     * One or more origins you want customers to be able to access the bucket from.
      */
-    Protocol?: ("http" | "https");
+    AllowedOrigins: string[];
     /**
-     * The host name to use in the redirect request.
+     * One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript ``XMLHttpRequest`` object).
      */
-    HostName?: string;
+    ExposedHeaders?: string[];
     /**
-     * The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix ``docs/`` (objects in the ``docs/`` folder) to ``documents/``, you can set a condition block with ``KeyPrefixEquals`` set to ``docs/`` and in the Redirect set ``ReplaceKeyPrefixWith`` to ``/documents``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyWith`` is not provided.
-     *   Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).
+     * A unique identifier for this rule. The value must be no more than 255 characters.
      */
-    ReplaceKeyPrefixWith?: string;
+    Id?: string;
+    /**
+     * The time in seconds that your browser is to cache the preflight response for the specified resource.
+     */
+    MaxAge?: number;
 }
 /**
- * A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
+ * Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket.
+ *  For information about the S3 Intelligent-Tiering storage class, see [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access).
  */
-export interface RoutingRuleCondition {
+export interface IntelligentTieringConfiguration {
     /**
-     * The object key name prefix when the redirect is applied. For example, to redirect requests for ``ExamplePage.html``, the key prefix will be ``ExamplePage.html``. To redirect request for all pages with the prefix ``docs/``, the key prefix will be ``/docs``, which identifies all objects in the docs/ folder.
-     *  Required when the parent element ``Condition`` is specified and sibling ``HttpErrorCodeReturnedEquals`` is not specified. If both conditions are specified, both must be true for the redirect to be applied.
+     * The ID used to identify the S3 Intelligent-Tiering configuration.
      */
-    KeyPrefixEquals?: string;
+    Id: string;
     /**
-     * The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.
-     *  Required when parent element ``Condition`` is specified and sibling ``KeyPrefixEquals`` is not specified. If both are specified, then both must be true for the redirect to be applied.
+     * An object key name prefix that identifies the subset of objects to which the rule applies.
      */
-    HttpErrorCodeReturnedEquals?: string;
-}
-/**
- * Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.
- */
-export interface AnalyticsConfiguration {
-    StorageClassAnalysis: StorageClassAnalysis;
+    Prefix?: string;
     /**
-     * The tags to use when evaluating an analytics filter.
-     *  The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.
+     * Specifies the status of the configuration.
      */
-    TagFilters?: TagFilter[];
+    Status: ("Disabled" | "Enabled");
     /**
-     * The ID that identifies the analytics configuration.
+     * A container for a key-value pair.
      */
-    Id: string;
+    TagFilters?: TagFilter[];
     /**
-     * The prefix that an object must have to be included in the analytics results.
+     * Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ``ARCHIVE_ACCESS`` and ``DEEP_ARCHIVE_ACCESS``.
+     *   You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.
      */
-    Prefix?: string;
+    Tierings: Tiering[];
 }
 /**
- * Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.
+ * The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without additional operational overhead.
  */
-export interface StorageClassAnalysis {
-    DataExport?: DataExport;
+export interface Tiering {
+    /**
+     * S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.
+     */
+    AccessTier: ("ARCHIVE_ACCESS" | "DEEP_ARCHIVE_ACCESS");
+    /**
+     * The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).
+     */
+    Days: number;
 }
 /**
- * Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.
+ * Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*.
  */
-export interface DataExport {
+export interface InventoryConfiguration {
     Destination: Destination1;
     /**
-     * The version of the output schema to use when exporting data. Must be ``V_1``.
+     * Specifies whether the inventory is enabled or disabled. If set to ``True``, an inventory list is generated. If set to ``False``, no inventory list is generated.
      */
-    OutputSchemaVersion: "V_1";
-}
-/**
- * The place to store the data for an analysis.
+    Enabled: boolean;
+    /**
+     * The ID used to identify the inventory configuration.
+     */
+    Id: string;
+    /**
+     * Object versions to include in the inventory list. If set to ``All``, the list includes all the object versions, which adds the version-related fields ``VersionId``, ``IsLatest``, and ``DeleteMarker`` to the list. If set to ``Current``, the list does not contain these version-related fields.
+     */
+    IncludedObjectVersions: ("All" | "Current");
+    /**
+     * Contains the optional fields that are included in the inventory results.
+     */
+    OptionalFields?: ("Size" | "LastModifiedDate" | "StorageClass" | "ETag" | "IsMultipartUploaded" | "ReplicationStatus" | "EncryptionStatus" | "ObjectLockRetainUntilDate" | "ObjectLockMode" | "ObjectLockLegalHoldStatus" | "IntelligentTieringAccessTier" | "BucketKeyStatus" | "ChecksumAlgorithm" | "ObjectAccessControlList" | "ObjectOwner")[];
+    /**
+     * Specifies the inventory filter prefix.
+     */
+    Prefix?: string;
+    /**
+     * Specifies the schedule for generating inventory results.
+     */
+    ScheduleFrequency: ("Daily" | "Weekly");
+}
+/**
+ * Contains information about where to publish the inventory results.
  */
 export interface Destination1 {
     /**
      * The Amazon Resource Name (ARN) of the bucket to which data is exported.
      */
     BucketArn: string;
-    /**
-     * Specifies the file format used when exporting data to Amazon S3.
-     *   *Allowed values*: ``CSV`` | ``ORC`` | ``Parquet``
-     */
-    Format: ("CSV" | "ORC" | "Parquet");
     /**
      * The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.
      *    Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.
