diff --git a/clients/client-s3/src/commands/AbortMultipartUploadCommand.ts b/clients/client-s3/src/commands/AbortMultipartUploadCommand.ts index b6b276f9ed09c..60c9ce5342dfc 100644 --- a/clients/client-s3/src/commands/AbortMultipartUploadCommand.ts +++ b/clients/client-s3/src/commands/AbortMultipartUploadCommand.ts @@ -39,10 +39,24 @@ export interface AbortMultipartUploadCommandOutput extends AbortMultipartUploadO * storage, you should call the <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html">ListParts</a> API operation and ensure that * the parts list is empty.</p> * <note> - * <p> - * <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i> - * </code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the + * <ul> + * <li> + * <p> + * <b>Directory buckets</b> - + * If multipart uploads in a directory bucket are in progress, you can't delete the bucket until all the in-progress multipart uploads are aborted or completed. + * To delete these in-progress multipart uploads, use the + * <code>ListMultipartUploads</code> operation to list the in-progress multipart + * uploads in the bucket and use the <code>AbortMultupartUpload</code> operation to + * abort all the in-progress multipart uploads. + * </p> + * </li> + * <li> + * <p> + * <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i> + * </code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the * <i>Amazon S3 User Guide</i>.</p> + * </li> + * </ul> * </note> * <dl> * <dt>Permissions</dt> diff --git a/clients/client-s3/src/commands/CopyObjectCommand.ts b/clients/client-s3/src/commands/CopyObjectCommand.ts index be672e32c2513..9463531f5e1e3 100644 --- a/clients/client-s3/src/commands/CopyObjectCommand.ts +++ b/clients/client-s3/src/commands/CopyObjectCommand.ts @@ -46,10 +46,20 @@ export interface CopyObjectCommandOutput extends CopyObjectOutput, __MetadataBea * <p>You can copy individual objects between general purpose buckets, between directory buckets, and * between general purpose buckets and directory buckets.</p> * <note> - * <p> - * <b>Directory buckets </b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i> - * </code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the + * <ul> + * <li> + * <p>Amazon S3 supports copy operations using Multi-Region Access Points only as a destination when using the Multi-Region Access Point ARN. </p> + * </li> + * <li> + * <p> + * <b>Directory buckets </b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i> + * </code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the * <i>Amazon S3 User Guide</i>.</p> + * </li> + * <li> + * <p>VPC endpoints don't support cross-Region requests (including copies). If you're using VPC endpoints, your source and destination buckets should be in the same Amazon Web Services Region as your VPC endpoint.</p> + * </li> + * </ul> * </note> * <p>Both the * Region that you want to copy the object from and the Region that you want to copy the diff --git a/clients/client-s3/src/commands/HeadBucketCommand.ts b/clients/client-s3/src/commands/HeadBucketCommand.ts index ed54a832204a0..8ee90c4f6747f 100644 --- a/clients/client-s3/src/commands/HeadBucketCommand.ts +++ b/clients/client-s3/src/commands/HeadBucketCommand.ts @@ -31,22 +31,20 @@ export interface HeadBucketCommandOutput extends HeadBucketOutput, __MetadataBea /** * <p>You can use this operation to determine if a bucket exists and if you have permission to access it. The action returns a <code>200 OK</code> if the bucket exists and you have permission * to access it.</p> - * <p>If the bucket does not exist or you do not have permission to access it, the + * <note> + * <p>If the bucket does not exist or you do not have permission to access it, the * <code>HEAD</code> request returns a generic <code>400 Bad Request</code>, <code>403 * Forbidden</code> or <code>404 Not Found</code> code. A message body is not included, so * you cannot determine the exception beyond these HTTP response codes.</p> - * <note> - * <p> - * <b>Directory buckets </b> - You must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the - * <i>Amazon S3 User Guide</i>.</p> * </note> * <dl> * <dt>Authentication and authorization</dt> * <dd> - * <p>All <code>HeadBucket</code> requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the <code>x-amz-</code> prefix, including + * <p> + * <b>General purpose buckets</b> - Request to public buckets that grant the s3:ListBucket permission publicly do not need to be signed. All other <code>HeadBucket</code> requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the <code>x-amz-</code> prefix, including * <code>x-amz-copy-source</code>, must be signed. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html">REST Authentication</a>.</p> * <p> - * <b>Directory bucket</b> - You must use IAM credentials to authenticate and authorize your access to the <code>HeadBucket</code> API operation, instead of using the + * <b>Directory buckets</b> - You must use IAM credentials to authenticate and authorize your access to the <code>HeadBucket</code> API operation, instead of using the * temporary security credentials through the <code>CreateSession</code> API operation.</p> * <p>Amazon Web Services CLI or SDKs handles authentication and authorization on your behalf.</p> * </dd> @@ -77,6 +75,10 @@ export interface HeadBucketCommandOutput extends HeadBucketOutput, __MetadataBea * <p> * <b>Directory buckets </b> - The HTTP Host header syntax is <code> * <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p> + * <note> + * <p>You must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the + * <i>Amazon S3 User Guide</i>.</p> + * </note> * </dd> * </dl> * @example diff --git a/clients/client-s3/src/commands/HeadObjectCommand.ts b/clients/client-s3/src/commands/HeadObjectCommand.ts index ce4487a8286ba..37570096072fb 100644 --- a/clients/client-s3/src/commands/HeadObjectCommand.ts +++ b/clients/client-s3/src/commands/HeadObjectCommand.ts @@ -37,20 +37,16 @@ export interface HeadObjectCommandOutput extends HeadObjectOutput, __MetadataBea /** * <p>The <code>HEAD</code> operation retrieves metadata from an object without returning the * object itself. This operation is useful if you're interested only in an object's metadata.</p> - * <p>A <code>HEAD</code> request has the same options as a <code>GET</code> operation on an + * <note> + * <p>A <code>HEAD</code> request has the same options as a <code>GET</code> operation on an * object. The response is identical to the <code>GET</code> response except that there is no * response body. Because of this, if the <code>HEAD</code> request generates an error, it * returns a generic code, such as <code>400 Bad Request</code>, <code>403 Forbidden</code>, <code>404 Not * Found</code>, <code>405 Method Not Allowed</code>, <code>412 Precondition Failed</code>, or <code>304 Not Modified</code>. * It's not possible to retrieve the exact exception of these error codes.</p> + * </note> * <p>Request headers are limited to 8 KB in size. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html">Common * Request Headers</a>.</p> - * <note> - * <p> - * <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i> - * </code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the - * <i>Amazon S3 User Guide</i>.</p> - * </note> * <dl> * <dt>Permissions</dt> * <dd> @@ -155,6 +151,11 @@ export interface HeadObjectCommandOutput extends HeadObjectOutput, __MetadataBea * <p> * <b>Directory buckets </b> - The HTTP Host header syntax is <code> * <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p> + * <note> + * <p>For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i> + * </code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the + * <i>Amazon S3 User Guide</i>.</p> + * </note> * </dd> * </dl> * <p>The following actions are related to <code>HeadObject</code>:</p> diff --git a/clients/client-s3/src/commands/ListBucketsCommand.ts b/clients/client-s3/src/commands/ListBucketsCommand.ts index b3b1ca9e7c66c..31b9a01fbb391 100644 --- a/clients/client-s3/src/commands/ListBucketsCommand.ts +++ b/clients/client-s3/src/commands/ListBucketsCommand.ts @@ -6,7 +6,7 @@ import { Command as $Command } from "@smithy/smithy-client"; import { MetadataBearer as __MetadataBearer } from "@smithy/types"; import { commonParams } from "../endpoint/EndpointParameters"; -import { ListBucketsOutput } from "../models/models_0"; +import { ListBucketsOutput, ListBucketsRequest } from "../models/models_0"; import { de_ListBucketsCommand, se_ListBucketsCommand } from "../protocols/Aws_restXml"; import { S3ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../S3Client"; @@ -20,7 +20,7 @@ export { $Command }; * * The input for {@link ListBucketsCommand}. */ -export interface ListBucketsCommandInput {} +export interface ListBucketsCommandInput extends ListBucketsRequest {} /** * @public * @@ -42,7 +42,10 @@ export interface ListBucketsCommandOutput extends ListBucketsOutput, __MetadataB * import { S3Client, ListBucketsCommand } from "@aws-sdk/client-s3"; // ES Modules import * // const { S3Client, ListBucketsCommand } = require("@aws-sdk/client-s3"); // CommonJS import * const client = new S3Client(config); - * const input = {}; + * const input = { // ListBucketsRequest + * MaxBuckets: Number("int"), + * ContinuationToken: "STRING_VALUE", + * }; * const command = new ListBucketsCommand(input); * const response = await client.send(command); * // { // ListBucketsOutput @@ -56,6 +59,7 @@ export interface ListBucketsCommandOutput extends ListBucketsOutput, __MetadataB * // DisplayName: "STRING_VALUE", * // ID: "STRING_VALUE", * // }, + * // ContinuationToken: "STRING_VALUE", * // }; * * ``` diff --git a/clients/client-s3/src/commands/ListMultipartUploadsCommand.ts b/clients/client-s3/src/commands/ListMultipartUploadsCommand.ts index fe1c25cfa3b80..1f307c5ad48ce 100644 --- a/clients/client-s3/src/commands/ListMultipartUploadsCommand.ts +++ b/clients/client-s3/src/commands/ListMultipartUploadsCommand.ts @@ -36,6 +36,8 @@ export interface ListMultipartUploadsCommandOutput extends ListMultipartUploadsO * <p> * <b>Directory buckets</b> - * If multipart uploads in a directory bucket are in progress, you can't delete the bucket until all the in-progress multipart uploads are aborted or completed. + * To delete these in-progress multipart uploads, use the <code>ListMultipartUploads</code> operation to list the in-progress multipart + * uploads in the bucket and use the <code>AbortMultupartUpload</code> operation to abort all the in-progress multipart uploads. * </p> * </note> * <p>The <code>ListMultipartUploads</code> operation returns a maximum of 1,000 multipart uploads in the response. The limit of 1,000 multipart diff --git a/clients/client-s3/src/commands/ListObjectsV2Command.ts b/clients/client-s3/src/commands/ListObjectsV2Command.ts index a3147b84f0325..4867446cbe07b 100644 --- a/clients/client-s3/src/commands/ListObjectsV2Command.ts +++ b/clients/client-s3/src/commands/ListObjectsV2Command.ts @@ -37,10 +37,24 @@ export interface ListObjectsV2CommandOutput extends ListObjectsV2Output, __Metad * For more information about listing objects, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/ListingKeysUsingAPIs.html">Listing object keys * programmatically</a> in the <i>Amazon S3 User Guide</i>. To get a list of your buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html">ListBuckets</a>.</p> * <note> - * <p> - * <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i> - * </code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the + * <ul> + * <li> + * <p> + * <b>General purpose bucket</b> - For general purpose buckets, <code>ListObjectsV2</code> doesn't return prefixes that are related only to in-progress multipart uploads.</p> + * </li> + * <li> + * <p> + * <b>Directory buckets</b> - + * For directory buckets, <code>ListObjectsV2</code> response includes the prefixes that are related only to in-progress multipart uploads. + * </p> + * </li> + * <li> + * <p> + * <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i> + * </code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the * <i>Amazon S3 User Guide</i>.</p> + * </li> + * </ul> * </note> * <dl> * <dt>Permissions</dt> diff --git a/clients/client-s3/src/commands/PutBucketEncryptionCommand.ts b/clients/client-s3/src/commands/PutBucketEncryptionCommand.ts index ecd16c8564c69..e9bad949f704a 100644 --- a/clients/client-s3/src/commands/PutBucketEncryptionCommand.ts +++ b/clients/client-s3/src/commands/PutBucketEncryptionCommand.ts @@ -41,7 +41,11 @@ export interface PutBucketEncryptionCommandOutput extends __MetadataBearer {} * SSE-KMS, you can also configure <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html">Amazon S3 Bucket * Keys</a>. If you use PutBucketEncryption to set your <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html">default bucket encryption</a> to SSE-KMS, you should verify that your KMS key ID is correct. Amazon S3 does not validate the KMS key ID provided in PutBucketEncryption requests.</p> * <important> - * <p>This action requires Amazon Web Services Signature Version 4. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html"> + * <p>If you're specifying a customer managed KMS key, we recommend using a fully qualified + * KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the + * requester’s account. This behavior can result in data that's encrypted with a KMS key + * that belongs to the requester, and not the bucket owner.</p> + * <p>Also, this action requires Amazon Web Services Signature Version 4. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html"> * Authenticating Requests (Amazon Web Services Signature Version 4)</a>. </p> * </important> * <p>To use this operation, you must have permission to perform the diff --git a/clients/client-s3/src/commands/PutBucketPolicyCommand.ts b/clients/client-s3/src/commands/PutBucketPolicyCommand.ts index b27ab54fcd1e5..2999df40bca8e 100644 --- a/clients/client-s3/src/commands/PutBucketPolicyCommand.ts +++ b/clients/client-s3/src/commands/PutBucketPolicyCommand.ts @@ -6,7 +6,7 @@ import { Command as $Command } from "@smithy/smithy-client"; import { MetadataBearer as __MetadataBearer } from "@smithy/types"; import { commonParams } from "../endpoint/EndpointParameters"; -import { PutBucketPolicyRequest } from "../models/models_0"; +import { PutBucketPolicyRequest } from "../models/models_1"; import { de_PutBucketPolicyCommand, se_PutBucketPolicyCommand } from "../protocols/Aws_restXml"; import { S3ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../S3Client"; diff --git a/clients/client-s3/src/commands/PutBucketVersioningCommand.ts b/clients/client-s3/src/commands/PutBucketVersioningCommand.ts index ae2ee3230358b..07c539450a1c3 100644 --- a/clients/client-s3/src/commands/PutBucketVersioningCommand.ts +++ b/clients/client-s3/src/commands/PutBucketVersioningCommand.ts @@ -32,6 +32,15 @@ export interface PutBucketVersioningCommandOutput extends __MetadataBearer {} * <note> * <p>This operation is not supported by directory buckets.