feat(client-s3): Amazon Simple Storage Service / Features : Add support for conditional writes for PutObject and CompleteMultipartUpload APIs.

Author: awstools

clients/client-s3/src/commands/CompleteMultipartUploadCommand.ts

@@ -81,9 +81,10 @@ export interface CompleteMultipartUploadCommandOutput extends CompleteMultipartU
  *                <ul>
  *                   <li>
  *                      <p>
- *                         <b>General purpose bucket permissions</b> - For information about permissions required to use the multipart upload API, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html">Multipart Upload
- *                         and Permissions</a> in the <i>Amazon S3
- *                            User Guide</i>.</p>
+ *                         <b>General purpose bucket permissions</b> - For
+ *                         information about permissions required to use the multipart upload API, see
+ *                            <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html">Multipart Upload and
+ *                            Permissions</a> in the <i>Amazon S3 User Guide</i>.</p>
  *                   </li>
  *                   <li>
  *                      <p>
@@ -94,6 +95,13 @@ export interface CompleteMultipartUploadCommandOutput extends CompleteMultipartU
  *                            <code>CreateSession</code>
  *                         </a>.</p>
  *                   </li>
+ *                   <li>
+ *                      <p> If you provide an <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html">additional checksum
+ *                            value</a> in your <code>MultipartUpload</code> requests and the
+ *                         object is encrypted with Key Management Service, you must have permission to use the
+ *                            <code>kms:Decrypt</code> action for the
+ *                            <code>CompleteMultipartUpload</code> request to succeed.</p>
+ *                   </li>
  *                </ul>
  *             </dd>
  *             <dt>Special errors</dt>
@@ -218,6 +226,7 @@ export interface CompleteMultipartUploadCommandOutput extends CompleteMultipartU
  *   ChecksumSHA256: "STRING_VALUE",
  *   RequestPayer: "requester",
  *   ExpectedBucketOwner: "STRING_VALUE",
+ *   IfNoneMatch: "STRING_VALUE",
  *   SSECustomerAlgorithm: "STRING_VALUE",
  *   SSECustomerKey: "STRING_VALUE",
  *   SSECustomerKeyMD5: "STRING_VALUE",

clients/client-s3/src/commands/CreateMultipartUploadCommand.ts

@@ -78,17 +78,20 @@ export interface CreateMultipartUploadCommandOutput extends CreateMultipartUploa
  *                <ul>
  *                   <li>
  *                      <p>
- *                         <b>General purpose bucket permissions</b> - For information about the permissions required to use the multipart upload API, see
- *                         <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html">Multipart
- *                            upload and permissions</a> in the <i>Amazon S3 User Guide</i>. </p>
- *                      <p>To perform a multipart upload with encryption by using an Amazon Web Services KMS key, the requester
- *                         must have permission to the <code>kms:Decrypt</code> and <code>kms:GenerateDataKey*</code>
- *                         actions on the key. These permissions are required because Amazon S3 must decrypt and read data
- *                         from the encrypted file parts before it completes the multipart upload. For more
- *                         information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions">Multipart upload API
- *                            and permissions</a> and <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html">Protecting data using
- *                               server-side encryption with Amazon Web Services KMS</a> in the
- *                         <i>Amazon S3 User Guide</i>.</p>
+ *                         <b>General purpose bucket permissions</b> - To
+ *                         perform a multipart upload with encryption using an Key Management Service (KMS)
+ *                         KMS key, the requester must have permission to the
+ *                            <code>kms:Decrypt</code> and <code>kms:GenerateDataKey</code> actions on
+ *                         the key. The requester must also have permissions for the
+ *                            <code>kms:GenerateDataKey</code> action for the
+ *                            <code>CreateMultipartUpload</code> API. Then, the requester needs
+ *                         permissions for the <code>kms:Decrypt</code> action on the
+ *                            <code>UploadPart</code> and <code>UploadPartCopy</code> APIs. These
+ *                         permissions are required because Amazon S3 must decrypt and read data from the
+ *                         encrypted file parts before it completes the multipart upload. For more
+ *                         information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions">Multipart upload API and permissions</a> and <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html">Protecting data
+ *                            using server-side encryption with Amazon Web Services KMS</a> in the
+ *                            <i>Amazon S3 User Guide</i>.</p>
  *                   </li>
  *                   <li>
  *                      <p>