      */
     BucketAccountId?: string;
+    /**
+     * Specifies the file format used when exporting data to Amazon S3.
+     *   *Allowed values*: ``CSV`` | ``ORC`` | ``Parquet``
+     */
+    Format: ("CSV" | "ORC" | "Parquet");
     /**
      * The prefix to use when exporting data. The prefix is prepended to all results.
      */
     Prefix?: string;
 }
 /**
- * Specifies tags to use to identify a subset of objects for an Amazon S3 bucket.
+ * Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*.
  */
-export interface TagFilter {
-    /**
-     * The tag value.
-     */
-    Value: string;
+export interface LifecycleConfiguration {
     /**
-     * The tag key.
+     * A lifecycle rule for individual objects in an Amazon S3 bucket.
      */
-    Key: string;
+    Rules: Rule[];
+    TransitionDefaultMinimumObjectSize?: ("varies_by_storage_class" | "all_storage_classes_128K");
 }
 /**
- * Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*.
+ * Specifies lifecycle rules for an Amazon S3 bucket. For more information, see [Put Bucket Lifecycle Configuration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html) in the *Amazon S3 API Reference*.
+ *  You must specify at least one of the following properties: ``AbortIncompleteMultipartUpload``, ``ExpirationDate``, ``ExpirationInDays``, ``NoncurrentVersionExpirationInDays``, ``NoncurrentVersionTransition``, ``NoncurrentVersionTransitions``, ``Transition``, or ``Transitions``.
  */
-export interface AccelerateConfiguration {
+export interface Rule {
+    AbortIncompleteMultipartUpload?: AbortIncompleteMultipartUpload;
     /**
-     * Specifies the transfer acceleration status of the bucket.
+     * Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
      */
-    AccelerationStatus: ("Enabled" | "Suspended");
-}
-/**
- * Configuration that defines how Amazon S3 handles public access.
- */
-export interface PublicAccessBlockConfiguration {
+    ExpirationDate?: string;
     /**
-     * Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to ``TRUE`` restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy.
-     *  Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
+     * Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
      */
-    RestrictPublicBuckets?: boolean;
+    ExpirationInDays?: number;
     /**
-     * Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to ``TRUE`` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
-     *  Enabling this setting doesn't affect existing bucket policies.
+     * Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with ``ExpirationInDays``, ``ExpirationDate``, or ``TagFilters``.
      */
-    BlockPublicPolicy?: boolean;
+    ExpiredObjectDeleteMarker?: boolean;
     /**
-     * Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes the following behavior:
-     *   +  PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
-     *   +  PUT Object calls fail if the request includes a public ACL.
-     *   +  PUT Bucket calls fail if the request includes a public ACL.
-     *
-     *  Enabling this setting doesn't affect existing policies or ACLs.
+     * Unique identifier for the rule. The value can't be longer than 255 characters.
      */
-    BlockPublicAcls?: boolean;
+    Id?: string;
     /**
-     * Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.
-     *  Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
+     * (Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.
      */
-    IgnorePublicAcls?: boolean;
+    NoncurrentVersionExpirationInDays?: number;
+    NoncurrentVersionExpiration?: NoncurrentVersionExpiration;
+    NoncurrentVersionTransition?: NoncurrentVersionTransition;
+    /**
+     * For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransition`` property.
+     */
+    NoncurrentVersionTransitions?: NoncurrentVersionTransition1[];
+    /**
+     * Object key prefix that identifies one or more objects to which this rule applies.
+     *   Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).
+     */
+    Prefix?: string;
+    /**
+     * If ``Enabled``, the rule is currently being applied. If ``Disabled``, the rule is not currently being applied.
+     */
+    Status: ("Enabled" | "Disabled");
+    /**
+     * Tags to use to identify a subset of objects to which the lifecycle rule applies.
+     */
+    TagFilters?: TagFilter[];
+    /**
+     * Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*.
+     */
+    ObjectSizeGreaterThan?: string;
+    /**
+     * Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*.
+     */
+    ObjectSizeLessThan?: string;
+    Transition?: Transition;
+    /**
+     * One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transition`` property.
+     */
+    Transitions?: Transition1[];
 }
 /**
- * Configuration that defines how Amazon S3 handles Object Ownership rules.
+ * Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.
  */
-export interface OwnershipControls {
+export interface AbortIncompleteMultipartUpload {
     /**
-     * Specifies the container element for Object Ownership rules.
+     * Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
      */
-    Rules: OwnershipControlsRule[];
+    DaysAfterInitiation: number;
 }
 /**
- * Specifies an Object Ownership rule.
- *  S3 Object Ownership is an Amazon S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket, simplifying access management for data stored in Amazon S3. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*.
+ * Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime.
  */
-export interface OwnershipControlsRule {
+export interface NoncurrentVersionExpiration {
     /**
-     * Specifies an object ownership rule.
+     * Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*.
      */
-    ObjectOwnership?: ("ObjectWriter" | "BucketOwnerPreferred" | "BucketOwnerEnforced");
+    NoncurrentDays: number;
+    /**
+     * Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*.
+     */
+    NewerNoncurrentVersions?: number;
 }
 /**
- * This operation is not supported by directory buckets.
- *   Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html).
- *    +  The ``DefaultRetention`` settings require both a mode and a period.
- *   +  The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.
- *   +  You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html).
+ * (Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property.
  */
-export interface ObjectLockConfiguration {
+export interface NoncurrentVersionTransition {
     /**
-     * Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket.
+     * The class of storage used to store the object.
      */
-    ObjectLockEnabled?: "Enabled";
-    Rule?: ObjectLockRule;
+    StorageClass: ("DEEP_ARCHIVE" | "GLACIER" | "Glacier" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA");
+    /**
+     * Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*.