</p> * </note> + * <note> + * <p>When you enable versioning on a bucket for the first time, it might take a short + * amount of time for the change to be fully propagated. We recommend that you wait for 15 + * minutes after enabling versioning before issuing write operations + * (<code>PUT</code> + * or + * <code>DELETE</code>) + * on objects in the bucket. </p> + * </note> * <p>Sets the versioning state of an existing bucket.</p> * <p>You can set the versioning state with one of the following values:</p> * <p> diff --git a/clients/client-s3/src/models/models_0.ts b/clients/client-s3/src/models/models_0.ts index 6f0d5a2a4d225..d4fc5558251be 100644 --- a/clients/client-s3/src/models/models_0.ts +++ b/clients/client-s3/src/models/models_0.ts @@ -6027,6 +6027,12 @@ export interface GetBucketCorsRequest { * with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. For more * information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html">PUT Bucket encryption</a> in * the <i>Amazon S3 API Reference</i>.</p> + * <note> + * <p>If you're specifying a customer managed KMS key, we recommend using a fully qualified + * KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the + * requester’s account. This behavior can result in data that's encrypted with a KMS key + * that belongs to the requester, and not the bucket owner.</p> + * </note> * @public */ export interface ServerSideEncryptionByDefault { @@ -6071,6 +6077,12 @@ export interface ServerSideEncryptionByDefault { /** * <p>Specifies the default server-side encryption configuration.</p> + * <note> + * <p>If you're specifying a customer managed KMS key, we recommend using a fully qualified + * KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the + * requester’s account. This behavior can result in data that's encrypted with a KMS key + * that belongs to the requester, and not the bucket owner.</p> + * </note> * @public */ export interface ServerSideEncryptionRule { @@ -7116,7 +7128,14 @@ export type PartitionDateSource = (typeof PartitionDateSource)[keyof typeof Part */ export interface PartitionedPrefix { /** - * <p>Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime.</p> + * <p>Specifies the partition date source for the partitioned prefix. + * <code>PartitionDateSource</code> can be <code>EventTime</code> or + * <code>DeliveryTime</code>.</p> + * <p>For <code>DeliveryTime</code>, the time in the log file names corresponds to the + * delivery time for the log files. </p> + * <p> For <code>EventTime</code>, The logs delivered are for a specific day only. The year, + * month, and day correspond to the day on which the event occurred, and the hour, minutes and + * seconds are set to 00 in the key.</p> * @public */ PartitionDateSource?: PartitionDateSource; @@ -7895,6 +7914,12 @@ export interface DeleteMarkerReplication { /** * <p>Specifies encryption-related information for an Amazon S3 bucket that is a destination for * replicated objects.</p> + * <note> + * <p>If you're specifying a customer managed KMS key, we recommend using a fully qualified + * KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the + * requester’s account. This behavior can result in data that's encrypted with a KMS key + * that belongs to the requester, and not the bucket owner.</p> + * </note> * @public */ export interface EncryptionConfiguration { @@ -10088,7 +10113,7 @@ export const ObjectLockRetentionMode = { export type ObjectLockRetentionMode = (typeof ObjectLockRetentionMode)[keyof typeof ObjectLockRetentionMode]; /** - * <p>The container element for specifying the default Object Lock retention settings for new + * <p>The container element for optionally specifying the default Object Lock retention settings for new * objects placed in the specified bucket.</p> * <note> * <ul> @@ -10451,7 +10476,7 @@ export interface PublicAccessBlockConfiguration { /** * <p>Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting - * this element to <code>TRUE</code> restricts access to this bucket to only Amazon Web Service principals and authorized users within this account if the bucket has + * this element to <code>TRUE</code> restricts access to this bucket to only Amazon Web Servicesservice principals and authorized users within this account if the bucket has * a public policy.</p> * <p>Enabling this setting doesn't affect previously stored bucket policies, except that * public and cross-account access within any public bucket policy, including non-public @@ -10518,9 +10543,6 @@ export interface HeadBucketOutput { /** * <p>The Region that the bucket is located.</p> - * <note> - * <p>This functionality is not supported for directory buckets.</p> - * </note> * @public */ BucketRegion?: string; @@ -10528,7 +10550,7 @@ export interface HeadBucketOutput { /** * <p>Indicates whether the bucket name used in the request is an access point alias.</p> * <note> - * <p>This functionality is not supported for directory buckets.</p> + * <p>For directory buckets, the value of this field is <code>false</code>.</p> * </note> * @public */ @@ -11497,6 +11519,36 @@ export interface ListBucketsOutput { * @public */ Owner?: Owner; + + /** + * <p> + * <code>ContinuationToken</code> is included in the + * response when there are more buckets that can be listed with pagination. The next <code>ListBuckets</code> request to Amazon S3 can be continued with this <code>ContinuationToken</code>. <code>ContinuationToken</code> is obfuscated and is not a real bucket.</p> + * @public + */ + ContinuationToken?: string; +} + +/** + * @public + */ +export interface ListBucketsRequest { + /** + * <p>Maximum number of buckets to be returned in response. When the number is more than the count of buckets that are owned by an Amazon Web Services account, return all the buckets in response.</p> + * @public + */ + MaxBuckets?: number; + + /** + * <p> + * <code>ContinuationToken</code> indicates to Amazon S3 that the list is being continued on + * this bucket with a token. <code>ContinuationToken</code> is obfuscated and is not a real + * key. You can use this <code>ContinuationToken</code> for pagination of the list results. </p> + * <p>Length Constraints: Minimum length of 0. Maximum length of 1024.</p> + * <p>Required: No.</p> + * @public + */ + ContinuationToken?: string; } /** @@ -11523,9 +11575,8 @@ export interface ListDirectoryBucketsOutput { export interface ListDirectoryBucketsRequest { /** * <p> - * <code>ContinuationToken</code> indicates to Amazon S3 that the list is being continued on - * this bucket with a token. <code>ContinuationToken</code> is obfuscated and is not a real - * key. You can use this <code>ContinuationToken</code> for pagination of the list results. </p> + * <code>ContinuationToken</code> indicates to Amazon S3 that the list is being continued on buckets in this account with a token. <code>ContinuationToken</code> is obfuscated and is not a real + * bucket name. You can use this <code>ContinuationToken</code> for the pagination of the list results. </p> * @public */ ContinuationToken?: string; @@ -11818,11 +11869,19 @@ export interface ListMultipartUploadsRequest { Delimiter?: string; /** - * <p>Requests Amazon S3 to encode the object keys in the response and specifies the encoding - * method to use. An object key can contain any Unicode character; however, the XML 1.0 parser - * cannot parse some characters, such as characters with an ASCII value from 0 to 10. For - * characters that are not supported in XML 1.0, you can add this parameter to request that - * Amazon S3 encode the keys in the response.</p> + * <p>Encoding type used by Amazon S3 to encode the <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html">object keys</a> in the response. + * Responses are encoded only in UTF-8. An object key can contain any Unicode character. + * However, the XML 1.0 parser can't parse certain characters, such as characters with an + * ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this + * parameter to request that Amazon S3 encode the keys in the response. For more information about + * characters to avoid in object key names, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines">Object key naming + * guidelines</a>.</p> + * <note> + * <p>When using the URL encoding type, non-ASCII characters that are used in an object's + * key name will be percent-encoded according to UTF-8 code values. For example, the object + * <code>test_file(3).png</code> will appear as + * <code>test_file%283%29.png</code>.</p> + * </note> * @public */ EncodingType?: EncodingType; @@ -12160,10 +12219,19 @@ export interface ListObjectsOutput { CommonPrefixes?: CommonPrefix[]; /** - * <p>Encoding type used by Amazon S3 to encode object keys in the response. If using - * <code>url</code>, non-ASCII characters used in an object's key name will be URL encoded. - * For example, the object <code>test_file(3).png</code> will appear as + * <p>Encoding type used by Amazon S3 to encode the <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html">object keys</a> in the response. + * Responses are encoded only in UTF-8. An object key can contain any Unicode character. + * However, the XML 1.0 parser can't parse certain characters, such as characters with an + * ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this + * parameter to request that Amazon S3 encode the keys in the response. For more information about + * characters to avoid in object key names, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines">Object key naming + * guidelines</a>.</p> + * <note> + * <p>When using the URL encoding type, non-ASCII characters that are used in an object's + * key name will be percent-encoded according to UTF-8 code values. For example, the object + * <code>test_file(3).png</code> will appear as * <code>test_file%283%29.png</code>.</p> + * </note> * @public */ EncodingType?: EncodingType; @@ -12226,11 +12294,19 @@ export interface ListObjectsRequest { Delimiter?: string; /** - * <p>Requests Amazon S3 to encode the object keys in the response and specifies the encoding - * method to use. An object key can contain any Unicode character; however, the XML 1.0 parser - * cannot parse some characters, such as characters with an ASCII value from 0 to 10. For - * characters that are not supported in XML 1.0, you can add this parameter to request that - * Amazon S3 encode the keys in the response.</p> + * <p>Encoding type used by Amazon S3 to encode the <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html">object keys</a> in the response. + * Responses are encoded only in UTF-8. An object key can contain any Unicode character. + * However, the XML 1.0 parser can't parse certain characters, such as characters with an + * ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this + * parameter to request that Amazon S3 encode the keys in the response. For more information about + * characters to avoid in object key names, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines">Object key naming + * guidelines</a>.</p> + * <note> + * <p>When using the URL encoding type, non-ASCII characters that are used in an object's + * key name will be percent-encoded according to UTF-8 code values. For example, the object + * <code>test_file(3).png</code> will appear as + * <code>test_file%283%29.png</code>.</p> + * </note> * @public */ EncodingType?: EncodingType; @@ -12472,10 +12548,19 @@ export interface ListObjectsV2Request { Delimiter?: string; /** - * <p>Encoding type used by Amazon S3 to encode object keys in the response. If using - * <code>url</code>, non-ASCII characters used in an object's key name will be URL encoded. - * For example, the object <code>test_file(3).png</code> will appear as + * <p>Encoding type used by Amazon S3 to encode the <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html">object keys</a> in the response. + * Responses are encoded only in UTF-8. An object key can contain any Unicode character. + * However, the XML 1.0 parser can't parse certain characters, such as characters with an + * ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this + * parameter to request that Amazon S3 encode the keys in the response. For more information about + * characters to avoid in object key names, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines">Object key naming + * guidelines</a>.</p> + * <note> + * <p>When using the URL encoding type, non-ASCII characters that are used in an object's + * key name will be percent-encoded according to UTF-8 code values. For example, the object + * <code>test_file(3).png</code> will appear as * <code>test_file%283%29.png</code>.</p> + * </note> * @public */ EncodingType?: EncodingType; @@ -12813,11 +12898,19 @@ export interface ListObjectVersionsRequest { Delimiter?: string; /** - * <p>Requests Amazon S3 to encode the object keys in the response and specifies the encoding - * method to use. An object key can contain any Unicode character; however, the XML 1.0 parser - * cannot parse some characters, such as characters with an ASCII value from 0 to 10. For - * characters that are not supported in XML 1.0, you can add this parameter to request that - * Amazon S3 encode the keys in the response.</p> + * <p>Encoding type used by Amazon S3 to encode the <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html">object keys</a> in the response. + * Responses are encoded only in UTF-8. An object key can contain any Unicode character. + * However, the XML 1.0 parser can't parse certain characters, such as characters with an + * ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this + * parameter to request that Amazon S3 encode the keys in the response. For more information about + * characters to avoid in object key names, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines">Object key naming + * guidelines</a>.</p> + * <note> + * <p>When using the URL encoding type, non-ASCII characters that are used in an object's + * key name will be percent-encoded according to UTF-8 code values. For example, the object + * <code>test_file(3).png</code> will appear as + * <code>test_file%283%29.png</code>.</p> + * </note> * @public */ EncodingType?: EncodingType; @@ -13729,99 +13822,6 @@ export interface PutBucketOwnershipControlsRequest { OwnershipControls: OwnershipControls | undefined; } -/** - * @public - */ -export interface PutBucketPolicyRequest { - /** - * <p>The name of the bucket.</p> - * <p> - * <b>Directory buckets </b> - When you use this operation with a directory bucket, you must use path-style requests in the format <code>https://s3express-control.<i>region_code</i>.amazonaws.com/<i>bucket-name</i> - * </code>. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must also follow the format <code> - * <i>bucket_base_name</i>--<i>az_id</i>--x-s3</code> (for example, <code> - * <i>DOC-EXAMPLE-BUCKET</i>--<i>usw2-az1</i>--x-s3</code>). For information about bucket naming restrictions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html">Directory bucket naming rules</a> in the <i>Amazon S3 User Guide</i> - * </p> - * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies. - * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p> - * @public - */ - Bucket: string | undefined; - - /** - * <p>The MD5 hash of the request body.