Class: Aws::S3::Object

Inherits:
Object
  • Object
show all
Extended by:
Deprecations
Defined in:
sig/object.rbs,
lib/aws-sdk-s3/customizations/object.rb,
sig/customizations/object.rbs,
lib/aws-sdk-s3/object.rb

Overview

Defined Under Namespace

Classes: Collection

Read-Only Attributes collapse

Actions collapse

Associations collapse

Instance Method Summary collapse

Constructor Details

#initialize(bucket_name, key, options = {}) ⇒ Object #initialize(options = {}) ⇒ Object

Returns a new instance of Object.

Overloads:

  • #initialize(bucket_name, key, options = {}) ⇒ Object

    Parameters:

    • bucket_name (String)
    • key (String)

    Options Hash (options):

  • #initialize(options = {}) ⇒ Object

    Options Hash (options):

    • :bucket_name (required, String)
    • :key (required, String)
    • :client (Client)


13
14
15
# File 'sig/object.rbs', line 13

def initialize: (String bucket_name, String key, Hash[Symbol, untyped] options) -> void
| (bucket_name: String, key: String, ?client: Client) -> void
| (Hash[Symbol, untyped] args) -> void

Instance Method Details

#accept_rangesString

Indicates that a range of bytes was specified.

Returns:

  • (String)


27
# File 'sig/object.rbs', line 27

def accept_ranges: () -> ::String

#aclObjectAcl

Returns:



461
# File 'sig/object.rbs', line 461

def acl: () -> ObjectAcl

#archive_statusString

The archive state of the head object.

This functionality is not supported for directory buckets.

Returns:

  • (String)


36
# File 'sig/object.rbs', line 36

def archive_status: () -> ("ARCHIVE_ACCESS" | "DEEP_ARCHIVE_ACCESS")

#bucketBucket

Returns:



464
# File 'sig/object.rbs', line 464

def bucket: () -> Bucket

#bucket_key_enabledBoolean

Indicates whether the object uses an S3 Bucket Key for server-side encryption with Key Management Service (KMS) keys (SSE-KMS).

Returns:

  • (Boolean)


129
# File 'sig/object.rbs', line 129

def bucket_key_enabled: () -> bool

#bucket_nameString

Returns:

  • (String)


18
# File 'sig/object.rbs', line 18

def bucket_name: () -> String

#cache_controlString

Specifies caching behavior along the request/reply chain.

Returns:

  • (String)


87
# File 'sig/object.rbs', line 87

def cache_control: () -> ::String

#checksum_crc32String

The Base64 encoded, 32-bit CRC32 checksum of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


45
# File 'sig/object.rbs', line 45

def checksum_crc32: () -> ::String

#checksum_crc32cString

The Base64 encoded, 32-bit CRC32C checksum of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


48
# File 'sig/object.rbs', line 48

def checksum_crc32c: () -> ::String

#checksum_crc64nvmeString

The Base64 encoded, 64-bit CRC64NVME checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


51
# File 'sig/object.rbs', line 51

def checksum_crc64nvme: () -> ::String

#checksum_md5String

The Base64 encoded, 128-bit MD5 digest of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


63
# File 'sig/object.rbs', line 63

def checksum_md5: () -> ::String

#checksum_sha1String

The Base64 encoded, 160-bit SHA1 digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use the API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


54
# File 'sig/object.rbs', line 54

def checksum_sha1: () -> ::String

#checksum_sha256String

The Base64 encoded, 256-bit SHA256 digest of the object. This checksum is only present if the checksum was uploaded with the object. When you use an API operation on an object that was uploaded using multipart uploads, this value may not be a direct checksum value of the full object. Instead, it's a calculation based on the checksum values of each individual part. For more information about how checksums are calculated with multipart uploads, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


57
# File 'sig/object.rbs', line 57

def checksum_sha256: () -> ::String

#checksum_sha512String

The Base64 encoded, 512-bit SHA512 digest of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


60
# File 'sig/object.rbs', line 60

def checksum_sha512: () -> ::String

#checksum_typeString

The checksum type, which determines how part-level checksums are combined to create an object-level checksum for multipart objects. You can use this header response to verify that the checksum type that is received is the same checksum type that was specified in CreateMultipartUpload request. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


75
# File 'sig/object.rbs', line 75

def checksum_type: () -> ("COMPOSITE" | "FULL_OBJECT")

#checksum_xxhash128String

The Base64 encoded, 128-bit XXHASH128 checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


72
# File 'sig/object.rbs', line 72

def checksum_xxhash128: () -> ::String

#checksum_xxhash3String

The Base64 encoded, 64-bit XXHASH3 checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


69
# File 'sig/object.rbs', line 69

def checksum_xxhash3: () -> ::String

#checksum_xxhash64String

The Base64 encoded, 64-bit XXHASH64 checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:

  • (String)


66
# File 'sig/object.rbs', line 66

def checksum_xxhash64: () -> ::String

#clientClient

Returns:



606
# File 'lib/aws-sdk-s3/object.rb', line 606

def client: () -> Client

#content_dispositionString

Specifies presentational information for the object.

Returns:

  • (String)


90
# File 'sig/object.rbs', line 90

def content_disposition: () -> ::String

#content_encodingString

Indicates what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

Returns:

  • (String)


93
# File 'sig/object.rbs', line 93

def content_encoding: () -> ::String

#content_languageString

The language the content is in.

Returns:

  • (String)


96
# File 'sig/object.rbs', line 96

def content_language: () -> ::String

#content_lengthInteger

Size of the body in bytes.

Returns:

  • (Integer)


42
# File 'sig/object.rbs', line 42

def content_length: () -> ::Integer

#content_rangeString

The portion of the object returned in the response for a GET request.

Returns:

  • (String)


102
# File 'sig/object.rbs', line 102

def content_range: () -> ::String

#content_typeString

A standard MIME type describing the format of the object data.

Returns:

  • (String)


99
# File 'sig/object.rbs', line 99

def content_type: () -> ::String

#copy_from(options = {}) ⇒ Types::CopyObjectOutput

Examples:

Request syntax with placeholder values


object.copy_from({
  acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
  cache_control: "CacheControl",
  checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME, SHA512, MD5, XXHASH64, XXHASH3, XXHASH128
  content_disposition: "ContentDisposition",
  content_encoding: "ContentEncoding",
  content_language: "ContentLanguage",
  content_type: "ContentType",
  copy_source: "CopySource", # required
  copy_source_if_match: "CopySourceIfMatch",
  copy_source_if_modified_since: Time.now,
  copy_source_if_none_match: "CopySourceIfNoneMatch",
  copy_source_if_unmodified_since: Time.now,
  expires: Time.now,
  grant_full_control: "GrantFullControl",
  grant_read: "GrantRead",
  grant_read_acp: "GrantReadACP",
  grant_write_acp: "GrantWriteACP",
  if_match: "IfMatch",
  if_none_match: "IfNoneMatch",
  metadata: {
    "MetadataKey" => "MetadataValue",
  },
  metadata_directive: "COPY", # accepts COPY, REPLACE
  tagging_directive: "COPY", # accepts COPY, REPLACE
  annotation_directive: "COPY", # accepts COPY, EXCLUDE
  server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
  storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS, FSX_ONTAP
  website_redirect_location: "WebsiteRedirectLocation",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  ssekms_key_id: "SSEKMSKeyId",
  ssekms_encryption_context: "SSEKMSEncryptionContext",
  bucket_key_enabled: false,
  copy_source_sse_customer_algorithm: "CopySourceSSECustomerAlgorithm",
  copy_source_sse_customer_key: "CopySourceSSECustomerKey",
  copy_source_sse_customer_key_md5: "CopySourceSSECustomerKeyMD5",
  request_payer: "requester", # accepts requester
  tagging: "TaggingHeader",
  object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
  object_lock_retain_until_date: Time.now,
  object_lock_legal_hold_status: "ON", # accepts ON, OFF
  expected_bucket_owner: "AccountId",
  expected_source_bucket_owner: "AccountId",
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :acl (String)

    The canned access control list (ACL) to apply to the object.

    When you copy an object, the ACL metadata is not preserved and is set to private by default. Only the owner has full access control. To override the default ACL setting, specify a new ACL when you generate a copy request. For more information, see Using ACLs.

    If the destination bucket that you're copying objects to uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that use this setting only accept PUT requests that don't specify an ACL or PUT requests that specify bucket owner full control ACLs, such as the bucket-owner-full-control canned ACL or an equivalent form of this ACL expressed in the XML format. For more information, see Controlling ownership of objects and disabling ACLs in the Amazon S3 User Guide.

    * If your destination bucket uses the bucket owner enforced setting for Object Ownership, all objects written to the bucket by any account will be owned by the bucket owner.

    • This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.

  • :cache_control (String)

    Specifies the caching behavior along the request/reply chain.

  • :checksum_algorithm (String)

    Indicates the algorithm that you want Amazon S3 to use to create the checksum for the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

    When you copy an object, if the source object has a checksum, that checksum value will be copied to the new object by default. If the CopyObject request does not include this x-amz-checksum-algorithm header, the checksum algorithm will be copied from the source object to the destination object (if it's present on the source object). You can optionally specify a different checksum algorithm to use with the x-amz-checksum-algorithm header. Unrecognized or unsupported values will respond with the HTTP status code 400 Bad Request.

    For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the default checksum algorithm that's used for performance.

  • :content_disposition (String)

    Specifies presentational information for the object. Indicates whether an object should be displayed in a web browser or downloaded as a file. It allows specifying the desired filename for the downloaded file.

  • :content_encoding (String)

    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

    For directory buckets, only the aws-chunked value is supported in this header field.

  • :content_language (String)

    The language the content is in.

  • :content_type (String)

    A standard MIME type that describes the format of the object data.

  • :copy_source (required, String)

    Specifies the source object for the copy operation. The source object can be up to 5 GB. If the source object is an object that was uploaded by using a multipart upload, the object copy will be a single part object after the source object is copied to the destination bucket.

    You specify the value of the copy source in one of two formats, depending on whether you want to access the source object through an access point:

    • For objects not accessed through an access point, specify the name of the source bucket and the key of the source object, separated by a slash (/). For example, to copy the object reports/january.pdf from the general purpose bucket awsexamplebucket, use awsexamplebucket/reports/january.pdf. The value must be URL-encoded. To copy the object reports/january.pdf from the directory bucket awsexamplebucket--use1-az5--x-s3, use awsexamplebucket--use1-az5--x-s3/reports/january.pdf. The value must be URL-encoded.

    • For objects accessed through access points, specify the Amazon Resource Name (ARN) of the object as accessed through the access point, in the format arn:aws:s3:<Region>:<account-id>:accesspoint/<access-point-name>/object/<key>. For example, to copy the object reports/january.pdf through access point my-access-point owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf. The value must be URL encoded.