+     */
+    TransitionInDays: number;
+    /**
+     * Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*.
+     */
+    NewerNoncurrentVersions?: number;
 }
 /**
- * Specifies the Object Lock rule for the specified object. Enable this rule when you apply ``ObjectLockConfiguration`` to a bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html).
+ * Container for the transition rule that describes when noncurrent objects transition to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class at a specific period in the object's lifetime. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property.
  */
-export interface ObjectLockRule {
-    DefaultRetention?: DefaultRetention;
+export interface NoncurrentVersionTransition1 {
+    /**
+     * The class of storage used to store the object.
+     */
+    StorageClass: ("DEEP_ARCHIVE" | "GLACIER" | "Glacier" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA");
+    /**
+     * Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*.
+     */
+    TransitionInDays: number;
+    /**
+     * Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*.
+     */
+    NewerNoncurrentVersions?: number;
 }
 /**
- * The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html).
+ * (Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transitions`` property.
  */
-export interface DefaultRetention {
+export interface Transition {
     /**
-     * The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``.
+     * The storage class to which you want the object to transition.
      */
-    Years?: number;
+    StorageClass: ("DEEP_ARCHIVE" | "GLACIER" | "Glacier" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA");
     /**
-     * The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``.
+     * Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.
      */
-    Days?: number;
+    TransitionDate?: string;
     /**
-     * The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``.
+     * Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.
      */
-    Mode?: ("COMPLIANCE" | "GOVERNANCE");
+    TransitionInDays?: number;
 }
 /**
- * Settings that define where logs are stored.
+ * Specifies when an object transitions to a specified storage class. For more information about Amazon S3 lifecycle configuration rules, see [Transitioning Objects Using Amazon S3 Lifecycle](https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) in the *Amazon S3 User Guide*.
  */
-export interface LoggingConfiguration {
-    TargetObjectKeyFormat?: TargetObjectKeyFormat;
+export interface Transition1 {
     /**
-     * A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
+     * The storage class to which you want the object to transition.
      */
-    LogFilePrefix?: string;
+    StorageClass: ("DEEP_ARCHIVE" | "GLACIER" | "Glacier" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA");
+    /**
+     * Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.
+     */
+    TransitionDate?: string;
+    /**
+     * Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.
+     */
+    TransitionInDays?: number;
+}
+/**
+ * Settings that define where logs are stored.
+ */
+export interface LoggingConfiguration {
     /**
      * The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the ``LoggingConfiguration`` property is defined.
      */
     DestinationBucketName?: string;
+    /**
+     * A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.
+     */
+    LogFilePrefix?: string;
+    TargetObjectKeyFormat?: TargetObjectKeyFormat;
 }
 /**
  * Amazon S3 keys for log objects are partitioned in the following format:
@@ -396,526 +517,432 @@ export interface PartitionedPrefix {
     PartitionDateSource?: ("EventTime" | "DeliveryTime");
 }
 /**
- * Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the ``VersioningConfiguration`` property.
- *  Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.
+ * Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For examples, see [AWS::S3::Bucket](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#aws-properties-s3-bucket--examples). For more information, see [PUT Bucket metrics](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) in the *Amazon S3 API Reference*.
  */
-export interface ReplicationConfiguration {
+export interface MetricsConfiguration {
     /**
-     * The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide*.
+     * The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
      */
-    Role: string;
+    AccessPointArn?: string;
     /**
-     * A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
+     * The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
      */
-    Rules: ReplicationRule[];
+    Id: string;
+    /**
+     * The prefix that an object must have to be included in the metrics results.
+     */
+    Prefix?: string;
+    /**
+     * Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
+     */
+    TagFilters?: TagFilter[];
 }
 /**
- * Specifies which Amazon S3 objects to replicate and where to store the replicas.
+ * Configuration that defines how Amazon S3 handles bucket notifications.
  */
-export interface ReplicationRule {
+export interface NotificationConfiguration {
+    EventBridgeConfiguration?: EventBridgeConfiguration;
     /**
-     * Specifies whether the rule is enabled.
+     * Describes the LAMlong functions to invoke and the events for which to invoke them.
      */
-    Status: ("Disabled" | "Enabled");
-    Destination: ReplicationDestination;
-    Filter?: ReplicationRuleFilter;
+    LambdaConfigurations?: LambdaConfiguration[];
     /**
-     * The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.
-     *  For more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide*.
+     * The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
      */
-    Priority?: number;
-    SourceSelectionCriteria?: SourceSelectionCriteria;
+    QueueConfigurations?: QueueConfiguration[];
     /**
-     * A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
+     * The topic to which notifications are sent and the events for which notifications are generated.
      */
-    Id?: string;
-    /**
-     * An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element.
-     *   Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).
-     */
-    Prefix?: string;
-    DeleteMarkerReplication?: DeleteMarkerReplication;
+    TopicConfigurations?: TopicConfiguration[];
 }
 /**
- * A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
+ * Enables delivery of events to Amazon EventBridge.
  */
-export interface ReplicationDestination {
-    AccessControlTranslation?: AccessControlTranslation;
-    /**
-     * Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the ``AccessControlTranslation`` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide*.
-     *  If you specify the ``AccessControlTranslation`` property, the ``Account`` property is required.
-     */
-    Account?: string;
-    Metrics?: Metrics;
-    /**
-     * The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
-     */
-    Bucket: string;
-    EncryptionConfiguration?: EncryptionConfiguration;
+export interface EventBridgeConfiguration {
     /**
-     * The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.