</p> - * <p>For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.</p> - * <note> - * <p>This functionality is not supported for directory buckets.</p> - * </note> - * @public - */ - ContentMD5?: string; - - /** - * <p>Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any - * additional functionality if you don't use the SDK. When you send this header, there must be a corresponding <code>x-amz-checksum-<i>algorithm</i> - * </code> or - * <code>x-amz-trailer</code> header sent. Otherwise, Amazon S3 fails the request with the HTTP status code <code>400 Bad Request</code>.</p> - * <p>For the <code>x-amz-checksum-<i>algorithm</i> - * </code> header, replace <code> - * <i>algorithm</i> - * </code> with the supported algorithm from the following list: </p> - * <ul> - * <li> - * <p>CRC32</p> - * </li> - * <li> - * <p>CRC32C</p> - * </li> - * <li> - * <p>SHA1</p> - * </li> - * <li> - * <p>SHA256</p> - * </li> - * </ul> - * <p>For more - * information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in - * the <i>Amazon S3 User Guide</i>.</p> - * <p>If the individual checksum value you provide through <code>x-amz-checksum-<i>algorithm</i> - * </code> doesn't match the checksum algorithm you set through <code>x-amz-sdk-checksum-algorithm</code>, Amazon S3 ignores any provided - * <code>ChecksumAlgorithm</code> parameter and uses the checksum algorithm that matches the provided value in <code>x-amz-checksum-<i>algorithm</i> - * </code>.</p> - * <note> - * <p>For directory buckets, when you use Amazon Web Services SDKs, <code>CRC32</code> is the default checksum algorithm that's used for performance.</p> - * </note> - * @public - */ - ChecksumAlgorithm?: ChecksumAlgorithm; - - /** - * <p>Set this parameter to true to confirm that you want to remove your permissions to change - * this bucket policy in the future.</p> - * <note> - * <p>This functionality is not supported for directory buckets.</p> - * </note> - * @public - */ - ConfirmRemoveSelfBucketAccess?: boolean; - - /** - * <p>The bucket policy as a JSON document.</p> - * <p>For directory buckets, the only IAM action supported in the bucket policy is <code>s3express:CreateSession</code>.</p> - * @public - */ - Policy: string | undefined; - - /** - * <p>The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code <code>403 Forbidden</code> (access denied).</p> - * <note> - * <p>For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code - * <code>501 Not Implemented</code>.</p> - * </note> - * @public - */ - ExpectedBucketOwner?: string; -} - /** * @internal */ diff --git a/clients/client-s3/src/models/models_1.ts b/clients/client-s3/src/models/models_1.ts index b66d7727cacd8..534f2476f57bb 100644 --- a/clients/client-s3/src/models/models_1.ts +++ b/clients/client-s3/src/models/models_1.ts @@ -31,6 +31,99 @@ import { import { S3ServiceException as __BaseException } from "./S3ServiceException"; +/** + * @public + */ +export interface PutBucketPolicyRequest { + /** + * <p>The name of the bucket.</p> + * <p> + * <b>Directory buckets </b> - When you use this operation with a directory bucket, you must use path-style requests in the format <code>https://s3express-control.<i>region_code</i>.amazonaws.com/<i>bucket-name</i> + * </code>. Virtual-hosted-style requests aren't supported. Directory bucket names must be unique in the chosen Availability Zone. Bucket names must also follow the format <code> + * <i>bucket_base_name</i>--<i>az_id</i>--x-s3</code> (for example, <code> + * <i>DOC-EXAMPLE-BUCKET</i>--<i>usw2-az1</i>--x-s3</code>). For information about bucket naming restrictions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html">Directory bucket naming rules</a> in the <i>Amazon S3 User Guide</i> + * </p> + * <p>Note: To supply the Multi-region Access Point (MRAP) to Bucket, you need to install the "@aws-sdk/signature-v4-crt" package to your project dependencies. + * For more information, please go to https://github.com/aws/aws-sdk-js-v3#known-issues</p> + * @public + */ + Bucket: string | undefined; + + /** + * <p>The MD5 hash of the request body.</p> + * <p>For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.</p> + * <note> + * <p>This functionality is not supported for directory buckets.</p> + * </note> + * @public + */ + ContentMD5?: string; + + /** + * <p>Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any + * additional functionality if you don't use the SDK. When you send this header, there must be a corresponding <code>x-amz-checksum-<i>algorithm</i> + * </code> or + * <code>x-amz-trailer</code> header sent. Otherwise, Amazon S3 fails the request with the HTTP status code <code>400 Bad Request</code>.</p> + * <p>For the <code>x-amz-checksum-<i>algorithm</i> + * </code> header, replace <code> + * <i>algorithm</i> + * </code> with the supported algorithm from the following list: </p> + * <ul> + * <li> + * <p>CRC32</p> + * </li> + * <li> + * <p>CRC32C</p> + * </li> + * <li> + * <p>SHA1</p> + * </li> + * <li> + * <p>SHA256</p> + * </li> + * </ul> + * <p>For more + * information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html">Checking object integrity</a> in + * the <i>Amazon S3 User Guide</i>.</p> + * <p>If the individual checksum value you provide through <code>x-amz-checksum-<i>algorithm</i> + * </code> doesn't match the checksum algorithm you set through <code>x-amz-sdk-checksum-algorithm</code>, Amazon S3 ignores any provided + * <code>ChecksumAlgorithm</code> parameter and uses the checksum algorithm that matches the provided value in <code>x-amz-checksum-<i>algorithm</i> + * </code>.</p> + * <note> + * <p>For directory buckets, when you use Amazon Web Services SDKs, <code>CRC32</code> is the default checksum algorithm that's used for performance.</p> + * </note> + * @public + */ + ChecksumAlgorithm?: ChecksumAlgorithm; + + /** + * <p>Set this parameter to true to confirm that you want to remove your permissions to change + * this bucket policy in the future.</p> + * <note> + * <p>This functionality is not supported for directory buckets.</p> + * </note> + * @public + */ + ConfirmRemoveSelfBucketAccess?: boolean; + + /** + * <p>The bucket policy as a JSON document.</p> + * <p>For directory buckets, the only IAM action supported in the bucket policy is <code>s3express:CreateSession</code>.</p> + * @public + */ + Policy: string | undefined; + + /** + * <p>The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code <code>403 Forbidden</code> (access denied).</p> + * <note> + * <p>For directory buckets, this header is not supported in this API operation. If you specify this header, the request fails with the HTTP status code + * <code>501 Not Implemented</code>.</p> + * </note> + * @public + */ + ExpectedBucketOwner?: string; +} + /** * @public */ @@ -2231,7 +2324,12 @@ export interface ProgressEvent { */ export interface RecordsEvent { /** - * <p>The byte array of partial, one or more result records.</p> + * <p>The byte array of partial, one or more result records. S3 Select doesn't guarantee that + * a record will be self-contained in one record frame. To ensure continuous streaming of + * data, S3 Select might split the same record across multiple record frames instead of + * aggregating the results in memory. Some S3 clients (for example, the SDK for Java) handle this behavior by creating a <code>ByteStream</code> out of the response by + * default. Other clients might not handle this behavior by default. In those cases, you must + * aggregate the results on the client side and parse the response.</p> * @public */ Payload?: Uint8Array; diff --git a/clients/client-s3/src/pagination/ListBucketsPaginator.ts b/clients/client-s3/src/pagination/ListBucketsPaginator.ts new file mode 100644 index 0000000000000..0189811454498 --- /dev/null +++ b/clients/client-s3/src/pagination/ListBucketsPaginator.ts @@ -0,0 +1,20 @@ +// smithy-typescript generated code +import { createPaginator } from "@smithy/core"; +import { Paginator } from "@smithy/types"; + +import { ListBucketsCommand, ListBucketsCommandInput, ListBucketsCommandOutput } from "../commands/ListBucketsCommand"; +import { S3Client } from "../S3Client"; +import { S3PaginationConfiguration } from "./Interfaces"; + +/** + * @public + */ +export const paginateListBuckets: ( + config: S3PaginationConfiguration, + input: ListBucketsCommandInput, + ...rest: any[] +) => Paginator<ListBucketsCommandOutput> = createPaginator< + S3PaginationConfiguration, + ListBucketsCommandInput, + ListBucketsCommandOutput +>(S3Client, ListBucketsCommand, "ContinuationToken", "ContinuationToken", "MaxBuckets"); diff --git a/clients/client-s3/src/pagination/index.ts b/clients/client-s3/src/pagination/index.ts index 66532c3121efb..75829a540421e 100644 --- a/clients/client-s3/src/pagination/index.ts +++ b/clients/client-s3/src/pagination/index.ts @@ -1,5 +1,6 @@ // smithy-typescript generated code export * from "./Interfaces"; +export * from "./ListBucketsPaginator"; export * from "./ListDirectoryBucketsPaginator"; export * from "./ListObjectsV2Paginator"; export * from "./ListPartsPaginator"; diff --git a/clients/client-s3/src/protocols/Aws_restXml.ts b/clients/client-s3/src/protocols/Aws_restXml.ts index e7b56ec4af38f..31e26dee14710 100644 --- a/clients/client-s3/src/protocols/Aws_restXml.ts +++ b/clients/client-s3/src/protocols/Aws_restXml.ts @@ -1874,6 +1874,8 @@ export const se_ListBucketsCommand = async ( b.bp("/"); const query: any = map({ [_xi]: [, "ListBuckets"], + [_mb]: [() => input.MaxBuckets !== void 0, () => input[_MB]!.toString()], + [_ct_]: [, input[_CTo]!], }); let body: any; b.m("GET").h(headers).q(query).b(body); @@ -4487,6 +4489,9 @@ export const de_ListBucketsCommand = async ( } else if (data[_Bu] != null && data[_Bu][_B] != null) { contents[_Bu] = de_Buckets(__getArrayIfSingleItem(data[_Bu][_B]), context); } + if (data[_CTo] != null) { + contents[_CTo] = __expectString(data[_CTo]); + } if (data[_O] != null) { contents[_O] = de_Owner(data[_O], context); } @@ -9930,6 +9935,7 @@ const _LT = "LocationType"; const _M = "Marker"; const _MAO = "MetricsAndOperator"; const _MAS = "MaxAgeSeconds"; +const _MB = "MaxBuckets"; const _MC = "MetricsConfiguration"; const _MCL = "MetricsConfigurationList"; const _MD = "MetadataDirective"; @@ -10186,6 +10192,7 @@ const _log = "logging"; const _lt = "list-type"; const _m = "metrics"; const _ma = "marker"; +const _mb = "max-buckets"; const _mdb = "max-directory-buckets"; const _me = "member"; const _mk = "max-keys"; diff --git a/codegen/sdk-codegen/aws-models/s3.json b/codegen/sdk-codegen/aws-models/s3.json index 404ac5e8ce300..5bec54e76ad7b 100644 --- a/codegen/sdk-codegen/aws-models/s3.json +++ b/codegen/sdk-codegen/aws-models/s3.json @@ -60,7 +60,7 @@ } ], "traits": { - "smithy.api#documentation": "<p>This operation aborts a multipart upload. After a multipart upload is aborted, no\n additional parts can be uploaded using that upload ID. The storage consumed by any\n previously uploaded parts will be freed. However, if any part uploads are currently in\n progress, those part uploads might or might not succeed. As a result, it might be necessary\n to abort a given multipart upload multiple times in order to completely free all storage\n consumed by all parts. </p>\n <p>To verify that all parts have been removed and prevent getting charged for the part\n storage, you should call the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html\">ListParts</a> API operation and ensure that\n the parts list is empty.</p>\n <note>\n <p>\n <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>\n </code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </note>\n <dl>\n <dt>Permissions</dt>\n <dd>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> - For information about permissions required to use the multipart upload, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html\">Multipart Upload\n and Permissions</a> in the <i>Amazon S3\n User Guide</i>.</p>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> - To grant access to this API operation on a directory bucket, we recommend that you use the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a> API operation for session-based authorization. Specifically, you grant the <code>s3express:CreateSession</code> permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the <code>CreateSession</code> API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another <code>CreateSession</code> API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a>.</p>\n </li>\n </ul>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n </dd>\n </dl>\n <p>The following operations are related to <code>AbortMultipartUpload</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html\">CreateMultipartUpload</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html\">UploadPart</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html\">CompleteMultipartUpload</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html\">ListParts</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html\">ListMultipartUploads</a>\n </p>\n </li>\n </ul>", + "smithy.api#documentation": "<p>This operation aborts a multipart upload. After a multipart upload is aborted, no\n additional parts can be uploaded using that upload ID. The storage consumed by any\n previously uploaded parts will be freed. However, if any part uploads are currently in\n progress, those part uploads might or might not succeed. As a result, it might be necessary\n to abort a given multipart upload multiple times in order to completely free all storage\n consumed by all parts. </p>\n <p>To verify that all parts have been removed and prevent getting charged for the part\n storage, you should call the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html\">ListParts</a> API operation and ensure that\n the parts list is empty.</p>\n <note>\n <ul>\n <li>\n <p>\n <b>Directory buckets</b> - \n If multipart uploads in a directory bucket are in progress, you can't delete the bucket until all the in-progress multipart uploads are aborted or completed. \n To delete these in-progress multipart uploads, use the\n <code>ListMultipartUploads</code> operation to list the in-progress multipart\n uploads in the bucket and use the <code>AbortMultupartUpload</code> operation to\n abort all the in-progress multipart uploads.\n </p>\n </li>\n <li>\n <p>\n <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>\n </code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </li>\n </ul>\n </note>\n <dl>\n <dt>Permissions</dt>\n <dd>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> - For information about permissions required to use the multipart upload, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html\">Multipart Upload\n and Permissions</a> in the <i>Amazon S3\n User Guide</i>.