      * Amazon S3 supports copy operations using Access points only when the source and destination buckets are in the same Amazon Web Services Region.

    • Access points are not supported by directory buckets.

    Alternatively, for objects accessed through Amazon S3 on Outposts,
    specify the ARN of the object as accessed in the format
    `arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/object/<key>`.
    For example, to copy the object `reports/january.pdf` through
    outpost `my-outpost` owned by account `123456789012` in Region
    `us-west-2`, use the URL encoding of
    `arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf`.
    The value must be URL-encoded.
    

    If your source bucket versioning is enabled, the x-amz-copy-source header by default identifies the current version of an object to copy. If the current version is a delete marker, Amazon S3 behaves as if the object was deleted. To copy a different version, use the versionId query parameter. Specifically, append ?versionId=<version-id> to the value (for example, awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893). If you don't specify a version ID, Amazon S3 copies the latest version of the source object.

    If you enable versioning on the destination bucket, Amazon S3 generates a unique version ID for the copied object. This version ID is different from the version ID of the source object. Amazon S3 returns the version ID of the copied object in the x-amz-version-id response header in the response.

    If you do not enable versioning or suspend it on the destination bucket, the version ID that Amazon S3 generates in the x-amz-version-id response header is always null.

    Directory buckets - S3 Versioning isn't enabled and supported for directory buckets.

  • :copy_source_if_match (String)

    Copies the object if its entity tag (ETag) matches the specified tag.

    If both the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since headers are present in the request and evaluate as follows, Amazon S3 returns 200 OK and copies the data:

    • x-amz-copy-source-if-match condition evaluates to true

    • x-amz-copy-source-if-unmodified-since condition evaluates to false

  • :copy_source_if_modified_since (Time, DateTime, Date, Integer, String)

    Copies the object if it has been modified since the specified time.

    If both the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since headers are present in the request and evaluate as follows, Amazon S3 returns the 412 Precondition Failed response code:

    • x-amz-copy-source-if-none-match condition evaluates to false

    • x-amz-copy-source-if-modified-since condition evaluates to true

  • :copy_source_if_none_match (String)

    Copies the object if its entity tag (ETag) is different than the specified ETag.

    If both the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since headers are present in the request and evaluate as follows, Amazon S3 returns the 412 Precondition Failed response code:

    • x-amz-copy-source-if-none-match condition evaluates to false

    • x-amz-copy-source-if-modified-since condition evaluates to true

  • :copy_source_if_unmodified_since (Time, DateTime, Date, Integer, String)

    Copies the object if it hasn't been modified since the specified time.

    If both the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since headers are present in the request and evaluate as follows, Amazon S3 returns 200 OK and copies the data:

    • x-amz-copy-source-if-match condition evaluates to true

    • x-amz-copy-source-if-unmodified-since condition evaluates to false

  • :expires (Time, DateTime, Date, Integer, String)

    The date and time at which the object is no longer cacheable.

  • :grant_full_control (String)

    Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :grant_read (String)

    Allows grantee to read the object data and its metadata.

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :grant_read_acp (String)

    Allows grantee to read the object ACL.

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :grant_write_acp (String)

    Allows grantee to write the ACL for the applicable object.

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :if_match (String)

    Copies the object if the entity tag (ETag) of the destination object matches the specified tag. If the ETag values do not match, the operation returns a 412 Precondition Failed error. If a concurrent operation occurs during the upload S3 returns a 409 ConditionalRequestConflict response. On a 409 failure you should fetch the object's ETag and retry the upload.

    Expects the ETag value as a string.

    For more information about conditional requests, see RFC 7232.

  • :if_none_match (String)

    Copies the object only if the object key name at the destination does not already exist in the bucket specified. Otherwise, Amazon S3 returns a 412 Precondition Failed error. If a concurrent operation occurs during the upload S3 returns a 409 ConditionalRequestConflict response. On a 409 failure you should retry the upload.

    Expects the '*' (asterisk) character.

    For more information about conditional requests, see RFC 7232.

  • :metadata (Hash<String,String>)

    A map of metadata to store with the object in S3.

  • :metadata_directive (String)

    Specifies whether the metadata is copied from the source object or replaced with metadata that's provided in the request. When copying an object, you can preserve all metadata (the default) or specify new metadata. If this header isn’t specified, COPY is the default behavior.

    General purpose bucket - For general purpose buckets, when you grant permissions, you can use the s3:x-amz-metadata-directive condition key to enforce certain metadata behavior when objects are uploaded. For more information, see Amazon S3 condition key examples in the Amazon S3 User Guide.

    x-amz-website-redirect-location is unique to each object and is not copied when using the x-amz-metadata-directive header. To copy the value, you must specify x-amz-website-redirect-location in the request header.

  • :tagging_directive (String)

    Specifies whether the object tag-set is copied from the source object or replaced with the tag-set that's provided in the request.

    The default value is COPY.

    Directory buckets - For directory buckets in a CopyObject operation, only the empty tag-set is supported. Any requests that attempt to write non-empty tags into directory buckets will receive a 501 Not Implemented status code. When the destination bucket is a directory bucket, you will receive a 501 Not Implemented response in any of the following situations:

    • When you attempt to COPY the tag-set from an S3 source object that has non-empty tags.

    • When you attempt to REPLACE the tag-set of a source object and set a non-empty value to x-amz-tagging.

    • When you don't set the x-amz-tagging-directive header and the source object has non-empty tags. This is because the default value of x-amz-tagging-directive is COPY.

    Because only the empty tag-set is supported for directory buckets in a CopyObject operation, the following situations are allowed:

    • When you attempt to COPY the tag-set from a directory bucket source object that has no tags to a general purpose bucket. It copies an empty tag-set to the destination object.

    • When you attempt to REPLACE the tag-set of a directory bucket source object and set the x-amz-tagging value of the directory bucket destination object to empty.

    • When you attempt to REPLACE the tag-set of a general purpose bucket source object that has non-empty tags and set the x-amz-tagging value of the directory bucket destination object to empty.

    • When you attempt to REPLACE the tag-set of a directory bucket source object and don't set the x-amz-tagging value of the directory bucket destination object. This is because the default value of x-amz-tagging is the empty value.

  • :annotation_directive (String)

    Specifies whether you want to copy annotations from the source object or exclude them. If this header isn't specified, COPY is the default behavior.

    Valid Values: COPY | EXCLUDE

    You can specify this directive as either an HTTP header (x-amz-object-annotation-directive) or as a query string parameter. Use the query string form when generating presigned URLs that need to control annotation copy behavior.

    When set to COPY, you must have s3:GetObjectAnnotation permission on the source object and s3:PutObjectAnnotation permission on the destination. Each annotation copied is billed as a separate PUT request. If annotations on the source are modified during the copy, Amazon S3 returns a retryable error.

    For directory buckets, annotations are not supported. Use EXCLUDE to copy objects to directory buckets without errors. If you specify COPY for a directory bucket, the request returns HTTP 501 (Not Implemented).

    When you copy objects using multipart upload (for example, when the Amazon Web Services CLI or Amazon Web Services SDKs use Transfer Manager for objects larger than approximately 8 MB), annotations are not copied by default. To include annotations, specify --copy-props default in the Amazon Web Services CLI or the equivalent SDK configuration. With this opt-in, the SDK reads source annotations, completes the multipart upload, and then writes each annotation to the destination. Between the upload completion and the last annotation write, the destination object exists without all its annotations.

  • :server_side_encryption (String)

    The server-side encryption algorithm used when storing this object in Amazon S3. Unrecognized or unsupported values won’t write a destination object and will receive a 400 Bad Request response.

    Amazon S3 automatically encrypts all new objects that are copied to an S3 bucket. When copying an object, if you don't specify encryption information in your copy request, the encryption setting of the target object is set to the default encryption configuration of the destination bucket. By default, all buckets have a base level of encryption configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). If the destination bucket has a different default encryption configuration, Amazon S3 uses the corresponding encryption key to encrypt the target object copy.

    With server-side encryption, Amazon S3 encrypts your data as it writes your data to disks in its data centers and decrypts the data when you access it. For more information about server-side encryption, see Using Server-Side Encryption in the Amazon S3 User Guide.

    General purpose buckets

    • For general purpose buckets, there are the following supported options for server-side encryption: server-side encryption with Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), and server-side encryption with customer-provided encryption keys (SSE-C). Amazon S3 uses the corresponding KMS key, or a customer-provided key to encrypt the target object copy.

    • When you perform a CopyObject operation, if you want to use a different type of encryption setting for the target object, you can specify appropriate encryption-related headers to encrypt the target object with an Amazon S3 managed key, a KMS key, or a customer-provided key. If the encryption setting in your request is different from the default encryption configuration of the destination bucket, the encryption setting in your request takes precedence.

    Directory buckets

    • For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your CreateSession requests or PUT object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.

    • To encrypt new object copies to a directory bucket with SSE-KMS, we recommend you specify SSE-KMS as the directory bucket's default encryption configuration with a KMS key (specifically, a customer managed key). The Amazon Web Services managed key (aws/s3) isn't supported. Your SSE-KMS configuration can only support 1 customer managed key per directory bucket for the lifetime of the bucket. After you specify a customer managed key for SSE-KMS, you can't override the customer managed key for the bucket's SSE-KMS configuration. Then, when you perform a CopyObject operation and want to specify server-side encryption settings for new object copies with SSE-KMS in the encryption-related request headers, you must ensure the encryption key is the same customer managed key that you specified for the directory bucket's default encryption configuration.

    • S3 access points for Amazon FSx - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is aws:fsx. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx.

  • :storage_class (String)

    If the x-amz-storage-class header is not used, the copied object will be stored in the STANDARD Storage Class by default. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class.

    * Directory buckets - Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones. Unsupported storage class values won't write a destination object and will respond with the HTTP status code 400 Bad Request.

    • Amazon S3 on Outposts - S3 on Outposts only uses the OUTPOSTS Storage Class.

    You can use the CopyObject action to change the storage class of an object that is already stored in Amazon S3 by using the x-amz-storage-class header. For more information, see Storage Classes in the Amazon S3 User Guide.

    Before using an object as a source object for the copy operation, you must restore a copy of it if it meets any of the following conditions:

    • The storage class of the source object is GLACIER or DEEP_ARCHIVE.

    • The storage class of the source object is INTELLIGENT_TIERING and it's S3 Intelligent-Tiering access tier is Archive Access or Deep Archive Access.

    For more information, see RestoreObject and Copying Objects in the Amazon S3 User Guide.