-     *  For valid values, see the ``StorageClass`` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference*.
+     * Enables delivery of events to Amazon EventBridge.
      */
-    StorageClass?: ("DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "REDUCED_REDUNDANCY" | "STANDARD" | "STANDARD_IA");
-    ReplicationTime?: ReplicationTime;
+    EventBridgeEnabled: (boolean & string);
 }
 /**
- * Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
+ * Describes the LAMlong functions to invoke and the events for which to invoke them.
  */
-export interface AccessControlTranslation {
+export interface LambdaConfiguration {
     /**
-     * Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference*.
+     * The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.
      */
-    Owner: "Destination";
-}
-/**
- * A container specifying replication metrics-related settings enabling replication metrics and events.
- */
-export interface Metrics {
+    Event: string;
+    Filter?: NotificationFilter;
     /**
-     * Specifies whether the replication metrics are enabled.
+     * The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
      */
-    Status: ("Disabled" | "Enabled");
-    EventThreshold?: ReplicationTimeValue;
+    Function: string;
 }
 /**
- * A container specifying the time threshold for emitting the ``s3:Replication:OperationMissedThreshold`` event.
+ * The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a ``.jpg`` extension invoke the function when they are added to the Amazon S3 bucket.
  */
-export interface ReplicationTimeValue {
-    /**
-     * Contains an integer specifying time in minutes.
-     *   Valid value: 15
-     */
-    Minutes: number;
+export interface NotificationFilter {
+    S3Key: S3KeyFilter;
 }
 /**
- * Specifies encryption-related information.
+ * A container for object key name prefix and suffix filtering rules.
  */
-export interface EncryptionConfiguration {
+export interface S3KeyFilter {
     /**
-     * Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.
+     * A list of containers for the key-value pair that defines the criteria for the filter rule.
      */
-    ReplicaKmsKeyID: string;
+    Rules: FilterRule[];
 }
 /**
- * A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block.
+ * Specifies the Amazon S3 object key name to filter on. An object key name is the name assigned to an object in your Amazon S3 bucket. You specify whether to filter on the suffix or prefix of the object key name. A prefix is a specific string of characters at the beginning of an object key name, which you can use to organize objects. For example, you can start the key names of related objects with a prefix, such as ``2023-`` or ``engineering/``. Then, you can use ``FilterRule`` to find objects in a bucket with key names that have the same prefix. A suffix is similar to a prefix, but it is at the end of the object key name instead of at the beginning.
  */
-export interface ReplicationTime {
+export interface FilterRule {
     /**
-     * Specifies whether the replication time is enabled.
+     * The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.
      */
-    Status: ("Disabled" | "Enabled");
-    Time: ReplicationTimeValue1;
-}
-/**
- * A container specifying the time by which replication should be complete for all objects and operations on objects.
- */
-export interface ReplicationTimeValue1 {
+    Name: string;
     /**
-     * Contains an integer specifying time in minutes.
-     *   Valid value: 15
+     * The value that the filter searches for in object key names.
      */
-    Minutes: number;
+    Value: string;
 }
 /**
- * A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.
- *   V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element.
+ * Specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events.
  */
-export interface ReplicationRuleFilter {
-    And?: ReplicationRuleAndOperator;
-    TagFilter?: TagFilter1;
+export interface QueueConfiguration {
     /**
-     * An object key name prefix that identifies the subset of objects to which the rule applies.
-     *   Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).
+     * The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.
      */
-    Prefix?: string;
+    Event: string;
+    Filter?: NotificationFilter1;
+    /**
+     * The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
+     */
+    Queue: string;
 }
 /**
- * A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:
- *   +  If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag.
- *   +  If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag.
+ * The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*.
  */
-export interface ReplicationRuleAndOperator {
-    /**
-     * An array of tags containing key and value pairs.
-     */
-    TagFilters?: TagFilter[];
-    /**
-     * An object key name prefix that identifies the subset of objects to which the rule applies.
-     */
-    Prefix?: string;
+export interface NotificationFilter1 {
+    S3Key: S3KeyFilter;
 }
 /**
- * Specifies tags to use to identify a subset of objects for an Amazon S3 bucket.
+ * A container for specifying the configuration for publication of messages to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects specified events.
  */
-export interface TagFilter1 {
+export interface TopicConfiguration {
     /**
-     * The tag value.
+     * The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.
      */
-    Value: string;
+    Event: string;
+    Filter?: NotificationFilter2;
     /**
-     * The tag key.
+     * The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.
      */
-    Key: string;
+    Topic: string;
 }
 /**
- * A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
+ * The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket.
  */
-export interface SourceSelectionCriteria {
-    ReplicaModifications?: ReplicaModifications;
-    SseKmsEncryptedObjects?: SseKmsEncryptedObjects;
+export interface NotificationFilter2 {
+    S3Key: S3KeyFilter;
 }
 /**
- * A filter that you can specify for selection for modifications on replicas.
+ * This operation is not supported by directory buckets.
+ *   Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html).
+ *    +  The ``DefaultRetention`` settings require both a mode and a period.
+ *   +  The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.
+ *   +  You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html).
  */
-export interface ReplicaModifications {
+export interface ObjectLockConfiguration {
     /**
-     * Specifies whether Amazon S3 replicates modifications on replicas.
-     *   *Allowed values*: ``Enabled`` | ``Disabled``
+     * Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket.
      */
-    Status: ("Enabled" | "Disabled");
+    ObjectLockEnabled?: "Enabled";
+    Rule?: ObjectLockRule;
 }
 /**
- * A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.