</p>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> - To grant access to this API operation on a directory bucket, we recommend that you use the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a> API operation for session-based authorization. Specifically, you grant the <code>s3express:CreateSession</code> permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the <code>CreateSession</code> API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another <code>CreateSession</code> API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a>.</p>\n </li>\n </ul>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n </dd>\n </dl>\n <p>The following operations are related to <code>AbortMultipartUpload</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html\">CreateMultipartUpload</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html\">UploadPart</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html\">CompleteMultipartUpload</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html\">ListParts</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html\">ListMultipartUploads</a>\n </p>\n </li>\n </ul>", "smithy.api#examples": [ { "title": "To abort a multipart upload", @@ -18652,7 +18652,7 @@ } ], "traits": { - "smithy.api#documentation": "<p>Creates a copy of an object that is already stored in Amazon S3.</p>\n <note>\n <p>You can store individual objects of up to 5 TB in Amazon S3. You create a copy of your\n object up to 5 GB in size in a single atomic action using this API. However, to copy an\n object greater than 5 GB, you must use the multipart upload Upload Part - Copy\n (UploadPartCopy) API. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjctsUsingRESTMPUapi.html\">Copy Object Using the\n REST Multipart Upload API</a>.</p>\n </note>\n <p>You can copy individual objects between general purpose buckets, between directory buckets, and \n between general purpose buckets and directory buckets.</p>\n <note>\n <p>\n <b>Directory buckets </b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>\n </code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </note>\n <p>Both the\n Region that you want to copy the object from and the Region that you want to copy the\n object to must be enabled for your account. For more information about how to enable a Region for your account, see <a href=\"https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#manage-acct-regions-enable-standalone\">Enable \n or disable a Region for standalone accounts</a> in the\n <i>Amazon Web Services Account Management Guide</i>.</p>\n <important>\n <p>Amazon S3 transfer acceleration does not support cross-Region copies. If you request a\n cross-Region copy using a transfer acceleration endpoint, you get a <code>400 Bad\n Request</code> error. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html\">Transfer\n Acceleration</a>.</p>\n </important>\n <dl>\n <dt>Authentication and authorization</dt>\n <dd>\n <p>All <code>CopyObject</code> requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the <code>x-amz-</code> prefix, including\n <code>x-amz-copy-source</code>, must be signed. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html\">REST Authentication</a>.</p>\n <p>\n <b>Directory buckets</b> - You must use the IAM credentials to authenticate and authorize your access to the <code>CopyObject</code> API operation, instead of using the \n temporary security credentials through the <code>CreateSession</code> API operation.</p>\n <p>Amazon Web Services CLI or SDKs handles authentication and authorization on your behalf.</p>\n </dd>\n <dt>Permissions</dt>\n <dd>\n <p>You must have\n <i>read</i> access to the source object and <i>write</i>\n access to the destination bucket.</p>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> -\n You must have permissions in an IAM policy based on the source and destination\n bucket types in a <code>CopyObject</code> operation.</p>\n <ul>\n <li>\n <p>If the source object is in a general purpose bucket, you must have\n <b>\n <code>s3:GetObject</code>\n </b>\n permission to read the source object that is being copied. </p>\n </li>\n <li>\n <p>If the destination bucket is a general purpose bucket, you must have\n <b>\n <code>s3:PutObject</code>\n </b>\n permission to write the object copy to the destination bucket. </p>\n </li>\n </ul>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> -\n You must have permissions in a bucket policy or an IAM identity-based policy based on the source and destination\n bucket types in a <code>CopyObject</code> operation.</p>\n <ul>\n <li>\n <p>If the source object that you want to copy is in a\n directory bucket, you must have the <b>\n <code>s3express:CreateSession</code>\n </b> permission in\n the <code>Action</code> element of a policy to read the object. By default, the session is in the <code>ReadWrite</code> mode. If you want to restrict the access, you can explicitly set the <code>s3express:SessionMode</code> condition key to <code>ReadOnly</code> on the copy source bucket.</p>\n </li>\n <li>\n <p>If the copy destination is a directory bucket, you must have the <b>\n <code>s3express:CreateSession</code>\n </b> permission in the\n <code>Action</code> element of a policy to write the object\n to the destination. The <code>s3express:SessionMode</code> condition\n key can't be set to <code>ReadOnly</code> on the copy destination bucket. </p>\n </li>\n </ul>\n <p>For example policies, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html\">Example bucket policies for S3 Express One Zone</a> and <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html\">Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </li>\n </ul>\n </dd>\n <dt>Response and special errors</dt>\n <dd>\n <p>When the request is an HTTP 1.1 request, the response is chunk encoded. When\n the request is not an HTTP 1.1 request, the response would not contain the\n <code>Content-Length</code>. You always need to read the entire response body\n to check if the copy succeeds. </p>\n <ul>\n <li>\n <p>If the copy is successful, you receive a response with information about the copied\n object.</p>\n </li>\n <li>\n <p>A copy request might return an error when Amazon S3 receives the copy request or while Amazon S3\n is copying the files. A <code>200 OK</code> response can contain either a success or an error.</p>\n <ul>\n <li>\n <p>If the error occurs before the copy action starts, you receive a\n standard Amazon S3 error.</p>\n </li>\n <li>\n <p>If the error occurs during the copy operation, the error response is\n embedded in the <code>200 OK</code> response. For example, in a cross-region copy, you \n may encounter throttling and receive a <code>200 OK</code> response. \n For more information, see <a href=\"https://repost.aws/knowledge-center/s3-resolve-200-internalerror\">Resolve \n the Error 200 response when copying objects to Amazon S3</a>. \n The <code>200 OK</code> status code means the copy was accepted, but \n it doesn't mean the copy is complete. Another example is \n when you disconnect from Amazon S3 before the copy is complete, Amazon S3 might cancel the copy and you may receive a <code>200 OK</code> response. \n You must stay connected to Amazon S3 until the entire response is successfully received and processed.</p>\n <p>If you call this API operation directly, make\n sure to design your application to parse the content of the response and handle it\n appropriately. If you use Amazon Web Services SDKs, SDKs handle this condition. The SDKs detect the\n embedded error and apply error handling per your configuration settings (including\n automatically retrying the request as appropriate). If the condition persists, the SDKs\n throw an exception (or, for the SDKs that don't use exceptions, they return an \n error).</p>\n </li>\n </ul>\n </li>\n </ul>\n </dd>\n <dt>Charge</dt>\n <dd>\n <p>The copy request charge is based on the storage class and Region that you specify for\n the destination object. The request can also result in a data retrieval charge for the\n source if the source storage class bills for data retrieval. If the copy source is in a different region, the data transfer is billed to the copy source account. For pricing information, see\n <a href=\"http://aws.amazon.com/s3/pricing/\">Amazon S3 pricing</a>.</p>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n </dd>\n </dl>\n <p>The following operations are related to <code>CopyObject</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html\">PutObject</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html\">GetObject</a>\n </p>\n </li>\n </ul>", + "smithy.api#documentation": "<p>Creates a copy of an object that is already stored in Amazon S3.</p>\n <note>\n <p>You can store individual objects of up to 5 TB in Amazon S3. You create a copy of your\n object up to 5 GB in size in a single atomic action using this API. However, to copy an\n object greater than 5 GB, you must use the multipart upload Upload Part - Copy\n (UploadPartCopy) API. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjctsUsingRESTMPUapi.html\">Copy Object Using the\n REST Multipart Upload API</a>.</p>\n </note>\n <p>You can copy individual objects between general purpose buckets, between directory buckets, and \n between general purpose buckets and directory buckets.</p>\n <note>\n <ul>\n <li>\n <p>Amazon S3 supports copy operations using Multi-Region Access Points only as a destination when using the Multi-Region Access Point ARN. </p>\n </li>\n <li>\n <p>\n <b>Directory buckets </b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>\n </code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </li>\n <li>\n <p>VPC endpoints don't support cross-Region requests (including copies). If you're using VPC endpoints, your source and destination buckets should be in the same Amazon Web Services Region as your VPC endpoint.</p>\n </li>\n </ul>\n </note>\n <p>Both the\n Region that you want to copy the object from and the Region that you want to copy the\n object to must be enabled for your account. For more information about how to enable a Region for your account, see <a href=\"https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#manage-acct-regions-enable-standalone\">Enable \n or disable a Region for standalone accounts</a> in the\n <i>Amazon Web Services Account Management Guide</i>.</p>\n <important>\n <p>Amazon S3 transfer acceleration does not support cross-Region copies. If you request a\n cross-Region copy using a transfer acceleration endpoint, you get a <code>400 Bad\n Request</code> error. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html\">Transfer\n Acceleration</a>.</p>\n </important>\n <dl>\n <dt>Authentication and authorization</dt>\n <dd>\n <p>All <code>CopyObject</code> requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the <code>x-amz-</code> prefix, including\n <code>x-amz-copy-source</code>, must be signed. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html\">REST Authentication</a>.</p>\n <p>\n <b>Directory buckets</b> - You must use the IAM credentials to authenticate and authorize your access to the <code>CopyObject</code> API operation, instead of using the \n temporary security credentials through the <code>CreateSession</code> API operation.</p>\n <p>Amazon Web Services CLI or SDKs handles authentication and authorization on your behalf.</p>\n </dd>\n <dt>Permissions</dt>\n <dd>\n <p>You must have\n <i>read</i> access to the source object and <i>write</i>\n access to the destination bucket.</p>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> -\n You must have permissions in an IAM policy based on the source and destination\n bucket types in a <code>CopyObject</code> operation.</p>\n <ul>\n <li>\n <p>If the source object is in a general purpose bucket, you must have\n <b>\n <code>s3:GetObject</code>\n </b>\n permission to read the source object that is being copied. </p>\n </li>\n <li>\n <p>If the destination bucket is a general purpose bucket, you must have\n <b>\n <code>s3:PutObject</code>\n </b>\n permission to write the object copy to the destination bucket. </p>\n </li>\n </ul>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> -\n You must have permissions in a bucket policy or an IAM identity-based policy based on the source and destination\n bucket types in a <code>CopyObject</code> operation.</p>\n <ul>\n <li>\n <p>If the source object that you want to copy is in a\n directory bucket, you must have the <b>\n <code>s3express:CreateSession</code>\n </b> permission in\n the <code>Action</code> element of a policy to read the object. By default, the session is in the <code>ReadWrite</code> mode. If you want to restrict the access, you can explicitly set the <code>s3express:SessionMode</code> condition key to <code>ReadOnly</code> on the copy source bucket.</p>\n </li>\n <li>\n <p>If the copy destination is a directory bucket, you must have the <b>\n <code>s3express:CreateSession</code>\n </b> permission in the\n <code>Action</code> element of a policy to write the object\n to the destination. The <code>s3express:SessionMode</code> condition\n key can't be set to <code>ReadOnly</code> on the copy destination bucket. </p>\n </li>\n </ul>\n <p>For example policies, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html\">Example bucket policies for S3 Express One Zone</a> and <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html\">Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </li>\n </ul>\n </dd>\n <dt>Response and special errors</dt>\n <dd>\n <p>When the request is an HTTP 1.1 request, the response is chunk encoded. When\n the request is not an HTTP 1.1 request, the response would not contain the\n <code>Content-Length</code>. You always need to read the entire response body\n to check if the copy succeeds. </p>\n <ul>\n <li>\n <p>If the copy is successful, you receive a response with information about the copied\n object.</p>\n </li>\n <li>\n <p>A copy request might return an error when Amazon S3 receives the copy request or while Amazon S3\n is copying the files. A <code>200 OK</code> response can contain either a success or an error.</p>\n <ul>\n <li>\n <p>If the error occurs before the copy action starts, you receive a\n standard Amazon S3 error.</p>\n </li>\n <li>\n <p>If the error occurs during the copy operation, the error response is\n embedded in the <code>200 OK</code> response. For example, in a cross-region copy, you \n may encounter throttling and receive a <code>200 OK</code> response. \n For more information, see <a href=\"https://repost.aws/knowledge-center/s3-resolve-200-internalerror\">Resolve \n the Error 200 response when copying objects to Amazon S3</a>. \n The <code>200 OK</code> status code means the copy was accepted, but \n it doesn't mean the copy is complete. Another example is \n when you disconnect from Amazon S3 before the copy is complete, Amazon S3 might cancel the copy and you may receive a <code>200 OK</code> response. \n You must stay connected to Amazon S3 until the entire response is successfully received and processed.