  • :website_redirect_location (String)

    If the destination bucket is configured as a website, redirects requests for this object copy to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. This value is unique to each object and is not copied when using the x-amz-metadata-directive header. Instead, you may opt to provide this header in combination with the x-amz-metadata-directive header.

    This functionality is not supported for directory buckets.

  • :sse_customer_algorithm (String)

    Specifies the algorithm to use when encrypting the object (for example, AES256).

    When you perform a CopyObject operation, if you want to use a different type of encryption setting for the target object, you can specify appropriate encryption-related headers to encrypt the target object with an Amazon S3 managed key, a KMS key, or a customer-provided key. If the encryption setting in your request is different from the default encryption configuration of the destination bucket, the encryption setting in your request takes precedence.

    This functionality is not supported when the destination bucket is a directory bucket.

  • :sse_customer_key (String)

    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded. Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

    This functionality is not supported when the destination bucket is a directory bucket.

  • :sse_customer_key_md5 (String)

    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

    This functionality is not supported when the destination bucket is a directory bucket.

  • :ssekms_key_id (String)

    Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. All GET and PUT requests for an object protected by KMS will fail if they're not made via SSL or using SigV4. For information about configuring any of the officially supported Amazon Web Services SDKs and Amazon Web Services CLI, see Specifying the Signature Version in Request Authentication in the Amazon S3 User Guide.

    Directory buckets - To encrypt data using SSE-KMS, it's recommended to specify the x-amz-server-side-encryption header to aws:kms. Then, the x-amz-server-side-encryption-aws-kms-key-id header implicitly uses the bucket's default KMS customer managed key ID. If you want to explicitly set the x-amz-server-side-encryption-aws-kms-key-id header, it must match the bucket's default customer managed key (using key ID or ARN, not alias). Your SSE-KMS configuration can only support 1 customer managed key per directory bucket's lifetime. The Amazon Web Services managed key (aws/s3) isn't supported. Incorrect key specification results in an HTTP 400 Bad Request error.

  • :ssekms_encryption_context (String)

    Specifies the Amazon Web Services KMS Encryption Context as an additional encryption context to use for the destination object encryption. The value of this header is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs.

    General purpose buckets - This value must be explicitly added to specify encryption context for CopyObject requests if you want an additional encryption context for your destination object. The additional encryption context of the source object won't be copied to the destination object. For more information, see Encryption context in the Amazon S3 User Guide.

    Directory buckets - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported.

  • :bucket_key_enabled (Boolean)

    Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the object.

    Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Specifying this header with a COPY action doesn’t affect bucket-level settings for S3 Bucket Key.

    For more information, see Amazon S3 Bucket Keys in the Amazon S3 User Guide.

    Directory buckets - S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

  • :copy_source_sse_customer_algorithm (String)

    Specifies the algorithm to use when decrypting the source object (for example, AES256).

    If the source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary encryption information in your request so that Amazon S3 can decrypt the object for copying.

    This functionality is not supported when the source object is in a directory bucket.

  • :copy_source_sse_customer_key (String)

    Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be the same one that was used when the source object was created.

    If the source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary encryption information in your request so that Amazon S3 can decrypt the object for copying.

    This functionality is not supported when the source object is in a directory bucket.

  • :copy_source_sse_customer_key_md5 (String)

    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

    If the source object for the copy is stored in Amazon S3 using SSE-C, you must provide the necessary encryption information in your request so that Amazon S3 can decrypt the object for copying.

    This functionality is not supported when the source object is in a directory bucket.

  • :request_payer (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :tagging (String)

    The tag-set for the object copy in the destination bucket. This value must be used in conjunction with the x-amz-tagging-directive if you choose REPLACE for the x-amz-tagging-directive. If you choose COPY for the x-amz-tagging-directive, you don't need to set the x-amz-tagging header, because the tag-set will be copied from the source object directly. The tag-set must be encoded as URL Query parameters.

    The default value is the empty value.

    Directory buckets - For directory buckets in a CopyObject operation, only the empty tag-set is supported. Any requests that attempt to write non-empty tags into directory buckets will receive a 501 Not Implemented status code. When the destination bucket is a directory bucket, you will receive a 501 Not Implemented response in any of the following situations:

    • When you attempt to COPY the tag-set from an S3 source object that has non-empty tags.

    • When you attempt to REPLACE the tag-set of a source object and set a non-empty value to x-amz-tagging.

    • When you don't set the x-amz-tagging-directive header and the source object has non-empty tags. This is because the default value of x-amz-tagging-directive is COPY.

    Because only the empty tag-set is supported for directory buckets in a CopyObject operation, the following situations are allowed:

    • When you attempt to COPY the tag-set from a directory bucket source object that has no tags to a general purpose bucket. It copies an empty tag-set to the destination object.

    • When you attempt to REPLACE the tag-set of a directory bucket source object and set the x-amz-tagging value of the directory bucket destination object to empty.

    • When you attempt to REPLACE the tag-set of a general purpose bucket source object that has non-empty tags and set the x-amz-tagging value of the directory bucket destination object to empty.

    • When you attempt to REPLACE the tag-set of a directory bucket source object and don't set the x-amz-tagging value of the directory bucket destination object. This is because the default value of x-amz-tagging is the empty value.

  • :object_lock_mode (String)

    The Object Lock mode that you want to apply to the object copy.

    This functionality is not supported for directory buckets.

  • :object_lock_retain_until_date (Time, DateTime, Date, Integer, String)

    The date and time when you want the Object Lock of the object copy to expire.

    This functionality is not supported for directory buckets.

  • :object_lock_legal_hold_status (String)

    Specifies whether you want to apply a legal hold to the object copy.

    This functionality is not supported for directory buckets.

  • :expected_bucket_owner (String)

    The account ID of the expected destination bucket owner. If the account ID that you provide does not match the actual owner of the destination bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

  • :expected_source_bucket_owner (String)

    The account ID of the expected source bucket owner. If the account ID that you provide does not match the actual owner of the source bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

Returns:



99
# File 'lib/aws-sdk-s3/customizations/object.rb', line 99

alias_method :copy_from, :copy_from

#copy_to(target, options = {}) ⇒ void

Parameters:

  • target (Object)
  • options (Hash[Symbol, untyped]) (defaults to: {})


142
143
144
145
146
# File 'lib/aws-sdk-s3/customizations/object.rb', line 142

def copy_to(target, options = {})
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    ObjectCopier.new(self, options).copy_to(target, options)
  end
end

#dataTypes::HeadObjectOutput

Returns the data for this Aws::S3::Object. Calls Client#head_object if #data_loaded? is false.

Returns:



162
# File 'sig/object.rbs', line 162

def data: () -> Types::HeadObjectOutput

#data_loaded?Boolean

Returns true if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

Returns:

  • (Boolean)

    Returns true if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.



165
# File 'sig/object.rbs', line 165

def data_loaded?: () -> bool

#delete(options = {}) ⇒ Types::DeleteObjectOutput

Examples:

Request syntax with placeholder values


object.delete({
  mfa: "MFA",
  version_id: "ObjectVersionId",
  request_payer: "requester", # accepts requester
  bypass_governance_retention: false,
  expected_bucket_owner: "AccountId",
  if_match: "IfMatch",
  if_match_last_modified_time: Time.now,
  if_match_size: 1,
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :mfa (String)

    The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Required to permanently delete a versioned object if versioning is configured with MFA delete enabled.

    This functionality is not supported for directory buckets.

  • :version_id (String)

    Version ID used to reference a specific version of the object.

    For directory buckets in this API operation, only the null value of the version ID is supported.

  • :request_payer (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :bypass_governance_retention (Boolean)

    Indicates whether S3 Object Lock should bypass Governance-mode restrictions to process this operation. To use this header, you must have the s3:BypassGovernanceRetention permission.

    This functionality is not supported for directory buckets.

  • :expected_bucket_owner (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

  • :if_match (String)

    Deletes the object if the ETag (entity tag) value provided during the delete operation matches the ETag of the object in S3. If the ETag values do not match, the operation returns a 412 Precondition Failed error.

    Expects the ETag value as a string. If-Match does accept a string value of an '*' (asterisk) character to denote a match of any ETag.

    For more information about conditional requests, see RFC 7232.

  • :if_match_last_modified_time (Time, DateTime, Date, Integer, String)

    If present, the object is deleted only if its modification times matches the provided Timestamp. If the Timestamp values do not match, the operation returns a 412 Precondition Failed error. If the Timestamp matches or if the object doesn’t exist, the operation returns a 204 Success (No Content) response.

    This functionality is only supported for directory buckets.

  • :if_match_size (Integer)

    If present, the object is deleted only if its size matches the provided size in bytes. If the Size value does not match, the operation returns a 412 Precondition Failed error. If the Size matches or if the object doesn’t exist, the operation returns a 204 Success (No Content) response.

    This functionality is only supported for directory buckets.

    You can use the If-Match, x-amz-if-match-last-modified-time and x-amz-if-match-size conditional headers in conjunction with each-other or individually.

Returns:



227
# File 'sig/object.rbs', line 227

def delete: (

#delete_markerBoolean

Specifies whether the object retrieved was (true) or was not (false) a Delete Marker. If false, this response header does not appear in the response.

This functionality is not supported for directory buckets.

Returns:

  • (Boolean)


24
# File 'sig/object.rbs', line 24

def delete_marker: () -> bool

#download_file(destination, options = {}) ⇒ Boolean

Parameters:

  • destination (String)
  • options (Hash[Symbol, untyped]) (defaults to: {})

Returns:

  • (Boolean)


562
563
564
565
566
567
568
569
570
571
# File 'lib/aws-sdk-s3/customizations/object.rb', line 562

def download_file(destination, options = {})
  download_opts = options.merge(bucket: bucket_name, key: key)
  executor = DefaultExecutor.new(max_threads: download_opts.delete([:thread_count]))
  downloader = FileDownloader.new(client: client, executor: executor)
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    downloader.download(destination, download_opts)
  end
  executor.shutdown
  true
end

#etagString

An entity tag (ETag) is an opaque identifier assigned by a web server to a specific version of a resource found at a URL.

Returns:

  • (String)


78
# File 'sig/object.rbs', line 78

def etag: () -> ::String

#exists?(options = {}) ⇒ Boolean

Returns true if the Object exists.

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Returns:

  • (Boolean)

    Returns true if the Object exists.



168
169
# File 'sig/object.rbs', line 168

def exists?: (?max_attempts: Integer, ?delay: Numeric, ?before_attempt: (^(Integer attempts) -> void), ?before_wait: (^(Integer attempts, untyped response) -> void)) -> bool
| (?Hash[Symbol, untyped]) -> bool

#expirationString

If the object expiration is configured (see PutBucketLifecycleConfiguration ), the response includes this header. It includes the expiry-date and rule-id key-value pairs providing object expiration information. The value of the rule-id is URL-encoded.