clients/client-s3/src/commands/PutObjectCommand.ts

@@ -190,6 +190,7 @@ export interface PutObjectCommandOutput extends PutObjectOutput, __MetadataBeare
  *   ChecksumSHA1: "STRING_VALUE",
  *   ChecksumSHA256: "STRING_VALUE",
  *   Expires: new Date("TIMESTAMP"),
+ *   IfNoneMatch: "STRING_VALUE",
  *   GrantFullControl: "STRING_VALUE",
  *   GrantRead: "STRING_VALUE",
  *   GrantReadACP: "STRING_VALUE",

clients/client-s3/src/commands/RestoreObjectCommand.ts

@@ -33,6 +33,10 @@ export interface RestoreObjectCommandOutput extends RestoreObjectOutput, __Metad
  * <note>
  *             <p>This operation is not supported by directory buckets.</p>
  *          </note>
+ *          <important>
+ *             <p>The <code>SELECT</code> job type for the RestoreObject operation is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the feature as usual. <a href="http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/">Learn more</a>
+ *             </p>
+ *          </important>
  *          <p>Restores an archived copy of an object back into Amazon S3</p>
  *          <p>This functionality is not supported for Amazon S3 on Outposts.</p>
  *          <p>This action performs the following types of requests: </p>

clients/client-s3/src/commands/SelectObjectContentCommand.ts

@@ -38,6 +38,10 @@ export interface SelectObjectContentCommandOutput extends SelectObjectContentOut
  * <note>
  *             <p>This operation is not supported by directory buckets.</p>
  *          </note>
+ *          <important>
+ *             <p>The SelectObjectContent operation is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the operation as usual. <a href="http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/">Learn more</a>
+ *             </p>
+ *          </important>
  *          <p>This action filters the contents of an Amazon S3 object based on a simple structured query
  *          language (SQL) statement. In the request, along with the SQL expression, you must also
  *          specify a data serialization format (JSON, CSV, or Apache Parquet) of the object. Amazon S3 uses

clients/client-s3/src/commands/UploadPartCommand.ts

@@ -76,9 +76,21 @@ export interface UploadPartCommandOutput extends UploadPartOutput, __MetadataBea
  *                <ul>
  *                   <li>
  *                      <p>
- *                         <b>General purpose bucket permissions</b> - For information on the permissions required to use the multipart upload API, see
- *                         <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html">Multipart
- *                            Upload and Permissions</a> in the <i>Amazon S3 User Guide</i>.</p>
+ *                         <b>General purpose bucket permissions</b> - To
+ *                         perform a multipart upload with encryption using an Key Management Service key, the
+ *                         requester must have permission to the <code>kms:Decrypt</code> and
+ *                            <code>kms:GenerateDataKey</code> actions on the key. The requester must
+ *                         also have permissions for the <code>kms:GenerateDataKey</code> action for
+ *                         the <code>CreateMultipartUpload</code> API. Then, the requester needs
+ *                         permissions for the <code>kms:Decrypt</code> action on the
+ *                            <code>UploadPart</code> and <code>UploadPartCopy</code> APIs.</p>
+ *                      <p>These permissions are required because Amazon S3 must decrypt and read data
+ *                         from the encrypted file parts before it completes the multipart upload. For
+ *                         more information about KMS permissions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html">Protecting data
+ *                            using server-side encryption with KMS</a> in the
+ *                            <i>Amazon S3 User Guide</i>. For information about the
+ *                         permissions required to use the multipart upload API, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html">Multipart upload and permissions</a> and <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions">Multipart upload API and permissions</a> in the
+ *                            <i>Amazon S3 User Guide</i>.</p>
  *                   </li>
  *                   <li>
  *                      <p>