</p>\n <p>If you call this API operation directly, make\n sure to design your application to parse the content of the response and handle it\n appropriately. If you use Amazon Web Services SDKs, SDKs handle this condition. The SDKs detect the\n embedded error and apply error handling per your configuration settings (including\n automatically retrying the request as appropriate). If the condition persists, the SDKs\n throw an exception (or, for the SDKs that don't use exceptions, they return an \n error).</p>\n </li>\n </ul>\n </li>\n </ul>\n </dd>\n <dt>Charge</dt>\n <dd>\n <p>The copy request charge is based on the storage class and Region that you specify for\n the destination object. The request can also result in a data retrieval charge for the\n source if the source storage class bills for data retrieval. If the copy source is in a different region, the data transfer is billed to the copy source account. For pricing information, see\n <a href=\"http://aws.amazon.com/s3/pricing/\">Amazon S3 pricing</a>.</p>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n </dd>\n </dl>\n <p>The following operations are related to <code>CopyObject</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html\">PutObject</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html\">GetObject</a>\n </p>\n </li>\n </ul>", "smithy.api#examples": [ { "title": "To copy an object", @@ -19849,7 +19849,7 @@ } }, "traits": { - "smithy.api#documentation": "<p>The container element for specifying the default Object Lock retention settings for new\n objects placed in the specified bucket.</p>\n <note>\n <ul>\n <li>\n <p>The <code>DefaultRetention</code> settings require both a mode and a\n period.</p>\n </li>\n <li>\n <p>The <code>DefaultRetention</code> period can be either <code>Days</code> or\n <code>Years</code> but you must select one. You cannot specify\n <code>Days</code> and <code>Years</code> at the same time.</p>\n </li>\n </ul>\n </note>" + "smithy.api#documentation": "<p>The container element for optionally specifying the default Object Lock retention settings for new\n objects placed in the specified bucket.</p>\n <note>\n <ul>\n <li>\n <p>The <code>DefaultRetention</code> settings require both a mode and a\n period.</p>\n </li>\n <li>\n <p>The <code>DefaultRetention</code> period can be either <code>Days</code> or\n <code>Years</code> but you must select one. You cannot specify\n <code>Days</code> and <code>Years</code> at the same time.</p>\n </li>\n </ul>\n </note>" } }, "com.amazonaws.s3#Delete": { @@ -21216,7 +21216,7 @@ } }, "traits": { - "smithy.api#documentation": "<p>Requests Amazon S3 to encode the object keys in the response and specifies the encoding\n method to use. An object key can contain any Unicode character; however, the XML 1.0 parser\n cannot parse some characters, such as characters with an ASCII value from 0 to 10. For\n characters that are not supported in XML 1.0, you can add this parameter to request that\n Amazon S3 encode the keys in the response.</p>" + "smithy.api#documentation": "<p>Encoding type used by Amazon S3 to encode the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html\">object keys</a> in the response.\n Responses are encoded only in UTF-8. An object key can contain any Unicode character.\n However, the XML 1.0 parser can't parse certain characters, such as characters with an\n ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this\n parameter to request that Amazon S3 encode the keys in the response. For more information about\n characters to avoid in object key names, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines\">Object key naming\n guidelines</a>.</p>\n <note>\n <p>When using the URL encoding type, non-ASCII characters that are used in an object's\n key name will be percent-encoded according to UTF-8 code values. For example, the object\n <code>test_file(3).png</code> will appear as\n <code>test_file%283%29.png</code>.</p>\n </note>" } }, "com.amazonaws.s3#Encryption": { @@ -21257,7 +21257,7 @@ } }, "traits": { - "smithy.api#documentation": "<p>Specifies encryption-related information for an Amazon S3 bucket that is a destination for\n replicated objects.</p>" + "smithy.api#documentation": "<p>Specifies encryption-related information for an Amazon S3 bucket that is a destination for\n replicated objects.</p>\n <note>\n <p>If you're specifying a customer managed KMS key, we recommend using a fully qualified\n KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the\n requester’s account. This behavior can result in data that's encrypted with a KMS key\n that belongs to the requester, and not the bucket owner.</p>\n </note>" } }, "com.amazonaws.s3#End": { @@ -24585,7 +24585,7 @@ } ], "traits": { - "smithy.api#documentation": "<p>You can use this operation to determine if a bucket exists and if you have permission to access it. The action returns a <code>200 OK</code> if the bucket exists and you have permission\n to access it.</p>\n <p>If the bucket does not exist or you do not have permission to access it, the\n <code>HEAD</code> request returns a generic <code>400 Bad Request</code>, <code>403\n Forbidden</code> or <code>404 Not Found</code> code. A message body is not included, so\n you cannot determine the exception beyond these HTTP response codes.</p>\n <note>\n <p>\n <b>Directory buckets </b> - You must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </note>\n <dl>\n <dt>Authentication and authorization</dt>\n <dd>\n <p>All <code>HeadBucket</code> requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the <code>x-amz-</code> prefix, including\n <code>x-amz-copy-source</code>, must be signed. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html\">REST Authentication</a>.</p>\n <p>\n <b>Directory bucket</b> - You must use IAM credentials to authenticate and authorize your access to the <code>HeadBucket</code> API operation, instead of using the \n temporary security credentials through the <code>CreateSession</code> API operation.</p>\n <p>Amazon Web Services CLI or SDKs handles authentication and authorization on your behalf.</p>\n </dd>\n <dt>Permissions</dt>\n <dd>\n <p></p>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> - To use this operation, you must have permissions to perform the\n <code>s3:ListBucket</code> action. The bucket owner has this permission by default and\n can grant this permission to others. For more information about permissions, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html\">Managing\n access permissions to your Amazon S3 resources</a> in the <i>Amazon S3 User Guide</i>.</p>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> -\n You must have the <b>\n <code>s3express:CreateSession</code>\n </b> permission in the\n <code>Action</code> element of a policy. By default, the session is in the <code>ReadWrite</code> mode. If you want to restrict the access, you can explicitly set the <code>s3express:SessionMode</code> condition key to <code>ReadOnly</code> on the bucket.</p>\n <p>For more information about example bucket policies, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html\">Example bucket policies for S3 Express One Zone</a> and <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html\">Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone</a> in the <i>Amazon S3 User Guide</i>.</p>\n </li>\n </ul>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n </dd>\n </dl>", + "smithy.api#documentation": "<p>You can use this operation to determine if a bucket exists and if you have permission to access it. The action returns a <code>200 OK</code> if the bucket exists and you have permission\n to access it.</p>\n <note>\n <p>If the bucket does not exist or you do not have permission to access it, the\n <code>HEAD</code> request returns a generic <code>400 Bad Request</code>, <code>403\n Forbidden</code> or <code>404 Not Found</code> code. A message body is not included, so\n you cannot determine the exception beyond these HTTP response codes.</p>\n </note>\n <dl>\n <dt>Authentication and authorization</dt>\n <dd>\n <p>\n <b>General purpose buckets</b> - Request to public buckets that grant the s3:ListBucket permission publicly do not need to be signed. All other <code>HeadBucket</code> requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the <code>x-amz-</code> prefix, including\n <code>x-amz-copy-source</code>, must be signed. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html\">REST Authentication</a>.</p>\n <p>\n <b>Directory buckets</b> - You must use IAM credentials to authenticate and authorize your access to the <code>HeadBucket</code> API operation, instead of using the \n temporary security credentials through the <code>CreateSession</code> API operation.</p>\n <p>Amazon Web Services CLI or SDKs handles authentication and authorization on your behalf.</p>\n </dd>\n <dt>Permissions</dt>\n <dd>\n <p></p>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> - To use this operation, you must have permissions to perform the\n <code>s3:ListBucket</code> action. The bucket owner has this permission by default and\n can grant this permission to others. For more information about permissions, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html\">Managing\n access permissions to your Amazon S3 resources</a> in the <i>Amazon S3 User Guide</i>.</p>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> -\n You must have the <b>\n <code>s3express:CreateSession</code>\n </b> permission in the\n <code>Action</code> element of a policy. By default, the session is in the <code>ReadWrite</code> mode. If you want to restrict the access, you can explicitly set the <code>s3express:SessionMode</code> condition key to <code>ReadOnly</code> on the bucket.</p>\n <p>For more information about example bucket policies, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html\">Example bucket policies for S3 Express One Zone</a> and <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html\">Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone</a> in the <i>Amazon S3 User Guide</i>.</p>\n </li>\n </ul>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n <note>\n <p>You must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </note>\n </dd>\n </dl>", "smithy.api#examples": [ { "title": "To determine if bucket exists", @@ -24652,14 +24652,14 @@ "BucketRegion": { "target": "com.amazonaws.s3#Region", "traits": { - "smithy.api#documentation": "<p>The Region that the bucket is located.</p>\n <note>\n <p>This functionality is not supported for directory buckets.</p>\n </note>", + "smithy.api#documentation": "<p>The Region that the bucket is located.</p>", "smithy.api#httpHeader": "x-amz-bucket-region" } }, "AccessPointAlias": { "target": "com.amazonaws.s3#AccessPointAlias", "traits": { - "smithy.api#documentation": "<p>Indicates whether the bucket name used in the request is an access point alias.</p>\n <note>\n <p>This functionality is not supported for directory buckets.</p>\n </note>", + "smithy.api#documentation": "<p>Indicates whether the bucket name used in the request is an access point alias.</p>\n <note>\n <p>For directory buckets, the value of this field is <code>false</code>.</p>\n </note>", "smithy.api#httpHeader": "x-amz-access-point-alias" } } @@ -24708,7 +24708,7 @@ } ], "traits": { - "smithy.api#documentation": "<p>The <code>HEAD</code> operation retrieves metadata from an object without returning the\n object itself. This operation is useful if you're interested only in an object's metadata.</p>\n <p>A <code>HEAD</code> request has the same options as a <code>GET</code> operation on an\n object. The response is identical to the <code>GET</code> response except that there is no\n response body. Because of this, if the <code>HEAD</code> request generates an error, it\n returns a generic code, such as <code>400 Bad Request</code>, <code>403 Forbidden</code>, <code>404 Not\n Found</code>, <code>405 Method Not Allowed</code>, <code>412 Precondition Failed</code>, or <code>304 Not Modified</code>. \n It's not possible to retrieve the exact exception of these error codes.</p>\n <p>Request headers are limited to 8 KB in size. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html\">Common\n Request Headers</a>.</p>\n <note>\n <p>\n <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>\n </code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </note>\n <dl>\n <dt>Permissions</dt>\n <dd>\n <p></p>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> - To\n use <code>HEAD</code>, you must have the <code>s3:GetObject</code> permission. You need the relevant read object (or version) permission for this operation.\n For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html\">Actions, resources, and condition\n keys for Amazon S3</a> in the <i>Amazon S3\n User Guide</i>.</p>\n <p>If the object you request doesn't exist, the error that\n Amazon S3 returns depends on whether you also have the <code>s3:ListBucket</code> permission.</p>\n <ul>\n <li>\n <p>If you have the <code>s3:ListBucket</code> permission on the bucket, Amazon S3\n returns an HTTP status code <code>404 Not Found</code> error.</p>\n </li>\n <li>\n <p>If you don’t have the <code>s3:ListBucket</code> permission, Amazon S3 returns\n an HTTP status code <code>403 Forbidden</code> error.</p>\n </li>\n </ul>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> - To grant access to this API operation on a directory bucket, we recommend that you use the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a> API operation for session-based authorization. Specifically, you grant the <code>s3express:CreateSession</code> permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the <code>CreateSession</code> API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another <code>CreateSession</code> API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a>.</p>\n </li>\n </ul>\n </dd>\n <dt>Encryption</dt>\n <dd>\n <note>\n <p>Encryption request headers, like <code>x-amz-server-side-encryption</code>,\n should not be sent for <code>HEAD</code> requests if your object uses server-side\n encryption with Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side\n encryption with Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with Amazon S3\n managed encryption keys (SSE-S3). The <code>x-amz-server-side-encryption</code> header is used when you <code>PUT</code> an object to S3 and want to specify the encryption method. \n If you include this header in a <code>HEAD</code> request for an object that uses these types of keys, \n you’ll get an HTTP <code>400 Bad Request</code> error. It's because the encryption method can't be changed when you retrieve the object.