Object expiration information is not returned in directory buckets and this header returns the value "NotImplemented" in all responses for directory buckets.

Returns:

  • (String)


30
# File 'sig/object.rbs', line 30

def expiration: () -> ::String

#expiresTime

The date and time at which the object is no longer cacheable.

Returns:

  • (Time)


105
# File 'sig/object.rbs', line 105

def expires: () -> ::Time

#expires_stringString

Returns:

  • (String)


108
# File 'sig/object.rbs', line 108

def expires_string: () -> ::String

#get(options = {}, &block) ⇒ Types::GetObjectOutput

Examples:

Request syntax with placeholder values


object.get({
  if_match: "IfMatch",
  if_modified_since: Time.now,
  if_none_match: "IfNoneMatch",
  if_unmodified_since: Time.now,
  range: "Range",
  response_cache_control: "ResponseCacheControl",
  response_content_disposition: "ResponseContentDisposition",
  response_content_encoding: "ResponseContentEncoding",
  response_content_language: "ResponseContentLanguage",
  response_content_type: "ResponseContentType",
  response_expires: Time.now,
  version_id: "ObjectVersionId",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  request_payer: "requester", # accepts requester
  part_number: 1,
  expected_bucket_owner: "AccountId",
  checksum_mode: "ENABLED", # accepts ENABLED
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :if_match (String)

    Return the object only if its entity tag (ETag) is the same as the one specified in this header; otherwise, return a 412 Precondition Failed error.

    If both of the If-Match and If-Unmodified-Since headers are present in the request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since condition evaluates to false; then, S3 returns 200 OK and the data requested.

    For more information about conditional requests, see RFC 7232.

  • :if_modified_since (Time, DateTime, Date, Integer, String)

    Return the object only if it has been modified since the specified time; otherwise, return a 304 Not Modified error.

    If both of the If-None-Match and If-Modified-Since headers are present in the request as follows: If-None-Match condition evaluates to false, and; If-Modified-Since condition evaluates to true; then, S3 returns 304 Not Modified status code.

    For more information about conditional requests, see RFC 7232.

  • :if_none_match (String)

    Return the object only if its entity tag (ETag) is different from the one specified in this header; otherwise, return a 304 Not Modified error.

    If both of the If-None-Match and If-Modified-Since headers are present in the request as follows: If-None-Match condition evaluates to false, and; If-Modified-Since condition evaluates to true; then, S3 returns 304 Not Modified HTTP status code.

    For more information about conditional requests, see RFC 7232.

  • :if_unmodified_since (Time, DateTime, Date, Integer, String)

    Return the object only if it has not been modified since the specified time; otherwise, return a 412 Precondition Failed error.

    If both of the If-Match and If-Unmodified-Since headers are present in the request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since condition evaluates to false; then, S3 returns 200 OK and the data requested.

    For more information about conditional requests, see RFC 7232.

  • :range (String)

    Downloads the specified byte range of an object. For more information about the HTTP Range header, see https://www.rfc-editor.org/rfc/rfc9110.html#name-range.

    Amazon S3 doesn't support retrieving multiple ranges of data per GET request.

  • :response_cache_control (String)

    Sets the Cache-Control header of the response.

  • :response_content_disposition (String)

    Sets the Content-Disposition header of the response.

  • :response_content_encoding (String)

    Sets the Content-Encoding header of the response.

  • :response_content_language (String)

    Sets the Content-Language header of the response.

  • :response_content_type (String)

    Sets the Content-Type header of the response.

  • :response_expires (Time, DateTime, Date, Integer, String)

    Sets the Expires header of the response.

  • :version_id (String)

    Version ID used to reference a specific version of the object.

    By default, the GetObject operation returns the current version of an object. To return a different version, use the versionId subresource.

    * If you include a versionId in your request header, you must have the s3:GetObjectVersion permission to access a specific version of an object. The s3:GetObject permission is not required in this scenario.

    • If you request the current version of an object without a specific versionId in the request header, only the s3:GetObject permission is required. The s3:GetObjectVersion permission is not required in this scenario.

    • Directory buckets - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the null value of the version ID is supported by directory buckets. You can only specify null to the versionId query parameter in the request.

    For more information about versioning, see PutBucketVersioning.

  • :sse_customer_algorithm (String)

    Specifies the algorithm to use when decrypting the object (for example, AES256).

    If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers:

    • x-amz-server-side-encryption-customer-algorithm

    • x-amz-server-side-encryption-customer-key

    • x-amz-server-side-encryption-customer-key-MD5

    For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided Encryption Keys) in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :sse_customer_key (String)

    Specifies the customer-provided encryption key that you originally provided for Amazon S3 to encrypt the data before storing it. This value is used to decrypt the object when recovering it and must match the one used when storing the data. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

    If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers:

    • x-amz-server-side-encryption-customer-algorithm

    • x-amz-server-side-encryption-customer-key

    • x-amz-server-side-encryption-customer-key-MD5

    For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided Encryption Keys) in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :sse_customer_key_md5 (String)

    Specifies the 128-bit MD5 digest of the customer-provided encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

    If you encrypt an object by using server-side encryption with customer-provided encryption keys (SSE-C) when you store the object in Amazon S3, then when you GET the object, you must use the following headers:

    • x-amz-server-side-encryption-customer-algorithm

    • x-amz-server-side-encryption-customer-key

    • x-amz-server-side-encryption-customer-key-MD5

    For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided Encryption Keys) in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :request_payer (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :part_number (Integer)

    Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' GET request for the part specified. Useful for downloading just a part of an object.

  • :expected_bucket_owner (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

  • :checksum_mode (String)

    To retrieve the checksum, this mode must be enabled.

Returns:



240
# File 'sig/object.rbs', line 240

def get: (

#head(options = {}) ⇒ Types::HeadObjectOutput

Examples:

Request syntax with placeholder values


object.head({
  if_match: "IfMatch",
  if_modified_since: Time.now,
  if_none_match: "IfNoneMatch",
  if_unmodified_since: Time.now,
  range: "Range",
  response_cache_control: "ResponseCacheControl",
  response_content_disposition: "ResponseContentDisposition",
  response_content_encoding: "ResponseContentEncoding",
  response_content_language: "ResponseContentLanguage",
  response_content_type: "ResponseContentType",
  response_expires: Time.now,
  version_id: "ObjectVersionId",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  request_payer: "requester", # accepts requester
  part_number: 1,
  expected_bucket_owner: "AccountId",
  checksum_mode: "ENABLED", # accepts ENABLED
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :if_match (String)

    Return the object only if its entity tag (ETag) is the same as the one specified; otherwise, return a 412 (precondition failed) error.

    If both of the If-Match and If-Unmodified-Since headers are present in the request as follows:

    • If-Match condition evaluates to true, and;

    • If-Unmodified-Since condition evaluates to false;

    Then Amazon S3 returns 200 OK and the data requested.

    For more information about conditional requests, see RFC 7232.

  • :if_modified_since (Time, DateTime, Date, Integer, String)

    Return the object only if it has been modified since the specified time; otherwise, return a 304 (not modified) error.

    If both of the If-None-Match and If-Modified-Since headers are present in the request as follows:

    • If-None-Match condition evaluates to false, and;

    • If-Modified-Since condition evaluates to true;

    Then Amazon S3 returns the 304 Not Modified response code.

    For more information about conditional requests, see RFC 7232.

  • :if_none_match (String)

    Return the object only if its entity tag (ETag) is different from the one specified; otherwise, return a 304 (not modified) error.

    If both of the If-None-Match and If-Modified-Since headers are present in the request as follows:

    • If-None-Match condition evaluates to false, and;

    • If-Modified-Since condition evaluates to true;

    Then Amazon S3 returns the 304 Not Modified response code.

    For more information about conditional requests, see RFC 7232.

  • :if_unmodified_since (Time, DateTime, Date, Integer, String)

    Return the object only if it has not been modified since the specified time; otherwise, return a 412 (precondition failed) error.

    If both of the If-Match and If-Unmodified-Since headers are present in the request as follows:

    • If-Match condition evaluates to true, and;

    • If-Unmodified-Since condition evaluates to false;

    Then Amazon S3 returns 200 OK and the data requested.

    For more information about conditional requests, see RFC 7232.

  • :range (String)

    HeadObject returns only the metadata for an object. If the Range is satisfiable, only the ContentLength is affected in the response. If the Range is not satisfiable, S3 returns a 416 - Requested Range Not Satisfiable error.

  • :response_cache_control (String)

    Sets the Cache-Control header of the response.

  • :response_content_disposition (String)

    Sets the Content-Disposition header of the response.

  • :response_content_encoding (String)

    Sets the Content-Encoding header of the response.

  • :response_content_language (String)

    Sets the Content-Language header of the response.

  • :response_content_type (String)

    Sets the Content-Type header of the response.

  • :response_expires (Time, DateTime, Date, Integer, String)

    Sets the Expires header of the response.

  • :version_id (String)

    Version ID used to reference a specific version of the object.

    For directory buckets in this API operation, only the null value of the version ID is supported.

  • :sse_customer_algorithm (String)

    Specifies the algorithm to use when encrypting the object (for example, AES256).

    This functionality is not supported for directory buckets.

  • :sse_customer_key (String)

    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

    This functionality is not supported for directory buckets.

  • :sse_customer_key_md5 (String)

    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

    This functionality is not supported for directory buckets.

  • :request_payer (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :part_number (Integer)

    Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' HEAD request for the part specified. Useful querying about the size of the part and the number of parts in this object.

  • :expected_bucket_owner (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

  • :checksum_mode (String)

    To retrieve the checksum, this parameter must be enabled.

    General purpose buckets - If you enable checksum mode and the object is uploaded with a checksum and encrypted with an Key Management Service (KMS) key, you must have permission to use the kms:Decrypt action to retrieve the checksum.

    Directory buckets - If you enable ChecksumMode and the object is encrypted with Amazon Web Services Key Management Service (Amazon Web Services KMS), you must also have the kms:GenerateDataKey and kms:Decrypt permissions in IAM identity-based policies and KMS key policies for the KMS key to retrieve the checksum of the object.

Returns:



437
# File 'sig/object.rbs', line 437

def head: (

#identifiersObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Deprecated.