clients/client-s3/src/commands/UploadPartCopyCommand.ts

@@ -76,23 +76,44 @@ export interface UploadPartCopyCommandOutput extends UploadPartCopyOutput, __Met
  *                <ul>
  *                   <li>
  *                      <p>
- *                         <b>General purpose bucket permissions</b> - You must have the permissions in a policy based on the bucket types of your source bucket and destination bucket in an <code>UploadPartCopy</code> operation.</p>
+ *                         <b>General purpose bucket permissions</b> - You
+ *                         must have the permissions in a policy based on the bucket types of your
+ *                         source bucket and destination bucket in an <code>UploadPartCopy</code>
+ *                         operation.</p>
  *                      <ul>
  *                         <li>
- *                            <p>If the source object is in a general purpose bucket, you must have the <b>
+ *                            <p>If the source object is in a general purpose bucket, you must have the
+ *                                  <b>
  *                                  <code>s3:GetObject</code>
- *                               </b> permission to read the source object that is being copied. </p>
+ *                               </b>
+ *                               permission to read the source object that is being copied. </p>
  *                         </li>
  *                         <li>
- *                            <p>If the destination bucket is a general purpose bucket, you must have the <b>
+ *                            <p>If the destination bucket is a general purpose bucket, you must have the
+ *                                  <b>
  *                                  <code>s3:PutObject</code>
- *                               </b> permission to write the object copy to the destination bucket.
- *                            </p>
+ *                               </b>
+ *                               permission to write the object copy to the destination bucket. </p>
+ *                         </li>
+ *                         <li>
+ *                            <p>To perform a multipart upload with encryption using an Key Management Service
+ *                               key, the requester must have permission to the
+ *                                  <code>kms:Decrypt</code> and <code>kms:GenerateDataKey</code>
+ *                               actions on the key. The requester must also have permissions for the
+ *                                  <code>kms:GenerateDataKey</code> action for the
+ *                                  <code>CreateMultipartUpload</code> API. Then, the requester needs
+ *                               permissions for the <code>kms:Decrypt</code> action on the
+ *                                  <code>UploadPart</code> and <code>UploadPartCopy</code> APIs. These
+ *                               permissions are required because Amazon S3 must decrypt and read data from
+ *                               the encrypted file parts before it completes the multipart upload. For
+ *                               more information about KMS permissions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html">Protecting
+ *                                  data using server-side encryption with KMS</a> in the
+ *                                  <i>Amazon S3 User Guide</i>. For information about the
+ *                               permissions required to use the multipart upload API, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html">Multipart upload
+ *                                  and permissions</a> and <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions">Multipart upload API and permissions</a> in the
+ *                                  <i>Amazon S3 User Guide</i>.</p>
  *                         </li>
  *                      </ul>
- *                      <p>For information about permissions required to use the multipart upload API, see
- *                         <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions">Multipart upload API and permissions</a> in the
- *                         <i>Amazon S3 User Guide</i>.</p>
  *                   </li>
  *                   <li>
  *                      <p>

clients/client-s3/src/models/models_0.ts

@@ -714,6 +714,15 @@ export interface CompleteMultipartUploadRequest {
    */
   ExpectedBucketOwner?: string;
 
+  /**
+   * <p>Uploads the object only if the object key name does not already exist in the bucket specified. Otherwise, Amazon S3 returns a <code>412 Precondition Failed</code> error.</p>
+   *          <p>If a conflicting operation occurs during the upload S3 returns a <code>409 ConditionalRequestConflict</code> response.  On a 409 failure you should re-initiate the multipart upload with <code>CreateMultipartUpload</code> and re-upload each part.</p>
+   *          <p>Expects the '*' (asterisk) character.</p>
+   *          <p>For more information about conditional requests, see <a href="https://tools.ietf.org/html/rfc7232">RFC 7232</a>, or <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html">Conditional requests</a> in the <i>Amazon S3 User Guide</i>.</p>
+   * @public
+   */
+  IfNoneMatch?: string;
+
   /**
    * <p>The server-side encryption (SSE) algorithm used to encrypt the object. This parameter is
    *          required only when the object was created using a checksum algorithm or if
@@ -9513,6 +9522,10 @@ export interface GetObjectRequest {
 
   /**
    * <p>To retrieve the checksum, this mode must be enabled.</p>
+   *          <p>In addition, if you enable checksum mode and the object is uploaded with a
+   *          <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html">checksum</a>
+   *          and encrypted with an Key Management Service (KMS) key, you must have permission to use the
+   *          <code>kms:Decrypt</code> action to retrieve the checksum.</p>
    * @public
    */
   ChecksumMode?: ChecksumMode;
@@ -11236,9 +11249,10 @@ export interface HeadObjectRequest {
 
   /**
    * <p>To retrieve the checksum, this parameter must be enabled.</p>
-   *          <p>In addition, if you enable <code>ChecksumMode</code> and the object is encrypted with
-   *          Amazon Web Services Key Management Service (Amazon Web Services KMS), you must have permission to use the
-   *             <code>kms:Decrypt</code> action for the request to succeed.</p>
+   *          <p>In addition, if you enable checksum mode and the object is uploaded with a
+   *          <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_Checksum.html">checksum</a>
+   *          and encrypted with an Key Management Service (KMS) key, you must have permission to use the
+   *          <code>kms:Decrypt</code> action to retrieve the checksum.</p>
    * @public
    */
   ChecksumMode?: ChecksumMode;

clients/client-s3/src/models/models_1.ts

@@ -824,6 +824,15 @@ export interface PutObjectRequest {
    */
   Expires?: Date;
 
