From 23079711e886b1d295c9f9dcc9a64a76a1b0ec0f Mon Sep 17 00:00:00 2001 From: AWS SDK for Go v2 automation user Date: Tue, 2 Jul 2024 18:08:02 +0000 Subject: [PATCH] Update API model --- codegen/sdk-codegen/aws-models/ec2.json | 22 ++- codegen/sdk-codegen/aws-models/fms.json | 2 +- codegen/sdk-codegen/aws-models/s3.json | 214 ++++++++++++++---------- 3 files changed, 143 insertions(+), 95 deletions(-) diff --git a/codegen/sdk-codegen/aws-models/ec2.json b/codegen/sdk-codegen/aws-models/ec2.json index fcfa79e9cf3..9bb20e4a893 100644 --- a/codegen/sdk-codegen/aws-models/ec2.json +++ b/codegen/sdk-codegen/aws-models/ec2.json @@ -9558,7 +9558,7 @@ "target": "com.amazonaws.ec2#ByoipCidrState", "traits": { "aws.protocols#ec2QueryName": "State", - "smithy.api#documentation": "

The state of the address pool.

", + "smithy.api#documentation": "

The state of the address range.

\n ", "smithy.api#xmlName": "state" } }, @@ -15626,7 +15626,7 @@ "PreserveClientIp": { "target": "com.amazonaws.ec2#Boolean", "traits": { - "smithy.api#documentation": "

Indicates whether your client's IP address is preserved as the source. The value is true or false.

\n \n

Default: true\n

" + "smithy.api#documentation": "

Indicates whether the client IP address is preserved as the source. The following are the possible values.

\n \n

Default: false\n

" } }, "ClientToken": { @@ -20975,7 +20975,7 @@ "OutpostArn": { "target": "com.amazonaws.ec2#String", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the Outpost.

" + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the Outpost on which to create the volume.

\n

If you intend to use a volume with an instance running on an outpost, then you must \n create the volume on the same outpost as the instance. You can't use a volume created \n in an Amazon Web Services Region with an instance on an Amazon Web Services outpost, or the other way around.

" } }, "Size": { @@ -40956,7 +40956,7 @@ "VolumeIds": { "target": "com.amazonaws.ec2#VolumeIdStringList", "traits": { - "smithy.api#documentation": "

The volume IDs.

", + "smithy.api#documentation": "

The volume IDs. If not specified, then all volumes are included in the response.

", "smithy.api#xmlName": "VolumeId" } }, @@ -55619,6 +55619,12 @@ "com.amazonaws.ec2#HostTenancy": { "type": "enum", "members": { + "default": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "default" + } + }, "dedicated": { "target": "smithy.api#Unit", "traits": { @@ -60658,7 +60664,7 @@ "target": "com.amazonaws.ec2#Integer", "traits": { "aws.protocols#ec2QueryName": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", - "smithy.api#documentation": "

[Price protection] The price protection threshold for Spot Instances, as a percentage of an\n identified On-Demand price. The identified On-Demand price is the price of the lowest\n priced current generation C, M, or R instance type with your specified attributes. If no\n current generation C, M, or R instance type matches your attributes, then the identified\n price is from the lowest priced current generation instance types, and failing that, from\n the lowest priced previous generation instance types that match your attributes. When Amazon EC2\n selects instance types with your attributes, it will exclude instance types whose price\n exceeds your specified threshold.

\n

The parameter accepts an integer, which Amazon EC2 interprets as a percentage.

\n

If you set DesiredCapacityType to vcpu or\n memory-mib, the price protection threshold is based on the per vCPU or per\n memory price instead of the per instance price.

\n \n

Only one of SpotMaxPricePercentageOverLowestPrice or\n MaxSpotPriceAsPercentageOfOptimalOnDemandPrice can be specified. If you\n don't specify either, Amazon EC2 will automatically apply optimal price protection to\n consistently select from a wide range of instance types. To indicate no price protection\n threshold for Spot Instances, meaning you want to consider all instance types that match your\n attributes, include one of these parameters and specify a high value, such as\n 999999.

\n ", + "smithy.api#documentation": "

[Price protection] The price protection threshold for Spot Instances, as a percentage of an\n identified On-Demand price. The identified On-Demand price is the price of the lowest\n priced current generation C, M, or R instance type with your specified attributes. If no\n current generation C, M, or R instance type matches your attributes, then the identified\n price is from the lowest priced current generation instance types, and failing that, from\n the lowest priced previous generation instance types that match your attributes. When Amazon EC2\n selects instance types with your attributes, it will exclude instance types whose price\n exceeds your specified threshold.

\n

The parameter accepts an integer, which Amazon EC2 interprets as a percentage.

\n

If you set TargetCapacityUnitType to vcpu or\n memory-mib, the price protection threshold is based on the per vCPU or per\n memory price instead of the per instance price.

\n \n

Only one of SpotMaxPricePercentageOverLowestPrice or\n MaxSpotPriceAsPercentageOfOptimalOnDemandPrice can be specified. If you\n don't specify either, Amazon EC2 will automatically apply optimal price protection to\n consistently select from a wide range of instance types. To indicate no price protection\n threshold for Spot Instances, meaning you want to consider all instance types that match your\n attributes, include one of these parameters and specify a high value, such as\n 999999.

\n ", "smithy.api#xmlName": "maxSpotPriceAsPercentageOfOptimalOnDemandPrice" } } @@ -60823,7 +60829,7 @@ "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { "target": "com.amazonaws.ec2#Integer", "traits": { - "smithy.api#documentation": "

[Price protection] The price protection threshold for Spot Instances, as a percentage of an\n identified On-Demand price. The identified On-Demand price is the price of the lowest\n priced current generation C, M, or R instance type with your specified attributes. If no\n current generation C, M, or R instance type matches your attributes, then the identified\n price is from the lowest priced current generation instance types, and failing that, from\n the lowest priced previous generation instance types that match your attributes. When Amazon EC2\n selects instance types with your attributes, it will exclude instance types whose price\n exceeds your specified threshold.

\n

The parameter accepts an integer, which Amazon EC2 interprets as a percentage.

\n

If you set DesiredCapacityType to vcpu or\n memory-mib, the price protection threshold is based on the per vCPU or per\n memory price instead of the per instance price.

\n \n

Only one of SpotMaxPricePercentageOverLowestPrice or\n MaxSpotPriceAsPercentageOfOptimalOnDemandPrice can be specified. If you\n don't specify either, Amazon EC2 will automatically apply optimal price protection to\n consistently select from a wide range of instance types. To indicate no price protection\n threshold for Spot Instances, meaning you want to consider all instance types that match your\n attributes, include one of these parameters and specify a high value, such as\n 999999.

\n " + "smithy.api#documentation": "

[Price protection] The price protection threshold for Spot Instances, as a percentage of an\n identified On-Demand price. The identified On-Demand price is the price of the lowest\n priced current generation C, M, or R instance type with your specified attributes. If no\n current generation C, M, or R instance type matches your attributes, then the identified\n price is from the lowest priced current generation instance types, and failing that, from\n the lowest priced previous generation instance types that match your attributes. When Amazon EC2\n selects instance types with your attributes, it will exclude instance types whose price\n exceeds your specified threshold.