3632
3633
3634
3635
3636
3637
# File 'lib/aws-sdk-s3/object.rb', line 3632

def identifiers
  {
    bucket_name: @bucket_name,
    key: @key
  }
end

#initiate_multipart_upload(options = {}) ⇒ MultipartUpload

Examples:

Request syntax with placeholder values


multipartupload = object.initiate_multipart_upload({
  acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
  cache_control: "CacheControl",
  content_disposition: "ContentDisposition",
  content_encoding: "ContentEncoding",
  content_language: "ContentLanguage",
  content_type: "ContentType",
  expires: Time.now,
  grant_full_control: "GrantFullControl",
  grant_read: "GrantRead",
  grant_read_acp: "GrantReadACP",
  grant_write_acp: "GrantWriteACP",
  metadata: {
    "MetadataKey" => "MetadataValue",
  },
  server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
  storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS, FSX_ONTAP
  website_redirect_location: "WebsiteRedirectLocation",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  ssekms_key_id: "SSEKMSKeyId",
  ssekms_encryption_context: "SSEKMSEncryptionContext",
  bucket_key_enabled: false,
  request_payer: "requester", # accepts requester
  tagging: "TaggingHeader",
  object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
  object_lock_retain_until_date: Time.now,
  object_lock_legal_hold_status: "ON", # accepts ON, OFF
  expected_bucket_owner: "AccountId",
  checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME, SHA512, MD5, XXHASH64, XXHASH3, XXHASH128
  checksum_type: "COMPOSITE", # accepts COMPOSITE, FULL_OBJECT
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :acl (String)

    The canned ACL to apply to the object. Amazon S3 supports a set of predefined ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees and permissions. For more information, see Canned ACL in the Amazon S3 User Guide.

    By default, all objects are private. Only the owner has full access control. When uploading an object, you can grant access permissions to individual Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are then added to the access control list (ACL) on the new object. For more information, see Using ACLs. One way to grant the permissions using the request headers is to specify a canned ACL with the x-amz-acl request header.

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :cache_control (String)

    Specifies caching behavior along the request/reply chain.

  • :content_disposition (String)

    Specifies presentational information for the object.

  • :content_encoding (String)

    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.

    For directory buckets, only the aws-chunked value is supported in this header field.

  • :content_language (String)

    The language that the content is in.

  • :content_type (String)

    A standard MIME type describing the format of the object data.

  • :expires (Time, DateTime, Date, Integer, String)

    The date and time at which the object is no longer cacheable.

  • :grant_full_control (String)

    Specify access permissions explicitly to give the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

    By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

    You specify each grantee as a type=value pair, where the type is one of the following:

    • id – if the value specified is the canonical user ID of an Amazon Web Services account

    • uri – if you are granting permissions to a predefined group

    • emailAddress – if the value specified is the email address of an Amazon Web Services account

      Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

    For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

    x-amz-grant-read: id="11112222333", id="444455556666"

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :grant_read (String)

    Specify access permissions explicitly to allow grantee to read the object data and its metadata.

    By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

    You specify each grantee as a type=value pair, where the type is one of the following:

    • id – if the value specified is the canonical user ID of an Amazon Web Services account

    • uri – if you are granting permissions to a predefined group

    • emailAddress – if the value specified is the email address of an Amazon Web Services account

      Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

    For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

    x-amz-grant-read: id="11112222333", id="444455556666"

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :grant_read_acp (String)

    Specify access permissions explicitly to allows grantee to read the object ACL.

    By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

    You specify each grantee as a type=value pair, where the type is one of the following:

    • id – if the value specified is the canonical user ID of an Amazon Web Services account

    • uri – if you are granting permissions to a predefined group

    • emailAddress – if the value specified is the email address of an Amazon Web Services account

      Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

    For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

    x-amz-grant-read: id="11112222333", id="444455556666"

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :grant_write_acp (String)

    Specify access permissions explicitly to allows grantee to allow grantee to write the ACL for the applicable object.

    By default, all objects are private. Only the owner has full access control. When uploading an object, you can use this header to explicitly grant access permissions to specific Amazon Web Services accounts or groups. This header maps to specific permissions that Amazon S3 supports in an ACL. For more information, see Access Control List (ACL) Overview in the Amazon S3 User Guide.

    You specify each grantee as a type=value pair, where the type is one of the following:

    • id – if the value specified is the canonical user ID of an Amazon Web Services account

    • uri – if you are granting permissions to a predefined group

    • emailAddress – if the value specified is the email address of an Amazon Web Services account

      Using email addresses to specify a grantee is only supported in the following Amazon Web Services Regions:

    • US East (N. Virginia)

    • US West (N. California)

    • US West (Oregon)

    • Asia Pacific (Singapore)

    • Asia Pacific (Sydney)

    • Asia Pacific (Tokyo)

    • Europe (Ireland)

    • South America (São Paulo)

    For a list of all the Amazon S3 supported Regions and endpoints, see Regions and Endpoints in the Amazon Web Services General Reference.

    For example, the following x-amz-grant-read header grants the Amazon Web Services accounts identified by account IDs permissions to read object data and its metadata:

    x-amz-grant-read: id="11112222333", id="444455556666"

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :metadata (Hash<String,String>)

    A map of metadata to store with the object in S3.

  • :server_side_encryption (String)

    The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx.

    • Directory buckets - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your CreateSession requests or PUT object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.

      In the Zonal endpoint API calls (except CopyObject and UploadPartCopy) using the REST API, the encryption request headers must match the encryption settings that are specified in the CreateSession request. You can't override the values of the encryption settings (x-amz-server-side-encryption, x-amz-server-side-encryption-aws-kms-key-id, x-amz-server-side-encryption-context, and x-amz-server-side-encryption-bucket-key-enabled) that are specified in the CreateSession request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from the CreateSession request to protect new objects in the directory bucket.

      When you use the CLI or the Amazon Web Services SDKs, for CreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for the CreateSession request. It's not supported to override the encryption settings values in the CreateSession request. So in the Zonal endpoint API calls (except CopyObject and UploadPartCopy), the encryption request headers must match the default encryption configuration of the directory bucket.

    • S3 access points for Amazon FSx - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is aws:fsx. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx.

  • :storage_class (String)

    By default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. For more information, see Storage Classes in the Amazon S3 User Guide.

    * Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

    • Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
  • :website_redirect_location (String)

    If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.

    This functionality is not supported for directory buckets.

  • :sse_customer_algorithm (String)

    Specifies the algorithm to use when encrypting the object (for example, AES256).

    This functionality is not supported for directory buckets.

  • :sse_customer_key (String)

    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

    This functionality is not supported for directory buckets.

  • :sse_customer_key_md5 (String)

    Specifies the 128-bit MD5 digest of the customer-provided encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

    This functionality is not supported for directory buckets.

  • :ssekms_key_id (String)

    Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same account that's issuing the command, you must use the full Key ARN not the Key ID.

    General purpose buckets - If you specify x-amz-server-side-encryption with aws:kms or aws:kms:dsse, this header specifies the ID (Key ID, Key ARN, or Key Alias) of the KMS key to use. If you specify x-amz-server-side-encryption:aws:kms or x-amz-server-side-encryption:aws:kms:dsse, but do not provide x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon Web Services managed key (aws/s3) to protect the data.

    Directory buckets - To encrypt data using SSE-KMS, it's recommended to specify the x-amz-server-side-encryption header to aws:kms. Then, the x-amz-server-side-encryption-aws-kms-key-id header implicitly uses the bucket's default KMS customer managed key ID. If you want to explicitly set the x-amz-server-side-encryption-aws-kms-key-id header, it must match the bucket's default customer managed key (using key ID or ARN, not alias). Your SSE-KMS configuration can only support 1 customer managed key per directory bucket's lifetime. The Amazon Web Services managed key (aws/s3) isn't supported. Incorrect key specification results in an HTTP 400 Bad Request error.

  • :ssekms_encryption_context (String)

    Specifies the Amazon Web Services KMS Encryption Context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs.

    Directory buckets - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported.

  • :bucket_key_enabled (Boolean)

    Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS).

    General purpose buckets - Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key.

    Directory buckets - S3 Bucket Keys are always enabled for GET and PUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject, UploadPartCopy, the Copy operation in Batch Operations, or the import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

  • :request_payer (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :tagging (String)

    The tag-set for the object. The tag-set must be encoded as URL Query parameters.

    This functionality is not supported for directory buckets.

  • :object_lock_mode (String)

    Specifies the Object Lock mode that you want to apply to the uploaded object.

    This functionality is not supported for directory buckets.

  • :object_lock_retain_until_date (Time, DateTime, Date, Integer, String)

    Specifies the date and time when you want the Object Lock to expire.

    This functionality is not supported for directory buckets.

  • :object_lock_legal_hold_status (String)

    Specifies whether you want to apply a legal hold to the uploaded object.

    This functionality is not supported for directory buckets.

  • :expected_bucket_owner (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

  • :checksum_algorithm (String)

    Indicates the algorithm that you want Amazon S3 to use to create the checksum for the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :checksum_type (String)

    Indicates the checksum type that you want Amazon S3 to use to calculate the object’s checksum value. For more information, see Checking object integrity in the Amazon S3 User Guide.

Returns:



264
# File 'sig/object.rbs', line 264

def initiate_multipart_upload: (

#keyString

Returns:

  • (String)


21
# File 'sig/object.rbs', line 21

def key: () -> String

#last_modifiedTime

Date and time when the object was last modified.

Returns:

  • (Time)


39
# File 'sig/object.rbs', line 39

def last_modified: () -> ::Time

#loadself Also known as: reload

Loads, or reloads #data for the current Aws::S3::Object. Returns self making it possible to chain methods.

object.reload.data

Returns:

  • (self)


158
# File 'sig/object.rbs', line 158

def load: () -> self

#metadataHash<String,String>

A map of metadata to store with the object in S3.

Returns:

  • (Hash<String,String>)


117
# File 'sig/object.rbs', line 117

def metadata: () -> ::Hash[::String, ::String]

#missing_metaInteger

This is set to the number of metadata entries not returned in x-amz-meta headers. This can happen if you create metadata using an API like SOAP that supports more flexible metadata than the REST API. For example, using SOAP, you can create metadata whose values are not legal HTTP headers.

This functionality is not supported for directory buckets.

Returns:

  • (Integer)


81
# File 'sig/object.rbs', line 81

def missing_meta: () -> ::Integer

#move_to(target, options = {}) ⇒ void

Parameters:

  • target (Object)
  • options (Hash[Symbol, untyped]) (defaults to: {})


156
157
158
159
# File 'lib/aws-sdk-s3/customizations/object.rb', line 156

def move_to(target, options = {})
  copy_to(target, options)
  delete
end

#multipart_upload(id) ⇒ MultipartUpload

Parameters:

  • id (String)

Returns:



467
# File 'sig/object.rbs', line 467

def multipart_upload: (String id) -> MultipartUpload

Specifies whether a legal hold is in effect for this object. This header is only returned if the requester has the s3:GetObjectLegalHold permission. This header is not returned if the specified version of this object has never had a legal hold applied. For more information about S3 Object Lock, see Object Lock.

