Skip to content

Commit

Permalink
feat(client-s3): Add support for the new optional bucket-region and p…
Browse files Browse the repository at this point in the history 
…refix query parameters in the ListBuckets API. For ListBuckets requests that express pagination, Amazon S3 will now return both the bucket names and associated AWS regions in the response.
  • Loading branch information
awstools committed Oct 16, 2024
1 parent 7e7e222 commit e7f10a2
Show file tree
Hide file tree
Showing 11 changed files with 181 additions and 129 deletions.
2 changes: 1 addition & 1 deletion clients/client-s3/src/commands/CreateSessionCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ export interface CreateSessionCommandOutput extends CreateSessionOutput, __Metad
* To encrypt new objects in a directory bucket with SSE-KMS, you must specify SSE-KMS as the directory bucket's default encryption configuration with a KMS key (specifically, a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>). Then, when a session is created for Zonal endpoint API operations, new objects are automatically encrypted and decrypted with SSE-KMS and S3 Bucket Keys during the session.</p>
* <note>
* <p>
* Only 1 <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a> is supported per directory bucket for the lifetime of the bucket. <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">Amazon Web Services managed key</a> (<code>aws/s3</code>) isn't supported.
* Only 1 <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a> is supported per directory bucket for the lifetime of the bucket. The <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">Amazon Web Services managed key</a> (<code>aws/s3</code>) isn't supported.
* After you specify SSE-KMS as your bucket's default encryption configuration with a customer managed key, you can't change the customer managed key for the bucket's SSE-KMS configuration.
* </p>
* </note>
Expand Down
91 changes: 41 additions & 50 deletions clients/client-s3/src/commands/DeleteObjectCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,87 +29,78 @@ export interface DeleteObjectCommandInput extends DeleteObjectRequest {}
export interface DeleteObjectCommandOutput extends DeleteObjectOutput, __MetadataBearer {}

/**
* <p>Removes an object from a bucket. The behavior depends on the bucket's versioning state: </p>
* <ul>
* <li>
* <p>If bucket versioning is not enabled, the operation permanently deletes the object.</p>
* </li>
* <li>
* <p>If bucket versioning is enabled, the operation inserts a delete marker, which becomes the current version of the object. To permanently delete an object in a versioned bucket, you must include the object’s <code>versionId</code> in the request. For more information about versioning-enabled buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectVersions.html">Deleting object versions from a versioning-enabled bucket</a>.</p>
* </li>
* <li>
* <p>If bucket versioning is suspended, the operation removes the object that has a null <code>versionId</code>, if there is one, and inserts a delete marker that becomes the current version of the object. If there isn't an object with a null <code>versionId</code>, and all versions of the object have a <code>versionId</code>, Amazon S3 does not remove the object and only inserts a delete marker. To permanently delete an object that has a <code>versionId</code>, you must include the object’s <code>versionId</code> in the request. For more information about versioning-suspended buckets, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectsfromVersioningSuspendedBuckets.html">Deleting objects from versioning-suspended buckets</a>.</p>
* </li>
* </ul>
* <p>Removes an object from a bucket. The behavior depends on the bucket's versioning state.
* For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjects.html#DeletingObjects-best-practices">Best
* practices to consider before deleting an object</a>.</p>
* <p>To remove a specific version, you must use the <code>versionId</code> query parameter.