</p>\n </note>\n <p>If you encrypt an object by using server-side encryption with customer-provided\n encryption keys (SSE-C) when you store the object in Amazon S3, then when you retrieve the\n metadata from the object, you must use the following headers to provide the encryption key for the server to be able to retrieve the object's metadata. The headers are: </p>\n <ul>\n <li>\n <p>\n <code>x-amz-server-side-encryption-customer-algorithm</code>\n </p>\n </li>\n <li>\n <p>\n <code>x-amz-server-side-encryption-customer-key</code>\n </p>\n </li>\n <li>\n <p>\n <code>x-amz-server-side-encryption-customer-key-MD5</code>\n </p>\n </li>\n </ul>\n <p>For more information about SSE-C, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html\">Server-Side Encryption\n (Using Customer-Provided Encryption Keys)</a> in the <i>Amazon S3\n User Guide</i>.</p>\n <note>\n <p>\n <b>Directory bucket permissions</b> - For directory buckets, only server-side encryption with Amazon S3 managed keys (SSE-S3) (<code>AES256</code>) is supported.</p>\n </note>\n </dd>\n <dt>Versioning</dt>\n <dd>\n <ul>\n <li>\n <p>If the current version of the object is a delete marker, Amazon S3 behaves as if the object was deleted and includes <code>x-amz-delete-marker: true</code> in the response.</p>\n </li>\n <li>\n <p>If the specified version is a delete marker, the response returns a <code>405 Method Not Allowed</code> error and the <code>Last-Modified: timestamp</code> response header.</p>\n </li>\n </ul>\n <note>\n <ul>\n <li>\n <p>\n <b>Directory buckets</b> - Delete marker is not supported by directory buckets.</p>\n </li>\n <li>\n <p>\n <b>Directory buckets</b> - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the <code>null</code> value of the version ID is supported by directory buckets. You can only specify <code>null</code> \n to the <code>versionId</code> query parameter in the request.</p>\n </li>\n </ul>\n </note>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n </dd>\n </dl>\n <p>The following actions are related to <code>HeadObject</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html\">GetObject</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html\">GetObjectAttributes</a>\n </p>\n </li>\n </ul>", + "smithy.api#documentation": "<p>The <code>HEAD</code> operation retrieves metadata from an object without returning the\n object itself. This operation is useful if you're interested only in an object's metadata.</p>\n <note>\n <p>A <code>HEAD</code> request has the same options as a <code>GET</code> operation on an\n object. The response is identical to the <code>GET</code> response except that there is no\n response body. Because of this, if the <code>HEAD</code> request generates an error, it\n returns a generic code, such as <code>400 Bad Request</code>, <code>403 Forbidden</code>, <code>404 Not\n Found</code>, <code>405 Method Not Allowed</code>, <code>412 Precondition Failed</code>, or <code>304 Not Modified</code>. \n It's not possible to retrieve the exact exception of these error codes.</p>\n </note>\n <p>Request headers are limited to 8 KB in size. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html\">Common\n Request Headers</a>.</p>\n <dl>\n <dt>Permissions</dt>\n <dd>\n <p></p>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> - To\n use <code>HEAD</code>, you must have the <code>s3:GetObject</code> permission. You need the relevant read object (or version) permission for this operation.\n For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html\">Actions, resources, and condition\n keys for Amazon S3</a> in the <i>Amazon S3\n User Guide</i>.</p>\n <p>If the object you request doesn't exist, the error that\n Amazon S3 returns depends on whether you also have the <code>s3:ListBucket</code> permission.</p>\n <ul>\n <li>\n <p>If you have the <code>s3:ListBucket</code> permission on the bucket, Amazon S3\n returns an HTTP status code <code>404 Not Found</code> error.</p>\n </li>\n <li>\n <p>If you don’t have the <code>s3:ListBucket</code> permission, Amazon S3 returns\n an HTTP status code <code>403 Forbidden</code> error.</p>\n </li>\n </ul>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> - To grant access to this API operation on a directory bucket, we recommend that you use the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a> API operation for session-based authorization. Specifically, you grant the <code>s3express:CreateSession</code> permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the <code>CreateSession</code> API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another <code>CreateSession</code> API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a>.</p>\n </li>\n </ul>\n </dd>\n <dt>Encryption</dt>\n <dd>\n <note>\n <p>Encryption request headers, like <code>x-amz-server-side-encryption</code>,\n should not be sent for <code>HEAD</code> requests if your object uses server-side\n encryption with Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side\n encryption with Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with Amazon S3\n managed encryption keys (SSE-S3). The <code>x-amz-server-side-encryption</code> header is used when you <code>PUT</code> an object to S3 and want to specify the encryption method. \n If you include this header in a <code>HEAD</code> request for an object that uses these types of keys, \n you’ll get an HTTP <code>400 Bad Request</code> error. It's because the encryption method can't be changed when you retrieve the object.</p>\n </note>\n <p>If you encrypt an object by using server-side encryption with customer-provided\n encryption keys (SSE-C) when you store the object in Amazon S3, then when you retrieve the\n metadata from the object, you must use the following headers to provide the encryption key for the server to be able to retrieve the object's metadata. The headers are: </p>\n <ul>\n <li>\n <p>\n <code>x-amz-server-side-encryption-customer-algorithm</code>\n </p>\n </li>\n <li>\n <p>\n <code>x-amz-server-side-encryption-customer-key</code>\n </p>\n </li>\n <li>\n <p>\n <code>x-amz-server-side-encryption-customer-key-MD5</code>\n </p>\n </li>\n </ul>\n <p>For more information about SSE-C, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html\">Server-Side Encryption\n (Using Customer-Provided Encryption Keys)</a> in the <i>Amazon S3\n User Guide</i>.</p>\n <note>\n <p>\n <b>Directory bucket permissions</b> - For directory buckets, only server-side encryption with Amazon S3 managed keys (SSE-S3) (<code>AES256</code>) is supported.</p>\n </note>\n </dd>\n <dt>Versioning</dt>\n <dd>\n <ul>\n <li>\n <p>If the current version of the object is a delete marker, Amazon S3 behaves as if the object was deleted and includes <code>x-amz-delete-marker: true</code> in the response.</p>\n </li>\n <li>\n <p>If the specified version is a delete marker, the response returns a <code>405 Method Not Allowed</code> error and the <code>Last-Modified: timestamp</code> response header.</p>\n </li>\n </ul>\n <note>\n <ul>\n <li>\n <p>\n <b>Directory buckets</b> - Delete marker is not supported by directory buckets.</p>\n </li>\n <li>\n <p>\n <b>Directory buckets</b> - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the <code>null</code> value of the version ID is supported by directory buckets. You can only specify <code>null</code> \n to the <code>versionId</code> query parameter in the request.</p>\n </li>\n </ul>\n </note>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n <note>\n <p>For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>\n </code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </note>\n </dd>\n </dl>\n <p>The following actions are related to <code>HeadObject</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html\">GetObject</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html\">GetObjectAttributes</a>\n </p>\n </li>\n </ul>", "smithy.api#http": { "method": "HEAD", "uri": "/{Bucket}/{Key+}", @@ -26351,7 +26351,7 @@ "com.amazonaws.s3#ListBuckets": { "type": "operation", "input": { - "target": "smithy.api#Unit" + "target": "com.amazonaws.s3#ListBucketsRequest" }, "output": { "target": "com.amazonaws.s3#ListBucketsOutput" @@ -26388,6 +26388,12 @@ "method": "GET", "uri": "/?x-id=ListBuckets", "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "ContinuationToken", + "outputToken": "ContinuationToken", + "items": "Buckets", + "pageSize": "MaxBuckets" } } }, @@ -26405,6 +26411,12 @@ "traits": { "smithy.api#documentation": "<p>The owner of the buckets listed.</p>" } + }, + "ContinuationToken": { + "target": "com.amazonaws.s3#NextToken", + "traits": { + "smithy.api#documentation": "<p>\n <code>ContinuationToken</code> is included in the\n response when there are more buckets that can be listed with pagination. The next <code>ListBuckets</code> request to Amazon S3 can be continued with this <code>ContinuationToken</code>. <code>ContinuationToken</code> is obfuscated and is not a real bucket.</p>" + } } }, "traits": { @@ -26412,6 +26424,28 @@ "smithy.api#xmlName": "ListAllMyBucketsResult" } }, + "com.amazonaws.s3#ListBucketsRequest": { + "type": "structure", + "members": { + "MaxBuckets": { + "target": "com.amazonaws.s3#MaxBuckets", + "traits": { + "smithy.api#documentation": "<p>Maximum number of buckets to be returned in response. When the number is more than the count of buckets that are owned by an Amazon Web Services account, return all the buckets in response.</p>", + "smithy.api#httpQuery": "max-buckets" + } + }, + "ContinuationToken": { + "target": "com.amazonaws.s3#Token", + "traits": { + "smithy.api#documentation": "<p>\n <code>ContinuationToken</code> indicates to Amazon S3 that the list is being continued on\n this bucket with a token. <code>ContinuationToken</code> is obfuscated and is not a real\n key. You can use this <code>ContinuationToken</code> for pagination of the list results. </p>\n <p>Length Constraints: Minimum length of 0. Maximum length of 1024.</p>\n <p>Required: No.</p>", + "smithy.api#httpQuery": "continuation-token" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, "com.amazonaws.s3#ListDirectoryBuckets": { "type": "operation", "input": { @@ -26466,7 +26500,7 @@ "ContinuationToken": { "target": "com.amazonaws.s3#DirectoryBucketToken", "traits": { - "smithy.api#documentation": "<p>\n <code>ContinuationToken</code> indicates to Amazon S3 that the list is being continued on\n this bucket with a token. <code>ContinuationToken</code> is obfuscated and is not a real\n key. You can use this <code>ContinuationToken</code> for pagination of the list results. </p>", + "smithy.api#documentation": "<p>\n <code>ContinuationToken</code> indicates to Amazon S3 that the list is being continued on buckets in this account with a token. <code>ContinuationToken</code> is obfuscated and is not a real\n bucket name. You can use this <code>ContinuationToken</code> for the pagination of the list results. </p>", "smithy.api#httpQuery": "continuation-token" } }, @@ -26491,7 +26525,7 @@ "target": "com.amazonaws.s3#ListMultipartUploadsOutput" }, "traits": { - "smithy.api#documentation": "<p>This operation lists in-progress multipart uploads in a bucket. An in-progress multipart upload is a\n multipart upload that has been initiated by the <code>CreateMultipartUpload</code> request, but\n has not yet been completed or aborted.</p>\n <note>\n <p>\n <b>Directory buckets</b> - \n If multipart uploads in a directory bucket are in progress, you can't delete the bucket until all the in-progress multipart uploads are aborted or completed.\n </p>\n </note>\n <p>The <code>ListMultipartUploads</code> operation returns a maximum of 1,000 multipart uploads in the response. The limit of 1,000 multipart\n uploads is also the default\n value. You can further limit the number of uploads in a response by specifying the\n <code>max-uploads</code> request parameter. If there are more than 1,000 multipart uploads that \n satisfy your <code>ListMultipartUploads</code> request, the response returns an <code>IsTruncated</code> element\n with the value of <code>true</code>, a <code>NextKeyMarker</code> element, and a <code>NextUploadIdMarker</code> element. \n To list the remaining multipart uploads, you need to make subsequent <code>ListMultipartUploads</code> requests. \n In these requests, include two query parameters: <code>key-marker</code> and <code>upload-id-marker</code>. \n Set the value of <code>key-marker</code> to the <code>NextKeyMarker</code> value from the previous response. \n Similarly, set the value of <code>upload-id-marker</code> to the <code>NextUploadIdMarker</code> value from the previous response.</p>\n <note>\n <p>\n <b>Directory buckets</b> - The <code>upload-id-marker</code> element and \n the <code>NextUploadIdMarker</code> element aren't supported by directory buckets. \n To list the additional multipart uploads, you only need to set the value of <code>key-marker</code> to the <code>NextKeyMarker</code> value from the previous response. </p>\n </note>\n <p>For more information about multipart uploads, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html\">Uploading Objects Using Multipart\n Upload</a> in the <i>Amazon S3\n User Guide</i>.</p>\n <note>\n <p>\n <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>\n </code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </note>\n <dl>\n <dt>Permissions</dt>\n <dd>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> - For information about permissions required to use the multipart upload API, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html\">Multipart Upload\n and Permissions</a> in the <i>Amazon S3\n User Guide</i>.</p>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> - To grant access to this API operation on a directory bucket, we recommend that you use the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a> API operation for session-based authorization. Specifically, you grant the <code>s3express:CreateSession</code> permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the <code>CreateSession</code> API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another <code>CreateSession</code> API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a>.</p>\n </li>\n </ul>\n </dd>\n <dt>Sorting of multipart uploads in response</dt>\n <dd>\n <ul>\n <li>\n <p>\n <b>General purpose bucket</b> - In the <code>ListMultipartUploads</code> response, the multipart uploads are sorted based on two criteria:</p>\n <ul>\n <li>\n <p>Key-based sorting - Multipart uploads are initially sorted in ascending order based on their object keys.</p>\n </li>\n <li>\n <p>Time-based sorting - For uploads that share the same object key, \n they are further sorted in ascending order based on the upload initiation time. Among uploads with the same key, the one that was initiated first will appear before the ones that were initiated later.