\n

The parameter accepts an integer, which Amazon EC2 interprets as a percentage.

\n

If you set TargetCapacityUnitType to vcpu or\n memory-mib, the price protection threshold is based on the per vCPU or per\n memory price instead of the per instance price.

\n \n

Only one of SpotMaxPricePercentageOverLowestPrice or\n MaxSpotPriceAsPercentageOfOptimalOnDemandPrice can be specified. If you\n don't specify either, Amazon EC2 will automatically apply optimal price protection to\n consistently select from a wide range of instance types. To indicate no price protection\n threshold for Spot Instances, meaning you want to consider all instance types that match your\n attributes, include one of these parameters and specify a high value, such as\n 999999.

\n " } } }, @@ -75426,7 +75432,7 @@ "target": "com.amazonaws.ec2#BlobAttributeValue", "traits": { "aws.protocols#ec2QueryName": "UserData", - "smithy.api#documentation": "

Changes the instance's user data to the specified value. If you are using an Amazon Web Services SDK or command line tool, base64-encoding is performed for you, and you\n can load the text from a file. Otherwise, you must provide base64-encoded text.

", + "smithy.api#documentation": "

Changes the instance's user data to the specified value. User data must be base64-encoded.\n Depending on the tool or SDK that you're using, the base64-encoding might be performed for you.\n For more information, see Work with instance user data.

", "smithy.api#xmlName": "userData" } }, @@ -92438,7 +92444,7 @@ "UserData": { "target": "com.amazonaws.ec2#RunInstancesUserData", "traits": { - "smithy.api#documentation": "

The user data script to make available to the instance. For more information, see\n Run\n commands on your Amazon EC2 instance at launch in the Amazon EC2 User\n Guide. If you are using a command line tool, base64-encoding is performed\n for you, and you can load the text from a file. Otherwise, you must provide\n base64-encoded text. User data is limited to 16 KB.

" + "smithy.api#documentation": "

The user data to make available to the instance. User data must be base64-encoded.\n Depending on the tool or SDK that you're using, the base64-encoding might be performed for you.\n For more information, see Work with instance user data.

" } }, "AdditionalInfo": { diff --git a/codegen/sdk-codegen/aws-models/fms.json b/codegen/sdk-codegen/aws-models/fms.json index b6d87a8a357..2ed2d7eeab8 100644 --- a/codegen/sdk-codegen/aws-models/fms.json +++ b/codegen/sdk-codegen/aws-models/fms.json @@ -5145,7 +5145,7 @@ "traits": { "smithy.api#length": { "min": 1, - "max": 10000 + "max": 30000 }, "smithy.api#pattern": "^((?!\\\\[nr]).)+$" } diff --git a/codegen/sdk-codegen/aws-models/s3.json b/codegen/sdk-codegen/aws-models/s3.json index 3b48bc38581..9bfb1d7b40d 100644 --- a/codegen/sdk-codegen/aws-models/s3.json +++ b/codegen/sdk-codegen/aws-models/s3.json @@ -18694,7 +18694,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates a copy of an object that is already stored in Amazon S3.

\n \n

You can store individual objects of up to 5 TB in Amazon S3. You create a copy of your\n object up to 5 GB in size in a single atomic action using this API. However, to copy an\n object greater than 5 GB, you must use the multipart upload Upload Part - Copy\n (UploadPartCopy) API. For more information, see Copy Object Using the\n REST Multipart Upload API.

\n \n

You can copy individual objects between general purpose buckets, between directory buckets, and \n between general purpose buckets and directory buckets.

\n \n

\n Directory buckets - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name\n . Path-style requests are not supported. For more information, see Regional and Zonal endpoints in the\n Amazon S3 User Guide.

\n \n

Both the\n Region that you want to copy the object from and the Region that you want to copy the\n object to must be enabled for your account. For more information about how to enable a Region for your account, see Enable \n or disable a Region for standalone accounts in the\n Amazon Web Services Account Management Guide.

\n \n

Amazon S3 transfer acceleration does not support cross-Region copies. If you request a\n cross-Region copy using a transfer acceleration endpoint, you get a 400 Bad\n Request error. For more information, see Transfer\n Acceleration.

\n \n
\n
Authentication and authorization
\n
\n

All CopyObject requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed. For more information, see REST Authentication.

\n

\n Directory buckets - You must use the IAM credentials to authenticate and authorize your access to the CopyObject API operation, instead of using the \n temporary security credentials through the CreateSession API operation.

\n

Amazon Web Services CLI or SDKs handles authentication and authorization on your behalf.

\n
\n
Permissions
\n
\n

You must have\n read access to the source object and write\n access to the destination bucket.

\n
    \n
  • \n

    \n General purpose bucket permissions -\n You must have permissions in an IAM policy based on the source and destination\n bucket types in a CopyObject operation.

    \n
      \n
    • \n

      If the source object is in a general purpose bucket, you must have\n \n s3:GetObject\n \n permission to read the source object that is being copied.

      \n
      • \n
    • \n

      If the destination bucket is a general purpose bucket, you must have\n \n s3:PutObject\n \n permission to write the object copy to the destination bucket.

      \n
      • \n
    \n
    • \n
  • \n

    \n Directory bucket permissions -\n You must have permissions in a bucket policy or an IAM identity-based policy based on the source and destination\n bucket types in a CopyObject operation.

    \n
      \n
    • \n

      If the source object that you want to copy is in a\n directory bucket, you must have the \n s3express:CreateSession\n permission in\n the Action element of a policy to read the object. By default, the session is in the ReadWrite mode. If you want to restrict the access, you can explicitly set the s3express:SessionMode condition key to ReadOnly on the copy source bucket.

      \n
      • \n
    • \n

      If the copy destination is a directory bucket, you must have the \n s3express:CreateSession\n permission in the\n Action element of a policy to write the object\n to the destination. The s3express:SessionMode condition\n key can't be set to ReadOnly on the copy destination bucket.

      \n
      • \n
    \n

    For example policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone in the\n Amazon S3 User Guide.

    \n
    • \n
\n
\n
Response and special errors
\n
\n

When the request is an HTTP 1.1 request, the response is chunk encoded. \n When the request is not an HTTP 1.1 request, the response would not contain the Content-Length. \n You always need to read the entire response body to check if the copy succeeds. \n to keep the connection alive while we copy the data.

\n
    \n
  • \n

    If the copy is successful, you receive a response with information about the copied\n object.

    \n
    • \n
  • \n

    A copy request might return an error when Amazon S3 receives the copy request or while Amazon S3\n is copying the files. A 200 OK response can contain either a success or an error.

    \n
      \n
    • \n

      If the error occurs before the copy action starts, you receive a\n standard Amazon S3 error.

      \n
      • \n
    • \n

      If the error occurs during the copy operation, the error response is\n embedded in the 200 OK response. For example, in a cross-region copy, you \n may encounter throttling and receive a 200 OK response. \n For more information, see Resolve \n the Error 200 response when copying objects to Amazon S3. \n The 200 OK status code means the copy was accepted, but \n it doesn't mean the copy is complete. Another example is \n when you disconnect from Amazon S3 before the copy is complete, Amazon S3 might cancel the copy and you may receive a 200 OK response. \n You must stay connected to Amazon S3 until the entire response is successfully received and processed.