* Using this query parameter permanently deletes the version. If the object deleted is a
* delete marker, Amazon S3 sets the response header <code>x-amz-delete-marker</code> to true. If
* the object you want to delete is in a bucket where the bucket versioning configuration is
* MFA delete enabled, you must include the <code>x-amz-mfa</code> request header in the
* DELETE <code>versionId</code> request. Requests that include <code>x-amz-mfa</code> must
* use HTTPS. For more information about MFA delete and to see example requests, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html">Using MFA
* delete</a> and <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectDELETE.html#ExampleVersionObjectDelete">Sample
* request</a> in the <i>Amazon S3 User Guide</i>.</p>
* <note>
* <ul>
* <li>
* <p>
* <b>Directory buckets</b> - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the <code>null</code> value of the version ID is supported by directory buckets. You can only specify <code>null</code>
* to the <code>versionId</code> query parameter in the request.</p>
* <p>S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the <code>null</code> value of the version ID is supported by directory buckets. You can only specify <code>null</code> to the
* <code>versionId</code> query parameter in the request.</p>
* </li>
* <li>
* <p>
* <b>Directory buckets</b> - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>
* <p>For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format <code>https://<i>bucket_name</i>.s3express-<i>az_id</i>.<i>region</i>.amazonaws.com/<i>key-name</i>
* </code>. Path-style requests are not supported. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html">Regional and Zonal endpoints</a> in the
* <i>Amazon S3 User Guide</i>.</p>
* </li>
* <li>
* <p>MFA delete is not supported by directory buckets.</p>
* </li>
* </ul>
* </note>
* <p>To remove a specific version, you must use the <code>versionId</code> query parameter. Using this
* query parameter permanently deletes the version. If the object deleted is a delete marker, Amazon S3
* sets the response header <code>x-amz-delete-marker</code> to true. </p>
* <p>If the object you want to delete is in a bucket where the bucket versioning
* configuration is MFA Delete enabled, you must include the <code>x-amz-mfa</code> request
* header in the DELETE <code>versionId</code> request. Requests that include
* <code>x-amz-mfa</code> must use HTTPS. For more information about MFA Delete, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html">Using MFA Delete</a> in the <i>Amazon S3
* User Guide</i>. To see sample
* requests that use versioning, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectDELETE.html#ExampleVersionObjectDelete">Sample
* Request</a>. </p>
* <note>
* <p>
* <b>Directory buckets</b> - MFA delete is not supported by directory buckets.</p>
* </note>
* <p>You can delete objects by explicitly calling DELETE Object or calling
* (<a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html">PutBucketLifecycle</a>) to enable Amazon S3 to remove them for you. If you want to block
* users or accounts from removing or deleting objects from your bucket, you must deny them
* the <code>s3:DeleteObject</code>, <code>s3:DeleteObjectVersion</code>, and
* <code>s3:PutLifeCycleConfiguration</code> actions. </p>
* <note>
* <p>
* <b>Directory buckets</b> - S3 Lifecycle is not supported by directory buckets.</p>
* </note>
* <dl>
* <dt>Permissions</dt>
* <dd>
* <ul>
* <li>
* <p>
* <b>General purpose bucket permissions</b> - The following permissions are required in your policies when your
* <code>DeleteObjects</code> request includes specific headers.</p>
* <b>General purpose bucket permissions</b> - The
* following permissions are required in your policies when your
* <code>DeleteObjects</code> request includes specific headers.</p>
* <ul>
* <li>
* <p>
* <b>
* <code>s3:DeleteObject</code>
* </b> - To delete an object from a bucket, you must always have the <code>s3:DeleteObject</code> permission.</p>
* </b>
* - To delete an object from a bucket, you must always have the
* <code>s3:DeleteObject</code> permission.</p>
* <note>
* <p>You can also use <a>PutBucketLifecycle</a> to delete
* objects in Amazon S3.</p>
* </note>
* </li>
* <li>
* <p>
* <b>
* <code>s3:DeleteObjectVersion</code>
* </b> - To delete a specific version of an object from a versioning-enabled bucket, you must have the <code>s3:DeleteObjectVersion</code> permission.</p>
* </b> - To delete a specific version of an object from a
* versioning-enabled bucket, you must have the
* <code>s3:DeleteObjectVersion</code> permission.</p>
* </li>
* <li>
* <p>If you want to block users or accounts from removing or deleting
* objects from your bucket, you must deny them the
* <code>s3:DeleteObject</code>, <code>s3:DeleteObjectVersion</code>,
* and <code>s3:PutLifeCycleConfiguration</code> permissions.</p>
* </li>
* </ul>
* </li>
* <li>
* <p>
* <b>Directory bucket permissions</b> - To grant access to this API operation on a directory bucket, we recommend that you use the <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html">
* <code>CreateSession</code>
* </a> API operation for session-based authorization. Specifically, you grant the <code>s3express:CreateSession</code> permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the <code>CreateSession</code> API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another <code>CreateSession</code> API call to generate a new session token for use.
* Amazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html">
* <code>CreateSession</code>
* </a>.</p>
* <b>Directory buckets permissions</b> -
* To grant access to this API operation on a directory bucket, we recommend
* that you use the <a>CreateSession</a> API operation for
* session-based authorization.</p>
* </li>
* </ul>
* </dd>
Expand Down
4 changes: 4 additions & 0 deletions clients/client-s3/src/commands/ListBucketsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,8 @@ export interface ListBucketsCommandOutput extends ListBucketsOutput, __MetadataB
* const input = { // ListBucketsRequest
* MaxBuckets: Number("int"),
* ContinuationToken: "STRING_VALUE",
* Prefix: "STRING_VALUE",
* BucketRegion: "STRING_VALUE",
* };
* const command = new ListBucketsCommand(input);
* const response = await client.send(command);
Expand All @@ -53,13 +55,15 @@ export interface ListBucketsCommandOutput extends ListBucketsOutput, __MetadataB
* // { // Bucket
* // Name: "STRING_VALUE",
* // CreationDate: new Date("TIMESTAMP"),
* // BucketRegion: "STRING_VALUE",
* // },
* // ],
* // Owner: { // Owner
* // DisplayName: "STRING_VALUE",
* // ID: "STRING_VALUE",
* // },
* // ContinuationToken: "STRING_VALUE",
* // Prefix: "STRING_VALUE",
* // };
*
* ```
Expand Down
1 change: 1 addition & 0 deletions clients/client-s3/src/commands/ListDirectoryBucketsCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ export interface ListDirectoryBucketsCommandOutput extends ListDirectoryBucketsO
* // { // Bucket
* // Name: "STRING_VALUE",
* // CreationDate: new Date("TIMESTAMP"),
* // BucketRegion: "STRING_VALUE",
* // },
* // ],
* // ContinuationToken: "STRING_VALUE",
Expand Down
2 changes: 1 addition & 1 deletion clients/client-s3/src/commands/PutBucketEncryptionCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ export interface PutBucketEncryptionCommandOutput extends __MetadataBearer {}
* </li>
* <li>
* <p>Your SSE-KMS configuration can only support 1 <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a> per directory bucket for the lifetime of the bucket.
* <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">Amazon Web Services managed key</a> (<code>aws/s3</code>) isn't supported.
* The <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">Amazon Web Services managed key</a> (<code>aws/s3</code>) isn't supported.
* </p>
* </li>
* <li>
Expand Down
4 changes: 0 additions & 4 deletions clients/client-s3/src/commands/RestoreObjectCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,6 @@ export interface RestoreObjectCommandOutput extends RestoreObjectOutput, __Metad
* <note>
* <p>This operation is not supported by directory buckets.</p>
* </note>
* <important>
* <p>The <code>SELECT</code> job type for the RestoreObject operation is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the feature as usual. <a href="http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/">Learn more</a>
* </p>
* </important>
* <p>Restores an archived copy of an object back into Amazon S3</p>
* <p>This functionality is not supported for Amazon S3 on Outposts.</p>
* <p>This action performs the following types of requests: </p>
Expand Down
4 changes: 0 additions & 4 deletions clients/client-s3/src/commands/SelectObjectContentCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,6 @@ export interface SelectObjectContentCommandOutput extends SelectObjectContentOut
* <note>
* <p>This operation is not supported by directory buckets.</p>
* </note>
* <important>
* <p>The SelectObjectContent operation is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the operation as usual. <a href="http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/">Learn more</a>
* </p>
* </important>
* <p>This action filters the contents of an Amazon S3 object based on a simple structured query
* language (SQL) statement. In the request, along with the SQL expression, you must also
* specify a data serialization format (JSON, CSV, or Apache Parquet) of the object. Amazon S3 uses
Expand Down
Loading

0 comments on commit e7f10a2

Please sign in to comment.