+ * Specifies the Object Lock rule for the specified object. Enable this rule when you apply ``ObjectLockConfiguration`` to a bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html).
  */
-export interface SseKmsEncryptedObjects {
-    /**
-     * Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.
-     */
-    Status: ("Disabled" | "Enabled");
+export interface ObjectLockRule {
+    DefaultRetention?: DefaultRetention;
 }
 /**
- * Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication`` ``Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config).
- *  For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html).
- *   If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations).
+ * The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html).
  */
-export interface DeleteMarkerReplication {
+export interface DefaultRetention {
     /**
-     * Indicates whether to replicate delete markers. Disabled by default.
+     * The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``.
      */
-    Status?: ("Disabled" | "Enabled");
-}
-/**
- * A container of a key value name pair.
- */
-export interface Tag {
+    Years?: number;
     /**
-     * Value of the tag.
+     * The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``.
      */
-    Value: string;
+    Days?: number;
     /**
-     * Name of the object key.
+     * The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``.
      */
-    Key: string;
+    Mode?: ("COMPLIANCE" | "GOVERNANCE");
 }
 /**
- * Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*.
+ * Configuration that defines how Amazon S3 handles Object Ownership rules.
  */
-export interface BucketEncryption {
+export interface OwnershipControls {
     /**
-     * Specifies the default server-side-encryption configuration.
+     * Specifies the container element for Object Ownership rules.
      */
-    ServerSideEncryptionConfiguration: ServerSideEncryptionRule[];
+    Rules: OwnershipControlsRule[];
 }
 /**
- * Specifies the default server-side encryption configuration.
- *   If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner.
+ * Specifies an Object Ownership rule.
+ *  S3 Object Ownership is an Amazon S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket, simplifying access management for data stored in Amazon S3. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*.
  */
-export interface ServerSideEncryptionRule {
+export interface OwnershipControlsRule {
     /**
-     * Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ``BucketKeyEnabled`` element to ``true`` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.
-     *  For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*.
+     * Specifies an object ownership rule.
      */
-    BucketKeyEnabled?: boolean;
-    ServerSideEncryptionByDefault?: ServerSideEncryptionByDefault;
+    ObjectOwnership?: ("ObjectWriter" | "BucketOwnerPreferred" | "BucketOwnerEnforced");
 }
 /**
- * Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.
+ * Configuration that defines how Amazon S3 handles public access.
  */
-export interface ServerSideEncryptionByDefault {
-    /**
-     * Server-side encryption algorithm to use for the default encryption.
-     */
-    SSEAlgorithm: ("aws:kms" | "AES256" | "aws:kms:dsse");
+export interface PublicAccessBlockConfiguration {
     /**
-     * AWS Key Management Service (KMS) customer AWS KMS key ID to use for the default encryption. This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``.
-     *  You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.
-     *   +  Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab``
-     *   +  Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab``
-     *   +  Key Alias: ``alias/alias-name``
+     * Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes the following behavior:
+     *   +  PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
+     *   +  PUT Object calls fail if the request includes a public ACL.
+     *   +  PUT Bucket calls fail if the request includes a public ACL.
      *
-     *  If you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.
-     *  If you are using encryption with cross-account or AWS service operations you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).
-     *   Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.
-     */
-    KMSMasterKeyID?: string;
-}
-/**
- * Configuration that defines how Amazon S3 handles bucket notifications.
- */
-export interface NotificationConfiguration {
-    /**
-     * The topic to which notifications are sent and the events for which notifications are generated.
-     */
-    TopicConfigurations?: TopicConfiguration[];
-    /**
-     * The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.
-     */
-    QueueConfigurations?: QueueConfiguration[];
-    /**
-     * Describes the LAMlong functions to invoke and the events for which to invoke them.
+     *  Enabling this setting doesn't affect existing policies or ACLs.
      */
-    LambdaConfigurations?: LambdaConfiguration[];
-    EventBridgeConfiguration?: EventBridgeConfiguration;
-}
-/**
- * A container for specifying the configuration for publication of messages to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects specified events.
- */
-export interface TopicConfiguration {
-    Filter?: NotificationFilter;
+    BlockPublicAcls?: boolean;
     /**
-     * The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.
+     * Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to ``TRUE`` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
+     *  Enabling this setting doesn't affect existing bucket policies.
      */
-    Event: string;
+    BlockPublicPolicy?: boolean;
     /**
-     * The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.
+     * Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.
+     *  Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
      */
-    Topic: string;
-}
-/**
- * The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket.
- */
-export interface NotificationFilter {
-    S3Key: S3KeyFilter;
-}
-/**
- * A container for object key name prefix and suffix filtering rules.
- */
-export interface S3KeyFilter {
+    IgnorePublicAcls?: boolean;
     /**
-     * A list of containers for the key-value pair that defines the criteria for the filter rule.
+     * Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to ``TRUE`` restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy.
+     *  Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
      */
-    Rules: FilterRule[];
+    RestrictPublicBuckets?: boolean;
 }
 /**
- * Specifies the Amazon S3 object key name to filter on. An object key name is the name assigned to an object in your Amazon S3 bucket. You specify whether to filter on the suffix or prefix of the object key name. A prefix is a specific string of characters at the beginning of an object key name, which you can use to organize objects. For example, you can start the key names of related objects with a prefix, such as ``2023-`` or ``engineering/``. Then, you can use ``FilterRule`` to find objects in a bucket with key names that have the same prefix. A suffix is similar to a prefix, but it is at the end of the object key name instead of at the beginning.
+ * Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the ``VersioningConfiguration`` property.
+ *  Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.