      \n

      If you call this API operation directly, make\n sure to design your application to parse the content of the response and handle it\n appropriately. If you use Amazon Web Services SDKs, SDKs handle this condition. The SDKs detect the\n embedded error and apply error handling per your configuration settings (including\n automatically retrying the request as appropriate). If the condition persists, the SDKs\n throw an exception (or, for the SDKs that don't use exceptions, they return an \n error).

      \n
      • \n
    \n
    • \n
\n
\n
Charge
\n
\n

The copy request charge is based on the storage class and Region that you specify for\n the destination object. The request can also result in a data retrieval charge for the\n source if the source storage class bills for data retrieval. If the copy source is in a different region, the data transfer is billed to the copy source account. For pricing information, see\n Amazon S3 pricing.

\n
\n
HTTP Host header syntax
\n
\n

\n Directory buckets - The HTTP Host header syntax is \n Bucket_name.s3express-az_id.region.amazonaws.com.

\n
\n
\n

The following operations are related to CopyObject:

\n ", + "smithy.api#documentation": "

Creates a copy of an object that is already stored in Amazon S3.

\n \n

You can store individual objects of up to 5 TB in Amazon S3. You create a copy of your\n object up to 5 GB in size in a single atomic action using this API. However, to copy an\n object greater than 5 GB, you must use the multipart upload Upload Part - Copy\n (UploadPartCopy) API. For more information, see Copy Object Using the\n REST Multipart Upload API.

\n \n

You can copy individual objects between general purpose buckets, between directory buckets, and \n between general purpose buckets and directory buckets.

\n \n

\n Directory buckets - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name\n . Path-style requests are not supported. For more information, see Regional and Zonal endpoints in the\n Amazon S3 User Guide.

\n \n

Both the\n Region that you want to copy the object from and the Region that you want to copy the\n object to must be enabled for your account. For more information about how to enable a Region for your account, see Enable \n or disable a Region for standalone accounts in the\n Amazon Web Services Account Management Guide.

\n \n

Amazon S3 transfer acceleration does not support cross-Region copies. If you request a\n cross-Region copy using a transfer acceleration endpoint, you get a 400 Bad\n Request error. For more information, see Transfer\n Acceleration.

\n \n
\n
Authentication and authorization
\n
\n

All CopyObject requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed. For more information, see REST Authentication.

\n

\n Directory buckets - You must use the IAM credentials to authenticate and authorize your access to the CopyObject API operation, instead of using the \n temporary security credentials through the CreateSession API operation.

\n

Amazon Web Services CLI or SDKs handles authentication and authorization on your behalf.

\n
\n
Permissions
\n
\n

You must have\n read access to the source object and write\n access to the destination bucket.

\n
    \n
  • \n

    \n General purpose bucket permissions -\n You must have permissions in an IAM policy based on the source and destination\n bucket types in a CopyObject operation.

    \n
      \n
    • \n

      If the source object is in a general purpose bucket, you must have\n \n s3:GetObject\n \n permission to read the source object that is being copied.

      \n
      • \n
    • \n

      If the destination bucket is a general purpose bucket, you must have\n \n s3:PutObject\n \n permission to write the object copy to the destination bucket.

      \n
      • \n
    \n
    • \n
  • \n

    \n Directory bucket permissions -\n You must have permissions in a bucket policy or an IAM identity-based policy based on the source and destination\n bucket types in a CopyObject operation.

    \n
      \n
    • \n

      If the source object that you want to copy is in a\n directory bucket, you must have the \n s3express:CreateSession\n permission in\n the Action element of a policy to read the object. By default, the session is in the ReadWrite mode. If you want to restrict the access, you can explicitly set the s3express:SessionMode condition key to ReadOnly on the copy source bucket.

      \n
      • \n
    • \n

      If the copy destination is a directory bucket, you must have the \n s3express:CreateSession\n permission in the\n Action element of a policy to write the object\n to the destination. The s3express:SessionMode condition\n key can't be set to ReadOnly on the copy destination bucket.

      \n
      • \n
    \n

    For example policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone in the\n Amazon S3 User Guide.

    \n
    • \n
\n
\n
Response and special errors
\n
\n

When the request is an HTTP 1.1 request, the response is chunk encoded. When\n the request is not an HTTP 1.1 request, the response would not contain the\n Content-Length. You always need to read the entire response body\n to check if the copy succeeds.

\n
    \n
  • \n

    If the copy is successful, you receive a response with information about the copied\n object.

    \n
    • \n
  • \n

    A copy request might return an error when Amazon S3 receives the copy request or while Amazon S3\n is copying the files. A 200 OK response can contain either a success or an error.

    \n
      \n
    • \n

      If the error occurs before the copy action starts, you receive a\n standard Amazon S3 error.

      \n
      • \n
    • \n

      If the error occurs during the copy operation, the error response is\n embedded in the 200 OK response. For example, in a cross-region copy, you \n may encounter throttling and receive a 200 OK response. \n For more information, see Resolve \n the Error 200 response when copying objects to Amazon S3. \n The 200 OK status code means the copy was accepted, but \n it doesn't mean the copy is complete. Another example is \n when you disconnect from Amazon S3 before the copy is complete, Amazon S3 might cancel the copy and you may receive a 200 OK response. \n You must stay connected to Amazon S3 until the entire response is successfully received and processed.

      \n

      If you call this API operation directly, make\n sure to design your application to parse the content of the response and handle it\n appropriately. If you use Amazon Web Services SDKs, SDKs handle this condition. The SDKs detect the\n embedded error and apply error handling per your configuration settings (including\n automatically retrying the request as appropriate). If the condition persists, the SDKs\n throw an exception (or, for the SDKs that don't use exceptions, they return an \n error).

      \n
      • \n
    \n
    • \n
\n
\n
Charge
\n
\n

The copy request charge is based on the storage class and Region that you specify for\n the destination object. The request can also result in a data retrieval charge for the\n source if the source storage class bills for data retrieval. If the copy source is in a different region, the data transfer is billed to the copy source account. For pricing information, see\n Amazon S3 pricing.

\n
\n
HTTP Host header syntax
\n
\n

\n Directory buckets - The HTTP Host header syntax is \n Bucket_name.s3express-az_id.region.amazonaws.com.

\n
\n
\n

The following operations are related to CopyObject:

\n ", "smithy.api#examples": [ { "title": "To copy an object", @@ -19257,16 +19257,6 @@ "traits": { "smithy.api#documentation": "\n

This action creates an Amazon S3 bucket. To create an Amazon S3 on Outposts bucket, see \n CreateBucket\n .

\n \n

Creates a new S3 bucket. To create a bucket, you must set up Amazon S3 and have a\n valid Amazon Web Services Access Key ID to authenticate requests. Anonymous requests are never allowed to\n create buckets. By creating the bucket, you become the bucket owner.

\n

There are two types of buckets: general purpose buckets and directory buckets. For more\n information about these bucket types, see Creating, configuring, and\n working with Amazon S3 buckets in the Amazon S3 User Guide.