This functionality is not supported for directory buckets.

Returns:

  • (String)


153
# File 'sig/object.rbs', line 153

def object_lock_legal_hold_status: () -> ("ON" | "OFF")

#object_lock_modeString

The Object Lock mode, if any, that's in effect for this object. This header is only returned if the requester has the s3:GetObjectRetention permission. For more information about S3 Object Lock, see Object Lock.

This functionality is not supported for directory buckets.

Returns:

  • (String)


147
# File 'sig/object.rbs', line 147

def object_lock_mode: () -> ("GOVERNANCE" | "COMPLIANCE")

#object_lock_retain_until_dateTime

The date and time when the Object Lock retention period expires. This header is only returned if the requester has the s3:GetObjectRetention permission.

This functionality is not supported for directory buckets.

Returns:

  • (Time)


150
# File 'sig/object.rbs', line 150

def object_lock_retain_until_date: () -> ::Time

#parts_countInteger

The count of parts this object has. This value is only returned if you specify partNumber in your request and the object was uploaded as a multipart upload.

Returns:

  • (Integer)


141
# File 'sig/object.rbs', line 141

def parts_count: () -> ::Integer

#presigned_post(options = {}) ⇒ Object

Parameters:

  • (Hash[Symbol, untyped])

Returns:



170
171
172
173
174
175
176
177
# File 'lib/aws-sdk-s3/customizations/object.rb', line 170

def presigned_post(options = {})
  PresignedPost.new(
    client.config.credentials,
    client.config.region,
    bucket_name,
    { key: key, url: bucket.url }.merge(options)
  )
end

#presigned_request(method, params = {}) ⇒ [String, Hash[String, String]]

Parameters:

  • method (Symbol, String)
  • params (Hash[Symbol, untyped]) (defaults to: {})

Returns:

  • ([String, Hash[String, String]])


314
315
316
317
318
319
320
321
322
323
324
325
# File 'lib/aws-sdk-s3/customizations/object.rb', line 314

def presigned_request(method, params = {})
  presigner = Presigner.new(client: client)

  if %w(delete head get put).include?(method.to_s)
    method = "#{method}_object".to_sym
  end

  presigner.presigned_request(
    method.downcase,
    params.merge(bucket: bucket_name, key: key)
  )
end

#presigned_url(method, params = {}) ⇒ String

Parameters:

  • method (Symbol, String)
  • params (Hash[Symbol, untyped]) (defaults to: {})

Returns:

  • (String)


241
242
243
244
245
246
247
248
249
250
251
252
# File 'lib/aws-sdk-s3/customizations/object.rb', line 241

def presigned_url(method, params = {})
  presigner = Presigner.new(client: client)

  if %w(delete head get put).include?(method.to_s)
    method = "#{method}_object".to_sym
  end

  presigner.presigned_url(
    method.downcase,
    params.merge(bucket: bucket_name, key: key)
  )
end

#public_url(options = {}) ⇒ String

Parameters:

  • options (Hash[Symbol, untyped]) (defaults to: {})

Returns:

  • (String)


349
350
351
352
353
354
# File 'lib/aws-sdk-s3/customizations/object.rb', line 349

def public_url(options = {})
  url = URI.parse(bucket.url(options))
  url.path += '/' unless url.path[-1] == '/'
  url.path += key.gsub(/[^\/]+/) { |s| Seahorse::Util.uri_escape(s) }
  url.to_s
end

#put(options = {}) ⇒ Types::PutObjectOutput

Examples:

Request syntax with placeholder values


object.put({
  acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
  body: source_file,
  cache_control: "CacheControl",
  content_disposition: "ContentDisposition",
  content_encoding: "ContentEncoding",
  content_language: "ContentLanguage",
  content_length: 1,
  content_md5: "ContentMD5",
  content_type: "ContentType",
  checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME, SHA512, MD5, XXHASH64, XXHASH3, XXHASH128
  checksum_crc32: "ChecksumCRC32",
  checksum_crc32c: "ChecksumCRC32C",
  checksum_crc64nvme: "ChecksumCRC64NVME",
  checksum_sha1: "ChecksumSHA1",
  checksum_sha256: "ChecksumSHA256",
  checksum_sha512: "ChecksumSHA512",
  checksum_md5: "ChecksumMD5",
  checksum_xxhash64: "ChecksumXXHASH64",
  checksum_xxhash3: "ChecksumXXHASH3",
  checksum_xxhash128: "ChecksumXXHASH128",
  expires: Time.now,
  if_match: "IfMatch",
  if_none_match: "IfNoneMatch",
  grant_full_control: "GrantFullControl",
  grant_read: "GrantRead",
  grant_read_acp: "GrantReadACP",
  grant_write_acp: "GrantWriteACP",
  write_offset_bytes: 1,
  metadata: {
    "MetadataKey" => "MetadataValue",
  },
  server_side_encryption: "AES256", # accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
  storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS, FSX_ONTAP
  website_redirect_location: "WebsiteRedirectLocation",
  sse_customer_algorithm: "SSECustomerAlgorithm",
  sse_customer_key: "SSECustomerKey",
  sse_customer_key_md5: "SSECustomerKeyMD5",
  ssekms_key_id: "SSEKMSKeyId",
  ssekms_encryption_context: "SSEKMSEncryptionContext",
  bucket_key_enabled: false,
  request_payer: "requester", # accepts requester
  tagging: "TaggingHeader",
  object_lock_mode: "GOVERNANCE", # accepts GOVERNANCE, COMPLIANCE
  object_lock_retain_until_date: Time.now,
  object_lock_legal_hold_status: "ON", # accepts ON, OFF
  expected_bucket_owner: "AccountId",
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :acl (String)

    The canned ACL to apply to the object. For more information, see Canned ACL in the Amazon S3 User Guide.

    When adding a new object, you can use headers to grant ACL-based permissions to individual Amazon Web Services accounts or to predefined groups defined by Amazon S3. These permissions are then added to the ACL on the object. By default, all objects are private. Only the owner has full access control. For more information, see Access Control List (ACL) Overview and Managing ACLs Using the REST API in the Amazon S3 User Guide.

    If the bucket that you're uploading objects to uses the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. Buckets that use this setting only accept PUT requests that don't specify an ACL or PUT requests that specify bucket owner full control ACLs, such as the bucket-owner-full-control canned ACL or an equivalent form of this ACL expressed in the XML format. PUT requests that contain other ACLs (for example, custom grants to certain Amazon Web Services accounts) fail and return a 400 error with the error code AccessControlListNotSupported. For more information, see Controlling ownership of objects and disabling ACLs in the Amazon S3 User Guide.

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :body (String, StringIO, File)

    Object data.

  • :cache_control (String)

    Can be used to specify caching behavior along the request/reply chain. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.

  • :content_disposition (String)

    Specifies presentational information for the object. For more information, see https://www.rfc-editor.org/rfc/rfc6266#section-4.

  • :content_encoding (String)

    Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding.

  • :content_language (String)

    The language the content is in.

  • :content_length (Integer)

    Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length.

  • :content_md5 (String)

    The Base64 encoded 128-bit MD5 digest of the message (without the headers) according to RFC 1864. This header can be used as a message integrity check to verify that the data is the same data that was originally sent. Although it is optional, we recommend using the Content-MD5 mechanism as an end-to-end integrity check. For more information about REST request authentication, see REST Authentication.

    The Content-MD5 or x-amz-sdk-checksum-algorithm header is required for any request to upload an object with a retention period configured using Amazon S3 Object Lock. For more information, see Uploading objects to an Object Lock enabled bucket in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :content_type (String)

    A standard MIME type describing the format of the contents. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type.

  • :checksum_algorithm (String)

    Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the HTTP status code 400 Bad Request.

    For the x-amz-checksum-algorithm header, replace algorithm with the supported algorithm from the following list:

    • CRC32

    • CRC32C

    • CRC64NVME

    • MD5

    • SHA1

    • SHA256

    • SHA512

    • XXHASH3

    • XXHASH64

    • XXHASH128

    For more information, see Checking object integrity in the Amazon S3 User Guide.

    If the individual checksum value you provide through x-amz-checksum-algorithm doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, Amazon S3 fails the request with a BadDigest error.

    The Content-MD5 or x-amz-sdk-checksum-algorithm header is required for any request to upload an object with a retention period configured using Amazon S3 Object Lock. For more information, see Uploading objects to an Object Lock enabled bucket in the Amazon S3 User Guide.

    For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the default checksum algorithm that's used for performance.

  • :checksum_crc32 (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit CRC32 checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :checksum_crc32c (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 32-bit CRC32C checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :checksum_crc64nvme (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit CRC64NVME checksum of the object. The CRC64NVME checksum is always a full object checksum. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :checksum_sha1 (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 160-bit SHA1 digest of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :checksum_sha256 (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 256-bit SHA256 digest of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :checksum_sha512 (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 512-bit SHA512 digest of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :checksum_md5 (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 128-bit MD5 digest of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :checksum_xxhash64 (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit XXHASH64 checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :checksum_xxhash3 (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 64-bit XXHASH3 checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :checksum_xxhash128 (String)

    This header can be used as a data integrity check to verify that the data received is the same data that was originally sent. This header specifies the Base64 encoded, 128-bit XXHASH128 checksum of the object. For more information, see Checking object integrity in the Amazon S3 User Guide.

  • :expires (Time, DateTime, Date, Integer, String)

    The date and time at which the object is no longer cacheable. For more information, see https://www.rfc-editor.org/rfc/rfc7234#section-5.3.

  • :if_match (String)

    Uploads the object only if the ETag (entity tag) value provided during the WRITE operation matches the ETag of the object in S3. If the ETag values do not match, the operation returns a 412 Precondition Failed error.

    If a conflicting operation occurs during the upload S3 returns a 409 ConditionalRequestConflict response. On a 409 failure you should fetch the object's ETag and retry the upload.

    Expects the ETag value as a string.

    For more information about conditional requests, see RFC 7232, or Conditional requests in the Amazon S3 User Guide.

  • :if_none_match (String)

    Uploads the object only if the object key name does not already exist in the bucket specified. Otherwise, Amazon S3 returns a 412 Precondition Failed error.

    If a conflicting operation occurs during the upload S3 returns a 409 ConditionalRequestConflict response. On a 409 failure you should retry the upload.

    Expects the '*' (asterisk) character.

    For more information about conditional requests, see RFC 7232, or Conditional requests in the Amazon S3 User Guide.

  • :grant_full_control (String)

    Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :grant_read (String)

    Allows grantee to read the object data and its metadata.

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :grant_read_acp (String)

    Allows grantee to read the object ACL.