</p>\n </li>\n </ul>\n </li>\n <li>\n <p>\n <b>Directory bucket</b> - In the <code>ListMultipartUploads</code> response, the multipart uploads aren't sorted lexicographically based on the object keys. \n \n </p>\n </li>\n </ul>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n </dd>\n </dl>\n <p>The following operations are related to <code>ListMultipartUploads</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html\">CreateMultipartUpload</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html\">UploadPart</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html\">CompleteMultipartUpload</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html\">ListParts</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html\">AbortMultipartUpload</a>\n </p>\n </li>\n </ul>", + "smithy.api#documentation": "<p>This operation lists in-progress multipart uploads in a bucket. An in-progress multipart upload is a\n multipart upload that has been initiated by the <code>CreateMultipartUpload</code> request, but\n has not yet been completed or aborted.</p>\n <note>\n <p>\n <b>Directory buckets</b> - \n If multipart uploads in a directory bucket are in progress, you can't delete the bucket until all the in-progress multipart uploads are aborted or completed. \n To delete these in-progress multipart uploads, use the <code>ListMultipartUploads</code> operation to list the in-progress multipart\n uploads in the bucket and use the <code>AbortMultupartUpload</code> operation to abort all the in-progress multipart uploads.\n </p>\n </note>\n <p>The <code>ListMultipartUploads</code> operation returns a maximum of 1,000 multipart uploads in the response. The limit of 1,000 multipart\n uploads is also the default\n value. You can further limit the number of uploads in a response by specifying the\n <code>max-uploads</code> request parameter. If there are more than 1,000 multipart uploads that \n satisfy your <code>ListMultipartUploads</code> request, the response returns an <code>IsTruncated</code> element\n with the value of <code>true</code>, a <code>NextKeyMarker</code> element, and a <code>NextUploadIdMarker</code> element. \n To list the remaining multipart uploads, you need to make subsequent <code>ListMultipartUploads</code> requests. \n In these requests, include two query parameters: <code>key-marker</code> and <code>upload-id-marker</code>. \n Set the value of <code>key-marker</code> to the <code>NextKeyMarker</code> value from the previous response. \n Similarly, set the value of <code>upload-id-marker</code> to the <code>NextUploadIdMarker</code> value from the previous response.</p>\n <note>\n <p>\n <b>Directory buckets</b> - The <code>upload-id-marker</code> element and \n the <code>NextUploadIdMarker</code> element aren't supported by directory buckets. \n To list the additional multipart uploads, you only need to set the value of <code>key-marker</code> to the <code>NextKeyMarker</code> value from the previous response. </p>\n </note>\n <p>For more information about multipart uploads, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html\">Uploading Objects Using Multipart\n Upload</a> in the <i>Amazon S3\n User Guide</i>.</p>\n <note>\n <p>\n <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>\n </code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </note>\n <dl>\n <dt>Permissions</dt>\n <dd>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> - For information about permissions required to use the multipart upload API, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html\">Multipart Upload\n and Permissions</a> in the <i>Amazon S3\n User Guide</i>.</p>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> - To grant access to this API operation on a directory bucket, we recommend that you use the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a> API operation for session-based authorization. Specifically, you grant the <code>s3express:CreateSession</code> permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the <code>CreateSession</code> API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another <code>CreateSession</code> API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a>.</p>\n </li>\n </ul>\n </dd>\n <dt>Sorting of multipart uploads in response</dt>\n <dd>\n <ul>\n <li>\n <p>\n <b>General purpose bucket</b> - In the <code>ListMultipartUploads</code> response, the multipart uploads are sorted based on two criteria:</p>\n <ul>\n <li>\n <p>Key-based sorting - Multipart uploads are initially sorted in ascending order based on their object keys.</p>\n </li>\n <li>\n <p>Time-based sorting - For uploads that share the same object key, \n they are further sorted in ascending order based on the upload initiation time. Among uploads with the same key, the one that was initiated first will appear before the ones that were initiated later.</p>\n </li>\n </ul>\n </li>\n <li>\n <p>\n <b>Directory bucket</b> - In the <code>ListMultipartUploads</code> response, the multipart uploads aren't sorted lexicographically based on the object keys. \n \n </p>\n </li>\n </ul>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n </dd>\n </dl>\n <p>The following operations are related to <code>ListMultipartUploads</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html\">CreateMultipartUpload</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html\">UploadPart</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html\">CompleteMultipartUpload</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html\">ListParts</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html\">AbortMultipartUpload</a>\n </p>\n </li>\n </ul>", "smithy.api#examples": [ { "title": "To list in-progress multipart uploads on a bucket", @@ -27028,7 +27062,7 @@ "EncodingType": { "target": "com.amazonaws.s3#EncodingType", "traits": { - "smithy.api#documentation": "<p>Encoding type used by Amazon S3 to encode object keys in the response. If using\n <code>url</code>, non-ASCII characters used in an object's key name will be URL encoded.\n For example, the object <code>test_file(3).png</code> will appear as\n <code>test_file%283%29.png</code>.</p>" + "smithy.api#documentation": "<p>Encoding type used by Amazon S3 to encode the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html\">object keys</a> in the response.\n Responses are encoded only in UTF-8. An object key can contain any Unicode character.\n However, the XML 1.0 parser can't parse certain characters, such as characters with an\n ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this\n parameter to request that Amazon S3 encode the keys in the response. For more information about\n characters to avoid in object key names, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines\">Object key naming\n guidelines</a>.</p>\n <note>\n <p>When using the URL encoding type, non-ASCII characters that are used in an object's\n key name will be percent-encoded according to UTF-8 code values. For example, the object\n <code>test_file(3).png</code> will appear as\n <code>test_file%283%29.png</code>.</p>\n </note>" } }, "RequestCharged": { @@ -27134,7 +27168,7 @@ } ], "traits": { - "smithy.api#documentation": "<p>Returns some or all (up to 1,000) of the objects in a bucket with each request. You can\n use the request parameters as selection criteria to return a subset of the objects in a\n bucket. A <code>200 OK</code> response can contain valid or invalid XML. Make sure to\n design your application to parse the contents of the response and handle it appropriately.\n \n For more information about listing objects, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/ListingKeysUsingAPIs.html\">Listing object keys\n programmatically</a> in the <i>Amazon S3 User Guide</i>. To get a list of your buckets, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html\">ListBuckets</a>.</p>\n <note>\n <p>\n <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>\n </code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </note>\n <dl>\n <dt>Permissions</dt>\n <dd>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> - To use this operation, you must have READ access to the bucket. You must have permission to perform\n the <code>s3:ListBucket</code> action. The bucket owner has this permission by default and\n can grant this permission to others. For more information about permissions, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources\">Permissions Related to Bucket Subresource Operations</a> and <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html\">Managing\n Access Permissions to Your Amazon S3 Resources</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> - To grant access to this API operation on a directory bucket, we recommend that you use the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a> API operation for session-based authorization. Specifically, you grant the <code>s3express:CreateSession</code> permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the <code>CreateSession</code> API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another <code>CreateSession</code> API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a>.</p>\n </li>\n </ul>\n </dd>\n <dt>Sorting order of returned objects</dt>\n <dd>\n <ul>\n <li>\n <p>\n <b>General purpose bucket</b> - For general purpose buckets, <code>ListObjectsV2</code> returns objects in lexicographical order based on their key names.</p>\n </li>\n <li>\n <p>\n <b>Directory bucket</b> - For directory buckets, <code>ListObjectsV2</code> does not return objects in lexicographical order.</p>\n </li>\n </ul>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n </dd>\n </dl>\n <important>\n <p>This section describes the latest revision of this action. We recommend that you use\n this revised API operation for application development. For backward compatibility, Amazon S3\n continues to support the prior version of this API operation, <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html\">ListObjects</a>.</p>\n </important>\n <p>The following operations are related to <code>ListObjectsV2</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html\">GetObject</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html\">PutObject</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html\">CreateBucket</a>\n </p>\n </li>\n </ul>", + "smithy.api#documentation": "<p>Returns some or all (up to 1,000) of the objects in a bucket with each request. You can\n use the request parameters as selection criteria to return a subset of the objects in a\n bucket. A <code>200 OK</code> response can contain valid or invalid XML. Make sure to\n design your application to parse the contents of the response and handle it appropriately.\n \n For more information about listing objects, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/ListingKeysUsingAPIs.html\">Listing object keys\n programmatically</a> in the <i>Amazon S3 User Guide</i>. To get a list of your buckets, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html\">ListBuckets</a>.</p>\n <note>\n <ul>\n <li>\n <p>\n <b>General purpose bucket</b> - For general purpose buckets, <code>ListObjectsV2</code> doesn't return prefixes that are related only to in-progress multipart uploads.</p>\n </li>\n <li>\n <p>\n <b>Directory buckets</b> - \n For directory buckets, <code>ListObjectsV2</code> response includes the prefixes that are related only to in-progress multipart uploads.\n </p>\n </li>\n <li>\n <p>\n <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>\n </code>. Path-style requests are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html\">Regional and Zonal endpoints</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </li>\n </ul>\n </note>\n <dl>\n <dt>Permissions</dt>\n <dd>\n <ul>\n <li>\n <p>\n <b>General purpose bucket permissions</b> - To use this operation, you must have READ access to the bucket. You must have permission to perform\n the <code>s3:ListBucket</code> action. The bucket owner has this permission by default and\n can grant this permission to others. For more information about permissions, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources\">Permissions Related to Bucket Subresource Operations</a> and <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html\">Managing\n Access Permissions to Your Amazon S3 Resources</a> in the\n <i>Amazon S3 User Guide</i>.</p>\n </li>\n <li>\n <p>\n <b>Directory bucket permissions</b> - To grant access to this API operation on a directory bucket, we recommend that you use the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a> API operation for session-based authorization. Specifically, you grant the <code>s3express:CreateSession</code> permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the <code>CreateSession</code> API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another <code>CreateSession</code> API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html\">\n <code>CreateSession</code>\n </a>.</p>\n </li>\n </ul>\n </dd>\n <dt>Sorting order of returned objects</dt>\n <dd>\n <ul>\n <li>\n <p>\n <b>General purpose bucket</b> - For general purpose buckets, <code>ListObjectsV2</code> returns objects in lexicographical order based on their key names.</p>\n </li>\n <li>\n <p>\n <b>Directory bucket</b> - For directory buckets, <code>ListObjectsV2</code> does not return objects in lexicographical order.</p>\n </li>\n </ul>\n </dd>\n <dt>HTTP Host header syntax</dt>\n <dd>\n <p>\n <b>Directory buckets </b> - The HTTP Host header syntax is <code>\n <i>Bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com</code>.</p>\n </dd>\n </dl>\n <important>\n <p>This section describes the latest revision of this action. We recommend that you use\n this revised API operation for application development. For backward compatibility, Amazon S3\n continues to support the prior version of this API operation, <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html\">ListObjects</a>.</p>\n </important>\n <p>The following operations are related to <code>ListObjectsV2</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html\">GetObject</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html\">PutObject</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html\">CreateBucket</a>\n </p>\n </li>\n </ul>", "smithy.api#http": { "method": "GET", "uri": "/{Bucket}?list-type=2", @@ -27260,7 +27294,7 @@ "EncodingType": { "target": "com.amazonaws.s3#EncodingType", "traits": { - "smithy.api#documentation": "<p>Encoding type used by Amazon S3 to encode object keys in the response. If using\n <code>url</code>, non-ASCII characters used in an object's key name will be URL encoded.\n For example, the object <code>test_file(3).png</code> will appear as\n <code>test_file%283%29.png</code>.</p>", + "smithy.api#documentation": "<p>Encoding type used by Amazon S3 to encode the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html\">object keys</a> in the response.\n Responses are encoded only in UTF-8. An object key can contain any Unicode character.\n However, the XML 1.0 parser can't parse certain characters, such as characters with an\n ASCII value from 0 to 10. For characters that aren't supported in XML 1.0, you can add this\n parameter to request that Amazon S3 encode the keys in the response. For more information about\n characters to avoid in object key names, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines\">Object key naming\n guidelines</a>.