\n \n \n \n
\n
Permissions
\n
\n
    \n
  • \n

    \n General purpose bucket permissions - In addition to the s3:CreateBucket permission, the following permissions are\n required in a policy when your CreateBucket request includes specific\n headers:

    \n
      \n
    • \n

      \n Access control lists (ACLs) - In your CreateBucket request, if you specify an access control list (ACL) \n and set it to public-read, public-read-write,\n authenticated-read, or if you explicitly specify any other custom ACLs, both s3:CreateBucket and\n s3:PutBucketAcl permissions are required. In your CreateBucket request, if you set the ACL to private, \n or if you don't specify any ACLs, only the s3:CreateBucket permission is required.\n

      \n
      • \n
    • \n

      \n Object Lock - In your\n CreateBucket request, if you set \n x-amz-bucket-object-lock-enabled to true, the \n s3:PutBucketObjectLockConfiguration and\n s3:PutBucketVersioning permissions are required.

      \n
      • \n
    • \n

      \n S3 Object Ownership - If your\n CreateBucket request includes the\n x-amz-object-ownership header, then the\n s3:PutBucketOwnershipControls permission is required.

      \n \n

      To set an ACL on a bucket as part of a\n CreateBucket request, you must explicitly set S3\n Object Ownership for the bucket to a different value than the\n default, BucketOwnerEnforced. Additionally, if your\n desired bucket ACL grants public access, you must first create the\n bucket (without the bucket ACL) and then explicitly disable Block\n Public Access on the bucket before using PutBucketAcl\n to set the ACL. If you try to create a bucket with a public ACL,\n the request will fail.

      \n

      For the majority of modern use cases in S3, we recommend\n that you keep all Block Public Access settings enabled and keep\n ACLs disabled. If you would like to share data with users outside\n of your account, you can use bucket policies as needed. For more\n information, see Controlling ownership of objects and disabling ACLs for your\n bucket and Blocking public access to your Amazon S3 storage in\n the Amazon S3 User Guide.

      \n       \n
      • \n
    • \n

      \n S3 Block Public Access - If your\n specific use case requires granting public access to your S3 resources, you\n can disable Block Public Access. Specifically, you can create a new bucket with Block\n Public Access enabled, then separately call the \n DeletePublicAccessBlock\n API. To use this operation, you must have the\n s3:PutBucketPublicAccessBlock permission. For more information about S3 Block Public\n Access, see Blocking\n public access to your Amazon S3 storage in the\n Amazon S3 User Guide.

      \n
      • \n
    \n
    • \n
  • \n

    \n Directory bucket permissions - You must have the s3express:CreateBucket permission in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource. For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.

    \n \n

    The permissions for ACLs, Object Lock, S3 Object Ownership, and S3 Block Public Access are not supported for directory buckets. \n For directory buckets, all Block Public Access settings are enabled at the bucket level and S3 \n Object Ownership is set to Bucket owner enforced (ACLs disabled). These settings can't be modified.\n

    \n

    For more information about permissions for creating and working with \n directory buckets, see Directory buckets in the Amazon S3 User Guide. \n For more information about supported S3 features for directory buckets, see Features of S3 Express One Zone in the Amazon S3 User Guide.

    \n     \n
    • \n
\n
\n
HTTP Host header syntax
\n
\n

\n Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com.

\n
\n
\n

The following operations are related to CreateBucket:

\n ", "smithy.api#examples": [ - { - "title": "To create a bucket ", - "documentation": "The following example creates a bucket.", - "input": { - "Bucket": "examplebucket" - }, - "output": { - "Location": "/examplebucket" - } - }, { "title": "To create a bucket in a specific region", "documentation": "The following example creates a bucket. The request specifies an AWS region where to create the bucket.", @@ -19279,6 +19269,16 @@ "output": { "Location": "http://examplebucket..s3.amazonaws.com/" } + }, + { + "title": "To create a bucket ", + "documentation": "The following example creates a bucket.", + "input": { + "Bucket": "examplebucket" + }, + "output": { + "Location": "/examplebucket" + } } ], "smithy.api#http": { @@ -19806,7 +19806,7 @@ "Credentials": { "target": "com.amazonaws.s3#SessionCredentials", "traits": { - "smithy.api#documentation": "

The established temporary security credentials for the created session..

", + "smithy.api#documentation": "

The established temporary security credentials for the created session.

", "smithy.api#required": {}, "smithy.api#xmlName": "Credentials" } @@ -20850,26 +20850,26 @@ "smithy.api#documentation": "\n

This operation is not supported by directory buckets.

\n \n

Removes the entire tag set from the specified object. For more information about\n managing object tags, see Object Tagging.

\n

To use this operation, you must have permission to perform the\n s3:DeleteObjectTagging action.

\n

To delete tags of a specific object version, add the versionId query\n parameter in the request. You will need permission for the\n s3:DeleteObjectVersionTagging action.

\n

The following operations are related to DeleteObjectTagging:

\n ", "smithy.api#examples": [ { - "title": "To remove tag set from an object version", - "documentation": "The following example removes tag set associated with the specified object version. The request specifies both the object key and object version.", + "title": "To remove tag set from an object", + "documentation": "The following example removes tag set associated with the specified object. If the bucket is versioning enabled, the operation removes tag set from the latest object version.", "input": { "Bucket": "examplebucket", - "Key": "HappyFace.jpg", - "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" + "Key": "HappyFace.jpg" }, "output": { - "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" + "VersionId": "null" } }, { - "title": "To remove tag set from an object", - "documentation": "The following example removes tag set associated with the specified object. If the bucket is versioning enabled, the operation removes tag set from the latest object version.", + "title": "To remove tag set from an object version", + "documentation": "The following example removes tag set associated with the specified object version. The request specifies both the object key and object version.", "input": { "Bucket": "examplebucket", - "Key": "HappyFace.jpg" + "Key": "HappyFace.jpg", + "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" }, "output": { - "VersionId": "null" + "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" } } ], @@ -20949,7 +20949,7 @@ "requestAlgorithmMember": "ChecksumAlgorithm", "requestChecksumRequired": true }, - "smithy.api#documentation": "

This operation enables you to delete multiple objects from a bucket using a single HTTP\n request. If you know the object keys that you want to delete, then this operation provides a\n suitable alternative to sending individual delete requests, reducing per-request\n overhead.

\n

The request can contain a list of up to 1000 keys that you want to delete. In the XML, you\n provide the object key names, and optionally, version IDs if you want to delete a specific\n version of the object from a versioning-enabled bucket. For each key, Amazon S3 performs a\n delete operation and returns the result of that delete, success or failure, in the response.\n Note that if the object specified in the request is not found, Amazon S3 returns the result as\n deleted.

\n \n
    \n
  • \n

    \n Directory buckets - S3 Versioning isn't enabled and supported for directory buckets.

    \n
    • \n
  • \n

    \n Directory buckets - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name\n . Path-style requests are not supported. For more information, see Regional and Zonal endpoints in the\n Amazon S3 User Guide.

    \n
    • \n
\n \n

The operation supports two modes for the response: verbose and quiet. By default, the\n operation uses verbose mode in which the response includes the result of deletion of each key\n in your request. In quiet mode the response includes only keys where the delete operation \n encountered an error. For a successful deletion in a quiet mode, the operation does not return any information\n about the delete in the response body.