+  /**
+   * <p>Uploads the object only if the object key name does not already exist in the bucket specified. Otherwise, Amazon S3 returns a <code>412 Precondition Failed</code> error.</p>
+   *          <p>If a conflicting operation occurs during the upload S3 returns a <code>409 ConditionalRequestConflict</code> response. On a 409 failure you should retry the upload.</p>
+   *          <p>Expects the '*' (asterisk) character.</p>
+   *          <p>For more information about conditional requests, see <a href="https://tools.ietf.org/html/rfc7232">RFC 7232</a>, or <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html">Conditional requests</a> in the <i>Amazon S3 User Guide</i>.</p>
+   * @public
+   */
+  IfNoneMatch?: string;
+
   /**
    * <p>Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.</p>
    *          <note>
@@ -2106,7 +2115,13 @@ export interface OutputSerialization {
 }
 
 /**
- * <p>Describes the parameters for Select job types.</p>
+ * <important>
+ *             <p>Amazon S3 Select is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the feature as usual. <a href="http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/">Learn more</a>
+ *             </p>
+ *          </important>
+ *          <p>Describes the parameters for Select job types.</p>
+ *          <p>Learn <a href="http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/">How to optimize querying your data in Amazon S3</a>  using
+ *          <a href="https://docs.aws.amazon.com/athena/latest/ug/what-is.html">Amazon Athena</a>, <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/transforming-objects.html">S3 Object Lambda</a>, or client-side filtering.</p>
  * @public
  */
 export interface SelectParameters {
@@ -2123,7 +2138,11 @@ export interface SelectParameters {
   ExpressionType: ExpressionType | undefined;
 
   /**
-   * <p>The expression that is used to query the object.</p>
+   * <important>
+   *             <p>Amazon S3 Select is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the feature as usual. <a href="http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/">Learn more</a>
+   *             </p>
+   *          </important>
+   *          <p>The expression that is used to query the object.</p>
    * @public
    */
   Expression: string | undefined;
@@ -2170,7 +2189,11 @@ export interface RestoreRequest {
   GlacierJobParameters?: GlacierJobParameters;
 
   /**
-   * <p>Type of restore request.</p>
+   * <important>
+   *             <p>Amazon S3 Select is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the feature as usual. <a href="http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/">Learn more</a>
+   *             </p>
+   *          </important>
+   *          <p>Type of restore request.</p>
    * @public
    */
   Type?: RestoreRequestType;
@@ -2188,7 +2211,11 @@ export interface RestoreRequest {
   Description?: string;
 
   /**
-   * <p>Describes the parameters for Select job types.</p>
+   * <important>
+   *             <p>Amazon S3 Select is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the feature as usual. <a href="http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/">Learn more</a>
+   *             </p>
+   *          </important>
+   *          <p>Describes the parameters for Select job types.</p>
    * @public
    */
   SelectParameters?: SelectParameters;
@@ -2539,7 +2566,11 @@ export interface ScanRange {
 }
 
 /**
- * <p>Request to filter the contents of an Amazon S3 object based on a simple Structured Query
+ * <note>
+ *             <p>Learn Amazon S3 Select is no longer available to new customers. Existing customers of Amazon S3 Select can continue to use the feature as usual. <a href="http://aws.amazon.com/blogs/storage/how-to-optimize-querying-your-data-in-amazon-s3/">Learn more</a>
+ *             </p>
+ *          </note>
+ *          <p>Request to filter the contents of an Amazon S3 object based on a simple Structured Query
  *          Language (SQL) statement. In the request, along with the SQL expression, you must specify a
  *          data serialization format (JSON or CSV) of the object. Amazon S3 uses this to parse object data
  *          into records. It returns only records that match the specified SQL expression. You must

clients/client-s3/src/protocols/Aws_restXml.ts

@@ -485,6 +485,7 @@ export const se_CompleteMultipartUploadCommand = async (
     [_xacs_]: input[_CSHAh]!,
     [_xarp]: input[_RP]!,
     [_xaebo]: input[_EBO]!,
+    [_inm]: input[_INM]!,
     [_xasseca]: input[_SSECA]!,
     [_xasseck]: input[_SSECK]!,
     [_xasseckm]: input[_SSECKMD]!,
@@ -2634,6 +2635,7 @@ export const se_PutObjectCommand = async (
     [_xacs]: input[_CSHA]!,
     [_xacs_]: input[_CSHAh]!,
     [_e]: [() => isSerializableHeaderValue(input[_E]), () => __dateToUtcString(input[_E]!).toString()],
+    [_inm]: input[_INM]!,
     [_xagfc]: input[_GFC]!,
     [_xagr]: input[_GR]!,
     [_xagra]: input[_GRACP]!,