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :grant_write_acp (String)

    Allows grantee to write the ACL for the applicable object.

    * This functionality is not supported for directory buckets.

    • This functionality is not supported for Amazon S3 on Outposts.
  • :write_offset_bytes (Integer)

    Specifies the offset for appending data to existing objects in bytes. The offset must be equal to the size of the existing object being appended to. If no object exists, setting this header to 0 will create a new object.

    This functionality is only supported for objects in the Amazon S3 Express One Zone storage class in directory buckets.

  • :metadata (Hash<String,String>)

    A map of metadata to store with the object in S3.

  • :server_side_encryption (String)

    The server-side encryption algorithm that was used when you store this object in Amazon S3 or Amazon FSx.

    • General purpose buckets - You have four mutually exclusive options to protect data using server-side encryption in Amazon S3, depending on how you choose to manage the encryption keys. Specifically, the encryption key options are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data with server-side encryption by using Amazon S3 managed keys (SSE-S3) by default. You can optionally tell Amazon S3 to encrypt data at rest by using server-side encryption with other key options. For more information, see Using Server-Side Encryption in the Amazon S3 User Guide.

    • Directory buckets - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your CreateSession requests or PUT object requests. Then, new objects are automatically encrypted with the desired encryption settings. For more information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.

      In the Zonal endpoint API calls (except CopyObject and UploadPartCopy) using the REST API, the encryption request headers must match the encryption settings that are specified in the CreateSession request. You can't override the values of the encryption settings (x-amz-server-side-encryption, x-amz-server-side-encryption-aws-kms-key-id, x-amz-server-side-encryption-context, and x-amz-server-side-encryption-bucket-key-enabled) that are specified in the CreateSession request. You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and Amazon S3 will use the encryption settings values from the CreateSession request to protect new objects in the directory bucket.

      When you use the CLI or the Amazon Web Services SDKs, for CreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for the CreateSession request. It's not supported to override the encryption settings values in the CreateSession request. So in the Zonal endpoint API calls (except CopyObject and UploadPartCopy), the encryption request headers must match the default encryption configuration of the directory bucket.

    • S3 access points for Amazon FSx - When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is aws:fsx. All Amazon FSx file systems have encryption configured by default and are encrypted at rest. Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx.

  • :storage_class (String)

    By default, Amazon S3 uses the STANDARD Storage Class to store newly created objects. The STANDARD storage class provides high durability and high availability. Depending on performance needs, you can specify a different Storage Class. For more information, see Storage Classes in the Amazon S3 User Guide.

    * Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

    • Amazon S3 on Outposts only uses the OUTPOSTS Storage Class.
  • :website_redirect_location (String)

    If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata. For information about object metadata, see Object Key and Metadata in the Amazon S3 User Guide.

    In the following example, the request header sets the redirect to an object (anotherPage.html) in the same bucket:

    x-amz-website-redirect-location: /anotherPage.html

    In the following example, the request header sets the object redirect to another website:

    x-amz-website-redirect-location: http://www.example.com/

    For more information about website hosting in Amazon S3, see Hosting Websites on Amazon S3 and How to Configure Website Page Redirects in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :sse_customer_algorithm (String)

    Specifies the algorithm to use when encrypting the object (for example, AES256).

    This functionality is not supported for directory buckets.

  • :sse_customer_key (String)

    Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.

    This functionality is not supported for directory buckets.

  • :sse_customer_key_md5 (String)

    Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure that the encryption key was transmitted without error.

    This functionality is not supported for directory buckets.

  • :ssekms_key_id (String)

    Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same account that's issuing the command, you must use the full Key ARN not the Key ID.

    General purpose buckets - If you specify x-amz-server-side-encryption with aws:kms or aws:kms:dsse, this header specifies the ID (Key ID, Key ARN, or Key Alias) of the KMS key to use. If you specify x-amz-server-side-encryption:aws:kms or x-amz-server-side-encryption:aws:kms:dsse, but do not provide x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon Web Services managed key (aws/s3) to protect the data.

    Directory buckets - To encrypt data using SSE-KMS, it's recommended to specify the x-amz-server-side-encryption header to aws:kms. Then, the x-amz-server-side-encryption-aws-kms-key-id header implicitly uses the bucket's default KMS customer managed key ID. If you want to explicitly set the x-amz-server-side-encryption-aws-kms-key-id header, it must match the bucket's default customer managed key (using key ID or ARN, not alias). Your SSE-KMS configuration can only support 1 customer managed key per directory bucket's lifetime. The Amazon Web Services managed key (aws/s3) isn't supported. Incorrect key specification results in an HTTP 400 Bad Request error.

  • :ssekms_encryption_context (String)

    Specifies the Amazon Web Services KMS Encryption Context as an additional encryption context to use for object encryption. The value of this header is a Base64 encoded string of a UTF-8 encoded JSON, which contains the encryption context as key-value pairs. This value is stored as object metadata and automatically gets passed on to Amazon Web Services KMS for future GetObject operations on this object.

    General purpose buckets - This value must be explicitly added during CopyObject operations if you want an additional encryption context for your object. For more information, see Encryption context in the Amazon S3 User Guide.

    Directory buckets - You can optionally provide an explicit encryption context value. The value must match the default encryption context - the bucket Amazon Resource Name (ARN). An additional encryption context value is not supported.

  • :bucket_key_enabled (Boolean)

    Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS).

    General purpose buckets - Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Also, specifying this header with a PUT action doesn't affect bucket-level settings for S3 Bucket Key.

    Directory buckets - S3 Bucket Keys are always enabled for GET and PUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject, UploadPartCopy, the Copy operation in Batch Operations, or the import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

  • :request_payer (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :tagging (String)

    The tag-set for the object. The tag-set must be encoded as URL Query parameters. (For example, "Key1=Value1")

    This functionality is not supported for directory buckets.

  • :object_lock_mode (String)

    The Object Lock mode that you want to apply to this object.

    This functionality is not supported for directory buckets.

  • :object_lock_retain_until_date (Time, DateTime, Date, Integer, String)

    The date and time when you want this object's Object Lock to expire. Must be formatted as a timestamp parameter.

    This functionality is not supported for directory buckets.

  • :object_lock_legal_hold_status (String)

    Specifies whether a legal hold will be applied to this object. For more information about S3 Object Lock, see Object Lock in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :expected_bucket_owner (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

Returns:



298
# File 'sig/object.rbs', line 298

def put: (

#replication_statusString

Amazon S3 can return this header if your request involves a bucket that is either a source or a destination in a replication rule.

In replication, you have a source bucket on which you configure replication and destination bucket or buckets where Amazon S3 stores object replicas. When you request an object (GetObject) or object metadata (HeadObject) from these buckets, Amazon S3 will return the x-amz-replication-status header in the response as follows:

  • If requesting an object from the source bucket, Amazon S3 will return the x-amz-replication-status header if the object in your request is eligible for replication.

    For example, suppose that in your replication configuration, you specify object prefix TaxDocs requesting Amazon S3 to replicate objects with key prefix TaxDocs. Any objects you upload with this key name prefix, for example TaxDocs/document1.pdf, are eligible for replication. For any object request with this key name prefix, Amazon S3 will return the x-amz-replication-status header with value PENDING, COMPLETED or FAILED indicating object replication status.

  • If requesting an object from a destination bucket, Amazon S3 will return the x-amz-replication-status header with value REPLICA if the object in your request is a replica that Amazon S3 created and there is no replica modification replication in progress.

  • When replicating objects to multiple destination buckets, the x-amz-replication-status header acts differently. The header of the source object will only return a value of COMPLETED when replication is successful to all destinations. The header will remain at value PENDING until replication has completed for all destinations. If one or more destinations fails replication the header will return FAILED.

For more information, see Replication.

This functionality is not supported for directory buckets.

Returns:

  • (String)


138
# File 'sig/object.rbs', line 138

def replication_status: () -> ("COMPLETE" | "PENDING" | "FAILED" | "REPLICA" | "COMPLETED")

#request_chargedString

If present, indicates that the requester was successfully charged for the request. For more information, see Using Requester Pays buckets for storage transfers and usage in the Amazon Simple Storage Service user guide.

This functionality is not supported for directory buckets.

Returns:

  • (String)


135
# File 'sig/object.rbs', line 135

def request_charged: () -> ("requester")

#restoreString

If the object is an archived object (an object whose storage class is GLACIER), the response includes this header if either the archive restoration is in progress (see RestoreObject or an archive copy is already restored.

If an archive copy is already restored, the header value indicates when Amazon S3 is scheduled to delete the object copy. For example:

x-amz-restore: ongoing-request="false", expiry-date="Fri, 21 Dec 2012 00:00:00 GMT"

If the object restoration is in progress, the header returns the value ongoing-request="true".

For more information about archiving objects, see Transitioning Objects: General Considerations.

This functionality is not supported for directory buckets. Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

Returns:

  • (String)


33
# File 'sig/object.rbs', line 33

def restore: () -> ::String

#restore_object(options = {}) ⇒ Types::RestoreObjectOutput

Examples:

Request syntax with placeholder values


object.restore_object({
  version_id: "ObjectVersionId",
  restore_request: {
    days: 1,
    glacier_job_parameters: {
      tier: "Standard", # required, accepts Standard, Bulk, Expedited
    },
    type: "SELECT", # accepts SELECT
    tier: "Standard", # accepts Standard, Bulk, Expedited
    description: "Description",
    select_parameters: {
      input_serialization: { # required
        csv: {
          file_header_info: "USE", # accepts USE, IGNORE, NONE
          comments: "Comments",
          quote_escape_character: "QuoteEscapeCharacter",
          record_delimiter: "RecordDelimiter",
          field_delimiter: "FieldDelimiter",
          quote_character: "QuoteCharacter",
          allow_quoted_record_delimiter: false,
        },
        compression_type: "NONE", # accepts NONE, GZIP, BZIP2
        json: {
          type: "DOCUMENT", # accepts DOCUMENT, LINES
        },
        parquet: {
        },
      },
      expression_type: "SQL", # required, accepts SQL
      expression: "Expression", # required
      output_serialization: { # required
        csv: {
          quote_fields: "ALWAYS", # accepts ALWAYS, ASNEEDED
          quote_escape_character: "QuoteEscapeCharacter",
          record_delimiter: "RecordDelimiter",
          field_delimiter: "FieldDelimiter",
          quote_character: "QuoteCharacter",
        },
        json: {
          record_delimiter: "RecordDelimiter",
        },
      },
    },
    output_location: {
      s3: {
        bucket_name: "BucketName", # required
        prefix: "LocationPrefix", # required
        encryption: {
          encryption_type: "AES256", # required, accepts AES256, aws:fsx, aws:kms, aws:kms:dsse
          kms_key_id: "SSEKMSKeyId",
          kms_context: "KMSContext",
        },
        canned_acl: "private", # accepts private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control
        access_control_list: [
          {
            grantee: {
              display_name: "DisplayName",
              email_address: "EmailAddress",
              id: "ID",
              type: "CanonicalUser", # required, accepts CanonicalUser, AmazonCustomerByEmail, Group
              uri: "URI",
            },
            permission: "FULL_CONTROL", # accepts FULL_CONTROL, WRITE, WRITE_ACP, READ, READ_ACP
          },
        ],
        tagging: {
          tag_set: [ # required
            {
              key: "ObjectKey", # required
              value: "Value", # required
            },
          ],
        },
        user_metadata: [
          {
            name: "MetadataKey",
            value: "MetadataValue",
          },
        ],
        storage_class: "STANDARD", # accepts STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, DEEP_ARCHIVE, OUTPOSTS, GLACIER_IR, SNOW, EXPRESS_ONEZONE, FSX_OPENZFS, FSX_ONTAP
      },
    },
  },
  request_payer: "requester", # accepts requester
  checksum_algorithm: "CRC32", # accepts CRC32, CRC32C, SHA1, SHA256, CRC64NVME, SHA512, MD5, XXHASH64, XXHASH3, XXHASH128
  expected_bucket_owner: "AccountId",
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :version_id (String)

    VersionId used to reference a specific version of the object.