\n

When performing this action on an MFA Delete enabled bucket, that attempts to delete any\n versioned objects, you must include an MFA token. If you do not provide one, the entire\n request will fail, even if there are non-versioned objects you are trying to delete. If you\n provide an invalid token, whether there are versioned keys in the request or not, the\n entire Multi-Object Delete request will fail. For information about MFA Delete, see MFA\n Delete in the Amazon S3\n User Guide.

\n \n

\n Directory buckets - MFA delete is not supported by directory buckets.

\n \n
\n
Permissions
\n
\n
    \n
  • \n

    \n General purpose bucket permissions - The following permissions are required in your policies when your \n DeleteObjects request includes specific headers.

    \n
      \n
    • \n

      \n \n s3:DeleteObject\n - To delete an object from a bucket, you must always specify the s3:DeleteObject permission.

      \n
      • \n
    • \n

      \n \n s3:DeleteObjectVersion\n - To delete a specific version of an object from a versiong-enabled bucket, you must specify the s3:DeleteObjectVersion permission.

      \n
      • \n
    \n
    • \n
  • \n

    \n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .

    \n
    • \n
\n
\n
Content-MD5 request header
\n
\n
    \n
  • \n

    \n General purpose bucket - The Content-MD5 request header is required for all Multi-Object Delete requests. Amazon S3\n uses the header value to ensure that your request body has not been altered in\n transit.

    \n
    • \n
  • \n

    \n Directory bucket - The Content-MD5 request header or a additional checksum request header \n (including x-amz-checksum-crc32, x-amz-checksum-crc32c, x-amz-checksum-sha1, or \n x-amz-checksum-sha256) is required for all Multi-Object Delete requests.

    \n
    • \n
\n
\n
HTTP Host header syntax
\n
\n

\n Directory buckets - The HTTP Host header syntax is \n Bucket_name.s3express-az_id.region.amazonaws.com.

\n
\n
\n

The following operations are related to DeleteObjects:

\n ", + "smithy.api#documentation": "

This operation enables you to delete multiple objects from a bucket using a single HTTP\n request. If you know the object keys that you want to delete, then this operation provides a\n suitable alternative to sending individual delete requests, reducing per-request\n overhead.

\n

The request can contain a list of up to 1000 keys that you want to delete. In the XML, you\n provide the object key names, and optionally, version IDs if you want to delete a specific\n version of the object from a versioning-enabled bucket. For each key, Amazon S3 performs a\n delete operation and returns the result of that delete, success or failure, in the response.\n Note that if the object specified in the request is not found, Amazon S3 returns the result as\n deleted.

\n \n
    \n
  • \n

    \n Directory buckets - S3 Versioning isn't enabled and supported for directory buckets.

    \n
    • \n
  • \n

    \n Directory buckets - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name\n . Path-style requests are not supported. For more information, see Regional and Zonal endpoints in the\n Amazon S3 User Guide.

    \n
    • \n
\n \n

The operation supports two modes for the response: verbose and quiet. By default, the\n operation uses verbose mode in which the response includes the result of deletion of each key\n in your request. In quiet mode the response includes only keys where the delete operation \n encountered an error. For a successful deletion in a quiet mode, the operation does not return any information\n about the delete in the response body.

\n

When performing this action on an MFA Delete enabled bucket, that attempts to delete any\n versioned objects, you must include an MFA token. If you do not provide one, the entire\n request will fail, even if there are non-versioned objects you are trying to delete. If you\n provide an invalid token, whether there are versioned keys in the request or not, the\n entire Multi-Object Delete request will fail. For information about MFA Delete, see MFA\n Delete in the Amazon S3\n User Guide.

\n \n

\n Directory buckets - MFA delete is not supported by directory buckets.

\n \n
\n
Permissions
\n
\n
    \n
  • \n

    \n General purpose bucket permissions - The following permissions are required in your policies when your \n DeleteObjects request includes specific headers.

    \n
      \n
    • \n

      \n \n s3:DeleteObject\n - To delete an object from a bucket, you must always specify the s3:DeleteObject permission.

      \n
      • \n
    • \n

      \n \n s3:DeleteObjectVersion\n - To delete a specific version of an object from a versioning-enabled bucket, you must specify the s3:DeleteObjectVersion permission.

      \n
      • \n
    \n
    • \n
  • \n

    \n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .

    \n
    • \n
\n
\n
Content-MD5 request header
\n
\n
    \n
  • \n

    \n General purpose bucket - The Content-MD5 request header is required for all Multi-Object Delete requests. Amazon S3\n uses the header value to ensure that your request body has not been altered in\n transit.

    \n
    • \n
  • \n

    \n Directory bucket - The Content-MD5 request header or a additional checksum request header \n (including x-amz-checksum-crc32, x-amz-checksum-crc32c, x-amz-checksum-sha1, or \n x-amz-checksum-sha256) is required for all Multi-Object Delete requests.

    \n
    • \n
\n
\n
HTTP Host header syntax
\n
\n

\n Directory buckets - The HTTP Host header syntax is \n Bucket_name.s3express-az_id.region.amazonaws.com.

\n
\n
\n

The following operations are related to DeleteObjects:

\n ", "smithy.api#examples": [ { "title": "To delete multiple object versions from a versioned bucket", @@ -24251,40 +24251,40 @@ "smithy.api#documentation": "\n

This operation is not supported by directory buckets.

\n \n

Returns the tag-set of an object. You send the GET request against the tagging\n subresource associated with the object.

\n

To use this operation, you must have permission to perform the\n s3:GetObjectTagging action. By default, the GET action returns information\n about current version of an object. For a versioned bucket, you can have multiple versions\n of an object in your bucket. To retrieve tags of any other version, use the versionId query\n parameter. You also need permission for the s3:GetObjectVersionTagging\n action.

\n

By default, the bucket owner has this permission and can grant this permission to\n others.

\n

For information about the Amazon S3 object tagging feature, see Object Tagging.

\n

The following actions are related to GetObjectTagging:

\n ", "smithy.api#examples": [ { - "title": "To retrieve tag set of an object", - "documentation": "The following example retrieves tag set of an object.", + "title": "To retrieve tag set of a specific object version", + "documentation": "The following example retrieves tag set of an object. The request specifies object version.", "input": { "Bucket": "examplebucket", - "Key": "HappyFace.jpg" + "Key": "exampleobject", + "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" }, "output": { - "VersionId": "null", + "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI", "TagSet": [ { - "Value": "Value4", - "Key": "Key4" - }, - { - "Value": "Value3", - "Key": "Key3" + "Value": "Value1", + "Key": "Key1" } ] } }, { - "title": "To retrieve tag set of a specific object version", - "documentation": "The following example retrieves tag set of an object. The request specifies object version.", + "title": "To retrieve tag set of an object", + "documentation": "The following example retrieves tag set of an object.", "input": { "Bucket": "examplebucket", - "Key": "exampleobject", - "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" + "Key": "HappyFace.jpg" }, "output": { - "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI", + "VersionId": "null", "TagSet": [ { - "Value": "Value1", - "Key": "Key1" + "Value": "Value4", + "Key": "Key4" + }, + { + "Value": "Value3", + "Key": "Key3" } ] } @@ -25104,6 +25104,48 @@ "smithy.api#httpHeader": "Range" } }, + "ResponseCacheControl": { + "target": "com.amazonaws.s3#ResponseCacheControl", + "traits": { + "smithy.api#documentation": "

Sets the Cache-Control header of the response.