  */
-export interface FilterRule {
+export interface ReplicationConfiguration {
     /**
-     * The value that the filter searches for in object key names.
+     * The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide*.
      */
-    Value: string;
+    Role: string;
     /**
-     * The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.
+     * A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.
      */
-    Name: string;
+    Rules: ReplicationRule[];
 }
 /**
- * Specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events.
+ * Specifies which Amazon S3 objects to replicate and where to store the replicas.
  */
-export interface QueueConfiguration {
-    Filter?: NotificationFilter1;
-    /**
-     * The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.
-     */
-    Event: string;
+export interface ReplicationRule {
+    DeleteMarkerReplication?: DeleteMarkerReplication;
+    Destination: ReplicationDestination;
+    Filter?: ReplicationRuleFilter;
     /**
-     * The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.
+     * A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID".
      */
-    Queue: string;
-}
-/**
- * The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*.
- */
-export interface NotificationFilter1 {
-    S3Key: S3KeyFilter;
-}
-/**
- * Describes the LAMlong functions to invoke and the events for which to invoke them.
- */
-export interface LambdaConfiguration {
+    Id?: string;
     /**
-     * The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.
+     * An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element.
+     *   Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).
      */
-    Function: string;
-    Filter?: NotificationFilter2;
+    Prefix?: string;
     /**
-     * The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.
+     * The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.
+     *  For more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide*.
      */
-    Event: string;
-}
-/**
- * The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a ``.jpg`` extension invoke the function when they are added to the Amazon S3 bucket.
- */
-export interface NotificationFilter2 {
-    S3Key: S3KeyFilter;
-}
-/**
- * Enables delivery of events to Amazon EventBridge.
- */
-export interface EventBridgeConfiguration {
+    Priority?: number;
+    SourceSelectionCriteria?: SourceSelectionCriteria;
     /**
-     * Enables delivery of events to Amazon EventBridge.
+     * Specifies whether the rule is enabled.
      */
-    EventBridgeEnabled: (boolean & string);
+    Status: ("Disabled" | "Enabled");
 }
 /**
- * Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*.
+ * Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication`` ``Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config).
+ *  For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html).
+ *   If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations).
  */
-export interface LifecycleConfiguration {
+export interface DeleteMarkerReplication {
     /**
-     * A lifecycle rule for individual objects in an Amazon S3 bucket.
+     * Indicates whether to replicate delete markers. Disabled by default.
      */
-    Rules: Rule[];
+    Status?: ("Disabled" | "Enabled");
 }
 /**
- * Specifies lifecycle rules for an Amazon S3 bucket. For more information, see [Put Bucket Lifecycle Configuration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html) in the *Amazon S3 API Reference*.
- *  You must specify at least one of the following properties: ``AbortIncompleteMultipartUpload``, ``ExpirationDate``, ``ExpirationInDays``, ``NoncurrentVersionExpirationInDays``, ``NoncurrentVersionTransition``, ``NoncurrentVersionTransitions``, ``Transition``, or ``Transitions``.
+ * A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).
  */
-export interface Rule {
-    /**
-     * If ``Enabled``, the rule is currently being applied. If ``Disabled``, the rule is not currently being applied.
-     */
-    Status: ("Enabled" | "Disabled");
-    /**
-     * Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with ``ExpirationInDays``, ``ExpirationDate``, or ``TagFilters``.
-     */
-    ExpiredObjectDeleteMarker?: boolean;
-    /**
-     * (Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.
-     */
-    NoncurrentVersionExpirationInDays?: number;
-    /**
-     * One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transition`` property.
-     */
-    Transitions?: Transition[];
-    /**
-     * Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*.
-     */
-    ObjectSizeGreaterThan?: string;
-    /**
-     * Tags to use to identify a subset of objects to which the lifecycle rule applies.
-     */
-    TagFilters?: TagFilter[];
-    /**
-     * For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransition`` property.
-     */
-    NoncurrentVersionTransitions?: NoncurrentVersionTransition[];
-    /**
-     * Object key prefix that identifies one or more objects to which this rule applies.
-     *   Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).
-     */
-    Prefix?: string;
-    /**
-     * Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*.
-     */
-    ObjectSizeLessThan?: string;
-    NoncurrentVersionTransition?: NoncurrentVersionTransition1;
+export interface ReplicationDestination {
+    AccessControlTranslation?: AccessControlTranslation;
     /**
-     * Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
+     * Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the ``AccessControlTranslation`` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide*.
+     *  If you specify the ``AccessControlTranslation`` property, the ``Account`` property is required.
      */
-    ExpirationDate?: string;
-    NoncurrentVersionExpiration?: NoncurrentVersionExpiration;
+    Account?: string;
     /**
-     * Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.
+     * The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.
      */
-    ExpirationInDays?: number;
-    Transition?: Transition1;
+    Bucket: string;
+    EncryptionConfiguration?: EncryptionConfiguration;
+    Metrics?: Metrics;
+    ReplicationTime?: ReplicationTime;
     /**
-     * Unique identifier for the rule. The value can't be longer than 255 characters.
+     * The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.
+     *  For valid values, see the ``StorageClass`` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference*.
      */
-    Id?: string;
-    AbortIncompleteMultipartUpload?: AbortIncompleteMultipartUpload;
+    StorageClass?: ("DEEP_ARCHIVE" | "GLACIER" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "REDUCED_REDUNDANCY" | "STANDARD" | "STANDARD_IA");
 }
 /**
- * Specifies when an object transitions to a specified storage class. For more information about Amazon S3 lifecycle configuration rules, see [Transitioning Objects Using Amazon S3 Lifecycle](https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) in the *Amazon S3 User Guide*.
+ * Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.
  */
-export interface Transition {
+export interface AccessControlTranslation {
     /**
-     * Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.
+     * Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference*.
      */
-    TransitionDate?: string;
+    Owner: "Destination";
+}
+/**
+ * Specifies encryption-related information.
+ */
+export interface EncryptionConfiguration {
     /**
-     * The storage class to which you want the object to transition.
+     * Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.
      */
-    StorageClass: ("DEEP_ARCHIVE" | "GLACIER" | "Glacier" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA");
+    ReplicaKmsKeyID: string;
+}
+/**
+ * A container specifying replication metrics-related settings enabling replication metrics and events.
+ */
+export interface Metrics {
+    EventThreshold?: ReplicationTimeValue;
     /**
-     * Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.
+     * Specifies whether the replication metrics are enabled.
      */
-    TransitionInDays?: number;
+    Status: ("Disabled" | "Enabled");
 }
 /**
- * Container for the transition rule that describes when noncurrent objects transition to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class at a specific period in the object's lifetime. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property.
+ * A container specifying the time threshold for emitting the ``s3:Replication:OperationMissedThreshold`` event.
  */
-export interface NoncurrentVersionTransition {
+export interface ReplicationTimeValue {
     /**
-     * The class of storage used to store the object.
+     * Contains an integer specifying time in minutes.
+     *   Valid value: 15
      */
-    StorageClass: ("DEEP_ARCHIVE" | "GLACIER" | "Glacier" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA");
+    Minutes: number;
+}
+/**
+ * A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block.
+ */
+export interface ReplicationTime {
     /**
-     * Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*.
+     * Specifies whether the replication time is enabled.
      */
-    TransitionInDays: number;
+    Status: ("Disabled" | "Enabled");
+    Time: ReplicationTimeValue1;
+}
+/**
+ * A container specifying the time by which replication should be complete for all objects and operations on objects.
+ */
+export interface ReplicationTimeValue1 {
     /**
-     * Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*.
+     * Contains an integer specifying time in minutes.
+     *   Valid value: 15
      */
-    NewerNoncurrentVersions?: number;
+    Minutes: number;
 }
 /**
- * Container for the transition rule that describes when noncurrent objects transition to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class at a specific period in the object's lifetime. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property.
+ * A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.
+ *   V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element.
  */
-export interface NoncurrentVersionTransition1 {
+export interface ReplicationRuleFilter {
+    And?: ReplicationRuleAndOperator;
     /**
-     * The class of storage used to store the object.
+     * An object key name prefix that identifies the subset of objects to which the rule applies.
+     *   Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).
      */
-    StorageClass: ("DEEP_ARCHIVE" | "GLACIER" | "Glacier" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA");
+    Prefix?: string;
+    TagFilter?: TagFilter1;
+}
+/**
+ * A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:
+ *   +  If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag.
+ *   +  If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag.
+ */
+export interface ReplicationRuleAndOperator {
     /**
-     * Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*.
+     * An object key name prefix that identifies the subset of objects to which the rule applies.
      */
-    TransitionInDays: number;
+    Prefix?: string;
     /**
-     * Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*.
+     * An array of tags containing key and value pairs.
      */
-    NewerNoncurrentVersions?: number;
+    TagFilters?: TagFilter[];
 }
 /**
- * Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime.
+ * Specifies tags to use to identify a subset of objects for an Amazon S3 bucket.
  */
-export interface NoncurrentVersionExpiration {
+export interface TagFilter1 {
     /**
-     * Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*.
+     * The tag value.
      */
-    NoncurrentDays: number;
+    Value: string;
     /**
-     * Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*.
+     * The tag key.
      */
-    NewerNoncurrentVersions?: number;
+    Key: string;
 }
 /**
- * Specifies when an object transitions to a specified storage class. For more information about Amazon S3 lifecycle configuration rules, see [Transitioning Objects Using Amazon S3 Lifecycle](https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) in the *Amazon S3 User Guide*.
+ * A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.
  */
-export interface Transition1 {
-    /**
-     * Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.
-     */
-    TransitionDate?: string;
+export interface SourceSelectionCriteria {
+    ReplicaModifications?: ReplicaModifications;
+    SseKmsEncryptedObjects?: SseKmsEncryptedObjects;
+}
+/**
+ * A filter that you can specify for selection for modifications on replicas.
+ */
+export interface ReplicaModifications {
     /**
-     * The storage class to which you want the object to transition.
+     * Specifies whether Amazon S3 replicates modifications on replicas.
+     *   *Allowed values*: ``Enabled`` | ``Disabled``
      */
-    StorageClass: ("DEEP_ARCHIVE" | "GLACIER" | "Glacier" | "GLACIER_IR" | "INTELLIGENT_TIERING" | "ONEZONE_IA" | "STANDARD_IA");
+    Status: ("Enabled" | "Disabled");
+}
+/**
+ * A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.
+ */
+export interface SseKmsEncryptedObjects {
     /**
-     * Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.
+     * Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.
      */
-    TransitionInDays?: number;
+    Status: ("Disabled" | "Enabled");
 }
 /**
- * Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.
+ * A container of a key value name pair.
  */
-export interface AbortIncompleteMultipartUpload {
+export interface Tag {
     /**
-     * Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.
+     * Name of the object key.
      */
-    DaysAfterInitiation: number;
+    Key: string;
+    /**
+     * Value of the tag.
+     */
+    Value: string;
 }
 /**
  * Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.