</p>\n <note>\n <p>When using the URL encoding type, non-ASCII characters that are used in an object's\n key name will be percent-encoded according to UTF-8 code values. For example, the object\n <code>test_file(3).png</code> will appear as\n <code>test_file%283%29.png</code>.</p>\n </note>", "smithy.api#httpQuery": "encoding-type" } }, @@ -27657,6 +27691,15 @@ "com.amazonaws.s3#MaxAgeSeconds": { "type": "integer" }, + "com.amazonaws.s3#MaxBuckets": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 1000 + } + } + }, "com.amazonaws.s3#MaxDirectoryBuckets": { "type": "integer", "traits": { @@ -28882,7 +28925,7 @@ "PartitionDateSource": { "target": "com.amazonaws.s3#PartitionDateSource", "traits": { - "smithy.api#documentation": "<p>Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime.</p>" + "smithy.api#documentation": "<p>Specifies the partition date source for the partitioned prefix.\n <code>PartitionDateSource</code> can be <code>EventTime</code> or\n <code>DeliveryTime</code>.</p>\n <p>For <code>DeliveryTime</code>, the time in the log file names corresponds to the\n delivery time for the log files. </p>\n <p> For <code>EventTime</code>, The logs delivered are for a specific day only. The year,\n month, and day correspond to the day on which the event occurred, and the hour, minutes and\n seconds are set to 00 in the key.</p>" } } }, @@ -29067,7 +29110,7 @@ "RestrictPublicBuckets": { "target": "com.amazonaws.s3#Setting", "traits": { - "smithy.api#documentation": "<p>Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting\n this element to <code>TRUE</code> restricts access to this bucket to only Amazon Web Service principals and authorized users within this account if the bucket has\n a public policy.</p>\n <p>Enabling this setting doesn't affect previously stored bucket policies, except that\n public and cross-account access within any public bucket policy, including non-public\n delegation to specific accounts, is blocked.</p>", + "smithy.api#documentation": "<p>Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting\n this element to <code>TRUE</code> restricts access to this bucket to only Amazon Web Servicesservice principals and authorized users within this account if the bucket has\n a public policy.</p>\n <p>Enabling this setting doesn't affect previously stored bucket policies, except that\n public and cross-account access within any public bucket policy, including non-public\n delegation to specific accounts, is blocked.</p>", "smithy.api#xmlName": "RestrictPublicBuckets" } } @@ -29450,7 +29493,7 @@ "requestAlgorithmMember": "ChecksumAlgorithm", "requestChecksumRequired": true }, - "smithy.api#documentation": "<note>\n <p>This operation is not supported by directory buckets.</p>\n </note>\n <p>This action uses the <code>encryption</code> subresource to configure default encryption\n and Amazon S3 Bucket Keys for an existing bucket.</p>\n <p>By default, all buckets have a default encryption configuration that uses server-side\n encryption with Amazon S3 managed keys (SSE-S3). You can optionally configure default encryption\n for a bucket by using server-side encryption with Key Management Service (KMS) keys (SSE-KMS) or\n dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS). If you specify default encryption by using\n SSE-KMS, you can also configure <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html\">Amazon S3 Bucket\n Keys</a>. If you use PutBucketEncryption to set your <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html\">default bucket encryption</a> to SSE-KMS, you should verify that your KMS key ID is correct. Amazon S3 does not validate the KMS key ID provided in PutBucketEncryption requests.</p>\n <important>\n <p>This action requires Amazon Web Services Signature Version 4. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html\">\n Authenticating Requests (Amazon Web Services Signature Version 4)</a>. </p>\n </important>\n <p>To use this operation, you must have permission to perform the\n <code>s3:PutEncryptionConfiguration</code> action. The bucket owner has this permission\n by default. The bucket owner can grant this permission to others. For more information\n about permissions, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources\">Permissions Related to Bucket Subresource Operations</a> and <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html\">Managing\n Access Permissions to Your Amazon S3 Resources</a> in the\n <i>Amazon S3 User Guide</i>. </p>\n <p>The following operations are related to <code>PutBucketEncryption</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html\">GetBucketEncryption</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html\">DeleteBucketEncryption</a>\n </p>\n </li>\n </ul>", + "smithy.api#documentation": "<note>\n <p>This operation is not supported by directory buckets.</p>\n </note>\n <p>This action uses the <code>encryption</code> subresource to configure default encryption\n and Amazon S3 Bucket Keys for an existing bucket.</p>\n <p>By default, all buckets have a default encryption configuration that uses server-side\n encryption with Amazon S3 managed keys (SSE-S3). You can optionally configure default encryption\n for a bucket by using server-side encryption with Key Management Service (KMS) keys (SSE-KMS) or\n dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS). If you specify default encryption by using\n SSE-KMS, you can also configure <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html\">Amazon S3 Bucket\n Keys</a>. If you use PutBucketEncryption to set your <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html\">default bucket encryption</a> to SSE-KMS, you should verify that your KMS key ID is correct. Amazon S3 does not validate the KMS key ID provided in PutBucketEncryption requests.</p>\n <important>\n <p>If you're specifying a customer managed KMS key, we recommend using a fully qualified\n KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the\n requester’s account. This behavior can result in data that's encrypted with a KMS key\n that belongs to the requester, and not the bucket owner.</p>\n <p>Also, this action requires Amazon Web Services Signature Version 4. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html\">\n Authenticating Requests (Amazon Web Services Signature Version 4)</a>. </p>\n </important>\n <p>To use this operation, you must have permission to perform the\n <code>s3:PutEncryptionConfiguration</code> action. The bucket owner has this permission\n by default. The bucket owner can grant this permission to others. For more information\n about permissions, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources\">Permissions Related to Bucket Subresource Operations</a> and <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html\">Managing\n Access Permissions to Your Amazon S3 Resources</a> in the\n <i>Amazon S3 User Guide</i>. </p>\n <p>The following operations are related to <code>PutBucketEncryption</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html\">GetBucketEncryption</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html\">DeleteBucketEncryption</a>\n </p>\n </li>\n </ul>", "smithy.api#http": { "method": "PUT", "uri": "/{Bucket}?encryption", @@ -30431,7 +30474,7 @@ "requestAlgorithmMember": "ChecksumAlgorithm", "requestChecksumRequired": true }, - "smithy.api#documentation": "<note>\n <p>This operation is not supported by directory buckets.</p>\n </note>\n <p>Sets the versioning state of an existing bucket.</p>\n <p>You can set the versioning state with one of the following values:</p>\n <p>\n <b>Enabled</b>—Enables versioning for the objects in the\n bucket. All objects added to the bucket receive a unique version ID.</p>\n <p>\n <b>Suspended</b>—Disables versioning for the objects in the\n bucket. All objects added to the bucket receive the version ID null.</p>\n <p>If the versioning state has never been set on a bucket, it has no versioning state; a\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html\">GetBucketVersioning</a> request does not return a versioning state value.</p>\n <p>In order to enable MFA Delete, you must be the bucket owner. If you are the bucket owner\n and want to enable MFA Delete in the bucket versioning configuration, you must include the\n <code>x-amz-mfa request</code> header and the <code>Status</code> and the\n <code>MfaDelete</code> request elements in a request to set the versioning state of the\n bucket.</p>\n <important>\n <p>If you have an object expiration lifecycle configuration in your non-versioned bucket\n and you want to maintain the same permanent delete behavior when you enable versioning,\n you must add a noncurrent expiration policy. The noncurrent expiration lifecycle\n configuration will manage the deletes of the noncurrent object versions in the\n version-enabled bucket. (A version-enabled bucket maintains one current and zero or more\n noncurrent object versions.) For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-and-other-bucket-config\">Lifecycle and Versioning</a>.</p>\n </important>\n <p>The following operations are related to <code>PutBucketVersioning</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html\">CreateBucket</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html\">DeleteBucket</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html\">GetBucketVersioning</a>\n </p>\n </li>\n </ul>", + "smithy.api#documentation": "<note>\n <p>This operation is not supported by directory buckets.</p>\n </note>\n <note>\n <p>When you enable versioning on a bucket for the first time, it might take a short\n amount of time for the change to be fully propagated. We recommend that you wait for 15\n minutes after enabling versioning before issuing write operations\n (<code>PUT</code>\n or\n <code>DELETE</code>)\n on objects in the bucket. </p>\n </note>\n <p>Sets the versioning state of an existing bucket.</p>\n <p>You can set the versioning state with one of the following values:</p>\n <p>\n <b>Enabled</b>—Enables versioning for the objects in the\n bucket. All objects added to the bucket receive a unique version ID.</p>\n <p>\n <b>Suspended</b>—Disables versioning for the objects in the\n bucket. All objects added to the bucket receive the version ID null.</p>\n <p>If the versioning state has never been set on a bucket, it has no versioning state; a\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html\">GetBucketVersioning</a> request does not return a versioning state value.</p>\n <p>In order to enable MFA Delete, you must be the bucket owner. If you are the bucket owner\n and want to enable MFA Delete in the bucket versioning configuration, you must include the\n <code>x-amz-mfa request</code> header and the <code>Status</code> and the\n <code>MfaDelete</code> request elements in a request to set the versioning state of the\n bucket.</p>\n <important>\n <p>If you have an object expiration lifecycle configuration in your non-versioned bucket\n and you want to maintain the same permanent delete behavior when you enable versioning,\n you must add a noncurrent expiration policy. The noncurrent expiration lifecycle\n configuration will manage the deletes of the noncurrent object versions in the\n version-enabled bucket. (A version-enabled bucket maintains one current and zero or more\n noncurrent object versions.) For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-and-other-bucket-config\">Lifecycle and Versioning</a>.</p>\n </important>\n <p>The following operations are related to <code>PutBucketVersioning</code>:</p>\n <ul>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html\">CreateBucket</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html\">DeleteBucket</a>\n </p>\n </li>\n <li>\n <p>\n <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html\">GetBucketVersioning</a>\n </p>\n </li>\n </ul>", "smithy.api#examples": [ { "title": "Set versioning configuration on a bucket", @@ -31874,7 +31917,7 @@ "Payload": { "target": "com.amazonaws.s3#Body", "traits": { - "smithy.api#documentation": "<p>The byte array of partial, one or more result records.</p>", + "smithy.api#documentation": "<p>The byte array of partial, one or more result records. S3 Select doesn't guarantee that\n a record will be self-contained in one record frame. To ensure continuous streaming of\n data, S3 Select might split the same record across multiple record frames instead of\n aggregating the results in memory. Some S3 clients (for example, the SDK for Java) handle this behavior by creating a <code>ByteStream</code> out of the response by\n default. Other clients might not handle this behavior by default. In those cases, you must\n aggregate the results on the client side and parse the response.</p>", "smithy.api#eventPayload": {} } } @@ -32947,7 +32990,7 @@ } }, "traits": { - "smithy.api#documentation": "<p>Describes the default server-side encryption to apply to new objects in the bucket. If a\n PUT Object request doesn't specify any server-side encryption, this default encryption will\n be applied. If you don't specify a customer managed key at configuration, Amazon S3 automatically creates\n an Amazon Web Services KMS key in your Amazon Web Services account the first time that you add an object encrypted\n with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. For more\n information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html\">PUT Bucket encryption</a> in\n the <i>Amazon S3 API Reference</i>.</p>" + "smithy.api#documentation": "<p>Describes the default server-side encryption to apply to new objects in the bucket. If a\n PUT Object request doesn't specify any server-side encryption, this default encryption will\n be applied. If you don't specify a customer managed key at configuration, Amazon S3 automatically creates\n an Amazon Web Services KMS key in your Amazon Web Services account the first time that you add an object encrypted\n with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. For more\n information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html\">PUT Bucket encryption</a> in\n the <i>Amazon S3 API Reference</i>.</p>\n <note>\n <p>If you're specifying a customer managed KMS key, we recommend using a fully qualified\n KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the\n requester’s account. This behavior can result in data that's encrypted with a KMS key\n that belongs to the requester, and not the bucket owner.</p>\n </note>" } }, "com.amazonaws.s3#ServerSideEncryptionConfiguration": { @@ -32984,7 +33027,7 @@ } }, "traits": { - "smithy.api#documentation": "<p>Specifies the default server-side encryption configuration.</p>" + "smithy.api#documentation": "<p>Specifies the default server-side encryption configuration.</p>\n <note>\n <p>If you're specifying a customer managed KMS key, we recommend using a fully qualified\n KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the\n requester’s account. This behavior can result in data that's encrypted with a KMS key\n that belongs to the requester, and not the bucket owner.</p>\n </note>" } }, "com.amazonaws.s3#ServerSideEncryptionRules": {