", + "smithy.api#httpQuery": "response-cache-control" + } + }, + "ResponseContentDisposition": { + "target": "com.amazonaws.s3#ResponseContentDisposition", + "traits": { + "smithy.api#documentation": "

Sets the Content-Disposition header of the response.

", + "smithy.api#httpQuery": "response-content-disposition" + } + }, + "ResponseContentEncoding": { + "target": "com.amazonaws.s3#ResponseContentEncoding", + "traits": { + "smithy.api#documentation": "

Sets the Content-Encoding header of the response.

", + "smithy.api#httpQuery": "response-content-encoding" + } + }, + "ResponseContentLanguage": { + "target": "com.amazonaws.s3#ResponseContentLanguage", + "traits": { + "smithy.api#documentation": "

Sets the Content-Language header of the response.

", + "smithy.api#httpQuery": "response-content-language" + } + }, + "ResponseContentType": { + "target": "com.amazonaws.s3#ResponseContentType", + "traits": { + "smithy.api#documentation": "

Sets the Content-Type header of the response.

", + "smithy.api#httpQuery": "response-content-type" + } + }, + "ResponseExpires": { + "target": "com.amazonaws.s3#ResponseExpires", + "traits": { + "smithy.api#documentation": "

Sets the Expires header of the response.

", + "smithy.api#httpQuery": "response-expires" + } + }, "VersionId": { "target": "com.amazonaws.s3#ObjectVersionId", "traits": { @@ -25194,7 +25236,7 @@ "Suffix": { "target": "com.amazonaws.s3#Suffix", "traits": { - "smithy.api#documentation": "

A suffix that is appended to a request that is for a directory on the website endpoint\n (for example,if the suffix is index.html and you make a request to samplebucket/images/ the\n data that is returned will be for the object with the key name images/index.html) The\n suffix must not be empty and must not include a slash character.

\n \n

Replacement must be made for object keys containing special characters (such as carriage returns) when using \n XML requests. For more information, see \n XML related object key constraints.

\n ", + "smithy.api#documentation": "

A suffix that is appended to a request that is for a directory on the website endpoint.\n (For example, if the suffix is index.html and you make a request to\n samplebucket/images/, the data that is returned will be for the object with\n the key name images/index.html.) The suffix must not be empty and must not\n include a slash character.

\n \n

Replacement must be made for object keys containing special characters (such as carriage returns) when using \n XML requests. For more information, see \n XML related object key constraints.

\n ", "smithy.api#required": {} } } @@ -27039,7 +27081,7 @@ "EncodingType": { "target": "com.amazonaws.s3#EncodingType", "traits": { - "smithy.api#documentation": "

Encoding type used by Amazon S3 to encode object keys in the response. If using\n url, non-ASCII characters used in an object's key name will be URL encoded.\n For example, the object test_file(3).png will appear as test_file%283%29.png.

" + "smithy.api#documentation": "

Encoding type used by Amazon S3 to encode object keys in the response. If using\n url, non-ASCII characters used in an object's key name will be URL encoded.\n For example, the object test_file(3).png will appear as\n test_file%283%29.png.

" } }, "RequestCharged": { @@ -27271,7 +27313,7 @@ "EncodingType": { "target": "com.amazonaws.s3#EncodingType", "traits": { - "smithy.api#documentation": "

Encoding type used by Amazon S3 to encode object keys in the response. If using\n url, non-ASCII characters used in an object's key name will be URL encoded.\n For example, the object test_file(3).png will appear as test_file%283%29.png.

", + "smithy.api#documentation": "

Encoding type used by Amazon S3 to encode object keys in the response. If using\n url, non-ASCII characters used in an object's key name will be URL encoded.\n For example, the object test_file(3).png will appear as\n test_file%283%29.png.

", "smithy.api#httpQuery": "encoding-type" } }, @@ -27991,7 +28033,7 @@ "NewerNoncurrentVersions": { "target": "com.amazonaws.s3#VersionCount", "traits": { - "smithy.api#documentation": "

Specifies how many newer noncurrent versions must exist before Amazon S3 can perform the\n associated action on a given version. If there are this many more recent noncurrent\n versions, Amazon S3 will take the associated action. For more information about noncurrent\n versions, see Lifecycle configuration\n elements in the Amazon S3 User Guide.

" + "smithy.api#documentation": "

Specifies how many noncurrent versions Amazon S3 will retain. You can specify up to 100\n noncurrent versions to retain. Amazon S3 will permanently delete any additional noncurrent\n versions beyond the specified number to retain. For more information about noncurrent\n versions, see Lifecycle configuration\n elements in the Amazon S3 User Guide.

" } } }, @@ -28017,7 +28059,7 @@ "NewerNoncurrentVersions": { "target": "com.amazonaws.s3#VersionCount", "traits": { - "smithy.api#documentation": "

Specifies how many newer noncurrent versions must exist before Amazon S3 can perform the\n associated action on a given version. If there are this many more recent noncurrent\n versions, Amazon S3 will take the associated action. For more information about noncurrent\n versions, see Lifecycle configuration\n elements in the Amazon S3 User Guide.

" + "smithy.api#documentation": "

Specifies how many noncurrent versions Amazon S3 will retain in the same storage class before\n transitioning objects. You can specify up to 100 noncurrent versions to retain. Amazon S3 will\n transition any additional noncurrent versions beyond the specified number to retain. For\n more information about noncurrent versions, see Lifecycle configuration\n elements in the Amazon S3 User Guide.

" } } }, @@ -30649,22 +30691,6 @@ }, "smithy.api#documentation": "

Adds an object to a bucket.

\n \n
    \n
  • \n

    Amazon S3 never adds partial objects; if you receive a success response, Amazon S3 added the\n entire object to the bucket. You cannot use PutObject to only update a\n single piece of metadata for an existing object. You must put the entire object with\n updated metadata if you want to update some values.

    \n
    • \n
  • \n

    If your bucket uses the bucket owner enforced setting for Object Ownership, ACLs are disabled and no longer affect permissions. All\n objects written to the bucket by any account will be owned by the bucket owner.

    \n
    • \n
  • \n

    \n Directory buckets - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name\n . Path-style requests are not supported. For more information, see Regional and Zonal endpoints in the\n Amazon S3 User Guide.

    \n
    • \n
\n \n

Amazon S3 is a distributed system. If it receives multiple write requests for the same object\n simultaneously, it overwrites all but the last object written. However, Amazon S3 provides features that can modify this behavior:

\n \n
\n
Permissions
\n
\n
    \n
  • \n

    \n General purpose bucket permissions - The following permissions are required in your policies when your \n PutObject request includes specific headers.

    \n
      \n
    • \n

      \n \n s3:PutObject\n - To successfully complete the PutObject request, you must always have the s3:PutObject permission on a bucket to add an object\n to it.

      \n
      • \n
    • \n

      \n \n s3:PutObjectAcl\n - To successfully change the objects ACL of your PutObject request, you must have the s3:PutObjectAcl.

      \n
      • \n
    • \n

      \n \n s3:PutObjectTagging\n - To successfully set the tag-set with your PutObject request, you\n must have the s3:PutObjectTagging.