@@ -928,102 +955,83 @@ export interface VersioningConfiguration {
     Status: ("Enabled" | "Suspended");
 }
 /**
- * Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For examples, see [AWS::S3::Bucket](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#aws-properties-s3-bucket--examples). For more information, see [PUT Bucket metrics](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) in the *Amazon S3 API Reference*.
+ * Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html).
  */
-export interface MetricsConfiguration {
-    /**
-     * The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.
-     */
-    AccessPointArn?: string;
+export interface WebsiteConfiguration {
     /**
-     * Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.
+     * The name of the error document for the website.
      */
-    TagFilters?: TagFilter[];
+    ErrorDocument?: string;
     /**
-     * The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.
+     * The name of the index document for the website.
      */
-    Id: string;
+    IndexDocument?: string;
     /**
-     * The prefix that an object must have to be included in the metrics results.
+     * Rules that define when a redirect is applied and the redirect behavior.
      */
-    Prefix?: string;
+    RoutingRules?: RoutingRule[];
+    RedirectAllRequestsTo?: RedirectAllRequestsTo;
 }
 /**
- * Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket.
- *  For information about the S3 Intelligent-Tiering storage class, see [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access).
+ * Specifies the redirect behavior and when a redirect is applied. For more information about routing rules, see [Configuring advanced conditional redirects](https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects) in the *Amazon S3 User Guide*.
  */
-export interface IntelligentTieringConfiguration {
+export interface RoutingRule {
+    RedirectRule: RedirectRule;
+    RoutingRuleCondition?: RoutingRuleCondition;
+}
+/**
+ * Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.
+ */
+export interface RedirectRule {
     /**
-     * Specifies the status of the configuration.
+     * The host name to use in the redirect request.
      */
-    Status: ("Disabled" | "Enabled");
+    HostName?: string;
     /**
-     * Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ``ARCHIVE_ACCESS`` and ``DEEP_ARCHIVE_ACCESS``.
-     *   You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.
+     * The HTTP redirect code to use on the response. Not required if one of the siblings is present.
      */
-    Tierings: Tiering[];
+    HttpRedirectCode?: string;
     /**
-     * A container for a key-value pair.
+     * Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
      */
-    TagFilters?: TagFilter[];
+    Protocol?: ("http" | "https");
     /**
-     * The ID used to identify the S3 Intelligent-Tiering configuration.
+     * The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix ``docs/`` (objects in the ``docs/`` folder) to ``documents/``, you can set a condition block with ``KeyPrefixEquals`` set to ``docs/`` and in the Redirect set ``ReplaceKeyPrefixWith`` to ``/documents``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyWith`` is not provided.
+     *   Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).
      */
-    Id: string;
+    ReplaceKeyPrefixWith?: string;
     /**
-     * An object key name prefix that identifies the subset of objects to which the rule applies.
+     * The specific object key to use in the redirect request. For example, redirect request to ``error.html``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyPrefixWith`` is not provided.
+     *   Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).
      */
-    Prefix?: string;
+    ReplaceKeyWith?: string;
 }
 /**
- * The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without additional operational overhead.
+ * A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.
  */
-export interface Tiering {
-    /**
-     * S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.
-     */
-    AccessTier: ("ARCHIVE_ACCESS" | "DEEP_ARCHIVE_ACCESS");
+export interface RoutingRuleCondition {
     /**
-     * The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).
+     * The object key name prefix when the redirect is applied. For example, to redirect requests for ``ExamplePage.html``, the key prefix will be ``ExamplePage.html``. To redirect request for all pages with the prefix ``docs/``, the key prefix will be ``/docs``, which identifies all objects in the docs/ folder.
+     *  Required when the parent element ``Condition`` is specified and sibling ``HttpErrorCodeReturnedEquals`` is not specified. If both conditions are specified, both must be true for the redirect to be applied.
      */
-    Days: number;
-}
-/**
- * Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*.
- */
-export interface CorsConfiguration {
+    KeyPrefixEquals?: string;
     /**
-     * A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
+     * The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.
+     *  Required when parent element ``Condition`` is specified and sibling ``KeyPrefixEquals`` is not specified. If both are specified, then both must be true for the redirect to be applied.
      */
-    CorsRules: CorsRule[];
+    HttpErrorCodeReturnedEquals?: string;
 }
 /**
- * Specifies a cross-origin access rule for an Amazon S3 bucket.
+ * The redirect behavior for every request to this bucket's website endpoint.
+ *   If you specify this property, you can't specify any other property.
  */
-export interface CorsRule {
-    /**
-     * One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript ``XMLHttpRequest`` object).
-     */
-    ExposedHeaders?: string[];
-    /**
-     * An HTTP method that you allow the origin to run.
-     *   *Allowed values*: ``GET`` | ``PUT`` | ``HEAD`` | ``POST`` | ``DELETE``
-     */
-    AllowedMethods: ("GET" | "PUT" | "HEAD" | "POST" | "DELETE")[];
-    /**
-     * One or more origins you want customers to be able to access the bucket from.
-     */
-    AllowedOrigins: string[];
-    /**
-     * Headers that are specified in the ``Access-Control-Request-Headers`` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.
-     */
-    AllowedHeaders?: string[];
+export interface RedirectAllRequestsTo {
     /**
-     * The time in seconds that your browser is to cache the preflight response for the specified resource.
+     * Name of the host where requests are redirected.
      */
-    MaxAge?: number;
+    HostName: string;
     /**
-     * A unique identifier for this rule. The value must be no more than 255 characters.
+     * Protocol to use when redirecting requests. The default is the protocol that is used in the original request.
      */
-    Id?: string;
+    Protocol?: ("http" | "https");
 }