  • :restore_request (Types::RestoreRequest)

    Container for restore job parameters.

  • :request_payer (String)

    Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. If either the source or destination S3 bucket has Requester Pays enabled, the requester will pay for the corresponding charges. For information about downloading objects from Requester Pays buckets, see Downloading Objects in Requester Pays Buckets in the Amazon S3 User Guide.

    This functionality is not supported for directory buckets.

  • :checksum_algorithm (String)

    Indicates the algorithm used to create the checksum for the object when you use the SDK. This header will not provide any additional functionality if you don't use the SDK. When you send this header, there must be a corresponding x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the HTTP status code 400 Bad Request. For more information, see Checking object integrity in the Amazon S3 User Guide.

    If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm parameter.

  • :expected_bucket_owner (String)

    The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code 403 Forbidden (access denied).

Returns:



347
# File 'sig/object.rbs', line 347

def restore_object: (

#server_side_encryptionString

The server-side encryption algorithm used when you store this object in Amazon S3 or Amazon FSx.

When accessing data stored in Amazon FSx file systems using S3 access points, the only valid server side encryption option is aws:fsx.

Returns:

  • (String)


114
# File 'sig/object.rbs', line 114

def server_side_encryption: () -> ("AES256" | "aws:fsx" | "aws:kms" | "aws:kms:dsse")

#sizeObject



6
# File 'lib/aws-sdk-s3/customizations/object.rb', line 6

alias size content_length

#sse_customer_algorithmString

If server-side encryption with a customer-provided encryption key was requested, the response will include this header to confirm the encryption algorithm that's used.

This functionality is not supported for directory buckets.

Returns:

  • (String)


120
# File 'sig/object.rbs', line 120

def sse_customer_algorithm: () -> ::String

#sse_customer_key_md5String

If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide the round-trip message integrity verification of the customer-provided encryption key.

This functionality is not supported for directory buckets.

Returns:

  • (String)


123
# File 'sig/object.rbs', line 123

def sse_customer_key_md5: () -> ::String

#ssekms_key_idString

If present, indicates the ID of the KMS key that was used for object encryption.

Returns:

  • (String)


126
# File 'sig/object.rbs', line 126

def ssekms_key_id: () -> ::String

#storage_classString

Provides storage class information of the object. Amazon S3 returns this header for all objects except for S3 Standard storage class objects.

For more information, see Storage Classes.

Directory buckets - Directory buckets only support EXPRESS_ONEZONE (the S3 Express One Zone storage class) in Availability Zones and ONEZONE_IA (the S3 One Zone-Infrequent Access storage class) in Dedicated Local Zones.

Returns:

  • (String)


132
# File 'sig/object.rbs', line 132

def storage_class: () -> ("STANDARD" | "REDUCED_REDUNDANCY" | "STANDARD_IA" | "ONEZONE_IA" | "INTELLIGENT_TIERING" | "GLACIER" | "DEEP_ARCHIVE" | "OUTPOSTS" | "GLACIER_IR" | "SNOW" | "EXPRESS_ONEZONE" | "FSX_OPENZFS" | "FSX_ONTAP")

#tag_countInteger

The number of tags, if any, on the object, when you have the relevant permission to read object tags.

You can use GetObjectTagging to retrieve the tag set associated with an object.

This functionality is not supported for directory buckets.

Returns:

  • (Integer)


144
# File 'sig/object.rbs', line 144

def tag_count: () -> ::Integer

#upload_file(source, options = {}) ⇒ void

Parameters:

  • source (Object)
  • options (Hash[Symbol, untyped]) (defaults to: {})


480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
# File 'lib/aws-sdk-s3/customizations/object.rb', line 480

def upload_file(source, options = {})
  upload_opts = options.merge(bucket: bucket_name, key: key)
  executor = DefaultExecutor.new(max_threads: upload_opts.delete(:thread_count))
  uploader = FileUploader.new(
    client: client,
    executor: executor,
    multipart_threshold: upload_opts.delete(:multipart_threshold)
  )
  response = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    uploader.upload(source, upload_opts)
  end
  yield response if block_given?
  executor.shutdown
  true
end

#upload_stream(options = {}) {|write_stream| ... } ⇒ Boolean

Parameters:

  • options (Hash[Symbol, untyped]) (defaults to: {})

Yields:

Yield Parameters:

  • write_stream (IO)

Yield Returns:

  • (void)

Returns:

  • (Boolean)


406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
# File 'lib/aws-sdk-s3/customizations/object.rb', line 406

def upload_stream(options = {}, &block)
  upload_opts = options.merge(bucket: bucket_name, key: key)
  executor = DefaultExecutor.new(max_threads: upload_opts.delete(:thread_count))
  uploader = MultipartStreamUploader.new(
    client: client,
    executor: executor,
    tempfile: upload_opts.delete(:tempfile),
    part_size: upload_opts.delete(:part_size)
  )
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    uploader.upload(upload_opts, &block)
  end
  executor.shutdown
  true
end

#version(id) ⇒ ObjectVersion

Parameters:

  • id (String)

Returns:



470
# File 'sig/object.rbs', line 470

def version: (String id) -> ObjectVersion

#version_idString

Version ID of the object.

This functionality is not supported for directory buckets.

Returns:

  • (String)


84
# File 'sig/object.rbs', line 84

def version_id: () -> ::String

#wait_until(options = {}) {|resource| ... } ⇒ Resource

Deprecated.

Use [Aws::S3::Client] #wait_until instead

Note:

The waiting operation is performed on a copy. The original resource remains unchanged.

Waiter polls an API operation until a resource enters a desired state.

Basic Usage

Waiter will polls until it is successful, it fails by entering a terminal state, or until a maximum number of attempts are made.

# polls in a loop until condition is true
resource.wait_until(options) {|resource| condition}

Example

instance.wait_until(max_attempts:10, delay:5) do |instance|
  instance.state.name == 'running'
end

Configuration

You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. The waiting condition is set by passing a block to #wait_until:

# poll for ~25 seconds
resource.wait_until(max_attempts:5,delay:5) {|resource|...}

Callbacks

You can be notified before each polling attempt and before each delay. If you throw :success or :failure from these callbacks, it will terminate the waiter.

started_at = Time.now
# poll for 1 hour, instead of a number of attempts
proc = Proc.new do |attempts, response|
  throw :failure if Time.now - started_at > 3600
end

  # disable max attempts
instance.wait_until(before_wait:proc, max_attempts:nil) {...}

Handling Errors

When a waiter is successful, it returns the Resource. When a waiter fails, it raises an error.

begin
  resource.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
  # resource did not enter the desired state in time
end

attempts attempt in seconds invoked before each attempt invoked before each wait

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :max_attempts (Integer) — default: 10

    Maximum number of

  • :delay (Integer) — default: 10

    Delay between each

  • :before_attempt (Proc) — default: nil

    Callback

  • :before_wait (Proc) — default: nil

    Callback

Yield Parameters:

  • resource (Resource)

    to be used in the waiting condition.

Returns:

  • (Resource)

    if the waiter was successful

Raises:

  • (Aws::Waiters::Errors::FailureStateError)

    Raised when the waiter terminates because the waiter has entered a state that it will not transition out of, preventing success.

    yet successful.

  • (Aws::Waiters::Errors::UnexpectedError)

    Raised when an error is encountered while polling for a resource that is not expected.

  • (NotImplementedError)

    Raised when the resource does not



779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
# File 'lib/aws-sdk-s3/object.rb', line 779

def wait_until(options = {}, &block)
  self_copy = self.dup
  attempts = 0
  options[:max_attempts] = 10 unless options.key?(:max_attempts)
  options[:delay] ||= 10
  options[:poller] = Proc.new do
    attempts += 1
    if block.call(self_copy)
      [:success, self_copy]
    else
      self_copy.reload unless attempts == options[:max_attempts]
      :retry
    end
  end
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    Aws::Waiters::Waiter.new(options).wait({})
  end
end

#wait_until_exists(options = {}, &block) ⇒ Object

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :max_attempts (Integer) — default: 20
  • :delay (Float) — default: 5
  • :before_attempt (Proc)
  • :before_wait (Proc)

Returns:



172
173
# File 'sig/object.rbs', line 172

def wait_until_exists: (?max_attempts: Integer, ?delay: Numeric, ?before_attempt: (^(Integer attempts) -> void), ?before_wait: (^(Integer attempts, untyped response) -> void)) ?{ (untyped waiter) -> void } -> Object
| (?Hash[Symbol, untyped]) ?{ (untyped waiter) -> void } -> Object

#wait_until_not_exists(options = {}, &block) ⇒ Object

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :max_attempts (Integer) — default: 20
  • :delay (Float) — default: 5
  • :before_attempt (Proc)
  • :before_wait (Proc)

Returns:



176
177
# File 'sig/object.rbs', line 176

def wait_until_not_exists: (?max_attempts: Integer, ?delay: Numeric, ?before_attempt: (^(Integer attempts) -> void), ?before_wait: (^(Integer attempts, untyped response) -> void)) ?{ (untyped waiter) -> void } -> Object
| (?Hash[Symbol, untyped]) ?{ (untyped waiter) -> void } -> Object

#website_redirect_locationString

If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.

This functionality is not supported for directory buckets.

Returns:

  • (String)


111
# File 'sig/object.rbs', line 111

def website_redirect_location: () -> ::String