      \n
      • \n
    \n
    • \n
  • \n

    \n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .

    \n
    • \n
\n
\n
Data integrity with Content-MD5
\n
\n
    \n
  • \n

    \n General purpose bucket - To ensure that data is not corrupted traversing the network, use the\n Content-MD5 header. When you use this header, Amazon S3 checks the object\n against the provided MD5 value and, if they do not match, Amazon S3 returns an error. Alternatively, when the object's ETag is its MD5 digest, \n you can calculate the MD5 while putting the object to Amazon S3 and compare the returned ETag to\n the calculated MD5 value.

    \n
    • \n
  • \n

    \n Directory bucket - This functionality is not supported for directory buckets.

    \n
    • \n
\n
\n
HTTP Host header syntax
\n
\n

\n Directory buckets - The HTTP Host header syntax is \n Bucket_name.s3express-az_id.region.amazonaws.com.

\n
\n
\n

For more information about related Amazon S3 APIs, see the following:

\n ", "smithy.api#examples": [ - { - "title": "To upload an object and specify server-side encryption and object tags", - "documentation": "The following example uploads an object. The request specifies the optional server-side encryption option. The request also specifies optional object tags. If the bucket is versioning enabled, S3 returns version ID in response.", - "input": { - "Body": "filetoupload", - "Bucket": "examplebucket", - "Key": "exampleobject", - "ServerSideEncryption": "AES256", - "Tagging": "key1=value1&key2=value2" - }, - "output": { - "VersionId": "Ri.vC6qVlA4dEnjgRV4ZHsHoFIjqEMNt", - "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "ServerSideEncryption": "AES256" - } - }, { "title": "To create an object.", "documentation": "The following example creates an object. If the bucket is versioning enabled, S3 returns version ID in response.", @@ -30695,60 +30721,76 @@ } }, { - "title": "To upload an object and specify optional tags", - "documentation": "The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore S3 returns version ID of the newly created object.", + "title": "To upload an object", + "documentation": "The following example uploads an object to a versioning-enabled bucket. The source file is specified using Windows file syntax. S3 returns VersionId of the newly created object.", "input": { - "Body": "c:\\HappyFace.jpg", + "Body": "HappyFace.jpg", "Bucket": "examplebucket", - "Key": "HappyFace.jpg", - "Tagging": "key1=value1&key2=value2" + "Key": "HappyFace.jpg" }, "output": { - "VersionId": "psM2sYY4.o1501dSx8wMvnkOzSBB.V4a", + "VersionId": "tpf3zF08nBplQK1XLOefGskR7mGDwcDk", "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"" } }, { - "title": "To upload object and specify user-defined metadata", - "documentation": "The following example creates an object. The request also specifies optional metadata. If the bucket is versioning enabled, S3 returns version ID in response.", + "title": "To upload an object and specify canned ACL.", + "documentation": "The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.", "input": { + "ACL": "authenticated-read", "Body": "filetoupload", "Bucket": "examplebucket", - "Key": "exampleobject", - "Metadata": { - "metadata1": "value1", - "metadata2": "value2" - } + "Key": "exampleobject" }, "output": { - "VersionId": "pSKidl4pHBiNwukdbcPXAIs.sshFFOc0", + "VersionId": "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr", "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"" } }, { - "title": "To upload an object and specify canned ACL.", - "documentation": "The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.", + "title": "To upload an object and specify optional tags", + "documentation": "The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore S3 returns version ID of the newly created object.", "input": { - "ACL": "authenticated-read", - "Body": "filetoupload", + "Body": "c:\\HappyFace.jpg", "Bucket": "examplebucket", - "Key": "exampleobject" + "Key": "HappyFace.jpg", + "Tagging": "key1=value1&key2=value2" }, "output": { - "VersionId": "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr", + "VersionId": "psM2sYY4.o1501dSx8wMvnkOzSBB.V4a", "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"" } }, { - "title": "To upload an object", - "documentation": "The following example uploads an object to a versioning-enabled bucket. The source file is specified using Windows file syntax. S3 returns VersionId of the newly created object.", + "title": "To upload an object and specify server-side encryption and object tags", + "documentation": "The following example uploads an object. The request specifies the optional server-side encryption option. The request also specifies optional object tags. If the bucket is versioning enabled, S3 returns version ID in response.", "input": { - "Body": "HappyFace.jpg", + "Body": "filetoupload", "Bucket": "examplebucket", - "Key": "HappyFace.jpg" + "Key": "exampleobject", + "ServerSideEncryption": "AES256", + "Tagging": "key1=value1&key2=value2" }, "output": { - "VersionId": "tpf3zF08nBplQK1XLOefGskR7mGDwcDk", + "VersionId": "Ri.vC6qVlA4dEnjgRV4ZHsHoFIjqEMNt", + "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", + "ServerSideEncryption": "AES256" + } + }, + { + "title": "To upload object and specify user-defined metadata", + "documentation": "The following example creates an object. The request also specifies optional metadata. If the bucket is versioning enabled, S3 returns version ID in response.", + "input": { + "Body": "filetoupload", + "Bucket": "examplebucket", + "Key": "exampleobject", + "Metadata": { + "metadata1": "value1", + "metadata2": "value2" + } + }, + "output": { + "VersionId": "pSKidl4pHBiNwukdbcPXAIs.sshFFOc0", "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"" } } @@ -33686,7 +33728,7 @@ "target": "com.amazonaws.s3#UploadPartCopyOutput" }, "traits": { - "smithy.api#documentation": "

Uploads a part by copying data from an existing object as data source. To specify the\n data source, you add the request header x-amz-copy-source in your request. To specify \n a byte range, you add the request header x-amz-copy-source-range in your\n request.

\n

For information about maximum and minimum part sizes and other multipart upload\n specifications, see Multipart upload limits in the Amazon S3 User Guide.

\n \n

Instead of copying data from an existing object as part data, you might use the UploadPart\n action to upload new data as a part of an object in your request.

\n \n

You must initiate a multipart upload before you can upload any part. In response to your\n initiate request, Amazon S3 returns the upload ID, a unique identifier that you must include in\n your upload part request.

\n

For conceptual information about multipart uploads, see Uploading\n Objects Using Multipart Upload in the\n Amazon S3 User Guide. For information about copying objects using a single atomic action vs. a multipart\n upload, see Operations on Objects in\n the Amazon S3 User Guide.

\n \n

\n Directory buckets - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name\n . Path-style requests are not supported. For more information, see Regional and Zonal endpoints in the\n Amazon S3 User Guide.

\n \n
\n
Authentication and authorization
\n
\n

All UploadPartCopy requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed. For more information, see REST Authentication.

\n

\n Directory buckets - You must use IAM credentials to authenticate and authorize your access to the UploadPartCopy API operation, instead of using the \n temporary security credentials through the CreateSession API operation.

\n

Amazon Web Services CLI or SDKs handles authentication and authorization on your behalf.

\n
\n
Permissions
\n
\n

You must have READ access to the source object and WRITE\n access to the destination bucket.

\n
    \n
  • \n

    \n General purpose bucket permissions - You must have the permissions in a policy based on the bucket types of your source bucket and destination bucket in an UploadPartCopy operation.

    \n
      \n
    • \n

      If the source object is in a general purpose bucket, you must have the \n s3:GetObject\n permission to read the source object that is being copied.

      \n
      • \n
    • \n

      If the destination bucket is a general purpose bucket, you must have the \n s3:PutObject\n permission to write the object copy to the destination bucket.\n

      \n
      • \n
    \n

    For information about permissions required to use the multipart upload API, see\n Multipart Upload and Permissions in the\n Amazon S3 User Guide.

    \n
    • \n
  • \n

    \n Directory bucket permissions -\n You must have permissions in a bucket policy or an IAM identity-based policy based on the source and destination\n bucket types in an UploadPartCopy operation.

    \n
      \n
    • \n

      If the source object that you want to copy is in a\n directory bucket, you must have the \n s3express:CreateSession\n permission in\n the Action element of a policy to read the object\n . \n By default, the session is in the ReadWrite mode. If you want to restrict the access, you can explicitly set the s3express:SessionMode condition key to ReadOnly on the copy source bucket.

      \n
      • \n
    • \n

      If the copy destination is a directory bucket, you must have the \n \n s3express:CreateSession\n permission in the\n Action element of a policy to write the object\n to the destination. The s3express:SessionMode condition\n key cannot be set to ReadOnly on the copy destination.

      \n
      • \n
    \n

    For example policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone in the\n Amazon S3 User Guide.

    \n
    • \n
\n
\n
Encryption
\n
\n
    \n
  • \n

    \n General purpose buckets - \n \n For information about using server-side encryption with customer-provided\n encryption keys with the UploadPartCopy operation, see CopyObject and UploadPart.\n

    \n
    • \n
  • \n

    \n Directory buckets - For directory buckets, only server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) is supported.

    \n
    • \n
\n
\n
Special errors
\n
\n
    \n
  • \n

    Error Code: NoSuchUpload\n

    \n
      \n
    • \n

      Description: The specified multipart upload does not exist. The\n upload ID might be invalid, or the multipart upload might have been\n aborted or completed.

      \n
      • \n
    • \n

      HTTP Status Code: 404 Not Found

      \n
      • \n
    \n
    • \n
  • \n

    Error Code: InvalidRequest\n

    \n
      \n
    • \n

      Description: The specified copy source is not supported as a\n byte-range copy source.

      \n
      • \n
    • \n

      HTTP Status Code: 400 Bad Request

      \n
      • \n
    \n
    • \n
\n
\n
HTTP Host header syntax
\n
\n

\n Directory buckets - The HTTP Host header syntax is \n Bucket_name.s3express-az_id.region.amazonaws.com.

\n
\n
\n

The following operations are related to UploadPartCopy:

\n ", + "smithy.api#documentation": "

Uploads a part by copying data from an existing object as data source. To specify the\n data source, you add the request header x-amz-copy-source in your request. To specify \n a byte range, you add the request header x-amz-copy-source-range in your\n request.

\n

For information about maximum and minimum part sizes and other multipart upload\n specifications, see Multipart upload limits in the Amazon S3 User Guide.

\n \n

Instead of copying data from an existing object as part data, you might use the UploadPart\n action to upload new data as a part of an object in your request.

\n \n

You must initiate a multipart upload before you can upload any part. In response to your\n initiate request, Amazon S3 returns the upload ID, a unique identifier that you must include in\n your upload part request.

\n

For conceptual information about multipart uploads, see Uploading\n Objects Using Multipart Upload in the\n Amazon S3 User Guide. For information about copying objects using a single atomic action vs. a multipart\n upload, see Operations on Objects in\n the Amazon S3 User Guide.

\n \n

\n Directory buckets - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name\n . Path-style requests are not supported. For more information, see Regional and Zonal endpoints in the\n Amazon S3 User Guide.

\n \n
\n
Authentication and authorization
\n
\n

All UploadPartCopy requests must be authenticated and signed by using IAM credentials (access key ID and secret access key for the IAM identities). All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed. For more information, see REST Authentication.

\n

\n Directory buckets - You must use IAM credentials to authenticate and authorize your access to the UploadPartCopy API operation, instead of using the \n temporary security credentials through the CreateSession API operation.

\n

Amazon Web Services CLI or SDKs handles authentication and authorization on your behalf.

\n
\n
Permissions
\n
\n

You must have READ access to the source object and WRITE\n access to the destination bucket.

\n
    \n
  • \n

    \n General purpose bucket permissions - You must have the permissions in a policy based on the bucket types of your source bucket and destination bucket in an UploadPartCopy operation.

    \n
      \n
    • \n

      If the source object is in a general purpose bucket, you must have the \n s3:GetObject\n permission to read the source object that is being copied.

      \n
      • \n
    • \n

      If the destination bucket is a general purpose bucket, you must have the \n s3:PutObject\n permission to write the object copy to the destination bucket.\n

      \n
      • \n
    \n

    For information about permissions required to use the multipart upload API, see\n Multipart upload API and permissions in the\n Amazon S3 User Guide.

    \n
    • \n
  • \n

    \n Directory bucket permissions -\n You must have permissions in a bucket policy or an IAM identity-based policy based on the source and destination\n bucket types in an UploadPartCopy operation.

    \n
      \n
    • \n

      If the source object that you want to copy is in a\n directory bucket, you must have the \n s3express:CreateSession\n permission in\n the Action element of a policy to read the object. By\n default, the session is in the ReadWrite mode. If you\n want to restrict the access, you can explicitly set the\n s3express:SessionMode condition key to\n ReadOnly on the copy source bucket.

      \n
      • \n
    • \n

      If the copy destination is a directory bucket, you must have the \n \n s3express:CreateSession\n permission in the\n Action element of a policy to write the object\n to the destination. The s3express:SessionMode condition\n key cannot be set to ReadOnly on the copy destination.

      \n
      • \n
    \n

    For example policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for S3 Express One Zone in the\n Amazon S3 User Guide.

    \n
    • \n
\n
\n
Encryption
\n
\n
    \n
  • \n

    \n General purpose buckets - \n \n For information about using server-side encryption with customer-provided\n encryption keys with the UploadPartCopy operation, see CopyObject and UploadPart.\n

    \n
    • \n
  • \n

    \n Directory buckets - For directory buckets, only server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) is supported.

    \n
    • \n
\n
\n
Special errors
\n
\n
    \n
  • \n

    Error Code: NoSuchUpload\n

    \n
      \n
    • \n

      Description: The specified multipart upload does not exist. The\n upload ID might be invalid, or the multipart upload might have been\n aborted or completed.

      \n
      • \n
    • \n

      HTTP Status Code: 404 Not Found

      \n
      • \n
    \n
    • \n
  • \n

    Error Code: InvalidRequest\n

    \n
      \n
    • \n

      Description: The specified copy source is not supported as a\n byte-range copy source.

      \n
      • \n
    • \n

      HTTP Status Code: 400 Bad Request

      \n
      • \n
    \n
    • \n
\n
\n
HTTP Host header syntax
\n
\n

\n Directory buckets - The HTTP Host header syntax is \n Bucket_name.s3express-az_id.region.amazonaws.com.

\n
\n
\n

The following operations are related to UploadPartCopy:

\n ", "smithy.api#http": { "method": "PUT", "uri": "/{Bucket}/{Key+}?x-id=UploadPartCopy",